alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
94975 commits 217 branches 121 tags 4.5 GiB
Commit graph

802 commits

Author SHA1 Message Date
aszlig 603b73f1e1
nixos/offlineimap: Don't build the package on eval 
Coercing the derivation to string causes the package to be built during
evaluation rather than during actual realization which is completely
unnecessary because we don't need additional Nix expression information
for the package (nor do we need it for the service).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @DamienCassou
Cc: @Profpatsch (stumbled on this because of him)
 2016-09-26 21:07:06 +02:00
Robert Helgesson 9d2a831497
radicale: break into own package 
Since this is an application it is not suitable for pythonPackages,
which is more appropriate for Python modules.
 2016-09-25 22:15:19 +02:00
Michele Guerini Rocco ec8d5945ce connman: disable connman-vpn by default (#18323) 2016-09-25 08:02:29 +02:00
Wei-Ming Yang e330807e1f
murmur service: welcome -> welcometext 
fixed incorrect option name `welcome` to `welcometext`.

joachifm added a rename for backwards compat.

Closes https://github.com/NixOS/nixpkgs/pull/18570
 2016-09-23 16:08:14 +02:00
Jookia e23cc550b3 nixos: add htpdate module 2016-09-23 02:02:20 +10:00
Alexey Shmalko 60cfc558be Merge pull request #18718 from Mic92/powerdns 
powerdns: init at 4.0.1
 2016-09-20 11:07:51 +03:00
Jörg Thalheim b0a1c0b343
powerdns: init at 4.0.1 
fixes #18703
 2016-09-18 14:52:44 +02:00
Joachim Fasting 22d6c97855
unbound service: extend isLocalAddress to handle ipv6 2016-09-16 09:47:36 +02:00
Joachim Fasting 5dc60051fa
unbound service: some pre-chroot isolation 
While entering the chroot should provide the same amount of isolation,
the preStart script will run with full root privileges and so would
benefit from some isolation as well (in particular due to
unbound-anchor, which can perform network I/O).
 2016-09-15 15:37:20 +02:00
Joachim Fasting 39f5182a30
unbound service: use auto-generated uid 
1. The preStart script ensures consistent ownership, even if the unbound
   user's uid has changed
2. The unbound daemon does not generate data that needs to be private to
   it, so it would not matter that a different service would end up
   owning its data (as long as unbound remains enabled, it should reclaim
   ownership soon enough anyway).

Thus, there's no clear benefit to allocate a dedicated uid for the
unbound service.  This releases uid/gid 48.

Also, because the preStart script creates the data directory, there's no
need to specify a homedir or ask for its creation.
 2016-09-15 15:37:19 +02:00
Joachim Fasting 0759e77dfd
unbound service: add reference to man:unbound.conf(8) 2016-09-15 15:37:19 +02:00
Joachim Fasting 52432ee63d
unbound service: non-blocking random in chroot 
/dev/random is an exhaustible resource. Presumably, unbound will not be
used to generate long-term encryption keys and so allowing it to use
/dev/random only increases the risk of entropy exhaustion for no
benefit.
 2016-09-15 15:37:19 +02:00
Joachim Fasting 7980523e00
unbound service: convenient handling of local forward addresses 
do-not-query-localhost defaults to yes; with this patch, unbound is
configured to query localhost if any of the forward addresses are local.
 2016-09-15 15:37:19 +02:00
Alexander Ried 8524df1259 networking.nat: replace network-interfaces.target 
We can replace this safely with network-pre because iptables does not
care whether the interfaces exist or not.
 2016-09-13 11:19:22 +02:00
Alexander Ried 60430b140c lshd service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Alexander Ried d43b2b9c85 openvpn service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Alexander Ried 97416eaeef gpve service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Alexander Ried fbf0abf4af softether: improve service dependencies 2016-09-13 11:19:22 +02:00
Alexander Ried 9819cdc71a wicd: get closer to upstream service definition 
taken from
http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/view/head:/other/wicd.service
 2016-09-13 11:19:22 +02:00
Alexander Ried 3ada966bd5 treewide: minor format / style / documentation fixes 2016-09-13 11:19:22 +02:00
Alexander Ried bc7710468d networking.dhcpcd: use upstream targets 2016-09-13 11:19:22 +02:00
Joachim Fasting 5a2a3510b9 zerobin service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting c7ed675fe3 xinetd service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting cda9af6eb8 wpa-supplicant service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting 768b333dc1 tinc service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting 795defaae0 tcpcrypt service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
Joachim Fasting 67d9369e5d radicale service: network-interfaces.target -> network{,-online}.target 2016-09-13 11:19:22 +02:00
Joachim Fasting 652e0b4b8a oidentd service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting ae71667451 cjdns service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Joachim Fasting 69e15b7ba5 bind service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
Alexander Ried 06b2897c40 networking.dhcpcd: Don't add to system closure when using networkd (#18436) 2016-09-13 07:55:17 +02:00
Eric Sagnes 7e5a24c23a i2pd module: optionSet -> submodule 2016-09-13 12:53:12 +09:00
Eric Sagnes b73ca0df27 tinc module: optionSet -> submodule 2016-09-13 12:53:12 +09:00
Eric Sagnes 8d58771b94 openvpn module: optionSet -> submodule 2016-09-13 12:53:11 +09:00
Eric Sagnes 775d98acbc xinet module: optionSet -> submodule 2016-09-13 12:53:11 +09:00
Eric Sagnes 819524a0d3 supplicant module: optionSet -> submodule 2016-09-13 12:53:11 +09:00
Eric Sagnes 48d6fa933c sshd module: optionSet -> submodule 2016-09-13 12:53:11 +09:00
Eric Sagnes d89a718baf prosody module: optionSet -> submodule 2016-09-13 12:53:11 +09:00
Eric Sagnes c3bdee3c39 nat module: optionSet -> submodule 2016-09-13 12:53:10 +09:00
Franz Pletz 5c38882f38
toxvpn service: doesn't require online network 
Tested that it detects network changes quickly.
 2016-09-11 08:16:55 +02:00
Franz Pletz c58654e2b7
treewide: fix fallout of ip-up deprecation 
See #18319 for details. Starting network-online.target manually does not
work as it hangs indefinitely.

Additionally, don't treat avahi and dhcpcd special and sync their systemd units
with the respective upstream suggestion.
 2016-09-11 08:13:04 +02:00
Alexander Ried 27bc34f1e4 treewide: deprecate ip-up.target (#18319) 
Systemd upstream provides targets for networking. This also includes a target network-online.target.

In this PR I remove / replace most occurrences since some of them were even wrong and could delay startup.
 2016-09-10 18:03:59 +02:00
Domen Kožar fed3501b07 Remove docker-registry as it's deprecated #18209 2016-09-09 18:50:42 +02:00
Robert Helgesson bf371a8b06 radicale service: use "simple" service type (#18406) 
Radicale can run as a foreground service and will then emits logging and
errors on the standard output. This helps the logging end up in the
systemd journal.
 2016-09-08 12:34:22 +02:00
aszlig fb46df8a9a
nixos: Fix ordering of firewall.service 
Follow-up to the following commits:

  abdc5961c3cdf9f5893ea1e91ba08ff5089f53a4: Fix starting the firewall
  e090701e2d09aec3e8866ab9a8e53c37973ffeb4: Order before sysinit

Solely use sysinit.target here instead of multi-user.target because we
want to make sure that the iptables rules are applied *before* any
socket units are started.

The reason I've dropped the wantedBy on multi-user.target is that
sysinit.target is already a part of the dependency chain of
multi-user.target.

To make sure that this holds true, I've added a small test case to
ensure that during switch of the configuration the firewall.service is
considered as well.

Tested using the firewall NixOS test.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @edolstra
 2016-09-07 15:11:24 +02:00
Eelco Dolstra e090701e2d firewall: Order before sysinit 
Suggested by @aszlig.
 2016-09-07 14:42:30 +02:00
Eelco Dolstra abdc5961c3 Fix starting the firewall 
Probably as a result of 992c514a20, it
was not being started anymore.

My understanding of systemd.special(7) (section "Special passive
system units") is that the firewall should want network-pre.target,
rather than the other way around (not very intuitive...). This in
itself does not cause the firewall to be wanted, which is why the
wanted-by relationship with multi-user.target is necessary.

http://hydra.nixos.org/build/39965589
 2016-09-07 14:30:11 +02:00
Alexey Shmalko b7237abc08 avahi-daemon: remove default browse-domains 
These domains are not actually default but examples. See
https://github.com/lathiat/avahi/blob/master/avahi-daemon/avahi-daemon.conf#L24
for default config.
 2016-09-07 13:58:21 +02:00
Eelco Dolstra 520cb14f16 Fix infinite recursion introduced by f3c32cb2c1 2016-09-05 18:17:22 +02:00
Eelco Dolstra f3c32cb2c1 Let services.openssh.forwardX11 imply programs.ssh.setXAuthLocation 2016-09-05 15:38:42 +02:00
Octavian Cerna a30d4654f2 quagga service: New NixOS module. 2016-09-02 13:59:51 +03:00
Nikolay Amiantov 608ee1c7b3 mjpg-streamer service: restart on failure 2016-09-02 11:44:16 +03:00
Joachim Fasting 6df8de50f3
unbound service: whitespace fixes 2016-09-01 14:51:33 +02:00
Joachim Fasting 03c2c87ed6
unbound service: use mkEnableOption 2016-09-01 14:51:32 +02:00
zimbatm 17dbfeb450 Merge pull request #18152 from roblabla/bugfix-zeroTierOneConfigurablePackage 
zerotierone: make package configurable
 2016-08-31 12:34:59 +01:00
roblabla caa1350e07 zerotierone: make package configurable 2016-08-31 12:39:55 +02:00
Joachim Fasting d78e0ed1f9
dnscrypt-proxy module: move detailed info to module documentation 2016-08-29 23:48:12 +02:00
Joachim Fasting 68210aa772
dnscrypt-proxy module: serviceConfig.Group is redundant 
Same as user's primary group if left unspecified
 2016-08-29 23:48:12 +02:00
Joachim Fasting 23a7e6e911
dnscrypt-proxy module: formatting 2016-08-29 23:48:11 +02:00
Domen Kožar e01e92f12f Merge pull request #15025 from ericsagnes/modules/manual 
manual: automatically generate modules documentation
 2016-08-28 13:57:34 +02:00
Graham Christensen 8d10928ad0 Merge pull request #17908 from Mic92/ferm 
Ferm
 2016-08-25 20:38:02 -04:00
Jörg Thalheim 7b354ce8cc
ferm: init at 2.3 2016-08-25 21:37:19 +02:00
Carles Pagès 3374aa25bc cjdns: fix assertion. 2016-08-25 08:57:18 +02:00
Nikolay Amiantov 5ff6e98486 modprobe service: drop kmod wrapper 2016-08-19 17:56:49 +03:00
Joachim F c2bfce8de8 Merge pull request #16762 from matthewbauer/gnustep2 
Add "gnustep" to nixpkgs
 2016-08-17 23:38:56 +02:00
Matthew Bauer f541715057 gnustep: fix gdomap service 
This gets rid of the rest of the pidfile stuff and makes gdomap just act
like a normal systemd process. Also reword "enable" option.
 2016-08-16 21:11:06 +00:00
Matthew Bauer 5ea9bd0920 gnustep: fix naming of gnustep stuff 
This should fix the NixOS issues.
 2016-08-16 21:11:05 +00:00
Artyom Shalkhakov 697982b91b gnustep: fix gdnc, gdomap 
Both gdnc and gdomap seem to work.
 2016-08-16 21:00:31 +00:00
Artyom Shalkhakov d3d580ebbe gnustep: cleanup 
Major clean-up. Everything builds fine.
 2016-08-16 21:00:27 +00:00
Artyom Shalkhakov 9b17cd8fab gnustep: add nixos deamons 
Adding basic daemons: gdomap and gdnc. It seems that GWorkspace
does is unable to work properly without the daemons.
 2016-08-16 21:00:21 +00:00
Svein Ove Aas 102472b8de unifi: Open required ports by default. 
The controller does not work at all if they aren't, with the exception
of special configurations involving L3 or custom ports.
 2016-08-16 21:01:49 +01:00
Svein Ove Aas e3f0a09b6d unifi: chown the data dir as well. 
It needs to be writeable.
 2016-08-16 21:01:49 +01:00
Shea Levy 9adad8612b Revert "Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs" 
Was meant to go into staging, sorry

This reverts commit 57b2d1e9b0, reversing
changes made to 760b2b9048.
 2016-08-15 19:05:52 -04:00
Nikolay Amiantov b2ebecd9e5 modprobe service: drop kmod wrapper 2016-08-16 00:19:25 +03:00
Nikolay Amiantov bda3423b3a networkmanager service: make wanted by network.target, drop networkmanager-init 2016-08-14 22:38:58 +03:00
Nikolay Amiantov 0f59901b57 ejabberd service: move service to foreground 2016-08-14 22:37:06 +03:00
Eric Sagnes 4cdfeb78f9 modules: move meta at top level 2016-08-11 00:29:48 +09:00
jokogr adeab67bd8 syncthing service: add syncthing-inotify (#17320) 2016-08-06 17:20:18 +02:00
Peter Hoeg c4cba0e51f ssh module: ignore exit code when socket activated 
sshd will at times fail when exiting. When socket activated, this will
leave a number of sshd@ service instances in the failed state, so we
simply ignore the error code if we are running socket activated.

Recommended by upstream:
http://systemd-devel.freedesktop.narkive.com/d0eapMCG/socket-activated-sshd-service-showing-up-as-a-failure-when-the-client-connection-fails

Fixes: #3279
 2016-08-04 16:47:44 +08:00
Damien Cassou c5d9dc9cfa Merge pull request #17418 from DamienCassou/offlineimap-module-reporting 
offlineimap's module: change UI to syslog
 2016-08-04 08:33:20 +02:00
Joachim Fasting 79ac02ed64
dnscrypt-proxy service: update resolver list 2016-08-02 09:36:22 +02:00
Joachim Fasting c91d07b668
dnscrypt-proxy module: types.string should be types.str 2016-08-01 12:55:42 +02:00
Damien Cassou 19af5b444e offlineimap's module: change UI to syslog 
The 'syslog' UI "allows better integration with systemd":
http://www.offlineimap.org/doc/Changelog.html#offlineimap-v660-rc2-2015-10-15
 2016-08-01 09:37:53 +02:00
Franz Pletz 76b21b7adb nixos/firewall: Refactor rpfilter, allow DHCPv4 (#17325) 
Adds a new chain in the raw table for reverse path filtering and optional
logging. A rule to allow serving DHCPv4 was also added as it is commonly
needed and poses no security risk even when no DHCPv4 server is running.

Fixes #10101.
 2016-07-31 13:49:24 +02:00
Tristan Helmich c9b9692347 tinc: add Restart in systemd service config 2016-07-27 10:38:57 +02:00
Ioannis Koutras 24968fc1c1 syncthing: fix system service 2016-07-26 13:10:15 +03:00
Emery Hemingway 90ee01cd3d nixos: disable DHCP on ZeroTier interfaces 2016-07-23 21:04:42 +02:00
Michele Guerini Rocco 267e362fbc syncthing: Allow the user service to be enabled with systemctl (#17136) 2016-07-21 04:49:58 +02:00
cransom 4a9b640f37 smokeping: init at 2.6.11 (#17090) 
Includes a module for service setup and a test
to verify functionality of both service and pkg.
 2016-07-21 01:07:59 +02:00
Bjørn Forsman 78eac466b0 nixos/ddclient: add warning about password being world readable 
Closes #16885.
 2016-07-19 16:51:42 +02:00
Damien Cassou 85a895d60f offlineimap: add nixos module (#16842) 2016-07-11 10:37:18 +02:00
Robert Helgesson 9f4775dbb5 ddclient service: use environment.etc 
The ddclient daemon requires that the configuration file is only
accessible by the ddclient user. This since it typically contains login
information.
 2016-07-09 14:51:36 +02:00
Anders Lundstedt 5f3c4bd11e nixos: fix avahi connectivity for shairport-sync module 
The shairport-sync service currently fails to start with the error

shairport avahi_entry_group_new failed

This problem seems to have been introduced by

cdd7310a50

After some trial and error I concluded that the attached commit is a minimal
fix.
 2016-07-08 16:22:51 +02:00
Corbin 45a066512e services/avahi: Add domainName setting 
Fixes #15795.
 2016-06-26 23:15:39 +02:00
zimbatm 4f5918cd2e Revert "stdenv: introduce baseHash() to replace stripHash()" 
Introduced by mistake

This reverts commit e71a5cb878.
 2016-06-25 14:25:58 +01:00
zimbatm e71a5cb878 stdenv: introduce baseHash() to replace stripHash() 
stripHash uses a global variable to communicate it's computation
results, but it's not necessary. You can just pipe to stdout in a
subshell. A function mostly behaves like just another command.

baseHash() also introduces a suffix-stripping capability since it's
something the users of the function tend to use.
 2016-06-25 14:20:56 +01:00
Alexander Ried c1319572d4 networkmanager: Dependency on avahi-autoipd has been dropped. 
Native IPv4 link-local addressing configuration based on systemd network library is now used instead.
 2016-06-23 23:12:41 +02:00
Benjamin Saunders 8e47786c0e coturn: init at 4.5.0.3 (#16284) 2016-06-21 12:59:29 +02:00
obadz fb6b4860c7 xl2tpd: add nixos module for service 
(required adding execv to libredirect)
 2016-06-20 21:41:59 +01:00
zimbatm b0f8416c5c Merge pull request #16180 from zimbatm/shell-escaping 
Escape all shell arguments uniformly
 2016-06-19 23:27:52 +01:00