alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
102026 commits 217 branches 121 tags 4.5 GiB
Commit graph

902 commits

Author SHA1 Message Date
Jookia e2c95b46e5
nftables module: Add new module for nftables firewall settings 
fixes #18842
 2017-02-26 13:41:14 +01:00
Franz Pletz 4905c1c54f
prosody service: needs working network connectivity 2017-02-23 16:07:41 +01:00
Franz Pletz 66f553974b
dhcpcd service: fix network-online.target integration 
When dhcpcd instead of networkd is used, the network-online.target behaved
the same as network.target, resulting in broken services that need a working
network connectivity when being started.

This commit makes dhcpcd wait for a lease and makes it wanted by
network-online.target. In turn, network-online.target is now wanted by
multi-user.target, so it will be activated at every boot.
 2017-02-23 16:07:40 +01:00
Ricardo M. Correia d9ae886946 nixos.openntpd: don't spam systemd journal 
Starting `ntpd` with the `-d` option spams the systemd journal.
Instead, let the server fork.
 2017-02-20 22:35:51 +01:00
Joachim F 6dbe55ca68 Merge pull request #20456 from ericsagnes/feat/loaf-dep-1 
Use attrsOf in place of loaOf when relevant
 2017-02-19 15:49:25 +01:00
Kier Davis 5e3a26e07b
Fix typo introduced by #22677 2017-02-15 23:44:11 +00:00
Parnell Springmeyer 9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Graham Christensen b1a05a0865
nixos: drop references to kde4 
Excluding modules/programs/environment.nix for PATHand QT_PLUGIN_PATH to allow the programs to continue running.
 2017-02-11 14:01:13 -05:00
Profpatsch ed8a0d8e5e modules/searx: add package option (#22636) 
The user should be able to specify a patched version of searx.
 2017-02-10 22:44:10 +01:00
afranchuk a5e041ac08 libreswan service: make EnvironmentFile optional (#22591) 
Recent versions of libreswan seem to omit this file, but it may be added/changed in the future. It is silly to have the service fail because a file is missing that only enriches the environment.
 2017-02-10 00:53:44 +01:00
Joachim F ca8fb930b1 Merge pull request #22356 from Ekleog/redsocks 
Redsocks
 2017-02-09 22:39:43 +01:00
Léo Gaspard 7a32b96697 redsocks module: initialize 
redsocks module: use separate user for redsocks daemon
 2017-02-09 18:01:14 +01:00
Ricardo M. Correia 9293f86bf2 nixos.chrony: remove generatecommandkey option 
It's deprecated and no longer used.
 2017-02-07 18:01:58 +01:00
Ricardo M. Correia e3fce56047 nixos.chrony: add extraFlags config option 2017-02-07 18:01:57 +01:00
Ricardo M. Correia af4e6f155e nixos.chrony: pass config file directly to daemon 
This fixes an issue where `nixops deploy` wouldn't restart the chrony
service when the chrony configuration changed, because it wouldn't
detect that `/etc/chrony.conf` was a dependency of the chrony service.
 2017-02-07 13:48:58 +01:00
Shea Levy 714fdb425a firewall: Fix check for rpfilter on manual-config kernels 2017-02-06 16:43:23 -05:00
Shea Levy 67ef18d01a supplicant nixos module: Allow not specifying the configFile path 2017-02-05 06:50:20 -05:00
Joachim Fasting 2628597e76
cjdns service: allow daemon to drop privileges 
The service can run certain components with reduced privileges, but for
that it needs the setuid capability.
 2017-02-05 04:54:26 +01:00
Joachim Fasting a0338afe5f
cjdns service: allow writing keys to /etc 
20e81f7c0d prevented key generation in
`preStart`, leaving the service broken for the case where the user has
no pre-existing key.

Eventually, we ought to store the state elsewhere so that `/etc` can be
read-only but for now we fix this the easy way.
 2017-02-05 04:54:18 +01:00
rnhmjoj a3ff62d48c namecoind: refactor nixos module 2017-02-03 20:06:45 +01:00
rnhmjoj f7d49037a4
dnschain service: overhaul option interface & implementation 
Closes https://github.com/NixOS/nixpkgs/pull/22041
 2017-02-03 19:49:16 +01:00
Nikolay Amiantov 230c97c944 Merge pull request #22303 from abbradar/nfs4 
NFS improvements
 2017-02-03 20:04:25 +03:00
Yorick van Pelt 1b47bc9477 service.asterisk: add package option 2017-02-02 15:16:00 +01:00
Nikolay Amiantov 876a6d7f03 rpcbind service: use upstream systemd unit 2017-02-01 02:45:19 +03:00
Edward Tjörnhammar b08524bf01
nixos: nylon, use named instances 2017-01-30 20:32:06 +01:00
Edward Tjörnhammar e324c02aa5
nixos: i2pd, follow redirect 2017-01-29 18:00:58 +01:00
Parnell Springmeyer 628e6a83d0
More derp 2017-01-29 05:33:56 -06:00
Parnell Springmeyer 4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer a8cb2afa98
Fixing a bunch of issues 2017-01-29 01:58:12 -06:00
Parnell Springmeyer e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Parnell Springmeyer a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy 2017-01-26 02:00:04 -08:00
Parnell Springmeyer 025555d7f1
More fixes and improvements 2017-01-26 00:05:40 -08:00
Parnell Springmeyer bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts 2017-01-25 11:08:05 -08:00
Vladimír Čunát 278bbe3b33
add kresd service with basic options 
Still celebrating today's 1.2.0 release!
 2017-01-25 18:46:28 +01:00
Franz Pletz 8322a12ef2
firewall: disable conntrack helper autoloading by default 
This was disabled in the Linux kernel since 4.7 and poses a security risk
if not configured properly.

https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=486dcf43da7815baa615822f3e46883ccca5400f
 2017-01-25 01:14:04 +01:00
Franz Pletz 403fdd737e
linux: remove canDisableNetfilterConntrackHelpers feature 
This feature is available in all kernels in nixpkgs.
 2017-01-25 00:28:55 +01:00
Michael Raskin 7516dbe35e Merge pull request #22045 from rnhmjoj/recursor 
PowerDNS Recursor: add package and service
 2017-01-24 17:54:47 +00:00
Tristan Helmich b3b300b6ff smokeping: setuid for fping6 2017-01-24 12:40:21 +01:00
rnhmjoj 6bcf89f217
pdns-recursor: add service 2017-01-23 17:57:48 +01:00
Jaka Hudoklin 90e0ed32ef Merge pull request #22043 from rnhmjoj/dnscrypt-wrapper 
dnscrypt-wrapper: add service
 2017-01-23 11:23:28 +01:00
rnhmjoj 9f2bb2ed42
dnscrypt-wrapper: add service 2017-01-23 07:06:07 +01:00
Robert Helgesson cd9f709582
flannel service: fix enable expression 
Need to surround the equality check in parentheses.
 2017-01-22 21:58:39 +01:00
Franz Pletz df0301f59b
nixos/networkmanager: trigger assertion instead of error 2017-01-22 20:32:24 +01:00
Michael Weiss 460b43dbfe firewall: Improve the comments (documentation) (#21862) 
* Fix the FW names

FW_REFUSE was removed and nixos-fw-input was renamed to nixos-fw.

* Update the comment (documentation) at the top

Order the chains of the main table alphabetically (like in the rest of
the file) and add nixos-fw-rpfilter (from the raw table) and nixos-drop
(used while reloading the firewall).

* Refactor the module (mainly comments)

- Move some attributes to the top for better visibility (that should
  hopefully make it easier to read and understand this module without
  jumping around too much).
- Add some missing examples and improve some descriptions.
- Reorder the mkOption attributes for consistency.
- Wrap lines at 72 characters.
- Use two spaces between sentences.
 2017-01-18 17:18:11 +01:00
Svein Ove Aas fec95a40f1
ddclient: Don't include blank server= lines. 2017-01-16 18:54:49 +01:00
Nikolay Amiantov 70a6628848 Merge pull request #21882 from abbradar/dhcp6 
DHCPv6 improvements
 2017-01-15 19:53:33 +03:00
Nikolay Amiantov 820b4cd067 firewall service: allow DHCPv6 client traffic 2017-01-15 19:38:54 +03:00
Nikolay Amiantov 1158eda66a dhcpd service: add DHCPv6 support 2017-01-15 19:38:53 +03:00
Volth ac0b6b9a2c miredo: do not run miredo-checkconf 2017-01-12 14:30:58 +00:00
Svein Ove Aas a4fca56897
ddclient: Write /etc/ddclient.conf when requested 
Fixes #20101

From PR #21417
 2017-01-09 06:29:15 +01:00