3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

814 commits

Author SHA1 Message Date
Pascal Bach c1dca9e40b etcd: make all service using etc go to 127.0.0.1:2379 by default
The old etcd port 4001 is no longer enabled by default in etcd 3.
The new port is 2379 and is officially assigned by IANA.

There were still some services left that expect etcd on port 4001 by default.
This changes the default to 2379 everywhere.

It should not cause problems for users as the etcd by nix does listen on the new port only by default anyway.
2016-11-11 23:11:54 +01:00
Gregor Kleen 54199414e3 nsd service: fix typo
Closes #20343.
2016-11-11 14:06:07 +01:00
Edward Tjörnhammar 4009dbe543
nixos: i2pd, update config options 2016-11-06 08:13:04 +01:00
Joachim F 32715b8314 Merge pull request #17445 from joachifm/dnscrypt-proxy-update-list
dnscrypt-proxy service: auto-updated resolver list
2016-11-05 18:23:48 +01:00
Joachim Fasting 2f912bf0a3
dnscrypt-proxy service: auto-update upstream resolver list
By default, we use the list of public DNSCrypt resolvers provided by
dnscrypt-proxy upstream. The list is updated at regular intervals.
2016-11-05 17:44:51 +01:00
Joachim F 2c567dbd4d Merge pull request #20144 from ericsagnes/feat/module-enums
modules: use enum when relevant
2016-11-05 12:18:04 +01:00
Sophie Taylor 20e81f7c0d nixos/cjdns: tightened permissions via systemd, added caps 2016-11-04 17:00:23 +01:00
uwap d9134ddb5d Add a package option for quassel (#20159) 2016-11-04 16:33:47 +01:00
Joachim Fasting 222cfd3233
cjdns module: fix typo 2016-11-04 13:44:48 +01:00
Eric Sagnes 8f8184ece1 tinc module: use enum 2016-11-04 13:04:17 +09:00
Eric Sagnes 5a3c2e3db0 bitlbee module: use enum 2016-11-04 13:03:53 +09:00
Marius Bergmann 51652ac3aa smokeping service: Use setuid-wrapped fping binary
The current default probe config uses the unwrapped fping binary, which
leads to an error because fping must be executed with elevated
permissions.

I fixed this by changing the path to the default binary to the
setuid-wrapped version.
2016-11-03 09:44:21 +01:00
Peter J. Jones d19967bf48 vsftpd service: add extraConfig option, set anon_root (#20069)
This commit includes two changes:

  1. A new `extraConfig` option to allow administrators to set any
     vsftpd configuration option that isn't directly supported by this
     derivation.

  2. Correctly set the `anon_root` vsftpd option to `anonymousUserHome`
2016-11-03 05:06:47 +01:00
Eric Sagnes 7fd38dc8b3 znc module: optionSet -> submodule (#20096) 2016-11-03 05:02:14 +01:00
Marius Bergmann 248bf519c9 smokeping service: Fix permissions in $smokepingHome
In the prestart config of the smokeping service, smokeping is executed
initially. This happens as the user root and writes some files to
$smokepingHome, which can't be overwritten by the smokeping user. This
gives an error message.

I fixed this by moving the chown step after the initial smokeping runs,
so that it also affects the generated files.
2016-11-02 13:18:57 +01:00
Joachim Fasting 420cf50838
dnscrypt-proxy module: minor config example tweaks
- Indentation
- unbound automatically handles local forward addresses
2016-10-29 03:04:00 +02:00
Joachim Fasting d198e474a8
dnscrypt-proxy service: remove use of mkEnableOption 2016-10-29 03:03:50 +02:00
Joachim F 1da6dd3eee Merge pull request #19875 from joachifm/cjdns-for-upstream
Cjdns module enhancments
2016-10-28 13:01:58 +02:00
Joachim Fasting 8180922d23 cjdns service: refactor cjdns hosts builder
The old version would export two lists to a bash builder and do pairwise
processing on the bash side.  In the new version we instead generate a
logic free builder on the Nix side. This is not only conceptually
simpler but reduces the amount of code and intermediate values.
2016-10-27 14:15:54 +02:00
Joachim Fasting 9654e09b5a cjdns service: ensure that generated passwd has requested length
`head -cNUM ... | tr -dc SET` might generate output containing fewer
than NUM characters.  Given the limited alphabet, this could result in a
fairly weak passphrase. The construction `tr </dev/urandom | head
-cNUM`, however, is sure to give us the full `NUM`.
2016-10-27 14:15:53 +02:00
Joachim Fasting e94bd6f31d cjdns service: protect /home and /tmp 2016-10-27 14:15:52 +02:00
Joachim Fasting 5fba586650 cjdns service: better types
- types.string -> str, string is deprecated
- change type of confFile option to nullOr path, makes more sense
2016-10-27 14:15:52 +02:00
Joachim Fasting afe67f28a3 cjdns service: use cfg.enable shortcut 2016-10-27 14:15:51 +02:00
Joachim Fasting 79d216b8f4 cjdns service: whitespace cleanup 2016-10-27 14:15:51 +02:00
Frederik Rietdijk 7077a270bf Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-26 13:06:43 +02:00
Bjørn Forsman cd1b09af5d nixos/tftpd: change default dir from /home/tftp to /srv/tftp
/home is for real users. /srv is recommended by FHS (although there is
no consensus for what to name subdirs under /srv).
2016-10-25 17:20:52 +02:00
Bjørn Forsman d03dbfcbb8 nixos/tftpd: mention that it runs as an xinetd service 2016-10-25 17:20:52 +02:00
Domen Kožar 1622a21c68 Merge pull request #19453 from ryantrinkle/openfire-fix
openfire: fix service expression
2016-10-24 11:35:16 +02:00
Emery Hemingway b675619391 nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
Jörg Thalheim fba9d231b4 Merge pull request #17394 from schneefux/znc-module
ZNC: 1.6.2 -> 1.6.3, push 2015-12-07 -> 2016-07-28, module refactor
2016-10-22 19:58:24 +02:00
Jörg Thalheim fafe3ec40a Merge pull request #19624 from bjornfor/improve-atftpd-service
nixos/atftpd: various improvements
2016-10-22 18:08:53 +02:00
Frederik Rietdijk e56832d730 Merge remote-tracking branch 'upstream/master' into HEAD 2016-10-22 17:23:24 +02:00
schneefux ee42e000dd
znc module: refactor 2016-10-22 13:52:20 +02:00
Anmol Sethi 1a74eedd07 sshd: separate key generation into another service
Fixes #19589
2016-10-20 23:14:37 -04:00
Alexander Ried 57d9c69c6a supplicant: fix wants and wantedBy 2016-10-20 20:17:17 +02:00
Peter Hoeg 1026bebee6
syncthing: use service files from upstream
Currently only for the user services as NixOS handles the named system
instances slightly differently.

syncthing and syncthing-inotify are done the same way.

There are 4 parts to this:

 1) Copy in the upstream unit files
 2) Make the nixos module use the definition from upstream
 3) Enable restarting of all instances (system and user) on resume
 4) Allow the traffic in the firewall on default ports if wanted

fixes #18973
2016-10-19 21:20:57 +02:00
Ryan Trinkle 928341132e openfire: fix service expression
openfire is not in scope
2016-10-19 11:06:07 -04:00
Bjørn Forsman f3876cbba0 nixos/atftpd: various improvements
* Add extraOptions option, to pass arbitrary command line options to
  atftp. Especially useful to specify which address to bind to
  (--bind-addres ...).
* Improve descriptions (fix a typo, document default bind address,
  don't repeat service name in systemd description + capitalize)
* Change default server directory from /var/empty to /srv/tftp, and
  change types.str to types.path.
2016-10-17 16:20:24 +02:00
Benno Fünfstück 796264a708 nixos/avahi: use more upstream-like systemd units
The new units mirror the upstream systemd units as closely as possible.
I could not find a reason why the service would need to be restarted on
resuming from suspend, and the upstream units also do not contain such a
restriction, so I removed the `partOf = [ "post-resume.target"]`.
This fixes #19525.
2016-10-15 22:51:39 +02:00
Alexander Ried 4094d63dea NetworkManager-strongswan: init at 1.4.0 2016-10-15 20:32:16 +02:00
Profpatsch bef6bef0d2
stdenv/stripHash: print to stdout, not to variable
`stripHash` documentation states that it prints out the stripped name to
the stdout, but the function stored the value in `strippedName`
instead.

Basically all usages did something like
`$(stripHash $foo | echo $strippedName)` which is just braindamaged.
Fixed the implementation and all invocations.
2016-10-11 18:34:36 +02:00
Joachim F 1997761725 Merge pull request #19367 from cransom/smokeping-fix
smokeping module: fix missing js, broken alerts
2016-10-10 16:06:39 +02:00
Franz Pletz 03c2b449f8
dhcpd service: Add extraFlags option 2016-10-09 11:38:34 +02:00
Casey Ransom 74558c88fb smokeping module: fix missing js, broken alerts
The initial commit accidentally left in some commented code and if you were
using alerts, they simply didn't work.

Smokeping also includes some JS code for the webui allowing you to zoom into
graphs and it was not passed into the homedir. Additionally, generate
static html pages for other webservers to serve the cache directory.

Add additional options to specify sendmail path or mailhost and verify that both
are not set.

Add one extra config hook that allows you to bypass all of the invidual config
stanzas and just hand it a string.
2016-10-08 20:52:45 -04:00
Jaka Hudoklin afbe339e7d firewall service: add support for loose reverse path filter check (#19122) 2016-10-08 14:26:52 +02:00
Moritz Ulrich c475234827 services.kippo: Add missing '}' 2016-10-06 13:39:21 +02:00
Frederik Rietdijk 6f836eb0d4 Kippo: move pythonPackages.twisted_11 to kippo expression 2016-10-06 12:59:05 +02:00
Eric Sagnes 0bd263ecc3
wireguard: add module
fixes #17933
2016-10-06 09:41:38 +02:00
Joachim F 0906a0f197 Merge pull request #18491 from groxxda/network-interfaces
Replace Network-interfaces.target
2016-10-02 16:34:37 +02:00
Jörg Thalheim cd673d3c26 Merge pull request #19138 from nhooyr/openssh
openssh: support prohibit-password for permitRootLogin
2016-10-02 15:26:21 +02:00