3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/nixos/modules/services/networking
Peter Hoeg 4ce76d9e1a ddclient nixos module: follow best practice for running daemons
Couple of changes:

 - move home to /var/lib/ddclient so we can enable ProtectSystem=full
 - do not stick binary into systemPackages as it will only run as a daemon
 - run as dedicated user/group
 - document why we cannot run as type=forking (output is swallowed)
 - secure things by running with ProtectSystem and PrivateTmp
 - .pid file goes into /run/ddclient
 - let nix create the home directory instead of handling it manually
 - make the interval configurable
2017-08-13 21:56:48 +08:00
..
firefox firefox syncserver service: fix PYTHONPATH 2017-08-12 14:08:25 +01:00
ircd-hybrid treewide: use boolToString function 2017-04-11 18:18:53 +02:00
keepalived keepalived service: init (#22755) 2017-04-20 12:50:59 +01:00
ssh sshd.nix: Added nixops usage warning of openssh.authorizedKeys.keys usage 2017-06-22 11:50:09 +02:00
amuled.nix treewide: deprecate ip-up.target (#18319) 2016-09-10 18:03:59 +02:00
aria2.nix Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00
asterisk.nix service.asterisk: add package option 2017-02-02 15:16:00 +01:00
atftpd.nix nixos/atftpd: various improvements 2016-10-17 16:20:24 +02:00
autossh.nix
avahi-daemon.nix avahi-daemon service: add cacheEntriesMax option 2017-08-04 02:10:11 +02:00
bind.nix Merge pull request #26675 from kirelagin/bind-rndc 2017-06-18 16:30:02 +01:00
bird.nix bird service: add bird to systemPackages 2016-12-28 06:35:31 +01:00
bitlbee.nix bitlbee service: Add option to load libpurple plugins into bitlbee 2017-07-16 14:19:39 +01:00
btsync.nix treewide: use boolToString function 2017-04-11 18:18:53 +02:00
charybdis.nix charybdis service: add option to configure MOTD (#25512) 2017-05-25 23:28:50 +02:00
chrony.nix nixos.chrony: remove generatecommandkey option 2017-02-07 18:01:58 +01:00
cjdns.nix cjdns service: allow daemon to drop privileges 2017-02-05 04:54:26 +01:00
cntlm.nix cntlm service: cleanup non working config options (#26578) 2017-06-15 12:11:48 +02:00
connman.nix connman: disable connman-vpn by default (#18323) 2016-09-25 08:02:29 +02:00
consul.nix Fixes #16181 - using bin output for Go services 2016-06-13 23:32:16 +02:00
coturn.nix coturn: allow use of ports < 1024 2017-06-20 09:17:24 +01:00
dante.nix dante service: fix config option type 2016-12-10 20:35:41 +01:00
ddclient.nix ddclient nixos module: follow best practice for running daemons 2017-08-13 21:56:48 +08:00
dhcpcd.nix dhcpcd service: clear exit code of exitHook (#24909) 2017-04-16 20:10:44 +02:00
dhcpd.nix nixos, dhcpd: make machines assignable 2017-02-27 10:52:21 +01:00
dnschain.nix dnschain: allow different bind and external addresses 2017-06-03 12:24:04 +02:00
dnscrypt-proxy.nix nixos/dnscrypt-proxy: default to random upstream resolver 2017-08-10 01:19:17 +02:00
dnscrypt-proxy.xml nixos/dnscrypt-proxy docs: reword section on forwarding 2017-03-10 18:54:52 +01:00
dnscrypt-wrapper.nix dnscrypt-wrapper: add service 2017-01-23 07:06:07 +01:00
dnsmasq.nix dnsmasq: create state dir for dhcp leases file 2015-12-24 22:36:19 +01:00
ejabberd.nix ejabberd service: move service to foreground 2016-08-14 22:37:06 +03:00
fakeroute.nix fakeroute: add service 2016-11-23 15:23:10 +01:00
fan.nix modprobe service: drop kmod wrapper 2016-08-19 17:56:49 +03:00
ferm.nix nixos/treewide: remove boolean examples for options 2017-03-17 23:36:19 +01:00
firewall.nix nixos/firewall: clean up rpfilter rules properly 2017-05-29 17:26:34 +02:00
flannel.nix flannel service: fix enable expression 2017-01-22 21:58:39 +01:00
flashpolicyd.nix
freenet.nix
gale.nix Fixing a bunch of issues 2017-01-29 01:58:12 -06:00
gateone.nix Gateone: fix cacerts dependency 2016-01-24 16:52:06 -05:00
gdomap.nix gnustep: fix gdomap service 2016-08-16 21:11:06 +00:00
git-daemon.nix treewide: deprecate ip-up.target (#18319) 2016-09-10 18:03:59 +02:00
gnunet.nix
gogoclient.nix
gvpe.nix gpve service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
haproxy.nix
heyefi.nix
hostapd.nix hostapd dependency fix for https://github.com/nixos/nixpkgs/issues/16090 (#26573) 2017-06-14 16:44:46 +02:00
htpdate.nix nixos: add htpdate module 2016-09-23 02:02:20 +10:00
i2p.nix
i2pd.nix i2pd: correct docs about bandwidth setting 2017-06-02 06:31:39 +02:00
iodine.nix treewide: deprecate ip-up.target (#18319) 2016-09-10 18:03:59 +02:00
iwd.nix iwd: init at unstable-2017-04-21 2017-05-21 11:05:35 +01:00
keybase.nix kbfs service: init (#25610) 2017-05-22 08:14:12 +08:00
kippo.nix nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
kresd.nix add kresd service with basic options 2017-01-25 18:46:28 +01:00
lambdabot.nix Add missing 'type', 'defaultText' and 'literalExample' in module definitions 2016-01-17 19:41:23 +01:00
libreswan.nix lib: introduce imap0, imap1 (#25543) 2017-07-04 23:29:23 +01:00
lldpd.nix lldpd: init at 0.9.7 2017-05-21 01:16:42 +02:00
logmein-hamachi.nix logmein-hamachi: init at 2.1.0.139, add nixos service 2016-04-27 16:15:01 +03:00
mailpile.nix
mfi.nix mfi: relocatable data dir 2016-04-22 22:43:45 -07:00
minidlna.nix minidlna: use journalctl for logging, systemd for runtimedir 2016-04-08 23:04:12 +02:00
miniupnpd.nix
miredo.nix miredo: Improve service description 2017-05-18 15:57:26 +02:00
mjpg-streamer.nix mjpg-streamer service: restart on failure 2016-09-02 11:44:16 +03:00
mosquitto.nix nixos/mosquitto: Fix instructions for password gen 2017-08-06 15:54:36 -07:00
mstpd.nix
murmur.nix murmur service: fix typos from #24830 2017-04-14 11:05:42 +02:00
namecoind.nix namecoind: refactor nixos module 2017-02-03 20:06:45 +01:00
nat.nix nixos/networking/nat: add option for protocol 2017-08-04 17:03:05 +02:00
networkmanager.nix networkmanager service: use unbound if enabled 2017-08-04 13:50:06 +08:00
nftables.nix nftables: adds information regarding nftables and Docker (#24326) 2017-03-25 16:34:02 +01:00
ngircd.nix Add missing 'type', 'defaultText' and 'literalExample' in module definitions 2016-01-17 19:41:23 +01:00
nix-serve.nix treewide: Use correct output of config.nix.package in non-string contexts 2016-04-25 16:44:38 +02:00
nntp-proxy.nix nntp-proxy module: use enum 2016-11-16 22:36:53 +09:00
nsd.nix nsd: Send stderr to /dev/null 2017-06-18 15:31:34 +03:00
ntopng.nix
ntpd.nix ntp: make timesyncd the new default 2016-12-17 00:00:45 +01:00
nylon.nix nixos: nylon, use named instances 2017-01-30 20:32:06 +01:00
oidentd.nix oidentd service: network-interfaces.target -> network.target 2016-09-13 11:19:22 +02:00
openfire.nix openfire service: more informative assertion failure message 2016-12-10 20:35:43 +01:00
openntpd.nix nixos.openntpd: don't spam systemd journal 2017-02-20 22:35:51 +01:00
openvpn.nix Revert "openvpn service: source up/down scripts" 2017-04-26 12:32:59 -04:00
ostinato.nix ostinato: add ostinato in NixOS services 2016-01-04 14:29:02 +08:00
pdns-recursor.nix pdns-recursor: add service 2017-01-23 17:57:48 +01:00
pdnsd.nix pdnsd service: init 2016-02-12 19:53:41 +08:00
polipo.nix
powerdns.nix powerdns: removed PrivateTmp=true in serviceConfig 2016-10-01 12:27:23 -04:00
pptpd.nix xl2tpd: add nixos module for service 2016-06-20 21:41:59 +01:00
prayer.nix Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
privoxy.nix privoxy service: remove static uid 2016-12-05 13:37:08 +01:00
prosody.nix treewide: use boolToString function 2017-04-11 18:18:53 +02:00
quagga.nix nixos/treewide: remove boolean examples for options 2017-03-17 23:36:19 +01:00
quassel.nix Fix typo introduced by #22677 2017-02-15 23:44:11 +00:00
racoon.nix
radicale.nix radicale: Add aneeshusa as maintainer 2017-04-10 20:04:17 -04:00
radvd.nix
rdnssd.nix
redsocks.nix redsocks module: initialize 2017-02-09 18:01:14 +01:00
resilio.nix resilio: remove systemd user service 2017-06-02 21:25:21 +01:00
rpcbind.nix rpcbind service: use upstream systemd unit 2017-02-01 02:45:19 +03:00
sabnzbd.nix
searx.nix searx: 0.11.0 -> 0.12.0 2017-08-01 06:16:03 +02:00
seeks.nix
shairport-sync.nix nixos: fix avahi connectivity for shairport-sync module 2016-07-08 16:22:51 +02:00
shout.nix Shout: fix infinite loop in service configuration 2016-04-11 09:58:52 -04:00
skydns.nix etcd: make all service using etc go to 127.0.0.1:2379 by default 2016-11-11 23:11:54 +01:00
smokeping.nix smokeping service: restart on-failure 2017-04-12 15:23:19 +02:00
sniproxy.nix sniproxy service: init 2016-05-11 13:27:28 +08:00
softether.nix softether: improve service dependencies 2016-09-13 11:19:22 +02:00
spiped.nix
sslh.nix treewide: use boolToString function 2017-04-11 18:18:53 +02:00
strongswan.nix Strongswan after network-online instead of network 2017-07-17 20:17:58 +02:00
supplicant.nix supplicant nixos module: Allow not specifying the configFile path 2017-02-05 06:50:20 -05:00
supybot.nix
syncthing.nix syncthing: use service files from upstream 2016-10-19 21:20:57 +02:00
tcpcrypt.nix tcpcrypt service: remove use of network-interfaces.target 2016-09-13 11:19:22 +02:00
teamspeak3.nix modules: move meta at top level 2016-08-11 00:29:48 +09:00
tftpd.nix nixos/tftpd: change default dir from /home/tftp to /srv/tftp 2016-10-25 17:20:52 +02:00
tinc.nix nixos/tinc: do not tell systemd where is pidfile 2017-08-09 22:35:20 +00:00
tox-bootstrapd.nix
toxvpn.nix toxvpn: 20161230 -> 2017-06-25 2017-06-25 20:17:20 -03:00
tvheadend.nix
unbound.nix nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
unifi.nix unifi: add options to control JVM heap size 2017-08-04 02:12:31 +02:00
vsftpd.nix vsftpd: Expose the no_anon_password flag. 2017-03-19 01:53:29 +00:00
wakeonlan.nix
websockify.nix
wicd.nix wicd: get closer to upstream service definition 2016-09-13 11:19:22 +02:00
wireguard.nix wireguard: convert "table" to an interface option 2017-08-08 01:45:19 +02:00
wpa_supplicant.nix Added option networking.wireless.networks.*.priority 2017-01-07 20:23:12 +08:00
xinetd.nix nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
xl2tpd.nix xl2tpd: add nixos module for service 2016-06-20 21:41:59 +01:00
xrdp.nix xrdp: environment.pathsToLink from xserver.nix 2017-05-02 21:08:07 +00:00
zerobin.nix treewide: minor format / style / documentation fixes 2016-09-13 11:19:22 +02:00
zerotierone.nix zerotierone: make package configurable 2016-08-31 12:39:55 +02:00
znc.nix znc module: Fix error with bitlbee channel closing tag missing a newline. 2017-05-24 22:09:43 -07:00