1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-05 12:02:47 +00:00
Commit graph

874 commits

Author SHA1 Message Date
Kranium Gikos Mendoza 356f1bdac8 sniproxy service: init 2016-05-11 13:27:28 +08:00
Joachim Fasting e38e3dcdb6
dnscrypt-proxy service: allow user to specify their own resolver list 2016-05-10 07:08:37 +02:00
Joachim Fasting bd448b7139
dnscrypt-proxy service: use up-to-date dnscrypt-resolvers list
The list of public proxies is updated now and again and it's probably a
good idea to always work from the most recent list, rather than the one
that is shipped with the release.  This can be crucial in case of
resolvers that are revealed to have gone rogue or otherwise have been
compromised.
2016-05-10 07:07:58 +02:00
Vladimír Čunát 65a9fa8cdc Merge branch 'master' into staging 2016-05-08 21:24:48 +02:00
Joachim Fasting 1d2fcde841
dnscrypt-proxy service: fix libcap output reference
After 7382afac40 shared objects are in
`libcap.lib`
2016-05-07 20:18:27 +02:00
Nikolay Amiantov f7c02f8670 ejabberd service: add image thumbnailing support 2016-05-07 14:31:16 +03:00
Tuomas Tynkkynen aadaa91379 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/applications/networking/browsers/vivaldi/default.nix
	pkgs/misc/emulators/wine/base.nix
2016-05-03 23:12:48 +03:00
Tobias Geerinckx-Rice 5508687ec2
Remove now useless proprietary Copy.com client and service
<https://techlib.barracuda.com/Copy/FAQ>

SaaS.
2016-05-01 14:38:08 +02:00
Thomas Tuegel 2875293615 nixos/networkmanager: fix syntax error 2016-04-30 12:20:06 -05:00
Tuomas Tynkkynen 4ff8f377af Merge remote-tracking branch 'upstream/master' into staging 2016-04-28 00:13:53 +03:00
Nikolay Amiantov e6e7c1e914 logmein-hamachi: init at 2.1.0.139, add nixos service 2016-04-27 16:15:01 +03:00
Nikolay Amiantov 7ac1ef05fa networkmanager service: fixup 2016-04-27 13:51:43 +03:00
Thomas Tuegel c25907d072 network-manager: multiple outputs 2016-04-25 19:04:24 -05:00
Tuomas Tynkkynen 1d4b21ef42 treewide: Use correct output of config.nix.package in non-string contexts 2016-04-25 16:44:38 +02:00
Théophane Hufschmitt 201590fd97 zerobin service : init 2016-04-25 13:18:58 +02:00
Eric Litak 032f3e721c unifi: relocatable data dir 2016-04-22 22:43:55 -07:00
Eric Litak 86357de0c8 mfi: relocatable data dir 2016-04-22 22:43:45 -07:00
Eric Litak 08546d3a20 unifi: fix for closure-size changes 2016-04-22 22:39:28 -07:00
Evgeny Egorochkin a05ba7375d quassel: use qt4 version of the daemon because as of now qt5 version fails to use proxies(connection refused) 2016-04-22 12:59:26 +03:00
Joachim Fasting 83aae072f8
dnscrypt-proxy service: fix references to libcap & attr 2016-04-15 17:44:10 +02:00
Nikolay Amiantov cb0b0190cb syncthing service: fix mkEnableOption call 2016-04-14 17:44:02 +03:00
Nikolay Amiantov c9f2753c7b syncthing service: fix invalid conflict resolution 2016-04-14 17:38:25 +03:00
Peter Hoeg 32bc5cfa24 syncthing service: support running from systemd --user instance 2016-04-14 21:22:31 +08:00
Tuomas Tynkkynen 897e0d1224 treewide: Mass replace 'openssl}/bin' to refer to the correct outputs 2016-04-14 08:32:20 +03:00
Vladimír Čunát 39ebb01d6e Merge branch 'staging', containing closure-size #7701 2016-04-13 09:25:28 +02:00
Valérian Galliat 26dc7e503d Shout: fix infinite loop in service configuration
Fixes #14594.
2016-04-11 09:58:52 -04:00
joachifm 9c484f29ce Merge pull request #14564 from valeriangalliat/shout/config
Shout: configure with attrs
2016-04-11 09:56:10 +02:00
Valérian Galliat b0d1eb4579 Shout: configure with attrs 2016-04-10 10:49:32 -04:00
Vladimír Čunát 30f14243c3 Merge branch 'master' into closure-size
Comparison to master evaluations on Hydra:
  - 1255515 for nixos
  - 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Alexander Ried 72cd570421 minidlna: use journalctl for logging, systemd for runtimedir 2016-04-08 23:04:12 +02:00
Alexander Ried 4d87926795 minidlna: use hostname in DLNA friendly name 2016-04-08 23:04:12 +02:00
joachifm 6d2df6d578 Merge pull request #14222 from Pleune/fix/iodined-client-mode
iodine service: add client mode implimentation
2016-04-08 02:19:32 +02:00
Eric Litak 0de2d2fbcd mfi: init at 2.1.11
This package has some outdated dependencies, so old versions of mongodb
and v8 had to be re-added as well.
2016-04-01 02:45:11 -07:00
Vladimír Čunát ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
rnhmjoj a98a918b10 syncthing: run daemon with dedicated user as default 2016-04-01 01:26:52 +02:00
Franz Pletz dcae10ebda wpa_supplicant service: Depend on interfaces being present 2016-03-28 21:52:23 +00:00
Mitchell Pleune 879778091a iodine service: add clients implimentation
- services.iodined moved to services.iodine
- configuration file backwards compatable
- old iodine server configuration moved to services.iodine.server
- attribute set services.iodine.clients added to specify any number
  of iodine clients
  - example:
    iodine.clients.home = { server = "iodinesubdomain.yourserver.com"; ... };
  - client services names iodine-name where name would be home
2016-03-26 21:16:29 -04:00
Joachim Fasting 1ca4610577 dnscrypt-proxy service: change default upstream resolver
Previously, the cisco resolver was used on the theory that it would
provide the best user experience regardless of location.  The downsides
of cisco are 1) logging; 2) missing supoprt for DNS security extensions.

The new upstream resolver is located in Holland, supports DNS security,
and *claims* to not log activity. For users outside of Europe, this will
mean reduced performance, but I believe it's a worthy tradeoff.
2016-03-24 17:14:22 +01:00
Joachim Fasting 9bf6e64860 dnscrypt-proxy service: use dynamic uid/gid
The daemon doesn't have any portable data, reserving a
UID/GID for it is redundant.

This frees up UID/GID 151.
2016-03-24 17:14:22 +01:00
Joachim Fasting 03bdf8f03c dnscrypt-proxy service: additional hardening
Run the daemon with private /home and /run/user to
prevent it from enumerating users on the system.
2016-03-24 17:14:22 +01:00
Joachim Fasting 4001917359 dnscrypt-proxy service: cosmetic enhancements 2016-03-24 17:14:22 +01:00
Mitchell Pleune 927aaecbcb iodined service: wantedBy ip-up.target
When iodined tries to start before any interface other than loopback has an ip, iodined fails.
Wait for ip-up.target

The above is because of the following:
in iodined's code: src/common.c line 157
	the flag AI_ADDRCONFIG is passed as a flag to getaddrinfo.
	Iodine uses the function

		get_addr(char *host,
			int port,
			int addr_family,
			int flags,
			struct sockaddr_storage *out);

	to get address information via getaddrinfo().

	Within get_addr, the flag AI_ADDRCONFIG is forced.

	What this flag does, is cause getaddrinfo to return
	"Name or service not known" as an error explicitly if no ip
	has been assigned to the computer.
	see getaddrinfo(3)

Wait for an ip before starting iodined.
2016-03-22 23:40:49 -04:00
Pascal Wittmann a491b75523 radicale service: run with dedicated user
This is done in the context of #11908.
2016-03-20 15:50:14 +01:00
Peter Simons a0ab4587b7 Set networking.firewall.allowPing = true by default.
This patch fixes https://github.com/NixOS/nixpkgs/issues/12927.

It would be great to configure good rate-limiting defaults for this via
/proc/sys/net/ipv4/icmp_ratelimit and /proc/sys/net/ipv6/icmp/ratelimit,
too, but I didn't since I don't know what a "good default" would be.
2016-03-17 19:40:13 +01:00
Joachim Fasting 12877098cb dnscrypt-proxy service: expose option to use ephemeral keys
Some users may wish to improve their privacy by using per-query
key pairs, which makes it more difficult for upstream resolvers to
track users across IP addresses.
2016-03-17 15:02:33 +01:00
Joachim Fasting a0663e3709 dnscrypt-proxy service: documentation fixes
- fix `enable` option description
  using `mkEnableOption longDescription` is incorrect; override
  `description` instead
- additional details for proper usage of the service, including
  an example of the recommended configuration
- clarify `localAddress` option description
- clarify `localPort` option description
- clarify `customResolver` option description
2016-03-17 14:18:30 +01:00
Nikolay Amiantov 363f024864 Merge pull request #13861 from abbradar/mjpg-streamer
mjpg-streamer: update and add NixOS service
2016-03-14 15:19:03 +03:00
Edward Tjörnhammar c65026bfa5 nixos: i2pd, change to yes/no config entries and explicitly enable client endpoints 2016-03-13 21:36:30 +01:00
Nikolay Amiantov 83ff545bfd mjpg-streamer service: init 2016-03-12 18:53:02 +03:00
Joachim Fasting e7cfccbcc2 dnscrypt-proxy service: fix apparmor profile
The daemon additionally requires libcap, liblz4, and libattr.
2016-03-09 04:13:19 +01:00
Michael Raskin b27de68c4e Merge pull request #13777 from eqyiel/upstream
vsftpd: Add possibility to specify path to RSA key file
2016-03-09 03:02:29 +00:00
Joachim Fasting e3ae435aad dnscrypt-proxy service: fix default resolver name
The "opendns" resolver has changed name to "cisco", causing the default
dnscrypt-proxy configuration to fail.
2016-03-09 02:59:30 +01:00
Mango Chutney 973219c973 vsftpd.nix: Add possibility to add RSA key file 2016-03-09 01:32:44 +00:00
Vladimír Čunát 09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
joachifm 453686a24a Merge pull request #13705 from aneeshusa/use-bin-instead-of-sbin-for-openssh
openssh: use bin instead of sbin folder
2016-03-07 12:03:37 +00:00
joachifm 8cff02206b Merge pull request #13725 from nathan7/bird-user
bird module: run as user/group `bird`, not `ircd`
2016-03-07 11:34:06 +00:00
Christoph Hrdinka 67e93e984c Merge pull request #13723 from Profpatsch/wheter
wheter -> whether
2016-03-07 10:51:43 +01:00
Profpatsch 7f44b58609 wheter → whether
Nice weather today, isn’t it?
2016-03-07 03:06:54 +01:00
Nathan Zadoks 0360e410b7 bird module: run as user/group bird, not ircd 2016-03-07 02:02:58 +01:00
Marius Bakke 7135553cf1 unbound: drop sbin directory 2016-03-06 12:50:41 +00:00
Aneesh Agrawal bb39304ce6 openssh: use bin instead of sbin folder
References #11939.
2016-03-05 23:56:32 -05:00
joachifm 6048f0fbd6 Merge pull request #11738 from grwlf/syncthing
Support SOCKS5 proxy for the Syncthing service
2016-03-04 01:18:40 +00:00
aszlig 6cf6c3fbc9
nixos: Fix build of manual
Broken by 17389e256f.

The description attributes of mkOption are parsed by XSLT, so we can
create a DocBook manual out of it.

Unfortunately, the passwordHash option had a description which includes
a <password> placeholder which is recognized by DocBook XSL as a valid
start tag. So as there is obviously no </password>, the build of the
manual bailed out with a parsing error.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: devhell <"^"@regexmail.net>
2016-03-03 21:35:31 +01:00
Eelco Dolstra 6bd0c3fe9d ifplugd: Remove
This package hasn't been updated in 11 years, and isn't really useful
anymore in a modern Linux system.
2016-03-03 19:43:11 +01:00
Franz Pletz aa819b8d39 Merge pull request #13591 from mayflower/services/nntp-proxy
nntp-proxy service: init
2016-03-03 18:57:25 +01:00
Shea Levy bcdd81d9e1 networkmanager: Enable ipv6 privacy extensions by default 2016-03-03 12:01:01 -05:00
Tristan Helmich 17389e256f nntp-proxy service: init 2016-03-03 14:14:19 +01:00
Nikolay Amiantov 23dd97ee88 Merge commit 'refs/pull/13412/head' of git://github.com/NixOS/nixpkgs 2016-03-02 18:56:24 +03:00
Alex Franchuk 69d8cb4a6b libreswan: add package and service to nixos 2016-03-02 09:44:30 -05:00
Thomas Strobel 2d6696fc0a nixos-modules: Fixes related to "literalExample" and "defaultText". 2016-02-29 01:47:12 +01:00
Christoph Hrdinka fd46f18cf6 nsd service: add build time config validation 2016-02-28 09:18:39 +01:00
Christoph Hrdinka c4c9019105 nsd service: make use of literalExample 2016-02-28 09:18:11 +01:00
Christoph Hrdinka 6a096504cc nsd service: add missing options 2016-02-28 09:18:11 +01:00
Christoph Hrdinka 8442a7d12c nsd service: code cleanup
Puts everything in alphanumeric order and removes unnecessary spaces to better
match NixOS coding style.
2016-02-28 09:18:11 +01:00
Domen Kožar 04422bb3ca Merge pull request #8630 from lihop/nixos/fix-formatting
nixos: fix formatting of option examples
2016-02-27 10:08:37 +00:00
Vladimír Čunát 3cf9cd8bc3 Merge #12796: nixos docs: show references to packages
(version 2) A better implementation of #10039, after #12357.
This time I did more thorough checking.

See commit messages for details.
2016-02-27 10:48:12 +01:00
Leroy Hopson f6f892e2d6 nsd service: fix formatting of example 2016-02-27 22:25:39 +13:00
Profpatsch 70c02402c8 networkmanager: fix link-local ip addresses
NetworkManager needs an additional avahi-user to use link-local
IPv4 (and probably IPv6) addresses. avahi-autoipd also needs to be
patched to the right path.
2016-02-26 03:28:56 +01:00
Eelco Dolstra d9d6a92d5e sshd.nix: Ensure global config goes before user Match blocks
Hopefully fixes #13393.
2016-02-23 18:03:33 +01:00
Pascal Wittmann 5d6d841d58 Merge pull request #13373 from tomberek/revert_kippo_twisted
kippo: revert twisted dependency
2016-02-22 23:50:17 +01:00
Thomas Bereknyei e31c8922e0 kippo: revert twisted dependency 2016-02-22 13:57:24 -05:00
Robin Gloster 686c09dd38 wpa_supplicant module: after network-interfaces.target
fixes #13136
2016-02-20 17:41:02 +00:00
Arseniy Seroka cbb06df02f Merge pull request #13142 from zimbatm/zerotierone-1.1.4
Zerotierone 1.1.4
2016-02-20 17:09:59 +03:00
zimbatm 433f979cee zerotierone: adopt systemd unit from upstream
See
5db538d85e/ext/installfiles/linux/systemd/zerotier-one.service
2016-02-19 22:56:19 +00:00
tg(x) de787adb90 tlsdated: add missing default value for extraOptions 2016-02-18 05:29:12 +01:00
aszlig 7bdcfb33f4
nixos: Provide a defaultText for type = package
We don't want to build all those things along with the manual, so that's
what the defaultText attribute is for.

Unfortunately a few of them were missing, so let's add them.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-17 21:12:24 +01:00
Vladimír Čunát e9520e81b3 Merge branch 'master' into staging 2016-02-17 10:06:31 +01:00
Nikolay Amiantov 1c8a21dfad Merge branch 'pdnsd-service' of https://github.com/nfjinjing/nixpkgs
Closes #12932
2016-02-16 20:35:01 +03:00
Franz Pletz 483e78d0f0 unbound service: add fetching root anchor for DNSSEC 2016-02-15 03:59:42 +01:00
Franz Pletz 9ba533ee4a unbound service: add types to options 2016-02-15 03:59:35 +01:00
Franz Pletz fe4b0a4801 unbound service: retab 2016-02-15 03:59:15 +01:00
Vladimír Čunát d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Edward Tjörnhammar 9c249a3adf nixos: i2pd, make config options adhere to version 2.4.0 2016-02-13 15:22:31 +01:00
Jinjing Wang 73b9a9662d pdnsd service: init 2016-02-12 19:53:41 +08:00
Eric Litak fc8a16f4ed unifi: LD_LIBRARY_PATH hack for embedded libsnappyjava.so, fixes #12897 2016-02-11 09:06:33 -08:00
tg(x) 5c19830b77 tinc: chroot option 2016-02-10 17:29:36 +01:00
tg(x) c768172919 tinc: enable chroot 2016-02-10 01:49:41 +01:00
Nathan Zadoks 9e986c161b wpa_supplicant module: add an option for accepting raw PSKs
fix #12892
2016-02-09 17:20:35 +01:00
Thomas Tuegel 5a13e9500c nixos/nix-serve: use bzip2.bin output 2016-02-07 18:38:00 -06:00
Vladimír Čunát a115bff08c Merge branch 'master' into staging 2016-02-07 13:52:42 +01:00
Vladimír Čunát ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Vladimír Čunát 4fede53c09 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-02-03 14:47:14 +01:00
Guillaume Maudoux 9f358f809d Configure a default trust store for openssl 2016-02-03 12:42:01 +01:00
Vladimír Čunát 889351af8b Revert "Merge #12357: nixos docs: show references to packages"
The PR wasn't good enough yet.
This reverts commit b2a37ceeea, reversing
changes made to 7fa9a1abce.
2016-02-03 12:16:33 +01:00
Vladimír Čunát b2a37ceeea Merge #12357: nixos docs: show references to packages 2016-02-03 10:07:27 +01:00
aszlig ecefd2167a
nixos/connman: Fix assertion for networkmanager
Regression introduced by 5184aaa1ea.

The fix was intended to remove the "x == true/false" assertions, but by
accident a "x == false" was made "x == true" instead of "(!x)".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: devhell <"^"@regexmail.net>
2016-02-01 19:33:50 +01:00
Eelco Dolstra 5184aaa1ea Use booleans properly 2016-02-01 18:19:23 +01:00
Eelco Dolstra a7b7ac8bfb openssh: Enable DSA host/client keys
This applies a patch from Fedora to make HostKeyAlgorithms do the
right thing, fixing the issue described in
401782cb67.
2016-02-01 16:31:43 +01:00
Eelco Dolstra bfebc7342e Fix some references to deprecated /etc/ssl/certs/ca-bundle.crt 2016-01-29 02:32:05 +01:00
Sergey Mironov a4d977e01f syncthing: support SOCKS5 proxying for relays 2016-01-27 22:47:09 +03:00
Arseniy Seroka e395cb0214 Merge pull request #12601 from tomberek/gateone_update
Gateone: fix cacerts dependency
2016-01-25 23:14:53 +03:00
Thomas Bereknyei 80d38d12b4 Gateone: fix cacerts dependency 2016-01-24 16:52:06 -05:00
Rick Yang f8c3130e0f softether: Fixed problems with using systemd services 2016-01-20 03:47:33 +01:00
Mark Laws 1c393cbb3c gale service: fix permissions configuration, fixes #12457 2016-01-20 02:09:40 +01:00
Vladimír Čunát 716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Thomas Strobel a04a7272aa Add missing 'type', 'defaultText' and 'literalExample' in module definitions
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
Mark Laws e7ba7fba01 gale: init at 1.1happy 2016-01-13 12:00:50 -08:00
Vladimír Čunát 3bcf8ae879 nixos manuals: bring back package references
This reverts most of 89e983786a, as those references are sanitized now.
Fixes #10039, at least most of it.

The `sane` case wasn't fixed, as it calls a *function* in pkgs to get
the default value.
2016-01-13 12:04:31 +01:00
Sander van der Burg 23772ef0a2 ejabberd: make config parameter nullable, so that the default bundled config can be used if none is given 2016-01-12 17:12:47 +00:00
goibhniu 8b8f864e48 Merge pull request #12103 from rick68/ostinato
Ostinato
2016-01-11 00:09:32 +01:00
Nikolay Amiantov d0510febe1 nixos/ejabberd: update service 2016-01-10 21:28:27 +03:00
Nathan Zadoks 8cb22c0a63 consul service: add package option 2016-01-08 01:44:28 +01:00
Shea Levy 4a511911bb Merge branch 'rm-notbit' of git://github.com/jgillich/nixpkgs 2016-01-07 14:34:40 -05:00
Daniel Peebles 57cb5ab17a Merge pull request #12198 from mayflower/remove-upstart-layer
Remove upstart layer
2016-01-07 13:47:39 -05:00
Peter Simons a68450e509 Merge pull request #12009 from mayflower/tinc-module
tinc module: Ed25519PrivateKeyFile, BindToAddress
2016-01-07 12:48:35 +01:00
Austin Seipp 4dc7cab40e nixos: btsync - switch to using systemd user services
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 03:33:38 -06:00
Tristan Helmich 1a0d004cc2 tinc module: Ed25519PrivateKeyFile, listenAddress 2016-01-07 09:13:28 +00:00
Robin Gloster 88292fdf09 jobs -> systemd.services 2016-01-07 06:39:06 +00:00
Austin Seipp d89454bb79 nixos: btsync - add directoryRoot option
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-07 00:09:20 -06:00
Jakob Gillich 57d6dfe932 notbit: removed dead package
The Bitmessage protocol v3 became mandatory on 16 Nov 2014 and notbit does not support it, nor has there been any activity in the project repository since then.
2016-01-07 04:39:51 +01:00
Robin Gloster 246f0e91cd wpa_supplicant service: Warn about plaintext keys in docs 2016-01-06 03:58:39 +00:00
Robin Gloster 609457458e wpa_supplicant module: remove preStart hack
If the config file is managed imperatively we shouldn't touch it.
2016-01-06 03:58:39 +00:00
Robin Gloster d03b35f881 wpa_supplicant module: add networks option 2016-01-06 03:58:39 +00:00
Robin Gloster 3a5f488445 wpa_supplicant module: refactor 2016-01-06 03:58:39 +00:00
Robin Gloster 7d973a56d0 wpa_supplicant module: remove obsolete option
networking.WLANInterface has been obsolete for years
2016-01-06 03:58:39 +00:00
Peter Simons 49d18bdfcb Revert "Basic Declaritive Network Configuration in wpa_supplicant Service" 2016-01-05 19:32:41 +01:00
Peter Simons d807b057ed Merge pull request #11920 from bjornfor/rename-host-to-listen-address
Rename NixOS option names: 'host' to 'listenAddress'
2016-01-05 12:54:15 +01:00
Peter Simons 94e6323de0 Merge pull request #12015 from mayflower/wpa_supplicant-service
Basic Declaritive Network Configuration in wpa_supplicant Service
2016-01-05 10:53:13 +01:00
Wei-Ming Yang bd035405f4 ostinato: add ostinato in NixOS services 2016-01-04 14:29:02 +08:00
Vladimír Čunát f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Domen Kožar f41603d8a6 Merge pull request #11940 from jgillich/dnsmasq-leases
dnsmasq: create state dir for dhcp leases file
2015-12-30 16:50:14 +01:00
Robin Gloster 4bf7afc78e wpa_supplicant module: remove preStart hack
If the config file is managed imperatively we shouldn't touch it.
2015-12-29 18:49:39 +00:00
Robin Gloster 56a53ff458 wpa_supplicant module: add networks option 2015-12-29 18:49:39 +00:00
Robin Gloster 9dceabc95d wpa_supplicant module: refactor 2015-12-29 18:49:39 +00:00
Robin Gloster 57210ce1c1 wpa_supplicant module: remove obsolete option
networking.WLANInterface has been obsolete for years
2015-12-29 18:49:38 +00:00
Domen Kožar fe9a7c6d5b Merge pull request #11956 from zimbatm/nm-openvpn-uid-gid
networkmanager: set uid/gid for the networkmanager openvpn agent
2015-12-27 11:02:55 +01:00
Jakob Gillich ae4a7f9351 hostapd: rename extraCfg -> extraConfig, added asserts 2015-12-26 11:37:00 +01:00
Jakob Gillich a193ea3700 dnsmasq: create state dir for dhcp leases file
ref #11718
2015-12-24 22:36:19 +01:00
Bjørn Forsman 46924e77a2 nixos/sslh: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:23:51 +01:00
Bjørn Forsman 6c2fc3a5ac nixos/shout: rename 'host' to 'listenAddress'
More descriptive option name.
2015-12-24 00:22:47 +01:00
Kevin Cox 3acf8132c3 murmur: sslCa and extraConfig options, fixes #11419 2015-12-22 01:28:39 +01:00
Thomas Strobel cdd7310a50 nixos avahi-daemon: add new option declarations
Add new option declarations to control what information is published
by the avahi daemon. The default values are chosen to respect the
privacy of the user over the connectivity of the system.
2015-12-21 18:20:35 +01:00
Jakob Gillich 0f1de2ea9f miniupnpd: firewall config 2015-12-13 16:44:58 +01:00
Franz Pletz 6734127545 shairport-sync service: add module
Adds a new service module for shairport-sync. Tested with a local
and remote pulseaudio server. Needs to be run as a user in the pulse group
to access pulseaudio.
2015-12-12 20:30:47 +01:00
Luca Bruno 5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Arseniy Seroka bc8d08a511 Merge pull request #11548 from jgillich/upnpd
miniupnpd: add service
2015-12-10 23:32:51 +03:00
Jakob Gillich 29871ee2dd miniupnpd: add service 2015-12-09 00:28:41 +01:00
zimbatm c515be4651 networkmanager: set uid/gid for the networkmanager openvpn agent
Fixes #11317
2015-12-08 16:47:56 +00:00
Jakob Gillich 80720501cb ddclient: fix ssl option 2015-12-08 11:11:14 +01:00
Markus Wotringer 9a350d5f1e cntlm: refactor to systemd service, fixes #11339 2015-12-07 15:40:43 +01:00
Jakob Gillich 6c9931c556 shout: fix preStart, fixes #11516
preStart must be a string
2015-12-07 15:24:29 +01:00
Tobias Geerinckx-Rice 214a9537c8 hostapd service: improve option descriptions 2015-12-05 23:42:56 +01:00
Christoph Hrdinka e2720bfb70 nsd service: use mkEnableOption 2015-12-04 16:13:02 +01:00
Bas van Dijk db43a79f10 strongswan service: use config.system.sbin.modprobe instead of kmod
Fixes: #8343
2015-11-30 01:50:57 +01:00
Luca Bruno 920b1d3591 Merge branch 'master' into closure-size 2015-11-29 16:50:26 +01:00
lethalman 072aa5000f Merge pull request #11329 from ctheune/submit/pkg-syncthing-update-0.12.4
syncthing: 0.11 -> 0.12
2015-11-29 15:51:00 +01:00
Christian Theune f6627a9402 syncthing: 0.11 -> 0.12
Also, keep 0.11 around (in an updated version) and make the
pkg an option to the service module.
2015-11-28 20:17:49 +01:00
goibhniu cc63832981 Merge pull request #8758 from fpletz/package/chrony
chrony: 2.1.1 -> 2.2 & service improvements
2015-11-26 13:22:33 +01:00
Luca Bruno a412927924 Merge remote-tracking branch 'origin/master' into closure-size 2015-11-25 21:37:30 +01:00
Edward Tjörnhammar bfcde5cc38 i2pd: patch to enable tunnelcfg usage
nixos: i2pd service, use tunnelscfg to pass nix tunnel specifications
2015-11-22 20:35:59 +01:00
Vladimír Čunát 333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
William A. Kennington III 6602f49495 Revert "Revert "Merge pull request #9543 from NixOS/staging.post-15.06""
This reverts commit 741bf840da.

This reverts the fallout from reverting the major changes.
2015-11-14 12:32:51 -08:00
William A. Kennington III 9579c9ec7f Merge commit 'cb21b77' into master.upstream
This is a partial merge of staging for builds which are working
2015-11-13 15:53:10 -08:00
Robbin C c75d1e761a Change argument --port to --listen in nix-serve.nix 2015-11-13 21:25:50 +08:00
Pascal Wittmann 14ecf0c7fb services.tlsdated: use google.com as default host
www.ptb.de returns incorrect dates.
2015-11-11 12:07:08 +01:00
Tomasz Kontusz 6681c66db8 networkmanager service: add unmanaged option 2015-11-10 12:20:55 +01:00
Alexei Robyn 91fe21c854 quassel service: Support multiple listen addresses, fixes #10924 2015-11-10 11:10:21 +01:00
William A. Kennington III a26c8e9b83 Merge branch 'master.upstream' into staging.upstream 2015-11-07 15:51:51 -08:00
Domen Kožar 07405ee187 Merge pull request #9463 from khumba/nm-connection-sharing
Fix NetworkManager connection sharing
2015-11-06 11:16:50 +01:00
Domen Kožar e695b245a9 Merge pull request #9805 from Mathnerd314/quassel-fix
quassel: Start after its databases
2015-11-06 11:14:54 +01:00
Franz Pletz d89f269b26 chrony service: Members of group chrony can use chronyc 2015-11-03 15:07:18 +01:00
Franz Pletz c459e269eb chrony service: Integration with other ntp daemons 2015-11-03 15:07:18 +01:00
Tim Jäger 4591e72917 Fixed wrong documentation for Wake-On-LAN feature 2015-10-31 12:55:34 +01:00
William A. Kennington III dd2de66d61 Merge branch 'master.upstream' into staging.upstream 2015-10-30 17:16:07 -07:00
Domen Kožar 01b0355140 nm-openvpn: add user/group, closes #10689
(cherry picked from commit 551dad3ffd)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-10-29 09:59:08 +01:00
Peter Simons 84903a4846 nixos: use "example.net" host name in autossh documentation 2015-10-28 20:04:36 +01:00
Peter Simons b8dd60aaa6 nixos: remove redundant services.autossh.enable option
The service is enabled automatically when 'session' is non-empty.
2015-10-28 19:50:06 +01:00
Peter Simons be1fa3c9da Merge pull request #10650 from grwlf/autossh-nixos
autossh.nix: AutoSSH service as a NixOS module
2015-10-28 11:31:51 +01:00
Sergey Mironov d355ed81cb autossh.nix: add the module, which run autossh sessions as systemd services 2015-10-28 00:23:13 +03:00
Domen Kožar 6fb7b9b664 networkmanager: don't check if subject is active (false in my X session)
(cherry picked from commit 4c2bbb248c)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-10-23 20:16:49 +02:00
Vladimír Čunát 4917a4f8b3 Merge master into staging 2015-10-23 01:57:14 +02:00
Hajo Möller de9e05153d service.asterisk: fix dir creation 2015-10-19 19:05:23 +02:00
William A. Kennington III 8a44a36ca4 Merge branch 'master.upstream' into staging.upstream 2015-10-15 10:22:28 -07:00
Tobias Geerinckx-Rice a65cf63f55 copy-com service: order after network-online.target
I doubt that ordering non-sysvinit services after network.target ever
makes sense. In this case, CopyConsole requires DNS lookups and fails
if these are not yet possible.
2015-10-13 21:02:01 +02:00
Vladimír Čunát 12487536d2 libgpgerror: split dev and info outputs 2015-10-13 20:19:00 +02:00
Vladimír Čunát 99e4371526 curl: split into multiple outputs
Also use pkgconfig to be safer and fix (some) referrers.
2015-10-13 20:18:48 +02:00
Thomas Strobel c6b2365e9a supplicant module: extended module for wpa_supplicant
Add new configuration options for wpa_supplicant and allow to
configure and start one wpa_supplicant per device.
2015-10-06 20:12:40 +02:00
Eelco Dolstra 741bf840da Revert "Merge pull request #9543 from NixOS/staging.post-15.06"
This reverts commit f61176c539, reversing
changes made to a27ca029ee.

Conflicts:
	pkgs/development/libraries/ncurses/default.nix
2015-10-06 15:24:20 +02:00
Vladimír Čunát f361938b21 Merge staging into closure-size
This makes gcc5 the default builder, etc.
2015-10-03 15:23:13 +02:00
Vladimír Čunát 5227fb1dd5 Merge commit staging+systemd into closure-size
Many non-conflict problems weren't (fully) resolved in this commit yet.
2015-10-03 13:33:37 +02:00
lethalman 0474cb3c6d Merge pull request #10078 from nmikhailov/nm_service
Enable setting extended NetworkManager hooks
2015-10-02 11:45:28 +02:00
Peter Simons 4578784820 nixos: add services.bind.extraConfig option
This option allows users to add arbitrary configuration statements into
the generated named.conf file.
2015-09-29 11:51:40 +02:00
ts468 6d5a742c2e Merge pull request #10000 from ts468/upstream.vswitch
nixos networking: add vswitch option
2015-09-29 00:52:58 +02:00
Nikita Mikhailov 89b306a7ff Enable setting extended NetworkManager hooks 2015-09-26 23:59:31 +06:00
Matej Cotman ee7e17c6a7 Merge pull request #9984 from grwlf/syncthing
syncthing: update systemd service config according to upstream example
2015-09-26 18:38:20 +02:00
Thomas Strobel 59bc47c9ed nixos networking: add vswitch option
Add a configuration option for Open vSwitch that is
similar to the option for the Linux kernel ethernet
bridge.
2015-09-25 11:55:27 +02:00
Eelco Dolstra 89e983786a Manual: Remove store path references 2015-09-24 11:50:58 +02:00
Sergey Mironov 9f191abad1 syncthing: update systemd service config according to upstream example
The example service config were taken from the syncthing repo:
https://github.com/syncthing/syncthing/blob/master/etc/linux-systemd/system/syncthing@.service
2015-09-21 21:17:38 +00:00
lethalman d6fd3c4270 Merge pull request #9317 from dfoxfranke/oidentd-ipv6
oidentd: listen on IPv6
2015-09-18 15:20:02 +02:00
Eric Sagnes 095bf185ec connman: improved configuration support 2015-09-12 23:31:50 +09:00
Mathnerd314 91e6a8e5a2 quassel: Start after its databases 2015-09-11 15:42:35 -06:00
Thomas Strobel 684cd17ff5 dnschain nixos module: init 2015-09-10 18:11:40 +02:00
Thomas Strobel 8db7c14e56 namecoind nixos module: security enhancements 2015-09-10 18:11:40 +02:00
Luca Bruno f4b7be4f04 nixos ntpd: allow passing extra flags 2015-09-10 10:58:13 +02:00
Peter Simons 64eb5527ba nixos: remove the obsolete 'services.openvpn.enable' option
OpenVPN is enabled implicitly when configuring 'services.openvpn.servers', so the
"enable" option is meaningless since b2910df04e.

Closes https://github.com/NixOS/nixpkgs/issues/9764.
2015-09-10 10:38:38 +02:00
Arseniy Seroka 90a7bb69d0 Merge pull request #9711 from anderspapitto/bitlbee
plugin support for bitlbee, and facebook plugin
2015-09-09 03:03:53 +03:00
Anders Papitto 78f7a09e3a bitlbee service: enable plugins 2015-09-08 14:24:50 -07:00
Thomas Strobel cb4bea5f97 namecoind nixos module: fix environment variable 2015-09-08 22:37:10 +02:00
Thomas Strobel b6fb760484 namecoind nixos module: init 2015-09-08 20:17:52 +02:00
Thomas Strobel 5e21271af0 dnsmasq nixos module: fix path in systemd service 2015-09-08 19:33:01 +02:00
Bryan Gardiner f4de446573
NetworkManager: fix dnsmasq interaction for ad-hoc networks
Fixes #7593 (NM can't find the dnsmasq binary); the NM expression is missing
dnsmasq in its buildInputs, so configure can't find it.

Also creates /var/lib/misc which dnsmasq expects to exist, because it puts
dnsmasq.leases there.
2015-09-07 14:04:32 -07:00
Enrico Fasoli 44788bb2ce fixed syncthing service to work as expected 2015-09-02 18:14:21 +02:00
Eelco Dolstra 14321ae243 Rename users.extraUsers -> users.users, users.extraGroup -> users.groups
The "extra" part hasn't made sense for years.
2015-09-02 17:34:23 +02:00
Daniel Fox Franke fc96dbb1a2 oidentd: listen on IPv6 2015-08-30 10:53:08 -04:00
Eelco Dolstra 287c08d8a3 Rename services.openssh.knownHosts -> programs.ssh.knownHosts
This option configures the SSH client, not the server.
2015-08-27 15:32:46 +02:00
lethalman a45a0911d4 Merge pull request #9376 from rick68/softether
softether: support SoftEther VPN 4.18
2015-08-26 10:45:46 +02:00
Charles Strahan 648973d641 nixos: rename service 'ubuntu-fan' as 'fan' 2015-08-22 14:05:35 -04:00
Wei-Ming Yang efd34824eb softether: support SoftEther VPN 4.18 2015-08-21 13:59:00 +08:00
Eelco Dolstra 401782cb67 Revert "openssh: 6.9p1 -> 7.0p1"
This reverts commit a8eb2a6a81. OpenSSH
7.0 is causing too many interoperability problems so soon before the
15.08 release.

For instance, it causes NixOps EC2 initial deployments to fail with
"REMOTE HOST IDENTIFICATION HAS CHANGED". This is because the client
knows the server's ssh-dss host key, but this key is no longer
accepted by default. Setting "HostKeyAlgorithms" to "+ssh-dss" does
not work because it causes ssh-dss to be ordered after
"ecdsa-sha2-nistp521", which the server also offers. (Normally, ssh
prioritizes host key algorithms for which the client has a known host
key, but not if you set HostKeyAlgorithms.)
2015-08-20 14:08:18 +02:00
Jaka Hudoklin 40582b68f4 Merge pull request #9354 from offlinehacker/nixos/skydns/fixdns
skydns service: fix skydns nameservers env option
2015-08-20 02:26:33 +02:00
Jaka Hudoklin ed356eefa6 skydns service: fix skydns nameservers env option 2015-08-19 23:54:54 +02:00
Jaka Hudoklin c171cfabed nixos/racoon: create /var/racoon upon start 2015-08-19 23:38:44 +02:00
Eelco Dolstra 1f2eef5ae9 openssh: Re-enable DSA client keys
This was broken by a8eb2a6a81.
2015-08-18 13:11:45 +02:00
Charles Strahan c1ee8fefd4 nixos: add support for Ubuntu Fan Networking
This provides support for Ubuntu Fan Networking [1].

This includes:

* The fanctl package, and a corresponding NixOS service.
* iproute patches.
* kernel patches.

closes #9188

1: https://wiki.ubuntu.com/FanNetworking
2015-08-13 14:27:14 -04:00
Joachim Fasting 2c5775b141 i2p service: use mkEnableOption 2015-08-09 02:29:35 +02:00
lethalman 076e90c67a Merge pull request #9150 from tomberek/gateone_setup
gateone: Fix startup
2015-08-08 15:35:08 +02:00
Thomas Bereknyei 6b280b648f kippo: fix check for pidPath 2015-08-07 01:01:22 -04:00
Thomas Bereknyei 825b8403a2 Check for pidDir and create 2015-08-07 00:43:29 -04:00
Anders Papitto 4f7819b89c dnsmasq restarts if /etc/hosts file is changed by nixos-rebuild 2015-08-05 03:36:19 -07:00
Thomas Bereknyei cb6dc71599 GateOne: init at 1.2 2015-08-03 11:01:05 -04:00
Benjamin Staffin ad4c957163 shout service: New module. 2015-08-01 03:36:45 -07:00
Thomas Tuegel e5a93ab201 Revert "nixos/quassel: Temporarily switch back to qt4 since qt5 tls in quassel is broken"
This reverts commit c61d048427.
2015-07-30 21:24:11 -05:00
Eelco Dolstra a5b83c3573 sshd: Use RSA and ED25519 host keys
Closes #7939.
2015-07-27 20:30:10 +02:00
William A. Kennington III abc7c1b013 nixos/firewall: Add the ability to specify additional packages for extraCommands 2015-07-26 16:33:03 -07:00
Eelco Dolstra f64589b2ef firewall: Don't depend on ipset
NixOS doesn't use it, so no reason to include it.
2015-07-26 22:45:39 +02:00
Tobias Geerinckx-Rice 078ee4ac55 copy-com: 1.47.0410 -> 3.2.01.0481 + several fixes
The graphical UI (the largest part of this package) never worked; fixed.

Added myself as a maintainer.
2015-07-25 04:39:02 +02:00
lethalman 636f9ac0ed Merge pull request #8799 from ryantm/master
heyefi service: init
2015-07-24 10:11:26 +02:00
tv 1306c11b94 bitlbee service: fix typo 2015-07-16 02:43:27 +02:00
Ryan Mulligan 9d485d9433 heyefi service: make uploadDir path more generic and a string 2015-07-14 06:56:30 -07:00
Ryan Mulligan d11edff860 heyefi service: use mkEnableOption 2015-07-14 06:54:51 -07:00
Ryan Mulligan d6cee31b04 heyefi service: init 2015-07-14 06:42:02 -07:00
Eelco Dolstra 7b38cb699d services.openssh.knownHosts.*.publicKey: Update description and add example
Note that it's no longer allowed to have multiple public keys
separated by a newline.
2015-07-13 16:21:57 +02:00
tv baab714b2e charybdis service: fix preStart script 2015-07-13 15:11:18 +02:00
Leroy Hopson 2e49828d9c firefox sync-server service: make path to paster executable absolute
The systemd service was ignoring ExecStart because the path to the
paster executable was not absolute. Because ExecStart was ignored, the
service would not start.
2015-07-12 20:43:52 +12:00
James Cook a456168e5b Merge pull request #6702 from joachifm/dnscrypt-proxy
nixos: some improvements for dnscrypt-proxy
2015-07-12 00:17:46 -07:00
Pascal Wittmann 1e4483b1ec nixos/bitlbee: fixed protocols option 2015-07-08 19:30:20 +02:00
Pascal Wittmann c0de3b306b nixos/bitlbee: add hostname, config dir and protocols options 2015-07-08 19:14:36 +02:00
Arseniy Seroka 7e7371fe3c Merge pull request #8639 from sjmackenzie/zerotierone
zerotier-one: service add
2015-07-08 02:15:14 +03:00
Stewart Mackenzie 5297371b95 zerotier-one: service add 2015-07-07 07:11:44 +08:00
William A. Kennington III c61d048427 nixos/quassel: Temporarily switch back to qt4 since qt5 tls in quassel is broken 2015-07-05 16:53:42 -07:00
Arseniy Seroka 093a8994f9 Merge pull request #8624 from ambrop72/minidlna-update
minidlna 1.1.4
2015-07-04 13:59:32 +03:00
Pascal Wittmann 2fd9d56f51 nixos/skydns: fixed reference to skydns 2015-07-04 09:43:28 +02:00
Ambroz Bizjak 42a5ad5c5e minidlna: 1.0.25 -> 1.1.4
Changes:
- gettext is needed to build
- Switched to using non-legacy ffmpeg.
- Removed ffmpeg stuff from include path since it causes build errors related to
a time.h header.
- Removed unneeded patch.
- Adjusted NixOS service due to the binary being renamed.
2015-07-04 09:16:28 +02:00
Simon Vandel Sillesen 9dab1a840c tvheadend: init at 4.0.4 2015-06-24 13:22:09 +00:00
William A. Kennington III 6532863ac4 unifi: 3.2.10 -> 4.6.3 2015-06-23 10:09:44 -07:00
Arseniy Seroka cf44a27fc4 fix argument in mkEnableOption 2015-06-21 18:21:21 +03:00
William A. Kennington III 295846a254 nixos/nix-serve: Run as a separate user and add a signing key parameter 2015-06-17 19:10:39 -07:00
Eelco Dolstra 6e6a96d42c Some more type cleanup 2015-06-15 18:18:46 +02:00
Eelco Dolstra 19ffa212af types.uniq types.int -> types.int
types.int already implies uniqueness.
2015-06-15 18:11:32 +02:00
Eelco Dolstra c738b309ee types.uniq types.bool -> types.bool 2015-06-15 18:10:26 +02:00
Eelco Dolstra 9366af1b94 "types.uniq types.string" -> "types.str" 2015-06-15 18:08:49 +02:00
Joachim Fasting ffc6275e55 dnscrypt-proxy service: support custom providers
The primary use-case is private DNSCrypt providers.

Also rename the `port` option to differentiate it from the
`customResolver.port` option.
2015-06-12 15:12:33 +02:00
Joachim Fasting 8131065b63 dnscrypt-proxy service: use mkEnableOption 2015-06-12 15:12:33 +02:00
Joachim Fasting 2e8bc2bd5c nixos: cosmetic improvements to dnscrypt-proxy service module
Remove superflous whitespace & comments
2015-06-12 15:12:33 +02:00
Joachim Fasting a88a6bc676 nixos: additional hardening for dnscrypt-proxy
- Run as unprivileged user/group via systemd, obviating the need to
  specify capabilities, etc.
- Run with private tmp and minimal device name space
2015-06-12 15:12:33 +02:00
Joachim Fasting 823bb5dd4d nixos: implement socket-activation for dnscrypt-proxy
The socket definition is derived from upstream with the
exception that it does not depend on network.target, as
this creates a cycle between basic.target and sockets.target.

The apparmor profile has been updated to account for additional
runtime dependencies introduced by enabling systemd support.
2015-06-12 15:12:33 +02:00
Joachim Fasting dfe20de782 nixos: permit dnscrypt-proxy service to read basic user/group info
If nscd is not running, dnscrypt-proxy crashes without read access
to /etc/{password,group,nsswitch.conf}.
2015-06-12 15:12:30 +02:00
William A. Kennington III b79a5e812a nixos/quassel: Use qt5 instead of qt4
This really speeds up building quassel daemon since qt5 can be built in
parallel while qt4 cannot.
2015-06-08 15:37:34 -07:00
Jaka Hudoklin c9da002a07 nixos/consul: fix consul alerts enable 2015-06-08 13:41:43 +02:00
Jaka Hudoklin 23504e5bf2 Add skydns module 2015-06-08 13:36:05 +02:00
Timofey Lagutin 714377f8dc bittorrentsync: fix storage_path.
If this path is a symlink, btsync won't be able to read it if it's not ending with "/".

As seen in f02d4ec9ed
Broken in 0539ed4771
2015-06-05 18:39:01 +03:00
Mateusz Kowalczyk 1113efec5e Merge pull request #7559 from offlinehacker/openvswitch/ipsec
openvswitch: ipsec support
2015-05-26 11:26:02 +01:00
Mateusz Kowalczyk a35e1ddfb2 Merge pull request #7566 from offlinehacker/nixos/node-docker-registry/module
nixos: add node docker registry server
2015-05-26 11:07:22 +01:00
lethalman aff1c293ef Merge pull request #7998 from dezgeg/pr-ddclient-ssl
ddclient: Set SSL_CERT_FILE environment variable
2015-05-26 10:25:47 +02:00
Tuomas Tynkkynen 2966068968 ddclient: Set SSL_CERT_FILE environment variable
Otherwise connection to SSL hosts fails like this:

May 26 06:44:05 kbuilder ddclient[17084]: WARNING:  cannot connect to dynamicdns.park-your-domain.com:443 socket:
    IO::Socket::IP configuration failed SSL connect attempt failed with unknown error
    error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2015-05-26 06:45:25 +03:00
Peter Simons 50fa9d8eea Merge pull request #7941 from peti/allow-custom-ssh-moduli-file
nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH
2015-05-22 20:51:42 +02:00
Peter Simons 86d299bc6e nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH
The man page for ssh-keygen(1) has a section "MODULI GENERATION" that describes
how to generate your own moduli file. The following script might also be helpful:

 | #! /usr/bin/env bash
 |
 | moduliFiles=()
 |
 | generateModuli()
 | {
 |   ssh-keygen -G "moduli-$1.candidates" -b "$1"
 |   ssh-keygen -T "moduli-$1" -f "moduli-$1.candidates"
 |   rm "moduli-$1.candidates"
 | }
 |
 | for (( i=0 ; i <= 16 ; ++i )); do
 |   let bitSize="2048 + i * 128"
 |   generateModuli "$bitSize" &
 |   moduliFiles+=( "moduli-$bitSize" )
 | done
 | wait
 |
 | echo >moduli "# Time Type Tests Tries Size Generator Modulus"
 | cat >>moduli "${moduliFiles[@]}"
 | rm "${moduliFiles[@]}"

Note that generating moduli takes a long time, i.e. several hours on a fast
machine!

This patch resolves https://github.com/NixOS/nixpkgs/pull/5870.
2015-05-22 16:28:45 +02:00
William A. Kennington III 31a273cb14 nixos/tinc: users are system users 2015-05-21 20:11:13 -07:00
William A. Kennington III 4ed8cdc3d4 nixos/bird: Fix doc compilation 2015-05-20 18:53:54 -07:00
lassulus 9d07c54fa1 nixos: add bird module
patch bird to look in /var/run for birc.ctl
2015-05-19 15:42:24 +02:00
Arseniy Seroka 946e7dca61 Merge pull request #7842 from dezgeg/pr-nix-serve
nix-serve: Add nixos module
2015-05-14 22:44:43 +03:00
Tuomas Tynkkynen fd8cb1ff2d nix-serve: Add nixos module
This allows sharing the Nix store of the machine as a binary cache
simply by setting 'services.nix-serve.enable = true'.
2015-05-14 12:27:28 +03:00
Eelco Dolstra fc8011ad8d Ensure that nscd, sshd are created as system users
c0f70b4694 removed the fixed uid
assignment, but then it becomes necessary to set isSystemUser.

http://hydra.nixos.org/build/22182588
2015-05-13 16:23:36 +02:00
William A. Kennington III 2806491cc4 nixos/consul: Add shell for health checks 2015-05-11 17:44:07 -07:00
William A. Kennington III b6e26aa8df nixos/consul: Support a config directory for health checks 2015-05-11 16:45:04 -07:00
William A. Kennington III 1938dc9b54 nixos/consul: Remove the joinNodes and joinRetries options as they are now built in consul options 2015-05-11 16:27:53 -07:00
Arseniy Seroka c0727fb751 Merge pull request #7788 from Lassulus/charybdis
add charybdis nixos module
2015-05-11 12:57:58 +03:00
lassulus 304cab2b46 add charybdis nixos module 2015-05-11 11:38:53 +02:00
William A. Kennington III 074c4a7f78 Merge remote-tracking branch 'upstream/master' into staging 2015-05-07 01:44:49 -07:00
Vladimír Čunát 3b9ef2c71b fix "libc}/lib" and similar references
Done mostly without any verification.
I didn't bother with libc}/include, as the path is still correct.
2015-05-05 11:52:08 +02:00