mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-28 16:42:09 +00:00
Code Issues Wiki Activity
107076 commits 250 branches 124 tags 7.6 GiB
Commit graph

961 commits

Author SHA1 Message Date
Volth 9bce416637 xrdp: environment.pathsToLink from xserver.nix 2017-05-02 21:08:07 +00:00
Volth 830669ca05 xrdp: do not restart xrdp-sesman on nixos-rebuild 2017-05-02 21:08:07 +00:00
Michael Raskin 1c8d388201 Merge pull request #23865 from volth/xrdp-tests 
xrdp: init at 0.9.2
 2017-04-30 22:35:48 +02:00
Michael Raskin 929ae39dbe Merge pull request #22683 from aneeshusa/add-nixos-test-for-radicale 
Add nixos test for radicale
 2017-04-30 18:51:46 +02:00
Benjamin Staffin 9827d5f95c
nixos: optional NetworkManager dnsmasq integration 2017-04-30 00:44:19 -07:00
Volth 5e8ad49de8 do not create non-deterministic file (rsakeys.ini) in nixstore 2017-04-29 17:23:35 +00:00
volth dad760061e xrdp: init at 0.9.1 2017-04-29 17:23:35 +00:00
Kirill 64a7be7f3c Merge branch 'master' into aria2.service 2017-04-27 17:50:13 +03:00
Kirill 31c4498a47 Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00
Graham Christensen bdd89faebb
Revert "openvpn service: source up/down scripts" 
This reverts commit 50ad243f78.
 2017-04-26 12:32:59 -04:00
Tristan Helmich 50ad243f78
openvpn service: source up/down scripts 
source the up/down scripts instead of executing them to avoid loosing
access to special variables like $1
 2017-04-25 13:18:54 -04:00
Franz Pletz e74ea4282a
avahi service: add reflector option 2017-04-24 21:06:42 +02:00
Edward Tjörnhammar 0277345265
nixos, i2pd: remove, no longer needed, extip hack 2017-04-24 20:49:13 +02:00
Kirill 7a6738fefc Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00
Marius Bergmann 6572f5e81b keepalived service: init (#22755) 2017-04-20 12:50:59 +01:00
Christian Kögler d2e46b9f70 dhcpcd service: clear exit code of exitHook (#24909) 
* dhcpcd: clear exit code of exitHook

* dhcpcd: restart ntp server in oneshot in exit-hook
 2017-04-16 20:10:44 +02:00
Thomas Tuegel 48b5b77bb7 Merge pull request #24813 from benley/nm-openvpn 
nixos: Add nm-openvpn to the networkmanager group
 2017-04-14 05:44:01 -05:00
Vladimír Čunát 5b3f807597
Merge #24179: openssh: 7.4p1 -> 7.5p1 2017-04-14 12:16:26 +02:00
Vladimír Čunát da20d0e488
murmur service: fix typos from #24830 2017-04-14 11:05:42 +02:00
Daniel Peebles 09a9a472ee Merge pull request #24830 from mayflower/refactor/boolToString 
treewide: use boolToString function
 2017-04-13 09:45:31 -04:00
Tristan Helmich 13e9cc15f1 smokeping service: restart on-failure 2017-04-12 15:23:19 +02:00
Franz Pletz 3ab45f4b36
treewide: use boolToString function 2017-04-11 18:18:53 +02:00
Benjamin Staffin 47a5f9acee
nixos: Add nm-openvpn to the networkmanager group 
This is to satisfy the polkit restriction limiting
org.freedesktop.NetworkManager.* dbus messages to members of that
group.

Should help with #24806
 2017-04-10 22:41:55 -04:00
Aneesh Agrawal 8f4d778509 radicale: Add aneeshusa as maintainer 2017-04-10 20:04:17 -04:00
Aneesh Agrawal 769b991be6 openssh: 7.4p1 -> 7.5p1 
Release notes are available at https://www.openssh.com/txt/release-7.5.
Mostly a bugfix release, no major backwards-incompatible changes.

Remove deprecated `UsePrivilegeSeparation` option,
which is now mandatory.
 2017-04-10 19:39:22 -04:00
pngwjpgh 773c456ef4 networkmanager: fix dispatcher scripts (#24507) 
networkmanager used `source` to mean `text` and wrote dispatcher scripts with the default mode (0666), which means networkmanager wouldn't call them.
 2017-04-09 13:14:04 +01:00
Bas van Dijk 01a8de97eb avahi-daemon: refactored using some abstraction 2017-04-09 11:18:53 +02:00
Peter Simons 67d735e8df Merge pull request #23409 from florianjacob/avahi-point-to-point-interfaces 
avahi-daemon service: Add option to enable point-to-point interfaces.
 2017-04-07 12:35:05 +02:00
Profpatsch a1e6176cbf modules/searx: fix configFile type 2017-04-04 20:40:31 +02:00
Eelco Dolstra 80b40fdf03
sshd.nix: Alternative fix for #19589 
AFAICT, this issue only occurs when sshd is socket-activated. It turns
out that the preStart script's stdout and stderr are connected to the
socket, not just the main command's. So explicitly connect stderr to
the journal and redirect stdout to stderr.
 2017-03-31 16:18:58 +02:00
Eelco Dolstra 4e79b0b075
Revert "sshd: separate key generation into another service" 
This reverts commit 1a74eedd07. It
breaks NixOps, which expects that

  rm -f /etc/ssh/ssh_host_ed25519_key*
  systemctl restart sshd
  cat /etc/ssh/ssh_host_ed25519_key.pub

works.
 2017-03-31 16:18:58 +02:00
Richard Zetterberg dc10688edb nftables: adds information regarding nftables and Docker (#24326) 2017-03-25 16:34:02 +01:00
Joachim Fasting f815a7697e
dnscrypt-proxy service: systemd notification under apparmor 2017-03-24 14:37:44 +01:00
Michael Walker b29bc8d41c vsftpd: Expose the no_anon_password flag. 2017-03-19 01:53:29 +00:00
Franz Pletz 9536169074
nixos/treewide: remove boolean examples for options 
They contain no useful information and increase the length of the
autogenerated options documentation.

See discussion in #18816.
 2017-03-17 23:36:19 +01:00
Joachim Fasting f122f0147b
nixos/dnscrypt-proxy: log resolver list verification failure 
Otherwise, the service unit just fails for no discernable
reason.  Verifcation failure is bad so it ought to be easily
discoverable.
 2017-03-15 01:13:08 +01:00
Joachim Fasting de15e7894b
nixos/dnscrypt-proxy: get resolver list from github 
The list has disappeared from its ordinary location at
download.dnscrypt.org.
 2017-03-15 01:12:46 +01:00
Joachim Fasting 472002f216
nixos/dnscrypt-proxy: remove the resolverList option 
This option was initially added to make it easier to use an
up-to-date list, but now that we always use an up-to-date list
from upstream, there's no point to the option.

From now on, you can either use a resolver listed by dnscrypt
upstream or a custom resolver.
 2017-03-15 01:12:43 +01:00
Joachim Fasting 540740598e
nixos/dnscrypt-proxy: add example of how to use the cache plugin 2017-03-15 01:12:39 +01:00
Joachim Fasting 719813caf6
nixos/dnscrypt-proxy: replace unimportant options with extraArgs 
Removes tcpOnly and ephemeralKeys: reifying them as nixos
options adds little beyond improved discoverability.  Until
17.09 we'll automatically translate these options into extraArgs
for convenience.

Unless reifying an option is necessary for conditional
computation or greatly simplifies configuration/reduces risk of
misconfiguration, it should go into extraArgs instead.
 2017-03-15 01:12:37 +01:00
Joachim Fasting 9325c3a616
nixos/dnscrypt-proxy: simplify module logic related to apparmor 2017-03-15 01:12:35 +01:00
Joachim Fasting 83052ef9db
nixos/dnscrypt-proxy: support reload 2017-03-15 01:12:29 +01:00
Joachim Fasting bb6361b81a
nixos/dnscrypt-proxy: grant daemon access to load plugins 2017-03-10 18:54:54 +01:00
Joachim Fasting 5279ec111f
nixos/dnscrypt-proxy docs: reword section on forwarding 
Newer versions of DNSCrypt proxy *can* cache lookups (via
plugin); make the wording more neutral wrt. why one might want
to run the proxy in a forwarding setup.
 2017-03-10 18:54:52 +01:00
Joachim Fasting c0a8a9205b
nixos/dnscrypt-proxy: inline option renamings 
In an effort to make the module more self-contained.
 2017-03-10 18:54:51 +01:00
Joachim Fasting 563c8e1496
nixos/dnscrypt-proxy: inline top-level binding (cleanup) 2017-03-10 18:54:50 +01:00
Joachim Fasting c6da2c7c2b
nixos/dnscrypt-proxy: use example.com in example values 
It is the canonical example domain after all.
 2017-03-10 18:54:44 +01:00
Joachim Fasting 06520c7fb7
nixos/dnscrypt-proxy: indicate update status 
Make it easier for the user to tell when the list is updated
and, at their option, see what changed.
 2017-03-08 19:07:53 +01:00
Joachim Fasting 5f27abec23
nixos/dnscrypt-proxy: more fs isolation for the updater 
It'd be better to do the update as an unprivileged user; for
now, we do our best to minimize the surface available.  We
filter mount syscalls to prevent the process from undoing the fs
isolation.
 2017-03-08 19:07:51 +01:00
Joachim Fasting e72aaa73ea
nixos/dnscrypt-proxy: support updating before nss is up 
Resolve download.dnscrypt.org using hostip with a bootstrap
resolver (hard-coded to Google Public DNS for now), to ensure
that we can get an up-to-date resolver list without working name
service lookups. This makes us more robust to the upstream
resolver list getting out of date and other DNS configuration
problems.

We use the curl --resolver switch to allow https cert validation
(we'd need to do --insecure if using just the ip addr). Note
that we don't rely on https for security but it's nice to have
it ...
 2017-03-08 19:07:50 +01:00