mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-24 14:41:17 +00:00
Code Issues Wiki Activity
150999 commits 233 branches 124 tags 7 GiB
Commit graph

5444 commits

Author SHA1 Message Date
Sarah Brofeldt bb321a2624
Merge pull request #45811 from Nadrieril/fix-usbguard-auditfile 
nixos/usbguard: ensure the audit log file can be created 
nixos/usbguard: disable debug output
 2018-08-31 11:40:13 +02:00
Franz Pletz 1cc916b5b2
Merge pull request #45810 from vincentbernat/fix/nginx-stapling 
nixos/nginx: ensure TLS OCSP stapling works out of the box with LE
 2018-08-31 07:18:40 +00:00
Jan Tojnar f0136e4bc8
Merge pull request #45638 from aanderse/incron 
incron: init at 0.5.12
 2018-08-31 06:54:58 +01:00
Aaron Andersen 9b12db6928 changed from forking to simple as recommended by @aszlig 2018-08-31 03:03:04 +00:00
Aaron Andersen d7d7533c18 changes as per requested by @aszlig 2018-08-31 02:52:49 +00:00
Aaron Andersen 7bc2a0dd64 removed quotes when not needed as suggested by @aszlig 2018-08-31 02:17:38 +00:00
Nadrieril 9b9ba8405b nixos/usbguard: ensure the audit log file can be created 
Since version 0.7.3, usbguard-daemon won't start if the file cannot be opened.
 2018-08-30 21:54:22 +01:00
Nadrieril 08148a746a nixos/usbguard: disable debug output 2018-08-30 21:54:22 +01:00
Vincent Bernat 1251b34b5b nixos/nginx: ensure TLS OCSP stapling works out of the box with LE 
The recommended TLS configuration comes with `ssl_stapling on` and
`ssl_stapling_verify on`. However, this last directive also requires
the use of `ssl_trusted_certificate` to verify the received answer.
When using `enableACME` or similar, we can help the user by providing
the correct value for the directive.

The result can be tested with:

    openssl s_client -connect web.example.com:443 -status 2> /dev/null

Without OCSP stapling, we get:

    OCSP response: no response sent

After this change, we get:

    OCSP Response Data:
        OCSP Response Status: successful (0x0)
        Response Type: Basic OCSP Response
        Version: 1 (0x0)
        Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Produced At: Aug 30 20:46:00 2018 GMT
 2018-08-30 22:47:41 +02:00
Jan Tojnar 8a8056c302
Merge pull request #45058 from michaelpj/imp/freedesktop-modules 
freedesktop modules: init
 2018-08-30 16:14:35 +01:00
Johannes Lötzsch bb08d1c13f nixos/zabbix: fix initial database creation (#45750) 
without this fix the database setup fails with „could not connect to database postgres: FATAL:  role "root" does not exist“
 2018-08-30 08:25:13 +01:00
Nikolay Amiantov 69407cb013 firewall service: respect marks in rpfilter (#39054) 
This allows one to add rules which change a packet's routing table:

iptables -t raw -I PREROUTING 1 -m set --match-set myset src -j MARK --set-mark 2
ip rule add fwmark 2 table 1 priority 1000
ip route add default dev wg0 table 1

to the beginning of raw table PREROUTING chain, and still have rpfilter.
 2018-08-29 20:50:53 +02:00
Aaron Andersen d9943e6bba added option to specify which packages are available to the system incrontab 
recommendation by @jtojnar and @maurer
 2018-08-29 00:43:28 +00:00
Aaron Andersen 3d1091eb5b added a check to make sure a situation where a defined configuration wouldn't be unused as per recommended by @maurer 2018-08-28 23:50:55 +00:00
Tuomas Tynkkynen 69b4f427b6 nixos/zabbix-agent: Make the Zabbix package user-configurable 2018-08-28 17:43:12 +03:00
Aaron Andersen b77f38c3cd added a comment about the PATH variable under which incrontab commands will run 2018-08-27 21:31:55 +00:00
Aaron Andersen 7840d00532 clarified the descriptions of the allow and deny options 2018-08-27 21:15:03 +00:00
Aaron Andersen fc1f33bc2c fixed issue with system jobs 2018-08-27 15:23:19 +00:00
Vincent Bernat bd075eb914 nginx: add more gzipped MIME types 
The additions are:

 - image/svg+xml for SVG images
 - application/atom+xml for Atom feeds

These types are also present in mime.types. For better readability,
the list is sorted and formatted with one type per line.
 2018-08-26 21:48:55 +02:00
Vincent Bernat 06a5fb2ada nginx: use a compression level of 5 in recommended configuration 
While there is little gain of space to use a compression level of 9,
the CPU usage is significant. Many experiments point to use something
between 4 and 6. For example:

 - https://mjanja.ch/2015/03/finding-the-nginx-gzip_comp_level-sweet-spot/
 - 3bda5b93ed/nginx.conf (L93)
 2018-08-26 21:43:34 +02:00
Jörg Thalheim a78b364ed4
Merge pull request #44890 from dywedir/iwd 
iwd: 0.4 -> 0.7
 2018-08-26 17:25:42 +01:00
Augustin Borsu 4d3ce5ca36 nixos/jupyter: init service 2018-08-26 12:00:54 +02:00
Aaron Andersen fc03a9f5b7 initial work on incron service 2018-08-25 18:08:24 -04:00
Bas van Dijk 32200033a6 elasticsearch-curator: include the module in the module-list & fix bug 2018-08-25 18:53:10 +02:00
David Smith 2ec33f527b elasticsearch-curator: don't need to add enable to elasticsearch-curator service 2018-08-25 18:53:10 +02:00
David Smith 3744467589 nixos/curator: init elasticsearch curator 
https://www.elastic.co/guide/en/elasticsearch/client/curator/5.5/index.html
 2018-08-25 18:53:10 +02:00
Bas van Dijk 7d04961c95
Merge pull request #44389 from Mic92/es6 
elasticsearch: use 6.x as default version, remove unsupported releases
 2018-08-25 17:04:07 +02:00
Vladyslav Mykhailichenko d73fd69952 iwd: 0.4 -> 0.7 2018-08-25 15:26:52 +03:00
adisbladis dff43f10f6
Merge pull request #45608 from etu/fix-gitea-locale-updates 
nixos/gitea: Symlink gitea locales to match running gitea version
 2018-08-25 15:25:27 +08:00
Elis Hirwing a098cc98d9
nixos/gitea: Symlink gitea locales to match running gitea version 
This prevents issues when gitea adds new locales etc. And if they
change locale values in future versions. Or if you rollback to a
previous version of gitea it might be a good idea to use the previous
locale files.
 2018-08-25 09:19:53 +02:00
Sarah Brofeldt 8f61e96c1e nixos/datadog-agent: Fix type of use_dogstatsd (#45587) 2018-08-25 00:18:59 +02:00
Bas van Dijk 551fec4467 Merge branch 'master' into es6 2018-08-23 23:41:27 +02:00
Samuel Dionne-Riel 05310e3172
Merge pull request #44919 from Vodurden/init-undervolt 
undervolt: init at 0.2.8
 2018-08-22 10:13:55 -04:00
Sarah Brofeldt 4c6171c173 nixos/dhcpcd: Wait for devices to settle 2018-08-22 00:20:28 +02:00
Sarah Brofeldt f8306941b7
Merge pull request #45441 from lopsided98/cfssl-user-fix 
nixos/cfssl: don't create user/group unless service is enabled
 2018-08-21 22:42:29 +02:00
Ben Wolsieffer c6191c8abf nixos/cfssl: don't create user/group unless service is enabled 2018-08-21 16:24:31 -04:00
Michael Raskin 980cbff93c
Merge pull request #45353 from aanderse/redmine 
redmine: 2.5.2 -> 3.4.6
 2018-08-21 14:04:02 +00:00
Janne Heß 943786eccf nixos/terraria: Wait for daemon to stop 2018-08-20 21:41:29 +02:00
Jake Woods 4142020e45 nixos/undervolt: adding undervolt module 
We want to be able to configure persistent undervolting
in the NixOS configuration
 2018-08-20 21:01:19 +10:00
Aaron Andersen c93c0f3ae4 removed some local development stuff 2018-08-19 16:41:49 -04:00
Aaron Andersen bb7568daf7 reworked the redmine service 
added some security features like database.passwordFile
 2018-08-19 16:29:44 -04:00
Aaron Andersen 5984ed283f started working on bringing the redmine package back to life using gitlab as an example 2018-08-19 08:09:38 -04:00
Jake Woods 64223a2c1b nixos/thermald: add manual config file 
thermald has two modes: zero-config and manual. Sometimes it is useful
to manually configure thermald to achieve better thermal results or to give
thermald a hand when detecting possible cooling options.
 2018-08-19 15:54:42 +10:00
Silvan Mosberger eacaaa2161
Merge pull request #44880 from srghma/build-max-jobs-auto 
nixos/nix-daemon: build-max-jobs, add support to auto
 2018-08-18 16:46:08 +02:00
srghma 37e2ebdfbc nixos/nix-daemon: build-max-jobs, add support to auto 2018-08-18 14:45:12 +03:00
Michael Peyton Jones 13e2e19158
xdg: add modules for supporting various XDG specs 2018-08-16 21:23:34 +01:00
Silvan Mosberger be34fdfa89
Merge pull request #45078 from Izorkin/syslog-ng-reload-fix 
syslog-ng: fix reload service
 2018-08-16 18:11:52 +02:00
Izorkin e4f4589186 syslog-ng: fix reload service 2018-08-16 18:23:58 +03:00
Jan Tojnar 6f8fe25ccf
Merge pull request #45107 from mnacamura/lightdm-accountsservice 
lightdm: enable the accounts daemon to find dbus interface
 2018-08-16 17:15:05 +02:00
Silvan Mosberger ed2148b5af
Merge pull request #44238 from jfrankenau/samba-conf-override 
nixos/samba: allow dummy conf file to be overridden
 2018-08-16 16:56:24 +02:00