Commit Graph

337 Commits

Author SHA1 Message Date
Kirill
64a7be7f3c Merge branch 'master' into aria2.service 2017-04-27 17:50:13 +03:00
Kirill
31c4498a47 Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00
Orivej Desh
8f634a78b9 clickhouse: init at 1.1.54190 2017-04-27 13:25:58 +00:00
Edward Tjörnhammar
45470c65f5
nixos: static ids for jackett, radarr, sonarr 2017-04-25 12:08:21 +02:00
Kirill
7a6738fefc Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00
Jörg Thalheim
947815f59f
fcron: 3.1.2 -> 3.2.1
fixes #23320 #23413
2017-03-05 22:41:11 +01:00
Bjørn Forsman
d4e5bb34b7 nixos/geoip-updater: run as user 'geoip' instead of 'nobody'
That way 'nobody' is prevented from messing with the databases.
2017-02-15 23:25:27 +01:00
Graham Christensen
3cec7d10df
kdm: drop service 2017-02-11 13:55:09 -05:00
Nikolay Amiantov
876a6d7f03 rpcbind service: use upstream systemd unit 2017-02-01 02:45:19 +03:00
Vaibhav Sagar
63f609b1a4 ihaskell: remove service configuration. (#22268)
See #22047. This change should be reverted after IHaskell has been
updated to support GHC 8.
2017-01-30 08:38:42 +01:00
Vladimír Čunát
278bbe3b33
add kresd service with basic options
Still celebrating today's 1.2.0 release!
2017-01-25 18:46:28 +01:00
rnhmjoj
6bcf89f217
pdns-recursor: add service 2017-01-23 17:57:48 +01:00
schneefux
67c4512060
gogs service: init 2017-01-21 13:38:24 +01:00
Tristan Helmich
e5f353d5cd couchpotato module: init 2017-01-16 12:54:43 +01:00
Antoine Eiche
6c94d6437d nixos/glance: init at liberty version
This commit is based on initial works made by domenkozar.
2016-12-31 09:36:57 +01:00
Tim Digel
81d8a457ed Fix asterisk & asterisk: 13.6.0 -> 14.1.2 (#20788)
* fix/asterisk-module: use unix-group for asterisk-files
* fix/asterisk-module: add configOption to use some default config-files
* fix/asterisk-module: correction of skel copy
* fix/asterisk-module: use /etc/asterisk as configDir
* fix/asterisk-module: add reload; do not restart unit
* asterisk: 13.6.0 -> 14.1.2
* fix/asterisk: compile with lua, pjsip, format_mp3
* fix/asterisk: fix indentation
* fix/asterisk: remove broken flag
2016-12-28 23:04:58 +01:00
Antoine Eiche
415c9ff90b nixos/keystone: init at liberty version
This commit introduces a nixos module for the Openstack Keystone
service. It also provides a optional bootstrap step that creates some
basic initial resources (tenants, endpoints,...).

The provided test starts Keystone by enabling bootstrapping and checks
if user creation works well.

This commit is based on initial works made by domenkozar.
2016-12-16 20:53:32 +01:00
Jörg Thalheim
cc864af928 bird: refactor module
- syntax check before deploying configuration
- remove static unnessary static uid/gid (configuration is opened as root)
- add service hardening
2016-12-15 11:38:45 +01:00
Joachim Fasting
3dcdc2d2b0
privoxy service: remove static uid
The service owns no data, having a static uid serves no purpose.

This frees up uid/gid 32
2016-12-05 13:37:08 +01:00
pngwjpgh
bcc9a6ac75 infinoted service: init
Service module for the dedicated gobby server included in libinfinity
2016-11-27 17:23:21 +01:00
Matthew Daiter
68827cd79a riak-cs: init at 2.1.1
riak-cs: added to all-packages

Added Riak CS nix file to pkgs

Added service file for Riak CS

Removed Erlang_basho specific bindings from the Riak CS repo

riak-cs: changed description

riak-cs: added license

riak-cs: added maintainer

riak_cs: chgned indentations

riak-cs: removed overly complex srcs mechanism

riak-cs: added systemd module

riak-cs: changed Erlang module to Basho-specific version

riak-cs: made modular form

riak-cs: Added a default package in service options

riak-cs: Fixed default package in service options

riak-cs: Patched Makefile

riak_cs: added to module-list

riak_cs: changed from string to actual package in modules

riak-cs: changed example

riak-cs: removed default

riak-cs: changed to defaultText

stanchion: changed default option to defaultText

riak-cs: added defaults; changed types to str
2016-11-21 12:30:11 +01:00
Matthew Daiter
f7c097556b stanchion: init at 2.1.1 2016-11-20 23:17:49 +01:00
Nikolay Amiantov
65f9341370 sane service: add saned support 2016-11-20 19:09:02 +03:00
Maximilian Güntner
7fa157c558
services: Add Interplanetary File System service
Signed-off-by: Maximilian Güntner <code@klandest.in>
2016-11-07 22:01:38 +01:00
Joachim Schiele
47d81ed347 leaps: 0.5.1 + add a service + test 2016-11-06 10:34:42 +01:00
Graham Christensen
6c7a605714
hound: init module 2016-10-15 13:54:59 -04:00
Joachim F
1ddc08a3ac Merge pull request #18452 from bendlas/init-postgrey
postgrey: init at 1.36
2016-09-30 15:31:44 +02:00
Franz Pletz
a6d4ea4c2c
treewide: remove executable flags from .nix files 2016-09-27 22:15:00 +02:00
Herwig Hochleitner
5609fe521d postgrey: init at 1.36 (includes service) 2016-09-27 15:35:02 +02:00
zimbatm
d4c66e2f46 Merge pull request #18694 from bachp/runner-master
gitlab-runner: add package and service
2016-09-26 22:45:39 +01:00
Joachim Fasting
66f50a7631
nixos/ids: remove unused connman uid
The static connman uid is not referenced anywhere in NixOS.
2016-09-25 16:55:27 +02:00
Pascal Bach
de38c1bca0 gitlab-runner service: initial version 2016-09-23 22:39:12 +02:00
Alexander Ried
e52418fd08 monetdb module: remove since it's not packaged 2016-09-19 23:11:13 +02:00
Joachim F
e06ead81bf Merge pull request #18630 from joachifm/unbound-improvements
Unbound service improvements
2016-09-17 10:56:42 +02:00
Joachim Fasting
bf538515b7
nixos/ids: remove static unbound uid 2016-09-15 15:37:20 +02:00
Jörg Thalheim
8fddcad3f9
telegraf: init at 1.0.0
Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
2016-09-14 07:19:55 +02:00
Franz Pletz
5a7e5537aa Merge pull request #18298 from teh/prometheus-service
Prometheus service
2016-09-11 23:18:36 +02:00
Domen Kožar
fed3501b07 Remove docker-registry as it's deprecated #18209 2016-09-09 18:50:42 +02:00
Benjamin Staffin
58869cf310 prometheus service: add
This is based on @benleys work: https://github.com/NixOS/nixpkgs/pull/8216
I updated changed the user and group ids.
2016-09-04 20:03:32 +01:00
Franz Pletz
7c6d253544 mattermost service: init 2016-08-15 04:15:11 +02:00
Paul Hendry
486b8e7f5c Add Terraria server service (#16832) 2016-08-07 03:58:38 +02:00
Shawn Warren
9886c80daa Add gocd agent and server service packages (#16273)
GoCD is an open source continuous delivery server specializing in advanced workflow
modeling and visualization.  Update maintainers list to include swarren83.  Update
module list to include gocd agent and server module.  Update packages list to include
gocd agent and server package.  Update version, revision and checksum for GoCD
release 16.5.0.
2016-07-23 00:29:18 +02:00
cransom
4a9b640f37 smokeping: init at 2.6.11 (#17090)
Includes a module for service setup and a test
to verify functionality of both service and pkg.
2016-07-21 01:07:59 +02:00
Rickard Nilsson
9facb7078b nixos/elasticsearch: Set a group on the user
This fixed a problem I had when running ElasticSearch in an LXC
container, and it doesn't hurt using a dedicated group instead of
nogroup anyway.
2016-07-01 18:21:42 +02:00
Benjamin Saunders
8e47786c0e coturn: init at 4.5.0.3 (#16284) 2016-06-21 12:59:29 +02:00
Joachim Fasting
6fd8e5719b Merge pull request #16108 from pwetzel/squeezelite
Squeezelite package and service init
2016-06-19 20:53:15 +02:00
Joachim Fasting
a53452f3e1
nixos: remove the grsecurity GID
This GID was used to exempt users from Grsecurity's
`/proc` restrictions; we now prefer to rely on
`security.hideProcessInformation`, which uses the `proc` group
for this purpose.  That leaves no use for the grsecurity GID.

More generally, having only a single GID to, presumably, serve as the
default for all of grsecurity's GID based exemption/resriction schemes
would be problematic in any event, so if we decide to enable those
grsecurity features in the future, more specific GIDs should be added.
2016-06-14 03:38:17 +02:00
Phil Wetzel
ccdf386a97 squeezelite service: init 2016-06-11 22:05:07 -04:00
obadz
d18ba0f50d toxvpn: init at 20151111
(Authored by @cleverca22)
2016-05-30 00:21:22 +01:00
Hans-Harro Horn
77f2c305b6 mosquitto service: init
Initial Mosquitto MQTT Broker service file.
2016-05-24 10:49:03 +02:00
Tristan Helmich
36f8b3cad1 nzbget: 16.4 -> 17.0-r1686 and nzbget service 2016-05-13 18:56:39 +02:00
Kranium Gikos Mendoza
356f1bdac8 sniproxy service: init 2016-05-11 13:27:28 +08:00
Tristan Helmich
e48580c083 graylog service: Initial graylog service 2016-04-28 23:27:57 +02:00
Tristan Helmich
c145f6eaa7 emby service: new service 2016-04-23 16:13:53 +02:00
Eric Litak
13577e8785 factorio: headless server module 2016-04-14 23:03:36 -07:00
aszlig
9ed9e268a2
Merge pull request #14476 (taskserver)
This adds a Taskserver module along with documentation and a small
helper tool which eases managing a custom CA along with Taskserver
organisations, users and groups.

Taskserver is the server component of Taskwarrior, a TODO list
application for the command line.

The work has been started by @matthiasbeyer back in mid 2015 and I have
continued to work on it recently, so this merge contains commits from
both of us.

Thanks particularly to @nbp and @matthiasbeyer for reviewing and
suggesting improvements.

I've tested this with the new test (nixos/tests/taskserver.nix) this
branch adds and it fails because of the changes introduced by the
closure-size branch, so we need to do additional work on base of this.
2016-04-15 00:21:49 +02:00
joachifm
245f200dd8 Merge pull request #11987 from angus-g/caddy
Add Caddy and its NixOS module
2016-04-11 09:20:21 +02:00
Joachim Fasting
cef2814a4f nixos: add optional process information hiding
This module adds an option `security.hideProcessInformation` that, when
enabled, restricts access to process information such as command-line
arguments to the process owner.  The module adds a static group "proc"
whose members are exempt from process information hiding.

Ideally, this feature would be implemented by simply adding the
appropriate mount options to `fileSystems."/proc".fsOptions`, but this
was found to not work in vmtests. To ensure that process information
hiding is enforced, we use a systemd service unit that remounts `/proc`
after `systemd-remount-fs.service` has completed.

To verify the correctness of the feature, simple tests were added to
nixos/tests/misc: the test ensures that unprivileged users cannot see
process information owned by another user, while members of "proc" CAN.

Thanks to @abbradar for feedback and suggestions.
2016-04-10 12:27:06 +02:00
Angus Gibson
bb6408ba16 caddy service: initial implementation 2016-04-05 23:45:54 +00:00
aszlig
743993f4be
nixos/ids: Rename uid and add gid for "taskd"
I'm renaming the attribute name for uid, because the user name is called
"taskd" so we should really use the same name for it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-04-05 18:53:31 +02:00
Matthias Beyer
5442f22d05
Add taskserver to ids.nix 2016-04-05 18:53:31 +02:00
Eric Litak
0de2d2fbcd mfi: init at 2.1.11
This package has some outdated dependencies, so old versions of mongodb
and v8 had to be re-added as well.
2016-04-01 02:45:11 -07:00
rnhmjoj
a98a918b10 syncthing: run daemon with dedicated user as default 2016-04-01 01:26:52 +02:00
Joachim Fasting
9bf6e64860 dnscrypt-proxy service: use dynamic uid/gid
The daemon doesn't have any portable data, reserving a
UID/GID for it is redundant.

This frees up UID/GID 151.
2016-03-24 17:14:22 +01:00
Domen Kožar
d43da3c488 Pin hydra-www and hydra-queue-runner uids
hydra user is already pinned, this is needed due to
https://github.com/NixOS/nixpkgs/issues/14148

(cherry picked from commit 0858ece1ad0bd281d2332c40f9fd08005e04a3c5)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-03-23 12:17:18 +00:00
Pascal Wittmann
a491b75523 radicale service: run with dedicated user
This is done in the context of #11908.
2016-03-20 15:50:14 +01:00
Nikolay Amiantov
83ff545bfd mjpg-streamer service: init 2016-03-12 18:53:02 +03:00
Tristan Helmich
17389e256f nntp-proxy service: init 2016-03-03 14:14:19 +01:00
Profpatsch
70c02402c8 networkmanager: fix link-local ip addresses
NetworkManager needs an additional avahi-user to use link-local
IPv4 (and probably IPv6) addresses. avahi-autoipd also needs to be
patched to the right path.
2016-02-26 03:28:56 +01:00
Nikolay Amiantov
53269f1455 octoprint service: init 2016-02-17 17:05:59 +03:00
Nikolay Amiantov
1c8a21dfad Merge branch 'pdnsd-service' of https://github.com/nfjinjing/nixpkgs
Closes #12932
2016-02-16 20:35:01 +03:00
Nikolay Amiantov
39e9b43082 Merge branch 'gammu-smsd' of https://github.com/zohl/nixpkgs into zohl-gammu-smsd
Closes #12998
2016-02-16 19:40:00 +03:00
Cole Mickens
c7571611dc cfdyndns: init at 0.0.1 2016-02-15 12:54:04 -08:00
Al Zohali
7b7cf281d3 gammu-smsd service: init 2016-02-15 00:26:41 +03:00
Jinjing Wang
73b9a9662d pdnsd service: init 2016-02-12 19:53:41 +08:00
Alexander V. Nikolaev
de8dea4821 nixos: add module for rmilter 2016-01-16 15:12:30 +02:00
Alexander V. Nikolaev
14926f08a3 nixos: Add module for rspamd 2016-01-16 15:11:36 +02:00
roblabla
7e10bf4327 matrix-synapse: init at 0.12.0 2016-01-15 15:17:14 +01:00
Mark Laws
e7ba7fba01 gale: init at 1.1happy 2016-01-13 12:00:50 -08:00
Nikolay Amiantov
b4179c5612 nixos/dspam: add module 2016-01-13 13:08:55 +03:00
Nikolay Amiantov
f5efac09aa nixos/opendkim: add module 2016-01-13 13:07:46 +03:00
Nikolay Amiantov
c51d08cf27 nixos/postsrsd: add module 2016-01-13 13:04:12 +03:00
Nikolay Amiantov
d0510febe1 nixos/ejabberd: update service 2016-01-10 21:28:27 +03:00
Jakob Gillich
57d6dfe932 notbit: removed dead package
The Bitmessage protocol v3 became mandatory on 16 Nov 2014 and notbit does not support it, nor has there been any activity in the project repository since then.
2016-01-07 04:39:51 +01:00
Benjamin Staffin
fe8498f609 nixos/mathics: New service and test 2016-01-02 14:34:55 -08:00
zimbatm
c515be4651 networkmanager: set uid/gid for the networkmanager openvpn agent
Fixes #11317
2015-12-08 16:47:56 +00:00
Rodney Lorrimar
b13b9489ad pump.io service: init
Pump.io runs its web server as a standalone service listening on
443. It's also possible to put the service behind a HTTP reverse proxy.
2015-12-06 13:35:21 +00:00
goibhniu
cc63832981 Merge pull request #8758 from fpletz/package/chrony
chrony: 2.1.1 -> 2.2 & service improvements
2015-11-26 13:22:33 +01:00
makefu
0bdc5e269b services/misc/bepasty: init at 2015-10-21
This module implements a way to start one or more bepasty servers.
It supports configuring the listen address of gunicorn and how bepasty
behaves internally.

Configuring multiple bepasty servers provides a way to serve pastes externally
without authentication and provide creating,listing,deleting pastes interally.
nginx can be used to provide access via hostname + listen address.

`configuration.nix`:

    services.bepasty = {
      enable = true;
      servers = {

        internal = {
          defaultPermissions = "admin,list,create,read,delete";
          secretKey = "secret";
          bind = "127.0.0.1:8000";
        };

        external = {
          defaultPermissions = "read";
          bind = "127.0.0.1:8001";
          secretKey = "another-secret";
        };
      };
    };
2015-11-23 22:10:14 +01:00
Jaka Hudoklin
aa4bad4c17 heapster module: init 2015-11-16 16:58:10 +01:00
Franz Pletz
d89f269b26 chrony service: Members of group chrony can use chronyc 2015-11-03 15:07:18 +01:00
Ryan Mulligan
9c22cd380c calibre-server service: init 2015-09-27 20:31:17 -07:00
Matej Cotman
d31cc0d19a xtreemfs: add nixos module 2015-09-22 21:46:52 +02:00
Jaka Hudoklin
80aea0dcfd kibana service: init 2015-09-19 00:33:44 +02:00
William A. Kennington III
c2e4fb29c6 nixos/lxd: Add service 2015-09-13 23:27:31 -07:00
Thomas Strobel
684cd17ff5 dnschain nixos module: init 2015-09-10 18:11:40 +02:00
Thomas Strobel
8db7c14e56 namecoind nixos module: security enhancements 2015-09-10 18:11:40 +02:00
Thomas Strobel
b6fb760484 namecoind nixos module: init 2015-09-08 20:17:52 +02:00
Thomas Bereknyei
cb6dc71599 GateOne: init at 1.2 2015-08-03 11:01:05 -04:00
Benjamin Staffin
ad4c957163 shout service: New module. 2015-08-01 03:36:45 -07:00
Charles Strahan
babb744b71 riak: new nixos service 2015-07-21 09:25:41 -04:00
James Cook
a456168e5b Merge pull request #6702 from joachifm/dnscrypt-proxy
nixos: some improvements for dnscrypt-proxy
2015-07-12 00:17:46 -07:00
Robert Irelan
f64a5dd3f3 subsonic service: init
Add a systemd service and UID/GID for the Subsonic personal media
streamer server (<http://subsonic.org>).
2015-07-05 17:25:42 -07:00
Shea Levy
dd9530c819 Merge remote-tracking branch 'projectorhq/riemann-tools'
Add riemann-tools package and service
2015-07-01 08:45:33 -04:00
Robert Pitts and Trenton Strong
bbb36ea039 Add riemann-tools to nixpkgs
Adds package via bundlerEnv and service for Riemann health.
2015-06-30 17:16:51 -04:00
Edward Tjörnhammar
ed9dc1fd9e nixos: added gitit service 2015-06-28 12:39:52 +02:00
Russell O'Connor
46f06ccde7 uwsgi-service: Add user/group for uwsgi service.
Also add a uwsgi directory under /run (defaulting to /run/uwsgi) where the uwsgi user can place sockets.
2015-06-24 14:48:53 +00:00
Simon Vandel Sillesen
9dab1a840c tvheadend: init at 4.0.4 2015-06-24 13:22:09 +00:00
William A. Kennington III
295846a254 nixos/nix-serve: Run as a separate user and add a signing key parameter 2015-06-17 19:10:39 -07:00
Joachim Fasting
a88a6bc676 nixos: additional hardening for dnscrypt-proxy
- Run as unprivileged user/group via systemd, obviating the need to
  specify capabilities, etc.
- Run with private tmp and minimal device name space
2015-06-12 15:12:33 +02:00
Jaka Hudoklin
2e5dbc4746 Add ripple rest module 2015-06-08 13:48:23 +02:00
Jaka Hudoklin
23504e5bf2 Add skydns module 2015-06-08 13:36:05 +02:00
Jaka Hudoklin
98d5b81dad nixos: add grafana module 2015-06-08 12:13:15 +02:00
Arseniy Seroka
f134150180 Merge pull request #7857 from rushmorem/marathon-module-update
Update Marathon module
2015-05-21 16:52:14 +03:00
rushmorem
b5820a5ebd Update Marathon module
The new module makes it possible to pass extra commandline
arguments to Marathon as well as environment variables.
2015-05-21 15:45:13 +02:00
lassulus
9d07c54fa1 nixos: add bird module
patch bird to look in /var/run for birc.ctl
2015-05-19 15:42:24 +02:00
Stephen Weinberg
a6ebccfbb8 Sane default configuration for sabnzbd module
Added option to set user. Use unpriviledged user by default. Add sane
default for configuration location.
2015-05-05 00:18:22 -04:00
Eelco Dolstra
c0f70b4694 Remove fixed uids for nscd, sshd
These services don't create files on disk, let alone on a network
filesystem, so they don't really need a fixed uid. And this also gets
rid of a warning coming from <= 14.12 systems.
2015-04-19 22:06:45 +02:00
Forkk
079da8cdcd plex: init at 0.9.11.16.958
Added a package and module for Plex Media Server, an application for
managing media collections across multiple devices.
2015-04-17 12:11:30 -05:00
Jonathan Glines
cdb174c18d Added NixOS module for Asterisk server 2015-04-16 17:41:37 -06:00
Nikolay Amiantov
1d6723c085 lambdabot: add nixos service 2015-04-16 13:33:40 +03:00
Joel Moberg
5b075eb400 i2p: add nixos service 2015-04-15 12:52:06 +02:00
Edward Tjörnhammar
7d0ddbd154 nixos: add ihaskell service 2015-04-11 00:09:31 +02:00
William A. Kennington III
b3c423757e nixos/rdnssd: Major refactoring
This updates rdnssd to the following:
* Using the systemd interfaces directly
* Using the rdnssd user instead of the root user
* Integrating with resolvconf instead of writing directly to /etc/resolv.conf
2015-04-04 21:20:07 -07:00
Oliver Matthews
51b06c5865 Add MediaTomb service 2015-03-27 12:45:25 +01:00
Jaka Hudoklin
75169aabc3 Add ripple data api package and nixos service 2015-03-26 20:02:39 +01:00
Joachim Fasting
e9cd877921 nixos: resolve uid/gid conflicts
This patch resolves all uid/gid conflicts except for nobody/nogroup (seems
to make sense that these are the same).
All conflicts where determined mechanically, but resolutions were manual.
This patch also marks uids/gids with no corresponding group/user as "unused"
(aka. reserved).

Briefly,

- tss group conflicts with dhcpcd
  The tss group id conflicts with dhcpcd: assign
  a new number and add a corresponding tss user.
- elasticsearch uid conflicts with haproxy gid
- resolve firebird/munin conflict
- fix fourstorehttp{,d} typo
- fix ghostOne typo: the service module refers to gids.ghostone, so use that
  in ids
- memcached uid conflicts with users gid
- nagios uid conflicts with disks gid
- nscd uid conflicts with wheel gid
- ntp uid conflicts with tty gid
- resolve postfix/postdrop id uid
- redis uid conflicts with keys gid
- sshd uid conflicts with kmem gid
- tcryptd uid conflicts with openldap gid
- unifi uid conflicts with docker gid
- uptimed uid conflicts with utmp gid
- zope2 uid conflicts with connman gid
- tomcat uid/gid mismatch
2015-03-16 09:58:13 +01:00
Nikolay Amiantov
db5b08cfaf nixos/sddm: add display manager 2015-03-05 20:49:26 +03:00
Eelco Dolstra
1002fb6433 Add "input" group
This is required by systemd >= 215.
2015-03-03 20:27:09 +01:00
Eelco Dolstra
8546ec7c74 Fix some uid/gid clashes 2015-03-03 20:26:36 +01:00
tv
86cb16965a exim: add version 4.85 incl. nixos module 2015-02-20 10:49:15 +01:00
rushmorem
74b40e9a43 Add marathon mesos framework 2015-02-19 13:30:00 +02:00
Matej Cotman
8c79a2df63 panamax: new package and service 2015-02-07 15:32:20 +01:00
Ragnar Dahlén
17bd96ea25 apache-kafka: New service for Apache Kafka 2015-01-29 11:10:22 +00:00
Edward Tjörnhammar
837cfbb9ea nixos: adding nylon service with uid,gid 2015-01-14 22:08:47 +01:00
Eelco Dolstra
ae7d79cd61 Fix some bad gids
Issue #3727.
2015-01-05 11:58:17 +01:00
Jaka Hudoklin
1b19b7a3bf Merge pull request #5491 from offlinehacker/cadvisor
Add cadvisor package and nixos module
2014-12-29 17:58:43 +01:00
Domen Kožar
43af22b2de Merge pull request #5487 from luke-clifton/lc-btsync-group
btsync groups
2014-12-28 20:25:13 +01:00
Jaka Hudoklin
b6198f08e3 nixos: add cadvisor service 2014-12-28 20:21:41 +01:00
Luke Clifton
3c8914f94e Changed group id to match user id 2014-12-28 19:47:12 +08:00
Luke Clifton
b625c3dd4b Added group id to ids.nix 2014-12-28 18:10:02 +08:00
Emery Hemingway
01910e84f9 nixos: tox-bootstrapd service 2014-12-20 18:20:27 -05:00
Thomas Hunger
59995e168c nixos: Add gitlab and gitlab-shell
I had to make several adjustments to make it work with nixos:

* Replace relative config file lookups with ENV variable.
* Modify gitlab-shell to not clear then environment when running
  pre-receive.
* Modify gitlab-shell to write some environment variables into
  the .authorized_keys file to make sure gitlab-shell reads the
  correct config file.
* Log unicorn output to syslog.
  I tried various ways of adding a syslog package but the bundler would
  not pick them up. Please fix in a better way if possible.
* Gitlab-runner program wrapper.
  This is useful to run e.g. backups etc. with the correct
  environment set up.
2014-12-12 18:01:29 +01:00
Jaka Hudoklin
b7092dc95c nixos: add fleet module 2014-12-07 21:52:52 +01:00
Austin Seipp
bc10c92377 nixos: overhaul Tor module
This overhauls the Tor module in a few ways:

  - Uses systemd service files, including hardening/config checks
  - Removed old privoxy support; users should use the Tor Browser
    instead.
  - Remove 'fast' circuit/SOCKS port; most users don't care (and it adds
    added complexity and confusion)
  - Added support for bandwidth accounting
  - Removed old relay listenAddress option; taken over by portSpec
  - Formatting, description, code cleanups.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-12-06 05:01:08 -06:00
Jaka Hudoklin
099eabb490 nixos: add chronos service 2014-12-03 15:49:14 +01:00
Jaka Hudoklin
3424ded286 nixos: add peerflix module 2014-12-01 16:42:40 +01:00
Jaka Hudoklin
8c766dcc90 nixos/kubernetes: fix user id 2014-11-29 16:46:39 +01:00
Jaka Hudoklin
2b261c1edf nixos: add kubernetes module 2014-11-29 02:27:17 +01:00
Oliver Charles
891c262e9a Add a NixOS module to run bosun 2014-11-24 14:40:47 +00:00