Commit Graph

13347 Commits

Author SHA1 Message Date
Silvan Mosberger
8f2109cda4
Merge pull request #81945 from Infinisil/hostFiles
Introduce `networking.hostFiles` option
2020-03-12 15:56:30 +01:00
Léo Gaspard
06bdfc5e32
Merge pull request #82185 from matt-snider/master
ankisyncd, nixos/ankisyncd: init at 2.1.0
2020-03-12 11:47:42 +01:00
lewo
cbb21b2a8a
Merge pull request #81214 from buckley310/updateDelay
NixOS/auto-upgrade: Add optional randomized delay
2020-03-12 09:06:32 +01:00
Graham Christensen
10f625b3d2
Merge pull request #81402 from mmilata/firejail-example
nixos/firejail: add example for wrappedBinaries
2020-03-11 20:28:35 -04:00
Jörg Thalheim
154f9e1bd9
Merge pull request #82340 from nyanloutre/vsftpd_pam_fix
nixos/vsftpd: fix missing default pam_service_name
2020-03-11 22:29:43 +00:00
Jörg Thalheim
9aa23e31b3
Merge pull request #80904 from talyz/haproxy-fixes
nixos/haproxy: Revive the haproxy user and group
2020-03-11 22:23:13 +00:00
Maximilian Bosch
b7cdb64ac2
treewide: remove myself from a few packages I don't use anymore 2020-03-11 22:29:30 +01:00
nyanloutre
7ab00c48d8
nixos/vsftpd: fix missing default pam_service_name
9458ec4 removed the ftp pam service which was used by default by vsftpd
2020-03-11 21:15:47 +01:00
talyz
bb7ad853fb nixos/haproxy: Revive the haproxy user and group
Running haproxy with "DynamicUser = true" doesn't really work, since
it prohibits specifying a TLS certificate bundle with limited
permissions. This revives the haproxy user and group, but makes them
dynamically allocated by NixOS, rather than statically allocated. It
also adds options to specify which user and group haproxy runs as.
2020-03-11 19:52:37 +01:00
Silvan Mosberger
fc2b132c94
Merge pull request #82326 from mmilata/rename-fix-module-path
nixos: fix module paths in rename.nix
2020-03-11 19:35:40 +01:00
Martin Milata
d08ede042b nixos: fix module paths in rename.nix 2020-03-11 15:59:22 +01:00
Edward Tjörnhammar
b155a62dad nixos/lightdm-tiny-greeter: init module 2020-03-11 08:12:35 +00:00
Jan Tojnar
6bba9428d9
Merge pull request #81431 from jtojnar/malcontent-0.6
malcontent: 0.4.0 → 0.6.0
2020-03-11 04:08:59 +01:00
Jan Tojnar
31dd8332bc
nixos/malcontent: init 2020-03-10 23:30:20 +01:00
Matt Snider
acba458b7e nixos/ankisyncd: init at 2.1.0 2020-03-10 22:45:33 +01:00
Aaron Andersen
641b94bdd0 nixos/mysql: add settings and configFile options 2020-03-10 15:15:11 -04:00
Linus Heckemann
dfc70d37f4
Merge pull request #82252 from mayflower/radius-http2
FreeRADIUS improvements
2020-03-10 16:01:46 +01:00
Linus Heckemann
065716ab95 nixos/freeradius: depend on network.target, not online 2020-03-10 15:54:29 +01:00
Linus Heckemann
0587329191 freeradius: make debug logging optional 2020-03-10 15:54:02 +01:00
adisbladis
6fcce60fd5
Merge pull request #82139 from adisbladis/switch-to-configuration-manual
switch-to-configuration: Add new option X-OnlyManualStart
2020-03-10 11:17:33 +00:00
adisbladis
db6c94304f
switch-to-configuration: Add new option X-OnlyManualStart
This is to facilitate units that should _only_ be manually started and
not activated when a configuration is switched to.

More specifically this is to be used by the new Nixops deploy-*
targets created in https://github.com/NixOS/nixops/pull/1245 that are
triggered by Nixops before/after switch-to-configuration is called.
2020-03-09 11:28:07 +00:00
zimbatm
cc90ececa7
environment.etc: fix typo 2020-03-09 12:01:41 +01:00
Florian Klink
dceec409cc nixos/cage: move ConditionPathExists to service config
It doesn't belong into [Service]:
> Unknown key name 'ConditionPathExists' in section 'Service', ignoring.
2020-03-09 00:47:49 +01:00
Dmitry Kalinkin
93745d243b
Merge pull request #79488 from danielfullmer/zoneminder-1.34.2
zoneminder: 1.32.3 -> 1.34.3
2020-03-07 13:25:17 -05:00
Daniel Fullmer
cb5da4eacb nixos/zoneminder: update on startup if needed 2020-03-07 12:59:39 -05:00
Silvan Mosberger
4f69262c19
Merge pull request #81369 from mweinelt/pr/acme-chmod
nixos/acme: apply chmod and ownership unconditionally
2020-03-07 03:24:46 +01:00
Silvan Mosberger
64ee425a01
nixos/cjdns: Fix connectTo example rendering 2020-03-07 02:01:41 +01:00
Silvan Mosberger
1906320e68
nixos/cjdns: Don't use IFD for extra hosts 2020-03-07 02:01:19 +01:00
Silvan Mosberger
ec6e4db6e4
nixos/networking: Add hostFiles option
When blocklists are built with a derivation, using extraHosts would
require IFD, since the result of the derivation needs to be converted to
a string again.

By introducing this option no IFD is needed for such use-cases, since
the fetched files can be assigned directly.
2020-03-07 01:53:31 +01:00
Lancelot SIX
74c0ce5376
Merge pull request #81907 from atlaua/lr/wg-typo
nixos/wireguard: Fix typo in error message
2020-03-06 22:43:32 +01:00
Luis Ressel
b19c485b22
nixos/wireguard: Fix typo in error message
generatePrivateKey -> generatePrivateKeyFile
2020-03-06 16:19:23 +01:00
Jörg Thalheim
391b7b31d8
Merge pull request #81891 from emilazy/nginx-use-mozilla-tls-config
nixos/nginx: use Mozilla Intermediate TLS configuration
2020-03-06 14:30:28 +00:00
Jörg Thalheim
87ae01e70b
Merge pull request #81752 from alexbakker/fix-55221
uwsgi: use pyhome instead of pythonpath for uwsgi vassals
2020-03-06 13:16:26 +00:00
Emily
4ed98d69ed nixos/nginx: use Mozilla Intermediate TLS configuration
The configuration at https://ssl-config.mozilla.org/#server=nginx&config=intermediate
is reliably kept up-to-date in terms of security and compatible with a
wide range of clients. They've probably had more care and thought put
into them than our defaults, and will be easier to keep updated in
the future.

The only removed (rather than changed) configuration option here is
ssl_ecdh_curve, per https://github.com/mozilla/server-side-tls/issues/189.

Resolves #80952.
2020-03-06 13:08:56 +00:00
Silvan Mosberger
dc70633913
Merge pull request #81774 from ju1m/shorewall_fix_RestartTriggers
shorewall: fix RestartTriggers
2020-03-06 11:58:35 +01:00
Martin Milata
421a18f42b nixos/prometheus-mikrotik-exporter: init 2020-03-06 10:39:05 +01:00
Martin Milata
e7ed7901a8 nixos/prometheus-mail-exporter: misc fixes
- Fix misspelled option. mkRenamedOptionModule is not used because the
   option hasn't really worked before.
 - Add missing cfg.telemetryPath arg to ExecStart.
 - Fix mkdir invocation in test.
2020-03-06 01:44:05 +01:00
Martin Milata
3b5cf35e8b nixos/prometheus-mail-exporter: fix assertion
The assertion was printed when user explicitly defined only the
configFile option.
2020-03-06 01:44:05 +01:00
Martin Milata
2a080ac434 nixos/prometheus-snmp-exporter: fix assertion
The assertion was printed when user explicitly defined only the
configurationPath option.
2020-03-06 01:43:20 +01:00
Martin Milata
87f87fb3e9 nixos/prometheus-snmp-exporter: update log options
The allowed values have changed in bd3319d28c.

0.15:
      --log.level="info"        Only log messages with the given severity or above. Valid levels: [debug, info, warn, error, fatal]
      --log.format="logger:stderr"
                                Set the log target and format. Example: "logger:syslog?appname=bob&local=7" or "logger:stdout?json=true"

0.17:
      --log.level=info          Only log messages with the given severity or above. One of: [debug, info, warn, error]
      --log.format=logfmt       Output format of log messages. One of: [logfmt, json]
2020-03-06 01:43:20 +01:00
Martin Milata
0ac24ccf2a nixos/prometheus-*-exporter: escape shell args 2020-03-06 01:43:20 +01:00
David Guibert
bbc2cd89ef users.groups.disnix instead of a list
related to #63103.
2020-03-05 09:08:40 +01:00
Julien Moutinho
47f27938e7 shorewall: fix RestartTriggers 2020-03-05 00:01:44 +01:00
Alexander Bakker
7bbf7fa693 uwsgi: use pyhome instead of pythonpath for uwsgi vassals 2020-03-04 20:20:32 +01:00
Silvan Mosberger
b38344b54c
Merge pull request #81708 from yegortimoshenko/acme-fullchain-force-symlink
nixos/acme: force symlink from fullchain.pem to cert.pem
2020-03-04 19:33:39 +01:00
Michele Guerini Rocco
481a4e938e
Merge pull request #81597 from thatsmydoing/multiport-nat
nixos/nat: fix multiple destination ports with loopback
2020-03-04 19:12:25 +01:00
Jörg Thalheim
bbbf224c7d
Merge pull request #81610 from Mic92/zfs
nixos/zfs: continue trimming also if one pool fails
2020-03-04 11:44:57 +00:00
Maximilian Bosch
7f9131f260
Merge pull request #81405 from NinjaTrappeur/nin-networkd-policy-rules
nixos/networkd: add RoutingPolicyRules-related options
2020-03-04 12:29:29 +01:00
Yegor Timoshenko
c32da2ed9c nixos/acme: force symlink from fullchain.pem to cert.pem
Co-authored-by: emily <vcs@emily.moe>
2020-03-04 12:52:12 +03:00
Thomas Dy
97a61c8903 nixos/nat: fix multiple destination ports with loopback 2020-03-04 18:11:31 +09:00