Commit Graph

439 Commits

Author SHA1 Message Date
Joachim Fasting
2c5775b141 i2p service: use mkEnableOption 2015-08-09 02:29:35 +02:00
lethalman
076e90c67a Merge pull request #9150 from tomberek/gateone_setup
gateone: Fix startup
2015-08-08 15:35:08 +02:00
Thomas Bereknyei
6b280b648f kippo: fix check for pidPath 2015-08-07 01:01:22 -04:00
Thomas Bereknyei
825b8403a2 Check for pidDir and create 2015-08-07 00:43:29 -04:00
Anders Papitto
4f7819b89c dnsmasq restarts if /etc/hosts file is changed by nixos-rebuild 2015-08-05 03:36:19 -07:00
Thomas Bereknyei
cb6dc71599 GateOne: init at 1.2 2015-08-03 11:01:05 -04:00
Benjamin Staffin
ad4c957163 shout service: New module. 2015-08-01 03:36:45 -07:00
Thomas Tuegel
e5a93ab201 Revert "nixos/quassel: Temporarily switch back to qt4 since qt5 tls in quassel is broken"
This reverts commit c61d048427.
2015-07-30 21:24:11 -05:00
Eelco Dolstra
a5b83c3573 sshd: Use RSA and ED25519 host keys
Closes #7939.
2015-07-27 20:30:10 +02:00
William A. Kennington III
abc7c1b013 nixos/firewall: Add the ability to specify additional packages for extraCommands 2015-07-26 16:33:03 -07:00
Eelco Dolstra
f64589b2ef firewall: Don't depend on ipset
NixOS doesn't use it, so no reason to include it.
2015-07-26 22:45:39 +02:00
Tobias Geerinckx-Rice
078ee4ac55 copy-com: 1.47.0410 -> 3.2.01.0481 + several fixes
The graphical UI (the largest part of this package) never worked; fixed.

Added myself as a maintainer.
2015-07-25 04:39:02 +02:00
lethalman
636f9ac0ed Merge pull request #8799 from ryantm/master
heyefi service: init
2015-07-24 10:11:26 +02:00
tv
1306c11b94 bitlbee service: fix typo 2015-07-16 02:43:27 +02:00
Ryan Mulligan
9d485d9433 heyefi service: make uploadDir path more generic and a string 2015-07-14 06:56:30 -07:00
Ryan Mulligan
d11edff860 heyefi service: use mkEnableOption 2015-07-14 06:54:51 -07:00
Ryan Mulligan
d6cee31b04 heyefi service: init 2015-07-14 06:42:02 -07:00
Eelco Dolstra
7b38cb699d services.openssh.knownHosts.*.publicKey: Update description and add example
Note that it's no longer allowed to have multiple public keys
separated by a newline.
2015-07-13 16:21:57 +02:00
tv
baab714b2e charybdis service: fix preStart script 2015-07-13 15:11:18 +02:00
Leroy Hopson
2e49828d9c firefox sync-server service: make path to paster executable absolute
The systemd service was ignoring ExecStart because the path to the
paster executable was not absolute. Because ExecStart was ignored, the
service would not start.
2015-07-12 20:43:52 +12:00
James Cook
a456168e5b Merge pull request #6702 from joachifm/dnscrypt-proxy
nixos: some improvements for dnscrypt-proxy
2015-07-12 00:17:46 -07:00
Pascal Wittmann
1e4483b1ec nixos/bitlbee: fixed protocols option 2015-07-08 19:30:20 +02:00
Pascal Wittmann
c0de3b306b nixos/bitlbee: add hostname, config dir and protocols options 2015-07-08 19:14:36 +02:00
Arseniy Seroka
7e7371fe3c Merge pull request #8639 from sjmackenzie/zerotierone
zerotier-one: service add
2015-07-08 02:15:14 +03:00
Stewart Mackenzie
5297371b95 zerotier-one: service add 2015-07-07 07:11:44 +08:00
William A. Kennington III
c61d048427 nixos/quassel: Temporarily switch back to qt4 since qt5 tls in quassel is broken 2015-07-05 16:53:42 -07:00
Arseniy Seroka
093a8994f9 Merge pull request #8624 from ambrop72/minidlna-update
minidlna 1.1.4
2015-07-04 13:59:32 +03:00
Pascal Wittmann
2fd9d56f51 nixos/skydns: fixed reference to skydns 2015-07-04 09:43:28 +02:00
Ambroz Bizjak
42a5ad5c5e minidlna: 1.0.25 -> 1.1.4
Changes:
- gettext is needed to build
- Switched to using non-legacy ffmpeg.
- Removed ffmpeg stuff from include path since it causes build errors related to
a time.h header.
- Removed unneeded patch.
- Adjusted NixOS service due to the binary being renamed.
2015-07-04 09:16:28 +02:00
Simon Vandel Sillesen
9dab1a840c tvheadend: init at 4.0.4 2015-06-24 13:22:09 +00:00
William A. Kennington III
6532863ac4 unifi: 3.2.10 -> 4.6.3 2015-06-23 10:09:44 -07:00
Arseniy Seroka
cf44a27fc4 fix argument in mkEnableOption 2015-06-21 18:21:21 +03:00
William A. Kennington III
295846a254 nixos/nix-serve: Run as a separate user and add a signing key parameter 2015-06-17 19:10:39 -07:00
Eelco Dolstra
6e6a96d42c Some more type cleanup 2015-06-15 18:18:46 +02:00
Eelco Dolstra
19ffa212af types.uniq types.int -> types.int
types.int already implies uniqueness.
2015-06-15 18:11:32 +02:00
Eelco Dolstra
c738b309ee types.uniq types.bool -> types.bool 2015-06-15 18:10:26 +02:00
Eelco Dolstra
9366af1b94 "types.uniq types.string" -> "types.str" 2015-06-15 18:08:49 +02:00
Joachim Fasting
ffc6275e55 dnscrypt-proxy service: support custom providers
The primary use-case is private DNSCrypt providers.

Also rename the `port` option to differentiate it from the
`customResolver.port` option.
2015-06-12 15:12:33 +02:00
Joachim Fasting
8131065b63 dnscrypt-proxy service: use mkEnableOption 2015-06-12 15:12:33 +02:00
Joachim Fasting
2e8bc2bd5c nixos: cosmetic improvements to dnscrypt-proxy service module
Remove superflous whitespace & comments
2015-06-12 15:12:33 +02:00
Joachim Fasting
a88a6bc676 nixos: additional hardening for dnscrypt-proxy
- Run as unprivileged user/group via systemd, obviating the need to
  specify capabilities, etc.
- Run with private tmp and minimal device name space
2015-06-12 15:12:33 +02:00
Joachim Fasting
823bb5dd4d nixos: implement socket-activation for dnscrypt-proxy
The socket definition is derived from upstream with the
exception that it does not depend on network.target, as
this creates a cycle between basic.target and sockets.target.

The apparmor profile has been updated to account for additional
runtime dependencies introduced by enabling systemd support.
2015-06-12 15:12:33 +02:00
Joachim Fasting
dfe20de782 nixos: permit dnscrypt-proxy service to read basic user/group info
If nscd is not running, dnscrypt-proxy crashes without read access
to /etc/{password,group,nsswitch.conf}.
2015-06-12 15:12:30 +02:00
William A. Kennington III
b79a5e812a nixos/quassel: Use qt5 instead of qt4
This really speeds up building quassel daemon since qt5 can be built in
parallel while qt4 cannot.
2015-06-08 15:37:34 -07:00
Jaka Hudoklin
c9da002a07 nixos/consul: fix consul alerts enable 2015-06-08 13:41:43 +02:00
Jaka Hudoklin
23504e5bf2 Add skydns module 2015-06-08 13:36:05 +02:00
Timofey Lagutin
714377f8dc bittorrentsync: fix storage_path.
If this path is a symlink, btsync won't be able to read it if it's not ending with "/".

As seen in f02d4ec9ed
Broken in 0539ed4771
2015-06-05 18:39:01 +03:00
Mateusz Kowalczyk
1113efec5e Merge pull request #7559 from offlinehacker/openvswitch/ipsec
openvswitch: ipsec support
2015-05-26 11:26:02 +01:00
Mateusz Kowalczyk
a35e1ddfb2 Merge pull request #7566 from offlinehacker/nixos/node-docker-registry/module
nixos: add node docker registry server
2015-05-26 11:07:22 +01:00
lethalman
aff1c293ef Merge pull request #7998 from dezgeg/pr-ddclient-ssl
ddclient: Set SSL_CERT_FILE environment variable
2015-05-26 10:25:47 +02:00
Tuomas Tynkkynen
2966068968 ddclient: Set SSL_CERT_FILE environment variable
Otherwise connection to SSL hosts fails like this:

May 26 06:44:05 kbuilder ddclient[17084]: WARNING:  cannot connect to dynamicdns.park-your-domain.com:443 socket:
    IO::Socket::IP configuration failed SSL connect attempt failed with unknown error
    error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2015-05-26 06:45:25 +03:00
Peter Simons
50fa9d8eea Merge pull request #7941 from peti/allow-custom-ssh-moduli-file
nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH
2015-05-22 20:51:42 +02:00
Peter Simons
86d299bc6e nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH
The man page for ssh-keygen(1) has a section "MODULI GENERATION" that describes
how to generate your own moduli file. The following script might also be helpful:

 | #! /usr/bin/env bash
 |
 | moduliFiles=()
 |
 | generateModuli()
 | {
 |   ssh-keygen -G "moduli-$1.candidates" -b "$1"
 |   ssh-keygen -T "moduli-$1" -f "moduli-$1.candidates"
 |   rm "moduli-$1.candidates"
 | }
 |
 | for (( i=0 ; i <= 16 ; ++i )); do
 |   let bitSize="2048 + i * 128"
 |   generateModuli "$bitSize" &
 |   moduliFiles+=( "moduli-$bitSize" )
 | done
 | wait
 |
 | echo >moduli "# Time Type Tests Tries Size Generator Modulus"
 | cat >>moduli "${moduliFiles[@]}"
 | rm "${moduliFiles[@]}"

Note that generating moduli takes a long time, i.e. several hours on a fast
machine!

This patch resolves https://github.com/NixOS/nixpkgs/pull/5870.
2015-05-22 16:28:45 +02:00
William A. Kennington III
31a273cb14 nixos/tinc: users are system users 2015-05-21 20:11:13 -07:00
William A. Kennington III
4ed8cdc3d4 nixos/bird: Fix doc compilation 2015-05-20 18:53:54 -07:00
lassulus
9d07c54fa1 nixos: add bird module
patch bird to look in /var/run for birc.ctl
2015-05-19 15:42:24 +02:00
Arseniy Seroka
946e7dca61 Merge pull request #7842 from dezgeg/pr-nix-serve
nix-serve: Add nixos module
2015-05-14 22:44:43 +03:00
Tuomas Tynkkynen
fd8cb1ff2d nix-serve: Add nixos module
This allows sharing the Nix store of the machine as a binary cache
simply by setting 'services.nix-serve.enable = true'.
2015-05-14 12:27:28 +03:00
Eelco Dolstra
fc8011ad8d Ensure that nscd, sshd are created as system users
c0f70b4694 removed the fixed uid
assignment, but then it becomes necessary to set isSystemUser.

http://hydra.nixos.org/build/22182588
2015-05-13 16:23:36 +02:00
William A. Kennington III
2806491cc4 nixos/consul: Add shell for health checks 2015-05-11 17:44:07 -07:00
William A. Kennington III
b6e26aa8df nixos/consul: Support a config directory for health checks 2015-05-11 16:45:04 -07:00
William A. Kennington III
1938dc9b54 nixos/consul: Remove the joinNodes and joinRetries options as they are now built in consul options 2015-05-11 16:27:53 -07:00
Arseniy Seroka
c0727fb751 Merge pull request #7788 from Lassulus/charybdis
add charybdis nixos module
2015-05-11 12:57:58 +03:00
lassulus
304cab2b46 add charybdis nixos module 2015-05-11 11:38:53 +02:00
William A. Kennington III
074c4a7f78 Merge remote-tracking branch 'upstream/master' into staging 2015-05-07 01:44:49 -07:00
Stephen Weinberg
a6ebccfbb8 Sane default configuration for sabnzbd module
Added option to set user. Use unpriviledged user by default. Add sane
default for configuration location.
2015-05-05 00:18:22 -04:00
Vladimír Čunát
30f31c9afc Merge 'master' into staging
(relatively simple conflicts)
2015-04-26 22:52:08 +02:00
Jaka Hudoklin
ff095f5002 nixos: add node docker registry server 2015-04-25 16:16:34 +02:00
Emery Hemingway
34f1c39fe0 nixos: fix cjdns json config
filter extraneous attributes from config modules
2015-04-25 09:40:44 -04:00
Jaka Hudoklin
b5114de4ac nixos: add racoon ipsec IKE deamon 2015-04-25 15:31:27 +02:00
Luca Bruno
db3b86560f GNOME 3.16.1, closes #7357 2015-04-25 12:02:33 +02:00
Edward Tjörnhammar
4ea47155af Merge pull request #7498 from k0ral/sslh
sslh: argument to -F can no longer be separated from the option by a space
2015-04-23 21:35:46 +02:00
Oliver Matthews
a498b28322 wait for filesystem before starting btsync; bump to latest package version 2015-04-23 13:09:34 +00:00
koral
88ce17b6e1 sslh: argument to -F can no longer be separated from the option by a space 2015-04-21 16:29:25 +00:00
Nicolas B. Pierron
7585d42d2b Fix #7354 - Accept _module attributes added to every submodule. 2015-04-20 23:58:32 +02:00
Nikolay Amiantov
0f5d5f9d12 lambdabot: add named pipe for incoming commands 2015-04-20 18:56:48 +03:00
Eelco Dolstra
c0f70b4694 Remove fixed uids for nscd, sshd
These services don't create files on disk, let alone on a network
filesystem, so they don't really need a fixed uid. And this also gets
rid of a warning coming from <= 14.12 systems.
2015-04-19 22:06:45 +02:00
Tobias Geerinckx-Rice
1f513c21f9 Merge pull request #7461 from dezgeg/pr-ddclient-unit-type
ddclient: Fix capitalization of systemd unit keys
2015-04-19 15:27:21 +02:00
Tuomas Tynkkynen
e7843efe12 ddclient: Fix incorrectly capitalized systemd unit key
This avoids the following warning:

Apr 19 10:53:48 xen systemd[1]: [/nix/store/...-unit-ddclient.service/ddclient.service:19] Unknown lvalue 'type' in section 'Service'

As `Type=simple` is the default in systemd, the assignment to the
service type can be simply dropped.
2015-04-19 15:58:34 +03:00
Jonathan Glines
cdb174c18d Added NixOS module for Asterisk server 2015-04-16 17:41:37 -06:00
Eelco Dolstra
a0f69df10e dnsmasq: Add some types 2015-04-16 19:13:26 +02:00
Nikolay Amiantov
1d6723c085 lambdabot: add nixos service 2015-04-16 13:33:40 +03:00
Joel Moberg
5b075eb400 i2p: add nixos service 2015-04-15 12:52:06 +02:00
Nicolas B. Pierron
3eef61a6eb NixOS Manual: Do not use unfree packages as default value. 2015-04-08 23:14:19 +02:00
Arseniy Seroka
e52e160190 Merge pull request #7215 from cwoac/btsync2
Add support for btsync 2.x branch
2015-04-06 18:50:05 +03:00
Oliver Matthews
0539ed4771 Add support for btsync 2.x branch 2015-04-06 15:31:40 +00:00
William A. Kennington III
b3c423757e nixos/rdnssd: Major refactoring
This updates rdnssd to the following:
* Using the systemd interfaces directly
* Using the rdnssd user instead of the root user
* Integrating with resolvconf instead of writing directly to /etc/resolv.conf
2015-04-04 21:20:07 -07:00
Nikolay Amiantov
16f047a60f nixos/networkmanager: support l2tp 2015-03-29 13:09:02 +03:00
Jan Malakhovski
5c6d86540b nixos: use types.enum instead of ad-hoc check in sshd service 2015-03-26 12:43:42 +00:00
Arseniy Seroka
ff22e19fc4 Merge pull request #6893 from hrdinka/nsd-config-options
nsd: Fix automatic config options
2015-03-23 13:19:29 +03:00
Edward Tjörnhammar
664592561d nixos: added aiccu service 2015-03-20 22:01:35 +01:00
Christoph Hrdinka
d3a2edb8ce nsd: Fix automatic config options 2015-03-19 12:10:55 +01:00
Christoph Hrdinka
6db8155e37 nsd: Update from 4.1.0 -> 4.1.1 2015-03-18 21:01:35 +01:00
lethalman
359bc60ec8 Merge pull request #6448 from eduarrrd/ddclient
ddclient module: fix module
2015-03-17 12:38:12 +01:00
lethalman
fe79bf34a5 Merge pull request #6512 from bjornfor/nixos-haproxy-cleanup
nixos/haproxy: remove broken default 'config'
2015-03-11 16:29:06 +01:00
Eelco Dolstra
d31202fba2 sshd: Enable seccomp sandboxing 2015-03-09 11:27:19 +01:00
Nikita Mikhailov
579159c72b Add dispatcher configuration options to NetworkManager module 2015-03-08 20:24:53 +01:00
William A. Kennington III
9ce0c1cb71 nixos/consul: Fix timeout bugs and json formatting 2015-02-25 15:42:43 -08:00
William A. Kennington III
f27fa79aa9 nixos/dnsmasq: Fix service name typo 2015-02-25 09:22:16 -08:00
Eduard Bachmakov
4bf66ba89c ddclient module: fix module
* rewrite to systemd.services
* disable forking to give systemd better control
* verifiably run as ddclient user
* expose ssl option
* unset default value for dyndns server
* rename option "web" to "use" to be consistent with ddclient docs
* add descriptions
* add types to options
* clean up formatting
2015-02-23 22:37:20 -05:00