nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-29 16:24:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
694,498 Commits 199 Branches 125 Tags 7.1 GiB
1f08575e3a
Commit Graph

4220 Commits

Author SHA1 Message Date
Anthony Roussel
46044101f3 nixos/gns3-server: fix ubridge_path 2024-09-23 20:46:17 +02:00
github-actions[bot]
9a6f63ebed
Merge master into staging-next 2024-09-23 18:04:34 +00:00
Daniel Nagy
201d35822e
nixos/nar-serve: remove with lib; (#343472) 2024-09-23 15:40:56 +02:00
figboy9
56f8f810ae nixos/veilid: fix description link 2024-09-23 13:30:38 +09:00
github-actions[bot]
6bb2408295
Merge master into staging-next 2024-09-22 12:05:17 +00:00
Weijia Wang
84cd38f778
globalprotect-openconnect: add core logic and packages for 2.x releases (#316526) 2024-09-22 12:07:33 +02:00
Felix Singer
421d1b8974 nixos/{redmine,murmur}: Add Felix Singer as maintainer 
I'm maintaining the associated packages. So it makes sense to add myself
to their modules as well.

Signed-off-by: Felix Singer <felixsinger@posteo.net>
 2024-09-22 08:35:08 +02:00
Rahul Rameshbabu
b08d6a664f
globalprotect-openconnect: remove deprecated 1.x package 
The 1.x iteration of globalprotect-openconnect is no longer being
developed. Remove related components from nixpkgs.

Signed-off-by: Rahul Rameshbabu <sergeantsagara@protonmail.com>
 2024-09-21 10:20:21 -07:00
github-actions[bot]
d3ae261fc3
Merge master into staging-next 2024-09-21 12:05:16 +00:00
Daniel Nagy
608bd15ce5
nixos/i2pd: remove with lib; 2024-09-21 12:45:00 +02:00
Sandro
a2fe2c872a
tailscale: only autoconnect after backend is up (#338210) 2024-09-21 11:27:18 +02:00
Daniel Nagy
991fd5f462 nixos/yggdrasil: add nagy as maintainer 2024-09-21 06:30:54 +00:00
Daniel Nagy
cb7635612e nixos/yggdrasil: remove with lib; 2024-09-21 06:30:54 +00:00
github-actions[bot]
754402a237
Merge staging-next into staging 2024-09-21 00:13:41 +00:00
Ryan Horiguchi
c26ca03c4d nixos/dnsmasq: remove deprecated option "extraConfig" 2024-09-20 22:44:16 +02:00
K900
d8a54461fc Merge remote-tracking branch 'origin/staging-next' into staging 2024-09-20 07:27:56 +03:00
rnhmjoj
7efc956510
Revert "nixos/wireless: link config to /etc by default" 
This reverts commit 89eb93dc3f.

It broken setups where /etc/wpa_supplicant.conf is configured
imperatively and reloading of the service on configuration changes.
 2024-09-19 16:36:34 +02:00
github-actions[bot]
b638e02a58
Merge staging-next into staging 2024-09-18 00:13:59 +00:00
h7x4
f954d6185c
wstunnel: exclude TLS arguments when enableHTTPS is false (#342203) 2024-09-17 21:30:58 +02:00
K900
87cbfcba1c Merge remote-tracking branch 'origin/staging-next' into staging 2024-09-17 21:07:02 +03:00
Michele Guerini Rocco
e3191b8ded
nixos/dhcpcd: harden and run as unprivileged user (#336988) 2024-09-17 19:21:11 +02:00
K900
1047f0a6bf nixos/hostapd: set default channel to auto 
The current default, 7, is, to put it nicely, absolutely ridiculous.

On 2.4 GHz, the only channels you should use are 1, 6 and 11, because
every other channel overlaps one of those and causes interference.

On 5/6 GHz, channel 7 does not exist at all.

Also, it's 2024, most things will support automatic channel selection,
and those that don't will likely need extra care to support prehistoric
hardware anyway.
 2024-09-17 19:07:47 +03:00
Raymond Douglas
e868bfa5b1
wstunnel: exclude TLS arguments when enableHTTPS is false 2024-09-16 14:27:42 -07:00
Felix Buehler
4cbff7e5d4 nixos/services.cloudflared: fix filterConfig 2024-09-16 20:47:07 +02:00
Sandro
fd3ddb6b60
dnscrypt-wrapper: remove package and NixOS modules (#341838) 2024-09-16 11:25:30 +02:00
rnhmjoj
234b7541be
dhcpcd: move database to /var/lib 2024-09-16 08:07:56 +02:00
rnhmjoj
b447fd58c7
nixos/dhcpcd: harden and run as unprivileged user 2024-09-16 08:07:55 +02:00
rnhmjoj
aff5d1d523
nixos/dhcpcd: remove ntpd workaround 
This workaround for NTP daemons has been there for 12 years and is most
likely not needed anymore.
 2024-09-16 08:07:55 +02:00
rnhmjoj
a432668acf
dhcpcd: disable privsep by default 
The priviledge separation mode has several downsides:

  - it's incompatible with alternative memory allocators, including
    graphene-hardened;

  - it needs an unreleased patch to fix a crash;

  - it results in none less than 6 subprocesses running at any time,
    increasing the memory usage;

  - the privileged process (albeit not doing any networking related
    tasks) is still running as root, so it has complete access to the
    system.

Let's disable this by default and instead run dhcpcd as an unpriviledge
user with only the necessary capabilities.
 2024-09-16 01:23:54 +02:00
azahi
94c62f5036
nixos/networking.firewall: fix refactor regression 
This fixes a regression that was introduced in #335631
 2024-09-16 01:10:55 +03:00
Masum Reza
a5cfe01240
nixos/shairport-sync: Add pulse group also for pipewire (#341172) 2024-09-15 23:39:57 +05:30
misuzu
2505777e0c nixos/netbird: remove misuzu as maintainer 2024-09-15 12:57:13 +00:00
Felix Buehler
1cd7970bb8 nixos/services.matterbridge: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
252e9bb1e7 nixos/services.lxd-image-server: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
2e30f07cc0 nixos/services.logmein-hamachi: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
196a14a174 nixos/services.lldpd: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
0d57426bae nixos/services.lambdabot: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
081c71df4b nixos/services.keybase: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
f3bb24eb64 nixos/services.jotta-cli: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
6c50168c7c nixos/services.jitsi-videobridge: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
fee0a07c28 nixos/services.jigasi: remove with lib; 2024-09-15 10:43:57 +02:00
Felix Buehler
0cca8e9756 nixos/services.jicofo: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
050c81941d nixos/services.ivpn: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
aa27551b00 nixos/services.iodine: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
b610b3cac2 nixos/services.inadyn: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
f69dd2df9a nixos/services.i2p: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
49224ecc3b nixos/services.htpdate: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
9ceab680a6 nixos/services.haproxy: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
f30e72ffbb nixos/services.hans: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
a811ef8255 nixos/services.gobgpd: remove with lib; 2024-09-15 10:43:56 +02:00
Felix Buehler
90a98fc103 nixos/services.go-shadowsocks2: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
2ec70782ab nixos/services.go-neb: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
9ca9ac0b51 nixos/services.go-autoconfig: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
3e72e14a6d nixos/services.gnunet: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
7a65f58698 nixos/services.globalprotect: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
878c5dc6eb nixos/services.gitDaemon: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
0b865525e8 nixos/services.gdomap: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
d0901224e1 nixos/services.gateone: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
191b68cd26 nixos/services.frr: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
fdcec053e6 nixos/services.frp: remove with lib; 2024-09-15 10:43:55 +02:00
Felix Buehler
7cc95389d1 nixos/services.freeradius: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
a49fa6ee3b nixos/services.freenet: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
688b08939c nixos/services.flannel: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
00d0e3ba98 nixos/networking.firewall: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
e915ced804 nixos/networking.firewall.nftables: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
15edaa6e16 nixos/networking.firewall.iptables: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
f12d3df878 nixos/services.fireqos: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
17f8650ace nixos/services.ferm: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
abc0a6e035 nixos/services.expressvpn: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
19e88959ef nixos/services.eternal-terminal: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
6233a59db3 nixos/services.epmd: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
a09250d8ab nixos/services.envoy: remove with lib; 2024-09-15 10:43:54 +02:00
Felix Buehler
aa2c039ab0 nixos/services.ejabberd: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
e59cdc8e99 nixos/services.doh-proxy-rust: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
504abe12d1 nixos/services.dnsmasq: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
3a05a07ef7 nixos/services.dnsdist: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
56576f90e3 nixos/services.dnscache: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
630754ae20 nixos/networking.dhcpcd: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
8681b42c62 nixos/services.ddclient: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
657cd334e6 nixos/services.dante: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
4589149299 nixos/services.create_ap: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
7fcd972c94 nixos/services.coturn: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
bd2d5c89ce nixos/services.corerad: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
c4bbbbbb10 nixos/services.coredns: remove with lib; 2024-09-15 10:43:53 +02:00
Felix Buehler
6c6b5e7f80 nixos/services.consul: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
5438332690 nixos/services.cntlm: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
5506afac27 nixos/services.cloudflared: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
14f2d0a94b nixos/services.cloudflare-dyndns: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
a3c69c111e nixos/services.clatd: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
742185f18c nixos/services.cjdns: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
f6077c6bcd nixos/services.chisel-server: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
87c989da08 nixos/services.cgit: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
8e6795a029 nixos/services.blocky: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
939ba8a2c3 nixos/services.blockbook-frontend: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
d9c47dac16 nixos/services.bitlbee: remove with lib; 2024-09-15 10:43:52 +02:00
Felix Buehler
416649cbe6 nixos/services.birdwatcher: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
c666e7b2dd nixos/services.bird-lg: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
9ce866bc9b nixos/services.bind: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
42facf73b7 nixos/services.biboumi: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
6bf37cd201 nixos/services.bee: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
7da36d70ff nixos/services.babeld: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
eb8d4ed264 nixos/services.avahi: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
d861803952 nixos/services.autossh: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
06032d6956 nixos/services.atftpd: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
681161adb6 nixos/services.asterisk: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
d63146859b nixos/services.amule: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
46dc82d477 nixos/services.alice-lg: remove with lib; 2024-09-15 10:43:51 +02:00
Felix Buehler
b1bbe81c8d nixos/services.adguardhome: remove with lib; 2024-09-15 10:43:50 +02:00
Felix Buehler
02bb53fbc3 nixos/services._3proxy: remove with lib; 2024-09-15 10:43:50 +02:00
figboy9
ca5cb00a4c nixos/veilid: format with nixfmt-rfc-style 2024-09-15 10:37:36 +09:00
figboy9
a01561ab26 nixos/veilid: add a description of options 2024-09-15 10:35:52 +09:00
rnhmjoj
016f6f9f58
dnscrypt-wrapper: remove package and NixOS modules 2024-09-14 17:22:48 +02:00
figboy9
16002b1628 fix systemd service based on veilid package 2024-09-14 18:25:26 +09:00
figboy9
55a594468a change dataDir 2024-09-14 18:20:01 +09:00
figboy9
0ea2046bc5 make opening the firewall optional 2024-09-14 18:15:14 +09:00
figboy9
318014034a reduce options 2024-09-14 18:03:02 +09:00
Michael Hoang
d25d241e38
Update nixos/modules/services/networking/tailscale.nix 
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
 2024-09-12 23:06:23 +10:00
Aaron Andersen
768f41fcf0
Revert "nixos/openvpn: add extraArgs option" (#341223) 2024-09-12 06:34:16 -04:00
Michele Guerini Rocco
b94f259714
nixos/wireless: reimplement secrets using ext_password_backend (#180872) 2024-09-11 19:58:36 +02:00
Aaron Andersen
45dd09667f
Revert "nixos/openvpn: add extraArgs option" 2024-09-11 12:59:03 -04:00
ghpzin
5ab2ff7a7a
nixos/quorum: update geth flags 
- upstream commit changing ws args:
c989bca173
- upstream commit changing minerthreads arg:
f0998415ba
 2024-09-11 13:25:32 +03:00
John Titor
1c7e6a2de9
nixos/shairport-sync: Add pulse group also for pipewire 
Works according to https://github.com/mikebrady/shairport-sync/issues/1171

From 0e4664b497
 2024-09-11 15:21:14 +05:30
Aaron Andersen
7398438255
nixos/openvpn: add extraArgs option (#339016) 2024-09-10 19:36:32 -04:00
h7x4
c2090cb303
wstunnel: the ping frequency can now also be configured for the server (#339232) 2024-09-10 10:27:42 +02:00
r-vdp
342b5a8b85
sshd: fix shellcheck warnings in prestart script 2024-09-08 12:24:00 +02:00
Naïm Favier
6840ba251c
nixos/networkmanager: set up /etc/ipsec.secrets as required by the L2TP plugin 
The networkmanager-l2tp plugin expects /etc/ipsec.secrets to include /etc/ipsec.d/ipsec.nm-l2tp.secrets;
see https://github.com/NixOS/nixpkgs/issues/64965

In order for this to continue working if the strongswan module is
enabled, we use `"ipsec.secrets".text` instead of `.source` so that the
configurations of both modules are concatenated.
 2024-09-07 17:28:25 +02:00
Gabriel Fontes
13f6e6da35
nixos/matterbridge: add services.matterbridge.package option 2024-09-06 17:07:41 -03:00
Sachi King
361fde84f9 Revert "nixos/firewall: fix reverse path check failures with IPsec" 
The inclusion of the "meta ipsec" rule in the default reverse path
filtering breaks systems not built with specific XFRM kernel config
options.  Specifically CONFIG_XFRM must be set, which gets selected
by CONFIG_NFT_XFRM, which is hidden behind CONFIG_XFRM_USER.

These options are not selected by default in most defconfig's provided
by the kernel with the exception of some device-specific defconfigs.

These options are not set by the nix kernel common_config, and I would
argue that IPSec support does not belong in a minimal kernel as that
elevates its support status above other in-kernel VPN interfaces.

The contributor of this feature does not seem interested in working
towards a solution that does not break systems running kernels built
with "autoModules = false" while supporting this feature, and as this
silently breaks firewalls into an insecure state and poses an immediate
security issue I propose this be reverted until a solution that does not
break such systems is proposed.
https://github.com/NixOS/nixpkgs/pull/310857#discussion_r1742834970

Devices used as firewalls, if they do not have the required kernel
config, will fail to load the new firewall rules and will upon boot pass
traffic without any filtering into the internal network.

Devices exposed directly to the internet, after reboot, will boot
without filtering potentially exposing services not intended to be
exposed to the internet, such as databases.

The following platforms in nixpkgs appear to be impacted:
 - pc_simplekernel
 - pogoplug4
 - sheevaplug
 - zero-gravitas
 - zero-sugar
 - utilite
 - guruplug
 - beaglebone
 - fuloong2f_n32

References to hardware without autoModules can be found in
nixos-hardware, as well as in active third-party repos on github.

I suspect there are other users impacted that do not have their configurations
public, as autoModules = true leads to long compile times when targeting
kernels to less standard hardware or hardware with quirks that require
patches that cannot be upstreamed.

This reverts commit 3c12ef3f21.
 2024-09-04 11:51:15 +10:00
r-vdp
20291241fd
wstunnel: the ping frequency can now also be configured for the server 
See: https://github.com/erebe/wstunnel/pull/338
 2024-09-03 10:38:43 +02:00
Pol Dellaiera
930e12b9e8
nixos/services.openssh: remove with lib; (#339092) 2024-09-03 10:18:32 +02:00
Assistant
8119ec6478 nixos/syncplay: add missing options 
Exposes all currently available command-line arguments that were
missing, including some that were impossible to use with the catch-all
option `extraArgs` alone, requiring changes to other parts of the
system.
Those are now all self-contained in the module.
The service now uses systemd's `DynamicUsers`.
 2024-09-02 22:26:11 -04:00
Felix Buehler
5f8696e39c nixos/services.openssh: remove with lib; 2024-09-02 22:31:36 +02:00
Aaron Andersen
5e8cc27962 nixos/openvpn: add extraArgs option 2024-09-02 09:49:02 -04:00
Felix Buehler
97070a2ea6 nixos/services.libreswan: remove with lib; 2024-08-30 23:01:18 +02:00
Felix Buehler
92f17f012d nixos/services.kresd: remove with lib; 2024-08-30 23:01:16 +02:00
Felix Buehler
5960372742 nixos/services.kea: remove with lib; 2024-08-30 23:00:56 +02:00
Felix Buehler
717fa0dea5 nixos/services.dnscrypt-wrapper: remove with lib; 2024-08-30 23:00:56 +02:00
Michael Hoang
185948bd01 tailscale: only autoconnect after backend is up 
Previously, if this service started before the backend is up,
`StatusText` would be empty leading to the service trying to run
`tailscale up` even if this device is already logged in.
 2024-08-30 01:27:40 +10:00
Philip Taron
f26f92db9a
nixos/services.mosquitto: remove with lib; (#338022) 2024-08-28 15:05:19 -07:00
Felix Buehler
481df957a6 nixos/services.mosquitto: remove with lib; 2024-08-28 22:53:06 +02:00
Florian Klink
c8912137a3
wstunnel: 9.7.4 -> 10.0.1 (#335185) 2024-08-28 10:56:59 +02:00
Herwig Hochleitner
98ce61be57
nixos/smokeping: do homedir management with systemd.tmpfiles (#332050) 
- ensures that everything in /var/lib/smokeping belongs to the service
- add nginx user to smokeping group, instead of allowing world to cd
  into somkeping homedir
 2024-08-27 14:37:34 +02:00
Emily
1162c1ed62
{tvheadend,antennas}: drop (#336395) 2024-08-27 02:47:56 +01:00
Maciej Krüger
00f536f650
Merge pull request #310857 from rnhmjoj/pr-firewall 
nixos/firewall: fix reverse path check failures with IPsec
 2024-08-25 15:06:49 +02:00
rnhmjoj
89eb93dc3f
nixos/wireless: link config to /etc by default 
This links the generated configuration to /etc/wpa_supplicant.conf
unless `allowAuxiliaryImperativeNetworks`. In the latter case the
file in /etc should be writable and the generated one remains only
in the Nix store.
 2024-08-22 21:46:05 +02:00
Emily
a565cfeac3 antennas: drop 2024-08-22 15:51:27 +01:00
Emily
6fa5767e07 tvheadend: drop 
Closes: #332259
 2024-08-22 15:51:27 +01:00
r-vdp
6cac9e409c
wstunnel: reformat with nixfmt 2024-08-21 10:46:04 +02:00
Jörg Thalheim
c43e67f69b
Merge pull request #335344 from Mic92/harmonia 
nixos/harmonia: switch to non-deprecated SIGN_KEY_PATHS
 2024-08-21 07:01:22 +02:00
Emily
25bdc22ac8
Merge pull request #334495 from Sigmanificient/liboop 
{liboop,lsh}: drop
 2024-08-20 19:02:29 +01:00