nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-24 05:44:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
386,988 Commits 190 Branches 125 Tags 6.4 GiB
3b8a162680
Commit Graph

2839 Commits

Author SHA1 Message Date
Tom
3b8a162680 tailscale: ignore tailscale link when using networkd 2022-06-21 13:23:28 -07:00
Robert Hensing
e2c261f2c0
Merge pull request #176146 from pennae/module-docs-markdown 
treewide: markdown option docs
 2022-06-21 13:16:02 +02:00
Maximilian Bosch
fd2a89b983
nixos/wpa_supplicant: don't log that wpa_supplicant.conf is ignored with allowAuxiliaryImperativeNetworks = true 
The warning is wrong with `allowAuxiliaryImperativeNetworks`[1] being
set to `true` because both files are included in this case with `-c` and
`-I`.

[1] https://nixos.org/manual/nixos/stable/options.html#opt-networking.wireless.allowAuxiliaryImperativeNetworks
 2022-06-12 17:07:36 +02:00
pennae
320aa2a791 treewide: attempt at markdown option docs 2022-06-12 12:44:38 +02:00
Timothy DeHerrera
ec4e23d4e9
Merge pull request #171155 from cab404/wg-quick-files 
nixos/wg-quick: added support for configuration files
 2022-06-11 22:00:45 -07:00
Soham Sen
feff6ddbe7 expressvpn: init at 3.25.0.13 2022-06-11 17:10:33 +05:30
cab
8de1e9e2f8
nixos/wg-quick: added support for configuration files 2022-06-07 01:28:50 +04:00
pennae
e21c4d67d5 nixos/unifi: change deprecated default for openFirewall 
this was deprecated 6 months ago in unstable for removal in 22.11,
so now seems like a good point to change the default.
 2022-06-03 15:59:41 +02:00
Aaron Andersen
18a07645e5
Merge pull request #174959 from MoritzBoehme/openconnect-auto-start 
nixos/openconnect: add autoStart option
 2022-05-31 23:05:25 -04:00
Moritz Böhme
106bfcaf8a
nixos/openconnect: add autoStart option 2022-05-27 17:41:03 +02:00
Sandro
7fa8d8b2e2
Merge pull request #153481 from Tchekda/submit/bird-lg 2022-05-25 18:20:58 +02:00
pennae
023e25264c
Merge pull request #172983 from pennae/mosquitto-bind-interface 
nixos/mosquitto: add bind_interface listener option, fix assertion messages
 2022-05-23 10:53:08 +00:00
Martin Weinelt
05232d19b6
Merge pull request #163220 from fleaz/init-r53_ddns 2022-05-22 17:08:55 +02:00
Francesco Gazzetta
6bb9d0ce3b nixos/zeronet: fix systemd after 2022-05-21 17:46:28 -04:00
Francesco Gazzetta
183e391256 nixos/zeronet: add package option 2022-05-21 17:46:28 -04:00
David Tchekachev
0f63bd3ba8
nixos/bird-lg: init 2022-05-20 15:44:00 +03:00
Jörg Thalheim
e56ae50ed9
Merge pull request #173109 from Mic92/upterm 
nixos/upterm: additional hardening
 2022-05-19 20:16:13 +01:00
Niklas Hambüchen
23aee34b6f
Merge pull request #171264 from NixOS/nebula-always-restart 
nixos/nebula: Always restart
 2022-05-19 14:05:49 +02:00
Anillc
6958412083
nixos/frr: add extraOptions option 
Support passing options to daemons. For example, bgpd needs '-M rpki' to
enable rpki functions.
 2022-05-19 16:02:47 +08:00
Silvan Mosberger
26ab617a10
Merge pull request #172393 from mweinelt/openssh/sntrup761x25519-sha512-kexmethod 
nixos/openssh: Add sntrup761x25519-sha512 kexAlgo
 2022-05-18 12:03:00 +02:00
Lassulus
a976121d57
Merge pull request #165474 from jian-lin/fix-wireguard-systemd-unit-dependency 
nixos/wireguard: fix dependencies on network-related targets
 2022-05-18 11:16:25 +02:00
Robert Schütz
ae758a85d7 nixos/radicale: give access to /dev/urandom 
A git command was failing in the test with

    error: unable to get random bytes for temporary file: Operation not permitted
    error: unable to create temporary file: Operation not permitted
    error: .Radicale.lock: failed to insert into database
    error: unable to index file '.Radicale.lock'
 2022-05-17 22:23:57 +02:00
github-actions[bot]
f10256fb7a
Merge master into staging-next 2022-05-16 12:02:51 +00:00
Sandro
6c0dc6d621
nixos/ddclient: turn verbose off by default 
verbose is a debugging setting one step noisier than debug and should only be turned on when debugging because it leaks quite some credentials and tokens in the journalctl.
 2022-05-16 01:49:08 +02:00
pennae
c1115d37ff nixos/mosquitto: fix attribute path display in assertions 2022-05-15 10:33:38 +02:00
pennae
2145dbc4fc nixos/mosquitto: add missing listener option bind_interface 
we expose it under settings instead of at the listener toplevel because
mosquitto seems to pick the addresses it will listen on
nondeterministically from the set of addresses configured on the
interface being bound to. encouraging its use by putting it into the
toplevel options for a listener seems inadvisable.
 2022-05-15 10:33:38 +02:00
Jörg Thalheim
eefafb54ef
nixos/upterm: additional hardening 
Before:
$ ps aux | grep upterm
root     2575046  0.0  0.0 1085080 6968 ?        Ssl  07:03   0:00 /nix/store/ci97r1lqx4128w75k7dcsw82j5bl0n3g-upterm-0.8.2/bin/uptermd --ssh-addr [::]:2323 --private-key ssh_host_ed25519_key

After
$ ps aux | grep upterm
uptermd  2832993  0.4  0.0 1158812 6856 ?        Ssl  07:08   0:00 /nix/store/ci97r1lqx4128w75k7dcsw82j5bl0n3g-upterm-0.8.2/bin/uptermd --ssh-addr [::]:2323 --private-key ssh_host_ed25519_key
 2022-05-15 09:57:52 +02:00
github-actions[bot]
bcb22e9a7b
Merge master into staging-next 2022-05-13 18:01:23 +00:00
Georg Haas
18ffb9690c
nixos/uptermd: init 2022-05-13 17:44:44 +02:00
Martin Weinelt
fa7ce6bc7f
nixos/openssh: Add sntrup761x25519-sha512 kexAlgo 
Introduced in OpenSSH 9.0 it became the part of the default kexAlgorithm
selection, visibile in sshd_config(5).

It is also enabled by default in the OpenSSH client, as can be seen from

$ ssh -Q KexAlgorithms

Also clarifies that we use the referenced documents as the lower bound,
given that they haven't been updated for 5-7y.
 2022-05-10 23:20:54 +02:00
github-actions[bot]
27575e98ee
Merge staging-next into staging 2022-05-09 12:08:45 +00:00
Janne Heß
e6fb1e63d1
Merge pull request #171650 from helsinki-systems/feat/config-systemd-package 
treewide: pkgs.systemd -> config.systemd.package
 2022-05-09 10:23:04 +02:00
github-actions[bot]
31938a3f5c
Merge staging-next into staging 2022-05-09 00:03:28 +00:00
Ivan Kozik
9db1d1782b nixos/tinc: unbreak the service 
The user is actually tinc.${network}, as Mic92 points out in
https://github.com/NixOS/nixpkgs/pull/171703#discussion_r867506032

Sorry, I broke this in https://github.com/NixOS/nixpkgs/pull/171703 earlier.

coreutils 9.1 chown does not complain in this case with a valid dotted user.
 2022-05-08 16:04:20 +00:00
github-actions[bot]
00e5877c2f
Merge staging-next into staging 2022-05-07 00:02:47 +00:00
Sandro
d21ebc62bf
Merge pull request #170851 from danderson/danderson/ts-warn-rpf 
nixos/tailscale: warn if strict reverse path filtering is in use.
 2022-05-06 23:21:50 +02:00
github-actions[bot]
ad713fb84e
Merge staging-next into staging 2022-05-06 12:02:39 +00:00
Yureka
96aaf29234
Revert "Merge pull request #164398 from NinjaTrappeur/nin/pleroma-wrappers" 
This reverts commit 05417a66e7, reversing
changes made to 53e4f8d237.
 2022-05-06 12:38:28 +02:00
github-actions[bot]
4c4d0d6bc3
Merge staging-next into staging 2022-05-06 06:02:20 +00:00
Rick van Schijndel
32bebf42ea
Merge pull request #171703 from ivan/chown-colon 
treewide: chown user:group instead of user.group to fix warnings from coreutils 9.1
 2022-05-06 07:20:40 +02:00
David Anderson
3fdac0f981 nixos/tailscale: warn if strict reverse path filtering is in use. 
Tailscale uses policy routing to enable certain traffic to bypass
routes that lead into the Tailscale mesh. NixOS's reverse path
filtering setup doesn't understand the policy routing at play,
and so incorrectly interprets some of this traffic as spoofed.

Since this only breaks some features of Tailscale, merely warn
users about it, rather than make it a hard error.

Updates tailscale/tailscale#4432

Signed-off-by: David Anderson <dave@natulte.net>
 2022-05-05 18:28:48 -07:00
Sandro
b9e7f61c72
Merge pull request #171747 from danderson/danderson/tailscale-getent 
nixos/tailscale: add glibc to PATH.
 2022-05-06 03:10:00 +02:00
Sandro
e5e30371bc
Merge pull request #170210 from danderson/danderson/restart-tailscaled 
nixos/tailscale: use systemctl restart during activation.
 2022-05-06 03:09:01 +02:00
David Anderson
67b1fac192 nixos/tailscale: add glibc to PATH. 
For some features, tailscaled uses getent(1) to get the shell
of OS users. getent(1) is in the glibc derivation. Without this
derivation in the path, tailscale falls back to /bin/sh for all
users.

Signed-off-by: David Anderson <dave@natulte.net>
 2022-05-05 17:09:27 -07:00
Ivan Kozik
59a76614f3 treewide: chown user:group instead of user.group to fix warnings from coreutils 9.1 2022-05-05 22:05:18 +00:00
Janne Heß
57cd07f3a9
treewide: pkgs.systemd -> config.systemd.package 
This ensures there is only one systemd package when e.g. testing the
next systemd version.
 2022-05-05 20:00:31 +02:00
LuoChen
e4b942eccf wg-quick: fix postUp always generated issue 2022-05-05 16:08:46 +08:00
Daniel Fullmer
ad38a2a646 nixos/ssh: remove empty host key files before generating new ones 
In a previous PR [1], the conditional to generate a new host key file
was changed to also include the case when the file exists, but has zero
size. This could occur when the system is uncleanly powered off shortly
after first boot.

However, ssh-keygen prompts the user before overwriting a file. For
example:

$ touch hi
$ ssh-keygen -f hi
Generating public/private rsa key pair.
hi already exists.
Overwrite (y/n)?

So, lets just try to remove the empty file (if it exists) before running
ssh-keygen.

[1] https://github.com/NixOS/nixpkgs/pull/141258
 2022-05-03 22:09:43 -07:00
fleaz
8b250ec5af
nixos/r53-ddns: init 2022-05-04 00:16:18 +02:00
Matthieu Coudron
5114d91cd8
Merge pull request #169802 from NinjaTrappeur/nin/prosody012 2022-05-03 11:04:17 +02:00