Commit Graph

1826 Commits

Author SHA1 Message Date
Jörg Thalheim
9aa23e31b3
Merge pull request #80904 from talyz/haproxy-fixes
nixos/haproxy: Revive the haproxy user and group
2020-03-11 22:23:13 +00:00
talyz
bb7ad853fb nixos/haproxy: Revive the haproxy user and group
Running haproxy with "DynamicUser = true" doesn't really work, since
it prohibits specifying a TLS certificate bundle with limited
permissions. This revives the haproxy user and group, but makes them
dynamically allocated by NixOS, rather than statically allocated. It
also adds options to specify which user and group haproxy runs as.
2020-03-11 19:52:37 +01:00
Linus Heckemann
dfc70d37f4
Merge pull request #82252 from mayflower/radius-http2
FreeRADIUS improvements
2020-03-10 16:01:46 +01:00
Linus Heckemann
065716ab95 nixos/freeradius: depend on network.target, not online 2020-03-10 15:54:29 +01:00
Linus Heckemann
0587329191 freeradius: make debug logging optional 2020-03-10 15:54:02 +01:00
Luis Ressel
b19c485b22
nixos/wireguard: Fix typo in error message
generatePrivateKey -> generatePrivateKeyFile
2020-03-06 16:19:23 +01:00
Julien Moutinho
47f27938e7 shorewall: fix RestartTriggers 2020-03-05 00:01:44 +01:00
Thomas Dy
97a61c8903 nixos/nat: fix multiple destination ports with loopback 2020-03-04 18:11:31 +09:00
Andreas Rammhold
ca5048cba4
Merge pull request #79925 from mrkkrp/mk/add-nix-store-gcs-proxy-service
Add nix-store-gcs-proxy service
2020-03-02 16:04:16 +01:00
Mark Karpov
96b472e95d
module/nix-store-gcs-proxy: init 2020-03-02 16:01:14 +01:00
obadz
c31958449f
Merge pull request #77405 from danielfullmer/zerotier-mac-fix
nixos/zerotierone: prevent systemd from changing MAC address
2020-03-01 18:49:00 -07:00
worldofpeace
21c971a732
Merge pull request #81118 from tilpner/gitdaemon-usercreation
nixos/git-daemon: only create git user if it will be used
2020-03-01 13:40:57 +00:00
Jörg Thalheim
9218a58964
nixos/sslh: don't run as nogroup
See #55370
2020-02-28 15:32:36 +00:00
Vladimír Čunát
5f881209f9
nixos/kresd: never force extraFeatures = false
Fixes #81109.  Regressed in PR #78392 (26858063).
2020-02-26 15:10:53 +01:00
tilpner
6df119a6ec
nixos/git-daemon: only create git user if it will be used 2020-02-26 15:04:36 +01:00
Jörg Thalheim
8cfd003295
stubby: configure cache directory
This is needed for local dnssec validation
2020-02-24 10:51:43 +00:00
Lengyel Balazs
50fb52d4e1 fix wireguard service as well after it got upstreamed. 2020-02-22 00:32:15 +01:00
Jörg Thalheim
1ddb140d95
Merge pull request #53033 from netixx/openvswitch-improved-systemd
openvswitch: better integration with systemd
2020-02-21 08:24:49 +00:00
Edward Tjörnhammar
9bab9e2ec6
nixos/i2pd: address #63103
As a comment to 1d61efb7f1
Note that collect returns a list from a set
2020-02-19 13:15:28 +01:00
Julien Moutinho
f9be656873
shorewall: fix warnings due to types.loaOf being deprecated (#80154) 2020-02-16 12:53:49 +02:00
Jörg Thalheim
466c1df3e2
Merge pull request #79266 from Mic92/knot
nixos/knot: add keyFiles option
2020-02-15 11:15:03 +00:00
Jyun-Yan You
0f8d1ac47d nixos/pppd: fix build error 2020-02-14 12:51:50 +08:00
Will Dietz
ac8a92543b
iwd: drop tmpfiles snippet, services use StateDirectory already
Originally added in [1], and iwd added StateDirectory to its services
in [2] -- 4 days later.

("StateDirectory wasn't used when tmpfile snippet was added to NixOS")
(nevermind git -> release delay)

[1] 6e54e9253a
[2] upstream iwd git rev: 71ae0bee9c6320dae0083ed8c1700bc8fff1defb
2020-02-12 19:29:28 -06:00
Jörg Thalheim
e2ef8b439f
knot: add keyFiles option
This useful to include tsig keys using nixops without adding those
world-readable to the nix store.
2020-02-12 16:36:42 +00:00
Jörg Thalheim
88029bce39
knot: drop dynamic user
This makes it hard to include secret files.
Also using tools like keymgr becomes harder.
2020-02-12 16:34:10 +00:00
Martin Milata
d99808c720 nixos/supybot: fix username
Broken in 1d61efb7f1.
2020-02-10 17:56:51 +01:00
Silvan Mosberger
6169eef798
Merge pull request #78024 from wamserma/minidlna-interval
minidlna: provide configuration option for announce interval
2020-02-10 01:25:47 +01:00
Markus S. Wamser
696979e0bc modules/wireguard: fix typo in documentation 2020-02-07 20:54:35 +01:00
Frederik Rietdijk
419bc0a4cd Revert "Revert "Merge master into staging-next""
In 87a19e9048 I merged staging-next into master using the GitHub gui as intended.
In ac241fb7a5 I merged master into staging-next for the next staging cycle, however, I accidentally pushed it to master.
Thinking this may cause trouble, I reverted it in 0be87c7979. This was however wrong, as it "removed" master.

This reverts commit 0be87c7979.
2020-02-05 19:41:25 +01:00
Frederik Rietdijk
0be87c7979 Revert "Merge master into staging-next"
I merged master into staging-next but accidentally pushed it to master.
This should get us back to 87a19e9048.

This reverts commit ac241fb7a5, reversing
changes made to 76a439239e.
2020-02-05 19:18:35 +01:00
Vladimír Čunát
baeed035ea
Merge #78628: knot-resolver: 4.3.0 -> 5.0.1
The service needed lots of changes. A few smaller changes
are added into the PR, e.g. replacement for PR #72014.
See the commit messages for details.
2020-02-05 16:57:02 +01:00
worldofpeace
74e4cb7ea4
Merge pull request #78543 from Atemu/dnscrypt-proxy2-service
nixos/dnscrypt-proxy2: init
2020-02-02 23:02:06 -05:00
Maximilian Bosch
c2d2c2d0ca
Merge pull request #72931 from Ma27/restart-dhcp-on-exit-hook-change
nixos/dhcpcd: restart dhcpcd if exit hook changed
2020-02-02 18:33:34 +01:00
Yegor Timoshenko
92d689d66b nixos/dnscrypt-proxy2: init
This removes the original dnscrypt-proxy module as well.

Co-authored-by: Atemu <atemu.main@gmail.com>
Co-authored-by: Silvan Mosberger <contact@infinisil.com>
Co-authored-by: ryneeverett <ryneeverett@gmail.com>
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2020-02-02 11:11:27 -05:00
Maximilian Bosch
f9bb054180
Merge pull request #78968 from ju1m/nsd_types_lines
nsd : use types.lines where appropriate
2020-02-01 09:51:23 +01:00
Julien Moutinho
1a1e5f7be5 nsd: use types.lines where appropriate 2020-01-31 20:40:48 +01:00
Vladimír Čunát
02bf0557c0
nixos/kresd: add .instances option 2020-01-31 15:22:52 +01:00
Vladimír Čunát
ae74a0e27c
(nixos/)knot-resolver: 4.3.0 -> 5.0.0
Minor incompatibilities due to moving to upstream defaults:
  - capabilities are used instead of systemd.socket units
  - the control socket moved:
    /run/kresd/control -> /run/knot-resolver/control/1
  - cacheDir moved and isn't configurable anymore
  - different user+group names, without static IDs

Thanks Mic92 for multiple ideas.
2020-01-31 15:22:52 +01:00
Vladimír Čunát
0a8fb01b80
nixos/kresd: fix a recent error in description 2020-01-31 15:06:27 +01:00
Aaron Andersen
7adffb14cd
Merge pull request #78419 from utsl42/fix-unifi-install
nixos/unifi: use systemd tmpfiles instead of preStart
2020-01-29 18:55:57 -05:00
worldofpeace
c693bd142c
Merge pull request #78745 from bene1618/dhcpcd
nixos/dhcpcd: Add option for dhcpcd waiting behaviour
2020-01-29 18:08:20 -05:00
Mario Rodas
deedf24c88
Merge pull request #75922 from tadfisher/kbfs-fixes
kbfs, nixos/keybase, nixos/kbfs: fix KBFS, add enableRedirector option
2020-01-28 19:13:40 -05:00
Benedikt Hunger
0767de3dc8 nixos/dhcpcd: Add option for dhcpcd waiting behaviour 2020-01-28 12:52:19 +01:00
Alyssa Ross
e99ec699a4 nixos/bitlbee: don't assign list to users.groups
Warns about loaOf deprecation warning.
2020-01-27 02:51:02 +00:00
Nathan Hawkins
b0208cb80f nixos/unifi: use systemd tmpfiles instead of preStart 2020-01-24 10:06:29 -05:00
Jörg Thalheim
2685806371
nixos/kresd: add listenDoH option 2020-01-23 23:22:37 +00:00
Jörg Thalheim
bfa278ee5a
nixos/knot: set defaultText for package option
the package attributes looks nicer in the manual
2020-01-23 23:17:04 +00:00
Florian Klink
dea2d64c35
Merge pull request #78134 from NinjaTrappeur/nin-harden-syncthing
nixos/syncthing.nix: Sandbox the systemd service.
2020-01-21 22:30:04 +01:00
zimbatm
93204f1d8a
nixos/matterbridge: fix package access
was broken by 4371ecb8a6 due to the
switch to buildGoModule
2020-01-21 13:17:18 +01:00
zimbatm
b54c60b689
nixos/zerotierone: simplify the unit
There is no need to stop/start the unit when the machine is online or
offline.

This should fix the shutdown locking issues.

nixos zerotier: sometimes it doesn't shutdown
2020-01-21 13:14:38 +01:00