Jörg Thalheim
9aa23e31b3
Merge pull request #80904 from talyz/haproxy-fixes
...
nixos/haproxy: Revive the haproxy user and group
2020-03-11 22:23:13 +00:00
talyz
bb7ad853fb
nixos/haproxy: Revive the haproxy user and group
...
Running haproxy with "DynamicUser = true" doesn't really work, since
it prohibits specifying a TLS certificate bundle with limited
permissions. This revives the haproxy user and group, but makes them
dynamically allocated by NixOS, rather than statically allocated. It
also adds options to specify which user and group haproxy runs as.
2020-03-11 19:52:37 +01:00
Linus Heckemann
dfc70d37f4
Merge pull request #82252 from mayflower/radius-http2
...
FreeRADIUS improvements
2020-03-10 16:01:46 +01:00
Linus Heckemann
065716ab95
nixos/freeradius: depend on network.target, not online
2020-03-10 15:54:29 +01:00
Linus Heckemann
0587329191
freeradius: make debug logging optional
2020-03-10 15:54:02 +01:00
Luis Ressel
b19c485b22
nixos/wireguard: Fix typo in error message
...
generatePrivateKey -> generatePrivateKeyFile
2020-03-06 16:19:23 +01:00
Julien Moutinho
47f27938e7
shorewall: fix RestartTriggers
2020-03-05 00:01:44 +01:00
Thomas Dy
97a61c8903
nixos/nat: fix multiple destination ports with loopback
2020-03-04 18:11:31 +09:00
Andreas Rammhold
ca5048cba4
Merge pull request #79925 from mrkkrp/mk/add-nix-store-gcs-proxy-service
...
Add nix-store-gcs-proxy service
2020-03-02 16:04:16 +01:00
Mark Karpov
96b472e95d
module/nix-store-gcs-proxy: init
2020-03-02 16:01:14 +01:00
obadz
c31958449f
Merge pull request #77405 from danielfullmer/zerotier-mac-fix
...
nixos/zerotierone: prevent systemd from changing MAC address
2020-03-01 18:49:00 -07:00
worldofpeace
21c971a732
Merge pull request #81118 from tilpner/gitdaemon-usercreation
...
nixos/git-daemon: only create git user if it will be used
2020-03-01 13:40:57 +00:00
Jörg Thalheim
9218a58964
nixos/sslh: don't run as nogroup
...
See #55370
2020-02-28 15:32:36 +00:00
Vladimír Čunát
5f881209f9
nixos/kresd: never force extraFeatures = false
...
Fixes #81109 . Regressed in PR #78392 (26858063
).
2020-02-26 15:10:53 +01:00
tilpner
6df119a6ec
nixos/git-daemon: only create git user if it will be used
2020-02-26 15:04:36 +01:00
Jörg Thalheim
8cfd003295
stubby: configure cache directory
...
This is needed for local dnssec validation
2020-02-24 10:51:43 +00:00
Lengyel Balazs
50fb52d4e1
fix wireguard service as well after it got upstreamed.
2020-02-22 00:32:15 +01:00
Jörg Thalheim
1ddb140d95
Merge pull request #53033 from netixx/openvswitch-improved-systemd
...
openvswitch: better integration with systemd
2020-02-21 08:24:49 +00:00
Edward Tjörnhammar
9bab9e2ec6
nixos/i2pd: address #63103
...
As a comment to 1d61efb7f1
Note that collect returns a list from a set
2020-02-19 13:15:28 +01:00
Julien Moutinho
f9be656873
shorewall: fix warnings due to types.loaOf being deprecated ( #80154 )
2020-02-16 12:53:49 +02:00
Jörg Thalheim
466c1df3e2
Merge pull request #79266 from Mic92/knot
...
nixos/knot: add keyFiles option
2020-02-15 11:15:03 +00:00
Jyun-Yan You
0f8d1ac47d
nixos/pppd: fix build error
2020-02-14 12:51:50 +08:00
Will Dietz
ac8a92543b
iwd: drop tmpfiles snippet, services use StateDirectory already
...
Originally added in [1], and iwd added StateDirectory to its services
in [2] -- 4 days later.
("StateDirectory wasn't used when tmpfile snippet was added to NixOS")
(nevermind git -> release delay)
[1] 6e54e9253a
[2] upstream iwd git rev: 71ae0bee9c6320dae0083ed8c1700bc8fff1defb
2020-02-12 19:29:28 -06:00
Jörg Thalheim
e2ef8b439f
knot: add keyFiles option
...
This useful to include tsig keys using nixops without adding those
world-readable to the nix store.
2020-02-12 16:36:42 +00:00
Jörg Thalheim
88029bce39
knot: drop dynamic user
...
This makes it hard to include secret files.
Also using tools like keymgr becomes harder.
2020-02-12 16:34:10 +00:00
Martin Milata
d99808c720
nixos/supybot: fix username
...
Broken in 1d61efb7f1
.
2020-02-10 17:56:51 +01:00
Silvan Mosberger
6169eef798
Merge pull request #78024 from wamserma/minidlna-interval
...
minidlna: provide configuration option for announce interval
2020-02-10 01:25:47 +01:00
Markus S. Wamser
696979e0bc
modules/wireguard: fix typo in documentation
2020-02-07 20:54:35 +01:00
Frederik Rietdijk
419bc0a4cd
Revert "Revert "Merge master into staging-next""
...
In 87a19e9048
I merged staging-next into master using the GitHub gui as intended.
In ac241fb7a5
I merged master into staging-next for the next staging cycle, however, I accidentally pushed it to master.
Thinking this may cause trouble, I reverted it in 0be87c7979
. This was however wrong, as it "removed" master.
This reverts commit 0be87c7979
.
2020-02-05 19:41:25 +01:00
Frederik Rietdijk
0be87c7979
Revert "Merge master into staging-next"
...
I merged master into staging-next but accidentally pushed it to master.
This should get us back to 87a19e9048
.
This reverts commit ac241fb7a5
, reversing
changes made to 76a439239e
.
2020-02-05 19:18:35 +01:00
Vladimír Čunát
baeed035ea
Merge #78628 : knot-resolver: 4.3.0 -> 5.0.1
...
The service needed lots of changes. A few smaller changes
are added into the PR, e.g. replacement for PR #72014 .
See the commit messages for details.
2020-02-05 16:57:02 +01:00
worldofpeace
74e4cb7ea4
Merge pull request #78543 from Atemu/dnscrypt-proxy2-service
...
nixos/dnscrypt-proxy2: init
2020-02-02 23:02:06 -05:00
Maximilian Bosch
c2d2c2d0ca
Merge pull request #72931 from Ma27/restart-dhcp-on-exit-hook-change
...
nixos/dhcpcd: restart dhcpcd if exit hook changed
2020-02-02 18:33:34 +01:00
Yegor Timoshenko
92d689d66b
nixos/dnscrypt-proxy2: init
...
This removes the original dnscrypt-proxy module as well.
Co-authored-by: Atemu <atemu.main@gmail.com>
Co-authored-by: Silvan Mosberger <contact@infinisil.com>
Co-authored-by: ryneeverett <ryneeverett@gmail.com>
Co-authored-by: worldofpeace <worldofpeace@protonmail.ch>
2020-02-02 11:11:27 -05:00
Maximilian Bosch
f9bb054180
Merge pull request #78968 from ju1m/nsd_types_lines
...
nsd : use types.lines where appropriate
2020-02-01 09:51:23 +01:00
Julien Moutinho
1a1e5f7be5
nsd: use types.lines where appropriate
2020-01-31 20:40:48 +01:00
Vladimír Čunát
02bf0557c0
nixos/kresd: add .instances option
2020-01-31 15:22:52 +01:00
Vladimír Čunát
ae74a0e27c
(nixos/)knot-resolver: 4.3.0 -> 5.0.0
...
Minor incompatibilities due to moving to upstream defaults:
- capabilities are used instead of systemd.socket units
- the control socket moved:
/run/kresd/control -> /run/knot-resolver/control/1
- cacheDir moved and isn't configurable anymore
- different user+group names, without static IDs
Thanks Mic92 for multiple ideas.
2020-01-31 15:22:52 +01:00
Vladimír Čunát
0a8fb01b80
nixos/kresd: fix a recent error in description
2020-01-31 15:06:27 +01:00
Aaron Andersen
7adffb14cd
Merge pull request #78419 from utsl42/fix-unifi-install
...
nixos/unifi: use systemd tmpfiles instead of preStart
2020-01-29 18:55:57 -05:00
worldofpeace
c693bd142c
Merge pull request #78745 from bene1618/dhcpcd
...
nixos/dhcpcd: Add option for dhcpcd waiting behaviour
2020-01-29 18:08:20 -05:00
Mario Rodas
deedf24c88
Merge pull request #75922 from tadfisher/kbfs-fixes
...
kbfs, nixos/keybase, nixos/kbfs: fix KBFS, add enableRedirector option
2020-01-28 19:13:40 -05:00
Benedikt Hunger
0767de3dc8
nixos/dhcpcd: Add option for dhcpcd waiting behaviour
2020-01-28 12:52:19 +01:00
Alyssa Ross
e99ec699a4
nixos/bitlbee: don't assign list to users.groups
...
Warns about loaOf deprecation warning.
2020-01-27 02:51:02 +00:00
Nathan Hawkins
b0208cb80f
nixos/unifi: use systemd tmpfiles instead of preStart
2020-01-24 10:06:29 -05:00
Jörg Thalheim
2685806371
nixos/kresd: add listenDoH option
2020-01-23 23:22:37 +00:00
Jörg Thalheim
bfa278ee5a
nixos/knot: set defaultText for package option
...
the package attributes looks nicer in the manual
2020-01-23 23:17:04 +00:00
Florian Klink
dea2d64c35
Merge pull request #78134 from NinjaTrappeur/nin-harden-syncthing
...
nixos/syncthing.nix: Sandbox the systemd service.
2020-01-21 22:30:04 +01:00
zimbatm
93204f1d8a
nixos/matterbridge: fix package access
...
was broken by 4371ecb8a6
due to the
switch to buildGoModule
2020-01-21 13:17:18 +01:00
zimbatm
b54c60b689
nixos/zerotierone: simplify the unit
...
There is no need to stop/start the unit when the machine is online or
offline.
This should fix the shutdown locking issues.
nixos zerotier: sometimes it doesn't shutdown
2020-01-21 13:14:38 +01:00