Commit Graph

3247 Commits

Author SHA1 Message Date
Naïm Favier
dc1e00bd8b
nixos/wg-quick: use networking.firewall.package
Use `nftables` if available.
2022-12-26 10:28:03 +01:00
netali
64a957a7d1
nixos/powerdns: add secretFile option 2022-12-26 02:12:31 +01:00
Maciej Krüger
94373a589b
Merge pull request #203011 from duament/firewall-nftables 2022-12-26 00:57:24 +01:00
github-actions[bot]
583c7499e5
Merge staging-next into staging 2022-12-25 18:01:38 +00:00
Andrew Childs
4ec86b13c9
pleroma: 2.4.4 -> 2.5.0 (#207521) 2022-12-25 13:38:55 +01:00
github-actions[bot]
b48679133a
Merge staging-next into staging 2022-12-25 12:01:40 +00:00
Phosu Parsons
ff9dbe90d7 services.pixiecore: add quick option 2022-12-25 09:33:38 +01:00
Jan Tojnar
72c37eddec Merge branch 'staging-next' into staging 2022-12-25 01:30:47 +01:00
Kristoffer Dalby
571780384a
headscale: Update to 0.17.1, conform module to RFC0042
This commit upgrades headscale to the newest version, 0.17.0 and updates
the module with the current breaking config changes.

In addition, the module is rewritten to conform with RFC0042 to try to
prevent some drift between the module and the upstream.

A new maintainer, Misterio77, is added as maintainer.

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
Co-authored-by: Gabriel Fontes <hi@m7.rs>
Co-authored-by: Geoffrey Huntley <ghuntley@ghuntley.com>
2022-12-23 15:47:53 +01:00
Rvfg
a43c7b2a70
nixos/{firewall, nat}: add a nftables based implementation 2022-12-23 00:49:24 +08:00
Bobby Rong
ce96f00944
Merge pull request #205417 from kurnevsky/tox-node-0.2.0
tox-node: 0.1.1 -> 0.2.0
2022-12-22 23:30:51 +08:00
Evgeny Kurnevsky
d7b2de44c3
tox-node: 0.1.1 -> 0.2.0 2022-12-22 00:38:16 +03:00
Sandro
5b450caa5e
Merge pull request #202245 from tylerjl/rpcbind-tmpfiles-dependency 2022-12-21 20:35:50 +01:00
pennae
4cdcad6b26 nixos/firefox-syncserver: remove unnecessary service option
Stderr does not exist as a systemd option (StandardError would've been
correct), but since "journal" is the default by association this mistake
never had any effect. just remove the key entirely.
2022-12-21 10:29:25 +01:00
pennae
13d725908c syncstorage-rs: 0.12.5 -> 0.13.1
this includes a module update because the package update breaks the
module. would rather not break system bisection if possible.
2022-12-21 10:29:25 +01:00
Tavi
705392e011 nixos/services.tinc: Fix whitespace
Fix indentation for previous commit
2022-12-19 21:19:02 -05:00
Tavi
ca591e7008 nixos/services.tinc: Add all generated /etc/ files to reloadTriggers
Bug fix for issue #66431. Adds all files created as a result of
hostSettings configuration to the created service's reloadTriggers,
or to restartTriggers if the version of tinc isn't 1.1pre or later.
2022-12-19 20:35:00 -05:00
github-actions[bot]
dc7ebb0163
Merge staging-next into staging 2022-12-18 18:01:41 +00:00
figsoda
6bb0dbf91f nixos: fix typos 2022-12-17 19:31:14 -05:00
github-actions[bot]
7984a7dacb
Merge staging-next into staging 2022-12-18 00:05:50 +00:00
github-actions[bot]
887e342eaa
Merge staging-next into staging 2022-12-17 18:01:35 +00:00
Julien Moutinho
15046139d5 nixos/mmsd: init 2022-12-17 17:36:43 +01:00
Michael Hoang
68e514ed1c nixos/tailscale: Add useRoutingFeatures option 2022-12-17 22:38:14 +11:00
github-actions[bot]
f61e6f8d8e
Merge staging-next into staging 2022-12-16 18:02:14 +00:00
Frank Moda
e27e857def nixos/cloudflared: guard config with enable flag 2022-12-16 11:30:44 -05:00
Vladimír Čunát
59a68f487d
Merge branch 'staging-next' into staging 2022-12-16 11:20:50 +01:00
Artturin
05a2dfd674 lib.replaceChars: warn about being a deprecated alias
replaceStrings has been in nix since 2015(nix 1.10)

so it is safe to remove the fallback

d6d5885c15
2022-12-15 22:25:51 +02:00
github-actions[bot]
9e23ec4f1c
Merge staging-next into staging 2022-12-15 00:03:02 +00:00
Sandro
b5f35b1c85
Merge pull request #205399 from SuperSandro2000/fix-avahi 2022-12-14 23:34:12 +01:00
github-actions[bot]
c0b33aa433
Merge staging-next into staging 2022-12-14 06:01:42 +00:00
ajs124
f98e6d6290 unifi7: 7.2.95 -> 7.3.76
https://community.ui.com/releases/UniFi-Network-Application-7-3-76/85c75fc7-3e0f-4e99-aa90-7068af4f1141
2022-12-14 02:47:04 +01:00
github-actions[bot]
cfbecb45cc
Merge staging-next into staging 2022-12-12 18:01:51 +00:00
Bernardo Meurer
d2578f1dac
Merge pull request #171875 from bbigras/cloudflared
nixos/cloudflared: init
2022-12-12 13:06:21 -03:00
gbtb
8399ff1e34 nixos/openvpn: applied nixpkgs-fmt 2022-12-12 23:39:11 +10:00
gbtb
3d17d6fff6 nixos/openvpn: added restartAfterSleep option
Additional systemd unit that hooks to sleep.target and kills openvpn processes
2022-12-12 23:37:57 +10:00
github-actions[bot]
f14765eb08
Merge staging-next into staging 2022-12-11 18:01:53 +00:00
Bobby Rong
0e857e0089
Merge pull request #204807 from Eliot00/v2raya-init
v2raya: init at 2.0.0
2022-12-11 23:06:00 +08:00
K900
a95574fd2e
Merge pull request #204560 from jcumming/resilio_config_passthru
passthrough config if there are no secrets defined (address #204559)
2022-12-11 17:50:37 +03:00
Elliot
08d651764f
v2raya: init at 2.0.0
Update nixos/modules/services/networking/v2raya.nix

Co-authored-by: zendo <linzway@qq.com>

Update nixos/modules/services/networking/v2raya.nix

Co-authored-by: zendo <linzway@qq.com>

Update pkgs/tools/networking/v2raya/default.nix

Co-authored-by: zendo <linzway@qq.com>

Update pkgs/tools/networking/v2raya/default.nix

Co-authored-by: zendo <linzway@qq.com>

Update nixos/modules/services/networking/v2raya.nix

Co-authored-by: zendo <linzway@qq.com>

Update pkgs/tools/networking/v2raya/default.nix

Co-authored-by: zendo <linzway@qq.com>

Update nixos/modules/services/networking/v2raya.nix

Co-authored-by: zendo <linzway@qq.com>
2022-12-11 22:23:12 +08:00
Robert Hensing
16f5747575
Merge pull request #175649 from Artturin/opt-in-structured-attrs
stdenv: support opt-in __structuredAttrs
2022-12-10 21:12:43 +01:00
Bruno Bigras
c770b44aff nixos/cloudflared: init 2022-12-10 14:07:26 -05:00
Sandro Jäckel
89b5dddf99
nixos/avahi: revert closing firewall port by default 2022-12-10 03:40:39 +01:00
Ryan Lahfa
022c7d777a
Merge pull request #196837 from KoviRobi/dnsmasq-attrsets-config
nixos/dnsmasq: Use attrs instead of plain text config
2022-12-08 23:47:08 +01:00
Artturin
c01f509e44 treewide: source .attrs in builders
if theres a source $stdenv then this is needed

for structuredAttrs
2022-12-08 21:09:02 +02:00
Naïm Favier
0ff3b35356 nixos/doc: fix some options 2022-12-08 17:52:52 +01:00
SharzyL
44319dc911
nixos/openconnect: use alternative protocol 2022-12-08 16:34:50 +08:00
Daniel Nagy
ad866e565d
treewide: switch to port type for nixos modules 2022-12-08 00:00:00 +01:00
Wael Nasreddine
69dff6a36c
Merge pull request #144455 from Twingate/master 2022-12-06 09:33:20 -08:00
Ankit Pandey
4fed4b8da8 nixos/znc: Doc fix about services.znc.config
We need to disable `services.znc.mutable` to make changes apply even
after the first deploy, not enable it (it's already enabled by default).
2022-12-05 17:26:38 -08:00
Solene Rapenne
659803e879 nixos/tmate-ssh-server: openFirewall default to false 2022-12-05 12:03:09 +01:00
Solene Rapenne
efeb1e50d9 nixos/avahi-daemon: openFirewall default to false 2022-12-05 12:03:09 +01:00
Jack Cummings
75f2f8e753 passthrough config if there are no secrets defined 2022-12-04 16:37:51 -08:00
Robert Kovacsics
2c00429560 nixos/dnsmasq: Use attrs instead of plain text config
This should make it easier to configure in multiple places, override
defaults, etc.
2022-12-04 23:08:37 +00:00
Jasper Woudenberg
bc3b07cb93 resilio: Add jwoudenberg as extra maintainer 2022-12-02 12:08:33 -06:00
Jasper Woudenberg
c8f9d170d4 nixos/resilio: support secret files
When using the declarative shared folder configuration for resilio sync
it is now possible to pass a path from which to read the secret should
be read at runtime. The path will not be added to the nix store.

The 'secret' parameter to specify the secret directly is still
supported. This option will still store the secret in the nix store.

This commit follows the pattern described in this issue, for upstream
programs that do not provide support for setting a password using a
file: https://github.com/NixOS/nixpkgs/issues/24288
2022-12-02 12:08:33 -06:00
Artturi
dadca5c5e1
Merge pull request #140890 from seb314/wireguard/dyndns-restart-on-failure
wireguard: non-invasive fix for permanent disconnects on unstable network (e.g. laptops) from dyndns endpoints
2022-12-02 17:47:47 +02:00
Daniel Nagy
dbe8182e74
treewide: switch to port type for nixos modules 2022-12-01 22:30:00 +01:00
Ryan Lahfa
5d87a1b9b8
Merge pull request #195735 from hax404/tayga_init
nixos/tayga: init
2022-12-01 21:14:50 +01:00
Alex Zero
16b7892876
nixos/tayga: init 2022-12-01 11:17:20 +01:00
figsoda
d1c73c2543 nixos/keepalived: remove unnecessary parentheses 2022-11-30 17:59:52 -05:00
figsoda
55acad5c35 nixos/softether: apply statix suggestions 2022-11-30 17:56:56 -05:00
figsoda
dfff1a2b83 nixos/prosody: simplify logic 2022-11-30 17:36:07 -05:00
Andrew Marshall
87245df5d3 nixos/stubby: Support fine-grained logLevel
In much older versions, Stubby only supported debug logging, but that is
no longer true, so support the fine-grained log level.
2022-11-29 20:14:00 -06:00
Tyler Langlois
e217979fc7 nixos/rpcbind: add dependency for systemd-tmpfiles-setup
The inline comments explain the reasoning behind this change. This
work was initiated due to failing tests explicitly for glusterfs, but
my hunch is that any nixosTest adjacent to rpcbind will start working
again.

Ref: https://github.com/NixOS/nixpkgs/issues/175339
2022-11-21 13:43:28 -07:00
Jörg Thalheim
83b468db28
Merge pull request #196148 from Mic92/tailscale
tailscale: improve formatting on warning message
2022-11-20 20:12:46 +01:00
David Wilemski
c9543015d0
nixos/firewall: remove stray quote from package option
This quote is not needed and shows up rendered in the manpage documenting this option.
2022-11-19 22:04:52 -06:00
Patrick Jackson
b0c6f4ae05 nixos/mullvad-vpn: add mullvad-exclude wrapper & systemPackage 2022-11-17 07:31:40 -08:00
Carl Richard Theodor Schneider
647ed242dc nixos/adguardhome: allow for empty/unmanaged configs
This commit fixes broken non-declarative configs by
making the assertions more relaxed.
It also allows to remove the forced configuration merge by making
`settings` `null`able (now the default).

Both cases (trivial non-declarative config and `null`able config) are
verified with additional tests.

Fixes #198665
2022-11-15 23:43:15 -05:00
clerie
159d73f7a3 nixos/chisel-server: add module 2022-11-13 12:02:34 +01:00
Robert Schütz
257ec177c8 nixos/syncthing: disallow relative paths
Relative paths are interpreted relative to the working directory, which
is currently unset and thus defaults to `/`. However we want to change
the working directory in a future release such that relative paths are
interpreted relative to `/var/lib/syncthing`.
2022-11-12 11:37:23 -08:00
Daniel Nagy
b4674b39c1
treewide: use mkEnableOption in nixos modules 2022-11-10 09:30:00 +01:00
Daniel Nagy
095269c862
treewide: use types.port in nixos modules 2022-11-10 09:30:00 +01:00
Guillaume Girol
255ac994b8 nixos/firefox-syncserver: fix setup failure due to duplicate key
in some circumstances, the setup service would fail with:
ERROR 1062 (23000) at line 5: Duplicate entry '1' for key 'PRIMARY'
so let's use an upsert instead of insert. This also simplifies the
script.

Besides, also fix that when the setup script changes, the corresponding
script is not restarted as it is usually not active, so we trigger a
restart of the main systemd service.
2022-11-09 23:39:08 +01:00
Robert Hensing
93a905ec4f
Merge pull request #194759 from hercules-ci/fqdn-or-hostname
nixos: Add `networking.fqdnOrHostName`
2022-11-09 13:53:57 +01:00
Bjørn Forsman
25617e3def nixos/blocky: fix description
Before: "Whether to enable Fast and lightweight [...]"
After: "Whether to enable blocky, a fast and lightweight [...]"
2022-11-08 20:59:06 +01:00
Maximilian Bosch
67e61879c5
Merge pull request #199416 from symphorien/wg-add-peer
nixos/wireguard: start new peers when they are added
2022-11-07 12:20:06 +01:00
Jörg Thalheim
1d442b3b68
Merge pull request #186087 from Mic92/consul
nixos/consul: use signal instead of api for reload
2022-11-06 20:32:19 +01:00
Guillaume Girol
c5df8359df nixos/wireguard: start new peers when they are added
when a new peer is added, it does not modify any active units, because
the interface unit remains the same. therefore the new peer is not added
until next reboot or manual action.
2022-11-04 15:35:21 +01:00
Oleksandr Chupryna
acf17b3b4b nixos/twingate: init module 2022-11-04 13:36:45 +01:00
ajs124
42ec4ec905
Merge pull request #198303 from cleeyv/jitsi-update
Update of all Jitsi Meet components
2022-11-03 22:57:04 +01:00
Erik Arvstedt
828cd4c895
nixos/bitcoind: fix rare startup error
Previously, dhcpcd and bitcoind starting up in parallel could lead to
the following error in bitcoind:
```
bitcoind: libevent: getaddrinfo: address family for nodename not supported
bitcoind: Binding RPC on address 127.0.0.1 port 8332 failed.
bitcoind: Unable to bind any endpoint for
```
After the initial failure, the bitcoind service would always restart successfully.

This race condition, where both applications were simultaneously
manipulating network resources, was only triggered under specific
hardware conditions.

Fix it by running bitcoind after dhcp has started (by running after
`network-online.target`).
This bug and the fix only affect the default NixOS scripted
networking backend.
2022-11-02 12:31:40 +01:00
Sandro
796cc1ad51
Merge pull request #198532 from raindev/syncthing-devices-folders 2022-11-01 23:28:33 +01:00
Sandro
4d4fdde2cf
Merge pull request #197876 from iopq/alt-history 2022-10-30 19:51:28 +01:00
Andrew Barchuk
43bc09e037
nixos/syncthing: keep manually added dirs/devices
If folders and devices are not configured explicitly, do not wipe the
changes done via the web GUI. Currently the list of devices or folders
will be reset unless overrideFolders/overrideDevices is disabled.
2022-10-30 00:22:00 +02:00
seb314
82c5c3c9a9 wireguard: when dyn-dns refresh is enabled, reconnect after failures
Make the dynamic-dns refresh systemd service (controlled via the
preexisting option dynamicEndpointRefreshSecond) robust to e.g. dns
failures that happen on intermittent network connections.

Background:

When dns resolution fails with a 'permanent' error ("Name or service not
known" instead of "Temporary failure in name resolution"), wireguard
won't retry despite WG_ENDPOINT_RESOLUTION_RETRIES=infinity.

-> This change should improve reliability/connectivity.

somewhat related thread: https://github.com/NixOS/nixpkgs/issues/63869
2022-10-28 19:16:05 +02:00
iopq
96f7444bc8 nixos/xray: init service 2022-10-28 23:53:41 +08:00
Cleeyv
2ef91019db jibri: 8.0-93 -> 8.0-139
- Fix of accidental downgrade in #158911
- Update of runtime from Java 8 -> 11
2022-10-28 11:42:55 -04:00
pennae
15372dc4d4 nixos/mosquitto: clarify hashedPassword generation
unfortunately we cannot use other tools (like mkpasswd) instead of
mosquitto_passwd because mosquitto is incompatible with the standard
crypt format.
2022-10-28 17:39:30 +02:00
Naïm Favier
94d24f136e
nixos/vdirsyncer: fix description 2022-10-28 11:59:34 +02:00
Patrick Jackson
1c1af8d2f2 nixos/mullvad-vpn: add patricksjackson to maintainers 2022-10-27 12:38:48 -07:00
Patrick Jackson
3aa131978d nixos/mullvad-vpn: add the package option 2022-10-27 12:38:48 -07:00
Sandro
b99ffef2de
Merge pull request #197688 from MidAutumnMoon/go-119-services-fix-2 2022-10-27 00:49:35 +02:00
Sandro
dc5fa53b83
Merge pull request #197657 from MidAutumnMoon/go-119-services-fix 2022-10-27 00:48:28 +02:00
Sandro
8ebdb3e6fe
Merge pull request #176701 from CRTified/adguardhome-schemaversion 2022-10-26 22:52:04 +02:00
Sandro
4d1f158bf0
Merge pull request #161640 from schnusch/vdirsyncer 2022-10-26 22:22:19 +02:00
Niklas Hambüchen
f5c5386870 nixos/smokeping: Don't show 413 Forbidden on thttpd /. Fixes #197704 2022-10-25 23:11:50 +02:00
Carl Richard Theodor Schneider
1526a1b041 adguardhome: Add schema_version
This will add `passthru.schema_version` to be used as default value for
the adguardhome module.
It will also update the `update.sh` to keep the `schema_version` in sync
with the version by inspecting the sourcecode.

This might break existing configs, if they use deprecated values that don't
appear in newer schema_versions and schema_version wasn't set explicitly.
Explicit declarations of schema_version always have higher priority.

This also removes the `host` and `config` settings in favour of using the
appropriate `settings`.

Fixes #173938

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2022-10-25 17:35:27 +02:00
MidAutumnMoon
9b8fd74d68
nixos/nats: set proper SystemCallFilter 2022-10-25 16:47:46 +08:00
MidAutumnMoon
7742cd543d
nixos/yggdrasil: set proper SystemCallFilter 2022-10-25 16:09:31 +08:00
MidAutumnMoon
bd8413e8e1
nixos/snowflake-proxy: set proper SystemCallFilter 2022-10-25 15:41:54 +08:00
MidAutumnMoon
ba8041fc2b
nixos/croc: set proper SystemCallFilter 2022-10-25 11:51:40 +08:00
MidAutumnMoon
db029623b7 nixos/dnscrypt-proxy2: properly set SystemCallFilter 2022-10-24 22:20:42 +10:00
schnusch
72ee279ab4 nixos/vdirsyncer: init
inspired by borgbackup
2022-10-23 23:23:13 +02:00
github-actions[bot]
18a6423900
Merge master into staging-next 2022-10-17 00:04:21 +00:00
Nick Cao
46982f4194
nixos/iwd: allow setting iwd package 2022-10-16 23:12:26 +08:00
Jörg Thalheim
e24daea3d3 tailscale: improve formatting on warning message 2022-10-15 16:50:34 +02:00
github-actions[bot]
886633ba43
Merge master into staging-next 2022-10-15 00:04:00 +00:00
Sandro
bdca71e9c0
Merge pull request #191924 from SuperSandro2000/ddclient-daemon 2022-10-14 23:52:14 +02:00
github-actions[bot]
283841a1ce
Merge master into staging-next 2022-10-14 06:20:50 +00:00
Timothy DeHerrera
912a3deedc
Merge pull request #110197 from milahu/patch-1
firewall: move rpfilter to mangle.PREROUTING to fix conntrack
2022-10-13 21:04:40 -06:00
Vladimír Čunát
00a757ed3f
Merge branch 'master' into staging 2022-10-13 08:27:55 +02:00
Patrick Jackson
4c69843460 nixos/mullvad-vpn: change dependency for the daemon to pkg mullvad 2022-10-11 12:37:49 -07:00
Artturin
7e49471316 treewide: optional -> optionals where the argument is a list
the argument to optional should not be list
2022-10-10 15:40:21 +03:00
Artturin
f4ea1208ec treewide: *Flags convert to list from str
*Flags implies a list

slightly relevant:
> stdenv: start deprecating non-list configureFlags https://github.com/NixOS/nixpkgs/pull/173172

the makeInstalledTests function in `nixos/tests/installed-tests/default.nix` isn't available outside of nixpkgs so
it's not a breaking change
2022-10-10 15:30:59 +03:00
github-actions[bot]
8972888c55
Merge master into staging-next 2022-10-09 12:01:31 +00:00
Maximilian Bosch
4fd75277dd
nixos/coturn: refactor secret injection
The original implementation had a few issues:

* The secret was briefly leaked since it is part of the cmdline for
  `sed(1)` and on Linux `cmdline` is world-readable.
* If the secret would contain either a `,` or a `"` it would mess with
  the `sed(1)` expression itself unless you apply messy escape hacks.

To circumvent all of that, I decided to use `replace-secret` which
allows you to replace a string inside a file (in this case
`#static-auth-secret#`) with the contents of a file, i.e.
`cfg.static-auth-secret-file` without any of these issues.
2022-10-09 09:31:48 +02:00
github-actions[bot]
130aa9ca68
Merge master into staging-next 2022-10-09 00:03:29 +00:00
Jörg Thalheim
b4bb571fa0 iwd: remove myself as maintainer 2022-10-08 16:50:37 +02:00
github-actions[bot]
c5f0d725df
Merge master into staging-next 2022-10-06 18:03:10 +00:00
Robert Hensing
12da62fef5 nixos/jitsi-videobridge: Refactor to use config.networking.fqdnOrHostName 2022-10-06 16:24:38 +02:00
Robert Hensing
06a1a29467 nixos/flannel: Refactor to use config.networking.fqdnOrHostName 2022-10-06 16:24:38 +02:00
pennae
3826e303c6 nixos/firefox-syncserver: remove extra add_header
syncstorage-rs sets this header starting with 0.12.3.
2022-10-06 14:48:53 +02:00
pennae
f97c9d60e4 nixos/firefox-syncserver: proxyPass singleNode to 127.0.0.1
syncstorage-rs does not listen on ::1 unless explicitly configured.
2022-10-06 14:48:53 +02:00
pennae
8dc30e9e98 nixos/firefox-syncserver: set default for oauth verifier threads
the 0.12.1 update introduced a static thread pool for verifying oauth
tokens. set a reasonable default for self-hosted setups (10 threads).
2022-10-06 14:48:53 +02:00
github-actions[bot]
863df54d13
Merge master into staging-next 2022-10-06 06:05:17 +00:00
Stanisław Pitucha
4a6979d310
Merge pull request #194603 from phiadaarr/jitsiVideobridge
jitsi-videobridge: fix link in docs
2022-10-06 12:19:43 +11:00
github-actions[bot]
939050602c
Merge master into staging-next 2022-10-05 18:07:32 +00:00
José Luis Lafuente
396f4f05b9
nixos/tmate-ssh-server: init module (#192270)
* nixos/tmate-ssh-server: init module

Co-authored-by: Aaron Andersen <aaron@fosslib.net>
2022-10-05 17:34:30 +01:00
Philipp Arras
1e430612dc jitsi-videobridge: fix link in docs 2022-10-05 18:11:57 +02:00
Milan Hauth
a1e9f1e036 nixos/firewall: move rpfilter from raw to mangle
fix wireguard (wg-quick)

netfilter packet flow:
raw.prerouting -> conntrack -> mangle.prerouting

rpfilter must be after conntrack
otherwise response packets are dropped
2022-10-05 09:50:56 +02:00
github-actions[bot]
fc393d5731
Merge master into staging-next 2022-10-02 12:01:22 +00:00
Christian Kögler
6845ddc94b
Merge pull request #192864 from alyaeanyx/nix-serve-package-option
nixos/nix-serve: add package option
2022-10-02 11:39:28 +02:00
github-actions[bot]
25043f0f28
Merge master into staging-next 2022-10-01 12:01:27 +00:00
Christian Kögler
d3fc91e579
Merge pull request #191352 from maifel-maifel/mr-networking-deprecation-note
nixos/networking: add a suggestion to use networkd options
2022-10-01 09:10:30 +02:00
github-actions[bot]
9c14978f84
Merge master into staging-next 2022-09-29 12:01:25 +00:00
digital
eb49174f7b nixos/wireguard: add option to set mtu
Some networks can only transfer packets with a lower than normal maximum
transfer unit size. In these cases, it is necessary to set a MTU that
works for the given upstream network.
2022-09-28 17:14:38 +02:00
digital
084509af8b nixos/wireguard: add option to set firewall mark
Wireguard can tag its packets with a firewall mark. This can be used for
firewalls or policy routing. This is very useful in some setups where
all traffic should go through a wireguard interface. The wireguard
packets cannot go through the wireguard interface and must be routed
differently, which can be done via the Firewall Mark.

The nixos option `config.networking.wireguard.interface.<name>.fwMark`
is of type `types.str` and not `types.int` to allow for specifying the
mark as a hexadecimal value.
2022-09-28 17:14:38 +02:00
Artturin
6910a4eea0 treewide: makeWrapper to nativeBuildInputs
this should be all of them other than the failed splices
found with nixpkgs-lint
2022-09-26 17:53:26 +03:00
Emery Hemingway
dbf8bba95b nixos/yggdrasil: services.yggdrasil.config renamed to settings 2022-09-25 11:10:32 -05:00
alyaeanyx
850053ebe7 nixos/nix-serve: add package option 2022-09-25 11:08:59 +02:00
oxalica
07a9b7b1d8 nixos/{test/,}v2ray: fix for new CLI and use upstream systemd units 2022-09-21 15:59:29 +08:00
Sandro
5267176a38
nixos/ddclient: document that daemon should not be set
Closes #191105
2022-09-19 17:06:45 +02:00
digital
12d64e041b nixos/networking: add a suggestion to use networkd options 2022-09-15 18:07:24 +02:00
Jonas Heinrich
d990f88f9f nixos/go-autoconfig: init module 2022-09-14 02:21:39 -04:00
Christian Kögler
11bafe6b5b nixos/syncthing: remove exit code 2 from exit status success
Fix #181713
2022-09-11 16:21:07 +02:00
pennae
d98322834b nixos/*: fix docbook deprecation notices
mostly no rendering changes except in buildkite, which used markdown
where docbook was expected without marking up its markdown.
2022-09-10 18:23:13 +02:00
Christian Kögler
4b6b03f99c
Merge pull request #185782 from e1mo/e1mo/syncthing-receiveencrypted
nixos/syncthing: Add receiveencrypted folder type
2022-09-09 17:30:45 +02:00
Bernardo Meurer
0627237785
Merge pull request #181334 from zhaofengli/nat-iptables-pkg
nixos/nat: Use the package specified in networking.firewall.package
2022-09-06 14:05:20 -03:00
bb2020
ce609256fb nixos/minidlna: update documentation 2022-09-04 09:07:40 +00:00
amesgen
592d13693e
nixos/teamspeak3: restart on failure
Prevents transient failures such as

> failed to register local accounting service
2022-09-03 14:55:36 +02:00
pennae
3bddcf5f90
Merge branch 'master' into option-docs-md 2022-09-01 16:10:09 +02:00
Zhaofeng Li
7689468a4b nixos/nat: Use the package specified in networking.firewall.package
Otherwise the system path is inconsistent if you do something like

    networking.firewall.package = pkgs.iptables-legacy;
2022-08-31 13:14:07 -06:00
Christian Kögler
43c0f946a8
Merge pull request #188620 from KFearsoff/fix-syncthing-versioning-path
nixos/syncthing: fix path setting for versioning
2022-08-31 20:46:54 +02:00
pennae
1d41cff3dc nixos/*: convert straggler options to MD 2022-08-31 17:27:38 +02:00
pennae
f2ea09ecbe nixos/*: convert options with listings
minor rendering changes.
2022-08-31 17:27:36 +02:00
pennae
722b99bc0e nixos/*: convert options with admonitions to MD
rendering changes only slightly, most changes are in spacing.
2022-08-31 16:36:16 +02:00
pennae
bd56368848 nixos/*: md-convert hidden plaintext options
most of these are hidden because they're either part of a submodule that
doesn't have its type rendered (eg because the submodule type is used in
an either type) or because they are explicitly hidden. some of them are
merely hidden from nix-doc-munge by how their option is put together.
2022-08-31 16:32:54 +02:00
pennae
515c4727fa nixos/*: md-"convert" empty descriptions
for some reason these are not picked up properly by nix-doc-munge, so
we'll do this instead.
2022-08-31 16:32:54 +02:00
pennae
9547123258 nixos/*: convert internal option descriptions to MD
we'll have to do it eventually, may as well be now.
2022-08-31 16:32:54 +02:00
pennae
ef176dcf7e nixos/*: automatically convert option descriptions
conversions were done using https://github.com/pennae/nix-doc-munge
using (probably) rev f34e145 running

    nix-doc-munge nixos/**/*.nix
    nix-doc-munge --import nixos/**/*.nix

the tool ensures that only changes that could affect the generated
manual *but don't* are committed, other changes require manual review
and are discarded.
2022-08-31 16:32:53 +02:00
pennae
5a643387ec nixos/*: normalize more docbook for auto-conversion 2022-08-31 16:32:53 +02:00
pennae
e4f876eb7e nixos/*: convert varlist-using options to MD
there are sufficiently few variable list around, and they are
sufficiently simple, that it doesn't seem helpful to add another
markdown extension for them. rendering differences are small, except in
the tor module: admonitions inside other blocks cannot be made to work
well with mistune (and likely most other markdown processors), so those
had to be shuffled a bit. we also lose paragraph breaks in the list
items due to how we have to render from markdown to docbook, but once we
remove docbook from the pipeline those paragraph breaks will be restored.
2022-08-31 16:32:53 +02:00
pennae
c915b915b5 nixos/*: md-convert options with unordered lists
mostly no rendering changes. some lists (like simplelist) don't have an
exact translation to markdown, so we use a comma-separated list of
literals instead.
2022-08-31 16:32:53 +02:00
pennae
1013069f52 nixos/*: convert more partially-md option descriptions
this mostly means marking options that use markdown already
appropriately and making a few adjustments so they still render
correctly. notable for nftables we have to transform the md links
because the manpage would not render them correctly otherwise.
2022-08-31 16:32:14 +02:00
pennae
7d102d113a nixos/*: convert multiline inline code to listings
presumably it was not intended to have these blocks rendered inline, and
markdown conversion would be messy as well.
2022-08-31 16:27:25 +02:00
pennae
0cfcb5908c nixos/*: <screen> -> <programlisting>
most of the screen tags used in option docs are actually listings of
some sort. nsd had a notable exception where its screen usage was pretty
much a raw markdown block that made most sense to convert into docbook lists.
2022-08-31 16:27:24 +02:00
Netali
52e621ace8
nixos/kea: fix ctrl-agent extraArgs 2022-08-31 01:26:12 +02:00
Martin Weinelt
f3b7d6414b
Merge pull request #128192 from clerie/keepalived-secrets 2022-08-29 23:44:34 +02:00
iko
4bc69a5235
nixos/searx: improve searxng compatibility 2022-08-28 16:52:42 +03:00
KFears
7f22740983 nixos/syncthing: fix path setting for versioning
Syncthing config XML uses `fsPath` setting for specifying the path to the versioning folder. This commit adds `services.syncthing.folders.<name>.versioning.fsPath` option to enable this functionality declaratively. Previously, `versioning.params.versionsPath` was used, which doesn't work.
2022-08-28 17:27:51 +04:00
pennae
5a20c87970 nixos/vsftpd: convert option descriptions to MD
no change to rendered output.
2022-08-27 19:18:29 +02:00
pennae
51a11254a7 nixos/*: literalDocBook -> literalMD
no change to rendered output
2022-08-27 19:18:29 +02:00
pennae
a2ceee8ffe nixos/strongswan: convert to MD descriptions
no changes to the manpage output. the html output changes, but only by
whitespace.
2022-08-27 19:18:29 +02:00
clerie
bf7d05e64d nixos/keepalived: add secrets support 2022-08-27 17:19:16 +02:00
misuzu
5fcdceb0b2 nixos/netbird: init 2022-08-22 16:37:43 +03:00
Guillaume Girol
e941a9d433
Merge pull request #186652 from peterhoeg/u/http-dns
nixos/https-dns-proxy: bump version and add support for OpenDNS
2022-08-20 18:09:23 +00:00
pennae
6039648c50 nixos/*: automatically convert option docs 2022-08-19 22:40:58 +02:00
pennae
7e7d68a250 nixos/*: mark pre-existing markdown descriptions as mdDoc 2022-08-19 22:40:58 +02:00
pennae
b51f8036c2 nixos/*: use properly indented strings for option docs
using regular strings works well for docbook because docbook is not as
whitespace-sensitive as markdown. markdown would render all of these as
code blocks when given the chance.
2022-08-19 22:40:58 +02:00
pennae
72b507d5a2 nixos/*: convert some markdown in docbook to tags
a lot of markdown syntax has already snuck into option docs, many of it
predating the intent to migrate to markdown. we don't convert all of it
here, just that which is accompanied by docbook tags as well. the rest
can be converted by simply adding the mdDoc marker.
2022-08-19 22:40:58 +02:00
pennae
e4ed177f82 nixos/* eliminate inner whitespace in tags that was missed earlier
nix-doc-munge won't match tags that contain newlines anywhere. most of
these have already been removed, but a few obviously made it through.
2022-08-19 22:40:58 +02:00
pennae
8f8e101527 nixos/*: normalize <package> to <literal>
this renders the same in the manpage and a little more clearly in the
html manual. in the manpage there continues to be no distinction from
regular text, the html manual gets code-type markup (which was probably
the intention for most of these uses anyway).
2022-08-19 22:40:58 +02:00
Peter Hoeg
28116cfd9b nixos/https-dns-proxy: add OpenDNS support 2022-08-17 10:25:31 +08:00
Jörg Thalheim
66c94cd524
Merge pull request #185856 from NoneTirex/fix-headscale-tls-config
headscale: fix tls challengeType enum possible values
2022-08-15 17:51:49 +01:00
Christian Kögler
0884cb0ba2
Merge pull request #177577 from jmbaur/globalprotect-openconnect_config
nixos/globalprotect: add settings option for service configuration
2022-08-15 14:43:13 +02:00
pennae
50f9b3107a
Merge pull request #185474 from pennae/option-docs-md
nixos/*: more options md conversion
2022-08-12 23:23:26 +02:00
Martin Weinelt
a58668f0a0
Merge pull request #176835 from pennae/syncserver 2022-08-12 01:33:26 +02:00
pennae
bd1978e911 nixos/firefox-syncserver: init 2022-08-12 00:45:25 +02:00
Emery Hemingway
300c5c98c6 nixos/yggdrasil: rename "config" option to "settings"
Make this service consistent with rfc42.

https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md
2022-08-11 16:09:42 -05:00
Jörg Thalheim
8ccf4e05df nixos/consul: use signal instead of api for reload
consul might require authentication if acls are enabled for `consul
reload` to work. Signals never require authentication.
2022-08-11 13:32:47 +02:00
tirex
8f9ef1c30e headscale: fix tls challengeType enum possible values 2022-08-10 03:09:41 +02:00
Moritz 'e1mo' Fromm
79ae88a100
nixos/syncthing: Add receiveencrypted folder type
This folder type is available in syncthing, but could not be set in
NixOS.
See <https://docs.syncthing.net/users/untrusted.html> for reference.
2022-08-09 15:03:14 +02:00
Michael Adler
d8b356caaf fix: ssh-keygen fails if directory does not exist 2022-08-09 12:16:17 +02:00
pennae
087472b1e5 nixos/*: automatically convert option docs 2022-08-06 20:39:12 +02:00
Emery Hemingway
c0eaefb30c nixos/yggdrasil: want/before systemd's network.target 2022-08-06 07:25:15 -05:00
pennae
423545fe48 nixos/*: normalize manpage references to single-line form
now nix-doc-munge will not introduce whitespace changes when it replaces
manpage references with the MD equivalent.

no change to the manpage, changes to the HTML manual are whitespace only.
2022-08-05 18:34:50 +02:00
pennae
93c57a9884
Merge pull request #185056 from pennae/option-docs-md
nixos/*: more option docs conversions
2022-08-05 17:36:49 +02:00
olaf
de0c734300 for consistency use bob in example instead of joe 2022-08-05 13:13:24 +02:00
pennae
61e93df189 nixos/*: automatically convert option docs to MD
once again using nix-doc-munge (69d080323a)
2022-08-03 22:46:41 +02:00
pennae
3aebb4a2be nixos/*: normalize link format
make (almost) all links appear on only a single line, with no
unnecessary whitespace, using double quotes for attributes. this lets us
automatically convert them to markdown easily.

the few remaining links are extremely long link in a gnome module, we'll
come back to those at a later date.
2022-08-03 21:57:46 +02:00