cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
74756 commits 1 branch 0 tags 3.7 GiB
Commit graph

462 commits

Author SHA1 Message Date
Thomas Strobel
684cd17ff5 dnschain nixos module: init 2015-09-10 18:11:40 +02:00
Thomas Strobel
8db7c14e56 namecoind nixos module: security enhancements 2015-09-10 18:11:40 +02:00
Luca Bruno
f4b7be4f04 nixos ntpd: allow passing extra flags 2015-09-10 10:58:13 +02:00
Peter Simons
64eb5527ba nixos: remove the obsolete 'services.openvpn.enable' option 
OpenVPN is enabled implicitly when configuring 'services.openvpn.servers', so the
"enable" option is meaningless since b2910df04e.

Closes https://github.com/NixOS/nixpkgs/issues/9764.
 2015-09-10 10:38:38 +02:00
Arseniy Seroka
90a7bb69d0 Merge pull request #9711 from anderspapitto/bitlbee 
plugin support for bitlbee, and facebook plugin
 2015-09-09 03:03:53 +03:00
Anders Papitto
78f7a09e3a bitlbee service: enable plugins 2015-09-08 14:24:50 -07:00
Thomas Strobel
cb4bea5f97 namecoind nixos module: fix environment variable 2015-09-08 22:37:10 +02:00
Thomas Strobel
b6fb760484 namecoind nixos module: init 2015-09-08 20:17:52 +02:00
Thomas Strobel
5e21271af0 dnsmasq nixos module: fix path in systemd service 2015-09-08 19:33:01 +02:00
Bryan Gardiner
f4de446573
NetworkManager: fix dnsmasq interaction for ad-hoc networks 
Fixes #7593 (NM can't find the dnsmasq binary); the NM expression is missing
dnsmasq in its buildInputs, so configure can't find it.

Also creates /var/lib/misc which dnsmasq expects to exist, because it puts
dnsmasq.leases there.
 2015-09-07 14:04:32 -07:00
Enrico Fasoli
44788bb2ce fixed syncthing service to work as expected 2015-09-02 18:14:21 +02:00
Eelco Dolstra
14321ae243 Rename users.extraUsers -> users.users, users.extraGroup -> users.groups 
The "extra" part hasn't made sense for years.
 2015-09-02 17:34:23 +02:00
Daniel Fox Franke
fc96dbb1a2 oidentd: listen on IPv6 2015-08-30 10:53:08 -04:00
Eelco Dolstra
287c08d8a3 Rename services.openssh.knownHosts -> programs.ssh.knownHosts 
This option configures the SSH client, not the server.
 2015-08-27 15:32:46 +02:00
lethalman
a45a0911d4 Merge pull request #9376 from rick68/softether 
softether: support SoftEther VPN 4.18
 2015-08-26 10:45:46 +02:00
Charles Strahan
648973d641 nixos: rename service 'ubuntu-fan' as 'fan' 2015-08-22 14:05:35 -04:00
Wei-Ming Yang
efd34824eb softether: support SoftEther VPN 4.18 2015-08-21 13:59:00 +08:00
Eelco Dolstra
401782cb67 Revert "openssh: 6.9p1 -> 7.0p1" 
This reverts commit a8eb2a6a81. OpenSSH
7.0 is causing too many interoperability problems so soon before the
15.08 release.

For instance, it causes NixOps EC2 initial deployments to fail with
"REMOTE HOST IDENTIFICATION HAS CHANGED". This is because the client
knows the server's ssh-dss host key, but this key is no longer
accepted by default. Setting "HostKeyAlgorithms" to "+ssh-dss" does
not work because it causes ssh-dss to be ordered after
"ecdsa-sha2-nistp521", which the server also offers. (Normally, ssh
prioritizes host key algorithms for which the client has a known host
key, but not if you set HostKeyAlgorithms.)
 2015-08-20 14:08:18 +02:00
Jaka Hudoklin
40582b68f4 Merge pull request #9354 from offlinehacker/nixos/skydns/fixdns 
skydns service: fix skydns nameservers env option
 2015-08-20 02:26:33 +02:00
Jaka Hudoklin
ed356eefa6 skydns service: fix skydns nameservers env option 2015-08-19 23:54:54 +02:00
Jaka Hudoklin
c171cfabed nixos/racoon: create /var/racoon upon start 2015-08-19 23:38:44 +02:00
Eelco Dolstra
1f2eef5ae9 openssh: Re-enable DSA client keys 
This was broken by a8eb2a6a81.
 2015-08-18 13:11:45 +02:00
Charles Strahan
c1ee8fefd4 nixos: add support for Ubuntu Fan Networking 
This provides support for Ubuntu Fan Networking [1].

This includes:

* The fanctl package, and a corresponding NixOS service.
* iproute patches.
* kernel patches.

closes #9188

1: https://wiki.ubuntu.com/FanNetworking
 2015-08-13 14:27:14 -04:00
Joachim Fasting
2c5775b141 i2p service: use mkEnableOption 2015-08-09 02:29:35 +02:00
lethalman
076e90c67a Merge pull request #9150 from tomberek/gateone_setup 
gateone: Fix startup
 2015-08-08 15:35:08 +02:00
Thomas Bereknyei
6b280b648f kippo: fix check for pidPath 2015-08-07 01:01:22 -04:00
Thomas Bereknyei
825b8403a2 Check for pidDir and create 2015-08-07 00:43:29 -04:00
Anders Papitto
4f7819b89c dnsmasq restarts if /etc/hosts file is changed by nixos-rebuild 2015-08-05 03:36:19 -07:00
Thomas Bereknyei
cb6dc71599 GateOne: init at 1.2 2015-08-03 11:01:05 -04:00
Benjamin Staffin
ad4c957163 shout service: New module. 2015-08-01 03:36:45 -07:00
Thomas Tuegel
e5a93ab201 Revert "nixos/quassel: Temporarily switch back to qt4 since qt5 tls in quassel is broken" 
This reverts commit c61d048427.
 2015-07-30 21:24:11 -05:00
Eelco Dolstra
a5b83c3573 sshd: Use RSA and ED25519 host keys 
Closes #7939.
 2015-07-27 20:30:10 +02:00
William A. Kennington III
abc7c1b013 nixos/firewall: Add the ability to specify additional packages for extraCommands 2015-07-26 16:33:03 -07:00
Eelco Dolstra
f64589b2ef firewall: Don't depend on ipset 
NixOS doesn't use it, so no reason to include it.
 2015-07-26 22:45:39 +02:00
Tobias Geerinckx-Rice
078ee4ac55 copy-com: 1.47.0410 -> 3.2.01.0481 + several fixes 
The graphical UI (the largest part of this package) never worked; fixed.

Added myself as a maintainer.
 2015-07-25 04:39:02 +02:00
lethalman
636f9ac0ed Merge pull request #8799 from ryantm/master 
heyefi service: init
 2015-07-24 10:11:26 +02:00
tv
1306c11b94 bitlbee service: fix typo 2015-07-16 02:43:27 +02:00
Ryan Mulligan
9d485d9433 heyefi service: make uploadDir path more generic and a string 2015-07-14 06:56:30 -07:00
Ryan Mulligan
d11edff860 heyefi service: use mkEnableOption 2015-07-14 06:54:51 -07:00
Ryan Mulligan
d6cee31b04 heyefi service: init 2015-07-14 06:42:02 -07:00
Eelco Dolstra
7b38cb699d services.openssh.knownHosts.*.publicKey: Update description and add example 
Note that it's no longer allowed to have multiple public keys
separated by a newline.
 2015-07-13 16:21:57 +02:00
tv
baab714b2e charybdis service: fix preStart script 2015-07-13 15:11:18 +02:00
Leroy Hopson
2e49828d9c firefox sync-server service: make path to paster executable absolute 
The systemd service was ignoring ExecStart because the path to the
paster executable was not absolute. Because ExecStart was ignored, the
service would not start.
 2015-07-12 20:43:52 +12:00
James Cook
a456168e5b Merge pull request #6702 from joachifm/dnscrypt-proxy 
nixos: some improvements for dnscrypt-proxy
 2015-07-12 00:17:46 -07:00
Pascal Wittmann
1e4483b1ec nixos/bitlbee: fixed protocols option 2015-07-08 19:30:20 +02:00
Pascal Wittmann
c0de3b306b nixos/bitlbee: add hostname, config dir and protocols options 2015-07-08 19:14:36 +02:00
Arseniy Seroka
7e7371fe3c Merge pull request #8639 from sjmackenzie/zerotierone 
zerotier-one: service add
 2015-07-08 02:15:14 +03:00
Stewart Mackenzie
5297371b95 zerotier-one: service add 2015-07-07 07:11:44 +08:00
William A. Kennington III
c61d048427 nixos/quassel: Temporarily switch back to qt4 since qt5 tls in quassel is broken 2015-07-05 16:53:42 -07:00
Arseniy Seroka
093a8994f9 Merge pull request #8624 from ambrop72/minidlna-update 
minidlna 1.1.4
 2015-07-04 13:59:32 +03:00
Pascal Wittmann
2fd9d56f51 nixos/skydns: fixed reference to skydns 2015-07-04 09:43:28 +02:00
Ambroz Bizjak
42a5ad5c5e minidlna: 1.0.25 -> 1.1.4 
Changes:
- gettext is needed to build
- Switched to using non-legacy ffmpeg.
- Removed ffmpeg stuff from include path since it causes build errors related to
a time.h header.
- Removed unneeded patch.
- Adjusted NixOS service due to the binary being renamed.
 2015-07-04 09:16:28 +02:00
Simon Vandel Sillesen
9dab1a840c tvheadend: init at 4.0.4 2015-06-24 13:22:09 +00:00
William A. Kennington III
6532863ac4 unifi: 3.2.10 -> 4.6.3 2015-06-23 10:09:44 -07:00
Arseniy Seroka
cf44a27fc4 fix argument in mkEnableOption 2015-06-21 18:21:21 +03:00
William A. Kennington III
295846a254 nixos/nix-serve: Run as a separate user and add a signing key parameter 2015-06-17 19:10:39 -07:00
Eelco Dolstra
6e6a96d42c Some more type cleanup 2015-06-15 18:18:46 +02:00
Eelco Dolstra
19ffa212af types.uniq types.int -> types.int 
types.int already implies uniqueness.
 2015-06-15 18:11:32 +02:00
Eelco Dolstra
c738b309ee types.uniq types.bool -> types.bool 2015-06-15 18:10:26 +02:00
Eelco Dolstra
9366af1b94 "types.uniq types.string" -> "types.str" 2015-06-15 18:08:49 +02:00
Joachim Fasting
ffc6275e55 dnscrypt-proxy service: support custom providers 
The primary use-case is private DNSCrypt providers.

Also rename the `port` option to differentiate it from the
`customResolver.port` option.
 2015-06-12 15:12:33 +02:00
Joachim Fasting
8131065b63 dnscrypt-proxy service: use mkEnableOption 2015-06-12 15:12:33 +02:00
Joachim Fasting
2e8bc2bd5c nixos: cosmetic improvements to dnscrypt-proxy service module 
Remove superflous whitespace & comments
 2015-06-12 15:12:33 +02:00
Joachim Fasting
a88a6bc676 nixos: additional hardening for dnscrypt-proxy 
- Run as unprivileged user/group via systemd, obviating the need to
  specify capabilities, etc.
- Run with private tmp and minimal device name space
 2015-06-12 15:12:33 +02:00
Joachim Fasting
823bb5dd4d nixos: implement socket-activation for dnscrypt-proxy 
The socket definition is derived from upstream with the
exception that it does not depend on network.target, as
this creates a cycle between basic.target and sockets.target.

The apparmor profile has been updated to account for additional
runtime dependencies introduced by enabling systemd support.
 2015-06-12 15:12:33 +02:00
Joachim Fasting
dfe20de782 nixos: permit dnscrypt-proxy service to read basic user/group info 
If nscd is not running, dnscrypt-proxy crashes without read access
to /etc/{password,group,nsswitch.conf}.
 2015-06-12 15:12:30 +02:00
William A. Kennington III
b79a5e812a nixos/quassel: Use qt5 instead of qt4 
This really speeds up building quassel daemon since qt5 can be built in
parallel while qt4 cannot.
 2015-06-08 15:37:34 -07:00
Jaka Hudoklin
c9da002a07 nixos/consul: fix consul alerts enable 2015-06-08 13:41:43 +02:00
Jaka Hudoklin
23504e5bf2 Add skydns module 2015-06-08 13:36:05 +02:00
Timofey Lagutin
714377f8dc bittorrentsync: fix storage_path. 
If this path is a symlink, btsync won't be able to read it if it's not ending with "/".

As seen in f02d4ec9ed
Broken in 0539ed4771
 2015-06-05 18:39:01 +03:00
Mateusz Kowalczyk
1113efec5e Merge pull request #7559 from offlinehacker/openvswitch/ipsec 
openvswitch: ipsec support
 2015-05-26 11:26:02 +01:00
Mateusz Kowalczyk
a35e1ddfb2 Merge pull request #7566 from offlinehacker/nixos/node-docker-registry/module 
nixos: add node docker registry server
 2015-05-26 11:07:22 +01:00
lethalman
aff1c293ef Merge pull request #7998 from dezgeg/pr-ddclient-ssl 
ddclient: Set SSL_CERT_FILE environment variable
 2015-05-26 10:25:47 +02:00
Tuomas Tynkkynen
2966068968 ddclient: Set SSL_CERT_FILE environment variable 
Otherwise connection to SSL hosts fails like this:

May 26 06:44:05 kbuilder ddclient[17084]: WARNING:  cannot connect to dynamicdns.park-your-domain.com:443 socket:
    IO::Socket::IP configuration failed SSL connect attempt failed with unknown error
    error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
 2015-05-26 06:45:25 +03:00
Peter Simons
50fa9d8eea Merge pull request #7941 from peti/allow-custom-ssh-moduli-file 
nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH
 2015-05-22 20:51:42 +02:00
Peter Simons
86d299bc6e nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH 
The man page for ssh-keygen(1) has a section "MODULI GENERATION" that describes
how to generate your own moduli file. The following script might also be helpful:

 | #! /usr/bin/env bash
 |
 | moduliFiles=()
 |
 | generateModuli()
 | {
 |   ssh-keygen -G "moduli-$1.candidates" -b "$1"
 |   ssh-keygen -T "moduli-$1" -f "moduli-$1.candidates"
 |   rm "moduli-$1.candidates"
 | }
 |
 | for (( i=0 ; i <= 16 ; ++i )); do
 |   let bitSize="2048 + i * 128"
 |   generateModuli "$bitSize" &
 |   moduliFiles+=( "moduli-$bitSize" )
 | done
 | wait
 |
 | echo >moduli "# Time Type Tests Tries Size Generator Modulus"
 | cat >>moduli "${moduliFiles[@]}"
 | rm "${moduliFiles[@]}"

Note that generating moduli takes a long time, i.e. several hours on a fast
machine!

This patch resolves https://github.com/NixOS/nixpkgs/pull/5870.
 2015-05-22 16:28:45 +02:00
William A. Kennington III
31a273cb14 nixos/tinc: users are system users 2015-05-21 20:11:13 -07:00
William A. Kennington III
4ed8cdc3d4 nixos/bird: Fix doc compilation 2015-05-20 18:53:54 -07:00
lassulus
9d07c54fa1 nixos: add bird module 
patch bird to look in /var/run for birc.ctl
 2015-05-19 15:42:24 +02:00
Arseniy Seroka
946e7dca61 Merge pull request #7842 from dezgeg/pr-nix-serve 
nix-serve: Add nixos module
 2015-05-14 22:44:43 +03:00
Tuomas Tynkkynen
fd8cb1ff2d nix-serve: Add nixos module 
This allows sharing the Nix store of the machine as a binary cache
simply by setting 'services.nix-serve.enable = true'.
 2015-05-14 12:27:28 +03:00
Eelco Dolstra
fc8011ad8d Ensure that nscd, sshd are created as system users 
c0f70b4694 removed the fixed uid
assignment, but then it becomes necessary to set isSystemUser.

http://hydra.nixos.org/build/22182588
 2015-05-13 16:23:36 +02:00
William A. Kennington III
2806491cc4 nixos/consul: Add shell for health checks 2015-05-11 17:44:07 -07:00
William A. Kennington III
b6e26aa8df nixos/consul: Support a config directory for health checks 2015-05-11 16:45:04 -07:00
William A. Kennington III
1938dc9b54 nixos/consul: Remove the joinNodes and joinRetries options as they are now built in consul options 2015-05-11 16:27:53 -07:00
Arseniy Seroka
c0727fb751 Merge pull request #7788 from Lassulus/charybdis 
add charybdis nixos module
 2015-05-11 12:57:58 +03:00
lassulus
304cab2b46 add charybdis nixos module 2015-05-11 11:38:53 +02:00
William A. Kennington III
074c4a7f78 Merge remote-tracking branch 'upstream/master' into staging 2015-05-07 01:44:49 -07:00
Stephen Weinberg
a6ebccfbb8 Sane default configuration for sabnzbd module 
Added option to set user. Use unpriviledged user by default. Add sane
default for configuration location.
 2015-05-05 00:18:22 -04:00
Vladimír Čunát
30f31c9afc Merge 'master' into staging 
(relatively simple conflicts)
 2015-04-26 22:52:08 +02:00
Jaka Hudoklin
ff095f5002 nixos: add node docker registry server 2015-04-25 16:16:34 +02:00
Emery Hemingway
34f1c39fe0 nixos: fix cjdns json config 
filter extraneous attributes from config modules
 2015-04-25 09:40:44 -04:00
Jaka Hudoklin
b5114de4ac nixos: add racoon ipsec IKE deamon 2015-04-25 15:31:27 +02:00
Luca Bruno
db3b86560f GNOME 3.16.1, closes #7357 2015-04-25 12:02:33 +02:00
Edward Tjörnhammar
4ea47155af Merge pull request #7498 from k0ral/sslh 
sslh: argument to -F can no longer be separated from the option by a space
 2015-04-23 21:35:46 +02:00
Oliver Matthews
a498b28322 wait for filesystem before starting btsync; bump to latest package version 2015-04-23 13:09:34 +00:00
koral
88ce17b6e1 sslh: argument to -F can no longer be separated from the option by a space 2015-04-21 16:29:25 +00:00
Nicolas B. Pierron
7585d42d2b Fix #7354 - Accept _module attributes added to every submodule. 2015-04-20 23:58:32 +02:00
Nikolay Amiantov
0f5d5f9d12 lambdabot: add named pipe for incoming commands 2015-04-20 18:56:48 +03:00
Eelco Dolstra
c0f70b4694 Remove fixed uids for nscd, sshd 
These services don't create files on disk, let alone on a network
filesystem, so they don't really need a fixed uid. And this also gets
rid of a warning coming from <= 14.12 systems.
 2015-04-19 22:06:45 +02:00