Commit graph

85 commits

Author SHA1 Message Date
Oliver Charles
8964667bcd hbase: New package and NixOS module 2014-11-24 14:40:47 +00:00
Jaka Hudoklin
73dc767aa0 nixos: add docker-registry module 2014-11-22 12:16:41 +01:00
Jaka Hudoklin
b3bc157f7f nixos: add etcd module 2014-11-21 13:54:45 +01:00
Emery Hemingway
21e4ff5624 initial liquidsoap service expression 2014-11-20 17:41:15 -05:00
William A. Kennington III
e33cccd686 nixos/ids: Fix systemd ids 2014-11-19 15:01:44 -08:00
William A. Kennington III
487e47a8e1 nixos/ids: Add systemd networking ids 2014-11-19 14:59:42 -08:00
Joachim Fasting
52f0553209 Add dnscrypt-proxy service
The dnscrypt-proxy service relays regular DNS queries to
a DNSCrypt enabled upstream resolver.
The traffic between the client and the upstream resolver is
encrypted and authenticated, which may mitigate the risk of
MITM attacks and third-party snooping (assuming a trustworthy
upstream).

Though dnscrypt-proxy can run as a standalone DNS client,
the recommended setup is to use it as a forwarder for a
caching DNS client.
To use dnscrypt-proxy as a forwarder for dnsmasq, do

```nix
{
  # ...

  networking.nameservers = [ "127.0.0.1" ];
  networking.dhcpcd.extraConfig = "nohook resolv.conf";

  services.dnscrypt-proxy.enable = true;
  services.dnscrypt-proxy.localAddress = "127.0.0.1";
  services.dnscrypt-proxy.port = 40;

  services.dnsmasq.enable = true;
  services.dnsmasq.extraConfig = ''
    no-resolv
    server=127.0.0.1#40
    listen-address=127.0.0.1
  '';

  # ...
}
```
2014-11-11 22:47:19 +01:00
Edward Tjörnhammar
c329e5bbd9 i2pd: added package, service 2014-11-09 09:55:35 +01:00
Domen Kožar
14631cec82 nixos: prosody was clashing with seeks unix ids 2014-10-20 17:22:01 +02:00
Matej Cotman
561d3b3860 seeks: nixos module 2014-10-13 13:10:49 +02:00
Joachim Schiele
df95acd13c Merge pull request #3960 from flosse/prosody-service
Prosody service
2014-10-11 23:10:05 +02:00
Markus Kohlhase
d86c2c30c5 prosody: packaged as a service
Conflicts:
	nixos/modules/misc/ids.nix
2014-10-11 18:53:43 +02:00
Domen Kožar
b4a335cd59 nixos: add redmine service 2014-10-07 10:55:50 +02:00
Matej Cotman
5e18182a30 mailpile: add module 2014-09-26 10:49:09 +02:00
William A. Kennington III
9a90ce0bf7 nixos/ids: Add consul 2014-09-26 01:44:14 -07:00
Bjørn Forsman
753d9d4e4f nixos/samba: remove services.samba.defaultShare option
It's not that difficult to define shares using standard samba config
file syntax, so why do we need the semi-configurable .defaultShare
option?

Also:
 * It uses /home/smbd and I think /home should be reserved
   for real human users.
 * If enabled, it breaks the assumption that .extraConfig continues in
   the [global] section.

Without .defaultShare there is no need for the "smbguest" user and group
either, mark them as unused.
2014-09-24 18:31:20 +02:00
Jaka Hudoklin
c396ee9912 nixos: add collectd module 2014-09-17 18:33:50 +02:00
Rickard Nilsson
66ee6e03e7 pulseaudio: Use group audio instead of pulse-access 2014-09-03 13:24:47 +02:00
Sergey Mironov
2b72edad9b yandex-disk: fix the url; introduce systemd.service #2228 2014-09-03 12:36:29 +04:00
Rickard Nilsson
56102642fa pulseaudio: Add pulse-access group, controlling access to the system-wide PA daemon 2014-09-03 10:25:36 +02:00
Michael Raskin
a49caa77e7 Add IDs for uhub service 2014-09-01 10:53:19 +04:00
Paul Colomiets
adbb9ff796 dnsmasq: upgrade to 2.71, fixed dnsmasq module
* The module now has systemd config

* Add resolveLocalQueries option which sets up it as a dns server for
  local host (including reasonable setup of resolvconf)

* Add "dnsmasq" user for running daemon

* Enabled dbus and dnssec support for the package

Conflicts:
	nixos/modules/misc/ids.nix
2014-08-28 11:39:03 -07:00
Nathan Bijnens
ac90177cb1 Zookeeper 2014-08-27 13:01:30 +02:00
William A. Kennington III
aa77fe0fb0 nixos/radvd: Convert to a systemd unit
Additionally, remove the automatic initialization of the ipv6 forwarding
sysctl as this should be handled by the end user. This really should not
be an issue as most people running radvd are likely forwarding ipv6
packets.
2014-08-24 03:12:55 -07:00
Rickard Nilsson
b1d225b645 Add NixOS module for the Riemann dashboard server 2014-08-23 17:40:22 +02:00
Rickard Nilsson
e9252cb35e Add NixOS module for Riemann monitoring server. 2014-08-23 17:40:22 +02:00
Jaka Hudoklin
84ea03fa3f nixos: add neo4j database module 2014-08-23 13:11:09 +04:00
Edward Tjörnhammar
1615be91ef Add mlmmj package and nixos module. 2014-08-23 12:30:45 +04:00
Emery Hemingway
af09d3ebd8 siproxd: initial service expression 2014-08-19 10:19:52 -04:00
William A. Kennington III
24368beed8 nixos/dhcpd: Use dhcp user instead of nobody 2014-08-13 15:08:43 -05:00
Vladimír Čunát
87c3c0e885 Merge master into #2129
Conflicts (easy, just UID shifted):
	nixos/modules/misc/ids.nix
	nixos/modules/module-list.nix
2014-08-12 19:24:08 +02:00
Luca Bruno
1a29fcae69 gdm: Add very experimental display manager 2014-08-12 11:23:42 +02:00
William A. Kennington III
dfb596b49b nixos/unifi: Add service module 2014-08-05 21:40:47 -05:00
Paul Colomiets
9bc1676e5a Upgrade docker to 1.1.2 and add docker module
This version of module has disabled socketActivation, because until
nixos upgrade systemd to at least 214, systemd does not support
SocketGroup. So socket is created with "root" group when
socketActivation enabled. Should be fixed as soon as systemd upgraded.

Includes changes from #3015 and supersedes #3028
2014-07-28 21:45:49 +02:00
Rickard Nilsson
212f476c97 Add NixOS module for Mopidy, a music player daemon 2014-07-28 19:52:32 +02:00
Emery Hemingway
e5988bf4dd polipo: new service expression 2014-07-16 11:29:40 -04:00
Marc Weber
672adc126e nixos: add 'firebird' group
The firebird module complains without missing 'firebird' group, add it.
2014-07-08 00:00:33 +02:00
Alex Berg
7b768ba2f5 Merge remote-tracking branch 'nixos/master' into feature/add-znc-module
Conflicts:
	nixos/modules/misc/ids.nix
2014-07-03 11:30:11 -05:00
Shea Levy
b3cfb9084b Get all lib functions from lib, not pkgs.lib, in modules 2014-07-02 12:28:18 -04:00
Austin Seipp
3eb2d1e03e nixos: add gitolite module
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-06-25 22:54:18 -05:00
Alex Berg
9af1e2ab51 Add ZNC module. Has zncConfOptions or specify full conf file. 2014-06-26 05:44:32 +02:00
Christoph Hrdinka
8daaa28ac8 nsd-service: add service module for nsd 2014-06-12 11:20:43 +02:00
Jaka Hudoklin
66456c0798 nixos: add influxdb module 2014-05-27 22:56:36 +02:00
Alexei Robyn
4fa4518875 Add TeamSpeak 3 server & service module (close #2056)
Conflicts (trivial):
	lib/maintainers.nix
	nixos/modules/misc/ids.nix
2014-05-27 17:30:26 +02:00
Austin Seipp
368a677c97 nixos: overhaul datadog module
This overhauls the Datadog module a bit to be much more useful. In
particular, it adds support for nginx and postgresql monitoring
integrations to dd-agent. These have to exist in separate files under
/etc/dd-agent, so the module just exposes then as separate options. In
the future, more integrations could be added this way.

In the process of doing this, I also had to rename the dd-agent user to
datadog. Note the UIDs did not change, so this is strictly backwards
compatible. The reason for this is to make it easier to create a
'datadog' postgres user with access to pg_stats, as 'dd-agent' typically
isn't a valid username. This allows the out of the box configurations to
be used.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-02 01:24:35 -05:00
Eelco Dolstra
a142d68b43 Fix some uid/gid attributes to match the actual user/group name 2014-04-29 10:51:42 +02:00
Eelco Dolstra
0e23a175de Allocate system uids/gids between 400 and 500
Previously it was between 100 and 500, but this can already collide
with the static uids/guid in misc/ids.nix.
2014-04-29 10:45:06 +02:00
Alexander Kjeldaas
5065802b3a Added TCSD (Trusted Computing Group Software Stack (TSS) daemon).
Start tcsd after systemd-udev-settle and run it in foreground.
2014-04-22 14:05:09 +02:00
Austin Seipp
ae207efc07 nixos: add spiped service module
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-15 03:33:47 -05:00
Austin Seipp
42954a2d20 Fix hydra UID
The style for IDs dictates that groups/users should have the same ID -
so if a user doesn't have a group or vice versa, then we should skip
that ID.

In this case, we had already assigned grsecurity GID 121, but I
accidentally also assigned Hydra UID 121. Instead, let's assign Hydra
UID 122. And also assign a GID (122) as well.

Luckily nobody was depending on this yet (except me).

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-15 02:29:13 -05:00