dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
630,523 Commits 3 Branches 0 Tags 4.3 GiB
5d515c373e
Commit Graph

3829 Commits

Author SHA1 Message Date
github-actions[bot]
90461ffe37
Merge master into staging-next 2024-03-20 12:01:15 +00:00
lassulus
b82a5ef764 nixos/mycelium: init 2024-03-20 03:56:58 +01:00
github-actions[bot]
ac91cf83c1
Merge master into staging-next 2024-03-18 00:02:20 +00:00
Sandro
1f212fd6e6
Merge pull request #289025 from tcheronneau/issue-288907 
nixos/tinyproxy: fix the quotes around the filter path
 2024-03-17 23:33:42 +01:00
github-actions[bot]
60fbf92c10
Merge master into staging-next 2024-03-16 18:01:00 +00:00
Janik H.
847a53742c
nixos/networkmanager: ensure-profiles, make sure networkmanager is running 2024-03-16 18:11:58 +01:00
github-actions[bot]
cecf050e96
Merge master into staging-next 2024-03-13 12:01:25 +00:00
Pol Dellaiera
55251f1ffc
Merge pull request #295547 from Janik-Haag/unbound 
nixos/unbound: drop networkmanager since it doesn't support unbound anymore
 2024-03-13 10:33:52 +01:00
Janik H.
4147e50f18
nixos/unbound: drop networkmanager since it doesn't support unbound anymore 2024-03-13 09:50:56 +01:00
Pol Dellaiera
c35c016e5d
Merge pull request #295529 from Janik-Haag/networkmanager-drop-unbound 
nixos/networkmanager: drop unbound form dns servers
 2024-03-13 09:04:58 +01:00
Janik H.
a97e56ae28
nixos/networkmanager: drop unbound form dns servers 
upstream dropped unbound in 5da17c689b
 2024-03-13 08:31:52 +01:00
annalee
8e038835fe
Merge remote-tracking branch 'upstream/master' into staging-next 2024-03-13 00:38:07 +00:00
Felix Buehler
1e22e7d75e nixos/murmur: fix writing registerPassword to config 2024-03-12 21:19:24 +01:00
github-actions[bot]
06e5eb63d3
Merge staging-next into staging 2024-03-11 18:01:53 +00:00
Sandro
869ec01e56
Merge pull request #294286 from SuperSandro2000/unbound-remote-config-check 2024-03-11 16:06:31 +01:00
Pierre Allix
cf625fe5f0 nixos/networkmanager: add doc about nm profiles interaction with resolvconf 2024-03-11 12:55:27 +01:00
Guanran Wang
a6857b00fe
nixos/mihomo: init 2024-03-11 09:51:36 +08:00
github-actions[bot]
973ef4b818
Merge staging-next into staging 2024-03-10 06:01:30 +00:00
Peder Bergebakken Sundt
4a4a70ca31
Merge pull request #280836 from numinit/nebula-port-zero 
nixos/nebula: default to port 0 for hosts other than lighthouse/relay
 2024-03-10 05:01:04 +01:00
Sandro Jäckel
67c1193fab
nixos/unbound: disable checkconf when remote-control is used 
Closes #293001
 2024-03-08 15:34:00 +01:00
maxine
d231374084
Merge pull request #288873 from amaxine/networkmanager_1.46 
networkmanager: 1.44.2 → 1.46.0
 2024-03-08 09:52:14 +00:00
Diogo Correia
9b7e02dd4b
nixos/dnsproxy: init module 2024-03-07 23:26:59 +00:00
Guillaume Girol
dc9a74e61e
Merge pull request #291934 from e1mo/bird-lg-1-3-5 
bird-lg: 1.3.1 -> 1.3.5
 2024-03-03 15:50:42 +01:00
Sandro
5ad27da222
Merge pull request #291907 from SuperSandro2000/tailscaled-flags 2024-03-01 13:54:54 +01:00
Sandro
daa33a4bf7
Merge pull request #287299 from SuperSandro2000/unbound-checkconf 
nixos/unbound: check validity of config file
 2024-03-01 00:33:36 +01:00
Robert Schütz
3330e3c9c3 nixos/searx: use lib.getExe 2024-02-28 17:51:24 -08:00
pennae
b71ca1c90a
Merge pull request #291922 from NixOS/mosquitto-2 
nixos/mosquitto: remove stutter in acl file name
 2024-02-28 02:06:01 +01:00
e1mo
43fee5401d
nixos/bird-lg: Update option description to indicate new features 
In release v1.3.3[0] support for CIDRs was added, thus updated the
option description to indicate the new support for that.

[0]: https://github.com/xddxdd/bird-lg-go/releases/tag/v1.3.3
 2024-02-27 23:54:21 +01:00
Sandro
f9477e3a75
Merge pull request #209506 from Izorkin/update-dhcpcd-exit-hook 
nixos/dhcpcd: optimize exitHook
 2024-02-27 23:01:22 +01:00
Sandro
4c88c797b8
nixos/mosquitto: remove stutter in acl file name 2024-02-27 22:15:43 +01:00
Sandro Jäckel
6753857664
nixos/tailscale: add option to pass flags to tailscaled 2024-02-27 20:08:08 +01:00
pennae
13aff9b34c
Merge pull request #259937 from charmoniumQ/patch-1 
nixos/mosquitto: fix ACL permissions
 2024-02-26 22:58:40 +01:00
Pol Dellaiera
f9ef0053c5
Merge pull request #288401 from katexochen/bees/refactor 
bee: refactor & update; bee{-unstable,-clef}: remove; maintainers: remove attila-lendvai
 2024-02-23 20:12:41 +01:00
Maxine Aubrey
e1863b4f79
nixos/networkmanager: support stable-ssid for cloned MAC addresses 2024-02-22 18:37:13 +01:00
Adam C. Stephens
d1e2847664
Merge pull request #281000 from cablespaghetti/master 
sabnzbd: Add configurability of state directory owner and firewall
 2024-02-21 08:37:46 -05:00
Morgan Jones
32f56d7266
nixos/nebula: fix port resolution for firewall rules 2024-02-17 15:07:27 -08:00
Stanisław Pitucha
2eed715fbf
nixos/go-camo: init 2024-02-17 20:45:49 +01:00
Jörg Thalheim
5c84f89310 nixos/tinc: fix user to not include . in its name 
sysusers does not like . in the user name.
 2024-02-16 13:36:28 +01:00
Izorkin
1293f046b5
nixos/dhcpcd: optimize exitHook 2024-02-16 10:12:52 +03:00
Thomas
149fb601dd
nixos/tinyproxy: add quotes around the filter path 
Using already existing function
 2024-02-15 16:25:04 +01:00
Vladimír Čunát
aaca7a186f
Merge #286596: nixos/knot: add support for XDP setups 2024-02-15 09:19:59 +01:00
Michele Guerini Rocco
cd02351ae0
Merge pull request #233017 from koenw/libreswan-StateDirectory 
nixos/libreswan: Use StateDirectory to setup ipsec/nss
 2024-02-14 14:36:43 +01:00
Michele Guerini Rocco
dc91f91987
Merge pull request #286393 from oddlama/fix-hostapd-utf8-ssid 
nixos/hostapd: fix utf8Ssid setting not properly honored
 2024-02-14 14:08:46 +01:00
Martin Weinelt
ec89463a61
nixos/knot: refactor 
- Stop using `with lib`
- Drop `lib.mdDoc`
- Use `escaepSystemdExecArgs` for escaping
 2024-02-13 13:44:32 +01:00
Martin Weinelt
d1d8dd3e55
nixos/knot: add support for XDP setups 
The Express Data Path (XDP) is a way to circumvent the traditional Linux
networking stack and instead run an eBPF program on your NIC, that makes
the decision to provide Knot with certain packets. This is way faster
and more scalable but comes at the cost of reduced introspection.

Unfortunately the `knotc conf-check` command fails hard with missing
interfaces or IP addresses configured in `xdp.listen`, so we disable it
for now, once the `xdp` config section is set. We also promote the config
check condition to a proper option, so our conditions become public
documentation, and we allow users to deal with corner cases, that we have
not thought of yet.

We follow the pre-requisites documented in the Knot 3.3 manual, and set
up the required capabilities and allow the AF_XDP address family.

But on top of that, due to our strict hardening, we found two more
requirements, that were communicated upstream while debugging this.

- There is a requirement on AF_NETLINK, likely to query for and configure
  the relevant network interface
- Running eBPF programs requires access to the `bpf` syscall, which we
  deny through the `~@privileged` configuration.

In summary We now conditionally loosen the hardening of the unit once we
detect that an XDP configuration is wanted. And since we cannot
introspect arbitrary files from the `settingsFiles` option, we expose XDP
support through the `enableXDP` toggle option on the module.
 2024-02-13 13:44:31 +01:00
Paul Meyer
ce0a47cd2c maintainers: remove attila-lendvai 2024-02-12 23:10:03 +01:00
Paul Meyer
11eef97f3c bee-clef: remove 2024-02-12 23:10:03 +01:00
Sandro Jäckel
80e79ded15
nixos/unbound: check validity of config file 2024-02-12 22:49:03 +01:00
Sam Weston
c49e6bf8b8 nixos/sabnzbd: use stateDirectory and mkIf-ify user/group creation 2024-02-11 16:49:08 +00:00
Sam Weston
d3d5b72c65 nixos/sabnzbd: add openFirewall 2024-02-11 16:48:05 +00:00
Lin Jian
f3a93440fb
Merge pull request #285813 from jerrita/nft-precheck-flatten 
nixos/nftables: add option for flattening rulesetFile
 2024-02-11 10:41:17 +08:00
Peder Bergebakken Sundt
6f55f021df
Merge pull request #287304 from ambroisie/pyload-user-group 
nixos/pyload: add user/group options
 2024-02-10 14:59:23 +01:00
Peder Bergebakken Sundt
5caded32fe
Merge pull request #277189 from anpin/fix/cloudflared-service 
cloudflared: fixed missing configuration options
 2024-02-10 12:45:08 +01:00
Silvan Mosberger
11cd405226
Merge pull request #280322 from h7x4/add-hocon-format-generator 
pkgs.formats: Add HOCON format generator
 2024-02-10 03:07:51 +01:00
Silvan Mosberger
5de4385620
Merge pull request #285833 from 360ied/murmur-hardened 
nixos/murmur: systemd service hardening
 2024-02-10 02:48:46 +01:00
github-actions[bot]
b64b4f2d6a
Merge master into staging-next 2024-02-09 18:01:06 +00:00
Will Fancher
0cf1e24f32
Merge pull request #284627 from Trundle/nftables-ordering 
nixos/nftables: remove default systemd dependencies
 2024-02-09 12:29:24 -05:00
h7x4
39a779e269
treewide: use formats.hocon 2024-02-09 16:40:22 +01:00
Bruno BELANYI
c14f029dae nixos/pyload: add user/group options 2024-02-08 20:27:14 +00:00
github-actions[bot]
03dd2b9470
Merge master into staging-next 2024-02-07 12:01:11 +00:00
Sergei Trofimovich
275855d632 nixos: hostapd: drop unused crda package import 2024-02-06 22:45:01 +00:00
jerrita
e686847d20
nixos/nftables: add option for flattening rulesetFile 
Co-authored-by: Lin Jian <me@linj.tech>
 2024-02-05 11:27:16 +08:00
360ied
11cf6ab0dd nixos/murmur: systemd service hardening 
Murmur provides an official systemd service file in their repo,
which contains various service hardening settings:

c4b5858d14/auxiliary_files/config_files/mumble-server.service.in (L7)

The service configuration in nixpkgs does not include these hardening settings.

This commit adds the hardening settings to the murmur service in nixpkgs.
This drops the `systemd-analyze security` score of murmur.service from 9.2 (UNSAFE) to 2.1 (OK).
 2024-02-04 21:23:34 -05:00
oddlama
b7f29692c0
nixos/hostapd: fix utf8Ssid setting not properly honored 2024-02-05 00:52:08 +01:00
Martin Weinelt
27fa02d0f1
Merge remote-tracking branch 'origin/staging-next' into staging 
Conflicts:
-	pkgs/development/compilers/llvm/10/clang/default.nix
- pkgs/development/compilers/llvm/8/clang/default.nix
 2024-02-01 12:25:11 +01:00
Andreas Stührk
fc6c92faf3 nixos/nftables: remove default systemd dependencies 
With DefaultDependencies enabled, systemd adds "After=basic.target" to
service units. `basic.target` has a dependency on `sockets.target`, so
the `nftables` has (amongst others) the following order constraints:

* Before=network-pre.target
* After=sockets.target

Those constraints are often unsatisfiable. For example, `systemd-networkd`
has a dependency `After=network-pre.target`. When a socket unit now uses
`BindToDevice=` on a device managed by `networkd`, a timeout occurs
because `networkd` waits for `network-pre.target`, but
`network-pre.target` depends (through nftables) on `sockets.target`, but
the device to bind the socket to is never brought up, as this would
happen through `networkd`.

This is fixed by removing the implicit dependency on `basic.target`.
 2024-01-31 23:26:05 +01:00
Peder Bergebakken Sundt
19159ced3e
Merge pull request #249523 from greizgh/seafile-10 
Seafile 10
 2024-01-31 17:13:54 +01:00
Peder Bergebakken Sundt
9118823ed3
Merge pull request #226532 from SuperSandro2000/dhcpcd 
dhcpcd: change files after patching; nixos/dhcpcd: link dhcpcd.conf to /etc/ to fix dhcpcd -k
 2024-01-31 16:43:54 +01:00
Yureka
a6c64fbd39
nixos/strongswan-swanctl: add includes option for secrets (#284742) 2024-01-30 12:47:33 +01:00
h7x4
ba5f81a6b6
Merge pull request #276547 from ambroisie/pyload-module 
nixos/pyload: init module
 2024-01-30 12:29:46 +01:00
Franz Pletz
3432be07e4
Merge pull request #278555 from leona-ya/kresd-port-only-regex 2024-01-30 00:41:53 +01:00
Sandro Jäckel
1af95a24c1
nixos/dhcpcd: link dhcpcd.conf to /etc/ to fix dhcpcd -k 2024-01-27 18:12:55 +01:00
Thomas Gerbet
117fd19a77
Merge pull request #276306 from ambroisie/aria2-rpc-secret-file 
nixos/aria2: implement 'rpcSecretFile'
 2024-01-27 00:46:56 +01:00
maxine
642317d03f
Merge pull request #283618 from SuperSandro2000/tailscale-resoleconf 
nixos/tailscale: make resolvconf package depending on enablement of module
 2024-01-26 22:41:14 +01:00
Lassulus
da25b2382d
Merge pull request #280373 from h7x4/treewide-use-new-tmpfiles-api 
treewide: use new tmpfiles API
 2024-01-26 10:47:18 +01:00
Robert Schütz
8433938f9b
Merge pull request #283617 from SuperSandro2000/headscale 
nixos/headscale: install package system wide
 2024-01-25 13:40:29 -08:00
Bruno BELANYI
d3a1465196 nixos/aria2: implement 'rpcSecretFile' 
Since this is supposed to be a secret, use a file path as an input
instead of making it part of the expression, which would expose it in
the nix store.
 2024-01-25 21:36:21 +00:00
Ryan Lahfa
6fe2736c6f
Merge pull request #246055 from Tom-Hubrecht/netbird 
nixos/netbird: Allow running multiple netbird networks in parallel
 2024-01-25 20:08:58 +01:00
rnhmjoj
1a1b91b3b9
nixos/dnsdist: add options for dnscrypt 2024-01-25 18:25:40 +01:00
Tom Hubrecht
c2d822e6b0 nixos/netbird: Allow running multiple netbird networks in parallel 2024-01-25 17:25:59 +01:00
Sandro Jäckel
922351ec86
nixos/tailscale: make resolvconf package depending on enablement of module 
If resolvconf is not enabled, trying to use it always fails because
/etc/resolvconf.conf contains an `exit 1`.
 2024-01-25 15:50:36 +01:00
Sandro Jäckel
9f395dae71
nixos/headscale: install package system wide 
this is required to confirm nodes and generally manage everything
 2024-01-24 23:00:54 +01:00
Vladimír Čunát
7f979aeb86
nixos/knot: allow specifying the clear section 
It was added in 3.3.4.  I'm not sure if it will be useful with NixOS
services, but I added it in the usual way anyway.
 2024-01-24 10:33:55 +01:00
h7x4
f5d513c573
treewide: use new tmpfiles api 2024-01-24 05:13:17 +01:00
Bruno BELANYI
70d0a6e547 nixos/pyload: init 2024-01-23 15:04:44 +00:00
Ryan Lahfa
5b14fea3d6
Merge pull request #280405 from RaitoBezarius/keepalived-unicast 
nixos/networking/keepalived: do not emit `unicastPeers` when there are none
 2024-01-22 22:43:29 +01:00
Raito Bezarius
08c9562995 keepalived: add myself as a maintainer 
I will use this for a while, so… let's keep it tidy.
 2024-01-22 21:56:04 +01:00
h7x4
5f5210aa20
Merge pull request #281606 from MarcelCoding/bird-no-auto-restart 
nixos/bird2: add option to disable auto reload
 2024-01-22 01:24:37 +01:00
Morgan Jones
cdd95bd39c
nixos/nebula: default to port 0 for hosts other than lighthouse/relay 2024-01-20 19:29:32 -08:00
Jade Lovelace
fe474ed61a nixos: fix remaining services for network-online dep fix 2024-01-19 00:11:34 -08:00
Jade Lovelace
1b514b3e10 fix: rxe under network-online.target change [UNSURE IF CORRECT] 2024-01-19 00:11:34 -08:00
Jade Lovelace
c80398e5d2 nixos/ircd-hybrid: fix evaluation error 2024-01-19 00:11:34 -08:00
Jade Lovelace
6c5ab28fce nixos: fix a bunch of services missing dep on network-online.target 
This was done by generating a truly hilarious configuration:

rg 'services\.[^.]+\.enable\t' opts-tags | cut -f1 > allonconfig.nix

The following were not tested due to other evaluation errors. They
should probably be manually audited.
services.amule
services.castopod
services.ceph
services.chatgpt-retrieval-plugin
services.clamsmtp
services.clight
services.dante
services.dex
services.discourse
services.dwm-status
services.engelsystem
services.foundationdb
services.frigate
services.frp
services.grocy
services.guacamole-client
services.hedgedoc
services.home-assistant
services.honk
services.imaginary
services.jitsi-meet
services.kerberos_server
services.limesurvey
services.mastodon
services.mediawiki
services.mobilizon
services.moodle
services.mosquitto
services.nextcloud
services.nullmailer
services.patroni
services.pfix-srsd
services.pgpkeyserver-lite
services.postfixadmin
services.roundcube
services.schleuder
services.self-deploy
services.slskd
services.spacecookie
services.statsd
services.step-ca
services.sympa
services.tsmBackup
services.vdirsyncer
services.vikunja
services.yandex-disk
services.zabbixWeb
 2024-01-19 00:11:34 -08:00
Jade Lovelace
ce602cc0aa nixos/kea: also want network-online.target 2024-01-18 16:28:42 -08:00
Adithya Nair
8b5644684e
nixos/frp: use toml configFile 
According to upstream, the INI configuration file is deprecated and
TOML/YAML/JSON is recommended.
Link: https://github.com/fatedier/frp/tree/dev#configuration-files
 2024-01-18 21:37:40 +05:30
Franz Pletz
ed2ea66bbf
Merge pull request #278539 from Ma27/sshd-socket-activation-ports 
nixos/sshd: fix socket activated ports when using ListenAddress
 2024-01-17 23:27:52 +01:00
Marcel
a63a884c00
nixos/bird2: add option to disable auto reload 
In a critical setup of bird with many BGP sessions,
you want to control the exact time when configuration
changes are applied. Therefore, an option was added,
to disable automatic reloading the systemd unit,
when configuration changes are made. The administrator
how has the ability to control how changes are applied.
 2024-01-17 20:09:34 +01:00
Franz Pletz
35c015ff91
nixos/ntpd-rs: fix metrics service 2024-01-17 15:06:20 +01:00
Thiago Kenji Okada
401d16acd0
Merge pull request #247256 from lucasew/xrdp-audio 
xrdp: add support for audio
 2024-01-16 10:06:51 +00:00
Franz Pletz
9707745cf8
nixos/ntpd-rs: init 2024-01-14 17:34:42 +01:00
lucasew
44ae5fe211 nixos/xrdp: add audio.enable option 
Signed-off-by: lucasew <lucas59356@gmail.com>
 2024-01-13 12:42:06 -03:00
maxine
a3ada00f8a
Merge pull request #280472 from martiert/fcc-unlock 
nixos/modemmanager: Add qmicli and mbimcli when using fccUnlockScripts
 2024-01-13 15:45:11 +01:00
Ryan Lahfa
08d0afbbdf
Merge pull request #239028 from chayleaf/miniupnpd 
miniupnpd-nftables: init at 2.3.3
 2024-01-12 20:17:33 +01:00
Martin Ertsås
3e3fea8653
nixos/modemmanager: Add qmicli and mbimcli when using fccUnlockScripts 
The ModemManager shipped fccUnlockScripts are using either qmicli or
mbimcli, to unlock wwan modems. These needs to be available for
ModemManager if you set the fccUnlockScripts link, so instead of having
every user than needs it pull it inn in different ways, we should just
provide the tools if we think they might be needed.

https://modemmanager.org/docs/modemmanager/fcc-unlock
 2024-01-12 11:53:44 +01:00
Raito Bezarius
3ecaad0e0e nixos/networking/keepalived: do not emit unicastPeers when there are none 
In the past, we emitted `unicast_peer` block even with empty unicast peers list.

This now results in:
```
Keepalived_vrrp[392762]: A unicast keyword has been specified without any unicast peers. Defaulting to multicast. This usage is deprecated - please update your configuration.
```

We do not emit it anymore to avoid this warning.
 2024-01-12 03:52:39 +01:00
Florian Klink
3d1fe1445c
Merge pull request #279433 from wentasah/nsswitch-mdns 
nixos/avahi-daemon: let nssmdns{4,6} options affect also non-minimal …
 2024-01-11 13:21:24 +02:00
Michal Sojka
e23da86b18 nixos/avahi-daemon: let nssmdns{4,6} options affect also non-minimal mdns source 
This is a followup to commit bba808dbfa ("nixos/avahi-daemon:
resolve mdns only over enabled protocols, disable ipv6 by default",
2023-10-01, PR #258424). mdns occurs twice in /etc/nsswitch.conf but
that commit changed only the first one (mdns_minimal, before resolve).
This commits ensures that both occurrences are set consistently.

This is not only consistent with upstream example[1] but it also
fixes #118628 -- a longstanding issue with CUPS and printer detection.

[1]  https://github.com/avahi/nss-mdns#activation
 2024-01-07 18:16:40 +01:00
Guillaume Girol
73f0f9c21c
Merge pull request #275902 from williamvds/dnsmasq_docs 
nixos/dnsmasq: Add documentation
 2024-01-06 23:04:40 +01:00
Lin Jian
c55537aa04
Merge pull request #278500 from Ten0/fix_avahi_ipv6_defaultText 
nixos/avahi: fix incorrect defaultText of nixos option services.avahi.ipv6
 2024-01-07 02:54:04 +08:00
Benedikt Tissot
c1d8fd1a89 nixos/ddclient: make ExecStartPre a list 
this enables to exetend ExecStartPre while keeping the default inplace.
 2024-01-05 16:36:45 +01:00
Thomas BESSOU
a85739af7e nixos/avahi: Fix incorrect defaultText of services.avahi.ipv6 
This seems to have been forgotten in bba808dbfa, where we changed the default from `config.networking.enableIPv6` to `false`.
 2024-01-05 15:29:22 +01:00
Leona Maroni
9abc79018c
nixos/kresd: fix port only regex 
The output is expected to be a list [ hostname, port, optional ipv6 scope ], but the
current regex only outputs [ port ], when only a port is given as address.
 2024-01-03 21:18:54 +01:00
Maximilian Bosch
7e45990c06
nixos/sshd: fix socket activated ports when using ListenAddress 
Noticed that issue while reviewing #275633: when declaring
`ListenAddress host` without a port, all ports declared by
`Port`/`cfg.ports` will be used with `host` according to
`sshd_config(5)`.

However, if this is done and socket activation is used, only a socket
for port 22 is created instead of a sockets for each port from
`Port`/`cfg.ports`. This patch corrects that behavior.

Also added a regression test for this case.
 2024-01-03 19:42:45 +01:00
Maximilian Bosch
cfd8c0ddd8
Merge pull request #275633 from chreekat/b/sshd-config-check 
sshd: Use top-level ports in config check when needed
 2024-01-03 16:25:08 +01:00
williamvds
da61f0320f
dnsmasq: Add documentation 2024-01-02 22:07:25 +00:00
Bryan Richter
e797aaea0b
sshd: Use top-level ports in config check when needed 
Previously, if a listenAddress was specified without a `port`, the check
would fail.
 2024-01-02 12:51:39 +02:00
Nick Cao
3d6243a6a9
Merge pull request #276430 from hellodword/patch-1 
nixos/tailscale: fix after and wants
 2024-01-01 15:52:50 -05:00
nikstur
af87c19427 nixos/yggdrasil: replace activationScript 
Replace with separate service because it cannot be moved into the
preStart of the yggdrasil service.
 2023-12-29 03:22:27 +01:00
Pavel Anpin
3ca696729b
cloudflared: fixed missing configuration options 2023-12-27 22:50:00 +01:00
nikstur
c9569af3e0
Merge pull request #271326 from philiptaron/shutdown.target 
treewide: depend on `shutdown.target` if `DefaultDependencies=no` in almost every case
 2023-12-27 08:33:26 +01:00
Martin Weinelt
d4c4e0269d
Merge pull request #274460 from mweinelt/kea-ipc-runtimedir 
nixos/kea: return to merged runtime directory; preserve runtime directories
 2023-12-27 02:08:14 +01:00
Sandro Jäckel
f029a8a10d
nixos/harmonia: restart systemd service 2023-12-24 19:54:11 +01:00
hellodword
26c2ed1c95
nixos/tailscale: fix after and wants 2023-12-24 09:44:46 +00:00
Mario Rodas
2ba8c30b4e
Merge pull request #252790 from anthonyroussel/gns3-nixos-module 
nixos/gns3-server: init
 2023-12-23 09:27:39 -05:00
Yonghan Ching 庄勇翰
5fff7f4078 Update zerotierone.nix per input 
Nothing will happen now when `cfg.localConf == null`
 2023-12-19 12:34:03 +00:00
Yonghan Ching 庄勇翰
7b83a839dc Fix bash prestart script syntax error 2023-12-19 12:34:03 +00:00
Yonghan Ching 庄勇翰
996bbe5bd9 delete trailing whitespace at row 70 2023-12-19 12:34:03 +00:00
Yonghan Ching 庄勇翰
8af401d3cf Update zerotierone.nix per input 
Changed `services.zerotierone.localConf` default value to `null` and type to `nullOr attrs` per input.

Changed `systemd` preStart script to delete
 `/var/lib/zerotier-one/local.conf` when it is a symlink, and rename when it is an actual file, then only create a symlink to the nix store when `services.zerotierone.localConf` is not null.
 2023-12-19 12:34:03 +00:00
Yonghan Ching 庄勇翰
b233faab82 Update zerotierone.nix 2023-12-19 12:34:03 +00:00
Yonghan Ching 庄勇翰
36791bab6a Update zerotierone.nix 2023-12-19 12:34:03 +00:00
Yonghan Ching 庄勇翰
0b357293e8 Update zerotierone.nix 2023-12-19 12:34:03 +00:00
Yonghan Ching 庄勇翰
097f2b6737 Update zerotierone.nix 
Added option to write zerotier's local.conf in nix.
 2023-12-19 12:34:03 +00:00
Franz Pletz
cbb38bf7b7
Merge pull request #264869 from h7x4/nixos-module-cleanup-quicktun 
nixos/quicktun: clean up module, add tests
 2023-12-15 20:14:39 +01:00
Martin Weinelt
9f6a054517
nixos/kea: preserve shared runtime directory 
When one service gets restarted it may otherwise remove the shared
runtime directory for all kea services.

The idea for this solution was provided by Jeffrey C. Ollie in
https://github.com/NixOS/nixpkgs/issues/265826#issuecomment-1841424019.

Closes: #265826
 2023-12-15 13:56:08 +01:00
Martin Weinelt
cd6ccb1737 Revert "kea: use separate runtime directories for each service" 
This reverts commit 413011ddf4.

Using separate lockfile directories prevents the different kea daemons
from using the interprocess sync lockfile.

Keeping the runtime directory around might be the better approach.
 2023-12-15 13:51:19 +01:00
Linus Heckemann
ed25c9936e
Merge pull request #267693 from nbraud/nixos/wpa_supplicant/umask 
nixos/wpa_supplicant: Ensure the generated config isn't world-readable
 2023-12-14 15:09:22 +01:00
Linus Heckemann
feed24c54b
Merge pull request #270704 from Avaq/avaq/vdirsync-fix-statuspath 
nixos/vdirsyncer: fix config.statusPath option
 2023-12-14 13:56:34 +01:00
Philip Taron
36ac922271
nixos/jigasi: update to use literalExpression 
I saw this trace when building my system configuration this morning:

```
lazy-options.json> trace: warning: literalExample is deprecated, use literalExpression instead, or use literalMD for a non-Nix description.
```

This warning was introduced in https://github.com/NixOS/nixpkgs/pull/237557.

The option this commit changes was introduced in https://github.com/NixOS/nixpkgs/pull/137003.
 2023-12-13 08:20:59 -08:00
Nick Cao
6f78967190
Merge pull request #273951 from schnusch/nixos/tinyproxy 
nixos/tinyproxy: fix services.tinyproxy.package
 2023-12-13 09:41:21 -05:00
schnusch
1cf853b9de nixos/tinyproxy: fix services.tinyproxy.package 2023-12-13 11:50:27 +01:00
Morgan Jones
5fd6ebdbef
nixos/nebula: wait for start notification to prevent startup race 2023-12-12 19:25:38 -08:00
Ben Wolsieffer
ded5462398 nixos/syncthing: add databaseDir option 
#264753 mistakenly used the dataDir option to set the -data argument.
This broke existing configurations because -data used to be set to
configDir (implicitly, using the -home option, which is equivalent to
setting -config and -data to the same value).

Fix this by introducing a new databaseDir option sets -data and defaults
to configDir. This maintains the existing behavior by default while
still allowing users to specify separate config and database
directories.
 2023-12-11 20:52:37 -05:00
Florian Klink
1c09cb43ce nixos/avahi: rename remaining config options 
services.avahi.nssmdns got split into services.avahi.nssmdns{4,6},
nothing should access the old alias anymore so there's no eval warnings.

Reported in https://github.com/NixOS/nixpkgs/pull/258424#issuecomment-1849428869
 2023-12-11 09:36:15 +02:00
Nick Cao
d374eafed6
Merge pull request #273224 from s-sinnlos/ddclient-docs-fix 
nixos/ddclient: Update link to protocols documentation
 2023-12-10 11:48:54 -05:00
Florian Klink
672d103402
Merge pull request #258424 from SuperSandro2000/nss-mdns-timeout 
nixos/avahi-daemon: resolve mdns over only over ipv4
 2023-12-10 15:34:14 +02:00
s-sinnlos
08c9bcc627 nixos/ddclient: Update link to protocols documentation 
Link to maintained docs on https://ddclient.net/
 2023-12-10 00:38:57 +01:00
nicoo
a351c9b530 nixos/wpa_supplicant: Ensure the generated config isn't world-readable 
Otherwise, `environmentFile` cannot be used to pass secrets in.
 2023-12-09 21:33:55 +00:00
Lassulus
b8ca5f4f46
Merge pull request #137003 from yayayayaka/add-pkg-jigasi 
jigasi: init at 1.1-311-g3de47d0 + module
 2023-12-09 02:28:50 +01:00
Maciej Krüger
a2595d975f
Merge pull request #272508 from jacobgreenleaf/jg-teamspeak3-protos 2023-12-08 18:17:37 +01:00
Nick Cao
d79786694d
Merge pull request #270355 from sinanmohd/iwd-resolvconf 
nixos/iwd: fix broken dhcp dns configuration
 2023-12-08 10:58:25 -05:00