dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
508,050 Commits 3 Branches 0 Tags 4.3 GiB
7539b8f2d7
Commit Graph

3345 Commits

Author SHA1 Message Date
Florian Klink
7539b8f2d7
Merge pull request #244841 from flokli/networkmanager-fix-ppp-plugin 
nixos/networkmanager: create pppd lock directory
 2023-07-26 17:44:35 +02:00
Sandro Jäckel
83793ca898
nixos/fonts: rename fonts.enableDefaultFonts to fonts.enableDefaultPackages 
to better fit the renamed fonts.packages
 2023-07-25 00:55:25 +02:00
Lassulus
ceaab39b40
Merge pull request #230196 from doronbehar/nixos/syncthing 
nixos/syncthing: Use API to merge / override configurations
 2023-07-24 08:38:50 +02:00
Pol Dellaiera
a30cc10e7f
Merge pull request #242703 from jwygoda/tailscaled-autoconnect 
nixos/tailscale: add authKeyFile option
 2023-07-24 04:48:42 +02:00
Doron Behar
047fa8dbdf nixos/syncthing: Use API to merge / override configurations 
If one sets either of `override{Device,folder}s` to false, the jq `*`
operator doesn't merge well the devices and folders, creating duplicate
IDs for folders as observed in #230146. This PR makes the script iterate
via Nix / Bash loop the devices and folders IDs and merges the keys
using upstream's `curl -X POST` support for single objects.

Hence this commit fixes #230146.
 2023-07-23 18:22:33 +03:00
Florian Klink
02a5e9c933 nixos/networkmanager: create pppd lock directory 
I digged up some 3G stick, which uses ppp to set up the connection.

It failed to spin up ppp, because ppp failed to find the directory it wants to create its lockfiles in:

```
Jul 22 16:47:49 tp ModemManager[926779]: <info>  [modem1] state changed (connected -> disconnecting)
Jul 22 16:47:49 tp ModemManager[926779]: <info>  [modem1] simple connect started...
Jul 22 16:47:49 tp ModemManager[926779]: <info>  [modem1] simple connect state (4/10): wait to get fully enabled
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] state changed (disconnecting -> registered)
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] simple connect state (5/10): wait after enabled
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1/bearer0] connection #11 finished: duration 1s
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] simple connect state (6/10): register
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] simple connect state (7/10): wait to get packet service state attached
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] simple connect state (8/10): bearer
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] simple connect state (9/10): connect
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] state changed (registered -> connecting)
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] state changed (connecting -> connected)
Jul 22 16:47:50 tp ModemManager[926779]: <info>  [modem1] simple connect state (10/10): all done
Jul 22 16:47:50 tp pppd[1576260]: Plugin /nix/store/yqdqzz6y6agcmrfj8b6pwqhjcjyb3ypr-networkmanager-1.42.6/lib/pppd/2.5.0/nm-pppd-plugin.so loaded.
Jul 22 16:47:50 tp NetworkManager[1576260]: Plugin /nix/store/yqdqzz6y6agcmrfj8b6pwqhjcjyb3ypr-networkmanager-1.42.6/lib/pppd/2.5.0/nm-pppd-plugin.so loaded.
Jul 22 16:47:50 tp pppd[1576260]: nm-ppp-plugin: initializing
Jul 22 16:47:50 tp pppd[1576260]: pppd 2.5.0 started by root, uid 0
Jul 22 16:47:50 tp pppd[1576260]: Can't create lock file /var/run/pppd/lock/LCK..ttyUSB0: No such file or directory
Jul 22 16:47:50 tp NetworkManager[1576260]: Can't create lock file /var/run/pppd/lock/LCK..ttyUSB0: No such file or directory
Jul 22 16:47:50 tp pppd[1576260]: nm-ppp-plugin: status 2 / phase 'serial connection'
Jul 22 16:47:50 tp pppd[1576260]: Exit.
Jul 22 16:47:50 tp pppd[1576260]: nm-ppp-plugin: status 0 / phase 'dead'
Jul 22 16:47:50 tp pppd[1576260]: nm-ppp-plugin: cleaning up
```

Creating the directories via tmpfiles.d got the connection to succeed,
and might also fix other connections using PPP.
 2023-07-22 17:00:17 +03:00
Felix Bühler
0a2745684e
Merge pull request #239624 from Stunkymonkey/use-optionalString-then 
treewide: use optionalString instead of 'then ""'
 2023-07-22 13:02:47 +02:00
Nick Cao
0b411c1e04
Merge pull request #244750 from therishidesai/rdesai/fix-hostapd-hardening 
nixos/hostapd: add AF_PACKET to RestrictAddressFamilies
 2023-07-21 21:16:22 -06:00
Rishi Desai
efba841aeb nixos/hostapd: add AF_PACKET to RestrictAddressFamilies 2023-07-21 21:11:14 -05:00
Lassulus
f8ad4849c3
Merge pull request #233386 from Lassulus/syncthing-fix 2023-07-22 01:02:04 +02:00
Ilan Joselevich
b0db3b7c11
nixos/twingate: fix cp (-n -> --update=none) 2023-07-21 19:57:57 +03:00
Jarosław Wygoda
7fc0e3334e nixos/tailscale: add authKeyFile option 
Auth key registers new nodes without needing to sign in via a browser

Tailscale sends status changes with systemd-notify.
https://github.com/tailscale/tailscale/blob/v1.44.0/ipn/ipnlocal/local.go#L3670
 2023-07-17 18:52:07 +02:00
Colin
e7059632c6 nixos/trust-dns: init 
Co-authored-by: Yt <happysalada@tuta.io>
 2023-07-16 15:24:10 +08:00
Nick Cao
d9dd68efda
Merge pull request #243004 from baloo/baloo/keepalived/vrrp-router-id 
keepalived: fixup `virtualRouterId` documentation
 2023-07-15 05:36:10 -06:00
Arthur Gautier
ee38adc8e2 keepalived: use ints.between 
Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
 2023-07-14 20:52:48 +00:00
Lassulus
a4ffd00fb9
Merge pull request #243251 from schnusch/cgit-regex 
nixos/cgit: fix \v and \f in regexEscape
 2023-07-14 22:03:44 +02:00
schnusch
8980fdd9b5 nixos/cgit: fix \v and \f in regexEscape 2023-07-14 21:14:01 +02:00
Arthur Gautier
c8920fc6d9 keepalived: fixup virtualRouterId documentation 
Router id 0 is an invalid option with keepalived
 2023-07-12 06:12:03 +00:00
chayleaf
4d4c73ff78 treewide: update path to getent 2023-07-12 02:32:23 +07:00
Ryan Lahfa
7be83143e8
Merge pull request #222536 from oddlama/master 2023-07-08 14:36:18 +02:00
Ryan Lahfa
0d2f526dbb
Merge pull request #241462 from SuperSandro2000/remove-ddclient 2023-07-08 14:33:00 +02:00
Ilan Joselevich
160edcf2c5
nixos/twingate: add package option and test 2023-07-07 20:03:54 +03:00
Sandro Jäckel
d35df28f65
ddclient: remove package and module on upstream maintainer request 2023-07-04 16:46:53 +02:00
Felix Bühler
e770737241
Update nixos/modules/services/networking/libreswan.nix 
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
 2023-07-02 19:03:19 +02:00
oddlama
1fa9f03eec
nixos/hostapd: rewrite to support multi-AP, password from file, and more 
At this point this is basically a full rewrite of this module, which
is a breaking change and was necessary to properly expose the useful
parts of hostapd's config. The notable changes are:

- `hostapd` is now started with additional systemd sandbox/hardening options
- A single-daemon can now manage multiple distinct radios and BSSs, which is
  why all configuration had to be moved into `hostapd.radios`
- By default WPA3-SAE will be used, but WPA2 and WPA3-SAE-TRANSITION are
  supported, too
- Added passwordFile-like options for wpa and sae
- Add new relevant options for MAC ACL, WiFi5, WiFi6 and WiFi7 configuration
- Implements RFC42 as far as reasonable for hostapd
- Removes `with lib;`
 2023-07-02 13:32:41 +02:00
TQ Hirsch
dd481f2ee3
pdns: Changed paths in /etc to use pdns instead of powerdns 2023-07-01 18:55:51 +08:00
TQ Hirsch
d25e5e2107
nixos/powerdns, nixos/pdns-recurser: Symlink configuration into /etc 
This places a symlink to the running configuration where the admin
tools expect it, allowing users to control the powerdns server or
recursor without manually specifying a config file.
 2023-07-01 18:55:50 +08:00
Michele Guerini Rocco
aedc167ecf
Merge pull request #240325 from 999eagle/update/searxng 
nixos/searx: add configuration for redis and limiter settings
 2023-06-30 22:22:43 +02:00
Sandro Jäckel
000004d123
nixos/thelounge: fix example rendering 2023-06-30 18:14:24 +02:00
Sandro Jäckel
9999996fd6
nixos/sshd: fix example rendering 2023-06-30 18:14:16 +02:00
Sophie Tauchert
0aa5adef62
nixos/searx: add configuration for redis and limiter settings 2023-06-30 07:38:59 +02:00
lassulus
345745b6da nixos/syncthing: fix syncthing-init running by default 
also remove empty values from the config
 2023-06-29 17:57:11 +03:00
lassulus
c42a7b668c Revert "Merge pull request #233377 from ncfavier/revert-226088" 
This reverts commit 7b28ea6783, reversing
changes made to 3009b12817.
 2023-06-29 17:56:30 +03:00
Nick Cao
e52b401a95
nixos/sing-box: set umask 0077 when generating configuration file 2023-06-27 16:08:55 +08:00
Nick Cao
d2483a8cc7
nixos/sing-box: init 2023-06-27 13:58:02 +08:00
Marco Rebhan
af614b53d1 nixos/avahi: Add package option 
Allows replacing the avahi package (e.g. for debugging) without having
to use an overlay, avoiding unnecessary package rebuilds.
 2023-06-25 11:01:58 -03:00
Felix Buehler
6672dde558 treewide: use optionalAttrs instead of 'else {}' 2023-06-25 11:01:34 -03:00
Felix Buehler
933a41a73f treewide: use optional instead of 'then []' 2023-06-25 09:11:40 -03:00
Felix Buehler
f3719756b5 treewide: use optionalString instead of 'then ""' 2023-06-24 20:19:19 +02:00
Nick Cao
cca08f710c
Merge pull request #237507 from Alexis211/document-wgautomesh-gossip-secret 
wgautomesh: clearer documentation for `gossip_secret_file`
 2023-06-24 22:48:34 +08:00
Naïm Favier
9a9ded1675
nixos/syncthing: fix escaping 2023-06-23 20:19:51 +02:00
Sandro
0b77630d18
Merge pull request #209068 from CRTified/adguard-dhcp 2023-06-20 13:37:34 +02:00
rnhmjoj
7d263715bd nixos/fakeroute: run as unprivileged user 2023-06-20 01:12:04 +00:00
deinferno
26ff15b981
nixos/tailscale: fix ipv6 nat (v6nat) support 2023-06-16 12:18:55 +00:00
Carl Richard Theodor Schneider
59207cc930 nixos/adguardhome: Add allowDHCP option 
This option conditionally adds the `CAP_NET_RAW` capability to the service,
which is mandatory for enabling the integrated DHCP server.
It also adds another test case to validate that the DHCP server successfully
provides IP addresses to clients.

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
 2023-06-15 12:27:35 +02:00
Pol Dellaiera
f45bee3f4d
Merge pull request #237003 from pacien/ddclient-remove-ipv6-opt 
nixos/ddclient: remove obsolete ipv6 option
 2023-06-14 19:57:34 +02:00
Alex Auvolat
bbd4ce7d5e wgautomesh: clearer documentation for gossip_secret_file 2023-06-13 10:01:12 +02:00
Marillindië
e394dc22f9 xray: allow binding lower ports 
Set CapabilityBoundingSet, AmbientCapabilities and NoNewPrivileges as described in XTLS/xray-install.
 2023-06-11 09:03:50 +01:00
pacien
76cabe1644 nixos/ddclient: remove obsolete ipv6 option 
Since ddclient@24ba945 (v3.10.0), the type and meaning of the "ipv6"
option has changed. This resulted in the following warning when
starting the service:

    WARNING:  file /run/ddclient/ddclient.conf, line 13:
    Invalid Value for keyword 'ipv6' = 'no'

This therefore removes the matching boolean option.
More advanced configurations can use the "extraConfig" option instead.
 2023-06-10 11:25:54 +02:00
Sergey Ivanov
bbc56fd1c7
gnunet: fix systemd service config (#151269) 
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
 2023-06-09 16:33:51 +00:00