movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-23 01:41:05 +03:00
Code Activity
608012 commits 224 branches 129 tags 8.5 GiB
Commit graph

3748 commits

Author SHA1 Message Date
Felix Bühler
0a2745684e
Merge pull request #239624 from Stunkymonkey/use-optionalString-then 
treewide: use optionalString instead of 'then ""'
 2023-07-22 13:02:47 +02:00
Nick Cao
0b411c1e04
Merge pull request #244750 from therishidesai/rdesai/fix-hostapd-hardening 
nixos/hostapd: add AF_PACKET to RestrictAddressFamilies
 2023-07-21 21:16:22 -06:00
Rishi Desai
efba841aeb nixos/hostapd: add AF_PACKET to RestrictAddressFamilies 2023-07-21 21:11:14 -05:00
rnhmjoj
c7c288fbd5
nixos/dnscrypt-wrapper: avoid using polkit 2023-07-22 02:12:31 +02:00
Lassulus
f8ad4849c3
Merge pull request #233386 from Lassulus/syncthing-fix 2023-07-22 01:02:04 +02:00
Ilan Joselevich
b0db3b7c11
nixos/twingate: fix cp (-n -> --update=none) 2023-07-21 19:57:57 +03:00
rnhmjoj
1f28c8defc
nixos/jool: validate the configuration 
This checks the validity of both NAT64 and SIIT configurations
at build time. An error produces something like this:

    Validating Jool configuration... Error: Cannot parse '283.0.113.1' as an IPv4 address.
 2023-07-21 09:08:40 +02:00
rnhmjoj
4657ff6ca7
nixos/jool: add service for setting up SIIT/NAT64 2023-07-21 09:07:54 +02:00
Jarosław Wygoda
7fc0e3334e nixos/tailscale: add authKeyFile option 
Auth key registers new nodes without needing to sign in via a browser

Tailscale sends status changes with systemd-notify.
https://github.com/tailscale/tailscale/blob/v1.44.0/ipn/ipnlocal/local.go#L3670
 2023-07-17 18:52:07 +02:00
Colin
e7059632c6 nixos/trust-dns: init 
Co-authored-by: Yt <happysalada@tuta.io>
 2023-07-16 15:24:10 +08:00
Nick Cao
d9dd68efda
Merge pull request #243004 from baloo/baloo/keepalived/vrrp-router-id 
keepalived: fixup `virtualRouterId` documentation
 2023-07-15 05:36:10 -06:00
Arthur Gautier
ee38adc8e2 keepalived: use ints.between 
Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
 2023-07-14 20:52:48 +00:00
Lassulus
a4ffd00fb9
Merge pull request #243251 from schnusch/cgit-regex 
nixos/cgit: fix \v and \f in regexEscape
 2023-07-14 22:03:44 +02:00
schnusch
8980fdd9b5 nixos/cgit: fix \v and \f in regexEscape 2023-07-14 21:14:01 +02:00
Philipp Bartsch
30ad9053ab nixos/murmur: add apparmor policy 2023-07-13 11:11:01 +02:00
Arthur Gautier
c8920fc6d9 keepalived: fixup virtualRouterId documentation 
Router id 0 is an invalid option with keepalived
 2023-07-12 06:12:03 +00:00
chayleaf
4d4c73ff78 treewide: update path to getent 2023-07-12 02:32:23 +07:00
Ryan Lahfa
7be83143e8
Merge pull request #222536 from oddlama/master 2023-07-08 14:36:18 +02:00
Ryan Lahfa
0d2f526dbb
Merge pull request #241462 from SuperSandro2000/remove-ddclient 2023-07-08 14:33:00 +02:00
Ilan Joselevich
160edcf2c5
nixos/twingate: add package option and test 2023-07-07 20:03:54 +03:00
tv
0ab3a1fd78 nixos/nftables: add redirect for /etc/hosts 2023-07-05 13:56:27 +02:00
tv
75e405c156 nixos/nftables: use environment.etc for redirects 2023-07-05 13:56:16 +02:00
tv
9e51ec86e7 nixos/nftables: add checkRulesetRedirects option 2023-07-05 13:55:34 +02:00
Sandro Jäckel
d35df28f65
ddclient: remove package and module on upstream maintainer request 2023-07-04 16:46:53 +02:00
Felix Bühler
e770737241
Update nixos/modules/services/networking/libreswan.nix 
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
 2023-07-02 19:03:19 +02:00
oddlama
1fa9f03eec
nixos/hostapd: rewrite to support multi-AP, password from file, and more 
At this point this is basically a full rewrite of this module, which
is a breaking change and was necessary to properly expose the useful
parts of hostapd's config. The notable changes are:

- `hostapd` is now started with additional systemd sandbox/hardening options
- A single-daemon can now manage multiple distinct radios and BSSs, which is
  why all configuration had to be moved into `hostapd.radios`
- By default WPA3-SAE will be used, but WPA2 and WPA3-SAE-TRANSITION are
  supported, too
- Added passwordFile-like options for wpa and sae
- Add new relevant options for MAC ACL, WiFi5, WiFi6 and WiFi7 configuration
- Implements RFC42 as far as reasonable for hostapd
- Removes `with lib;`
 2023-07-02 13:32:41 +02:00
TQ Hirsch
dd481f2ee3
pdns: Changed paths in /etc to use pdns instead of powerdns 2023-07-01 18:55:51 +08:00
TQ Hirsch
d25e5e2107
nixos/powerdns, nixos/pdns-recurser: Symlink configuration into /etc 
This places a symlink to the running configuration where the admin
tools expect it, allowing users to control the powerdns server or
recursor without manually specifying a config file.
 2023-07-01 18:55:50 +08:00
Michele Guerini Rocco
aedc167ecf
Merge pull request #240325 from 999eagle/update/searxng 
nixos/searx: add configuration for redis and limiter settings
 2023-06-30 22:22:43 +02:00
Sandro Jäckel
000004d123
nixos/thelounge: fix example rendering 2023-06-30 18:14:24 +02:00
Sandro Jäckel
9999996fd6
nixos/sshd: fix example rendering 2023-06-30 18:14:16 +02:00
Sophie Tauchert
0aa5adef62
nixos/searx: add configuration for redis and limiter settings 2023-06-30 07:38:59 +02:00
lassulus
345745b6da nixos/syncthing: fix syncthing-init running by default 
also remove empty values from the config
 2023-06-29 17:57:11 +03:00
lassulus
c42a7b668c Revert "Merge pull request #233377 from ncfavier/revert-226088" 
This reverts commit 7b28ea6783, reversing
changes made to 3009b12817.
 2023-06-29 17:56:30 +03:00
Nick Cao
e52b401a95
nixos/sing-box: set umask 0077 when generating configuration file 2023-06-27 16:08:55 +08:00
Nick Cao
d2483a8cc7
nixos/sing-box: init 2023-06-27 13:58:02 +08:00
Marco Rebhan
af614b53d1 nixos/avahi: Add package option 
Allows replacing the avahi package (e.g. for debugging) without having
to use an overlay, avoiding unnecessary package rebuilds.
 2023-06-25 11:01:58 -03:00
Felix Buehler
6672dde558 treewide: use optionalAttrs instead of 'else {}' 2023-06-25 11:01:34 -03:00
Felix Buehler
933a41a73f treewide: use optional instead of 'then []' 2023-06-25 09:11:40 -03:00
Felix Buehler
f3719756b5 treewide: use optionalString instead of 'then ""' 2023-06-24 20:19:19 +02:00
Nick Cao
cca08f710c
Merge pull request #237507 from Alexis211/document-wgautomesh-gossip-secret 
wgautomesh: clearer documentation for `gossip_secret_file`
 2023-06-24 22:48:34 +08:00
Naïm Favier
9a9ded1675
nixos/syncthing: fix escaping 2023-06-23 20:19:51 +02:00
Sandro
0b77630d18
Merge pull request #209068 from CRTified/adguard-dhcp 2023-06-20 13:37:34 +02:00
rnhmjoj
7d263715bd nixos/fakeroute: run as unprivileged user 2023-06-20 01:12:04 +00:00
deinferno
26ff15b981
nixos/tailscale: fix ipv6 nat (v6nat) support 2023-06-16 12:18:55 +00:00
Carl Richard Theodor Schneider
59207cc930 nixos/adguardhome: Add allowDHCP option 
This option conditionally adds the `CAP_NET_RAW` capability to the service,
which is mandatory for enabling the integrated DHCP server.
It also adds another test case to validate that the DHCP server successfully
provides IP addresses to clients.

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
 2023-06-15 12:27:35 +02:00
Pol Dellaiera
f45bee3f4d
Merge pull request #237003 from pacien/ddclient-remove-ipv6-opt 
nixos/ddclient: remove obsolete ipv6 option
 2023-06-14 19:57:34 +02:00
Alex Auvolat
bbd4ce7d5e wgautomesh: clearer documentation for gossip_secret_file 2023-06-13 10:01:12 +02:00
Marillindië
e394dc22f9 xray: allow binding lower ports 
Set CapabilityBoundingSet, AmbientCapabilities and NoNewPrivileges as described in XTLS/xray-install.
 2023-06-11 09:03:50 +01:00
pacien
76cabe1644 nixos/ddclient: remove obsolete ipv6 option 
Since ddclient@24ba945 (v3.10.0), the type and meaning of the "ipv6"
option has changed. This resulted in the following warning when
starting the service:

    WARNING:  file /run/ddclient/ddclient.conf, line 13:
    Invalid Value for keyword 'ipv6' = 'no'

This therefore removes the matching boolean option.
More advanced configurations can use the "extraConfig" option instead.
 2023-06-10 11:25:54 +02:00