Naïm Favier
b294762bb9
nixos/libreswan: use environment.etc."ipsec.secrets".text
...
This is to ensure compatibility with the networkmanager module, which
uses the `text` option.
2024-11-20 19:59:02 +01:00
TobTobXX
26fbd1adbe
nixos/bind: Fix cacheNetworks option
...
services.bind.cacheNetworks should only apply to recursive queryies, as
per the option documentation:
> Note that this is for recursive queries – all networks are allowed to
> query zones configured with the zones option by default [...].
This would correspond to the `allow-query-cache` option in named.conf,
as per the BIND docs[1]:
> Specifies which hosts (an IP address list) can access this server’s
> cache and thus effectively controls recursion.
And not `allow-query`, which restricts all requests (including requests
where the server has authority) [2]:
> Specifies which hosts (an IP address list) are allowed to send queries
> to this resolver.
> [...]
> Note:
> `allow-query-cache` is used to specify access to the cache.
[1]: https://bind9.readthedocs.io/en/v9.20.0/reference.html#namedconf-statement-allow-query-cache
[2]: https://bind9.readthedocs.io/en/v9.20.0/reference.html#namedconf-statement-allow-query
2024-11-20 10:47:06 +01:00
Jordan Williams
dde8ee1179
nixos/shairport-sync: restart the systemd service on failure
...
This ensures shairport-sync is running, even after crashes.
2024-11-19 06:51:12 -06:00
Martin Joerg
0afba0d517
python312Packages.magic-wormhole-mailbox-server: 0.4.1 -> 0.5.1
...
https://github.com/magic-wormhole/magic-wormhole-mailbox-server/compare/refs/tags/0.4.1...refs/tags/0.5.1
https://github.com/magic-wormhole/magic-wormhole-mailbox-server/blob/0.5.1/NEWS.md
Python 3.12 is now supported
2024-11-18 07:37:49 +00:00
royce-c
9af100479c
nixos/chrony: fix memory locking issue with graphene-hardened-light
...
The chronyd.service fails with 'graphene-hardened-light' unless enableMemoryLocking is set to false.
2024-11-17 16:07:36 -08:00
Jared Baur
027e77778c
nixos/hostapd: allow octothorpe characters in SAE password
...
The `saePasswordsFile` option mentions that lines beginning with `#` are
ignored, however the current regexp ignores all lines with `#` located
anywhere in the line. In order to better fit the documentation, the
regexp has been changed to only allow `#` at the beginning of the line,
with optional whitespace.
2024-11-17 11:39:17 -08:00
Tom Fitzhenry
a2337e4f6c
nixos/spiped: use systemctl restart during activation
...
As is common with other networking services, stopIfChanged=true (the default) can cause O(seconds) downtime during activation.
Reduce this downtime by disabling stopIfChanged as done in:
* sshd https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/networking/ssh/sshd.nix#L569
* tailscale https://github.com/NixOS/nixpkgs/pull/170210
2024-11-17 20:39:25 +11:00
Tom Fitzhenry
235d103ff7
nixos/clatd: add enableNetworkManagerIntegration option
2024-11-17 20:38:55 +11:00
jopejoe1
95b30da133
nixos/shairport-sync: add package option ( #355985 )
2024-11-16 03:12:02 +01:00
Yaroslav Bolyukin
4b8fee2274
nixos/netbird: fix coturn configuration
2024-11-15 21:05:56 +01:00
Weijia Wang
cedd087b81
globalprotect-openconnect: Reinstate v1 ( #355758 )
2024-11-15 18:25:57 +01:00
Colin
c00cdccd00
nixos/teleport: add required utils to path ( #332810 )
2024-11-15 13:16:39 +00:00
Jordan Williams
697fa78c9a
nixos/shairport-sync: add package option
2024-11-15 06:47:24 -06:00
bb2020
93d38a29e0
nixos/minidlna: add option
2024-11-15 15:18:54 +03:00
bb2020
547251956b
nixos/minidlna: remove with lib
2024-11-15 15:18:43 +03:00
Colin
9bd0271b22
nixos/minidlna: add package option ( #345770 )
2024-11-15 06:29:43 +00:00
Rahul Rameshbabu
b6bac07973
globalprotect-openconnect: Reformat expressions using RFC style
...
The original work did not use the new nixfmt style.
Signed-off-by: Rahul Rameshbabu <sergeantsagara@protonmail.com>
2024-11-14 09:28:04 -08:00
Rahul Rameshbabu
8f2fa04fd9
Revert "globalprotect-openconnect: remove deprecated 1.x package"
...
This reverts commit b08d6a664f
2024-11-13 13:41:34 -08:00
Franz Pletz
bb6d800c3a
iwd: update settings documentation ( #352989 )
2024-11-06 12:17:24 +01:00
Guilhem Saurel
71f467fc88
iwd: update settings documentation
...
The link https://iwd.wiki.kernel.org/networkconfigurationsettings is
currently broken, as it redirect to the 404
https://archive.kernel.org/oldwiki/iwd.wiki.kernel.org/networkconfigurationsettings ; the correct link is
https://archive.kernel.org/oldwiki/iwd.wiki.kernel.org/networkconfigurationsettings.html but it is marked as obsolete, and tell the user to read the iwd.network(5) man.
Co-authored-by: Franz Pletz <fpletz@fnordicwalking.de>
2024-11-06 11:10:42 +01:00
Sandro
a633b5fb12
OpenVPN: don't fail to restart stopped units ( #345993 )
2024-11-06 01:16:43 +01:00
Sandro Jäckel
22fea14d11
nixos/tftpd: cleanup
2024-11-04 15:55:13 +01:00
Sandro Jäckel
8440f6cc6f
nixos/tftpd: format with nixmft-rfc-style
2024-11-04 15:54:39 +01:00
Sandro Jäckel
7e6a0edf64
nixos/tftpd: remove with lib
2024-11-04 15:49:59 +01:00
PAEPCKE, Michael
a58c8fee1e
nixos/wg-access-server: bugfix dns.enabled (yaml)
2024-11-01 17:09:34 +00:00
Nico Felbinger
9e608d46a9
nixos/suricata: add description fields for configuration
2024-11-01 14:42:53 +01:00
Yureka
959cb6b020
nixos/fastnetmon-advanced: set dbus implementation to dbus-broker
...
Fixes "Failed to restart gobgp.service: Transport endpoint is not connected"
Fixes the nixos test
Change-Id: I96fe6ce8e69ec3038b349d45a8046ed93333dddb
2024-10-31 01:50:34 +01:00
DCsunset
acda73926d
nixos/murmur: support setting user and group for service
2024-10-30 08:21:48 +00:00
DCsunset
2f0c3c88cb
nixos/murmur: support setting custom state directory
2024-10-30 08:21:48 +00:00
Aleksana
dbe33f99b7
nixos/soju: use message-store instead of deprecated log in config ( #338650 )
2024-10-29 17:37:21 +08:00
Aleksana
5fd2f5aac6
tailscaled: Add option to disable Taildrop ( #346957 )
2024-10-29 17:19:31 +08:00
Nico Felbinger
32d516c84d
nixos/radicale: fix links to documentation
2024-10-28 19:56:12 +01:00
Felix Bühler
3f8d6caed2
nixos/xl2tpd: prefer 'install' over 'chmod/chown' ( #302388 )
2024-10-27 19:21:21 +01:00
Martin Weinelt
5e10c1522b
nixos/avahi-daemon: set up sandboxing ( #348406 )
2024-10-26 16:22:04 +02:00
Martin Weinelt
ca4f13857c
nixos/coturn: set up sandboxing ( #348396 )
2024-10-26 16:21:46 +02:00
Michele Guerini Rocco
9a415c28ae
dhcpcd: fix more permissions errors ( #351225 )
2024-10-26 02:00:23 +02:00
rnhmjoj
483e44684d
dhcpcd: fix permissions error with secondary IPv4 addresses
...
If dhcpcd receives a secondary IPv4 address from the DHCP server it
tries to enable automatic promotion from secondary to primary by writing
`1` to /proc/sys/net/ipv4/conf/%s/promote_secondaries.
2024-10-25 21:33:30 +02:00
Felix Bühler
29cdb4373e
pptpd: prefer 'install' over 'chmod/chown' ( #308085 )
2024-10-25 20:48:22 +02:00
Aadniz
4b44081827
nixos/searxng: limiter.toml reference moved
...
fd814aac86 (diff-c33cdfa4503c019bc49259acad45fc0a895a127b20ae3ffefaa12b7c439d4aa2)
2024-10-25 14:27:12 +02:00
Sefa Eyeoglu
15aad9d3a1
nixos/ntpd: cleanup; add tests ( #349633 )
2024-10-24 15:21:01 +02:00
Martin Weinelt
8a2439f1c2
nixos/avahi-daemon: set up sandboxing
2024-10-24 15:04:14 +02:00
rcerc
42d887adbf
nixos/supplicant: Always provide a first configuration file argument
...
`wpa_supplicant` refuses to start when `configFile.path == null` because this
omits the `-c` (‘Configuration file’) option, which it requires even if the
`-I` (‘additional configuration file’) option is provided. If `configFile.path
== null`, pass `extraConfFile` with `-c` instead of `-I` to prevent this.
2024-10-24 08:25:02 +02:00
Kerstin Humm
b12bcabd24
maintainers: remove erictapen from packages that I don't really maintain anymore
2024-10-22 12:32:29 +02:00
K900
099cde3a92
Revert "nixos/ssh: disable authorizedKeysInHomedir by default"
2024-10-20 21:32:29 +03:00
Jake Hillion
ba01c8bab3
nixos/resilio: set rslsync gid
2024-10-20 17:51:14 +01:00
nicoo
06929a6fb0
nixos/ssh: disable authorizedKeysInHomedir by default ( #309025 )
2024-10-20 16:19:25 +00:00
Tomo
8d642257fb
nodePackages.shout: drop ( #349715 )
2024-10-19 18:46:30 -07:00
Pyrox
4e632e9c3f
nixos/ntpd: Add hardening
2024-10-19 14:26:17 -04:00
Pyrox
53bc9450bc
nixos/ntpd: Use StateDirectory instead of a preStart script
2024-10-19 14:26:00 -04:00
Tomo
76c7c2dd88
nodePackages.shout: drop
...
shout has been deprecated since 2016:
90a62c56af#229475
2024-10-19 17:53:20 +00:00
