William A. Kennington III
ec9c4143a7
nixos/firewall: Cleanup in case reload fails
2014-09-16 15:51:57 -07:00
William A. Kennington III
1321fd175d
nixos/nat: Leverage firewall module
2014-09-15 21:31:27 -07:00
William A. Kennington III
6a43d51291
nixos/firewall: Support extraStopCommands
2014-09-15 21:31:26 -07:00
William A. Kennington III
fd7b9b4291
nixos/firewall: Don't allow traffic during reload
2014-09-15 20:40:16 -07:00
Jaka Hudoklin
f7ba3d833f
nixos/znc: fix module, createUser option does not exist anymore
2014-09-13 02:20:32 +02:00
William A. Kennington III
bab5efd237
nixos/ssh: Allow user to configure the package that provides ssh/sshd
2014-09-11 22:07:39 -07:00
Aristid Breitkreuz
c3fe942a57
start dhcpcd after network-interfaces
2014-09-06 13:52:09 +02:00
aszlig
e8c4fde22d
nixos/nsd: Improve support for journald/systemd.
...
Don't fork into the background and just log to stderr.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
aszlig
6386df1645
nixos/nsd: Fix indentation/coding style.
...
For Nix, we indent using two spaces, but in this module somehow 4 spaces
were snuck in. Other than that, remoteControl and ratelimit are just
nested attribute sets, so we don't need to make another submodule type
for no particular reason.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
Luca Bruno
2ba523df24
nixos nat: add description to forwardPorts
2014-09-04 11:33:08 +02:00
Luca Bruno
e6ab680cbf
nixos nat: add type for sourcePort and destination of forwardPorts
2014-09-04 10:26:33 +02:00
Michael Raskin
4155121069
Merge pull request #3926 from lethalman/fwdports
...
nixos/nat: add forwardPorts for external->internal DNAT
2014-09-03 21:54:37 +04:00
Michael Raskin
3e841ef642
Fixing comment case
2014-09-03 20:03:15 +04:00
Michael Raskin
d1ae15b680
Merge pull request #3804 from ehmry/unbound
...
unbound: run in chroot
2014-09-03 11:45:20 +04:00
Nathan Bijnens
33a3f76ee4
Copy.com: client #3617
2014-09-03 11:31:51 +04:00
William A. Kennington III
9659d0f4fb
nixos/dnsmasq: Fix regressions during the systemd update
2014-09-02 17:23:55 -07:00
Vladimir Still
13bbce96c3
sshd: Fix typo in assetion.
2014-09-02 10:06:04 +02:00
Vladimir Still
a2394f09c7
sshd: Add note about listening on port 22 to listenAddresses.
2014-09-01 22:56:35 +02:00
Vladimir Still
ac39d839c3
sshd: Add note about firewall and listenAddresses.
2014-09-01 22:56:35 +02:00
Vladimir Still
e12337156c
sshd: Allow to specify ListenAddress.
2014-09-01 22:56:35 +02:00
Michael Raskin
a6dfb4dc28
Merge pull request #3241 from ehmry/cjdns
...
cjdns declarative configuration
2014-09-02 00:53:18 +04:00
Luca Bruno
b21ac60290
nixos/nat: add forwardPorts for external->internal DNAT
2014-09-01 22:31:56 +02:00
Luca Bruno
31b7cae018
nixos/znc: fix immutable config.
...
Fix references to coreutils echo and rm.
Make config writable even if immutable because of
https://github.com/znc/znc/blob/master/src/znc.cpp#L964 .
2014-09-01 16:21:12 +02:00
aszlig
29f4642284
nixos: Add new service for OpenNTPd.
...
This conflicts with the existing reference NTP daemon, so we're using
services.ntp.enable = mkForce false here to make sure both services
aren't enabled in par.
I was already trying to merge the module with services.ntp, but it would
have been quite a mess with a bunch of conditions on the package name.
They both have a bit in common if it comes to the configuration files,
but differ in handling of the state dir (for example, OpenNTPd doesn't
allow it to be owned by anything other than root).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-01 16:07:28 +02:00
Michael Raskin
9e3d1b1a8f
Merge pull request #3908 from wkennington/master.ip
...
Reapply the multi-ip code
2014-09-01 10:28:54 +04:00
Jan Malakhovski
8c9b6d932a
nixos: add dhcpcd.persistent option
2014-09-01 10:33:48 +04:00
Jan Malakhovski
99243a5c51
nixos: add atftpd service
2014-09-01 10:33:48 +04:00
Emery Hemingway
f60ac82cac
cjdns: new declarative service expression
...
systemd service wants network-interfaces.target rather than network.target
assertion on config.networking.enableIPv6
2014-08-31 18:14:16 -04:00
William A. Kennington III
3d037ebb94
Revert "Revert "Merge pull request #3182 from wkennington/master.ipv6""
...
This reverts commit ea8910652f
.
2014-08-31 09:46:16 -07:00
Rob Vermaas
ea8910652f
Revert "Merge pull request #3182 from wkennington/master.ipv6"
...
This reverts commit b23fd65854
, reversing
changes made to 43654cba2c
.
2014-08-31 10:58:54 +02:00
Nicolas B. Pierron
a5d6219897
Merge pull request #3864 from nbp/useless-submodules
...
Remove useless use of undocumented submodules.
2014-08-30 18:21:17 +02:00
William A. Kennington III
4d8390be60
nixos/network-interfaces: Support the old ip configuration convention
2014-08-30 08:05:00 -07:00
William A. Kennington III
098c8f4c77
nixos/network-interfaces: Add support for multiple ipv4 / ipv6 addresses
2014-08-30 07:33:38 -07:00
Michael Raskin
8937b70d07
Merge pull request #3344 from ehmry/privoxy
...
privoxy: upstart to systemd conversion, actions file editing
2014-08-30 14:19:57 +04:00
Nicolas Pierron
8c19690d99
Remove useless use of optionSet.
2014-08-29 18:43:03 +02:00
Nicolas Pierron
43e52ef001
Remove useless use of undocumented submodules.
2014-08-29 18:28:34 +02:00
Michael Raskin
844fd2553e
Merge pull request #3745 from wkennington/master.dnsmasq
...
dnsmasq: Update and enable dbus support
2014-08-29 01:43:41 +04:00
Michael Raskin
c42e7dfc0c
Merge pull request #3200 from wkennington/master.dhcpcd
...
nixos/dhcpcd: Add an explicit interfaces option
2014-08-29 01:09:22 +04:00
Paul Colomiets
adbb9ff796
dnsmasq: upgrade to 2.71, fixed dnsmasq module
...
* The module now has systemd config
* Add resolveLocalQueries option which sets up it as a dns server for
local host (including reasonable setup of resolvconf)
* Add "dnsmasq" user for running daemon
* Enabled dbus and dnssec support for the package
Conflicts:
nixos/modules/misc/ids.nix
2014-08-28 11:39:03 -07:00
aszlig
8a56a55bb4
nixos/manual: Use literalExample when feasible.
...
Should bring most of the examples into a better consistency regarding
syntactic representation in the manual.
Thanks to @devhell for reporting.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-27 23:41:15 +02:00
Emery Hemingway
e7597b12b8
privoxy: upstart to systemd conversion, actions file editing
...
fix missing actions and filters
2014-08-27 11:34:10 -04:00
Emery Hemingway
aedbfdff84
unbound: run in chroot
2014-08-26 21:24:09 -04:00
William A. Kennington III
aa77fe0fb0
nixos/radvd: Convert to a systemd unit
...
Additionally, remove the automatic initialization of the ipv6 forwarding
sysctl as this should be handled by the end user. This really should not
be an issue as most people running radvd are likely forwarding ipv6
packets.
2014-08-24 03:12:55 -07:00
William A. Kennington III
bc6979f7e1
nixos/dhcpcd: Don't configure sit devices
2014-08-14 14:06:56 -05:00
William A. Kennington III
a269acf480
nixos/dhcpcd: Use null instead of empty list to disable allowInterfaces
2014-08-14 14:05:55 -05:00
William A. Kennington III
320a82dd7f
nixos/dhcpcd: Add an explicit interfaces option
2014-08-14 14:05:55 -05:00
William A. Kennington III
d0c0c2f9ba
nixos/dhcpd: Wait until network interfaces are configured to start
2014-08-13 15:08:43 -05:00
William A. Kennington III
b3ddcfabd9
nixos/dhcpd: Convert to systemd from upstart
2014-08-13 15:08:43 -05:00
William A. Kennington III
24368beed8
nixos/dhcpd: Use dhcp user instead of nobody
2014-08-13 15:08:43 -05:00
William A. Kennington III
4fbf120e84
nixos/dhcpd: Add the ability to drop privileges
2014-08-13 15:08:08 -05:00