BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
5081 commits 1 branch 0 tags 3.8 GiB
Commit graph

355 commits

Author SHA1 Message Date
Eelco Dolstra
b7b2476499 Remove the portmap module 
It's obsoleted by rpcbind.
 2013-09-26 17:04:07 +02:00
Rickard Nilsson
bfd86d4e74 Fix bug in NetworkManager name server configuration 2013-09-23 16:01:56 +02:00
Jan Malakhovski
af2382606c bind: allow forwarders to differ from nameservers 2013-09-17 01:21:17 +00:00
Peter Simons
4a7d8a84bc modules/services/networking/tcpcrypt.nix: specify start-up dependencies in systemd style 
Thanks, Eelco, for pointing this out.
 2013-09-11 18:56:09 +02:00
Peter Simons
0afcc637d7 Add support for opportunistic TCP encryption. 
Set "networking.tcpcrypt.enable = true;" to enable opportunistic TCP encryption
based on the user-space tools available from <http://tcpcrypt.org>.

Network attackers come in two varieties: passive and active (man-in-the-middle).
Passive attacks are much simpler to execute because they just require listening
on the network. Active attacks are much harder as they require listening and
modifying network traffic, often requiring very precise timing that can make
some attacks impractical.

Opportunistic encryption cannot protect against active attackers, but it *does*
protect against passive attackers. Furthermore, Tcpcrypt is powerful enough to
stop active attacks, too, if the application using it performs authentication.

A complete description of the protocol extension can be found at
<http://tools.ietf.org/html/draft-bittau-tcp-crypt-00>.
 2013-09-10 23:32:55 +02:00
Eelco Dolstra
c4092f2a8d firewall.nix: Less verbosity 2013-09-10 15:17:52 +02:00
Eelco Dolstra
94bb48be78 firewall.nix: Don't make missing rpfilter support a fatal error 
This makes upgrading from Linux 3.2 to 3.4 a bit nicer.
 2013-09-10 15:17:52 +02:00
Moritz Ulrich
f8d1aac7d8 minidlna: Start after networking.target. 
Signed-off-by: Moritz Ulrich <moritz@tarn-vedra.de>
 2013-08-27 20:51:34 +02:00
Rickard Nilsson
b0b5e08e86 Add some more missing uids/gids 2013-08-26 15:20:25 +02:00
Eelco Dolstra
9771f0c96c sshd: Support multiple host keys 
The option services.openssh.hostKeys now allows specifying multiple
host keys.  The default value enables both a DSA and ECDSA key.
(Clients by default will use the ECDSA key, unless known_hosts already
has a DSA key for that host.)  To use only an ECDSA key, you can say:

  services.openssh.hostKeys =
    [ { path = "/etc/ssh/ssh_host_ecdsa_key";
        type = "ecdsa";
        bits = 521;
      }
    ];
 2013-08-24 01:01:10 +02:00
Evgeny Egorochkin
f8a6fa774e SSH daemon: change default key size for RSA, add alert for weak keys. 2013-08-23 14:50:14 +03:00
Rickard Nilsson
f420726936 Add several missing uids and gids to modules/misc/ids.nix 2013-08-23 11:37:17 +02:00
Rickard Nilsson
1ff7584a30 networkmanager: Add option for appending DNS settings 
If the option is enabled, the DNS servers from networking.nameservers
will be inserted in /etc/resolv.conf after the DNS servers that
NetworkManager receieves by DHCP, or that is configured manually
in the connection settings.
 2013-08-20 13:36:01 +02:00
Rickard Nilsson
e36e979d38 networkmanager: Add option for overriding DNS settings 
If the option is enabled, the DNS servers from networking.nameservers
will be inserted in /etc/resolv.con and override any DNS servers that
NetworkManager receieves by DHCP, or that is configured manually
in the connection settings.
 2013-08-16 00:35:57 +02:00
Ivan Kozik
390fdb3e60 Fix typos, especially those that end up in the NixOS manual 2013-08-10 21:07:13 +00:00
Jaka Hudoklin
d0cb70cefb Add iodined, ip over dns daemon 2013-08-05 01:20:55 +02:00
Cillian de Róiste
41e04c9aff Merge branch 'supybot' 
Conflicts:
	modules/misc/ids.nix
 2013-08-04 03:59:18 +02:00
Cillian de Róiste
5b25c5a181 supybot.service: tidy up 2013-08-04 03:56:01 +02:00
Cillian de Róiste
6e093113fe Supybot service: failing to create stateDir in /var/lib 2013-08-04 00:18:44 +02:00
Cillian de Róiste
90554a03c7 Supybot/limnoria: add service module 2013-08-01 00:36:15 +02:00
Domen Kožar
37136e4adf Merge pull request #201 from garbas/networkmanager 
openconnect and vpnc NetworkManager plugins added
 2013-07-31 12:06:15 -07:00
Peter Simons
6341a12587 modules/services/networking/dhcpcd.nix: add "extraConfig" option 
This option allows administrators to add verbatim text to the generated
config file. I use this feature, for instance, to disable the default
route normally added by dhcpcd for certain interfaces.
 2013-07-22 14:16:13 +02:00
Eelco Dolstra
002ffea364 wpa_supplicant: Fix wlan interface detection on Linux 3.4 
Linux 3.4 apparently doesn't have the "wireless" file.
 2013-07-15 13:54:15 +02:00
Eelco Dolstra
69eeb83039 Use "or" 2013-07-15 13:54:15 +02:00
Rok Garbas
fb5a616b02 openconnect and vpnc NetworkManager plugins added 2013-07-10 16:43:26 +02:00
Mathijs Kwik
824b5b645a openvpn: fix type error 
either use
- optional cond "target"
or
- optionals cond ["target1" "target2"]
 2013-06-04 07:45:58 +02:00
Domen Kozar
53390a2da9 add networkmanager_openvpn to systemPackages 2013-05-29 00:38:50 +02:00
Eelco Dolstra
2ec6759f5f openvpn.nix: Use systemd.* 
Also add an option ‘autoStart’ to configure whether an OpenVPN
instance should be started automatically.  And don't log to
/var/log/openvpn-* anymore.
 2013-05-28 14:39:48 +02:00
Lluís Batlle i Rossell
f60393975f gnunet: it was missing extraGroups 2013-05-28 10:19:59 +02:00
Ricardo M. Correia
6336048c58 chrony: properly set rtconutc option, and add a few more options 2013-05-23 03:00:09 +00:00
Ricardo M. Correia
02d9a8066a Add chrony service 
Also, do not build and add ntp to the system unless it is enabled.
 2013-05-23 02:07:49 +00:00
Domen Kozar
edd77af3fe add openvpn config file to networkmanager service 2013-05-13 17:52:26 +02:00
Domen Kozar
078130767d add openvpn plugin to networkmanager 2013-05-11 19:25:14 +02:00
Lluís Batlle i Rossell
4f71bce691 Adding miniupnpc to gnunet path, to be able to use upnp 2013-05-07 18:53:28 +02:00
Domen Kožar
01887f2c86 Merge pull request #100 from jcumming/hostapd.130224 
proper hostapd dependencies
 2013-05-04 01:38:45 -07:00
Domen Kožar
c4ead79dd6 Merge pull request #149 from NixOS/networkmanager_suspend 
restart networkmanager on suspend resume
 2013-04-27 09:13:15 -07:00
Lluís Batlle i Rossell
af0e751ee9 Making gnunet start properly (calling gnunet-service-arm directly) 2013-04-24 20:17:14 +04:00
Lluís Batlle i Rossell
f50014339a Putting the gnunet module up to date. It still doesn't start gnunet though. 
No idea why.
 2013-04-24 19:03:29 +04:00
Domen Kozar
ec9dc730ec restart networkmanager on suspend resume 2013-04-22 19:36:14 +02:00
Evgeny Egorochkin
fa0f5bf72f Freenet: fix 2 typos 2013-04-22 16:50:58 +03:00
Lluís Batlle i Rossell
7a71320a9c Adding freenet module 2013-04-21 11:27:41 +04:00
viric
7d2ec75ae7 Merge pull request #128 from pSub/bitlbee 
Bitlbee: updated for systemd; added more options like AuthMode
 2013-04-14 12:49:18 -07:00
Jack Cummings
edc12de8c9 add wantedBy network.target so that hostapd starts by default 2013-04-12 23:25:32 -07:00
Pascal Wittmann
c4b3b71917 Bitlbee: create homedir; do not use /etc/bitlbee.conf 2013-04-02 00:08:17 +02:00
Domen Kozar
969c577173 fixes #127 2013-03-31 21:18:57 +02:00
Pascal Wittmann
8d0a7cb6d2 Bitlbee: tabs to spaces 2013-03-29 12:51:47 +01:00
Pascal Wittmann
e33af28567 Bitlbee: hardcode username and configdir; homedir == configdir 2013-03-29 12:37:06 +01:00
Pascal Wittmann
4af26d582c Bitlbee: updated for systemd; added more options like AuthMode 2013-03-29 10:28:54 +01:00
Marc Weber
f3e6b42258 replace list by listOf using same style as for attrsOf 2013-03-14 17:09:21 +01:00
Jack Cummings
d5b6456f40 proper hostapd dependencies 2013-02-24 03:11:45 -08:00