Joachim Fasting
119d93e223
dnscrypt-proxy: minor superficial improvements
...
- Use upstream description and explicitly set platforms = all
- Coding conventions fix
2014-11-22 16:19:06 +01:00
William A. Kennington III
826f5468ab
nixos/unifi: Remove old ROOT.war links before relinking
2014-11-14 11:45:38 -08:00
William A. Kennington III
d0e15cc575
Merge pull request #4983 from bosu/fw-stop-fix
...
firewall: clear rpfilter on stop
2014-11-14 00:14:27 -08:00
Boris Sukholitko
53b24d0c95
firewall: clear rpfilter on stop
2014-11-14 09:07:18 +02:00
Moritz Ulrich
e884dc32c5
Add local-fs.target to minidlna.
...
Minidlna fails to start if it wants to access a filesystem which isn't
mounted (yet).
2014-11-12 23:20:47 +01:00
Joachim Fasting
52f0553209
Add dnscrypt-proxy service
...
The dnscrypt-proxy service relays regular DNS queries to
a DNSCrypt enabled upstream resolver.
The traffic between the client and the upstream resolver is
encrypted and authenticated, which may mitigate the risk of
MITM attacks and third-party snooping (assuming a trustworthy
upstream).
Though dnscrypt-proxy can run as a standalone DNS client,
the recommended setup is to use it as a forwarder for a
caching DNS client.
To use dnscrypt-proxy as a forwarder for dnsmasq, do
```nix
{
# ...
networking.nameservers = [ "127.0.0.1" ];
networking.dhcpcd.extraConfig = "nohook resolv.conf";
services.dnscrypt-proxy.enable = true;
services.dnscrypt-proxy.localAddress = "127.0.0.1";
services.dnscrypt-proxy.port = 40;
services.dnsmasq.enable = true;
services.dnsmasq.extraConfig = ''
no-resolv
server=127.0.0.1#40
listen-address=127.0.0.1
'';
# ...
}
```
2014-11-11 22:47:19 +01:00
Edward Tjörnhammar
c329e5bbd9
i2pd: added package, service
2014-11-09 09:55:35 +01:00
Emery Hemingway
67a2a58314
cjdns: service tweaks, new NixOS test
2014-11-08 23:39:02 +01:00
Aristid Breitkreuz
8b50383c45
Merge pull request #4859 from abbradar/git-daemon
...
nixos/git-daemon: fix a bug and add 'user' and 'group' options
2014-11-08 19:33:24 +01:00
Aristid Breitkreuz
cf4a976ced
quassel: make a proper systemd unit (also properly works in containers now)
2014-11-08 14:59:25 +01:00
Nikolay Amiantov
46b866cf63
nixos/git-daemon: fix 'exportAll' option
2014-11-07 15:50:01 +03:00
Nikolay Amiantov
af1d09879b
nixos/git-daemon: add 'user' and 'group' options
2014-11-07 15:49:45 +03:00
Nikolay Amiantov
4b2e43865a
nixos/git-daemon: add types
2014-11-07 15:49:03 +03:00
William A. Kennington III
ba53392bce
nixos/nat: Fix override so that sysctls are properly preserved
2014-10-31 16:50:25 -07:00
Domen Kožar
3b133beb7a
Merge pull request #4553 from ehmry/polipo
...
drop permission prestart from polipo service module
2014-10-23 12:51:36 +02:00
Emery Hemingway
a3338abcfe
cjdns: add peer hostnames to extraHosts, option for external config
2014-10-21 13:16:04 -04:00
Emery Hemingway
32d6ae7ed9
drop permission prestart from polipo service module
...
chowning the cache directory can timeout the service, permissions
on this directory should never change without user intervention
2014-10-16 10:57:16 -04:00
Joachim Schiele
13298fcbb9
Merge pull request #4535 from flosse/lua-bitop
...
lua-packages: added lua-bitop to add websocket support for prosody
2014-10-15 09:41:32 +02:00
Markus Kohlhase
5308d3284b
prosody: added websocket support
2014-10-15 03:57:00 +02:00
Matej Cotman
561d3b3860
seeks: nixos module
2014-10-13 13:10:49 +02:00
Markus Kohlhase
d86c2c30c5
prosody: packaged as a service
...
Conflicts:
nixos/modules/misc/ids.nix
2014-10-11 18:53:43 +02:00
Shea Levy
f5aaefbb6c
More pkgs.lib -> lib fixes
2014-09-29 09:45:59 -04:00
Jaka Hudoklin
ff8f23ab26
Merge pull request #4280 from wkennington/master.consul
...
nixos/consul: Add module
2014-09-27 07:00:39 +02:00
William A. Kennington III
36f9b9c284
nixos/consul: Add module
2014-09-26 03:25:14 -07:00
Matej Cotman
5e18182a30
mailpile: add module
2014-09-26 10:49:09 +02:00
Emery Hemingway
61f0d9b251
cjdns: update from 20140919 20140922
...
package installs to .../bin
fix service module to look in .../bin
Closes #4240
2014-09-23 22:30:53 +01:00
Domen Kožar
2247f3a8d3
Merge pull request #4168 from lostdj/ltp/master/btsyncfix
...
bittorrentsync: fix storage_path
2014-09-20 10:53:57 +02:00
lostdj
f02d4ec9ed
bittorrentsync: fix storage_path.
...
If this path is a symlink, btsync won't be able to read it if it's not ending with "/".
2014-09-19 18:19:04 +04:00
William A. Kennington III
ae195727b7
nixos/nat: Don't flush tables, create subchains for autogenerated rules
2014-09-18 11:28:58 -07:00
William A. Kennington III
ec9c4143a7
nixos/firewall: Cleanup in case reload fails
2014-09-16 15:51:57 -07:00
William A. Kennington III
1321fd175d
nixos/nat: Leverage firewall module
2014-09-15 21:31:27 -07:00
William A. Kennington III
6a43d51291
nixos/firewall: Support extraStopCommands
2014-09-15 21:31:26 -07:00
William A. Kennington III
fd7b9b4291
nixos/firewall: Don't allow traffic during reload
2014-09-15 20:40:16 -07:00
Jaka Hudoklin
f7ba3d833f
nixos/znc: fix module, createUser option does not exist anymore
2014-09-13 02:20:32 +02:00
William A. Kennington III
bab5efd237
nixos/ssh: Allow user to configure the package that provides ssh/sshd
2014-09-11 22:07:39 -07:00
Aristid Breitkreuz
c3fe942a57
start dhcpcd after network-interfaces
2014-09-06 13:52:09 +02:00
aszlig
e8c4fde22d
nixos/nsd: Improve support for journald/systemd.
...
Don't fork into the background and just log to stderr.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
aszlig
6386df1645
nixos/nsd: Fix indentation/coding style.
...
For Nix, we indent using two spaces, but in this module somehow 4 spaces
were snuck in. Other than that, remoteControl and ratelimit are just
nested attribute sets, so we don't need to make another submodule type
for no particular reason.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
Luca Bruno
2ba523df24
nixos nat: add description to forwardPorts
2014-09-04 11:33:08 +02:00
Luca Bruno
e6ab680cbf
nixos nat: add type for sourcePort and destination of forwardPorts
2014-09-04 10:26:33 +02:00
Michael Raskin
4155121069
Merge pull request #3926 from lethalman/fwdports
...
nixos/nat: add forwardPorts for external->internal DNAT
2014-09-03 21:54:37 +04:00
Michael Raskin
3e841ef642
Fixing comment case
2014-09-03 20:03:15 +04:00
Michael Raskin
d1ae15b680
Merge pull request #3804 from ehmry/unbound
...
unbound: run in chroot
2014-09-03 11:45:20 +04:00
Nathan Bijnens
33a3f76ee4
Copy.com: client #3617
2014-09-03 11:31:51 +04:00
William A. Kennington III
9659d0f4fb
nixos/dnsmasq: Fix regressions during the systemd update
2014-09-02 17:23:55 -07:00
Vladimir Still
13bbce96c3
sshd: Fix typo in assetion.
2014-09-02 10:06:04 +02:00
Vladimir Still
a2394f09c7
sshd: Add note about listening on port 22 to listenAddresses.
2014-09-01 22:56:35 +02:00
Vladimir Still
ac39d839c3
sshd: Add note about firewall and listenAddresses.
2014-09-01 22:56:35 +02:00
Vladimir Still
e12337156c
sshd: Allow to specify ListenAddress.
2014-09-01 22:56:35 +02:00
Michael Raskin
a6dfb4dc28
Merge pull request #3241 from ehmry/cjdns
...
cjdns declarative configuration
2014-09-02 00:53:18 +04:00