diff options
Diffstat (limited to 'nixos/modules/services/security')
-rw-r--r-- | nixos/modules/services/security/fprot.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/security/haka.nix | 4 | ||||
-rw-r--r-- | nixos/modules/services/security/munge.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/security/oauth2_proxy.nix | 4 | ||||
-rw-r--r-- | nixos/modules/services/security/oauth2_proxy_nginx.nix | 4 | ||||
-rw-r--r-- | nixos/modules/services/security/physlock.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/security/sks.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/security/tor.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/security/usbguard.nix | 2 |
9 files changed, 11 insertions, 12 deletions
diff --git a/nixos/modules/services/security/fprot.nix b/nixos/modules/services/security/fprot.nix index b1ca4ab23452..474490391463 100644 --- a/nixos/modules/services/security/fprot.nix +++ b/nixos/modules/services/security/fprot.nix @@ -67,7 +67,7 @@ in { services.cron.systemCronJobs = [ "*/${toString cfg.updater.frequency} * * * * root start fprot-updater" ]; - systemd.services."fprot-updater" = { + systemd.services.fprot-updater = { serviceConfig = { Type = "oneshot"; RemainAfterExit = false; diff --git a/nixos/modules/services/security/haka.nix b/nixos/modules/services/security/haka.nix index b64a1b4d03e0..618e689924fd 100644 --- a/nixos/modules/services/security/haka.nix +++ b/nixos/modules/services/security/haka.nix @@ -69,7 +69,7 @@ in configFile = mkOption { default = "empty.lua"; example = "/srv/haka/myfilter.lua"; - type = types.string; + type = types.str; description = '' Specify which configuration file Haka uses. It can be absolute path or a path relative to the sample directory of @@ -80,7 +80,7 @@ in interfaces = mkOption { default = [ "eth0" ]; example = [ "any" ]; - type = with types; listOf string; + type = with types; listOf str; description = '' Specify which interface(s) Haka listens to. Use 'any' to listen to all interfaces. diff --git a/nixos/modules/services/security/munge.nix b/nixos/modules/services/security/munge.nix index 1c4f8e20552f..891788864710 100644 --- a/nixos/modules/services/security/munge.nix +++ b/nixos/modules/services/security/munge.nix @@ -19,7 +19,7 @@ in password = mkOption { default = "/etc/munge/munge.key"; - type = types.string; + type = types.path; description = '' The path to a daemon's secret key. ''; diff --git a/nixos/modules/services/security/oauth2_proxy.nix b/nixos/modules/services/security/oauth2_proxy.nix index 61f203ef9e7d..bb03f7fc9e43 100644 --- a/nixos/modules/services/security/oauth2_proxy.nix +++ b/nixos/modules/services/security/oauth2_proxy.nix @@ -284,7 +284,7 @@ in #################################################### # UPSTREAM Configuration upstream = mkOption { - type = with types; coercedTo string (x: [x]) (listOf string); + type = with types; coercedTo str (x: [x]) (listOf str); default = []; description = '' The http url(s) of the upstream endpoint or <literal>file://</literal> @@ -523,7 +523,7 @@ in }; keyFile = mkOption { - type = types.nullOr types.string; + type = types.nullOr types.path; default = null; description = '' oauth2_proxy allows passing sensitive configuration via environment variables. diff --git a/nixos/modules/services/security/oauth2_proxy_nginx.nix b/nixos/modules/services/security/oauth2_proxy_nginx.nix index a9ad5497a657..be6734f439f3 100644 --- a/nixos/modules/services/security/oauth2_proxy_nginx.nix +++ b/nixos/modules/services/security/oauth2_proxy_nginx.nix @@ -6,14 +6,14 @@ in { options.services.oauth2_proxy.nginx = { proxy = mkOption { - type = types.string; + type = types.str; default = config.services.oauth2_proxy.httpAddress; description = '' The address of the reverse proxy endpoint for oauth2_proxy ''; }; virtualHosts = mkOption { - type = types.listOf types.string; + type = types.listOf types.str; default = []; description = '' A list of nginx virtual hosts to put behind the oauth2 proxy diff --git a/nixos/modules/services/security/physlock.nix b/nixos/modules/services/security/physlock.nix index 97fbd6aae6e0..61bcd84f2e64 100644 --- a/nixos/modules/services/security/physlock.nix +++ b/nixos/modules/services/security/physlock.nix @@ -99,7 +99,7 @@ in # for physlock -l and physlock -L environment.systemPackages = [ pkgs.physlock ]; - systemd.services."physlock" = { + systemd.services.physlock = { enable = true; description = "Physlock"; wantedBy = optional cfg.lockOn.suspend "suspend.target" diff --git a/nixos/modules/services/security/sks.nix b/nixos/modules/services/security/sks.nix index 1b7a2ad13980..a91060dc659a 100644 --- a/nixos/modules/services/security/sks.nix +++ b/nixos/modules/services/security/sks.nix @@ -108,7 +108,7 @@ in { hkpAddress = "'" + (builtins.concatStringsSep " " cfg.hkpAddress) + "'" ; hkpPort = builtins.toString cfg.hkpPort; in { - "sks-db" = { + sks-db = { description = "SKS database server"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; diff --git a/nixos/modules/services/security/tor.nix b/nixos/modules/services/security/tor.nix index abdc0cd78b4d..ed862387cce1 100644 --- a/nixos/modules/services/security/tor.nix +++ b/nixos/modules/services/security/tor.nix @@ -722,7 +722,6 @@ in systemd.services.tor-init = { description = "Tor Daemon Init"; wantedBy = [ "tor.service" ]; - after = [ "local-fs.target" ]; script = '' install -m 0700 -o tor -g tor -d ${torDirectory} ${torDirectory}/onion install -m 0750 -o tor -g tor -d ${torRunDirectory} diff --git a/nixos/modules/services/security/usbguard.nix b/nixos/modules/services/security/usbguard.nix index 20d5e3b28eb9..4ced5acd9bd9 100644 --- a/nixos/modules/services/security/usbguard.nix +++ b/nixos/modules/services/security/usbguard.nix @@ -195,7 +195,7 @@ in { description = "USBGuard daemon"; wantedBy = [ "basic.target" ]; - wants = [ "systemd-udevd.service" "local-fs.target" ]; + wants = [ "systemd-udevd.service" ]; # make sure an empty rule file and required directories exist preStart = '' |