| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removes the old UI build tooling; it is no longer necessary
because as of 1.2.0 it's bundled into the server binary.
It doesn't even need to have JS built, because it's bundled into
the release commit's source tree (see #48714).
The UI is enabled by default, so the NixOS service is
updated to directly use `ui = webUi;` now.
Fixes #48714.
Fixes #44192.
Fixes #41243.
Fixes #35602.
Signed-off-by: Niklas Hambüchen <mail@nh2.me>
|
| |
|
|
|
|
|
|
|
| |
Setting this variable in the environment of systemd-timedated allows
'timedatectl' to tell if an NTP service is running.
Closes #48917.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
|
| |\
| |
| | |
nixos/syncthing: move configuration to condigDir
|
| | |
| |
| |
| |
| | |
fixes #47513 following the upstream recommended settings:
https://github.com/syncthing/syncthing/issues/3434#issuecomment-235401876
|
| | |
| |
| |
| | |
before kill on shutdown
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
strongswan-swanctl: adapt options to strongswan-5.7.1
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The changes were found by executing the following in the strongswan
repo (https://github.com/strongswan/strongswan):
git diff 5.6.3..5.7.1 src/swanctl/swanctl.opt
|
| |\ \ \
| |/ /
|/| | |
nixos/ddclient: make RuntimeDirectory and configFile private
|
| | | |
| | |
| | | |
/run/ddclient/ddclient.conf should be installed in mode 660 (readable and writeable only by ddclient.service user and group)
|
| | | |
| | |
| | | |
ddclient will raise a warning if /run/ddclient/ is world-readable
|
| |\ \ \
| |/ /
|/| | |
nixos/eternal-terminal: init new module.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
This was overlooked on a rebase of mine on master, when I didn't realize
that in the time of me writing the znc changes this new option got
introduced.
|
| |/ /
| |
| |
| | |
This bug was introduced in https://github.com/NixOS/nixpkgs/pull/41467
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This breaks with networking backends enabled and
also creates large delays on boot when some services depends
on the network target. It is also not really required
because tinc does create those interfaces itself.
fixes #27070
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* nat/bind/dhcp.service:
Remove. Those services have nothing to do with a link-level service.
* sys-subsystem-net-devices-${if}.device:
Add as BindsTo dependency as this will make hostapd stop when the
device is unplugged.
* network-link-${if}.service:
Add hostapd as dependency for this service via requiredBy clause,
so that the network link is only considered to be established
only after hostapd has started.
* network.target:
Remove this from wantedBy clause as this is already implied from
dependencies stacked above hostapd. And if it's not implied than
starting hostapd is not required for this particular network
configuration.
|
| |\ \
| |/
|/| |
nixos/znc: More flexible module, cleanups
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This option represents the ZNC configuration as a Nix value. It will be
converted to a syntactically valid file. This provides:
- Flexibility: Any ZNC option can be used
- Modularity: These values can be set from any NixOS module and will be
merged correctly
- Overridability: Default values can be overridden
Also done:
Remove unused/unneeded options, mkRemovedOptionModule unfortunately doesn't work
inside submodules (yet). The options userName and modulePackages were never used
to begin with
|
| | |
| |
| |
| | |
Move legacy options to separate file
|
| |\ \
| |/
|/| |
nixos/modules: services.syncthing add guiAddress parameter
|
| | |
| |
| |
| | |
As Infinisil mentioned in https://github.com/NixOS/nixpkgs/pull/48119#discussion_r224974201
|
| | | |
|
| |\ \
| |/
|/| |
nixos: correct improper uses of mkEnableOption, clarify service descr…
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Several service definitions used `mkEnableOption` with text starting
with "Whether to", which produced funny option descriptions like
"Whether to enable Whether to run the rspamd daemon..".
This commit corrects this, and adds short descriptions of services
to affected service definitions.
|
| |\ \
| | |
| | | |
murmur: mention mumble in description
|
| | |/
| |
| |
| |
| | |
This makes the option easier to find with the options search or in the
manpage.
|
| | | |
|
| |\ \
| |/
|/| |
Miniupnpd and bittorrent improvements
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Most importantly, this sets PrivateTmp, ProtectHome, and ProtectSystem
so that Chrony flaws are mitigated, should they occur.
Moving to ProtectSystem=full however, requires moving the chrony key
files under /var/lib/chrony -- which should be fine, anyway.
This also ensures ConditionCapability=CAP_SYS_TIME is set, ensuring
that chronyd will only be launched in an environment where such a
capability can be granted.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
|
| |\ \
| | |
| | | |
teamspeak_server: 3.0.13.6 -> 3.3.0
|
| | | | |
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
epmd: Introduce erlang port mapper daemon service
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Having socket-activated epmd means that there always be only a single
instance managed centrally. Because Erlang also starts it
automatically if not available, and in worst case scenario 'epmd' can
be started by some Erlang application running under systemd. And then
restarting this application unit will cause complete loss of names in
'epmd' (if other Erlang system are also installed on this host).
E.g. see at which lengths RabbitMQ goes to recover from such
situations:
https://github.com/rabbitmq/rabbitmq-server/blame/7741b37b1efa97ac9b17685cc626bd35ee52ca16/src/rabbit_epmd_monitor.erl#L36
Having the only one socket-activated epmd completely solves this
problem.
|
| |\ \ \ \
| |_|_|/
|/| | | |
nixos/nullidentdmod: Init
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
nixos/zeronet: Fix TOR permissions, add torAlways option
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Hylafaxplus
|
| | | | | | | |
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This commit adds the following
* the uucp user
* options for HylaFAX server to control startup and modems
* systemd services for HylaFAX server processes
including faxgettys for modems
* systemd services to maintain the HylaFAX spool area,
including cleanup with faxcron and faxqclean
* default configuration for all server processes
for a minimal working configuration
Some notes:
* HylaFAX configuration cannot be initialized with faxsetup
(as it would be common on other Linux distributions).
The hylafaxplus package contains a template spool area.
* Modems are controlled by faxgetty.
Send-only configuration (modems controlled by faxq)
is not supported by this configuration setup.
* To enable the service, one or more modems must be defined with
config.services.hylafax.modems .
* Sending mail *should* work:
HylaFAX will use whatever is in
config.services.mail.sendmailSetuidWrapper.program
unless overridden with the sendmailPath option.
* The admin has to create a hosts.hfaxd file somewhere
(e.g. in /etc) before enabling HylaFAX.
This file controls access to the server (see hosts.hfaxd(5) ).
Sadly, HylaFAX does not permit account-based access
control as is accepts connections via TCP only.
* Active fax polling should work; I can't test it.
* Passive fax polling is not supported by HylaFAX.
* Pager transmissions (with sendpage) are disabled by default.
I have never tested or used these.
* Incoming data/voice/"extern"al calls
won't be handled by default.
I have never tested or used these.
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also:
* switch to flat sysdir
* remove nixos default reseeds, rely on program defaults
* refactor config expressions
|