| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
| |
Consul is a service you typically want to have running all the time;
it's not supposed to quit by itself.
|
| |\
| |
| | |
znc: fix openFirewall option
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The current version is broken:
- there's no `openFirewall` attribute directly in the `cfg` set
- the `port` option is an attribute of the `confOptions` set
I used the proper attribute for the firewall port and moved the `openFirewall`
option directly up to the `services.znc` set, as it's rather a general option
for the whole service than a znc-specific option (which are located inside the
`confOptions` set).
|
| |/
|
|
|
|
|
|
|
| |
We now wait for dhcpcd to acquire a lease but dhcpcd is restarted on
system activation. As wpa_supplicant is stopped while dhcpcd is
restarting a significant delay is introduced on systems with wireless
network connections only. This changes the wpa_supplicant service to
also be restarted together with dhcpcd in case both services were
changed.
|
| |
|
|
| |
ExecStart is sufficient and more transparent to the user.
|
| |
|
|
|
| |
tinc can figure this out based on DeviceType.
I also got `/dev/net/tun FD in bad state` after a particular upgrade.
|
| | |
|
| |\
| |
| | |
networking.wireguard: added `allowedIpsAsRoutes` boolean to control p…
|
| | |
| |
| |
| |
| |
| |
| | |
Sometimes (especially in the default route case) it is required to NOT
add routes for all allowed IP ranges. One might run it's own custom
routing on-top of wireguard and only use the wireguard addresses to
exchange prefixes with the remote host.
|
| | | |
|
| |\ \
| | |
| | | |
Add modules for tinydns and dnscache from djbdns
|
| | | |
| | |
| | |
| | | |
(not strictly required to start the service)
|
| | | |
| | |
| | |
| | | |
with improvements suggested by Jörg Thalheim <joerg@thalheim.io>
|
| | |/
| |
| |
| | |
with improvements suggested by Jörg Thalheim <joerg@thalheim.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This has been broken nearly all the time due to the patches needed to
iproute2 not being compatible with the newer versions we have been
shipping. As long as Ubuntu does not manage to upstream these changes
so they are maintained with iproute2 and we don't have a maintainer
updating these patches to new iproute2 versions it is not feasible to
have this available.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 670b4e29adc16e0a29aa5b4c126703dcca56aeb6. The change
added in this commit was controversial when it was originally suggested
in https://github.com/NixOS/nixpkgs/pull/29205. Then that PR was closed
and a new one opened, https://github.com/NixOS/nixpkgs/pull/29503,
effectively circumventing the review process. I don't agree with this
modification. Adding an option 'resolveLocalQueries' to tell the locally
running name server that it should resolve local DNS queries feels
outright nuts. I agree that the current state is unsatisfactory and that
it should be improved, but this is not the right way.
(cherry picked from commit 23a021d12e8f939cd0bfddb1c7adeb125028c1e3)
|
| |\ \
| | |
| | | |
Ease radicale upgrade
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When the user specifies the networking.nameservers setting in the
configuration file, it must take precedence over automatically
derived settings.
The culprit was services.bind that made the resolver set to
127.0.0.1 and ignore the nameserver setting.
This patch adds a flag to services.bind to override the nameserver
to localhost. It defaults to true. Setting this to false prevents the
service.bind and dnsmasq.resolveLocalQueries settings from
overriding the users' settings.
Also, when the user specifies a domain to search, it must be set in
the resolver configuration, even if the user does not specify any
nameservers.
(cherry picked from commit 670b4e29adc16e0a29aa5b4c126703dcca56aeb6)
This commit was accidentally merged to 17.09 but was intended for
master. This is the cherry-pick to master.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
properly also in case dhcpcd being used.
Without network-online.target, coturn will fail to listen on addresses that
come up with dhcpcd.
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously services depending on network-online.target would wait until
dhcpcd times out if it was enabled and a static network address
configuration was used. Setting the default gateway statically is enough
for the networking to be considered online.
This also adjusts the relevant networking tests to wait for
network-online.target instead of just network.target.
|
| |\ \
| | |
| | | |
squid service: initial service based on default config
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
tinc prior to 1.1 doesn't have the `tinc` executable,
and `tincd` isn't of any use while the daemon already runs.
|
| |\ \ \
| | | |
| | | | |
matterbridge, modules/matterbridge: init at 1.1.0
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
For various reasons, big Nix attrsets look ugly in the generated manual
page[1]. Use literalExample to fix it.
[1] Quotes around attribute names are lost, newlines inside multi-line
strings are shown as '\n' and attrs written on multiple lines are joined
into one.
|
| |\ \ \ \
| | | | |
| | | | | |
firehol: init at 3.1.4, iprange: init at 1.0.3
|
| | | |/ /
| |/| | |
|
| | |/ /
|/| | |
|
| |\ \ \
| | | |
| | | | |
znc: open firewall with configured port
|
| | | | | |
|
| | |/ /
| | |
| | |
| | |
| | | |
The configuration doesn't currently open the configured port, which is
less convenient than opening it.
|
| |/ /
| |
| |
| | |
s/ssl/useSSL/
|
| | | |
|
| |/
|
|
|
|
|
|
|
| |
When keys get refreshed a folder with the permissions of the root user
get created in the home directory of the user dnscrypt-wrapper. This
prevents the service from restarting.
In addition to that the parameters of dnscrypt-wrapper have
changed in upstream and in the newly packaged software.
|
| | |
|
| |\
| |
| | |
radicale: update to version 2
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit readds and updates the 1.x package from 1.1.4 to 1.1.6 which
also includes the needed command for migrating to 2.x
The module is adjusted to the version change, defaulting to radicale2 if
stateVersion >= 17.09 and radicale1 otherwise. It also now uses
ExecStart instead of the script service attribute. Some missing dots at
the end of sentences were also added.
I added a paragraph in the release notes on how to update to a newer
version.
|
| | |
| |
| |
| | |
Now uses the upstream systemd unit which adds lots of hardening flags.
|
| |\ \
| | |
| | | |
nixos: i2pd: bits and pieces
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | |/ |
|