| Commit message (Collapse) | Author | Age |
|
|
|
| |
Still celebrating today's 1.2.0 release!
|
|
|
|
|
|
|
| |
This was disabled in the Linux kernel since 4.7 and poses a security risk
if not configured properly.
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=486dcf43da7815baa615822f3e46883ccca5400f
|
|
|
|
| |
This feature is available in all kernels in nixpkgs.
|
|\
| |
| | |
PowerDNS Recursor: add package and service
|
| | |
|
| | |
|
|\ \
| | |
| | | |
dnscrypt-wrapper: add service
|
| |/ |
|
| |
| |
| |
| | |
Need to surround the equality check in parentheses.
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix the FW names
FW_REFUSE was removed and nixos-fw-input was renamed to nixos-fw.
* Update the comment (documentation) at the top
Order the chains of the main table alphabetically (like in the rest of
the file) and add nixos-fw-rpfilter (from the raw table) and nixos-drop
(used while reloading the firewall).
* Refactor the module (mainly comments)
- Move some attributes to the top for better visibility (that should
hopefully make it easier to read and understand this module without
jumping around too much).
- Add some missing examples and improve some descriptions.
- Reorder the mkOption attributes for consistency.
- Wrap lines at 72 characters.
- Use two spaces between sentences.
|
| |
|
|\
| |
| | |
DHCPv6 improvements
|
| | |
|
| | |
|
|/ |
|
|
|
|
|
|
| |
Fixes #20101
From PR #21417
|
|
|
|
| |
It is literal 'priority' option of wpa_supplicant.conf
|
|
|
|
|
|
|
|
| |
Using outputsToInstall the intended behaviour of including host and dnsutils
when bind is installed can be implemented instead of using symlinks to fix
installing all outputs individually with nix-env.
Fixes #19761.
|
|\
| |
| | |
smokeping: Allow customization of cgiurl and imgurl
|
| | |
|
| | |
|
|\ \
| |/
|/| |
cjdns service: optional extraHosts
|
| |
| |
| |
| |
| |
| | |
Enabling this incurs a heavy eval-time cost, but it's a nice usability
enhancement; satisfy both concerns by making it optional (default
false).
|
| |
| |
| |
| |
| |
| | |
This reverts commit 60ded3f3632d221ca3f82a52392e155517880456.
We want to make this optional instead.
|
|/ |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fix/asterisk-module: use unix-group for asterisk-files
* fix/asterisk-module: add configOption to use some default config-files
* fix/asterisk-module: correction of skel copy
* fix/asterisk-module: use /etc/asterisk as configDir
* fix/asterisk-module: add reload; do not restart unit
* asterisk: 13.6.0 -> 14.1.2
* fix/asterisk: compile with lua, pjsip, format_mp3
* fix/asterisk: fix indentation
* fix/asterisk: remove broken flag
|
|
|
|
| |
For the tool birdc to monitor and configure bird.
|
|
|
|
|
|
|
|
| |
- most nixos user only require time synchronisation,
while ntpd implements a battery-included ntp server (1,215 LOCs of C-Code vs 64,302)
- timesyncd support ntp server per interface (if configured through dhcp for instance)
- timesyncd is already included in the systemd package, switching to it would
save a little disk space (1,5M)
|
| |
|
|
|
|
|
|
| |
- syntax check before deploying configuration
- remove static unnessary static uid/gid (configuration is opened as root)
- add service hardening
|
| |
|
|
|
|
|
| |
Explain why the assertion fails; the user already knows that it *has*
failed.
|
|
|
|
|
| |
The type was simply str but the default is null, thus resulting in a
conversion error if the user fails to declare a value.
|
|
|
|
|
|
| |
The service owns no data, having a static uid serves no purpose.
This frees up uid/gid 32
|
| |
|
|
|
|
|
|
|
| |
It was deprecated and removed from all modules in the tree by #18319.
The wireguard module PR (#17933) was still in the review at the time and
the deprecated usage managed to slip inside.
|
| |
|
|\
| |
| | |
fakeroute: init at 0.3
|
| | |
|
|\ \
| | |
| | | |
Add dante package & accompanying service module
|
| |/ |
|
| |
| |
| |
| |
| |
| | |
Primarily to fix rendering of these default values in the manual but
it's also nice to avoid having to eval these things just to build the
manual.
|
|/
|
|
|
|
|
|
| |
The configuration { services.openssh.enable = true;
services.openssh.forwardX11 = false; } caused
programs.ssh.setXAuthLocation to be set to false, which was not the
intent. The intent is that programs.ssh.setXAuthLocation should be
automatically enabled if needed or if xauth is already available.
|
|
|
|
|
|
| |
Generating IPv6 addresses at eval time required building cjdns.
Fix #20422
|
| |
|