about summary refs log tree commit diff
path: root/nixos
Commit message (Collapse)AuthorAge
...
* | | | | | | | autofs service: fix the manualNikolay Amiantov2017-07-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #27202.
* | | | | | | | environment.noXlibs: Disable gnome when noXLibs is set (#27567)k0ral2017-07-26
| | | | | | | |
* | | | | | | | nixos/…/swap.nix: don't create a LUKS header for randomEncryptionedef2017-07-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Creating and then erasing the key relies on the disk erasing data correctly, and otherwise allows attackers to simply decrypt swap just using "secretkey". We don't actually need a LUKS header, so we can save ourselves some pointless disk writes and identifiability. In addition, I wouldn't have made the awful mistake of backing up my swap partition's LUKS header instead of my zpool's. May my data rest in peace.
* | | | | | | | Cleanup tahoe module0xABAB2017-07-25
| |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Remove useless escape of question mark - Fix and quoting - Add some '&&s' for correctness - Add escapeShellArg - Remove &&s in preStart Edited by grahamc: fixed the ${} typo on line 246
* | | | | | | tinc service: add CLI tools to the $PATHVolth2017-07-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Now user can execute e.g. "sudo tinc.netname dump nodes"
* | | | | | | Merge pull request #27627 from volth/zookeeper-escape-shellJörg Thalheim2017-07-25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | nixos/zookeeper: escape cfg.extraCmdLineOptions
| * | | | | | | nixos/zookeeper: escape cfg.extraCmdLineOptionsVolth2017-07-24
| | | | | | | |
* | | | | | | | Merge pull request #27347 from cstrahan/osquery-newCharles Strahan2017-07-24
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | osquery: init at 2.5.2
| * | | | | | | | osquery: init at 2.5.2Charles Strahan2017-07-24
| | | | | | | | |
* | | | | | | | | wireguard: sometimes module tries to re-add the default route, which fails - ↵Aristid Breitkreuz2017-07-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use replace to make it succeed
* | | | | | | | | Merge pull request #26632 from jazmit/nixpkgsJoachim F2017-07-23
|\ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|_|/ |/| | | | | | | | coturn: allow use of ports < 1024
| * | | | | | | | coturn: allow use of ports < 1024James2017-06-20
| | | | | | | | |
* | | | | | | | | Merge pull request #27469 from Ma27/oh-my-zsh/make-pkg-configurableJörg Thalheim2017-07-22
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | programs.zsh.ohMyZsh: add `package` option to make package overrides on module-base easier
| * | | | | | | | | programs.zsh.ohMyZsh: add `package` option to make package overrides on ↵Maximilian Bosch2017-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | module-base easier
* | | | | | | | | | exhibitor: Fix bugs in previous packageJoel Thompson2017-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The previous package didn't build properly due to a bug in the build script, and the nixos module didn't evaluate due to missing descriptions in the options. This fixes both issues. It also adds missing command-line options that weren't able to be set and properly converts bools to the strings exhibitor expects.
* | | | | | | | | | docker module: fix autoPrune.enable descriptionFranz Pletz2017-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cc #27503
* | | | | | | | | | exhibitor: init at 3.4.9Joel Thompson2017-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Initial Exhibitor nix package and nixos module for Netflix's Exhibitor, which is a manager for Apache Zookeeper.
* | | | | | | | | | nixos/oauth2_proxy: actually pass provider-specific optionsRhys2017-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Syntax errors prevented important parameters from being passed to oauth2_proxy, which could have permitted unauthorised access to services behind the proxy.
* | | | | | | | | | docker service: add option to do automatic pruningPascal Bach2017-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows to run the prune job periodically on a machine. By default the if enabled the job is run once a week. The structure is similar to how system.autoUpgrade works.
* | | | | | | | | | Factorio service: fix typo in attribute pathMichael Peyton Jones2017-07-20
| | | | | | | | | |
* | | | | | | | | | Merge pull request #27405 from rvl/postgresql-xmlFranz Pletz2017-07-20
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | postgresql: fix nixos tests and add xml support
| * | | | | | | | | | nixos tests: run postgresql tests with postgres userRodney Lorrimar2017-07-19
| | | | | | | | | | |
| * | | | | | | | | | postgresql: enable XML functionsRodney Lorrimar2017-07-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I suspect these functions aren't widely used, but they are enabled in PostgreSQL on Ubuntu and Arch.
| * | | | | | | | | | nixos tests: fix postgresql testsRodney Lorrimar2017-07-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Needs to call makeTest or else nothing happens when you run `nix-build nixos/tests/postgresql.nix`. 2. Tests run as root, so there needs to be a corresponding user in PostgreSQL.
* | | | | | | | | | | Merge pull request #26419 from roblabla/feature-saslFranz Pletz2017-07-20
|\ \ \ \ \ \ \ \ \ \ \ | |_|/ / / / / / / / / |/| | | | | | | | | | cyrus-sasl: Add saslauthd service and LDAP support
| * | | | | | | | | | cyrus-sasl: Add saslauthd service supportroblabla2017-06-06
| | | | | | | | | | |
* | | | | | | | | | | nixos/ldap: remove tls_checkpeer no when using TLSGraham Christensen2017-07-19
| | | | | | | | | | |
* | | | | | | | | | | gitlab: fix archive urls for gitlab serviceDaiderd Jordan2017-07-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Accessing an url like https://gitlab.example.org/group/project/repository/archive.tar.gz?ref=master requires tar/gzip to be in the path of the gitlab-workhorse service otherwise it fails.
* | | | | | | | | | | Merge pull request #26214 from zimbatm/google-compute-imagezimbatm2017-07-19
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Google compute image
| * | | | | | | | | | | google-compute-image module: use google serviceszimbatm2017-07-15
| | |_|_|_|_|_|_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a few google-specific services to setup the machine. Accounts are now dynamically created using the google-accounts-daemon, which allows to click on the "SSH" button in the console and have it working. The NixOS image now supports the userdata startup and shutdown scripts. Misc: * add all the google services from https://github.com/GoogleCloudPlatform/compute-image-packages/tree/master/google_compute_engine_init/systemd * add udev rules for disk labels * synched sysctl rules with https://github.com/GoogleCloudPlatform/compute-image-packages/blob/master/google_config/sysctl/11-gce-network-security.conf
* | | | | | | | | | | Merge pull request #27031 from jerith666/cnijfilter-2-80Benno Fünfstück2017-07-18
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | cnijfilter: init at 2.80
| * | | | | | | | | | | cnijfilter: init at 2.80Matt McHenry2017-07-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this driver reads support files from lib/bjlib as well as lib/cups, which is why the path in cupsd.nix is tweaked
* | | | | | | | | | | | manual: update mailing list linksGraham Christensen2017-07-18
| | | | | | | | | | | |
* | | | | | | | | | | | Point to the new mailing list by replacing the old linkDomen Kožar2017-07-18
| |_|_|_|_|_|_|_|_|_|/ |/| | | | | | | | | |
* | | | | | | | | | | Add file with Azure image locations, similar to ec2-amis.nix. Will be used ↵Rob Vermaas2017-07-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | by nixops. (cherry picked from commit e93f26847ea41cce6633b6a0feb6ce31b0722d5d)
* | | | | | | | | | | Add file with GCE image locations, similar to ec2-amis.nix. Will be used by ↵Rob Vermaas2017-07-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nixops. (cherry picked from commit 9d810ddcc1938a90090fd60f8924f4e83acbeee2)
* | | | | | | | | | | nix: 1.11.12 -> 1.11.13Eelco Dolstra2017-07-18
| | | | | | | | | | |
* | | | | | | | | | | Merge pull request #27410 from florianjacob/journalwatchJörg Thalheim2017-07-18
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | journalwatch & journalwatch service: init at 1.1.0
| * | | | | | | | | | | journalwatch & journalwatch service: init at 1.1.0Florian Jacob2017-07-16
| | |/ / / / / / / / / | |/| | | | | | | | |
* | | | | | | | | | | wireguard: allow not storing private keys in world-readable /nix/store (#27433)Aristid Breitkreuz2017-07-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * wireguard: allow not storing private keys in world-readable /nix/store
* | | | | | | | | | | Strongswan after network-online instead of networkFalco Peijnenburg2017-07-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The systemd service file shipped with strongswan has strongswan started after `network-online`. It turns out that this is for good reason: failure to connect on boot otherwise. See this thread on the mailing list, which my colleague initiated after finding that our NixOS strongswan config wouldn't connect on boot: https://lists.strongswan.org/pipermail/users/2017-January/010359.html Tested on a local config (which has the strongswan service config overridden).
* | | | | | | | | | | nginx: add gzip_vary to recommended settingsWout Mertens2017-07-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Google PageSpeed recommends turning this on to allow proxies to cache
* | | | | | | | | | | Merge pull request #27057 from Nadrieril/bitlbee-libpurpleJörg Thalheim2017-07-17
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | bitlbee service: Add option to load libpurple plugins into bitlbee
| * | | | | | | | | | | bitlbee service: Add option to load libpurple plugins into bitlbeeNadrieril2017-07-16
| | | | | | | | | | | |
* | | | | | | | | | | | programs.gnupg: use extraInit instead of interactiveShellInitRobin Gloster2017-07-17
| |_|_|_|_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Otherwise some programmes cannot use the GPG agent, e.g. applications started from dmenu. Behaviour was changed in #26888, this reverts that part.
* | | | | | | | | | | tinc service: BindToAddress and ListenAddress are different options, they ↵Nadrieril2017-07-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | should not be mistaken
* | | | | | | | | | | Merge pull request #27000 from Balletie/fix/pulseaudio-alsa-confBenno Fünfstück2017-07-17
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | pulseaudio: Resolve conflicting asound.conf of pulseaudio and alsa
| * | | | | | | | | | | pulseaudio: Resolve conflicting asound.conf of pulseaudio and alsaBalletie2017-07-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes issue #25790.
* | | | | | | | | | | | all-hardware.nix: add VMware support. (#27430)volth2017-07-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NixOS does not boot in VMware guest without these modules
* | | | | | | | | | | | Merge pull request #26912 from knedlsepp/fix-autoResizeGraham Christensen2017-07-16
|\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | nixos: Force check the filesystem before resizing
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-04 13:23:04 +0000