Commit graph

176 commits

Author SHA1 Message Date
William A. Kennington III 1321fd175d nixos/nat: Leverage firewall module 2014-09-15 21:31:27 -07:00
William A. Kennington III 6a43d51291 nixos/firewall: Support extraStopCommands 2014-09-15 21:31:26 -07:00
William A. Kennington III fd7b9b4291 nixos/firewall: Don't allow traffic during reload 2014-09-15 20:40:16 -07:00
Jaka Hudoklin f7ba3d833f nixos/znc: fix module, createUser option does not exist anymore 2014-09-13 02:20:32 +02:00
William A. Kennington III bab5efd237 nixos/ssh: Allow user to configure the package that provides ssh/sshd 2014-09-11 22:07:39 -07:00
Aristid Breitkreuz c3fe942a57 start dhcpcd after network-interfaces 2014-09-06 13:52:09 +02:00
aszlig e8c4fde22d
nixos/nsd: Improve support for journald/systemd.
Don't fork into the background and just log to stderr.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
aszlig 6386df1645
nixos/nsd: Fix indentation/coding style.
For Nix, we indent using two spaces, but in this module somehow 4 spaces
were snuck in. Other than that, remoteControl and ratelimit are just
nested attribute sets, so we don't need to make another submodule type
for no particular reason.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-05 02:54:39 +02:00
Luca Bruno 2ba523df24 nixos nat: add description to forwardPorts 2014-09-04 11:33:08 +02:00
Luca Bruno e6ab680cbf nixos nat: add type for sourcePort and destination of forwardPorts 2014-09-04 10:26:33 +02:00
Michael Raskin 4155121069 Merge pull request #3926 from lethalman/fwdports
nixos/nat: add forwardPorts for external->internal DNAT
2014-09-03 21:54:37 +04:00
Michael Raskin 3e841ef642 Fixing comment case 2014-09-03 20:03:15 +04:00
Michael Raskin d1ae15b680 Merge pull request #3804 from ehmry/unbound
unbound: run in chroot
2014-09-03 11:45:20 +04:00
Nathan Bijnens 33a3f76ee4 Copy.com: client #3617 2014-09-03 11:31:51 +04:00
William A. Kennington III 9659d0f4fb nixos/dnsmasq: Fix regressions during the systemd update 2014-09-02 17:23:55 -07:00
Vladimir Still 13bbce96c3 sshd: Fix typo in assetion. 2014-09-02 10:06:04 +02:00
Vladimir Still a2394f09c7 sshd: Add note about listening on port 22 to listenAddresses. 2014-09-01 22:56:35 +02:00
Vladimir Still ac39d839c3 sshd: Add note about firewall and listenAddresses. 2014-09-01 22:56:35 +02:00
Vladimir Still e12337156c sshd: Allow to specify ListenAddress. 2014-09-01 22:56:35 +02:00
Michael Raskin a6dfb4dc28 Merge pull request #3241 from ehmry/cjdns
cjdns declarative configuration
2014-09-02 00:53:18 +04:00
Luca Bruno b21ac60290 nixos/nat: add forwardPorts for external->internal DNAT 2014-09-01 22:31:56 +02:00
Luca Bruno 31b7cae018 nixos/znc: fix immutable config.
Fix references to coreutils echo and rm.
Make config writable even if immutable because of
https://github.com/znc/znc/blob/master/src/znc.cpp#L964 .
2014-09-01 16:21:12 +02:00
aszlig 29f4642284
nixos: Add new service for OpenNTPd.
This conflicts with the existing reference NTP daemon, so we're using
services.ntp.enable = mkForce false here to make sure both services
aren't enabled in par.

I was already trying to merge the module with services.ntp, but it would
have been quite a mess with a bunch of conditions on the package name.
They both have a bit in common if it comes to the configuration files,
but differ in handling of the state dir (for example, OpenNTPd doesn't
allow it to be owned by anything other than root).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-01 16:07:28 +02:00
Michael Raskin 9e3d1b1a8f Merge pull request #3908 from wkennington/master.ip
Reapply the multi-ip code
2014-09-01 10:28:54 +04:00
Jan Malakhovski 8c9b6d932a nixos: add dhcpcd.persistent option 2014-09-01 10:33:48 +04:00
Jan Malakhovski 99243a5c51 nixos: add atftpd service 2014-09-01 10:33:48 +04:00
Emery Hemingway f60ac82cac cjdns: new declarative service expression
systemd service wants network-interfaces.target rather than network.target
assertion on config.networking.enableIPv6
2014-08-31 18:14:16 -04:00
William A. Kennington III 3d037ebb94 Revert "Revert "Merge pull request #3182 from wkennington/master.ipv6""
This reverts commit ea8910652f.
2014-08-31 09:46:16 -07:00
Rob Vermaas ea8910652f Revert "Merge pull request #3182 from wkennington/master.ipv6"
This reverts commit b23fd65854, reversing
changes made to 43654cba2c.
2014-08-31 10:58:54 +02:00
Nicolas B. Pierron a5d6219897 Merge pull request #3864 from nbp/useless-submodules
Remove useless use of undocumented submodules.
2014-08-30 18:21:17 +02:00
William A. Kennington III 4d8390be60 nixos/network-interfaces: Support the old ip configuration convention 2014-08-30 08:05:00 -07:00
William A. Kennington III 098c8f4c77 nixos/network-interfaces: Add support for multiple ipv4 / ipv6 addresses 2014-08-30 07:33:38 -07:00
Michael Raskin 8937b70d07 Merge pull request #3344 from ehmry/privoxy
privoxy: upstart to systemd conversion, actions file editing
2014-08-30 14:19:57 +04:00
Nicolas Pierron 8c19690d99 Remove useless use of optionSet. 2014-08-29 18:43:03 +02:00
Nicolas Pierron 43e52ef001 Remove useless use of undocumented submodules. 2014-08-29 18:28:34 +02:00
Michael Raskin 844fd2553e Merge pull request #3745 from wkennington/master.dnsmasq
dnsmasq: Update and enable dbus support
2014-08-29 01:43:41 +04:00
Michael Raskin c42e7dfc0c Merge pull request #3200 from wkennington/master.dhcpcd
nixos/dhcpcd: Add an explicit interfaces option
2014-08-29 01:09:22 +04:00
Paul Colomiets adbb9ff796 dnsmasq: upgrade to 2.71, fixed dnsmasq module
* The module now has systemd config

* Add resolveLocalQueries option which sets up it as a dns server for
  local host (including reasonable setup of resolvconf)

* Add "dnsmasq" user for running daemon

* Enabled dbus and dnssec support for the package

Conflicts:
	nixos/modules/misc/ids.nix
2014-08-28 11:39:03 -07:00
aszlig 8a56a55bb4
nixos/manual: Use literalExample when feasible.
Should bring most of the examples into a better consistency regarding
syntactic representation in the manual.

Thanks to @devhell for reporting.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-08-27 23:41:15 +02:00
Emery Hemingway e7597b12b8 privoxy: upstart to systemd conversion, actions file editing
fix missing actions and filters
2014-08-27 11:34:10 -04:00
Emery Hemingway aedbfdff84 unbound: run in chroot 2014-08-26 21:24:09 -04:00
William A. Kennington III aa77fe0fb0 nixos/radvd: Convert to a systemd unit
Additionally, remove the automatic initialization of the ipv6 forwarding
sysctl as this should be handled by the end user. This really should not
be an issue as most people running radvd are likely forwarding ipv6
packets.
2014-08-24 03:12:55 -07:00
William A. Kennington III bc6979f7e1 nixos/dhcpcd: Don't configure sit devices 2014-08-14 14:06:56 -05:00
William A. Kennington III a269acf480 nixos/dhcpcd: Use null instead of empty list to disable allowInterfaces 2014-08-14 14:05:55 -05:00
William A. Kennington III 320a82dd7f nixos/dhcpcd: Add an explicit interfaces option 2014-08-14 14:05:55 -05:00
William A. Kennington III d0c0c2f9ba nixos/dhcpd: Wait until network interfaces are configured to start 2014-08-13 15:08:43 -05:00
William A. Kennington III b3ddcfabd9 nixos/dhcpd: Convert to systemd from upstart 2014-08-13 15:08:43 -05:00
William A. Kennington III 24368beed8 nixos/dhcpd: Use dhcp user instead of nobody 2014-08-13 15:08:43 -05:00
William A. Kennington III 4fbf120e84 nixos/dhcpd: Add the ability to drop privileges 2014-08-13 15:08:08 -05:00
William A. Kennington III 56228e5614 nixos/dhcp: Modernize ddns-update-style 2014-08-13 15:08:08 -05:00