Commit graph

186 commits

Author SHA1 Message Date
Eelco Dolstra 742881a0f9 svn path=/nixos/trunk/; revision=26997 2011-04-27 14:10:03 +00:00
Eelco Dolstra 257326915b * gw6c: don't depend on the services tree.
svn path=/nixos/trunk/; revision=26995
2011-04-27 14:03:46 +00:00
Eelco Dolstra 650d14be8d * Remove most references to the "services" tree.
svn path=/nixos/trunk/; revision=26990
2011-04-27 13:16:33 +00:00
Eelco Dolstra 76d3721a53 * `dnsmasq' shouldn't run by default.
svn path=/nixos/trunk/; revision=26890
2011-04-19 13:37:31 +00:00
Lluís Batlle i Rossell 6824866d6d Adding a dnsmasq simple module.
svn path=/nixos/trunk/; revision=26820
2011-04-13 14:09:02 +00:00
Eelco Dolstra e9b2ebcb99 * Send a TCP RST packet, rather than an ICMP port-unreachable packet,
for (apparently) open TCP connections that connection tracking 
  doesn't know about.  This prevents TCP connections to this machine
  from hanging in CLOSE_WAIT for a long time.

svn path=/nixos/trunk/; revision=26802
2011-04-12 11:25:57 +00:00
Nicolas Pierron 96fc9379ba Convert assertion option into mkAssert.
svn path=/nixos/trunk/; revision=26614
2011-03-30 17:52:34 +00:00
Eelco Dolstra 87a2c6d9c5 * Don't enable rdnssd by default for the moment.
svn path=/nixos/trunk/; revision=26505
2011-03-25 09:29:22 +00:00
Eelco Dolstra b2d6dfecbc * Add the rdnss daemon.
* Add the ndisc6 package to the system path if IPv6 is enabled.

svn path=/nixos/trunk/; revision=26496
2011-03-24 16:23:28 +00:00
Eelco Dolstra f71bd3f93c * dhclient: ignore libvirt's network interfaces.
svn path=/nixos/trunk/; revision=26327
2011-03-15 15:30:12 +00:00
Eelco Dolstra 3cb7a54dba * Added an option `networking.bridges' to allow Ethernet bridges to be
defined.

svn path=/nixos/trunk/; revision=26325
2011-03-15 15:13:48 +00:00
Eelco Dolstra 64d871c0d9 * Enable FTP connection tracking in the firewall.
svn path=/nixos/trunk/; revision=26275
2011-03-11 13:34:17 +00:00
Eelco Dolstra 005ca15f64 * Firewall: add an option to allow extra firewall rules to be added.
* Firewall: change the policy of the INPUT chain back to ACCEPT to
  prevent a lockup when the Nix store is mounted over the network
  (i.e. in our VM tests).  This is because as soon as the policy is
  set to DROP, the iptables modules that enable access to the network
  filesystem cannot be acccessed anymore.

svn path=/nixos/trunk/; revision=26274
2011-03-11 13:04:17 +00:00
Eelco Dolstra ab0ce6734b * firewall.nix: Only flush/delete the chains created by us.
svn path=/nixos/trunk/; revision=26271
2011-03-11 11:53:18 +00:00
Eelco Dolstra f672aa71bf * RFC 4890 says that local nodes should not filter pretty much any
ICMPv6 messages (including echo requests), so don't do that.

svn path=/nixos/trunk/; revision=26270
2011-03-11 11:08:16 +00:00
Eelco Dolstra 0ea9f6611a * Add some more rules to allow ICMPv6 router/neighbour advertisements
in.  Maybe we're better off accepting all ICMPv6 messages *except*
  echo requests.

svn path=/nixos/trunk/; revision=26260
2011-03-10 16:25:08 +00:00
Eelco Dolstra 53bc6d3efa * NAT module: support active FTP.
svn path=/nixos/trunk/; revision=26247
2011-03-10 13:03:47 +00:00
Eelco Dolstra 9bf4ac079e * Add a module for doing Network Address Translation.
svn path=/nixos/trunk/; revision=26246
2011-03-10 12:08:39 +00:00
Eelco Dolstra d6424efbfb * Cleanup.
svn path=/nixos/trunk/; revision=26244
2011-03-10 09:39:17 +00:00
Eelco Dolstra e884cbed7d * Add an option for opening UDP ports.
* Accept packets destined for link-local addresses (fe80::/10).

svn path=/nixos/trunk/; revision=26236
2011-03-09 16:37:16 +00:00
Eelco Dolstra 12161f3183 * Add a firewall option to allow pings. (Maybe this should
be enabled by default.)

svn path=/nixos/trunk/; revision=26233
2011-03-09 15:28:47 +00:00
Eelco Dolstra e4051e105c * Use a separate chain for logging and rejecting.
svn path=/nixos/trunk/; revision=26232
2011-03-09 15:11:01 +00:00
Eelco Dolstra 66716f9dd5 * Firewall: support IPv6.
svn path=/nixos/trunk/; revision=26231
2011-03-09 14:41:48 +00:00
Eelco Dolstra 843e1f6c1e * Cleanup.
svn path=/nixos/trunk/; revision=26228
2011-03-09 12:28:44 +00:00
Eelco Dolstra b61c632006 * Add a module for radvd.
svn path=/nixos/trunk/; revision=26035
2011-02-19 19:19:55 +00:00
Yury G. Kudryashov 559834437a ejabberd: tabs->spaces, remove trailing whitespace
svn path=/nixos/trunk/; revision=25996
2011-02-16 21:03:14 +00:00
Ludovic Courtès 7edc419f65 lshd: Streamline first use.
svn path=/nixos/trunk/; revision=25716
2011-01-29 23:06:52 +00:00
Eelco Dolstra c65c03099f * Use "initctl restart".
svn path=/nixos/trunk/; revision=25249
2010-12-23 11:00:20 +00:00
Evgeny Egorochkin 3b28efd00d Git daemon: packaged.
svn path=/nixos/trunk/; revision=25163
2010-12-17 07:33:20 +00:00
Lluís Batlle i Rossell d5fb41795f Adding a wake on lan module.
svn path=/nixos/trunk/; revision=24958
2010-12-02 20:23:45 +00:00
Eelco Dolstra 29813b418c * Don't run dhclient on Xen's vif* and tap* interfaces.
svn path=/nixos/trunk/; revision=24948
2010-12-01 16:14:44 +00:00
Evgeny Egorochkin 2224d78b33 network-interfaces: MAC address support take 2: now it seems to work
svn path=/nixos/trunk/; revision=24847
2010-11-24 22:58:53 +00:00
Eelco Dolstra 341698c367 * OpenVPN: add it to the system path when enabled.
svn path=/nixos/trunk/; revision=24343
2010-10-18 10:40:08 +00:00
Eelco Dolstra 2bb4a618e2 * Added an option "services.openssh.extraConfig" that allows
setting arbitrary options in sshd_config, e.g.,

    services.openssh.extraConfig = "PermitTunnel yes";

svn path=/nixos/trunk/; revision=24341
2010-10-18 10:31:41 +00:00
Ludovic Courtès 8d88e37b27 avahi-daemon: Remove outdated and confusing comment.
svn path=/nixos/trunk/; revision=24152
2010-10-07 20:10:49 +00:00
Eelco Dolstra 102a1e15ba * Use the "iburst" flag. This makes ntpd synchronise in a few seconds rather than
a few minutes by sending an initial burst of messages to the time servers.

svn path=/nixos/trunk/; revision=24119
2010-10-06 16:03:37 +00:00
Eelco Dolstra 35562ea4a3 * Don't daemonize; otherwise Upstart will respawn it.
svn path=/nixos/trunk/; revision=24081
2010-10-05 15:17:09 +00:00
Evgeny Egorochkin 88b24ece7f Quassel: quick fix
svn path=/nixos/trunk/; revision=23930
2010-09-26 02:10:23 +00:00
Evgeny Egorochkin b766f8ac8d AMule: quick fix
svn path=/nixos/trunk/; revision=23929
2010-09-26 02:09:34 +00:00
Evgeny Egorochkin 3bca96e1bd AMule: create the user only if the user option is null, don't pollute the system profile with useless packages.
svn path=/nixos/trunk/; revision=23928
2010-09-26 02:04:06 +00:00
Evgeny Egorochkin d8c72719aa Quassel: Create quassel user only if cfg.user is left empty to avoid messing up existing users.
This solution is still suboptimal but others are even worse.

svn path=/nixos/trunk/; revision=23927
2010-09-26 01:58:44 +00:00
Evgeny Egorochkin c0751f83e9 Quassel: don't pollute profiles with useless files
svn path=/nixos/trunk/; revision=23904
2010-09-22 23:07:52 +00:00
Evgeny Egorochkin 36fe7f69c6 Quassel: get rid of custom logging remnants
svn path=/nixos/trunk/; revision=23867
2010-09-20 01:44:07 +00:00
Evgeny Egorochkin 764f5f34fd Quassel: use the generic logging for jobs instead of rolling your own.
svn path=/nixos/trunk/; revision=23854
2010-09-18 12:50:55 +00:00
Evgeny Egorochkin 259c007f70 Quassel: use the convenience daemon package.
svn path=/nixos/trunk/; revision=23849
2010-09-18 11:30:09 +00:00
Evgeny Egorochkin 1b4c811d41 Added AMule daemon service
svn path=/nixos/trunk/; revision=23848
2010-09-18 11:30:04 +00:00
Eelco Dolstra ea4d3e2c8c * Don't run dhclient on Xen's peth* devices.
svn path=/nixos/trunk/; revision=23779
2010-09-14 11:17:48 +00:00
David Guibert 6436ed1de4 nixos: kerberos services for the server.
svn path=/nixos/trunk/; revision=22985
2010-08-06 08:49:08 +00:00
Eelco Dolstra 793767870a * Disable writing dhclient debug info to /tmp/dhcp-exit.
svn path=/nixos/trunk/; revision=22962
2010-08-05 13:32:58 +00:00
Wouter den Breejen e058f7ea45 sabnzbd now really starts at boot
svn path=/nixos/trunk/; revision=22579
2010-07-13 14:45:44 +00:00
Eelco Dolstra 54a4eead20 * Typos.
svn path=/nixos/trunk/; revision=22537
2010-07-08 16:21:55 +00:00
Eelco Dolstra 54d201294b * Sync with the trunk.
svn path=/nixos/branches/boot-order/; revision=22487
2010-07-06 08:21:05 +00:00
Wouter den Breejen 2335cb65a3 Added sabnzbd :)
SABnzbd makes Usenet as simple and streamlined as possible by automating everything we can. All you have to do is add an .nzb. SABnzbd takes over from there, where it will be automatically downloaded, verified, repaired, extracted and filed away with zero human interaction.

http://sabnzbd.org/

svn path=/nixos/trunk/; revision=22446
2010-07-03 15:10:48 +00:00
Evgeny Egorochkin ebd9fb6cf3 Added Quassel IRC client service
svn path=/nixos/trunk/; revision=22425
2010-06-28 18:36:37 +00:00
Eelco Dolstra a5c433696c * Put all of /var/run (not just /var/run/nscd) on a tmpfs to simplify
shutdown.  (Portmap and statd are needed during shutdown to unmount
  NFS volumes but have open files in /var/run.)
* In the shutdown job, don't kill PIDs belonging to Upstart jobs that
  are still running.  If they don't stop on the "starting shutdown"
  event, then they're needed during shutdown (such as portmap and
  statd).
* NFS test: test whether the shutdown quickly unmounts NFS volumes
  (i.e. whether portmap and statd are still running).

svn path=/nixos/branches/boot-order/; revision=22204
2010-06-09 22:29:06 +00:00
Eelco Dolstra d837ae4914 * portmap: don't use the -f flag to ensure that when the job reaches
the "started" state, portmap is actually up.

svn path=/nixos/branches/boot-order/; revision=22192
2010-06-09 11:15:25 +00:00
Eelco Dolstra d67e6e6285 * Remove some `stopOn = "ip-down"' declarations since they probably
don't do the right thing (e.g. they don't distinguish between
  network interfaces).

svn path=/nixos/trunk/; revision=22102
2010-06-02 16:19:48 +00:00
Lluís Batlle i Rossell 8b69834669 Fixing a syntax error in the vsftpd module I added in a recent commit.
svn path=/nixos/trunk/; revision=21687
2010-05-09 15:38:48 +00:00
Lluís Batlle i Rossell 4ee2a8a29a Fixing the UTF-8 in openssh sshd (passing to it the LOCALE_ARCHIVE - that
requieres a patch in openssh that I just commited to nixpkgs)

Before this, in the shell spawned, backspace could not work over UTF-8 strings in the readline.


svn path=/nixos/trunk/; revision=21679
2010-05-09 12:45:57 +00:00
Ludovic Courtès 4c1af311e1 avahi-daemon: Ensure that /var/run/avahi-daemon exists.
svn path=/nixos/trunk/; revision=21673
2010-05-08 22:28:26 +00:00
Lluís Batlle i Rossell 0d92459fb5 Fixing vsftpd regarding the anonymous user (some script lines had to be run
only in the case the anonymous user service were enabled)


svn path=/nixos/trunk/; revision=21669
2010-05-08 19:12:36 +00:00
Lluís Batlle i Rossell e4e3789dad Make privoxy run with uid=privoxy.
Patch by Russell O'Connor, sent to nix-dev.


svn path=/nixos/trunk/; revision=21551
2010-05-02 04:38:45 +00:00
Eelco Dolstra 8874226fa3 * Add rfkill to the system path.
svn path=/nixos/trunk/; revision=21201
2010-04-21 11:37:52 +00:00
Eelco Dolstra 176f6c52dd * Change the name of the SSH privilege separation user account back to
"sshd" because changing it to "opensshd" causes breakage (like the
  activation script saying "useradd: UID 2 is not unique.").  Also,
  OpenSSH requires it to be named "sshd", I think.

svn path=/nixos/trunk/; revision=20577
2010-03-11 18:07:20 +00:00
Ludovic Courtès 8e16742b79 Update users of `services.sshd'.
svn path=/nixos/trunk/; revision=20575
2010-03-11 17:02:53 +00:00
Ludovic Courtès d1b4b7fd28 Rename services.sshd' to services.openssh'.
svn path=/nixos/trunk/; revision=20574
2010-03-11 17:02:49 +00:00
Eelco Dolstra 051e9342b3 * Use the moduli file. This shuts up the "WARNING: /etc/ssh/moduli
does not exist, using fixed modulus" message in /var/log/messages.

svn path=/nixos/trunk/; revision=19754
2010-02-01 17:05:02 +00:00
Ludovic Courtès 06aeb7d87f GNUnet: Add options; add as a system package; provide /etc/gnunetd.conf.
svn path=/nixos/trunk/; revision=19630
2010-01-23 15:47:33 +00:00
Eelco Dolstra 50430f19e1 * Only run dhclient on interfaces of type 1, otherwise it fails to
start if the machine has weird network devices (e.g. "eql").

svn path=/nixos/trunk/; revision=19623
2010-01-22 20:34:32 +00:00
Lluís Batlle i Rossell fa2a6f835f Adding wicd, taking in the patch sent by roconnor to nix-dev on 2010-01-07.
svn path=/nixos/trunk/; revision=19298
2010-01-07 17:53:03 +00:00
Eelco Dolstra 9c465fedfa * Reinstate the -s flag.
svn path=/nixos/trunk/; revision=19055
2009-12-20 22:03:32 +00:00
Eelco Dolstra 57f70db611 * Revert r19003 for now, because wpa_supplicant 0.6.9 (in the Nixpkgs
trunk) doesn't have a -s flag.  0.7.0 in the stdenv branch
  presumably does, but it's marked as unstable upstream.

svn path=/nixos/trunk/; revision=19047
2009-12-20 16:51:22 +00:00
Lluís Batlle i Rossell ee434cc3d6 Using wpa_supplicant feature to log to syslog, instead of stdout (which,
in the actual upstart job, meant /dev/console)

svn path=/nixos/trunk/; revision=19003
2009-12-16 19:45:19 +00:00
Ludovic Courtès 3f2348ef91 Start networking services on `ip-up' when it makes sense.
svn path=/nixos/trunk/; revision=18962
2009-12-15 13:02:23 +00:00
Marc Weber 4d7e344f69 Adding initial version of the nixos cd insallation test script using
qemu_kvm. Installation doesn't take place yet. VM is started
printing a remote controlled "Hello".

This serves as example how to run a vm within a bulid job.

svn path=/nixos/trunk/; revision=18887
2009-12-11 00:51:13 +00:00
Rob Vermaas 038180bab8 * sshd.nix: ports attribute, to allow listening to multiple ports
svn path=/nixos/trunk/; revision=18877
2009-12-10 14:45:41 +00:00
Lluís Batlle i Rossell b005e22952 Adding a not-very-nice option to allow setting the wpa_supplicant interface.
(eth1 in my PC, instead of the previously hardcoded wlan0)

svn path=/nixos/trunk/; revision=18862
2009-12-09 20:30:40 +00:00
Eelco Dolstra a21f18e81f * Synced with the trunk.
svn path=/nixos/branches/upstart-0.6/; revision=18602
2009-11-24 16:11:01 +00:00
Sander van der Burg ff177a01a7 Fixed ejabberd service so that it will be started on startup
svn path=/nixos/branches/upstart-0.6/; revision=18557
2009-11-23 13:29:47 +00:00
Sander van der Burg ebbde6f8d3 Added directory option for ejabberd dumps so that we can use derivations on a convenient way, e.g. loadDumps = [ myDumpDrvFun ];
svn path=/nixos/branches/upstart-0.6/; revision=18487
2009-11-20 15:35:01 +00:00
Sander van der Burg dd0f8b36d5 Moved ejabberd initialization check loop inside the if statement, since we only have to check for it in the first startup
svn path=/nixos/branches/upstart-0.6/; revision=18464
2009-11-19 15:17:04 +00:00
Sander van der Burg 9b000b3dcf Added loadDumps option, which makes it possible to load a specific ejabberd configuration on the first startup
svn path=/nixos/branches/upstart-0.6/; revision=18461
2009-11-19 15:12:05 +00:00
Sander van der Burg a5cdfcbdb2 Removed the dirty sleep hack from the ejabberd service
svn path=/nixos/branches/upstart-0.6/; revision=18456
2009-11-19 13:15:15 +00:00
Michael Raskin ea2417ac87 Apply Eelco Dolstra's formatting suggestions
svn path=/nixos/trunk/; revision=18436
2009-11-18 15:11:54 +00:00
Michael Raskin 26f83d65e4 Adding GVPE service
svn path=/nixos/trunk/; revision=18431
2009-11-18 14:54:37 +00:00
Eelco Dolstra e9b2ef9fb7 * Restart wpa_supplicant and dhclient on resume.
svn path=/nixos/branches/upstart-0.6/; revision=18360
2009-11-15 20:40:41 +00:00
Eelco Dolstra 0755e228bf * Since "initctl stop" is now synchronous, the sleep is no longer
needed.

svn path=/nixos/branches/upstart-0.6/; revision=18359
2009-11-15 20:40:07 +00:00
Eelco Dolstra 83a9bf9a6a * Change all the startOn / stopOn attributes to the Upstart 0.6 syntax
(e.g., startOn = "started foo" instead of startOn = "foo").

svn path=/nixos/branches/upstart-0.6/; revision=18230
2009-11-06 22:19:17 +00:00
Eelco Dolstra a60d83d3b4 svn path=/nixos/branches/upstart-0.6/; revision=18228 2009-11-06 21:39:18 +00:00
Eelco Dolstra d545d08461 * In the network-interfaces task, emit an ip-up event if there is a
statically configured interface (i.e. we're not running dhclient).
  Otherwise the ntpd job won't be triggered.
* Use the "-n" flag of "initctl emit" to send the event
  asynchronously.

svn path=/nixos/branches/upstart-0.6/; revision=18227
2009-11-06 21:38:40 +00:00
Eelco Dolstra 9fa2f12cc2 * Do some more jobs.
svn path=/nixos/branches/upstart-0.6/; revision=18212
2009-11-06 15:46:56 +00:00
Eelco Dolstra b581a56d79 * Define the Upstart package to use in one place.
svn path=/nixos/branches/upstart-0.6/; revision=18187
2009-11-06 09:36:35 +00:00
Sander van der Burg 46558b31a0 Added ejabberd to the systemPackages and fixed some command line arguments. This will make the ejabberd service working again
svn path=/nixos/trunk/; revision=18070
2009-11-02 12:13:09 +00:00
Marc Weber 4f006e49bf openvpn was broken by jobAttrs. fixed
svn path=/nixos/trunk/; revision=17940
2009-10-23 11:30:54 +00:00
Eelco Dolstra eba8f94069 * jobAttrs -> jobs.
svn path=/nixos/trunk/; revision=17769
2009-10-12 18:09:34 +00:00
Eelco Dolstra d982f23f20 * Convert the remaining jobs to jobAttrs style.
svn path=/nixos/trunk/; revision=17764
2009-10-12 17:27:57 +00:00
Eelco Dolstra 9943e0762e * Update some more modules.
svn path=/nixos/trunk/; revision=17763
2009-10-12 17:09:38 +00:00
Eelco Dolstra e91d882a94 * Converted modules that were still using the old (concrete syntax)
style of declaring Upstart jobs.  While at it, converted them to the
  current NixOS module style and improved some option descriptions.
  Hopefully I didn't break too much :-)

svn path=/nixos/trunk/; revision=17761
2009-10-12 16:36:19 +00:00
Nicolas Pierron 2e34baba3b Rename environment.extraPackages to environment.systemPackages.
svn path=/nixos/trunk/; revision=17705
2009-10-07 17:14:25 +00:00
Marc Weber 7e72788a39 rewrite sshd using jobAtts serving as example
svn path=/nixos/trunk/; revision=17651
2009-10-05 18:31:30 +00:00