Commit graph

31 commits

Author SHA1 Message Date
Rob Vermaas 9cf0a41925 fail2ban: move /var/run/fail2ban creation to activation script to be able to restrict the write locations for the service properly, add configuration files to the restartTriggers. 2013-07-31 11:22:48 +02:00
Rob Vermaas 96be2d5a7d Fix ReadWriteDirectories for fail2ban, added /var/tmp. 2013-07-28 18:33:57 +02:00
Rob Vermaas 6adfb647ff Limit the capabilities of what fail2ban service can do. Taken from ArchLinux wiki. 2013-07-25 20:03:29 +02:00
Rob Vermaas 7e7392b8ad Limit the location where fail2ban service can write to (only /var/run/fail2ban). 2013-07-25 15:48:00 +02:00
Rob Vermaas c5f6a08750 Make fail2ban a normal systemd service in nixos module. 2013-07-25 15:40:20 +02:00
Evgeny Egorochkin 6e6061e6b3 TOR: add obfsproxy support by default for TOR bridges 2013-06-04 13:03:37 +03:00
Evgeny Egorochkin 06f90c6ffc Tor-privoxy: quick and dirty fix for activation under systemd 2013-02-10 20:29:17 +02:00
Evgeny Egorochkin e201da376e torsocks: make 2 wrappers to torify apps with more and less circuit isolation. 2013-01-15 08:59:02 +02:00
Evgeny Egorochkin 123c73caf6 Torify: restore as an alternative to TorSocks due to lack of compatibility with apps like Kopete. 2013-01-15 07:34:53 +02:00
Evgeny Egorochkin 0aad75fe70 Tor: improve circuit isolation. By default apps are isolated better, with extra port available for web browsers to keep
performance as it used to be before this commit.
2013-01-14 07:37:13 +02:00
Evgeny Egorochkin 4e2f9c8679 TOR: replace deprecated option 2013-01-14 06:38:11 +02:00
Phreedom cb063afcbf F-Prot virus signaure database updater: package 2012-07-24 10:52:04 +03:00
Phreedom 4f109c8a3d ClamAV: package virus fingerprint database updater. 2012-07-23 17:19:59 +03:00
Eelco Dolstra 91acb81b11 * Support globbing in the source attribute of environment.etc entries.
svn path=/nixos/trunk/; revision=34158
2012-05-17 18:43:45 +00:00
Eelco Dolstra c10b41ad99 * Make the fail2ban module configurable.
svn path=/nixos/trunk/; revision=34157
2012-05-17 18:19:48 +00:00
Eelco Dolstra 3ce8859551 * Basic module for fail2ban. Not configurable yet. It currently
blocks IP addresses if they make too many failed login attempts.

svn path=/nixos/trunk/; revision=34149
2012-05-17 02:51:24 +00:00
Eelco Dolstra 573877c1ac * Use boot.kernelModules everywhere instead of explicit calls to
modprobe.
* Move the implementation of boot.kernelModules from the udev job to
  the activation script.  This prevents races with the udev job.
* Drop references to the "capability" kernel module, which no longer
  exists.

svn path=/nixos/trunk/; revision=33208
2012-03-17 17:26:17 +00:00
Peter Simons 49a3e57d43 frandom: very fast kernel random number generator
svn path=/nixos/trunk/; revision=32084
2012-02-06 19:14:37 +00:00
Peter Simons eb6e1310b8 strip trailing whitespace; no functional change
svn path=/nixos/trunk/; revision=29285
2011-09-14 18:20:50 +00:00
Nicolas Pierron 96fc9379ba Convert assertion option into mkAssert.
svn path=/nixos/trunk/; revision=26614
2011-03-30 17:52:34 +00:00
Evgeny Egorochkin ac7ef33e4a Tor: socksListenAddress must always be in ip:port format
svn path=/nixos/trunk/; revision=24022
2010-10-02 02:19:17 +00:00
Russell O'Connor 2811c7270a Replacing tsocks with torsocks.
tsocks leaks DNS requests and is less secure than torsocks.

torsocks is a fork of tsocks that is patched specifically for Tor.


svn path=/nixos/trunk/; revision=24012
2010-10-01 03:41:43 +00:00
Evgeny Egorochkin 910103246f TOR: make torify work(only when enabled as a service. nix-env -i tor replaces it with a broken version.)
svn path=/nixos/trunk/; revision=23905
2010-09-22 23:07:59 +00:00
Evgeny Egorochkin e5aea56bb5 TOR: prevent creation of torPrivoxy.conf if Privoxy is disabled.
Patch by Russel O'Connor

svn path=/nixos/trunk/; revision=23862
2010-09-19 15:40:03 +00:00
Evgeny Egorochkin 385ec89817 TOR: client should be disabled by default
svn path=/nixos/trunk/; revision=23860
2010-09-18 16:36:03 +00:00
Evgeny Egorochkin 41530c8e76 TOR service: sane default for burst rate
svn path=/nixos/trunk/; revision=23851
2010-09-18 12:43:48 +00:00
Evgeny Egorochkin b2b227c99f TOR service: refactored options to avoid mess
svn path=/nixos/trunk/; revision=23850
2010-09-18 11:30:14 +00:00
Evgeny Egorochkin 9f06fb806c Fix TOR option descriptions: kbytes-> bytes
svn path=/nixos/trunk/; revision=23735
2010-09-11 11:43:09 +00:00
Evgeny Egorochkin a86b1bd43d Improved the TOR service to be able to act as a TOR relay and disable the client functionality. Doesn't change the behavior of the existing TOR configurations.
svn path=/nixos/trunk/; revision=22554
2010-07-12 06:03:52 +00:00
Lluís Batlle i Rossell b15e575961 Renaming the tor services lowercase.
svn path=/nixos/trunk/; revision=21810
2010-05-16 22:22:34 +00:00
Lluís Batlle i Rossell a862661835 Adding the Tor service
(patch by roconnor)


svn path=/nixos/trunk/; revision=21795
2010-05-16 16:20:00 +00:00