philipp/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity
%!d() commits 3 branches 0 tags 1.4 GiB
Commit graph

160 commits

Author SHA1 Message Date
Nicolas Pierron e264d1ab79 Convert users.extraUsers to an option set and add support for openssh 
authorized_keys file generation.

svn path=/nixos/trunk/; revision=30611
 2011-11-29 06:08:55 +00:00
Eelco Dolstra 8eba736da9 * Use the ‘path’ attribute in Upstart jobs in more places. It's a bit 
more readable (also in "ps" output).

svn path=/nixos/trunk/; revision=30565
 2011-11-25 16:32:54 +00:00
Eelco Dolstra da542dc1ae * Added a module for oidentd. 
svn path=/nixos/trunk/; revision=30381
 2011-11-10 23:06:24 +00:00
Lluís Batlle i Rossell d9356e9a35 Fixing documentation about the prayer module, and adding a port setting, 
defaulting to something other than 80 at least.


svn path=/nixos/trunk/; revision=30363
 2011-11-09 21:08:50 +00:00
Lluís Batlle i Rossell 578f83eef4 Adding a module for the prayer webmail. 
svn path=/nixos/trunk/; revision=30361
 2011-11-09 20:48:12 +00:00
Lluís Batlle i Rossell 2825a3a6ae Allowing 'named' to have a config file apart, as it can have passwords. 
svn path=/nixos/trunk/; revision=30213
 2011-11-03 19:13:52 +00:00
Lluís Batlle i Rossell efc64042e0 Adding extraConfig to unbound 
svn path=/nixos/trunk/; revision=30211
 2011-11-03 18:49:54 +00:00
Eelco Dolstra 0309f02fc5 * Add period. 
svn path=/nixos/trunk/; revision=30201
 2011-11-03 02:14:40 +00:00
Lluís Batlle i Rossell 9489c5a02b Setting default of unbound.enable to disabled. Few may want it enabled. 
svn path=/nixos/trunk/; revision=30198
 2011-11-02 21:04:32 +00:00
Lluís Batlle i Rossell 5cb67ef832 Adding a module for unbound. 
svn path=/nixos/trunk/; revision=30197
 2011-11-02 20:59:12 +00:00
Evgeny Egorochkin 0d2ef63b84 Quassel: fix package name 
svn path=/nixos/trunk/; revision=30142
 2011-10-31 12:48:59 +00:00
Peter Simons 20b364f4de Reverting revisions 30103-30106: "always set nixpkgs.config.{state,store}Dir", etc. 
After the change from revision 30103, nixos-rebuild suddenly consumed
freaky amounts of memory. I had to abort the process after it had
allocated well in excess of 30GB(!) of RAM. I'm not sure what is causing
this behavior, but undoing that assignment fixes the problem. The other
two commits needed to be revoked, too, because they depend on 30103.

svn path=/nixos/trunk/; revision=30127
 2011-10-30 15:19:58 +00:00
Shea Levy 09cf6ce70c find modules | fgrep .nix | fgrep -v .svn | fgrep -v nixpkgs.nix | xargs sed -i -e 's|/nix/var|${config.nixpkgs.config.nix.stateDir}|g' -e 's|/nix/store|${config.nixpkgs.config.nix.storeDir}|g' 
Don't assume /nix/store or /nix/var in NixOS modules, this is configurable

svn path=/nixos/trunk/; revision=30104
 2011-10-29 21:03:57 +00:00
Joachim Schiele 298186fd06 added cntlm as a system service with its own user 'cntlm' 
svn path=/nixos/trunk/; revision=29737
 2011-10-09 22:34:32 +00:00
Eelco Dolstra 61072f8995 * Add a module for a Flash policy server. 
svn path=/nixos/trunk/; revision=29296
 2011-09-15 15:13:46 +00:00
Peter Simons eb6e1310b8 strip trailing whitespace; no functional change 
svn path=/nixos/trunk/; revision=29285
 2011-09-14 18:20:50 +00:00
Eelco Dolstra 1df952182a * Only flush the POSTROUTING chain. 
svn path=/nixos/trunk/; revision=28153
 2011-08-04 15:33:40 +00:00
Eelco Dolstra 31afd2bb2e * vsftpd: use /var/empty instead of /var/ftp/empty as the empty 
chroot (the latter doesn't exist).
* vsftpd: make the anonymous user's home read-only, otherwise vsftpd
  will fail.

svn path=/nixos/trunk/; revision=27983
 2011-07-28 09:42:20 +00:00
Peter Simons 0ffb794d5d modules/services/networking/ssh/sshd.nix: strip trailing whitespace 
svn path=/nixos/trunk/; revision=27733
 2011-07-12 10:34:30 +00:00
Peter Simons ea84edd528 modules/services/networking/ssh/sshd.nix: added new boolean options usePAM and passwordAuthentication 
Setting both of these options to 'false' configures the OpenSSH daemon to
reject password authentication, i.e. users must have an appropriate key in
~/.ssh/authorized_keys in order to be able to log in.

svn path=/nixos/trunk/; revision=27732
 2011-07-12 10:34:27 +00:00
Eelco Dolstra 466d798b15 * Oops. 
svn path=/nixos/trunk/; revision=27608
 2011-07-05 12:54:50 +00:00
Eelco Dolstra 3bc3dc3940 * Put the NixOS firewall ruleset in its own chain (‘nixos-fw’). This 
should make it easier to compose with packages that set their own
  firewall rules, such as Nova or Libvirt.
* Provide a chain for accepted packets (‘nixos-fw-accept’), requested
  by Nicolas Pierron.

svn path=/nixos/trunk/; revision=27607
 2011-07-05 12:51:46 +00:00
Michael Raskin a61015cfa1 IRCD expression needs recursive attrsets... 
svn path=/nixos/trunk/; revision=27025
 2011-04-28 08:23:09 +00:00
Eelco Dolstra 6739162d9a * Move ircd-hybrid stuff from the services tree to the nixos tree. 
svn path=/nixos/trunk/; revision=27009
 2011-04-27 16:27:05 +00:00
Eelco Dolstra 742881a0f9 svn path=/nixos/trunk/; revision=26997 2011-04-27 14:10:03 +00:00
Eelco Dolstra 257326915b * gw6c: don't depend on the services tree. 
svn path=/nixos/trunk/; revision=26995
 2011-04-27 14:03:46 +00:00
Eelco Dolstra 650d14be8d * Remove most references to the "services" tree. 
svn path=/nixos/trunk/; revision=26990
 2011-04-27 13:16:33 +00:00
Eelco Dolstra 76d3721a53 * `dnsmasq' shouldn't run by default. 
svn path=/nixos/trunk/; revision=26890
 2011-04-19 13:37:31 +00:00
Lluís Batlle i Rossell 6824866d6d Adding a dnsmasq simple module. 
svn path=/nixos/trunk/; revision=26820
 2011-04-13 14:09:02 +00:00
Eelco Dolstra e9b2ebcb99 * Send a TCP RST packet, rather than an ICMP port-unreachable packet, 
for (apparently) open TCP connections that connection tracking 
  doesn't know about.  This prevents TCP connections to this machine
  from hanging in CLOSE_WAIT for a long time.

svn path=/nixos/trunk/; revision=26802
 2011-04-12 11:25:57 +00:00
Nicolas Pierron 96fc9379ba Convert assertion option into mkAssert. 
svn path=/nixos/trunk/; revision=26614
 2011-03-30 17:52:34 +00:00
Eelco Dolstra 87a2c6d9c5 * Don't enable rdnssd by default for the moment. 
svn path=/nixos/trunk/; revision=26505
 2011-03-25 09:29:22 +00:00
Eelco Dolstra b2d6dfecbc * Add the rdnss daemon. 
* Add the ndisc6 package to the system path if IPv6 is enabled.

svn path=/nixos/trunk/; revision=26496
 2011-03-24 16:23:28 +00:00
Eelco Dolstra f71bd3f93c * dhclient: ignore libvirt's network interfaces. 
svn path=/nixos/trunk/; revision=26327
 2011-03-15 15:30:12 +00:00
Eelco Dolstra 3cb7a54dba * Added an option `networking.bridges' to allow Ethernet bridges to be 
defined.

svn path=/nixos/trunk/; revision=26325
 2011-03-15 15:13:48 +00:00
Eelco Dolstra 64d871c0d9 * Enable FTP connection tracking in the firewall. 
svn path=/nixos/trunk/; revision=26275
 2011-03-11 13:34:17 +00:00
Eelco Dolstra 005ca15f64 * Firewall: add an option to allow extra firewall rules to be added. 
* Firewall: change the policy of the INPUT chain back to ACCEPT to
  prevent a lockup when the Nix store is mounted over the network
  (i.e. in our VM tests).  This is because as soon as the policy is
  set to DROP, the iptables modules that enable access to the network
  filesystem cannot be acccessed anymore.

svn path=/nixos/trunk/; revision=26274
 2011-03-11 13:04:17 +00:00
Eelco Dolstra ab0ce6734b * firewall.nix: Only flush/delete the chains created by us. 
svn path=/nixos/trunk/; revision=26271
 2011-03-11 11:53:18 +00:00
Eelco Dolstra f672aa71bf * RFC 4890 says that local nodes should not filter pretty much any 
ICMPv6 messages (including echo requests), so don't do that.

svn path=/nixos/trunk/; revision=26270
 2011-03-11 11:08:16 +00:00
Eelco Dolstra 0ea9f6611a * Add some more rules to allow ICMPv6 router/neighbour advertisements 
in.  Maybe we're better off accepting all ICMPv6 messages *except*
  echo requests.

svn path=/nixos/trunk/; revision=26260
 2011-03-10 16:25:08 +00:00
Eelco Dolstra 53bc6d3efa * NAT module: support active FTP. 
svn path=/nixos/trunk/; revision=26247
 2011-03-10 13:03:47 +00:00
Eelco Dolstra 9bf4ac079e * Add a module for doing Network Address Translation. 
svn path=/nixos/trunk/; revision=26246
 2011-03-10 12:08:39 +00:00
Eelco Dolstra d6424efbfb * Cleanup. 
svn path=/nixos/trunk/; revision=26244
 2011-03-10 09:39:17 +00:00
Eelco Dolstra e884cbed7d * Add an option for opening UDP ports. 
* Accept packets destined for link-local addresses (fe80::/10).

svn path=/nixos/trunk/; revision=26236
 2011-03-09 16:37:16 +00:00
Eelco Dolstra 12161f3183 * Add a firewall option to allow pings. (Maybe this should 
be enabled by default.)

svn path=/nixos/trunk/; revision=26233
 2011-03-09 15:28:47 +00:00
Eelco Dolstra e4051e105c * Use a separate chain for logging and rejecting. 
svn path=/nixos/trunk/; revision=26232
 2011-03-09 15:11:01 +00:00
Eelco Dolstra 66716f9dd5 * Firewall: support IPv6. 
svn path=/nixos/trunk/; revision=26231
 2011-03-09 14:41:48 +00:00
Eelco Dolstra 843e1f6c1e * Cleanup. 
svn path=/nixos/trunk/; revision=26228
 2011-03-09 12:28:44 +00:00
Eelco Dolstra b61c632006 * Add a module for radvd. 
svn path=/nixos/trunk/; revision=26035
 2011-02-19 19:19:55 +00:00
Yury G. Kudryashov 559834437a ejabberd: tabs->spaces, remove trailing whitespace 
svn path=/nixos/trunk/; revision=25996
 2011-02-16 21:03:14 +00:00