| Commit message (Collapse) | Author | Age |
| |
|
| |
|
|
|
|
| |
service failed to start because of MemoryDenyWriteExecute = true,
which seems not to work on i686
|
|
|
|
|
| |
The service can run certain components with reduced privileges, but for
that it needs the setuid capability.
|
|
|
|
|
|
|
|
|
| |
20e81f7c0d56e0b179115ca72a85b81ff637d909 prevented key generation in
`preStart`, leaving the service broken for the case where the user has
no pre-existing key.
Eventually, we ought to store the state elsewhere so that `/etc` can be
read-only but for now we fix this the easy way.
|
|
|
|
|
|
| |
Enabling this incurs a heavy eval-time cost, but it's a nice usability
enhancement; satisfy both concerns by making it optional (default
false).
|
|
|
|
|
|
| |
This reverts commit 60ded3f3632d221ca3f82a52392e155517880456.
We want to make this optional instead.
|
| |
|
|
|
|
|
|
| |
Generating IPv6 addresses at eval time required building cjdns.
Fix #20422
|
| |
|
| |
|
|
|
|
|
|
|
| |
The old version would export two lists to a bash builder and do pairwise
processing on the bash side. In the new version we instead generate a
logic free builder on the Nix side. This is not only conceptually
simpler but reduces the amount of code and intermediate values.
|
|
|
|
|
|
|
| |
`head -cNUM ... | tr -dc SET` might generate output containing fewer
than NUM characters. Given the limited alphabet, this could result in a
fairly weak passphrase. The construction `tr </dev/urandom | head
-cNUM`, however, is sure to give us the full `NUM`.
|
| |
|
|
|
|
|
| |
- types.string -> str, string is deprecated
- change type of confFile option to nullOr path, makes more sense
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
filter extraneous attributes from config modules
|
| |
|
| |
|
|
|
|
|
|
|
| |
package installs to .../bin
fix service module to look in .../bin
Closes #4240
|
|
|
|
|
| |
systemd service wants network-interfaces.target rather than network.target
assertion on config.networking.enableIPv6
|
|
|
|
|
|
|
|
| |
Using pkgs.lib on the spine of module evaluation is problematic
because the pkgs argument depends on the result of module
evaluation. To prevent an infinite recursion, pkgs and some of the
modules are evaluated twice, which is inefficient. Using ‘with lib’
prevents this problem.
|
|
build system is now nodejs based
new nixos module to start cjdns
|