summary refs log tree commit diff
path: root/nixos/modules/services/networking/ddclient.nix
Commit message (Collapse)AuthorAge
* nixos/ddclient: simplify with lib.getExeBjørn Forsman2023-10-20
|
* Revert "ddclient: remove package and module on upstream maintainer request"Bjørn Forsman2023-10-20
| | | | | | | This reverts commit d35df28f65208764f6f94ba330c98615d95b934c. Upstream ddclient has new maintainers and made a new release (update in next commit(s)).
* ddclient: remove package and module on upstream maintainer requestSandro Jäckel2023-07-04
|
* treewide: use optional instead of 'then []'Felix Buehler2023-06-25
|
* nixos/ddclient: remove obsolete ipv6 optionpacien2023-06-10
| | | | | | | | | | | | Since ddclient@24ba945 (v3.10.0), the type and meaning of the "ipv6" option has changed. This resulted in the following warning when starting the service: WARNING: file /run/ddclient/ddclient.conf, line 13: Invalid Value for keyword 'ipv6' = 'no' This therefore removes the matching boolean option. More advanced configurations can use the "extraConfig" option instead.
* Merge pull request #221380 from Majiir/ddclient-fix-permissionsSandro2023-04-11
|\
| * nixos/ddclient: fix permissions warningMajiir Paktu2023-03-15
| |
* | nixos/ddclient: add iproute2 to unit path if using "if" methodMatt Votava2023-03-31
|/
* nixos/doc: fix some optionsNaïm Favier2022-12-08
|
* nixos/ddclient: document that daemon should not be setSandro2022-09-19
| | | | Closes #191105
* treewide: automatically md-convert option descriptionspennae2022-07-30
| | | | | | | | | | | | | | | | | | | | | | the conversion procedure is simple: - find all things that look like options, ie calls to either `mkOption` or `lib.mkOption` that take an attrset. remember the attrset as the option - for all options, find a `description` attribute who's value is not a call to `mdDoc` or `lib.mdDoc` - textually convert the entire value of the attribute to MD with a few simple regexes (the set from mdize-module.sh) - if the change produced a change in the manual output, discard - if the change kept the manual unchanged, add some text to the description to make sure we've actually found an option. if the manual changes this time, keep the converted description this procedure converts 80% of nixos options to markdown. around 2000 options remain to be inspected, but most of those fail the "does not change the manual output check": currently the MD conversion process does not faithfully convert docbook tags like <code> and <package>, so any option using such tags will not be converted at all.
* nixos/ddclient: don't leak password in process listingsBjørn Forsman2022-07-12
| | | | | | | ...by using `replace-secret` instead of `sed` when injecting the password into the ddclient config file. (Verified with `execsnoop`.) Ref https://github.com/NixOS/nixpkgs/issues/156400.
* nixos/ddclient: turn verbose off by defaultSandro2022-05-16
| | | verbose is a debugging setting one step noisier than debug and should only be turned on when debugging because it leaks quite some credentials and tokens in the journalctl.
* nixos/ddclient: don't chown secrets until dynamicuser issue is resolvedJörg Thalheim2022-01-15
| | | | revert if https://github.com/NixOS/nixpkgs/pull/154928 or a similar fix gets applied
* nixos/ddclient: better default for nsupdateJörg Thalheim2022-01-09
|
* nixos/ddclient: don't store config world-readableJörg Thalheim2022-01-09
|
* Revert "nixos/ddclient: fix permission for ddclient.conf (#148179)"Bjørn Forsman2021-12-07
| | | | | | | | | | | | | | | | | | | | | This reverts commit 6af3d13bec9b13e8fa8e19594ffbcbe085387bdd. Reported by @arcnmx (https://github.com/NixOS/nixpkgs/pull/148179#issuecomment-987197656): Does this not completely break the service? It doesn't change the owner to the same as the ddclient server (which is somewhat difficult due to it being a DynamicUser), so this now makes the service completely unusable because the config is only readable by its owner, root: ddclient[871397]: WARNING: file /run/ddclient/ddclient.conf: Cannot open file '/run/ddclient/ddclient.conf'. (Permission denied) Given that the RuntimeDirectory was only readable by the ddclient service, the warning this PR fixes was spurious and not indicative of an actual information leak. I'm not sure of what a quick fix would be due to DynamicUser, but would at least request a revert of this so the service can work again?
* nixos/ddclient: fix permission for ddclient.conf (#148179)Sean Heath2021-12-05
|
* nixos/ddclient: support all special characters in passwordFelix Schröter2021-12-04
|
* nixos/ddclient: customizable package optionarcnmx2021-11-06
|
* nixos/ddclient: fix privs when loading passwordarcnmx2021-11-06
|
* nixos/ddclient: replace password with passwordFile optionFelix Tenley2021-10-30
|
* nixos/ddclient: add support for IPv6Tachibana Kiyomi2021-07-14
|
* nixos/treewide: Move rename.nix imports to their respective modulesSilvan Mosberger2019-12-10
| | | | | | | | A centralized list for these renames is not good because: - It breaks disabledModules for modules that have a rename defined - Adding/removing renames for a module means having to find them in the central file - Merge conflicts due to multiple people editing the central file
* Fix ddclient extraConfigLasse Blaauwbroek2019-06-13
| | | | | | | The the extraConfig variable is added below the domain variable in the ddclient config file. The domain variable should always be last. (cherry picked from commit ba0ba6dc7934a6b4cc5d4090739a3a1c839afe67)
* Revert "nixos/ddclient: make RuntimeDirectory and configFile private"Silvan Mosberger2018-12-29
|
* nixos/ddclient: make configFile privateRenaud2018-10-23
| | | /run/ddclient/ddclient.conf should be installed in mode 660 (readable and writeable only by ddclient.service user and group)
* nixos/ddclient: make RuntimeDirectory privateRenaud2018-10-22
| | | ddclient will raise a warning if /run/ddclient/ is world-readable
* nixos ddclient: support multiple domains and run via systemd timerPeter Hoeg2018-04-15
| | | | | | | | | | | | | a) Some providers can update multiple domains - support that. b) Make "zone" and "script" configurable. Some providers require these. c) Instead of leaving the ddclient daemon running all the time, use a systemd timer to kick it off. d) Don't use a predefined user - run everything via DynamicUser e) Add documentation
* ddclient nixos module: follow best practice for running daemonsPeter Hoeg2017-08-13
| | | | | | | | | | | | | Couple of changes: - move home to /var/lib/ddclient so we can enable ProtectSystem=full - do not stick binary into systemPackages as it will only run as a daemon - run as dedicated user/group - document why we cannot run as type=forking (output is swallowed) - secure things by running with ProtectSystem and PrivateTmp - .pid file goes into /run/ddclient - let nix create the home directory instead of handling it manually - make the interval configurable
* ddclient: Make verbose logging deactivatable.Daniel Ehlers2017-03-07
|
* ddclient: Don't include blank server= lines.Svein Ove Aas2017-01-16
|
* ddclient: Write /etc/ddclient.conf when requestedSvein Ove Aas2017-01-09
| | | | | | Fixes #20101 From PR #21417
* nixos: use types.lines for extraConfigEmery Hemingway2016-10-23
|
* ddclient service: minor spelling fixRobert Helgesson2016-09-30
|
* ddclient: add configFile optionThomas Bereknyei2016-09-30
| | | | | | | | ddclient: improve documentation Adopted @joachifm's suggestions. ddclient additional refinement
* nixos/ddclient: add warning about password being world readableBjørn Forsman2016-07-19
| | | | Closes #16885.
* ddclient service: use `environment.etc`Robert Helgesson2016-07-09
| | | | | | The ddclient daemon requires that the configuration file is only accessible by the ddclient user. This since it typically contains login information.
* Configure a default trust store for opensslGuillaume Maudoux2016-02-03
|
* Fix some references to deprecated /etc/ssl/certs/ca-bundle.crtEelco Dolstra2016-01-29
|
* ddclient: fix ssl optionJakob Gillich2015-12-08
|
* ddclient: Set SSL_CERT_FILE environment variableTuomas Tynkkynen2015-05-26
| | | | | | | | Otherwise connection to SSL hosts fails like this: May 26 06:44:05 kbuilder ddclient[17084]: WARNING: cannot connect to dynamicdns.park-your-domain.com:443 socket: IO::Socket::IP configuration failed SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* ddclient: Fix incorrectly capitalized systemd unit keyTuomas Tynkkynen2015-04-19
| | | | | | | | | This avoids the following warning: Apr 19 10:53:48 xen systemd[1]: [/nix/store/...-unit-ddclient.service/ddclient.service:19] Unknown lvalue 'type' in section 'Service' As `Type=simple` is the default in systemd, the assignment to the service type can be simply dropped.
* ddclient module: fix moduleEduard Bachmakov2015-02-23
| | | | | | | | | | | | * rewrite to systemd.services * disable forking to give systemd better control * verifiably run as ddclient user * expose ssl option * unset default value for dyndns server * rename option "web" to "use" to be consistent with ddclient docs * add descriptions * add types to options * clean up formatting
* Get all lib functions from lib, not pkgs.lib, in modulesShea Levy2014-07-02
|
* Correct web-skip value to match behavior of checkip.dyndns.comThomas Bereknyei2013-12-11
|
* Move all of NixOS to nixos/ in preparation of the repository mergeEelco Dolstra2013-10-10
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-15 01:38:50 +0000