| Commit message (Collapse) | Author | Age |
|
|
|
|
|
| |
The systemd service was ignoring ExecStart because the path to the
paster executable was not absolute. Because ExecStart was ignored, the
service would not start.
|
|\
| |
| | |
nixos: some improvements for dnscrypt-proxy
|
| |
| |
| |
| |
| |
| |
| | |
The primary use-case is private DNSCrypt providers.
Also rename the `port` option to differentiate it from the
`customResolver.port` option.
|
| | |
|
| |
| |
| |
| | |
Remove superflous whitespace & comments
|
| |
| |
| |
| |
| |
| | |
- Run as unprivileged user/group via systemd, obviating the need to
specify capabilities, etc.
- Run with private tmp and minimal device name space
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The socket definition is derived from upstream with the
exception that it does not depend on network.target, as
this creates a cycle between basic.target and sockets.target.
The apparmor profile has been updated to account for additional
runtime dependencies introduced by enabling systemd support.
|
| |
| |
| |
| |
| | |
If nscd is not running, dnscrypt-proxy crashes without read access
to /etc/{password,group,nsswitch.conf}.
|
| | |
|
| | |
|
| | |
|
| | |
|
|\ \
| | |
| | | |
nixos/kubernetes: fix cadvisor, kubelet autoregistration
|
| | | |
|
|\ \ \
| | | |
| | | | |
zerotier-one: service add
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In general, you don't want a .tar.gz file to be served with
"Content-Encoding: x-gzip", because this causes browsers (like Chrome
or "curl --compressed") to decompress the file on the fly. So you end
up with a .tar rather than .tar.gz file, which is unexpected.
If people want such encodings, they should set them in their own NixOS
configuration.
|
| | | | |
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
subsonic: init at 5.2.1
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add a systemd service and UID/GID for the Subsonic personal media
streamer server (<http://subsonic.org>).
|
|\ \ \ \ \
| | | | | |
| | | | | | |
udisks2 service: Fix ExecStart path
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
It seems that with the latest update to `udisks2`, the ExecStart path
for the daemon changed from `/lib/udisks2` to `/libexec/udisks2`. This
commit reflects that change for our purposes.
|
| | | | | | |
|
| |/ / / /
|/| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
don't support symlinking
Some filesystems like fat32 don't support symlinking and need to be
supported on /boot as an efi system partition. Instead of creating the symlink directly in boot, create the symlink in
a temporary directory which has to support symlinking.
|
| | | | | |
|
|/ / / / |
|
|\ \ \ \
| | | | |
| | | | | |
grub installation: integrate trustedGRUB + fix broken equality check
|
| | | | | |
|
|/ / / / |
|
|\ \ \ \
| |_|/ /
|/| | | |
Security: integrate pam_mount into PAM of NixOS
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Xen related stuff
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | | |
allow for using LUKS devices with detached header
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
header
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
shellinabox service: initial implementation
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| |/ / / / / /
|/| | | | | | |
minidlna 1.1.4
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Changes:
- gettext is needed to build
- Switched to using non-legacy ffmpeg.
- Removed ffmpeg stuff from include path since it causes build errors related to
a time.h header.
- Removed unneeded patch.
- Adjusted NixOS service due to the binary being renamed.
|
| | | | | | | |
|
|/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
We no longer need have "SUID sandbox" enabled in the chrome://sandbox
status page and we now also check for "You are adequately sandboxed." to
be absolutely sure that we're running with proper sandboxing.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
| |_|/ / /
|/| | | | |
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | | |
Add riemann-tools package and service
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Adds package via bundlerEnv and service for Riemann health.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Authentication methods are tried in order, so if another NixOS module
defines a specific ident mapping like
local hydra all ident map=hydra-users
it should appear before the generic
local all all ident
|
| | | | | | |
|
| | | | | | |
|