tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-15 20:27:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
128382 commits 216 branches 129 tags 15 GiB
Commit graph

266 commits

Author SHA1 Message Date
Matthew Daiter f7c097556b stanchion: init at 2.1.1 2016-11-20 23:17:49 +01:00
Nikolay Amiantov 65f9341370 sane service: add saned support 2016-11-20 19:09:02 +03:00
Maximilian Güntner 7fa157c558
services: Add Interplanetary File System service 
Signed-off-by: Maximilian Güntner <code@klandest.in>
 2016-11-07 22:01:38 +01:00
Joachim Schiele 47d81ed347 leaps: 0.5.1 + add a service + test 2016-11-06 10:34:42 +01:00
Graham Christensen 6c7a605714
hound: init module 2016-10-15 13:54:59 -04:00
Joachim F 1ddc08a3ac Merge pull request #18452 from bendlas/init-postgrey 
postgrey: init at 1.36
 2016-09-30 15:31:44 +02:00
Franz Pletz a6d4ea4c2c
treewide: remove executable flags from .nix files 2016-09-27 22:15:00 +02:00
Herwig Hochleitner 5609fe521d postgrey: init at 1.36 (includes service) 2016-09-27 15:35:02 +02:00
zimbatm d4c66e2f46 Merge pull request #18694 from bachp/runner-master 
gitlab-runner: add package and service
 2016-09-26 22:45:39 +01:00
Joachim Fasting 66f50a7631
nixos/ids: remove unused connman uid 
The static connman uid is not referenced anywhere in NixOS.
 2016-09-25 16:55:27 +02:00
Pascal Bach de38c1bca0 gitlab-runner service: initial version 2016-09-23 22:39:12 +02:00
Alexander Ried e52418fd08 monetdb module: remove since it's not packaged 2016-09-19 23:11:13 +02:00
Joachim F e06ead81bf Merge pull request #18630 from joachifm/unbound-improvements 
Unbound service improvements
 2016-09-17 10:56:42 +02:00
Joachim Fasting bf538515b7
nixos/ids: remove static unbound uid 2016-09-15 15:37:20 +02:00
Jörg Thalheim 8fddcad3f9
telegraf: init at 1.0.0 
Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
 2016-09-14 07:19:55 +02:00
Franz Pletz 5a7e5537aa Merge pull request #18298 from teh/prometheus-service 
Prometheus service
 2016-09-11 23:18:36 +02:00
Domen Kožar fed3501b07 Remove docker-registry as it's deprecated #18209 2016-09-09 18:50:42 +02:00
Benjamin Staffin 58869cf310 prometheus service: add 
This is based on @benleys work: https://github.com/NixOS/nixpkgs/pull/8216
I updated changed the user and group ids.
 2016-09-04 20:03:32 +01:00
Franz Pletz 7c6d253544 mattermost service: init 2016-08-15 04:15:11 +02:00
Paul Hendry 486b8e7f5c Add Terraria server service (#16832) 2016-08-07 03:58:38 +02:00
Shawn Warren 9886c80daa Add gocd agent and server service packages (#16273) 
GoCD is an open source continuous delivery server specializing in advanced workflow
modeling and visualization.  Update maintainers list to include swarren83.  Update
module list to include gocd agent and server module.  Update packages list to include
gocd agent and server package.  Update version, revision and checksum for GoCD
release 16.5.0.
 2016-07-23 00:29:18 +02:00
cransom 4a9b640f37 smokeping: init at 2.6.11 (#17090) 
Includes a module for service setup and a test
to verify functionality of both service and pkg.
 2016-07-21 01:07:59 +02:00
Rickard Nilsson 9facb7078b nixos/elasticsearch: Set a group on the user 
This fixed a problem I had when running ElasticSearch in an LXC
container, and it doesn't hurt using a dedicated group instead of
nogroup anyway.
 2016-07-01 18:21:42 +02:00
Benjamin Saunders 8e47786c0e coturn: init at 4.5.0.3 (#16284) 2016-06-21 12:59:29 +02:00
Joachim Fasting 6fd8e5719b Merge pull request #16108 from pwetzel/squeezelite 
Squeezelite package and service init
 2016-06-19 20:53:15 +02:00
Joachim Fasting a53452f3e1
nixos: remove the grsecurity GID 
This GID was used to exempt users from Grsecurity's
`/proc` restrictions; we now prefer to rely on
`security.hideProcessInformation`, which uses the `proc` group
for this purpose.  That leaves no use for the grsecurity GID.

More generally, having only a single GID to, presumably, serve as the
default for all of grsecurity's GID based exemption/resriction schemes
would be problematic in any event, so if we decide to enable those
grsecurity features in the future, more specific GIDs should be added.
 2016-06-14 03:38:17 +02:00
Phil Wetzel ccdf386a97 squeezelite service: init 2016-06-11 22:05:07 -04:00
obadz d18ba0f50d toxvpn: init at 20151111 
(Authored by @cleverca22)
 2016-05-30 00:21:22 +01:00
Hans-Harro Horn 77f2c305b6 mosquitto service: init 
Initial Mosquitto MQTT Broker service file.
 2016-05-24 10:49:03 +02:00
Tristan Helmich 36f8b3cad1 nzbget: 16.4 -> 17.0-r1686 and nzbget service 2016-05-13 18:56:39 +02:00
Kranium Gikos Mendoza 356f1bdac8 sniproxy service: init 2016-05-11 13:27:28 +08:00
Tristan Helmich e48580c083 graylog service: Initial graylog service 2016-04-28 23:27:57 +02:00
Tristan Helmich c145f6eaa7 emby service: new service 2016-04-23 16:13:53 +02:00
Eric Litak 13577e8785 factorio: headless server module 2016-04-14 23:03:36 -07:00
aszlig 9ed9e268a2
Merge pull request #14476 (taskserver) 
This adds a Taskserver module along with documentation and a small
helper tool which eases managing a custom CA along with Taskserver
organisations, users and groups.

Taskserver is the server component of Taskwarrior, a TODO list
application for the command line.

The work has been started by @matthiasbeyer back in mid 2015 and I have
continued to work on it recently, so this merge contains commits from
both of us.

Thanks particularly to @nbp and @matthiasbeyer for reviewing and
suggesting improvements.

I've tested this with the new test (nixos/tests/taskserver.nix) this
branch adds and it fails because of the changes introduced by the
closure-size branch, so we need to do additional work on base of this.
 2016-04-15 00:21:49 +02:00
joachifm 245f200dd8 Merge pull request #11987 from angus-g/caddy 
Add Caddy and its NixOS module
 2016-04-11 09:20:21 +02:00
Joachim Fasting cef2814a4f nixos: add optional process information hiding 
This module adds an option `security.hideProcessInformation` that, when
enabled, restricts access to process information such as command-line
arguments to the process owner.  The module adds a static group "proc"
whose members are exempt from process information hiding.

Ideally, this feature would be implemented by simply adding the
appropriate mount options to `fileSystems."/proc".fsOptions`, but this
was found to not work in vmtests. To ensure that process information
hiding is enforced, we use a systemd service unit that remounts `/proc`
after `systemd-remount-fs.service` has completed.

To verify the correctness of the feature, simple tests were added to
nixos/tests/misc: the test ensures that unprivileged users cannot see
process information owned by another user, while members of "proc" CAN.

Thanks to @abbradar for feedback and suggestions.
 2016-04-10 12:27:06 +02:00
Angus Gibson bb6408ba16 caddy service: initial implementation 2016-04-05 23:45:54 +00:00
aszlig 743993f4be
nixos/ids: Rename uid and add gid for "taskd" 
I'm renaming the attribute name for uid, because the user name is called
"taskd" so we should really use the same name for it.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2016-04-05 18:53:31 +02:00
Matthias Beyer 5442f22d05
Add taskserver to ids.nix 2016-04-05 18:53:31 +02:00
Eric Litak 0de2d2fbcd mfi: init at 2.1.11 
This package has some outdated dependencies, so old versions of mongodb
and v8 had to be re-added as well.
 2016-04-01 02:45:11 -07:00
rnhmjoj a98a918b10 syncthing: run daemon with dedicated user as default 2016-04-01 01:26:52 +02:00
Joachim Fasting 9bf6e64860 dnscrypt-proxy service: use dynamic uid/gid 
The daemon doesn't have any portable data, reserving a
UID/GID for it is redundant.

This frees up UID/GID 151.
 2016-03-24 17:14:22 +01:00
Domen Kožar d43da3c488 Pin hydra-www and hydra-queue-runner uids 
hydra user is already pinned, this is needed due to
https://github.com/NixOS/nixpkgs/issues/14148

(cherry picked from commit 0858ece1ad)
Signed-off-by: Domen Kožar <domen@dev.si>
 2016-03-23 12:17:18 +00:00
Pascal Wittmann a491b75523 radicale service: run with dedicated user 
This is done in the context of #11908.
 2016-03-20 15:50:14 +01:00
Nikolay Amiantov 83ff545bfd mjpg-streamer service: init 2016-03-12 18:53:02 +03:00
Tristan Helmich 17389e256f nntp-proxy service: init 2016-03-03 14:14:19 +01:00
Profpatsch 70c02402c8 networkmanager: fix link-local ip addresses 
NetworkManager needs an additional avahi-user to use link-local
IPv4 (and probably IPv6) addresses. avahi-autoipd also needs to be
patched to the right path.
 2016-02-26 03:28:56 +01:00
Nikolay Amiantov 53269f1455 octoprint service: init 2016-02-17 17:05:59 +03:00
Nikolay Amiantov 1c8a21dfad Merge branch 'pdnsd-service' of https://github.com/nfjinjing/nixpkgs 
Closes #12932
 2016-02-16 20:35:01 +03:00
Nikolay Amiantov 39e9b43082 Merge branch 'gammu-smsd' of https://github.com/zohl/nixpkgs into zohl-gammu-smsd 
Closes #12998
 2016-02-16 19:40:00 +03:00
Cole Mickens c7571611dc cfdyndns: init at 0.0.1 2016-02-15 12:54:04 -08:00
Al Zohali 7b7cf281d3 gammu-smsd service: init 2016-02-15 00:26:41 +03:00
Jinjing Wang 73b9a9662d pdnsd service: init 2016-02-12 19:53:41 +08:00
Alexander V. Nikolaev de8dea4821 nixos: add module for rmilter 2016-01-16 15:12:30 +02:00
Alexander V. Nikolaev 14926f08a3 nixos: Add module for rspamd 2016-01-16 15:11:36 +02:00
roblabla 7e10bf4327 matrix-synapse: init at 0.12.0 2016-01-15 15:17:14 +01:00
Mark Laws e7ba7fba01 gale: init at 1.1happy 2016-01-13 12:00:50 -08:00
Nikolay Amiantov b4179c5612 nixos/dspam: add module 2016-01-13 13:08:55 +03:00
Nikolay Amiantov f5efac09aa nixos/opendkim: add module 2016-01-13 13:07:46 +03:00
Nikolay Amiantov c51d08cf27 nixos/postsrsd: add module 2016-01-13 13:04:12 +03:00
Nikolay Amiantov d0510febe1 nixos/ejabberd: update service 2016-01-10 21:28:27 +03:00
Jakob Gillich 57d6dfe932 notbit: removed dead package 
The Bitmessage protocol v3 became mandatory on 16 Nov 2014 and notbit does not support it, nor has there been any activity in the project repository since then.
 2016-01-07 04:39:51 +01:00
Benjamin Staffin fe8498f609 nixos/mathics: New service and test 2016-01-02 14:34:55 -08:00
zimbatm c515be4651 networkmanager: set uid/gid for the networkmanager openvpn agent 
Fixes #11317
 2015-12-08 16:47:56 +00:00
Rodney Lorrimar b13b9489ad pump.io service: init 
Pump.io runs its web server as a standalone service listening on
443. It's also possible to put the service behind a HTTP reverse proxy.
 2015-12-06 13:35:21 +00:00
goibhniu cc63832981 Merge pull request #8758 from fpletz/package/chrony 
chrony: 2.1.1 -> 2.2 & service improvements
 2015-11-26 13:22:33 +01:00
makefu 0bdc5e269b services/misc/bepasty: init at 2015-10-21 
This module implements a way to start one or more bepasty servers.
It supports configuring the listen address of gunicorn and how bepasty
behaves internally.

Configuring multiple bepasty servers provides a way to serve pastes externally
without authentication and provide creating,listing,deleting pastes interally.
nginx can be used to provide access via hostname + listen address.

`configuration.nix`:

    services.bepasty = {
      enable = true;
      servers = {

        internal = {
          defaultPermissions = "admin,list,create,read,delete";
          secretKey = "secret";
          bind = "127.0.0.1:8000";
        };

        external = {
          defaultPermissions = "read";
          bind = "127.0.0.1:8001";
          secretKey = "another-secret";
        };
      };
    };
 2015-11-23 22:10:14 +01:00
Jaka Hudoklin aa4bad4c17 heapster module: init 2015-11-16 16:58:10 +01:00
Franz Pletz d89f269b26 chrony service: Members of group chrony can use chronyc 2015-11-03 15:07:18 +01:00
Ryan Mulligan 9c22cd380c calibre-server service: init 2015-09-27 20:31:17 -07:00
Matej Cotman d31cc0d19a xtreemfs: add nixos module 2015-09-22 21:46:52 +02:00
Jaka Hudoklin 80aea0dcfd kibana service: init 2015-09-19 00:33:44 +02:00
William A. Kennington III c2e4fb29c6 nixos/lxd: Add service 2015-09-13 23:27:31 -07:00
Thomas Strobel 684cd17ff5 dnschain nixos module: init 2015-09-10 18:11:40 +02:00
Thomas Strobel 8db7c14e56 namecoind nixos module: security enhancements 2015-09-10 18:11:40 +02:00
Thomas Strobel b6fb760484 namecoind nixos module: init 2015-09-08 20:17:52 +02:00
Thomas Bereknyei cb6dc71599 GateOne: init at 1.2 2015-08-03 11:01:05 -04:00
Benjamin Staffin ad4c957163 shout service: New module. 2015-08-01 03:36:45 -07:00
Charles Strahan babb744b71 riak: new nixos service 2015-07-21 09:25:41 -04:00
James Cook a456168e5b Merge pull request #6702 from joachifm/dnscrypt-proxy 
nixos: some improvements for dnscrypt-proxy
 2015-07-12 00:17:46 -07:00
Robert Irelan f64a5dd3f3 subsonic service: init 
Add a systemd service and UID/GID for the Subsonic personal media
streamer server (<http://subsonic.org>).
 2015-07-05 17:25:42 -07:00
Shea Levy dd9530c819 Merge remote-tracking branch 'projectorhq/riemann-tools' 
Add riemann-tools package and service
 2015-07-01 08:45:33 -04:00
Robert Pitts and Trenton Strong bbb36ea039 Add riemann-tools to nixpkgs 
Adds package via bundlerEnv and service for Riemann health.
 2015-06-30 17:16:51 -04:00
Edward Tjörnhammar ed9dc1fd9e nixos: added gitit service 2015-06-28 12:39:52 +02:00
Russell O'Connor 46f06ccde7 uwsgi-service: Add user/group for uwsgi service. 
Also add a uwsgi directory under /run (defaulting to /run/uwsgi) where the uwsgi user can place sockets.
 2015-06-24 14:48:53 +00:00
Simon Vandel Sillesen 9dab1a840c tvheadend: init at 4.0.4 2015-06-24 13:22:09 +00:00
William A. Kennington III 295846a254 nixos/nix-serve: Run as a separate user and add a signing key parameter 2015-06-17 19:10:39 -07:00
Joachim Fasting a88a6bc676 nixos: additional hardening for dnscrypt-proxy 
- Run as unprivileged user/group via systemd, obviating the need to
  specify capabilities, etc.
- Run with private tmp and minimal device name space
 2015-06-12 15:12:33 +02:00
Jaka Hudoklin 2e5dbc4746 Add ripple rest module 2015-06-08 13:48:23 +02:00
Jaka Hudoklin 23504e5bf2 Add skydns module 2015-06-08 13:36:05 +02:00
Jaka Hudoklin 98d5b81dad nixos: add grafana module 2015-06-08 12:13:15 +02:00
Arseniy Seroka f134150180 Merge pull request #7857 from rushmorem/marathon-module-update 
Update Marathon module
 2015-05-21 16:52:14 +03:00
rushmorem b5820a5ebd Update Marathon module 
The new module makes it possible to pass extra commandline
arguments to Marathon as well as environment variables.
 2015-05-21 15:45:13 +02:00
lassulus 9d07c54fa1 nixos: add bird module 
patch bird to look in /var/run for birc.ctl
 2015-05-19 15:42:24 +02:00
Stephen Weinberg a6ebccfbb8 Sane default configuration for sabnzbd module 
Added option to set user. Use unpriviledged user by default. Add sane
default for configuration location.
 2015-05-05 00:18:22 -04:00
Eelco Dolstra c0f70b4694 Remove fixed uids for nscd, sshd 
These services don't create files on disk, let alone on a network
filesystem, so they don't really need a fixed uid. And this also gets
rid of a warning coming from <= 14.12 systems.
 2015-04-19 22:06:45 +02:00
Forkk 079da8cdcd plex: init at 0.9.11.16.958 
Added a package and module for Plex Media Server, an application for
managing media collections across multiple devices.
 2015-04-17 12:11:30 -05:00
Jonathan Glines cdb174c18d Added NixOS module for Asterisk server 2015-04-16 17:41:37 -06:00
Nikolay Amiantov 1d6723c085 lambdabot: add nixos service 2015-04-16 13:33:40 +03:00