Merge master into staging-next

author: Frederik Rietdijk <fridh@fridh.nl> 2019-06-15 08:17:58 +0200
committer: Frederik Rietdijk <fridh@fridh.nl> 2019-06-15 08:17:58 +0200
commit: 087b87758e3bfaddf24ff856b8a66b10d8f17050 (patch)
tree: 2177825d7875c1dfbf6d2afedda6c0d9d9d9dda2 /nixos
parent: 788261a1a900d59098e521590cff21c2cefdf4bb (diff)
parent: 8c14a6f641b7f3baa57e55e784a0d8626325446b (diff)
2 files changed, 20 insertions, 3 deletions
diff --git a/nixos/modules/programs/captive-browser.nix b/nixos/modules/programs/captive-browser.nix
index 9765a5fa3df7..55d474e5c9db 100644
--- a/nixos/modules/programs/captive-browser.nix
+++ b/nixos/modules/programs/captive-browser.nix
@@ -15,6 +15,8 @@ in
       package = mkOption {
         type = types.package;
         default = pkgs.captive-browser;
+        defaultText = "pkgs.captive-browser";
+        description = "Which package to use for captive-browser";
       };
 
       interface = mkOption {
@@ -35,7 +37,7 @@ in
                                          ''http://cache.nixos.org/''
                                        ];
         description = ''
-          the shell (/bin/sh) command executed once the proxy starts.
+          The shell (/bin/sh) command executed once the proxy starts.
           When browser exits, the proxy exits. An extra env var PROXY is available.
 
           Here, we use a separate Chrome instance in Incognito mode, so that
@@ -51,7 +53,7 @@ in
       dhcp-dns = mkOption {
         type = types.str;
         description = ''
-          the shell (/bin/sh) command executed to obtain the DHCP
+          The shell (/bin/sh) command executed to obtain the DHCP
           DNS server address. The first match of an IPv4 regex is used.
           IPv4 only, because let's be real, it's a captive portal.
         '';
@@ -62,6 +64,16 @@ in
         default = "localhost:1666";
         description = ''the listen address for the SOCKS5 proxy server'';
       };
+
+      bindInterface = mkOption {
+        default = true;
+        type = types.bool;
+        description = ''
+          Binds <package>captive-browser</package> to the network interface declared in
+          <literal>cfg.interface</literal>. This can be used to avoid collisions
+          with private subnets.
+        '';
+      };
     };
   };
 
@@ -99,7 +111,9 @@ in
                                                   browser = """${cfg.browser}"""
                                                   dhcp-dns = """${cfg.dhcp-dns}"""
                                                   socks5-addr = """${cfg.socks5-addr}"""
-                                                  bind-device = """${cfg.interface}"""
+                                                  ${optionalString cfg.bindInterface ''
+                                                    bind-device = """${cfg.interface}"""
+                                                  ''}
                                                 ''}
                         exec ${cfg.package}/bin/captive-browser
                       '';
diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix
index 8499b700d3ea..cf35504e5182 100644
--- a/nixos/modules/system/boot/systemd.nix
+++ b/nixos/modules/system/boot/systemd.nix
@@ -186,6 +186,9 @@ let
       "sockets.target"
       "sound.target"
       "systemd-exit.service"
+      "systemd-tmpfiles-clean.service"
+      "systemd-tmpfiles-clean.timer"
+      "systemd-tmpfiles-setup.service"
       "timers.target"
     ];
author	Frederik Rietdijk <fridh@fridh.nl>	2019-06-15 08:17:58 +0200
committer	Frederik Rietdijk <fridh@fridh.nl>	2019-06-15 08:17:58 +0200
commit	087b87758e3bfaddf24ff856b8a66b10d8f17050 (patch)
tree	2177825d7875c1dfbf6d2afedda6c0d9d9d9dda2 /nixos
parent	788261a1a900d59098e521590cff21c2cefdf4bb (diff)
parent	8c14a6f641b7f3baa57e55e784a0d8626325446b (diff)