This is a small wrapper around fetchzip. It allows you to say:
src = fetchGitHub {
owner = "NixOS";
repo = "nix";
rev = "924e19341a5ee488634bc9ce1ea9758ac496afc3"; # or a tag
sha256 = "1ld1jc26wy0smkg63chvdzsppfw6zy1ykf3mmc50hkx397wcbl09";
};
This function downloads and unpacks a file in one fixed-output
derivation. This is primarily useful for dynamically generated zip
files, such as GitHub's /archive URLs, where the unpacked content of
the zip file doesn't change, but the zip file itself may (e.g. due to
minor changes in the compression algorithm, or changes in timestamps).
Fetchzip is implemented by extending fetchurl with a "postFetch" hook
that is executed after the file has been downloaded. This hook can
thus perform arbitrary checks or transformations on the downloaded
file.
This overhauls the Datadog module a bit to be much more useful. In
particular, it adds support for nginx and postgresql monitoring
integrations to dd-agent. These have to exist in separate files under
/etc/dd-agent, so the module just exposes then as separate options. In
the future, more integrations could be added this way.
In the process of doing this, I also had to rename the dd-agent user to
datadog. Note the UIDs did not change, so this is strictly backwards
compatible. The reason for this is to make it easier to create a
'datadog' postgres user with access to pg_stats, as 'dd-agent' typically
isn't a valid username. This allows the out of the box configurations to
be used.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
This fixes several problems in the dhcpcd service:
* A segfault during startup, due to a race with udev (dhcpcd would get
an ADD event from udev, causing it to re-add an interface that it
already had, leading to a segfault later on).
* A hang/segfault processing "dhcpcd rebind" (which NixOS calls after
waking up from suspend).
Also, add "lo" to the list of ignored interfaces. It usually ignores
"lo", but apparently not when it gets an ADD event from udev.
This causes OpenVPN services to reach the "active" state when the VPN
connection is up (i.e., after OpenVPN prints "Initialization Sequence
Completed"). This allows units to be ordered correctly after openvpn-*
units, and makes systemctl present a password prompt:
$ start openvpn-foo
Enter Private Key Password: *************
(I first tried to implement this by calling "systemd-notify --ready"
from the "up" script, but systemd-notify is not reliable.)
The build fails with permission denied on /dev/stderr, which I imagine
is due to the fact it's in a chroot build. So disable all that for now.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
- Make dhcp work, use dhcpcd without udev in container
- Make login shell work, patch getty to not wait for /dev/tty0
- Make ssh work, sshd/pam do not start session
There are two fixes in this commit.
Firstly, I am creating proper symlinks for the Alias= definitions in the
.service files. This achieves the same result as `systemctl enable`, and
I think is preferred over `mv`.
Secondly, `networkmanager-init` now wants `NetworkManager.service`,
along with `ModemManager.service`. ModemManager does not depend on
NetworkManager (according to `systemctl list-dependencies ModemManager`),
thus NetworkManager never got started on boot.
Without this the openconnect VPN plugin doesn't work:
NetworkManager[830]: <warn> VPN connection 'Foo VPN' failed to connect: 'Could not find openconnect binary.'.
OpenConnect v5.02 - 2014-01-01:
* Fix XML POST issues with authgroups by falling back to old style login.
* Fix --cookie-on-stdin with cookies from ocserv.
* Fix reconnection to wrong host after redirect.
* Reduce limit of queued packets on DTLS socket, to fix VoIP latency.
* Fix Solaris build breakage due to missing <string.h> includes.
* Include path in <group-access> node.
* Include supporting CA certificates from PKCS#11 tokens (with GnuTLS 3.2.7+).
* Fix possible heap overflow if MTU is increased on reconnection (CVE-2013-7098).
