- remove optons cfg.user, cfg.groups
- add option `serverUser` which is required when not using nginx
- add `serverUser` to nextcloud group
- set user/group to "nextcloud" for nextcloud services
- make setup-service non-root
There are circumstances where running secondary DHCP servers in
non-authoritative mode is advantageous. Retain the previous
authoritative behavior as a default.
* Update: https://gitlab.freedesktop.org/pwithnall/malcontent/-/releases/0.8.0
* Fix the separation patch.
* Add `itstool` to ui (needed for building localized help).
* Use `pkg-config` instead of the `pkgconfig` alias.
* Fix some issues related to multiple outputs:
* Make the module pass specific output to `dbus.packages` since the `dbus` NixOS module will not generate configuration with correct interface paths otherwise.
* Change `malcontent-ui` package to primarily-a-program type derivation (`out`+`lib` instead of `bin`+`out`) since there are more and more `malcontent-control`-specific assets.
* This also fixes the issue where application data (desktop files, icons…) were installed to `out`, which is not installed by `environment.systemPackages`/`system-path.nix`’s `buildEnv` by default when `bin` output is also present.
* Make `malcontent` package install `out` output too so that `system-path.nix` links that too. It contains the AccountsService & Polkit data files.
* Split the library and PAM module out of `malcontent.out` so that they are not installed with the data files.
* This revealed a bug in the `gobject-introspection` setup hook.
I just got an Xbox One controller and I wasn't satisfied with the xpad
driver that ships with the Linux kernel
xpadneo supports more features and fixes problems with
incorrect button mappings
https://atar-axis.github.io/xpadneo
This change introduces more fine-grained requestEncryptionCredentials.
While previously when requestEncryptionCredentials = true, the
credentials for all imported pools and all datasets in these imported
pools were requested, it is now possible to select exactly the pools and
datasets for which credentials should be requested.
It is still possible to set requestEncryptionCredentials = true, which
continues to act as a wildcard for all pools and datasets, so the change
is backwards compatible.
This is necessary for VPNs where some of the nodes run pre-1.1 versions.
Most of Linux distros [0] and even the nixpkgs.tinc attribute run on that
version, so it might be useful to have that option.
[0] https://repology.org/project/tinc/versions
The toplevel derivations of systems that have `networking.hostName`
set to `""` (because they want their hostname to be set by DHCP) used
to be all named
`nixos-system-unnamed-${config.system.nixos.label}`.
This makes them hard to distinguish.
A similar problem existed in NixOS tests where `vmName` is used in the
`testScript` to refer to the VM. It defaulted to the
`networking.hostName` which when set to `""` won't allow you to refer
to the machine from the `testScript`.
This commit makes the `system.name` configurable. It still defaults to:
```
if config.networking.hostName == ""
then "unnamed"
else config.networking.hostName;
```
but in case `networking.hostName` needs to be to `""` the
`system.name` can be set to a distinguishable name.
The resilio module places the directoryRoot configuration in the webui
section. However, the generated configuration fails on the current
version of Resilio Sync with:
Invalid key context: 'directory_root' must be in global config section
This change places this key in the global configuration section to
solve this error.
