The `freeformType` of `settings.publicinbox` in this module prevented
users from setting settings on the `publicinbox` section itself (which
is necessary for making e.g. IMAP work correctly), and only allowed
configuration of nested per-inbox sections.
In general I believe that these overly specific types which are
traditional in NixOS, and this kind of config generation, are a huge
footgun. This commit is the least invasive change that makes the
module work correctly.
This brings back the ability to e.g. configure sane-airscan with
`environment.etc."sane.d/airscan.conf".text = ...`.
(AFAICT, sane-airscan loads all config files it finds, so it'll first
load the one from the nixos hardware.sane.* configuration, then the user
specified one in /etc/sane.d/airscan.conf.)
Fixes: 4fbec87a5b ("nixos/sane: point env vars to /etc for quick reload")
Fixes https://github.com/NixOS/nixpkgs/issues/207262
- Extensive documentation in NixOS manual
- Deterministic mode that fixes various identifiers relative to disk
partitions and filesystems in ext4 case
- UEFI variable recording
When test-input-reader runs, it's standard input exists and will
be buffered, so by the time the file exists, the standard input
can already be written to.
I have no reason to believe that a terminal emulator would start
accepting input _after_ launching the command.
I've tested this for hours in a loop without a single failure or
timeout.
See: https://github.com/NixOS/nixpkgs/issues/108984#issuecomment-1364263324
Before this change the supported platforms were unspecified, so
it would default to being only built on `x86_64-linux`. This
fixes that so that hydra.nixos.org builds and caches the Darwin
build products instead
This commit upgrades headscale to the newest version, 0.17.0 and updates
the module with the current breaking config changes.
In addition, the module is rewritten to conform with RFC0042 to try to
prevent some drift between the module and the upstream.
A new maintainer, Misterio77, is added as maintainer.
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
Co-authored-by: Gabriel Fontes <hi@m7.rs>
Co-authored-by: Geoffrey Huntley <ghuntley@ghuntley.com>
* minio: add legacy fs version 2022-10-24T18-35-07Z
This allows users to migrate their data to versions that already removed
support for the legacy fs backend.
* Update nixos/doc/manual/release-notes/rl-2305.section.md
Co-authored-by: Florian Klink <flokli@flokli.de>
Support for ZFS, while desirable, is problematic with newer kernel
releases. The stable ZFS release seldom supports the current newest
kernel version, and this makes the new_kernel image basically useless as
it cannot be published, and is not often built with new kernel releases.
This uses a dirty workaround to work around the fact it is impossible to
remove a list item from a modules system list type. Since ZFS support is
conditional to being supported on the current platform, we can fake ZFS
not being supported *for the no-zfs build only*. This overlay is only
added when evaluating the image, nothing else.
Support for ZFS, while desirable, is problematic with newer kernel
releases. The stable ZFS release seldom supports the current newest
kernel version, and this makes the new_kernel iso basically useless as
it cannot be published, and is not often built with new kernel releases.
This uses a dirty workaround to work around the fact it is impossible to
remove a list item from a modules system list type. Since ZFS support is
conditional to being supported on the current platform, we can fake ZFS
not being supported *for the no-zfs build only*. This overlay is only
added when evaluating the iso, nothing else.
On x86_64-linux only because bootspec is for NixOS (for the moment?),
and NixOS is really only a Linux concept (for the moment?).
Not on aarch64-linux because it fails for whatever reason 🤷
Document the `linux.override` way first, then `linuxManualConfig`.
Add a `linux.configEnv` passthru attribute for quickly getting a
`make nconfig`-ready shell.
Stderr does not exist as a systemd option (StandardError would've been
correct), but since "journal" is the default by association this mistake
never had any effect. just remove the key entirely.
To reduce size, stage 1 (the initrd) is populated by copying specific
binaries in, then copying the libraries specifically needed by those
binaries. `patchelf` is then used to make the binaries search in the
directory where these libraries are copied to instead of their original
store paths.
Some filesystems (e.g. ZFS) do not guarantee that copying the same files
in the same order into a given directory will result in `find` returning
them in any particular order (though the order appears consistent so
long as the directory is not modified).
Therefore, when the binaries are scanned for libraries to copy in, they
might be scanned in a different order each time the derivation is built.
If two binaries need two different libraries with the same name, then a
different instance of the library might be copied in first, changing the
derivation contents and breaking reproducibility.
This turns out to be the case with `libudev.so.1` from both `systemd`
(needed by e.g. `mdadm`) and `systemdMinimal` (needed by e.g.
`dmsetup`). This issue is fixed by sorting the list of binaries to be
scanned instead of relying on filesystem order so that the same instance
always gets seen and copied first.
Both before this change (at least on ext4) and after this change
(without any options that affect stage 1), this is the `libudev.so.1`
from `systemdMinimal` by way of `dmsetup`. Whether this is appropriate
and how much the two different systemd configurations and udev libraries
need to be involved is a topic left for future work.
Bug fix for issue #66431. Adds all files created as a result of
hostSettings configuration to the created service's reloadTriggers,
or to restartTriggers if the version of tinc isn't 1.1pre or later.
According to a ZFS issue about hibernation causing data corruption:
https://github.com/openzfs/zfs/issues/12842
The way this happens is if the system force imports a pool that was
suspended during hibernation. I've had this happen twice on NixOS and
I'd like to avoid having this happen again, to me or others.
To do this I've added an assertion that makes sure you can't have
`forceImportRoot` or `forceImportAll` enabled with `allowHibernation`.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Nginx breaks at runtime when duplicate modules are added. To detect
this, add a `name` key to all modules.
Also remove the outdated modsecurity v2 module and unify `modsecurity`
and `modsecurity-nginx`.
