This commit introduces the possibility to optionally enable the Jitsi
Gateway to SIP (jigasi) module. SIP credentials can be defined in
`services.jigasi.environmentFile`.
Deprecation warning: The standalone 'grafana-server' program is deprecated and will be removed in the future. Please update all uses of 'grafana-server' to 'grafana server'
The error message was:
msg="Failed to read plugin provisioning files from directory" path=/nix/store/gs2cy8n6ndsa1f7msf7ndl8f85xl1pzg-grafana-provisioning/plugins
error="open /nix/store/gs2cy8n6ndsa1f7msf7ndl8f85xl1pzg-grafana-provisioning/plugins: no such file or directory"
I don't use this tool but saw it in the top level and that's not where it should
live.
This could arguably also be seen as a RAID; it's a bit of an in-between.
ServerQuery actually listens on three separate addresses each
corresponding to its own protocol (raw/telnet, ssh, and http). By only
setting `query_addr` we only update what IP we listen on for the raw
protocol, not ssh and http protocols which end up listening on the
default wildcard address.
This change simply makes it so that setting `queryIP` sets the IP for
all three protocols by setting each corresponding option (`query_ip`,
`query_ssh_ip` and `query_http_ip`).
see https://github.com/lathiat/nss-mdns#:~:text=in%20such%20a%20situation%20causes%20long%20timeouts%20when%20resolving%20hosts
especially:
> libnss_mdns.so.2 resolves both IPv6 and IPv4 addresses, libnss_mdns4.so.2 only IPv4 addresses and
> libnss_mdns6.so.2 only IPv6 addresses. Due to the fact that most mDNS responders only register local IPv4
> addresses via mDNS, most people will want to use libnss_mdns4.so.2 exclusively. Using libnss_mdns.so.2
> or libnss_mdns6.so.2 in such a situation causes long timeouts when resolving hosts since most modern
> Unix/Linux applications check for IPv6 addresses first, followed by a lookup for IPv4.
Recent PR 266270[1] modified an assertion related to database settings
of the redmine service. There are two problems with that change:
1. Assert message was not updated to reflect the change in the assert
condition.
2. The new condition applies only to postgresql, not the default
mysql. Therefore, the assertion breaks existing mysql-based
installations without any reason.
This commit fixes these by 1) reverting the modified assertion to the
previous value, making the message match the condition and 2) adding a
new assertion that applies only to postgresql.
[1]: https://github.com/NixOS/nixpkgs/pull/266270
To help users migrate from the previous
settings to new freeform settings type,
the commit at hand adds some
`mkRemovedOptionModule` and `mkRenamedOptionModule`.
These modules are not designed to work
inside an attribute set of submodules.
They create values for `assertions` and
`warnings` to inform the user of required changes.
Also, these informational texts do not contain
the full attribute path of the changed options.
To work around these deficiencies,
we define the required options `assertions` and `warnings`
inside the submodule and later add the values collected
inside these options to the corresponding top-level options.
In the course of doing so, we also add the full attribute path
to the informational texts so the user knows these warning
and error messages refer to the `tsmClient.servers` option.
Also, we have to filter out `warnings`, `assertions`, and
the "old" options when rendering the target config file.
Check for spaces or duplicate names in server config keys.
Since server config keys are case insensitive,
a setting like
```
{
compression = "yes";
Compression = "no";
}
```
would lead to an ambiguous configuration.
`tsm-client` uses a global configuration
file that must contain coordinates for each
server that it is supposed to contact.
This configuration consists of text
lines with key-value pairs.
In the NixOS module, these servers may be declared
with an attribute set, where the attribute name
defines an alias for the server, and the value
is again an attribute set with the settings for
the respective server.
This is organized as an option of type `attrsOf submodule...`.
Before this commit:
Important settings have their own option within
the submodule. For everything else, there is
the "catch-all" option `extraConfig` that may
be used to declare any key-value pairs.
There is also `text` that can be used to
add arbitrary text to each server's
section in the global config file.
After this commit:
`extraConfig` and `text` are gone,
the attribute names and values of each server's attribute
set are translated directly into key-value pairs,
with the following notable rules:
* Lists are translated into multiple lines
with the same key, as such is permitted by
the software for certain keys.
* `null` may be used to override/shadow a value that
is defined elsewhere and hides the corresponding key.
Those "important settings" that have previously been
defined as dedicated options are still defined as such,
but they have been renamed to match their
corresponding key names in the configuration file.
There is a notable exception:
"Our" boolean option `genPasswd` influences the "real"
option `passwordaccess', but the latter one is
uncomfortable to use and might lead
to undesirable outcome if used the wrong way.
So it seems advisable to keep the boolean option
and the warning in its description.
To this end, the value of `getPasswd` itself is
later filtered out when the config file is generated.
The tsm-backup service module and the vm test are adapted.
Migration code will be added in a separate
commit to permit easy reversal later, when the
migration code is no longer deemed necessary.
With the tsm-client 8.1.19.0 release,
IBM renamed the product brand from
"IBM Spectrum Protect" to "IBM Storage Protect":
https://www.ibm.com/support/pages/node/6964770 .
The package already got updated in commits
5ff5b2ae4c and
a4b7a62532 .
The commit at hand updates the modules accordingly.
The --rsyncable option changes the behavior of gzip/zstd so that the
resulting files can be incrementally backed up easily. Tools like Borg,
rsync and xdelta can make use their deduplication/diff mechanisms more
easily.
In my local testing, this resulted in a 2% size increase for backup
files.
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
Provide a NixOS module for the [built-in Anki Sync
Server](https://docs.ankiweb.net/sync-server.html) included in recent
versions of Anki. This supersedes the `ankisyncd` module, but we should
keep that for now because `ankisyncd` supports older versions of Anki
clients than this module.
I was using a 23.11 package on a NixOS 23.05 system and this caused the
python that was used in gunicorn to differ from the python the postgres
lib was linked against.
SnapRAID has a feature where you can specify "split" parity files. This
is useful when you're using 16tb or bigger ext4-formatted disks for
parity. ext4 doesn't support files bigger than 16tb so this "split
parity file" can be used to specify two parity files on a single parity
disk and SnapRAID will automatically use the subsequent file when the current
cannot grow anymore (hits 16TB). You specify these split parity files by
separating them with commas in the "parity" config option. This
mostly already works except when it comes to the scheduled systemd sync
job where it specifies ReadWritePaths. If you specify a parity with
multiple files you'll get an error when the systemd job runs: Failed to
set up mount namespacing:
/run/systemd/unit-root/mnt/parity1/snapraid1.parity,/mnt/parity1/snapraid2.parity: No such file or directory
Essentially, when the parity file paths are passed into ReadWritePaths,
they're always treated as a single path. This change makes sure to
split the paths if they contain a comma.
The big concern for this change is if it would break users who have
commas in their actual parity file paths. This won't be an issue because SnapRAID
itself blindly splits on commas for parity files, so legitimate commas in a parity
file path wouldn't work in SnapRAID anyway. See here:
978d812153/cmdline/state.c (L692)
SnapRAID doc for split parity files: https://www.snapraid.it/manual#7.1
If `services.samba.enable` is true, the the samba Module already adds the samba Package. If a User sets a differnet Package in `services.samba.package` then `environment.systemPackages` will contain two different samba Packages.
```
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/testparm' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/testparm'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/testparm' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/testparm'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/nmbd' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/nmbd'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/nmbd' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/nmbd'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/smbcontrol' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/smbcontrol'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/smbcontrol' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/smbcontrol'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/gentest' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/gentest'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/gentest' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/gentest'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/smbpasswd' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/smbpasswd'
system-path> warning: collision between `/nix/store/rw5fzn10lb21xk3myc0d4m49j69d0crs-samba-4.19.2/bin/smbd' and `/nix/store/ssxn9pnl293knqghcjvpbzb6ysg0f7fv-samba-4.19.2/bin/smbd'
...
```
(The original samba will still stay in the closure as `kdenetwork-filesharing` depends on it.)
The `services.vdirsyncer.jobs.<name>.config.statusPath` option was
making the appropriate changes to the systemd service options, but not
to the vdirsyncer config file.
Probably no one ever tested this, mediawiki tries to create the database inside the read-only
package. There might be a proper fix but for now it's better to not advertise unsupported options.
Apart from being bad practice, absolute paths may be confusing;
especially the `services.emacs.package` definition in the "Running
Emacs as a service" section. Remove them.
Supersedes: https://github.com/NixOS/nixpkgs/pull/192019
Co-authored-by: Alexander Bantyev <balsoft@balsoft.ru>
systemd would previously create a nonoperational
"/var/lib/transmission/watch-dir" directory due to a typo in the
StateDirectory array ("watch-dir" -> "watchdir")
I have corrected this by using the pre-declared constants for these
folder names.
This re-introduces the old stable ZFS version we had in the past following
the many predicted issues of ZFS 2.2.x series, that is much more stable
than any further ZFS version at the moment.
I am also removing myself from maintenance of any further ZFS versions as I am
planning to quit ZFS maintenance at some point.
In the meantime, for users like me who depend on ZFS for critical operations, here is a ZFS version
that is known to work for LTS kernels.
This adds a NixOS module for XScreenSaver (from @aidalgol in #130218,
with a few updates).
The module:
* Installs XScreenSaver
* Sets up a suid wrapper for xscreensaver-auth
* Sets up a user service for xscreensaver
The suid wrapper should function correctly when xscreensaver is
installed via the derivation update in 40a00547b71.
Co-authored-by: Aidan Gauland <aidalgol@fastmail.net>
Co-authored-by: Anderson Torres <torres.anderson.85@protonmail.com>
The sshKey options do not need to be a valid path at build time. Using
string instead allow use case when the path is not known at build time
such as when using systemd credentials (e.g. `sshKey =
"\${CREDENTIALS_DIRECTORY}/zfs-replication_ed25519";`).
- Use lazyAttrs (for config references) settings for main server.properties.
- Drop dangerous default for "log.dirs"
- Drop apache-kafka homedir; unused and confusing
- Support formatting kraft logdirs