This makes it so that alternative packages, such as `pkgs.forgejo` are
able to be used instead of the default `pkgs.gitea`.
Also adds myself as a maintainer of the module.
The varible `gitea`, which was used instead of `cfg.package`, has been
replaced with the variable `exe`, and is instead the value of the main
executable, as gotten from `lib.getExe`. `cfg.package` is used when this
value is not appropriate.
Gitea spawns `gpg` processes for commit signing related actions.
Those `gpg` processes need `mlock` (probably to prevent secrets
in the memory to swap).
Blocking it (as part of the `@memlock` preset) causes any
commit signing related actions to error out as http/500
trying to get all of the podman functionality to work with the wrapper
is becoming more complicated with each release, it isn't sustainable
removing the wrapper does mean that using extraPackages will need to build from source
- remove unnecessary serviceConfig overrides
- set HELPER_BINARIES_DIR to libexec/podman
- use install.bin target on linux for podman/tmpfiles
- also installs quadlet/rootlessport in libexec
- symlink binaries from helpersBin into HELPER_BINARIES_DIR
- remove unnecessary rootlessport output
- remove unnecessary substituteInPlace
* k3s: add environmentFile option
Enabling to include secrets through configuration such as 'sops'
* Update nixos/doc/manual/release-notes/rl-2305.section.md
Co-authored-by: Jairo Llopis <973709+yajo@users.noreply.github.com>
This reverts commit 2265160fc0 and
e56db577a1.
Ideally, we shouldn't cause friction for users that bump `stateVersion`,
and I'd consider having to switch and/or manually hardcode a UID/GID
to supress the warning friction. I think it'd be more beneficial to, in
this rare case of an ID being missed, just let it be until more
discussion happens surrounding this overall issue.
See https://github.com/NixOS/nixpkgs/pull/217785 for more context.
This reverts commits f5483464d5 and
6b9583e5e1.
Ideally, we shouldn't cause friction for users that bump `stateVersion`,
and I'd consider having to switch and/or manually hardcode a UID/GID
to supress the warning friction. I think it'd be more beneficial to, in
this rare case of an ID being missed, just let it be until more
discussion happens surrounding this overall issue.
See https://github.com/NixOS/nixpkgs/pull/217785 for more context.
Without this change, users that have both `initialHashedPassword` and
`hashedPassword` set will have `initialHashedPassword` take precedence,
but only for the first time `/etc/passwd` is generated. After that,
`hashedPassword` takes precedence. This is surprising behavior as it
would generally be expected for `hashedPassword` to win if both are set.
This wouldn't be a noticeable problem (and an assert could just be made
instead) if the users-groups module did not default the
`root.intialHashedPassword` value to `!`, to prevent login by default.
That means that users who set `root.hashedPassword` and use an ephemeral
rootfs (i.e. `/etc/passwd` is created every boot) are not able to log in
to the root account by default, unless they switch to a new generation
during the same boot (i.e. `/etc/passwd` already exists and
`hashedPassword` is used instead of `initialHashedPassword`) or they set
`root.initialHashedPassword = null` (which is unintuitive and seems
redundant).
Since version 1.10.0 paperless-ngx depends on the NLTK library which is
used to pre-process data for machine learning. NLTK needs certain
data for stemming, stopword removal etc. This data has to be downloaded
first. This commit introduces a new systemd service that does the
downloading.
Being able to override `boot.initrd.systemd.initrdBin` with `boot.initrd.systemd.extraBin` is a desirable behavior, so this PR changes the `ln -s` command to `ln -sf` to force link even if the file already exists.
We’ve been having trouble figuring out which kind of token to use and
why our setup would break every few system updates.
This should clarify which options there are, and which ones lead to
better results.
Ideally there would be a manual section that has a step-by-step guide
on how to set up the github runner, with screenshots and everything.
