This patch is about removing `wireguardPeerConfig`,
`dhcpServerStaticLeaseConfig` - a.k.a. the
AbstractSingletonProxyFactoryBean of nixpkgs - and friends.
As a former colleague said
> worst abstraction ever
I second that. I've written enough networkd config for NixOS systems so
far to have a strong dislike. In fact, these don't even make sense:
`netdevs.wireguardPeers._.wireguardPeerConfig` will be rendered into
the key `[WireGuardPeer]` and every key from `wireguardPeerConfig` is in
there. Since it's INI, there's no place where sections on the same level
as wireguardPeerConfig fit into. Hence, get rid of it all.
For the transition, using the old way is still allowed, but gives a
warning. I think we could drop this after one release.
The tests of rosenpass and systemd-networkd-dhcpserver-static-leases
were broken on the rev before, hence they were updated, but are still
not building.
The original code tests output of `ip addr add` command to detect if an
adress already exists. The error message was changed in the past and the
test no longer works.
The patch replaces `ip addr add` with `ip addr replace`. The new command
replaces an existing address or creates a new one if there isn't any.
fixes 306841
these changes were generated with nixq 0.0.2, by running
nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix
two mentions of the mdDoc function remain in nixos/, both of which
are inside of comments.
Since lib.mdDoc is already defined as just id, this commit is a no-op as
far as Nix (and the built manual) is concerned.
services.nfs.settings is added for options that go into /etc/nfs.conf.
There are services.nfs.server.extraNfsdConfig and
services.nfs.extraConfig, but they have drawbacks. They overlap in
scope (nfs.extraConfig can also add nfsd options). They require that one
writes INI syntax. They often produce nfs.conf files with duplicate
section names, which is confusing.
This deprecates services.nfs.server.extraNfsdConfig and
services.nfs.extraConfig.
services.nfs.settings cannot be used together with
services.nfs.server.extraNfsdConfig or services.nfs.extraConfig.
This just adds complexity and confusion. Once-upon-a-time, there was no
`package` and only `enableUnstable`, but now it is just confusing to
have both, as it would be possible to do e.g. `package = pkgs.zfs` and
`enableUnstable = true`, but then `enableUnstable` does nothing.
This adds compatibility with newer kernels, which fixes
nixosTests.zfs.series_2_1, which broke when the default kernel version
was bumped.
This means we no longer need the removeLinuxDRM option at all, but
I've kept it around as a no-op so people can leave it set in case the
same thing happens again in future.
ZFS no longer tries to use GPL-only symbols on aarch64.
Tested by building nixosTests.zfs.stable (modified to use Linux 6.6)
and nixosTests.zfs.unstable.
this lets us *dis*able filesystem explicitly, as is required by e.g. the
zfs-less installer images. currently that specifically is only easily
possible by adding an overlay that stubs out `zfs`, with the obvious
side-effect of also removing tooling that could run without the kernel
module loaded.
From systemd 247, timers can be configured to randomize their delay
once and to apply the same random delay for all future executions.
This allows users to have less jitter between auto-upgrade executions
while still avoiding multiple timers firing simultaneously on a
machine or multiple machines all performing their upgrades
simultaneously.
The default option value (false) is backwards compatible.
All supported versions of NixOS (in fact, back to and including 21.05)
use systemd 247 or later.
Encountered boot errors in pool with `listsnapshots=on` getKeyLocations should ignore snapshots as they will not be well-handled by createImportService later on
the bug causes a hard dependency on an underlying device which might not be
valid for all interfaces, also broke the example for networking.sits. this is
due to calling hasAttr first and checking for null afterwards, the bug was
made more apparent in commit 76a3c30
When `config.boot.zfs.enableUnstable` is set to true, grub was built with the `zfs` package even though the rest of the system uses the `zfsUnstable` package.
The effect of this can only be seen when `zfs` and `zfsUnstable` actually differ (which is not currently the case), for example when overriding one of them locally.
This simplifies the setup to receive emails from the ZFS Event Daemon
by relying on the sendmail wrapper defined by other modules such as
msmtp or Postfix.
This is more similar to how other modules like smartd deal with email
configuration.
The user is no longer required to define and rebuild their own ZFS
package to add email support.
GitHub: closes https://github.com/NixOS/nixpkgs/issues/132464
In 759ec111 the ping setuid wrapper was removed in favour of giving
permissions to perform ICMP echo requests to all users.
The problem is that the systemd file that was supposed to change the
`net.ipv4.ping_group_range` sysctl is not always installed, specifically
only if systemd.coredump.enable.
In that case the range is "0 1", which is effectively restricts ping to
only root.
This change explicitely sets the range to "0 2^31-1", as systemd does.