- Remove lots of declared options that were not used outside of being
included in settings. These should now be used through the freeform
module.
- Deprecate `cfg.workDir`, in favor of using systemds `StateDirectory`
- Use sqlite as default database.
Co-authored-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
The networkd backend logic for setting DHCP= on an interface is bugged
and inconsistent with the scripted logic. Consider this simple NixOS
configuration:
{
networking.useNetworkd = true;
networking.interfaces.eth0.wakeOnLan.enable = true;
}
The default value of networking.useDHCP is true, so we expect our eth0
interface to have DHCP enabled. With the scripted backend, this works.
But the networkd backend generates the following 40-eth0.network file:
[Match]
Name=eth0
[Network]
DHCP=no
IPv6PrivacyExtensions=kernel
This is happening because the wakeOnLan configuration creates a key in
networking.interfaces, and the networkd backend erroneously checks that
instead of for explicitly configured IP addresses as in the scripted
backend. The documentation is also inconsistent across various options.
This change aligns the networkd backend and option documentation to the
actual behavior of the scripted backend, and updates a test to account
for this behavior for both backends.
I noticed that openvpn3 is been clobbering my `/etc/resolv.conf` file. I
dug around a bit, and it turns out that upstream actually does have
support for systemd-resolved. I think it makes sense for us to
automatically enable that feature if the system is configured to use
systemd-resolved.
I opted to not change the default behavior of `pkgs.openvpn3`, but can
easily be convinced to change that if folks think I should.
With those settings starting dex crashed with:
Oct 03 21:37:51 hydrogen (tart-pre)[11048]: dex.service: Failed to set up mount namespacing: /run/systemd/mount-rootfs/sys/fs/cgroup/system.slice/dex.service/memory.pressure: No such file or directory
Oct 03 21:37:51 hydrogen (tart-pre)[11048]: dex.service: Failed at step NAMESPACE spawning /nix/store/q8clp1lm8jznxf9330jd8cwc6mdy6glz-dex-start-pre: No such file or directory
without this
```
nix-repl> nixosTests.xfce.nodes.machine.services.xserver.xkb
error: The option 'nodes.machine.services.xserver.xkb' is used but not defined.
```
with this
```
nix-repl> nixosTests.xfce.nodes.machine.services.xserver.xkb
{ dir = "/nix/store/096yg7fc67py86w0bm6g7a32npgyh5ic-xkeyboard-config-2.39/etc/X11/xkb"; layout = "us"; model = "pc104"; options = "terminate:ctrl_alt_bksp"; variant = ""; }
```
I chose not to do nixos.{config, options} because that would make it
look too much like a configuration object, which it is not.
A configuration object I would define as for example the result of
calling NixOS, an attrset with `_type = "configuration";`.
Recreating a configuration object without evalModules is quite
feasible but not guaranteed to be correct, and not maintainable.
This commit makes auto-restarting declarative containers optional.
This is useful when you don't want changes to your config to automatically
restart the container and thus stop any applications running inside it.
[Motivation](https://github.com/NixOS/nixpkgs/issues/257817#issuecomment-1741705042):
- Having all the XKB options in the same attribute set clarifies their
relation better than using a common option name prefix ("xkb").
- `services.xserver.layout` is an XKB option, but this is not obvious
from its name. Putting it with the other XKB options clarifies this.
Co-authored-by: Michele Guerini Rocco <rnhmjoj@users.noreply.github.com>
Makes it possible to override properties of a rule by name. Introduces
an 'order' field that can be overridden to change the sequence of rules.
For now, the order value for each built-in rule is derived from its
place in the hardcoded list of rules.
Adds easily overrideable settings for the most common PAM argument
styles. These are:
- Flag (e.g. "use_first_pass"): rendered for true boolean values. false
values are ignored.
- Key-value (e.g. "action=validate"): rendered for non-null, non-boolean
values.
Most PAM arguments can be configured this way. Others can still be
configured with the 'args' option.
This reverts commit 80665d606a.
Parsing the package version broke our systemd-boot builder test.
i.e. it won't be able to parse systemd-boot efi binaries coming from
ubuntu
We no longer use the faulty systemd-boot version so this code should no
longer be needed.
