- Migrate to pkgs/by-name
- Format with nixfmt-rfc-style
- Make it possible to remove support for very old migrations in the future by increasing the `minRepoVersion` parameter
- Rename kubo-migrator-all-fs-repo-migrations to kubo-fs-repo-migrations since it may no longer include all migrations
- Add an alias for kubo-migrator-all-fs-repo-migrations to keep backwards compatibility
- Update descriptions to differentiate between kubo-migrator and kubo-migrator-unwrapped and better describe the purpose of the migrator
- Add a description to every individual migration
- Add a description to kubo-fs-repo-migrations
- Fetch the source code of the individual migrations from their specific Git tags, like upstream intends
- Enable tests for some migrations
- Check that the migrations don't crash on startup
- Mark two broken migrations as broken. They are not compatible with the latest Go versions and upstream is not interested in fixing this
- Change code to allow most updates to be done by only changing three lines (add new version and change git tag and hash)
- Add a stub for any disabled or broken migration to prevent downloading unsigned binaries from the internet, see https://github.com/ipfs/fs-repo-migrations/issues/148#issuecomment-2351355627 and https://github.com/ipfs/fs-repo-migrations/issues/188
- Use `lib.getExe` instead of hardcoding the binary name in the kubo NixOS module
- Use `substituteInPlace` with `--replace-fail` instead of `--replace`
services.bind.cacheNetworks should only apply to recursive queryies, as
per the option documentation:
> Note that this is for recursive queries – all networks are allowed to
> query zones configured with the zones option by default [...].
This would correspond to the `allow-query-cache` option in named.conf,
as per the BIND docs[1]:
> Specifies which hosts (an IP address list) can access this server’s
> cache and thus effectively controls recursion.
And not `allow-query`, which restricts all requests (including requests
where the server has authority) [2]:
> Specifies which hosts (an IP address list) are allowed to send queries
> to this resolver.
> [...]
> Note:
> `allow-query-cache` is used to specify access to the cache.
[1]: https://bind9.readthedocs.io/en/v9.20.0/reference.html#namedconf-statement-allow-query-cache
[2]: https://bind9.readthedocs.io/en/v9.20.0/reference.html#namedconf-statement-allow-query
This adds a `services.scx.enable` option to enable sched-ext schedulers.
Requires a kernel with sched-ext enabled (6.12+) or a kernel with the patchset.
requiredKernelConfigs are taken from https://cateee.net/lkddb/web-lkddb/SCHED_CLASS_EXT.html
This change is to support LEGO's capability to spawn an external process that
solves the DNS-01 challenge. In particular, this enables a setup where LEGO
runs a shell script that uses nsd-control to add an appropriate zone to a
local NSD instance.
Allows setting `programs.obs-studio.package = null`, which is useful in
case the user wants the appropriate kernel modules from
`programs.obs-studio.enableVirtualCamera`, but does not wish to install
obs system-wide with nixos (e.g., because they want to install it just
for their user with home-manager or maybe via flatpak).
E.g. when overriding `nix` with `pkgs.lix`, `nixos-option` will fail.
Given that I haven't used it in a very long time, I wanted to disable
it, but finding an option to turn off `nixos-option` is kinda hard given
that the options are generated here using `mkToolModule`.
I assumed that this isn't possible until I learned that
`system.tools.X.enable` exists. To me, this is a clear sign that these
shouldn't be internal.
See https://github.com/systemd/systemd/issues/33414.
The way this was phrased sounded like a dumb search/replace operation to
me. This resulted in random parts of my routing being broken (forward
from if X -> Y being fine, but the opposite direction being broken).
This change makes it explicit that it's a little more complicated and
you should really consult the docs before making that change.