Systemd upstream provides targets for networking. This also includes a target network-online.target.
In this PR I remove / replace most occurrences since some of them were even wrong and could delay startup.
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
This helps in setting a fixed firewall open port for NFS lockd.
Based on:
http://rlworkman.net/howtos/NFS_Firewall_HOWTO
(cherry picked from commit b32ca0616ff70795f71995fa79ea508b82f30b3a)
Conflicts:
nixos/modules/services/network-filesystems/nfsd.nix
The .configText option is for providing verbatim content of smb.conf.
I'm adding this because I cannot seem to find any other way to override
(with mkForce) the generated smb.conf with the current samba module. All
attempts ends with errors ("duplicate entry samba/smb.conf").
It's not that difficult to define shares using standard samba config
file syntax, so why do we need the semi-configurable .defaultShare
option?
Also:
* It uses /home/smbd and I think /home should be reserved
for real human users.
* If enabled, it breaks the assumption that .extraConfig continues in
the [global] section.
Without .defaultShare there is no need for the "smbguest" user and group
either, mark them as unused.
Using pkgs.lib on the spine of module evaluation is problematic
because the pkgs argument depends on the result of module
evaluation. To prevent an infinite recursion, pkgs and some of the
modules are evaluated twice, which is inefficient. Using ‘with lib’
prevents this problem.
(systemd service descriptions that is, not service descriptions in "man
configuration.nix".)
Capitalizing each word in the description seems to be the accepted
standard.
Also shorten these descriptions:
* "Munin node, the agent process" => "Munin Node"
* "Planet Venus, an awesome ‘river of news’ feed reader" => "Planet Venus Feed Reader"
That is, you can say
security.pam.services.sshd = { options... };
instead of
security.pam.services = [ { name = "sshd"; options... } ];
making it easier to override PAM settings from other modules.