https://github.com/NixOS/nixpkgs/pull/107497 broke booting on many systems that
use tmpOnTmpfs due to the lack of specifying the mount type.
This commit explicitly adds the mount type, which should fix booting
such systems.
The original change may want to be revisited however too.
(The first version of this change, in commit 39fad297fd, broke
`nix-build -A nixosTests.installer.simpleUefiSystemdBoot`. This is the
2nd version, which hopefully does not break anything.)
`nixos-rebuild build-vm-with-bootloader` currently fails with the
default NixOS EFI configuration:
$ cat >configuration.nix <<EOF
{
fileSystems."/".device = "/dev/sda1";
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}
EOF
$ nixos-rebuild build-vm-with-bootloader -I nixos-config=$PWD/configuration.nix -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixos-20.09.tar.gz
[...]
insmod: ERROR: could not insert module /nix/store/1ibmgfr13r8b6xyn4f0wj115819f359c-linux-5.4.83/lib/modules/5.4.83/kernel/fs/efivarfs/efivarfs.ko.xz: No such device
mount: /sys/firmware/efi/efivars: mount point does not exist.
[ 1.908328] reboot: Power down
builder for '/nix/store/dx2ycclyknvibrskwmii42sgyalagjxa-nixos-boot-disk.drv' failed with exit code 32
[...]
Fix it by setting virtualisation.useEFIBoot = true when needed.
Before:
* release-20.03: successful build, unsuccessful run
* release-20.09 (and master): unsuccessful build
After:
* Successful build and run.
Fixes#107255
This corresponds to agetty's --login-options argument.
With this change, I can set
services.getty.autologinUser = "qyliss";
services.getty.loginOptions = "-- \\u";
and have my username prefilled, but with my password still
required (unlike the normal autologinUser behaviour).
b478e0043c removed every other instance of uwsgi.service and
httpd.service from Mailman before and requiredBy lists. This one
looks like it was just missed, since I can't see a reason to keep it
but remove the others.
Fixes: b478e0043c ("nixos/mailman: refactor")
* It should be made explicit in the eval-error that the CVE only affects
a component which is turned off by default.
* For more clarity, the default version used by the module is noted in
the manual.
Closes#108419
It's been 8.5 years since NixOS used mingetty, but the option was
never renamed (despite the file definining the module being renamed in
9f5051b76c ("Rename mingetty module to agetty")).
I've chosen to rename it to services.getty here, rather than
services.agetty, because getty is implemantation-neutral and also the
name of the unit that is generated.
By default in Nginx, if you want to override a single fastcgi_param,
you have to override all of them. This is less of a big deal if
you're editing the Nginx configuration directly, but when you're
generating the Nginx configuration with Nix it can be very annoying to
bloat your configuration repeating the default values of FastCGI
parameters every time.
This patch adds a fastcgiParams option to Nginx locations. If any
parameters are set through this, all the default values will be
included as well, so only the ones that are changing need to be
supplied. There's no way to use fastcgiParams to actually override
all parameters if that's what you want, but I think that's a niche use
case and it's still possible using extraConfig, which up until now was
the only option
Nginx allows the fastcgi_param directive in http and server scopes as
well as location, but here I only support location. It would be
possible to support the others, but I don't think it's worth it. It
would be a possible future enhancement if somebody has a need for it.
This plugin is used commonly enough that we should ensure it still
builds (and dovecot works) after loading it.
This is not yet perfect as we aren't testing any of it's functionality
but at least we ensure that dovecot continues to do the regular job.
Enabling the profile can lead to hard-to-debug issues, which should be
warned about in addition to the cost in features and performance.
See https://github.com/NixOS/nixpkgs/issues/108262 for an example.
androidenv did not previously write license files, which caused certain
gradle-based Android tools to fail. Restructure androidenv's list of
Android packages into a single repo.json file to prevent duplication
and enable us to extract the EULA texts, which we then hash with
builtins.hashString to produce the license files that Android gradle
tools look for.
Remove includeDocs and lldbVersions, as these have been removed
from the Android package repositories.
Improve documentation and examples.
* Content of `programlisting` shouldn't be indented, otherwise it's
weirdly indented in the output.
* Use `<xref linkend=.../>` in the release notes: then users can
directly go to the option documentation when reading release notes.
* Don't use docbook tags in `mkRemovedOptionModule`: it's only used
during evaluation where docbook isn't rendered.
Previously, after the version bump to v247, we broke journalctl --grep
as libpcre2 was lazily loaded during runtime using dlopen(3). This
ensures that we have a test case that alerts us when it fails again.