Prior to this change, arguments were not escaped nor was the possiblity
for arguments to be empty accounted for. This led to a kinda broken
startup script were arguments were "shifted", e.g. leaving allowedIPs
empty in order to use the default would cause `--bird` (the following
arguments key) to be used as the value. This was also observable when
e.g. the navbarBrand had a space in it where only everything until the
first space would show up.
With the new approach, all arguments are consistently escaped and empty
ones left out.
`extraConfig` now supports and prefers lists of strings instead of
lines (still supported but warned). This is due to the fragility with
respect to e.g. forgetting trailing backslashes after each line.
`frontend.{servers,domain}` are unset by default since the frontend
needs (the upstream project itself has no empty defaults here) needs
them to be set. If not set, an error is caused at build-time.
`proxy.birdSocket` has a new default: The projects README[^1] states
`/var/run/bird/bird.ctl` as the current default value. And bird2 on
NixOS does use this path too.
[^1]: https://github.com/xddxdd/bird-lg-go#proxy
Now that `useBootLoader` produces a full system image, moving disk
images can be slow because they have a full Nix store in them.
It does not make sense to keep the 9p mountpoint to shadow the
/nix/store of the VM.
We disable it if we have `useBootLoader` and introduce an option for
easy overrides.
When using Roundcube with a non local PostgreSQL database wait for
network start before running roundcube-setup.service
Otherwise the database is not reachable and the service fails.
Extract PostgreSQL database password for Roundcube from .pgpass file.
The password file is used in two locations:
1. in the Roundcube config.php
2. in the systemd setup service that initializes the roundcube
database
These two services need the password in different formats.
Keep the password file in PostgreSQL standard format and extract the
password for the Roundcube config (see #215986).
This option has been introduced in 678eed323f without realizing there was this
PR inflight, unfortunately, it collide with what this PR does and make
it irrelevant.
Therefore, I remove it here.
which allows the use of custom packages, that may not have binaries called `consul` or `consul-alerts` in their `/bin/*` (though arguably pretty unlikely to be ever used)
This allows users to set
`programs.firefox.nativeMessagingHosts.euwebid = true` to make the
native companion app available in Firefox.
It's used by the Web eID browser extension
(https://addons.mozilla.org/en/firefox/addon/web-eid-webextension/),
which can be tried out at https://web-eid.eu/ - pressing the
"Authenticate" button there should open a new window.