* frigate: drop BindPaths from systemd service
Migrations have been working well even with misconfigured BindPaths => removing
(cherry picked from commit f45e2f7604)
these changes were generated with nixq 0.0.2, by running
nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix
two mentions of the mdDoc function remain in nixos/, both of which
are inside of comments.
Since lib.mdDoc is already defined as just id, this commit is a no-op as
far as Nix (and the built manual) is concerned.
Frigate does string prefix matching for paths, which isn't exactly
compatible with dynamically provisioned directories of systemd, where
/var/cache/frigate is actually a symlink to /var/cache/private/frigate.
Because we are unlikely to get this fixed upstream, this is one of the
reason we should stop using DynamicUser= here.
The other being, that nginx needs to be able to serve clips and
recordings from both the CacheDirectory and the StateDirectory, and
nginx being a member on a group that may only exist after it was started
up doesn't work reliably.
This is also why we relax the umask to allow g+r/g+rx for newly created
files. Existing installs may need the following permissions fix to get
things going.
```
find /var/lib/frigate/recordings -type d -exec chmod g+rx {} \;
find /var/lib/frigate/recordings -type f -exec chmod g+r {} \;
find /var/cache/frigate -type f -exec chmod g+r {} \;
```
Co-Authored-By: Daniel Barlow <dan@telent.net>
conversions were done using https://github.com/pennae/nix-doc-munge
using (probably) rev f34e145 running
nix-doc-munge nixos/**/*.nix
nix-doc-munge --import nixos/**/*.nix
the tool ensures that only changes that could affect the generated
manual *but don't* are committed, other changes require manual review
and are discarded.
the conversion procedure is simple:
- find all things that look like options, ie calls to either `mkOption`
or `lib.mkOption` that take an attrset. remember the attrset as the
option
- for all options, find a `description` attribute who's value is not a
call to `mdDoc` or `lib.mdDoc`
- textually convert the entire value of the attribute to MD with a few
simple regexes (the set from mdize-module.sh)
- if the change produced a change in the manual output, discard
- if the change kept the manual unchanged, add some text to the
description to make sure we've actually found an option. if the
manual changes this time, keep the converted description
this procedure converts 80% of nixos options to markdown. around 2000
options remain to be inspected, but most of those fail the "does not
change the manual output check": currently the MD conversion process
does not faithfully convert docbook tags like <code> and <package>, so
any option using such tags will not be converted at all.
adds defaultText for all options that use `cfg.*` values in their
defaults, but only for interpolations with no extra processing (other
than toString where necessary)