Currently if a timezone was selected explicitly, the service will
silently override the value, essentially ignoring what is meant to be a
a deliberate choice of option. This may cause confusion as to why the
option is not doing anything when this service is enabled, particularly
in more complex set-ups after some time.
This will simply make the choice deliberate from the user's part, either
by having to remove the option or lowering its priority as a recognition
that it may be ignored.
This change was inspired by the `services.tzupdate` module, which does
the same.
[1]: <https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/misc/tzupdate.nix#L24>
Currently if a timezone was selected explicitly, the service will
silently override the value, essentially ignoring what is meant to be a
a deliberate choice of option. This may cause confusion as to why the
option is not doing anything when this service is enabled, particularly
in more complex set-ups after some time.
This will simply make the choice deliberate from the user's part, either
by having to remove the option or lowering its priority as a recognition
that it may be ignored.
This change was inspired by the `services.tzupdate` module, which does
the same.
[1]: <https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/misc/tzupdate.nix#L24>
If `opts.home` is not a string, an evaluation failure occurs in
`mapAttrs'`. Converting `opts.home` to string solves this issue.
The type of `users.users.<name>.home` is `lib.types.path`. Values
other than strings, e.g., derivations can also have the type
`lib.types.path`.
- Introduce more possible options by using the krb format generator.
- Enforce package choice is using a correct package.
- Use meta attribute to decide implementation, allows for overriding the
package.
- Make necessary changes to the format, to allow for multiple ACL files in
heimdal.
- Add systemd target and slice for both implementations.
- Move state to `/var/lib`
- Add documentation
This reverts commit e827697fd3.
This seems to cause various issues during system activation, as reported
in https://github.com/NixOS/nixpkgs/issues/302771 for example.
Due to being close to branchoff, revert this for now.
We'll open a tracking issue to collect and sort out remaining issues.
these changes were generated with nixq 0.0.2, by running
nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix
two mentions of the mdDoc function remain in nixos/, both of which
are inside of comments.
Since lib.mdDoc is already defined as just id, this commit is a no-op as
far as Nix (and the built manual) is concerned.
Otherwise /run/dbus is created with the wrong permissions.
For some reason our recent changes made /run/dbus be 0700 instead of
0755. This is actually the default of homeMode. So something worked by
accident before?
- Make inputs more diff friendly
- Add flags for enabling certain libraries
- Disable LDAP support as HDB module by default
- Add support for CJSON
- Flatten contents of `$out/libexec`, which earlier had an
`heimdal/heimdal` directory
- Use SRI hash
- Enable package tests
- Add `passthru.tests.nixos`
- Add `meta.homepage` and `meta.changelog`
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
This replaces the krb5 module's options with RFC 42-style krb5.settings
option, while greatly simplifying the code and fixing a few bugs,
namely:
- #243068 krb5: Configuration silently gets ignored when set by
multiple modules
- not being able to use mkIf etc. inside subattributes of
krb5.libdefaults, e.g. krb5.libdefaults.default_realm = mkIf ...
See #144575.
Closes#243068.
Co-authored-by: h7x4 <h7x4@nani.wtf>
When reloading the dbus-broker service (e.g. when switching to a new generation),
the reload fails when /tmp got remounted after the service had been started.
Since the dbus-broker service starts early, and does not have default dependencies,
this situation does occur in practice.
This change makes sure that if there are mount units for /tmp, dbus-broker gets
ordered after them.
See also https://github.com/systemd/systemd/issues/28515
We do not really declare module dependencies anywhere else and it would
a nousance to move any file if many other referenced it without being
necessary. Also most higher level modules depend on most of the lower
level ones.
So removing this because it can only potentially cause weird issues.
