Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:
nix-build ci -A fmt.check
This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).
This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).
Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).
If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
It was noted in the TLS recommendations comment, but it actually should
be disabled everywhere if ACME is used as H2O has in enabled by default.
More info: <https://letsencrypt.org/2024/12/05/ending-ocsp/>
`uwsgi_pass` uses the uwsgi protocol instead of the HTTP protocol
(that's what `proxy_pass` is for). Also, the source IP is already
derived from the REMOTE_ADDR param that's specified by the uwsgi
defaults from nginx, similarily to how it's done for fcgi.
Hence, removing that since it seems not necessary (and perhaps even
wrong).
If the user has specified a custom data_dir or meta_dir, this results in
garage service failing with read-only filesystem error since the service
runs with DynamicUser by default.
Caddy hostnames can begin with http:// to disable automatic HTTPS.
The default value for services.caddy.<host>.logFormat puts the hostname
in the log filename, resulting in a broken path. Similarly, multiple
space-separated host names would not work before.
Since version 2.9.0 (commit 7c52e7a), caddy fails to start if it cannot
open the log file. This caused NixOS test failures (e.g.,
nixosTests.dokuwiki).
It's hard to put the sourcing of ./.attrs.sh into all builder
consistently - mistakes will happen. Thus, load structured attrs once in
make-derivation and then source the remaining builder on top.
This should fix quite a few builders with structured attributes in
principle. Most importantly it helps substitute / substituteAll, which
are required for bootstrap on some platforms.
