When a NixOS system uses flakes, i.e., /etc/nixos/flake.nix exists, it
is impossible to use nixos-rebuild to build a pre-flake
configuration.nix. Of course, one can directly use nix command to
build the configuration, but not everybody remembers the correct nix
options to do that.
With the new option, it is possible to build a pre-flake configuration
with command like this:
nixos-rebuild build-vm -I nixos-config=./vm.nix --no-flake
The option might be useful for people following older pre-flake
tutorials on a flake-based system.
hostNames being deprecated makes configuring hosts with multiple keys a
pain. including the attr name of the entry in the host name list is a
nice convenience though, so we'll retain it and clarify the
documentation on how the actual host name list for an entry is put
together.
* _7zz: correct license and remove p7zip dependency
The code under Compress/Rar* is licensed under a specific unRAR license
Also Compress/LzfseDecoder.cpp is covered by BSD3
The unRAR code is removed from the `.tar.xz` since the license posits you
agree or remove the code from your hard drive
This adds some complexity to updating 7zz so there is also an update
script
Meta has been updated and tweaked
Source is now downloaded from sourceforge in the `.tar.xz` version to
avoid depending on p7zip
* _7zz: add notice of the license updates and optional unRAR licenced code
If `services.tor.client.enable` is set to false (the default), the `SOCKSPort` option is not added to the torrc file but since Tor defaults to listening on port 9050 when the option is not specified, the tor client is not actually disabled. To fix this, simply set `SOCKSPort` to 0, which disables the client.
Use `mkForce` to prevent potentially two different `SOCKSPort` options in the torrc file, with one of them being 0 as this would cause Tor to fail to start. When `services.tor.client.enable` is set to false, this should always be disabled.
pam-ussh allows authorizing using an SSH certificate stored in your
SSH agent, in a similar manner to pam-ssh-agent-auth, but for
certificates rather than raw public keys.
