Adding custom plugins causes the `vim` command to be a wrapper script
running `vim -u ...`, which makes it not load the default ~/.vimrc.
(This is analogous to #177375 about neovim.)
As of Vim 9, the syntax-highlighting portion of the nix plugin is
upstream; the full plugin is only needed for indentation etc. (see also
e261eb152b). So, using regular pkgs.vim
works around this behavior/bug and causes any ~/.vimrc to get loaded,
without regressing the syntax highlighting support that motivated the
change being reverted here.
This reverts commit 0b5a0cbc69.
I'm maintaining the associated packages. So it makes sense to add myself
to their modules as well.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
The 1.x iteration of globalprotect-openconnect is no longer being
developed. Remove related components from nixpkgs.
Signed-off-by: Rahul Rameshbabu <sergeantsagara@protonmail.com>
It thinks we want to expand the `*` regex expressions inside the `sed`
commands. We do not.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
tpm2.target was functionally useless without these services and this
generator. When systemd-cryptsetup-generator creates
systemd-cryptsetup@.service units, they are ordered after
systemd-tpm2-setup-early.service, not tpm2.target. These services are
themselves ordered after tpm2.target.
Note: The systemd-tpm2-setup(-early) services will serve no *function*
under a normal NixOS system at the moment. Because of their
ConditionSecurity=measured-uki, they will always be skipped, unless
you are building an appliance with the system.build.uki feature. Thus,
these are enabled solely for their systemd unit ordering properties.
This module provides some abstraction for a multi-stage build to create
a dm-verity protected NixOS repart image.
The opinionated approach realized by this module is to first create an
immutable, verity-protected nix store partition, then embed the root
hash of the corresponding verity hash partition in a UKI, that is then
injected into the ESP of the resulting image.
The UKI can then precisely identify the corresponding data from which
the entire system is bootstrapped.
The module comes with a script that checks the UKI used in the final
image corresponds to the intermediate image created in the first step.
This is necessary to notice incompatible substitutions of
non-reproducible store paths, for example when working with distributed
builds, or when offline-signing the UKI.
