The assertion message should include the `nixpkgs.config` value, however
it currently includes the entire `nixpkgs.config` _option_.
This means the type, declarations, definitions, etc were all printed.
smartctl_exporter already runs with SupplementaryGroups "disk", which
gives full access to SATA drives, but NVMe devices are owned by
root:root, resulting in no access:
[...] msg="Smartctl open device: /dev/nvme0 failed: Permission denied"
This patch introduces a "smartctl-exporter-access" supplementary
group, and an udev rule with setfacl to give the exporter access to NVMe
drives, without changing the base root:root ownership.
Fixes https://github.com/NixOS/nixpkgs/issues/210041
Only restart `systemd-udevd.service` if udev rules in `/etc/udev/rules`
actually changed. The paths of `services.udev.packages` may change
frequently but the resulting udev rules built by `udevRulesFor`
likely change less often.
This has the added benefit of not adding `services.udev.packages` to
the system closure if they are only used for their udev rules
(issue #308937).
This reverts commit 89eb93dc3f.
It broken setups where /etc/wpa_supplicant.conf is configured
imperatively and reloading of the service on configuration changes.
This reverts commit 2e702d07bb.
Segfaults during evaluation in yet-to-be-determined circumstances.
Investigation is ongoing, reverting for now to be safe.
Upstream issue: https://github.com/NixOS/nix/issues/11547
This reverts commit ac849e5658.
Nix 2.24 segfaults semi-randomly during evaluation on specific configs (?).
This commit prepares for another revert, putting the default back to 2.18.
Upstream issue: https://github.com/NixOS/nix/issues/11547
We mistakenly used a non-existing nginx variable for the X-Forwarded-Proto causing
the well-known redirect to return erroneous Location headers like:
Location: ://dav.example/dav
instead of the correct:
Location: https://dav.example/dav
Follow up to #342584.
Similarly to that PR, it is surprising that software which was installed by the user isn't available to a script run over ssm by default.
When executing commands with ssm, users will now have more predictable access to baked-in software instead of an extremely bare-minimum set currently there.
- Cleans up downstream systemd units in favour of using upstream units.
- Xen 4.18 on Nixpkgs now supports EFI booting, so we have an EFI boot
builder here that runs after systemd-boot-builder.py.
- Add more options for setting up dom0 resource limits.
- Adds options for the declarative configuration of oxenstored.
- Disables the automatic bridge configuration, as it was broken.
- Drops legacy BIOS boot
- Adds an EFI boot entry builder script.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
Co-authored-by: Yaroslav Bolyukin <iam@lach.pw>
