This reverts commit ac849e5658.
Nix 2.24 segfaults semi-randomly during evaluation on specific configs (?).
This commit prepares for another revert, putting the default back to 2.18.
Upstream issue: https://github.com/NixOS/nix/issues/11547
We mistakenly used a non-existing nginx variable for the X-Forwarded-Proto causing
the well-known redirect to return erroneous Location headers like:
Location: ://dav.example/dav
instead of the correct:
Location: https://dav.example/dav
Follow up to #342584.
Similarly to that PR, it is surprising that software which was installed by the user isn't available to a script run over ssm by default.
When executing commands with ssm, users will now have more predictable access to baked-in software instead of an extremely bare-minimum set currently there.
- Cleans up downstream systemd units in favour of using upstream units.
- Xen 4.18 on Nixpkgs now supports EFI booting, so we have an EFI boot
builder here that runs after systemd-boot-builder.py.
- Add more options for setting up dom0 resource limits.
- Adds options for the declarative configuration of oxenstored.
- Disables the automatic bridge configuration, as it was broken.
- Drops legacy BIOS boot
- Adds an EFI boot entry builder script.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
Co-authored-by: Yaroslav Bolyukin <iam@lach.pw>
It is surprising that software which was installed by the user at AMI
generation time isn't available to a script run over user data by
default.
When authoring user data to execute at startup, users will now have
more predictable access to baked-in software instead of an extremely
bare-minimum set currently there.
The current default, 7, is, to put it nicely, absolutely ridiculous.
On 2.4 GHz, the only channels you should use are 1, 6 and 11, because
every other channel overlaps one of those and causes interference.
On 5/6 GHz, channel 7 does not exist at all.
Also, it's 2024, most things will support automatic channel selection,
and those that don't will likely need extra care to support prehistoric
hardware anyway.
Using zfs.latestCompatibleLinuxPackages can result in downgrades to the kernel on a system, potentially causing breakage.
This breakage may not be apparent during build and switch, but only after attempting to reboot into the updated generation.
By forcing users to explicitly manage their kernel version, we can ensure that the breakage will be apparent at build time instead.
- add `wait_until_tty_matches` to wait for tty login screen before
sending "root\n" to log in
- add `-4` to `ssh-keyscan` to force using IPv4, without it command
returns exit code 1 with no output