Account for all `with*` options causing their respective unit files to
not be built, just like the current code `withCryptsetup` already does.
This fixes build errors like the following:
```
missing /nix/store/5fafsfms64fn3ywv274ky7arhm9yq2if-systemd-250.4/example/systemd/system/systemd-importd.service
error: builder for '/nix/store/67rdli5q5akzwmqgf8q0a1yp76jgr0px-system-units.drv' failed with exit code 1
```
Found by using a customised systemd package as follows:
```
systemd.package = pkgs.systemd-small;
nixpkgs.config.packageOverrides = pkgs: {
"systemd-small" = pkgs.systemd.override {
withImportd = false;
withMachined = false;
...
};
};
```
verbose is a debugging setting one step noisier than debug and should only be turned on when debugging because it leaks quite some credentials and tokens in the journalctl.
we expose it under settings instead of at the listener toplevel because
mosquitto seems to pick the addresses it will listen on
nondeterministically from the set of addresses configured on the
interface being bound to. encouraging its use by putting it into the
toplevel options for a listener seems inadvisable.
The Ruby gem `minimagick` is used to export Gant diagrams as PNG.
However, minimagick can't find a font and Redmine throws an error. The
setting `minimagick_font_path` allows configuring a path to a font file
in the Redmine configuration. Thus, add the option
`services.redmine.components.minimagick_font_path` allowing to do that.
Also, add an assertion to check if
`services.redmine.components.minimagick_font_path` is set when
imagemagick is enabled.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
For completeness, configure the setting `imagemagick_convert_command` in
the Redmine configuration file.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Ghostscript is needed to export Gant diagrams as PDF. Thus, add the
option `services.redmine.components.ghostscript` allowing to enable or
disable the component. The component is disabled by default. Enabling
the option will add Ghostscript to the Redmine environment and configure
the setting `gs_command` in the Redmine configuration file.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
Currently, optional components and integrations of Redmine are enforced
to install in NixOS. Thus, add the following options allowing the users
to enable or disable the components. They are disabled by default.
Enabling these options will add their package to the Redmine environment
and will configure their specific setting in the Redmine configuration
file.
* services.redmine.components.subversion
* services.redmine.components.mercurial
* services.redmine.components.git
* services.redmine.components.cvs
* services.redmine.components.breezy
* services.redmine.components.imagemagick
Signed-off-by: Felix Singer <felixsinger@posteo.net>
The old attribute is deprecated:
trace: warning: In test `chromium-stable': The `machine' attribute in NixOS
tests (pkgs.nixosTest / make-test-pyton.nix / testing-python.nix / makeTest) is
deprecated. Please use the equivalent `nodes.machine'.
Note: This is only a refactoring.
darcs support was dropped with Redmine 4.0.0. Thus, drop the darcs
integration.
For more information, see https://www.redmine.org/issues/26391.
Signed-off-by: Felix Singer <felixsinger@posteo.net>
* Add an option services.nextcloud.nginx.hstsMaxAge for setting the max-age
directive of the Strict-Transport-Security HTTP header.
* Make the Strict-Transport-Security HTTP header in the Nginx virtualhost block
dependant upon the option services.nextcloud.https instead of
services.nextcloud.nginx.recommendedHttpHeaders, as this header makes no sense
when not using HTTPS. (Closes#169465)
This should be a significant disk space saving for most NixOS
installations. This method is a bit more complicated than doing it in
the postInstall for the firmware derivations, but this way it's
automatic, so each firmware package doesn't have to separately
implement its compression.
Currently, only xz compression is supported, but it's likely that
future versions of Linux will additionally support zstd, so I've
written the code in such a way that it would be very easy to implement
zstd compression for those kernels when they arrive, falling back to
xz for older (current) kernels.
I chose the highest possible level of compression (xz -9) because even
at this level, decompression time is negligible. Here's how long it took
to decompress every firmware file my laptop uses:
i915/kbl_dmc_ver1_04.bin 2ms
regulatory.db 4ms
regulatory.db.p7s 3ms
iwlwifi-7265D-29.ucode 62ms
9d71-GOOGLE-EVEMAX-0-tplg.bin 22ms
intel/dsp_fw_kbl.bin 65ms
dsp_lib_dsm_core_spt_release.bin 6ms
intel/ibt-hw-37.8.10-fw-22.50.19.14.f.bseq 7ms
And since booting NixOS is a parallel process, it's unlikely (but
difficult to measure) that the time to user interaction was held up at
all by most of these.
Fixes (partially?) #148197
