If a Python package does not come with either `format` or `pyproject` we
consider it a setuptools build, that calls `setup.py` directly, which is
deprecated.
This change, as a first step, migrates a large chunk of these packages to
set setuptools as their explicit format
This is so we can unify the problem space for the next step of the
migration.
Remove the major version from the unit name and add an alias for the old
dovecot2 name.
Then restricts what the dovecot service can do, which is very interesting
given that the unit runs as root and spawns less-privileged processes
from there.
Sourcehut went a year with no update in nixpkgs, the packages did not
build for months, the module has issues at runtime, one of the
maintainers stopped using NixOS entirely and the other two don't respond
to issues.
Upstream has since also deprecated the Arch Linux and Debian
repositories to install Sourcehut. The only official way that remains is
Alpine Linux on x86_64-linux.
This fixes postfix' membership in the postfix-tlspol group, since
memberships in a dynamically allocated group don't seem to work out.
Additionally this fixes a typo in the systemd hardening and the test now
prints the results of systemd-analyze security.
The new postgresql.target will now wait until recovery is done and
read/write connections are possible.
This allows ensure* scripts and downstream migrations to work properly
after recovery from backup.
Resolves#346886
This avoids restarting the postgresql server, when only ensureDatabases
or ensureUsers have been changed. It will also allow to properly wait
for recovery to finish later.
To wait for "postgresql is ready" in other services, we now provide a
postgresql.target.
Resolves#400018
Co-authored-by: Marcel <me@m4rc3l.de>
This will allow dropping the linuxPackages_ham variant. Fedora sets
these in their default kernel, so I don't anticipate any problem with
us doing the same.
Tested building linux_5_4, linux, and linux_latest on x86_64.
