In the case that the user wants to provide a custom data directory, we
need to grant `ReadWritePaths` for that directory. Previously this would
not happen when `/var/lib/postgresql` was used, because the condition
was not in fact checking for the default data directory, creating a gap
in then if-else scenario.
Fixes: #371680
(cherry picked from commit 4d0f802848)
Since matomo-5.2.0, the config.php.ini is already created when first
accessing the installer page without completing it. This breaks our
discovery of whether to run database migrations.
Attempting to run DB migrations without provided database credentials
causes a crash -> causing matomo-setup-update.service to fail -> causing
phpfpm-matomo.service to fail.
(cherry picked from commit 10f670ab7e)
ProcSubset protection blocks faster-whisper from parsing /proc/cpuinfo
This results in a fallback to a suboptimal processing method, causing
processing times to be unnecessarily long
(cherry picked from commit d9ff154b74)
Fix the regression between NixOS 24.05 and 24.11 where using dhcpcd
(e.g. networking.useDHCP) and systemd-resolved
(services.resolved.enable) result in no "search" entry getting added to
/etc/resolv.conf, and dhcpcd logging the following error:
$ systemctl status dhcpcd
[...] dhcpcd[2896]: Failed to set DNS configuration: Interactive authentication required.
Fix it by adding a polkit rule that gives the required permissions to
the 'dhcpcd' user to manipulate resolved. The rule was made by using
polkit logging and allowing each action.id until the above error went
away, and /etc/resolv.conf got the correct search entry.
(cherry picked from commit cc5645c6e0)
When the cache is stale, homepage-dashboard serves bad data (UI lacks
styling etc.). This issue happens at least on homepage-dashboard version
upgrades.
Fixes https://github.com/NixOS/nixpkgs/issues/346016.
(cherry picked from commit 58f12ee8a6)
I thought HOMEPAGE_CACHE_DIR was an upstream env var, and it confused me
a lot. Let's prefix it with NIXPKGS_ to make it clear that it's nixpkgs
specific.
(cherry picked from commit be0fda6511)
The ALSA module was essentially removed in 3eeff547, with the main
motivation of avoiding confusion as to what `sound.enable` really meant.
As that could be achieved with a simple rename, this change brings back
the module in full force under the `hardware.alsa` namespace (with clear
beware signs for the pulse and pipewire folks) and adds a lot of useful
extra features. These include
- `defaultDevice` to set the default playback and capture devices
- `cardAliases`,`deviceAliases` to assign meaningful names to sound cards
and devices (instead of say, `hw:0,1`)
- `controls` to create virtual volume controls
- `enableRecorder` to easily configure a loopback device to record
the computer audio
- fixes to the udev restore rules
(cherry picked from commit c8a84a01d5)
