Before the argument to mediagoblin-gmg would be passed to the actual command
and the rest to sh which is obviously nonsense.
(cherry picked from commit dd63ca898e)
Prevent the specialisation names from containing a forward slash.
Also escape them to allow for spaces in specialisation names.
(cherry picked from commit 2b9fc0ccc5)
In 0.15.1 frigate has a logic error that makes it not ensure the model
cache dir exists before using it.
A workaround has been committed for newer versions, so we can drop this
on the next release.
Fixes: #402813
(cherry picked from commit a74a23885d)
This avoids paths in the top-level file getting out-of-sync, because the
.editorconfig files would be moved together with the files they target.
(cherry picked from commit c8d2eca963)
GitLab 17.11 started using rails activeRecord encryption for some values.
Introduce new key files.
For the future there should also be an option to set multiple activeRecord
keys for rotation.
(manual backport from a95a530883 with diff behavior)
qcluster won't be happy if it's started before the database migrations
have been run.
12:25:47 [Q] ERROR Failed to pull task from broker
Traceback (most recent call last):
File "/nix/store/w5ndmidmkiy02vvgl7cxx1fkzc1pichg-python3-3.12.9-env/lib/python3.12/site-packages/django/db/backends/utils.py", line 89, in _execute
return self.cursor.execute(sql, params)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/nix/store/w5ndmidmkiy02vvgl7cxx1fkzc1pichg-python3-3.12.9-env/lib/python3.12/site-packages/django/db/backends/sqlite3/base.py", line 328, in execute
return super().execute(query, params)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
sqlite3.OperationalError: no such table: django_q_ormq
(cherry picked from commit afdbf499ac)
There should be no need to add custom components without YAML configuration to
extraComponents for systemd service modifications to become effective (e.g.
serial access).
(cherry picked from commit 44dd157b6f)
docker-registry.service has a `After` dependency on gitlab-registry-cert.
On the first start, docker-registry.service fails to start as it already
runs when gitlab-registry-cert.service starts up, and not when it finished.
(cherry picked from commit 50fc446be1)
immich appears to create this directory with permissions 0755 by
default, which needlessly exposes user data to other processes.
(cherry picked from commit fd21ef2a65)
The manpage of dhcpcd says:
>If any interface reports a working carrier then dhcpcd will try to
>obtain a lease before forking to the background, otherwise it will fork
>right away.
(cherry picked from commit b25b9e656a)
Follow-up on #169733
For `data`, Nextcloud checks on its own if everything is readable.
However, for `config` it's crucial that the ownership is actually
correct: otherwise, systemd-tmpfiles will refuse any operations inside
because of unsafe path transitions.
This can result in a subtly broken setup by the `override.config.php`
not being updated, but also not part of the system closure anymore
(another override.config.php is referenced now) which means it'll be
GCed eventually even though Nextcloud relies on it.
If this precondition is not met, the following error will be printed:
nextcloud-setup-start[972]: /var/lib/nextcloud/config is not owned by user 'nextcloud'!
nextcloud-setup-start[972]: Please check the logs via 'journalctl -u systemd-tmpfiles-setup'
nextcloud-setup-start[972]: and make sure there are no unsafe path transitions.
nextcloud-setup-start[972]: (https://nixos.org/manual/nixos/stable/#module-services-nextcloud-pitfalls-during-upgrade)
(cherry picked from commit 39dcdc5c9b)
Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:
nix-build ci -A fmt.check
This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).
This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).
Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).
If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
(branch-equivalent to commit 374e6bcc40)
By default, systemd-repart refuses to act on empty disk devices, i.e.
those without any existing partition table for safety reasons.
This behaviour can be customized via the `--empty` flag, which we now
expose via the module system. This makes to partition empty disks
on first boot.
(cherry picked from commit d2cadf484c)
Ensures the Flarum service automatically restarts when its package is updated, preventing stale instances from running after upgrades.
(cherry picked from commit 8125e281fd)
