We default this option to null ; which is different
from upstream which defaults this to true.
Defaulting this to true leads to log-spam in /dev/kmesg
and thus in our opinion is a bad default https://github.com/systemd/systemd/issues/15324
(cherry picked from commit ff78e34e0b)
This fixes a regression introduced in #348792, where the option type was
changed from list to string. This commit reverts the type back to list.
Fixes#352188Closes#352193
(cherry picked from commit 40e7344388)
Last year the initrd sshd broke due to an openssh update which looked
innocent enough (the change that broke the initrd was mentioned in the
changelog, but you'd be forgiven for not making the connection):
- https://github.com/NixOS/nixpkgs/pull/323753
- https://github.com/NixOS/nixpkgs/pull/323796
Hopefully this won't happen again, the initrd test has been added to
passthru.tests for openssh since:
https://github.com/NixOS/nixpkgs/pull/356190
However, it is probably best to also have such an issue block the
channel. The ssh initrd is probably almost exclusively used on
remote machines where it is really bad when the initrd sshd
doesn't come up since it is used to unlock an encrypted volume
or similar, so it'd be stuck in initrd indefinitely. Also,
for such systems it is usually very difficult to impossible
to easily choose a different generation to boot into via
the boot loader.
(cherry picked from commit bba6b37c9d)
Fixes this eval warning:
evaluation warning: The option `services.hound.config' defined in `makeTest parameters' has been changed to `services.hound.settings' that has a different type. Please read `services.hound.settings' documentation and update your configuration accordingly.
(cherry picked from commit 5555b70e30)
I expect config changes to be observable in the running service after
`sudo nixos-rebuild switch`. hound doesn't seem to support *reload*, so
use restart instead.
(cherry picked from commit 56bfc5782d)
- change text in `wait_for_console_text` to prevent sending curl with
pairing response before moonlight can accept it
- remove "close moonlight" step as next window stays on top in
fullscreen, previous window with pairing result does not interfere
with test. Otherwise it needs OCR or some other way to only do
`send_key("kp_enter")` after "Pairing complete" window is visible.
- add different ways to increase chances of successfull OCR: hide icewm
panel, gxmessage window takes full screen without titlebar or buttons,
black background, white foreground, consolas font,"ABC" text
- add `wait_for_console_text` to only run OCR after window is visible
(cherry picked from commit 46abca2b83)
In the case that the user wants to provide a custom data directory, we
need to grant `ReadWritePaths` for that directory. Previously this would
not happen when `/var/lib/postgresql` was used, because the condition
was not in fact checking for the default data directory, creating a gap
in then if-else scenario.
Fixes: #371680
(cherry picked from commit 4d0f802848)
server_url check [has been loosened upstream][1] and backported to
NixOS[2]. The new, much looser check, is not practical to be implemented
in Nix (you are welcome to give it a try; I've implemented the original
one).
Since the surface area is much smaller now (and the scenario much less
common), I think we can remove this assertion altogether.
[1]: https://github.com/juanfont/headscale/pull/2248
[2]: https://github.com/NixOS/nixpkgs/pull/358255
(cherry picked from commit de0a499a56)
