In the default configuration we have timers for creating and deleting
snapper snapshots, and it looks like if we just create configs with
correct mountpoints we will get automatic snapshots (which either
used to be true, or seems to be only true on Archlinux according to
their wiki). In default snapper configuration TIMELINE_CREATE and
TIMELINE_CLEANUP are set to "no", so just providing configs won't
be enough for having automatic backups, which are the main usecase
for snapper. In other linux distributions you would use `snapper
create-config` to generate configs for partitions and you'd have a
chance to notice that TIMELINE_CREATE is set to no. Also, my guess is
that it might be set to no by default for safety reasons in regular distros,
so that the config won't be actioned upon until the user finishes
customizing it.
If the machine is powered off when the zpool-trim timer is supposed to
trigger (usually around midnight) then the timer will be skipped
outright in favor of the next instance.
For desktop systems which are usually powered off at this time, zpool
trimming will never be run which can degrade SSD performance.
By marking the timer as `Persistent = yes` we ensure that it will run at
the first possible opportunity after the trigger date is reached.
Minimal ISO:
1m21 -> 2m25
625M -> 617M
Plasma5 ISO:
2m45 -> 5m18
1.4G -> 1.3G
Decompression speed stays about the same. It's just a few seconds for the whole
image anyways and, with that kind of speed, you're going to be bottlenecked by
IO long before the CPU.
The socketActivation option was removed, but later on socket activation
was added back without the option to disable it. The description now reflects
that socket activation is used unconditionally in the current setup.
Added JWT_SECRET and INTERNAL_TOKEN to be persistent, like SECRET_KEY and LFS_JWT_SECRET do. Also renamed some vars belonging to SECRET_KEY and LFS_JWT_SECRET to get a consistent naming scheme over all secrets.
Previously the Docker daemon was started by systemd socket activation.
Thus, the Docker test waited for the sockets.target unit.
But when the docker module was changed to start the Docker daemon at
boot instead of by socket activation, the test was left untouched.
With the Docker 20.10 update this lead to a timing issue, where the
docker command is run before the Docker daemon has started and hangs.
Fixes#109416
The comment at the top of git-and-tools/default.nix said:
/* All git-relates tools live here, in a separate attribute set so that users
* can get a fast overview over what's available.
but unfortunately that hasn't actually held up in practice.
Git-related packages have continued to be added to the top level, or
into gitAndTools, or sometimes both, basically at random, so having
gitAndTools is just confusing. In fact, until I looked as part of
working on getting rid of gitAndTools, one program (ydiff) was
packaged twice independently, once in gitAndTools and once at the top
level (I fixed this in 98c3490196).
So I think it's for the best if we move away from gitAndTools, and
just put all the packages it previously contained at the top level.
I've implemented this here by just making gitAndTools an alias for the
top level -- this saves having loads of lines in aliases.nix. This
means that people can keep referring to gitAndTools in their
configuration, but it won't be allowed to be used within Nixpkgs, and
it won't be presented to new users by e.g. nix search.
The only other change here that I'm aware of is that
appendToName "minimal" is not longer called on the default git
package, because doing that would have necessitated having a private
gitBase variable like before. I think it makes more sense not to do
that anyway, and reserve the "minimal" suffix only for gitMinimal.
Now that smtp_tls_security_level is using mkDefault, and therefore can
be overridden, there's no need for an option for overriding it to a
specific value.
I run Postfix on my workstation as a smarthost, where it only ever
talks to my SMTP server. Because I know it'll only ever connect to
this server, and because I know this server supports TLS, I'd like to
set smtp_tls_security_level to "encrypt" so Postfix won't fall back to
an unencrypted connection.