Limit the resources Bazel is allowed to use during the build to 1/2 the
available RAM and 3/4 the available CPU cores. This should help avoid
overwhelming the build machine.
This breaks the Nextcloud vhost declaration when adding e.g. another
vhost as the `services.nginx.virtualHosts` option has `{ nextcloud =
...; }` as *default* value which will be replaced by another
`virtualHosts`-declaration with a higher (e.g. the default) priority.
The following cases are now supported & covered by the module:
* `nginx` is enabled with `nextcloud` enabled and other vhosts can be
added / other options can be declared without having to care
about the declaration's priority.
* Settings in the `nextcloud`-vhost in `nginx` have to be altered using
`mkForce` as this is the only way how we officially support `nginx`
for `nextcloud` and customizations have to be done explicitly using
`mkForce`.
* `nginx` will be completely omitted if a user enables nextcloud
and disables nginx using `services.nginx.enable = false;`. (because
nginx will be enabled by this module using `mkDefault`).
This reverts commit 128dbb31cc.
Closes#95259
nginx -t not only verifies configuration, but also creates (and chowns)
files. When the `nginx-config-reload` service is used, this can cause
directories to be chowned to `root`, causing nginx to fail.
This moves the nginx -t command into a second ExecReload command, which
runs as nginx's user. While fixing above issue, this will also cause the
configuration to be verified when running `systemctl reload nginx`, not
only when restarting the dummy `nginx-config-reload` unit. The latter is
mostly a workaround for missing features in our activation script
anyways.
Meson allows projects to set `build_rpath` property, containing paths
that will be added during build but will be removed when installing.
When Meson removes build_rpath from `DT_RUNPATH` entry, it just writes
the shorter ␀-terminated new rpath over the old one to reduce
the risk of potentially breaking the ELF files
(when the linker does string de-duplication or something).
But this can cause much bigger problem for Nix, as it can produce
cut-in-half-by-␀ store path references.
For example, in systemd’s libudev, it was removing three `$ORIGIN`-relative paths from
$ORIGIN/../libsystemd:$ORIGIN/../basic:$ORIGIN/../shared:…␀
resulting in the following `DT_RUNPATH` entry:
…␀store/v589pqjhvxrj73g3r0xb41yr84z5pwb7-gcc-9.3.0-lib/lib␀
We previously handled this in `fix-rpath.patch` but the method we prevent
Meson from removing paths added to rpath through `NIX_LDFLAGS` was changed
during 0.55.0 update and I forgot about this second purpose of the patch.
Let’s re-add this clearing code, as it worked without issues for a long time.