before:
- /var/run/memcached is a bad default for a socket path, since its
parent directory must be writeable by memcached.
- Socket directory was not created by the module itself -> this was
left as a burden to the user?
- Having a static uid with a dynamic user name is not very useful.
after:
- Replace services.memcached.socket by a boolean flag. This simplifies
our code, since we do not have to check if the user specifies a
path with a parent directory that should be owned by memcached
(/run/memcached/memcached.sock -> /run/memcached).
- Remove fixed uid/gid allocation. The only file ever owned by the
daemon is the socket that will be recreated on every start.
Therefore user and group ids do not need to be static.
- only create the memcached user, if the user has not specified a
different one. The major use case for changing option is to allow
existing services (such as php-fpm) opening the local unix socket.
If we would unconditionally create a user that option would be
useless.
apps.plugin requires capabilities for full process monitoring. with
1.9.0, netdata allows multiple directories to search for plugins and the
setuid directory can be specified here.
the module is backwards compatible with older configs. a test is
included that verifies data gathering for the elevated privileges. one
additional attribute is added to make configuration more generic than
including configuration in string form.
Instead of polluting the environment with environment variables which
are inherited by processes spawned from awesome, use the command line
argument "--search" to add things to the search path.
cc #33169
This enables znapzend users to specify its full configuration through
NixOS options, without ever needing to use the stateful `znapzendzetup`
command.
This works by running znapzendzetup with the specified config in
ExecPre, just before the znapzend daemon is started.
There is also the `pure` option which will clear all previous znapzend setups,
making it as stateless as can get, as only the setup declared in
configuration.nix will be persisted.
This makes the commonHook option work also for (read-only) Nix store
paths. Currently it fails on the second activation, because the
destination is read-only.
(originally from f9415cb621)
feh is used to set background image for desktop managers that do not
support it directly, however there is no need to include it in PATH.
Fixes#17450.
Now there are separate `xfce4.xfce4mixer_pulse` and `xfce4.xfcevolumed_pulse` attributes for PulseAudio versions of these packages, instead of relying on Nixpkgs option. Mind that xfce4-volumed and xfce4-volumed-pulse are actually two separate programs without much overlap.
* Add options:
- enable
- davUser (default: "davfs2")
- davGroup (default: "davfs2)
* Add davfs2 user or group if they are not specified in the
configuration
In commit ec9dc73 restarting NetworkManager after resume from
suspend/hibernate was introduced.
When I initially switch to NixOS I started noticing a high delay between
wakeup and re-connecting to WiFi & wired networks. The delay increased
from a few seconds (on my previous distro, same software stack) to
almost half a minute with NixOS.
I (locally) applied the change in this commit a few weeks ago and tested
since then. The notebook/mobile device experience has improved a lot.
Reconnects are as before switching to NixOS.
Issue #24401 could be related to this. Since I am not using KDE/plasma5
I can only guess…
These packages will be placed into an environment using
`backendsToPackages`. This function explicitly maps backends to
`pkgs.nodePackages.${type}` unless it's a builtin. This ensures that only
valid backends that work on NixOS are used (if not, the build already
breaks at evaluation time).
The log will be redirected to `stdout` to be able to watch the entire
output using `journalctl`.
Configuration parameters for the backends need to be set using
`services.statsd.extraConfig` as each backend has its own options and
all of them shouldn't be validated and checked explicitly and manually.
Tunnel configuration has no member named "host" - i2pd does but it's called "address" in the options. As a result, no tunnel configuration is generated.
* Fix attribute check in inTunnels
* Fix integer to string coercion in inTunnels
* Add destinationPort option for outTunnels
Added the boolean option:
networking.networkmanager.enableStrongSwan
which enables the networkmanager_strongswan plugin and adds
strongswanNM to the dbus packages.
This was contributed by @wucke13, @eqyiel and @globin.
Fixes: #29873
There are security fixes in multiple packages /cc #32117,
so I'm merging a little earlier, with a few thousand jobs
still not finished on Hydra for x86_64-darwin and aarch64-linux.