Putting an include directive in the configuration file referencing a
store path with the real configuration file has the disavantage that
once we change the real configuration file the store path is also a
different one.
So we would have to replace that include directive with the new
configuration file, which is very much error-prone, because whenever
taskd modifies the configuration file on its own it generates a new one
with *only* the key/value options and without any include directives.
Another problem is that we only added the include directive on the first
initalization, so whenever there is *any* configuration change, it won't
affect anything.
We're now passing all the configuration options via command line,
because taskd treats everything in the form of --<name>=<value> to be a
configuration directive.
This also has the effect that we now no longer have extraConfig, because
configuration isn't a file anymore.
Instead we now have an attribute set that is mapped down to
configuration options.
Unfortunately this isn't so easy with the way taskd is configured,
because there is an option called "server" and also other options like
"server.cert", "server.key" and so on, which do not map very well to
attribute sets.
So we have an exception for the "server" option, which is now called
"server.listen", because it specifies the listening address.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #22705
The helper tool so far was only intended for use in automatic PKI
handling, but it also is very useful if you have an existing CA.
One of the main advantages is that you don't need to specify the data
directory anymore and the right permissions are also handled as well.
Another advantage is that we now have an uniform management tool for
both automatic and manual config, so the documentation in the NixOS
manual now applies to the manual PKI config as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The error message displays that a specific user doesn't exist in an
organisation, but uses the User object's name attribute to show which
user it was.
This is basically a very stupid chicken and egg problem and easily fixed
by using the user name provided on the command line.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
A long-time issue and one of the reasons I've never used that function
before. So let's remove that todo-comment and escape the contents
properly.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @edolstra
Fixes this:
$ gscriptor
Can't load '/nix/store/17w6hdwbli924v7d43xxxp66qhgqpc24-perl-Pango-1.227/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/auto/Pango/Pango.so' for module Pango: /nix/store/17w6hdwbli924v7d43xxxp66qhgqpc24-perl-Pango-1.227/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/auto/Pango/Pango.so: undefined symbol: cairo_font_type_to_sv at /nix/store/5z1wn7knhckr3a0asb8lzp99sdai09f2-perl-5.22.2/lib/perl5/5.22.2/x86_64-linux-thread-multi/DynaLoader.pm line 193.
at /nix/store/srdac7af3nz6fb74haa8l8ls9wd9pas0-perl-Gtk2-1.2498/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/Gtk2.pm line 31.
Compilation failed in require at /nix/store/srdac7af3nz6fb74haa8l8ls9wd9pas0-perl-Gtk2-1.2498/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/Gtk2.pm line 31.
BEGIN failed--compilation aborted at /nix/store/srdac7af3nz6fb74haa8l8ls9wd9pas0-perl-Gtk2-1.2498/lib/perl5/site_perl/5.22.2/x86_64-linux-thread-multi/Gtk2.pm line 31.
Compilation failed in require at /nix/store/sgy2xsyvmam09pl25x8gb507gyiz9ybn-pcsc-tools-1.4.25/bin/.gscriptor-wrapped line 28.
BEGIN failed--compilation aborted at /nix/store/sgy2xsyvmam09pl25x8gb507gyiz9ybn-pcsc-tools-1.4.25/bin/.gscriptor-wrapped line 28.
Since the bonds interface changed to a lot more possible values we create a
mapping of kernel bond attribute names and values to networkd attributes.
Those match for the most part, but have to transformed slightly.
There is also an assert that unknown options won’t slip through silently.
Until now the four attributes available very selectively provided a small
subset, while copying upstream documentation.
We make driver options an arbitrary key-value set and point to kernel
documentation, which is always up-to-date. This way every option can be set.
The four already existing options are deprecated with a warning.
Scrapy is usually installed via pip where copying all permissions
makes sense. In Nix the files copied are owned by root and
readonly. As a consequence scrapy can't edit the project templates so
scrapy startproject
fails.
The initialization code is now a systemd service that explicitly
waits for network-online, so the occasional failure I was seeing
because the `nixos-rebuild` couldn't get anything from the binary
cache should stop. I hope!