For the same reason Alertmanager supports environmentFile to pass
secrets along, it is useful to support the same for Prometheus'
configuration to store bearer tokens outside the Nix store.
These were broken since 2016:
f0367da7d1
since StartLimitIntervalSec got moved into [Unit] from [Service].
StartLimitBurst has also been moved accordingly, so let's fix that one
too.
NixOS systems have been producing logs such as:
/nix/store/wf98r55aszi1bkmln1lvdbp7znsfr70i-unit-caddy.service/caddy.service:31:
Unknown key name 'StartLimitIntervalSec' in section 'Service', ignoring.
I have also removed some unnecessary duplication in units disabling
rate limiting since setting either interval or burst to zero disables it
(ad16158c10/src/basic/ratelimit.c (L16))
* nixos/postgresql: fix inaccurate docs for authentication
We actually use peer authentication, then md5 based authentication.
trust is not used.
* Use a link for mkForce docs
Co-authored-by: aszlig <aszlig@redmoonstudios.org>
Co-authored-by: lf- <lf-@users.noreply.github.com>
Co-authored-by: aszlig <aszlig@redmoonstudios.org>
This improves on the previous verison of this script.
Previously it only accepted one attr, and required
explicit passing of the "broken" value.
This script is meant to be used to mark failing hydra builds as broken in the meta attrs
To use the script, you should pass the list of failing attrs as arguments to the script.
Example: `cat failing-attrs | xargs ./pkgs/common-update/scripts/mark-broken`
Generating a list of failing attrs: (this should be improved at a later date)
- Go to the most recent hydra evaluation with all builds completed
- Select the "builds still failing" tab
- Highlight and select all packages, should be prefixed with `nixpkgs.`
- Use regex and editor foo to leave only the attr names
- Use the above example command to then execute the script
OTHER NOTES:
- The `denyFileList` and `denyAttrList` will likely need to be updated slightly
to align with the conventions used in nixpkgs at execution time
- Any attrs which failed for any reason will be written to `failed-marks.txt`.
Those attrs will likely need manual attention as disablement will likely be conditional.
Use of Tailscale requires using the `tailscale` CLI to talk to the
daemon. If the CLI isn't in systemPackages, the resulting user experience
is confusing as the Tailscale daemon does nothing.
Signed-off-by: David Anderson <dave@natulte.net>
