Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Closes #198646
* The options `password`/`basicAuthPassword` were removed for
datasources in Grafana 9. The only option to declare them now is to use
`secureJsonData`.
* Fix description for contactPoints provisioning: when using file/env
providers, nothing will be leaked into the store.
* Fix regex in file-provider usage check: it's also possible to either
use `$__env{FOO}` or `$FOO` to fetch secrets from the environment.
* Fix warning for datasources: `password`/`basicAuthPassword` was
removed, also check for each setting in `secureJsonData` if
env/file-provider was used (then no warning is needed!).
|
|
|
|
|
|
The hack with `either` had the side-effect that the sub-options of the
submodule didn't appear in the manual. I decided to remove this because
the "migration" isn't that hard, you just need to fix some module
declarations.
However, `mkRenamedOptionModule` wouldn't work here because it'd create
a "virtual" option for the deprecated path (i.e.
`services.grafana.provision.{datasources,dashboards}`), but that's the
already a new option, i.e. the submodule for the new stuff.
To make sure that you still get errors, I implemented a small hack using
`coercedTo` which throws an error if a list is specified (as it would be
done on 22.05) which explains what to do instead to make the migration
easier.
Also, I linkified the options in the manual now to make it easier to
navigate between those.
|
|
This quote is not needed and shows up rendered in the manpage documenting this option.
|
|
gnome/at-spi2-core: also set GTK_A11Y when at-spi2-core is disabled
|
|
|
|
GTK 4 applications use accessibility bus directly
and will try to connect to it every time a widget is created:
https://gitlab.gnome.org/GNOME/gtk/-/issues/4831
This will make GTK 4 apps (e.g. newly ported Nautilus) grind
to a halt on systems that do not have AT-SPI service installed.
Let’s explicitly disable accessibility support with an environment
variable when the AT-SPI service is not enabled to avoid that.
Just like we do for ATK-based applications with `NO_AT_BRIDGE`.
Fixes: https://github.com/NixOS/nixpkgs/issues/197188
|
|
|
|
|
|
|
|
|
|
|
|
To allow for a reasonably fast deprecation of weak password hashing
schemes we provide an activation script that checks existing hashes in
/etc/shadow and issues a warning for user accounts that still rely on
deprecated hashes.
Co-Authored-By: oxalica <oxalicc@pm.me>
|
|
Instead rely on the default, which at this time is yescrypt.
|
|
nixos/alps: add hardening, extensible options, test
|
|
|
|
|
|
|
|
|
|
tmux: build with utempter
|
|
nixos-containers: Make sure same version of nixos-container is used
|
|
|
|
nixos/power-management: fix deadlock with post-resume.{target,service}
|
|
Removed by upstream in the recent v10 release.
|
|
ElvishJerricco/systemd-util-linux-path-stage-1-fix
nixos: Fix systemd stage 1 after #201266
|
|
nixos/zsh: don’t be noisy when scripts are run with -u
|
|
|
|
This commit fixes broken non-declarative configs by
making the assertions more relaxed.
It also allows to remove the forced configuration merge by making
`settings` `null`able (now the default).
Both cases (trivial non-declarative config and `null`able config) are
verified with additional tests.
Fixes #198665
|
|
|
|
|
|
This is an alternative to the reverted
d9b1bde390eb133a3da66c8abd902ea2b754938c, which broke systemd stage 1
|
|
This reverts commit d9b1bde390eb133a3da66c8abd902ea2b754938c.
|
|
|
|
nixos/nginx: fix default listen port options
|
|
|
|
nixos: Fix fsck with systemd 251.6 and later
|
|
|
|
|
|
Version 251.6 of systemd introduced a small change[1] that now checks
whether the fsck command is available in *addition* to the filesystem
specific fsck.$fsname executable.
When bumping systemd to version 251.7 on our side[2], we introduced that
change. This subsequently caused our "fsck" test to fail and it looks
like this was an oversight during the pull request[3] introducing the
bump.
Since the fsck wrapper binary is in util-linux, I decided to address
this by adding util-linux to fsPackages because util-linux is already
part of the closure of any NixOS system so the impact should be pretty
low.
[1]: https://github.com/systemd/systemd-stable/commit/73db7d99323c236625656f906eb4e429613d324b
[2]: https://github.com/NixOS/nixpkgs/commit/844a08cc06b5c0703ba37f2318ef5b7d90665d04
[3]: https://github.com/NixOS/nixpkgs/pull/199618
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
* Capitalize ACME
* Use bold instead of ALL CAPS
* Tweak sentence structure
|
|
This extra example would have saved me a lot of uncertainty and doubt.
|
|
nixos/pam: support fscrypt login protectors
|
|
|
|
php: enable `nts` flags by default
|
|
|
|
|