From hosts(5):
> For each host a single line should be present with the following
> information:
>
> IP_address canonical_hostname [aliases...]
With lines like "::1 localhost ahost.adomin ahost", we were saying
that the canonical name for "ahost" was "localhost", the opposite of a
canonical name. This is why a second loopback address (127.0.0.2) is
used for hostnames with IPv4 — if they were put after "localhost" on
the 127.0.0.1 line, the same thing would happen. With IPv6 we can't
do the same thing as there's only a single loopback address, so
instead the right thing to do is to simply not list the hostnames in
/etc/hosts, and rely on the myhostname NSS plugin, which will handle
this correctly.
(Note that the examples in hosts(5) also do not include IPv6 FQDN or
hostname entries.)
The newer runTest handler uses a single nixpkgs instance to eval all the
specialisations, reducing the memory usage and eval time of the test
drastically compared to handleTest which creates a new nixpkgs instance
for every specialisation.
After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.
Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.
A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.
This commit was automatically created and can be verified using
nix-build a08b3a4d19.tar.gz \
--argstr baseRev b32a094368
result/bin/apply-formatting $NIXPKGS_PATH
After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.
Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.
A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.
This commit was automatically created and can be verified using
nix-build a08b3a4d19.tar.gz \
--argstr baseRev 78e9caf153
result/bin/apply-formatting $NIXPKGS_PATH
The backup module is part of the default integrations and as such it will
always be loaded. Replace it with the prometheus module, for which this
is probably unlikely to ever become the case.
When sending SIGHUP to hass it will exit with code 100, which is the
codified exit code to trigger a restart. This is useful, because it can
allow triggering a restart from within the frontend.
It was previously assumed that it would result in a reload, which would
keep the same interpreter process intact. That is not the case and so the
assumption that the PID would stay the same was flawed and only succeeded
due to race conditions.
Caddy usually expects just a hostname without scheme to do its automatic
HTTPS. It is possible to get the old behavior (only HTTP) by setting
`services.caddy.virtualHosts.<host>.hostName`.
First, `stop network-addresses-X` should clean up the addresses without deleting the interfaces. And only `stop tap0-netdev` should fully delete the interfaces.
Signed-off-by: Egor Savkin <es@m-labs.hk>
This code is mostly from #279629, the uninvoled client checks were removed (since they are the same as the direct connection to the client test) and the tests were adjusted to work as intended as well as bugs fixed.
In some cases, some tests are skipped when they do not make sense for the specific configuration that is being tested.
The validity period for TRCs cannot be set to an rfc3339 date, only an
offset from the current system time, which if set to 3650d rather than
36500d will still give us quite a long time before it becomes invalid,
which is acceptable for the time being.
This makes timestamps and cert expiry less of a spurious issue in VM
Tests, and in CI/Hydra, by hardcoding large values, and allowing certs
to begin at 0 seconds from UNIX epoch time
Add an option for shell script fragments that are ran before switching
to a new NixOS system configuration (pre installation of bootloader or
system activation). Also add a new subcommand for
switch-to-configuration called "check" that will cause the program to
always exit after checks are ran.
This option replaces the active runtime manifest in the user directory.
Games running through Steam's Pressure Vessel cannot read /etc so
forcefully overriding the file every time the service starts, will allow
those games to use Monado.
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
Currently, it is not possible to configure `apps.plugin` via NixOS
option `services.netdata.configDir."apps_groups.conf"`. This is because
`apps.plugin` explicitly does not follow symbolic links when reading its
configuration from apps_groups.conf[^ref].
This change will copy that file instead of symlinking to address this.
Fixes#255161
[^ref]: 3849e70f93/src/collectors/apps.plugin/apps_plugin.c (L679)
GNU sed's man page has this to say about "-i":
Because -i takes an optional argument, it should not be followed by
other short options:
[..]
sed -iE '...' FILE
This is equivalent to --in-place=E, creating FILEE as backup of FILE
This means all "-iX" did not have the intended effect X, so we can
instead remove them.
The refactoring parallelizes preliminary tasks like the node start and
import of the pause image to speed up execution of the test. It also
uniforms the usage of extraFlags for all nodes.
PostgreSQL with JIT support enabled doesn't work with plv8. Hence, we'd
get an evaluation failure for each
`nixosTests.postgresql.postgresql.postgresql_jit_X`.
This should be restructured in the future (less VM tests for custom
extensions, but a single VM test for this case to cover). For now, we
should get this fix out and this is a good-enough approach.
The plv8 plugin requires access to pkey syscalls. The execution will
crash hard when it is not allowed by the syscall filter.
Co-Authored-By: Jan Tojnar <jtojnar@gmail.com>
This will be EOL at the end of November, so there's little reason to
keep it in 24.11[1]. As discussed, we'd like to keep it for as long as
possible to make sure there's a state in nixpkgs that has the latest
minor of postgresql_12 available with the most recent CVEs fixed for
people who cannot upgrade[2].
This aspect has been made explicit in the manual now for the next .11
release.
During the discussions it has been brought up that if people just do
`services.postgresql.enable = true;` and let the code decide the
postgresql version based on `system.stateVersion`, there's a chance that
such EOL dates will be missed. To make this harder, a warning will now
be raised when using the stateVersion-condition and the oldest still
available major is selected.
Additionally regrouped the postgresql things in the release notes to
make sure these are all shown consecutively. Otherwise it's a little
hard to keep track of all the changes made to postgresql in 24.11.
[1] https://endoflife.date/postgresql
[2] https://github.com/NixOS/nixpkgs/pull/353158#issuecomment-2453056692
The test previously violated the Kubernetes version skew policy by
deploying a kubelet of hte most recent version in a cluster with an
older apiserver.
