- Introduce more possible options by using the krb format generator.
- Enforce package choice is using a correct package.
- Use meta attribute to decide implementation, allows for overriding the
package.
- Make necessary changes to the format, to allow for multiple ACL files in
heimdal.
- Add systemd target and slice for both implementations.
- Move state to `/var/lib`
- Add documentation
This reverts commit e827697fd3.
This seems to cause various issues during system activation, as reported
in https://github.com/NixOS/nixpkgs/issues/302771 for example.
Due to being close to branchoff, revert this for now.
We'll open a tracking issue to collect and sort out remaining issues.
these changes were generated with nixq 0.0.2, by running
nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix
two mentions of the mdDoc function remain in nixos/, both of which
are inside of comments.
Since lib.mdDoc is already defined as just id, this commit is a no-op as
far as Nix (and the built manual) is concerned.
Otherwise /run/dbus is created with the wrong permissions.
For some reason our recent changes made /run/dbus be 0700 instead of
0755. This is actually the default of homeMode. So something worked by
accident before?
- Make inputs more diff friendly
- Add flags for enabling certain libraries
- Disable LDAP support as HDB module by default
- Add support for CJSON
- Flatten contents of `$out/libexec`, which earlier had an
`heimdal/heimdal` directory
- Use SRI hash
- Enable package tests
- Add `passthru.tests.nixos`
- Add `meta.homepage` and `meta.changelog`
Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
This replaces the krb5 module's options with RFC 42-style krb5.settings
option, while greatly simplifying the code and fixing a few bugs,
namely:
- #243068 krb5: Configuration silently gets ignored when set by
multiple modules
- not being able to use mkIf etc. inside subattributes of
krb5.libdefaults, e.g. krb5.libdefaults.default_realm = mkIf ...
See #144575.
Closes#243068.
Co-authored-by: h7x4 <h7x4@nani.wtf>
When reloading the dbus-broker service (e.g. when switching to a new generation),
the reload fails when /tmp got remounted after the service had been started.
Since the dbus-broker service starts early, and does not have default dependencies,
this situation does occur in practice.
This change makes sure that if there are mount units for /tmp, dbus-broker gets
ordered after them.
See also https://github.com/systemd/systemd/issues/28515
We do not really declare module dependencies anywhere else and it would
a nousance to move any file if many other referenced it without being
necessary. Also most higher level modules depend on most of the lower
level ones.
So removing this because it can only potentially cause weird issues.
It is now only about the system service.
Granted, it also installs the client package, but that could be
factored out later, with actual test to support such a new type of
configuration.
This makes it easier to for example set `datasource_list = [ "Vultr" ];`
so that cloud-init doesn't scan trough all of the datasources when you
know on which target the system is going to be deployed.
Previously, one had to copy-paste the default config and adapt it.
