This patch is about removing `wireguardPeerConfig`,
`dhcpServerStaticLeaseConfig` - a.k.a. the
AbstractSingletonProxyFactoryBean of nixpkgs - and friends.
As a former colleague said
> worst abstraction ever
I second that. I've written enough networkd config for NixOS systems so
far to have a strong dislike. In fact, these don't even make sense:
`netdevs.wireguardPeers._.wireguardPeerConfig` will be rendered into
the key `[WireGuardPeer]` and every key from `wireguardPeerConfig` is in
there. Since it's INI, there's no place where sections on the same level
as wireguardPeerConfig fit into. Hence, get rid of it all.
For the transition, using the old way is still allowed, but gives a
warning. I think we could drop this after one release.
The tests of rosenpass and systemd-networkd-dhcpserver-static-leases
were broken on the rev before, hence they were updated, but are still
not building.
Add '~' and '^' to the supported characters for the field. These
characters are needed to be able to define all versions that are
compatible with the UAPI Version Format specification.
One example where this is used is the `%A` flag in systemd.unit. If we
don't allow these other characters, we for example cannot declare a
pre-relase version.
systemd, as far as I can tell, doesn't enforce any restrictions on the
os-release fields.
https://uapi-group.org/specifications/specs/version_format_specification/
Allow loading pretalx plugins in a declarative manner. They are passed
into the package dependencies at build time, so that collectstatic and
other django maintenance functions account for them, since we cannot
regenerate assets at runtime anyway.
The explicit `replication_mode` option in `services.garage.settings`
has been removed and is now handled by the freeform settings in order
to allow it being completely absent (for Garage 1.x).
That module option previously `toString`'ed the value it's configured
with, which is now no longer possible.
Warn the user if they're still using a non-string here.
This migrates the syntax for a few configuration values,
which now need to be quoted strings for user values.
This also disables the use of a public resolver,
which is not accessible in the sandbox.
This makes it possible for other systemd units to depend on
keycloak.service using `after` and `wants` relationships, and systemd
will actually wait for Keycloak to finish its initialization before
starting any dependent units. This can be important for services like
oauth2-proxy, which (when configured to use Keycloak as its auth
provider) will fail to start until Keycloak's
`.well-known/openid-configuration` endpoint is available.
This fixes build failures with the wayland dependency:
Quoting @nevivurn:
"guestadditions->...->wayland, but the test config pulls in
modules/profiles/minimal.nix which disables xlibs and thus it won't build"
Co-authored-by: Yongun Seong <nevivurn@nevi.dev>
