I tested the previous "version" and found my environment to be exactly the same.
Let's start discussing possible extensions/improvements somewhere else. For now it's a nice improvement.
This change does two things:
* "NixOSizes" environment variables generation. This allows some more
error-checking and opens possibilities for a modular environment
configuration. From now on the most of environment variables are
generated directly by the nix code. Generating sh code that
generates environment variables is left in a few places where
nontrivial access to a local environment state is needed.
* By doing the first change this patch untangles bash from the
environment configuration and makes it trivial to add a support for
other non bash-compatible shells.
Now to the sad part. This change is quite large (and I'm not sure it's
possible to split it) and yet is not quite complete, it needs some
changes to nixpkgs to be perfect.
See !!! comments in modules/config/shells-environment.nix.
Main principle behind this change is "change environment generation
and nothing else". In particular, shell configuration principles stay
exactly the same as before.
NixOS and Fedora uses .../ca-bundle.crt. Ubuntu uses
.../ca-certificates.crt. Add .../ca-certificates.crt symlink to be
compatible with Ubuntu.
Example use case: Bob has a ~/.msmtprc file that he brings over from
Ubuntu. It also works on NixOS.
apparmor's systemd service wasn't working when multiple profiles were
defined, due to the ExecStart commands in the service file being
broken into multiple lines, instead of being separated by ';'.
I think it's nice that it first asks the usual password, and then offers the
otpw one if enabled. That enables dovecot to show the last pam prompt.
I also add the dovecot option for that.
This is needed in order to properly lock your screen using the C-a C-x
(lockscreen) command _and_ being back to re-login, because the "other" PAM
service/fallback is to deny authentication.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Logind sessions are more generally useful than for device ownership.
For instances, ssh logins can be put in their own session (and thus
their own cgroup).
The environment variable "NIXOS_EXTRA_MODULES" is now checked to
contain a path to a file similar to modules/module-list.nix.
This gives the ability to include nixos modules that are not in the
nixos source tree.
This can be useful for modules that are still experimental, or which
aren't useful for other nixos users. Of course, this was already
possible to do this using a forked nixos tree, but with this
functionality, you can just rely on the nixos channel, easing things a
lot.
