Instead of forcing users to configure lighttpd manually, make it an
option. The current services.lighttpd.configText option can still be
used for manual configuration, but if it is left blank (default) we'll
use the new generated config file.
The generated config file ensures that the server drops root priveleges
and runs as the "lighttpd" user. It pulls in some new config params that
can be set in configuration.nix (here with default values):
services.lighttpd.document-root = "/srv/www"
services.lighttpd.port = 80
services.lighttpd.extraConfig = "" # appended to the generated file
And it enables access and error logging to the systemd journal.
Patch contributed by Bjørn Forsman.
Activation scripts are run before systemd is started, so unless users
are loading firmware in the initrd (which AFAICT we currently have no
support for) the previous /sys-based setting of firmware_class was
ineffective on boot.
Signed-off-by: Shea Levy <shea@shealevy.com>
We don't need to set $TZ, because we have /etc/localtime. In fact,
setting $TZ without $TZDIR doesn't work anymore since Glibc no longer
contains zone info.
This reverts commit 7f1e728606.
This would have been nice if we had had it from the start, but now it
just breaks things for existing users. Maybe we can add it conditionally
when new postgres versions come out.
Signed-off-by: Shea Levy <shea@shealevy.com>
This reverts commit 1e543984bc.
This would have been nice if we had had it from the start, but now it
just breaks things for existing users. Maybe we can add it conditionally
when new postgres versions come out.
Signed-off-by: Shea Levy <shea@shealevy.com>
desktop-manager is a bit misleading in this case as there is no
session yet and most apps are still missing. This can eventually
grow further once more e17 apps get packaged for nix.
However, for now, I need to initialize some e17 dbus services to
have the "terminology" terminal emulator provide gfx previews.
The user should specify which major version to use
(e.g. "services.postgresql.package = pkgs.postgresql92"). We can't
really provide a sensible default, because such a default would have
to be updated from time to time, and there is no automated upgrade
procedure. So leave upgrading to the user.
Enabling udisks2 allows gvfs (which should be built with udisks support) to
perform mount/unmount operations on removable drives. It affects Thunar and
probably other Gtk-based file managers.
Gvfs doesn't supports earlier versions of udisks.
As @edolstra pointed out, this behavior is not equivalent to what we had
before as the kernel command line parameter won't take effect until the
next boot. Probably it's not likely that someone will make this change
and then add a network card before rebooting, but might as well support
that since we can.
This reverts commit f7563698df.
Signed-off-by: Shea Levy <shea@shealevy.com>
Using /etc/lighttpd.conf "hides" the config file from NixOS so that it
will not automatically restart the service when its config file changes.
So don't do that.
I think it's nice that it first asks the usual password, and then offers the
otpw one if enabled. That enables dovecot to show the last pam prompt.
I also add the dovecot option for that.
