This post details the changes I made to my NixOS’ configuration when upgrading from 20.09 to 21.05.
isNormalUser/isSystemUser §
Either isNormalUser
or isSystemUser
must now be set. This mainly affects service user (user that is created solely to run a service).
users = {
users = {
fooService = {
home = "/var/www";
createHome = true;
+ isSystemUser = true;
};
};
};
Make home folder world-readable §
I have a “/var/www“ folder which I use to serve this website. Previously, chmod +xr
was persistent but now NixOS always set the permission of a user’s home folder to be chmod 700
every time nixos-rebuild
is executed. As a workaround, I have to configure nix to execute chmod after nixos-rebuild
and during boot.
system.activationScripts = {
www-data.text =
''
chmod +xr "/var/www"
'';
};
Tor onion §
Some settings have been renamed:
- hiddenServices → relay.onionServices
map.*.toHost
→map.*.target.addr
- extraConfig → settings
services.tor = {
enable = true;
enableGeoIP = false;
- hiddenServices = {
- myOnion = {
- version = 3;
- map = [
- {
- port = "80";
- toHost = "[::1]";
- toPort = "8080";
- }
- ];
- }
- }
- extraConfig =
- ''
- ClientUseIPv4 0
- ClientUseIPv6 1
- ClientPreferIPv6ORPort 1
- '';
+ relay.onionServices = {
+ myOnion = {
+ version = 3;
+ map = [{
+ port = 80;
+ target = {
+ addr = "[::1]";
+ port = 8080;
+ };
+ }];
+ };
+ };
+ settings = {
+ ClientUseIPv4 = false;
+ ClientUseIPv6 = true;
+ ClientPreferIPv6ORPort = true;
+ };
};