Merge master into staging-next

    github = "jankaifer";

    githubId = 12820484;

  };

  janlikar = {

    name = "Jan Likar";

    email = "jan.likar@protonmail.com";

    github = "janlikar";

    githubId = 4228250;

  };

  jansol = {

    email = "jan.solanti@paivola.fi";

    github = "jansol";

      leona

      osnyx

      ma27

      laalsaas

    ];

    scope = "Team for Flying Circus employees who collectively maintain packages.";

    shortName = "Flying Circus employees";

::: {.note}

This is experimental.

Please consider using [Userborn](#sec-userborn) over systemd-sysusers as it's

more feature complete.

:::

Instead of using a custom perl script to create users and groups, you can use

```

The primary benefit of this is to remove a dependency on perl.

## Manage users and groups with `userborn` {#sec-userborn}

::: {.note}

This is experimental.

:::

Like systemd-sysusers, Userborn adoesn't depend on Perl but offers some more

advantages over systemd-sysusers:

1. It can create "normal" users (with a GID >= 1000).

2. It can update some information about users. Most notably it can update their

   passwords.

3. It will warn when users use an insecure or unsupported password hashing

   scheme.

Userborn is the recommended way to manage users if you don't want to rely on

the Perl script. It aims to eventually replace the Perl script by default.

You can enable Userborn via:

```nix

services.userborn.enable = true;

```

You can configure Userborn to store the password files

(`/etc/{group,passwd,shadow}`) outside of `/etc` and symlink them from this

location to `/etc`:

```nix

services.userborn.passwordFilesLocation = "/persistent/etc";

```

This is useful when you store `/etc` on a `tmpfs` or if `/etc` is immutable

(e.g. when using `system.etc.overlay.mutable = false;`). In the latter case the

original files are by default stored in `/var/lib/nixos`.

Userborn implements immutable users by re-mounting the password files

read-only. This means that unlike when using the Perl script, trying to add a

new user (e.g. via `useradd`) will fail right away.

- [Quickwit](https://quickwit.io), sub-second search & analytics engine on cloud storage. Available as [services.quickwit](options.html#opt-services.quickwit).

- [Userborn](https://github.com/nikstur/userborn), a service for declarative

  user management. This can be used instead of the `update-users-groups.pl`

  Perl script and instead of systemd-sysusers. To achieve a system without

  Perl, this is the now recommended tool over systemd-sysusers because it can

  alos create normal users and change passwords. Available as

  [services.userborn](#opt-services.userborn.enable)

- [Flood](https://flood.js.org/), a beautiful WebUI for various torrent clients. Available as [services.flood](options.html#opt-services.flood).

- [Firefly-iii Data Importer](https://github.com/firefly-iii/data-importer), a data importer for Firefly-III. Available as [services.firefly-iii-data-importer](options.html#opt-services.firefly-iii-data-importer)

  ./services/system/systembus-notify.nix

  ./services/system/systemd-lock-handler.nix

  ./services/system/uptimed.nix

  ./services/system/userborn.nix

  ./services/system/zram-generator.nix

  ./services/torrent/deluge.nix

  ./services/torrent/flexget.nix