Merge remote-tracking branch 'origin/master' into haskell-updates

    githubId = 1342360;

    name = "Andrew Morgan";

  };

  anomalocaris = {

    email = "duncan@anomalocaris.xyz";

    github = "Anomalocaridid";

    githubId = 29845794;

    name = "Duncan Russell";

  };

  anpin = {

    email = "pavel@anpin.fyi";

    github = "anpin";

    name = "Hubert Jasudowicz";

  };

  chkno = {

    email = "chuck@intelligence.org";

    email = "scottworley@scottworley.com";

    github = "chkno";

    githubId = 1118859;

    name = "Scott Worley";

    github = "NickCao";

    githubId = 15247171;

  };

  nickgerace = {

    name = "Nick Gerace";

    github = "nickgerace";

    githubId = 39320683;

  };

  nickhu = {

    email = "me@nickhu.co.uk";

    github = "NickHu";

- The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services.

  This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service`

- The mailman service now defaults to using a randomly generated REST API password instead of a hardcoded one.

- `minio` removed support for its legacy filesystem backend in [RELEASE.2022-10-29T06-21-33Z](https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z). This means if your storage was created with the old format, minio will no longer start. Unfortunately minio doesn't provide a an automatic migration, they only provide [instructions how to manually convert the node](https://min.io/docs/minio/windows/operations/install-deploy-manage/migrate-fs-gateway.html). To facilitate this migration we keep around the last version that still supports the old filesystem backend as `minio_legacy_fs`. Use it via `services.minio.package = minio_legacy_fs;` to export your data before switching to the new version. See the corresponding [issue](https://github.com/NixOS/nixpkgs/issues/199318) for more details.

- `services.sourcehut.dispatch` and the corresponding package (`sourcehut.dispatchsrht`) have been removed due to [upstream deprecation](https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/).

        // optionalAttrs (config.requisite != [])

          { Requisite = toString config.requisite; }

        // optionalAttrs (config ? restartTriggers && config.restartTriggers != [])

          { X-Restart-Triggers = toString config.restartTriggers; }

          { X-Restart-Triggers = "${pkgs.writeText "X-Restart-Triggers" (toString config.restartTriggers)}"; }

        // optionalAttrs (config ? reloadTriggers && config.reloadTriggers != [])

          { X-Reload-Triggers = toString config.reloadTriggers; }

          { X-Reload-Triggers = "${pkgs.writeText "X-Reload-Triggers" (toString config.reloadTriggers)}"; }

        // optionalAttrs (config.description != "") {

          Description = config.description; }

        // optionalAttrs (config.documentation != []) {

    transport_file_type: hash

  '';

  mailmanCfg = lib.generators.toINI {}

    (recursiveUpdate cfg.settings

      ((optionalAttrs (cfg.restApiPassFile != null) {

  mailmanCfg = lib.generators.toINI {} (recursiveUpdate cfg.settings {

    webservice.admin_pass = "#NIXOS_MAILMAN_REST_API_PASS_SECRET#";

      })));

  });

  mailmanCfgFile = pkgs.writeText "mailman-raw.cfg" mailmanCfg;

    environment.etc."mailman3/settings.py".text = ''

      import os

      from configparser import ConfigParser

      # Required by mailman_web.settings, but will be overridden when

      # settings_local.json is loaded.

      with open('/var/lib/mailman-web/settings_local.json') as f:

          globals().update(json.load(f))

      ${optionalString (cfg.restApiPassFile != null) ''

        with open('${cfg.restApiPassFile}') as f:

            MAILMAN_REST_API_PASS = f.read().rstrip('\n')

      ''}

      with open('/etc/mailman.cfg') as f:

          config = ConfigParser()

          config.read_file(f)

          MAILMAN_REST_API_PASS = config['webservice']['admin_pass']

      ${optionalString (cfg.ldap.enable) ''

        import ldap

        path = with pkgs; [ jq ];

        after = optional withPostgresql "postgresql.service";

        requires = optional withPostgresql "postgresql.service";

        serviceConfig.RemainAfterExit = true;

        serviceConfig.Type = "oneshot";

        script = ''

          install -m0750 -o mailman -g mailman ${mailmanCfgFile} /etc/mailman.cfg

          ${optionalString (cfg.restApiPassFile != null) ''

          ${if cfg.restApiPassFile == null then ''

            sed -i "s/#NIXOS_MAILMAN_REST_API_PASS_SECRET#/$(tr -dc A-Za-z0-9 < /dev/urandom | head -c 64)/g" \

              /etc/mailman.cfg

          '' else ''

            ${pkgs.replace-secret}/bin/replace-secret \

              '#NIXOS_MAILMAN_REST_API_PASS_SECRET#' \

              ${cfg.restApiPassFile} \

  magnetico = handleTest ./magnetico.nix {};

  mailcatcher = handleTest ./mailcatcher.nix {};

  mailhog = handleTest ./mailhog.nix {};

  mailman = handleTest ./mailman.nix {};

  man = handleTest ./man.nix {};

  mariadb-galera = handleTest ./mysql/mariadb-galera.nix {};

  mastodon = discoverTests (import ./web-apps/mastodon { inherit handleTestOn; });