New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/transmission: Require encryption by default #87920
Conversation
This seems like the sane default, since you typically always want your traffic to be encrypted. This *is* kind of a breaking change, but I assume that people who have not explicitly set their settings most likely just don't know that encryption isn't enforced by default.
Hi, I'm a transmission user and I checked what's currently my https://github.com/transmission/transmission/wiki/Editing-Configuration-Files#misc This default makes sense to me. Why should we enforce encryption? BTW, this module is written so badly that it needs a thorough rewrite. The reason is that it's setting other defaults to the I once tried to enable my self overriding such a default in #76552 but I closed it in favor of a better PR which I don't have time yet to write because I need to write an RFC for declarative systemd-tmpfiles management, per https://discourse.nixos.org/t/nixpkgs-policy-as-for-systemd-prestart-setup-scripts-vs-systemd-tmpfiles/5839 . Also, the settings of the default and the user's need to be merged somehow, probably with the Other issue (I haven't opened it but I noted it to myself) with the module, is that passwords are impossible to set in a manner that doesn't put them world readable in the store. That's because the preStart script is hardcoded and the settingsFile is written to the store unconditionally: nixpkgs/nixos/modules/services/torrent/transmission.nix Lines 15 to 30 in fc03905
Anyway, I'm sorry but I vote against your change, not only because it's a change to upstream's which I think was set like that for a good reason, but also because the module can't handle overrides to the defaults by the user. |
As for whether encryption should be set by default: This will only affect people who have not touched their Also, I am pretty sure that you can change the default. The only defaults that do not disappear when you specify the settings as {} is umask, download-dir, and incomplete-dir. If you look at The other issues I don't know about, unfortunately. |
That is correct. I thought that all of them are unoverrideable because these settings specifically are those that their defaults have always bothered me.
For as far as I know, Nixpkgs' policy regarding such dilemmas, is to go with upstream's original intentions. Perhaps you should write a PR upstream? I imagine that if you'll do that they'll be able to explain why isn't It's just that I imagine this might brake downloads for some people if they are connected to trackers or other clients which don't support encryption at all. |
Motivation for this change
This seems like the sane default, since you typically always want your traffic to be encrypted.
This is kind of a breaking change, but I assume that people who have not explicitly set their settings most likely just don't know that encryption isn't enforced by default.
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)