Merge pull request #128760 from bobby285271/master

nixos/doc: convert "Chapter 45. Profiles" to CommonMark

nixos/doc/manual/configuration/profiles.xml

@@ -25,15 +25,15 @@
   What follows is a brief explanation on the purpose and use-case for each
   profile. Detailing each option configured by each one is out of scope.
  </para>
- <xi:include href="profiles/all-hardware.xml" />
- <xi:include href="profiles/base.xml" />
- <xi:include href="profiles/clone-config.xml" />
- <xi:include href="profiles/demo.xml" />
- <xi:include href="profiles/docker-container.xml" />
- <xi:include href="profiles/graphical.xml" />
- <xi:include href="profiles/hardened.xml" />
- <xi:include href="profiles/headless.xml" />
- <xi:include href="profiles/installation-device.xml" />
- <xi:include href="profiles/minimal.xml" />
- <xi:include href="profiles/qemu-guest.xml" />
+ <xi:include href="../from_md/configuration/profiles/all-hardware.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/base.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/clone-config.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/demo.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/docker-container.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/graphical.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/hardened.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/headless.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/installation-device.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/minimal.section.xml" />
+ <xi:include href="../from_md/configuration/profiles/qemu-guest.section.xml" />
 </chapter>

nixos/doc/manual/configuration/profiles/all-hardware.section.md

@@ -0,0 +1,11 @@
+# All Hardware {#sec-profile-all-hardware}
+
+Enables all hardware supported by NixOS: i.e., all firmware is included, and
+all devices from which one may boot are enabled in the initrd. Its primary
+use is in the NixOS installation CDs.
+
+The enabled kernel modules include support for SATA and PATA, SCSI
+(partially), USB, Firewire (untested), Virtio (QEMU, KVM, etc.), VMware, and
+Hyper-V. Additionally, [](#opt-hardware.enableAllFirmware) is
+enabled, and the firmware for the ZyDAS ZD1211 chipset is specifically
+installed.

nixos/doc/manual/configuration/profiles/all-hardware.xml

@@ -1,21 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-all-hardware">
- <title>All Hardware</title>
-
- <para>
-  Enables all hardware supported by NixOS: i.e., all firmware is included, and
-  all devices from which one may boot are enabled in the initrd. Its primary
-  use is in the NixOS installation CDs.
- </para>
-
- <para>
-  The enabled kernel modules include support for SATA and PATA, SCSI
-  (partially), USB, Firewire (untested), Virtio (QEMU, KVM, etc.), VMware, and
-  Hyper-V. Additionally, <xref linkend="opt-hardware.enableAllFirmware"/> is
-  enabled, and the firmware for the ZyDAS ZD1211 chipset is specifically
-  installed.
- </para>
-</section>

nixos/doc/manual/configuration/profiles/base.section.md

@@ -0,0 +1,7 @@
+# Base {#sec-profile-base}
+
+Defines the software packages included in the "minimal" installation CD. It
+installs several utilities useful in a simple recovery or install media, such
+as a text-mode web browser, and tools for manipulating block devices,
+networking, hardware diagnostics, and filesystems (with their respective
+kernel modules).

nixos/doc/manual/configuration/profiles/base.xml

@@ -1,15 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-base">
- <title>Base</title>
-
- <para>
-  Defines the software packages included in the "minimal" installation CD. It
-  installs several utilities useful in a simple recovery or install media, such
-  as a text-mode web browser, and tools for manipulating block devices,
-  networking, hardware diagnostics, and filesystems (with their respective
-  kernel modules).
- </para>
-</section>

nixos/doc/manual/configuration/profiles/clone-config.section.md

@@ -0,0 +1,11 @@
+# Clone Config {#sec-profile-clone-config}
+
+This profile is used in installer images. It provides an editable
+configuration.nix that imports all the modules that were also used when
+creating the image in the first place. As a result it allows users to edit
+and rebuild the live-system.
+
+On images where the installation media also becomes an installation target,
+copying over `configuration.nix` should be disabled by
+setting `installer.cloneConfig` to `false`.
+For example, this is done in `sd-image-aarch64-installer.nix`.

nixos/doc/manual/configuration/profiles/clone-config.xml

@@ -1,21 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-clone-config">
- <title>Clone Config</title>
-
- <para>
-  This profile is used in installer images. It provides an editable
-  configuration.nix that imports all the modules that were also used when
-  creating the image in the first place. As a result it allows users to edit
-  and rebuild the live-system.
- </para>
-
- <para>
-  On images where the installation media also becomes an installation target,
-  copying over <literal>configuration.nix</literal> should be disabled by
-  setting <literal>installer.cloneConfig</literal> to <literal>false</literal>.
-  For example, this is done in <literal>sd-image-aarch64-installer.nix</literal>.
- </para>
-</section>

nixos/doc/manual/configuration/profiles/demo.section.md

@@ -0,0 +1,4 @@
+# Demo {#sec-profile-demo}
+
+This profile just enables a `demo` user, with password `demo`, uid `1000`, `wheel` group and
+[autologin in the SDDM display manager](#opt-services.xserver.displayManager.autoLogin).

nixos/doc/manual/configuration/profiles/demo.xml

@@ -1,14 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-demo">
- <title>Demo</title>
-
- <para>
-  This profile just enables a <systemitem class="username">demo</systemitem>
-  user, with password <literal>demo</literal>, uid <literal>1000</literal>,
-  <systemitem class="groupname">wheel</systemitem> group and
-  <link linkend="opt-services.xserver.displayManager.autoLogin">autologin in the SDDM display manager</link>.
- </para>
-</section>

nixos/doc/manual/configuration/profiles/docker-container.section.md

@@ -0,0 +1,7 @@
+# Docker Container {#sec-profile-docker-container}
+
+This is the profile from which the Docker images are generated. It prepares a
+working system by importing the [Minimal](#sec-profile-minimal) and
+[Clone Config](#sec-profile-clone-config) profiles, and
+setting appropriate configuration options that are useful inside a container
+context, like [](#opt-boot.isContainer).

nixos/doc/manual/configuration/profiles/docker-container.xml

@@ -1,16 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-docker-container">
- <title>Docker Container</title>
-
- <para>
-  This is the profile from which the Docker images are generated. It prepares a
-  working system by importing the
-  <link linkend="sec-profile-minimal">Minimal</link> and
-  <link linkend="sec-profile-clone-config">Clone Config</link> profiles, and
-  setting appropriate configuration options that are useful inside a container
-  context, like <xref linkend="opt-boot.isContainer"/>.
- </para>
-</section>

nixos/doc/manual/configuration/profiles/graphical.section.md

@@ -0,0 +1,10 @@
+# Graphical {#sec-profile-graphical}
+
+Defines a NixOS configuration with the Plasma 5 desktop. It's used by the
+graphical installation CD.
+
+It sets [](#opt-services.xserver.enable),
+[](#opt-services.xserver.displayManager.sddm.enable),
+[](#opt-services.xserver.desktopManager.plasma5.enable),
+and [](#opt-services.xserver.libinput.enable) to true. It also
+includes glxinfo and firefox in the system packages list.

nixos/doc/manual/configuration/profiles/graphical.xml

@@ -1,20 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-graphical">
- <title>Graphical</title>
-
- <para>
-  Defines a NixOS configuration with the Plasma 5 desktop. It's used by the
-  graphical installation CD.
- </para>
-
- <para>
-  It sets <xref linkend="opt-services.xserver.enable"/>,
-  <xref linkend="opt-services.xserver.displayManager.sddm.enable"/>,
-  <xref linkend="opt-services.xserver.desktopManager.plasma5.enable"/>, and
-  <xref linkend="opt-services.xserver.libinput.enable"/> to true. It also
-  includes glxinfo and firefox in the system packages list.
- </para>
-</section>

nixos/doc/manual/configuration/profiles/hardened.section.md

@@ -0,0 +1,20 @@
+# Hardened {#sec-profile-hardened}
+
+A profile with most (vanilla) hardening options enabled by default,
+potentially at the cost of stability, features and performance.
+
+This includes a hardened kernel, and limiting the system information
+available to processes through the `/sys` and
+`/proc` filesystems. It also disables the User Namespaces
+feature of the kernel, which stops Nix from being able to build anything
+(this particular setting can be overriden via
+[](#opt-security.allowUserNamespaces)). See the
+[profile source](https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix)
+for further detail on which settings are altered.
+
+::: {.warning}
+This profile enables options that are known to affect system
+stability. If you experience any stability issues when using the
+profile, try disabling it. If you report an issue and use this
+profile, always mention that you do.
+:::

nixos/doc/manual/configuration/profiles/hardened.xml

@@ -1,32 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-hardened">
- <title>Hardened</title>
-
- <para>
-  A profile with most (vanilla) hardening options enabled by default,
-  potentially at the cost of stability, features and performance.
- </para>
-
- <para>
-  This includes a hardened kernel, and limiting the system information
-  available to processes through the <filename>/sys</filename> and
-  <filename>/proc</filename> filesystems. It also disables the User Namespaces
-  feature of the kernel, which stops Nix from being able to build anything
-  (this particular setting can be overriden via
-  <xref linkend="opt-security.allowUserNamespaces"/>). See the
-  <literal
-   xlink:href="https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix">
-  profile source</literal> for further detail on which settings are altered.
- </para>
- <warning>
-   <para>
-     This profile enables options that are known to affect system
-     stability. If you experience any stability issues when using the
-     profile, try disabling it. If you report an issue and use this
-     profile, always mention that you do.
-   </para>
- </warning>
-</section>

nixos/doc/manual/configuration/profiles/headless.section.md

@@ -0,0 +1,9 @@
+# Headless {#sec-profile-headless}
+
+Common configuration for headless machines (e.g., Amazon EC2 instances).
+
+Disables [sound](#opt-sound.enable),
+[vesa](#opt-boot.vesa), serial consoles,
+[emergency mode](#opt-systemd.enableEmergencyMode),
+[grub splash images](#opt-boot.loader.grub.splashImage)
+and configures the kernel to reboot automatically on panic.

nixos/doc/manual/configuration/profiles/headless.xml

@@ -1,19 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-headless">
- <title>Headless</title>
-
- <para>
-  Common configuration for headless machines (e.g., Amazon EC2 instances).
- </para>
-
- <para>
-  Disables <link linkend="opt-sound.enable">sound</link>,
-  <link linkend="opt-boot.vesa">vesa</link>, serial consoles,
-  <link linkend="opt-systemd.enableEmergencyMode">emergency mode</link>,
-  <link linkend="opt-boot.loader.grub.splashImage">grub splash images</link>
-  and configures the kernel to reboot automatically on panic.
- </para>
-</section>

nixos/doc/manual/configuration/profiles/installation-device.section.md

@@ -0,0 +1,24 @@
+# Installation Device {#sec-profile-installation-device}
+
+Provides a basic configuration for installation devices like CDs.
+This enables redistributable firmware, includes the
+[Clone Config profile](#sec-profile-clone-config)
+and a copy of the Nixpkgs channel, so `nixos-install`
+works out of the box.
+
+Documentation for [Nixpkgs](#opt-documentation.enable)
+and [NixOS](#opt-documentation.nixos.enable) are
+forcefully enabled (to override the
+[Minimal profile](#sec-profile-minimal) preference); the
+NixOS manual is shown automatically on TTY 8, udisks is disabled.
+Autologin is enabled as `nixos` user, while passwordless
+login as both `root` and `nixos` is possible.
+Passwordless `sudo` is enabled too.
+[wpa_supplicant](#opt-networking.wireless.enable) is
+enabled, but configured to not autostart.
+
+It is explained how to login, start the ssh server, and if available,
+how to start the display manager.
+
+Several settings are tweaked so that the installer has a better chance of
+succeeding under low-memory environments.

nixos/doc/manual/configuration/profiles/installation-device.xml

@@ -1,36 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-installation-device">
- <title>Installation Device</title>
-
- <para>
-  Provides a basic configuration for installation devices like CDs.
-  This enables redistributable firmware, includes the
-  <link linkend="sec-profile-clone-config">Clone Config profile</link>
-  and a copy of the Nixpkgs channel, so <command>nixos-install</command>
-  works out of the box.
- </para>
- <para>
-  Documentation for <link linkend="opt-documentation.enable">Nixpkgs</link>
-  and <link linkend="opt-documentation.nixos.enable">NixOS</link> are
-  forcefully enabled (to override the
-  <link linkend="sec-profile-minimal">Minimal profile</link> preference); the
-  NixOS manual is shown automatically on TTY 8, udisks is disabled.
-  Autologin is enabled as <literal>nixos</literal> user, while passwordless
-  login as both <literal>root</literal> and <literal>nixos</literal> is possible.
-  Passwordless <command>sudo</command> is enabled too.
-  <link linkend="opt-networking.wireless.enable">wpa_supplicant</link> is
-  enabled, but configured to not autostart.
- </para>
- <para>
-  It is explained how to login, start the ssh server, and if available,
-  how to start the display manager.
- </para>
-
- <para>
-  Several settings are tweaked so that the installer has a better chance of
-  succeeding under low-memory environments.
- </para>
-</section>

nixos/doc/manual/configuration/profiles/minimal.section.md

@@ -0,0 +1,9 @@
+# Minimal {#sec-profile-minimal}
+
+This profile defines a small NixOS configuration. It does not contain any
+graphical stuff. It's a very short file that enables
+[noXlibs](#opt-environment.noXlibs), sets
+[](#opt-i18n.supportedLocales) to
+only support the user-selected locale,
+[disables packages' documentation](#opt-documentation.enable),
+and [disables sound](#opt-sound.enable).

nixos/doc/manual/configuration/profiles/minimal.xml

@@ -1,17 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-minimal">
- <title>Minimal</title>
-
- <para>
-  This profile defines a small NixOS configuration. It does not contain any
-  graphical stuff. It's a very short file that enables
-  <link linkend="opt-environment.noXlibs">noXlibs</link>, sets
-  <link linkend="opt-i18n.supportedLocales">i18n.supportedLocales</link> to
-  only support the user-selected locale,
-  <link linkend="opt-documentation.enable">disables packages' documentation
-  </link>, and <link linkend="opt-sound.enable">disables sound</link>.
- </para>
-</section>

nixos/doc/manual/configuration/profiles/qemu-guest.section.md

@@ -0,0 +1,7 @@
+# QEMU Guest {#sec-profile-qemu-guest}
+
+This profile contains common configuration for virtual machines running under
+QEMU (using virtio).
+
+It makes virtio modules available on the initrd and sets the system time from
+the hardware clock to work around a bug in qemu-kvm.

nixos/doc/manual/configuration/profiles/qemu-guest.xml

@@ -1,17 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-profile-qemu-guest">
- <title>QEMU Guest</title>
-
- <para>
-  This profile contains common configuration for virtual machines running under
-  QEMU (using virtio).
- </para>
-
- <para>
-  It makes virtio modules available on the initrd and sets the system time from
-  the hardware clock to work around a bug in qemu-kvm.
- </para>
-</section>

nixos/doc/manual/from_md/configuration/profiles/all-hardware.section.xml

@@ -0,0 +1,15 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-all-hardware">
+  <title>All Hardware</title>
+  <para>
+    Enables all hardware supported by NixOS: i.e., all firmware is
+    included, and all devices from which one may boot are enabled in the
+    initrd. Its primary use is in the NixOS installation CDs.
+  </para>
+  <para>
+    The enabled kernel modules include support for SATA and PATA, SCSI
+    (partially), USB, Firewire (untested), Virtio (QEMU, KVM, etc.),
+    VMware, and Hyper-V. Additionally,
+    <xref linkend="opt-hardware.enableAllFirmware" /> is enabled, and
+    the firmware for the ZyDAS ZD1211 chipset is specifically installed.
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/base.section.xml

@@ -0,0 +1,10 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-base">
+  <title>Base</title>
+  <para>
+    Defines the software packages included in the <quote>minimal</quote>
+    installation CD. It installs several utilities useful in a simple
+    recovery or install media, such as a text-mode web browser, and
+    tools for manipulating block devices, networking, hardware
+    diagnostics, and filesystems (with their respective kernel modules).
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/clone-config.section.xml

@@ -0,0 +1,16 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-clone-config">
+  <title>Clone Config</title>
+  <para>
+    This profile is used in installer images. It provides an editable
+    configuration.nix that imports all the modules that were also used
+    when creating the image in the first place. As a result it allows
+    users to edit and rebuild the live-system.
+  </para>
+  <para>
+    On images where the installation media also becomes an installation
+    target, copying over <literal>configuration.nix</literal> should be
+    disabled by setting <literal>installer.cloneConfig</literal> to
+    <literal>false</literal>. For example, this is done in
+    <literal>sd-image-aarch64-installer.nix</literal>.
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/demo.section.xml

@@ -0,0 +1,10 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-demo">
+  <title>Demo</title>
+  <para>
+    This profile just enables a <literal>demo</literal> user, with
+    password <literal>demo</literal>, uid <literal>1000</literal>,
+    <literal>wheel</literal> group and
+    <link linkend="opt-services.xserver.displayManager.autoLogin">autologin
+    in the SDDM display manager</link>.
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/docker-container.section.xml

@@ -0,0 +1,12 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-docker-container">
+  <title>Docker Container</title>
+  <para>
+    This is the profile from which the Docker images are generated. It
+    prepares a working system by importing the
+    <link linkend="sec-profile-minimal">Minimal</link> and
+    <link linkend="sec-profile-clone-config">Clone Config</link>
+    profiles, and setting appropriate configuration options that are
+    useful inside a container context, like
+    <xref linkend="opt-boot.isContainer" />.
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/graphical.section.xml

@@ -0,0 +1,14 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-graphical">
+  <title>Graphical</title>
+  <para>
+    Defines a NixOS configuration with the Plasma 5 desktop. It’s used
+    by the graphical installation CD.
+  </para>
+  <para>
+    It sets <xref linkend="opt-services.xserver.enable" />,
+    <xref linkend="opt-services.xserver.displayManager.sddm.enable" />,
+    <xref linkend="opt-services.xserver.desktopManager.plasma5.enable" />,
+    and <xref linkend="opt-services.xserver.libinput.enable" /> to true.
+    It also includes glxinfo and firefox in the system packages list.
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/hardened.section.xml

@@ -0,0 +1,25 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-hardened">
+  <title>Hardened</title>
+  <para>
+    A profile with most (vanilla) hardening options enabled by default,
+    potentially at the cost of stability, features and performance.
+  </para>
+  <para>
+    This includes a hardened kernel, and limiting the system information
+    available to processes through the <literal>/sys</literal> and
+    <literal>/proc</literal> filesystems. It also disables the User
+    Namespaces feature of the kernel, which stops Nix from being able to
+    build anything (this particular setting can be overriden via
+    <xref linkend="opt-security.allowUserNamespaces" />). See the
+    <link xlink:href="https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix">profile
+    source</link> for further detail on which settings are altered.
+  </para>
+  <warning>
+    <para>
+      This profile enables options that are known to affect system
+      stability. If you experience any stability issues when using the
+      profile, try disabling it. If you report an issue and use this
+      profile, always mention that you do.
+    </para>
+  </warning>
+</section>

nixos/doc/manual/from_md/configuration/profiles/headless.section.xml

@@ -0,0 +1,15 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-headless">
+  <title>Headless</title>
+  <para>
+    Common configuration for headless machines (e.g., Amazon EC2
+    instances).
+  </para>
+  <para>
+    Disables <link linkend="opt-sound.enable">sound</link>,
+    <link linkend="opt-boot.vesa">vesa</link>, serial consoles,
+    <link linkend="opt-systemd.enableEmergencyMode">emergency
+    mode</link>, <link linkend="opt-boot.loader.grub.splashImage">grub
+    splash images</link> and configures the kernel to reboot
+    automatically on panic.
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/installation-device.section.xml

@@ -0,0 +1,32 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-installation-device">
+  <title>Installation Device</title>
+  <para>
+    Provides a basic configuration for installation devices like CDs.
+    This enables redistributable firmware, includes the
+    <link linkend="sec-profile-clone-config">Clone Config profile</link>
+    and a copy of the Nixpkgs channel, so
+    <literal>nixos-install</literal> works out of the box.
+  </para>
+  <para>
+    Documentation for
+    <link linkend="opt-documentation.enable">Nixpkgs</link> and
+    <link linkend="opt-documentation.nixos.enable">NixOS</link> are
+    forcefully enabled (to override the
+    <link linkend="sec-profile-minimal">Minimal profile</link>
+    preference); the NixOS manual is shown automatically on TTY 8,
+    udisks is disabled. Autologin is enabled as <literal>nixos</literal>
+    user, while passwordless login as both <literal>root</literal> and
+    <literal>nixos</literal> is possible. Passwordless
+    <literal>sudo</literal> is enabled too.
+    <link linkend="opt-networking.wireless.enable">wpa_supplicant</link>
+    is enabled, but configured to not autostart.
+  </para>
+  <para>
+    It is explained how to login, start the ssh server, and if
+    available, how to start the display manager.
+  </para>
+  <para>
+    Several settings are tweaked so that the installer has a better
+    chance of succeeding under low-memory environments.
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/minimal.section.xml

@@ -0,0 +1,13 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-minimal">
+  <title>Minimal</title>
+  <para>
+    This profile defines a small NixOS configuration. It does not
+    contain any graphical stuff. It’s a very short file that enables
+    <link linkend="opt-environment.noXlibs">noXlibs</link>, sets
+    <xref linkend="opt-i18n.supportedLocales" /> to only support the
+    user-selected locale,
+    <link linkend="opt-documentation.enable">disables packages’
+    documentation</link>, and <link linkend="opt-sound.enable">disables
+    sound</link>.
+  </para>
+</section>

nixos/doc/manual/from_md/configuration/profiles/qemu-guest.section.xml

@@ -0,0 +1,11 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-qemu-guest">
+  <title>QEMU Guest</title>
+  <para>
+    This profile contains common configuration for virtual machines
+    running under QEMU (using virtio).
+  </para>
+  <para>
+    It makes virtio modules available on the initrd and sets the system
+    time from the hardware clock to work around a bug in qemu-kvm.
+  </para>
+</section>