Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2022-12-18 18:01:41 +00:00 committed by GitHub
commit dc7ebb0163
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
308 changed files with 487 additions and 438 deletions

View File

@ -112,7 +112,7 @@ You can also create the backport manually:
2. Check out the target _release branch_, e.g. `release-22.11`. Do not use a _channel branch_ like `nixos-22.11` or `nixpkgs-22.11-darwin`. 2. Check out the target _release branch_, e.g. `release-22.11`. Do not use a _channel branch_ like `nixos-22.11` or `nixpkgs-22.11-darwin`.
3. Create a branch for your change, e.g. `git checkout -b backport`. 3. Create a branch for your change, e.g. `git checkout -b backport`.
4. When the reason to backport is not obvious from the original commit message, use `git cherry-pick -xe <original commit>` and add a reason. Otherwise use `git cherry-pick -x <original commit>`. That's fine for minor version updates that only include security and bug fixes, commits that fixes an otherwise broken package or similar. Please also ensure the commits exists on the master branch; in the case of squashed or rebased merges, the commit hash will change and the new commits can be found in the merge message at the bottom of the master pull request. 4. When the reason to backport is not obvious from the original commit message, use `git cherry-pick -xe <original commit>` and add a reason. Otherwise use `git cherry-pick -x <original commit>`. That's fine for minor version updates that only include security and bug fixes, commits that fixes an otherwise broken package or similar. Please also ensure the commits exists on the master branch; in the case of squashed or rebased merges, the commit hash will change and the new commits can be found in the merge message at the bottom of the master pull request.
5. Push to GitHub and open a backport pull request. Make sure to select the release branch (e.g. `release-22.11`) as the target branch of the pull request, and link to the pull request in which the original change was comitted to `master`. The pull request title should be the commit title with the release version as prefix, e.g. `[22.11]`. 5. Push to GitHub and open a backport pull request. Make sure to select the release branch (e.g. `release-22.11`) as the target branch of the pull request, and link to the pull request in which the original change was committed to `master`. The pull request title should be the commit title with the release version as prefix, e.g. `[22.11]`.
6. When the backport pull request is merged and you have the necessary privileges you can also replace the label `9.needs: port to stable` with `8.has: port to stable` on the original pull request. This way maintainers can keep track of missing backports easier. 6. When the backport pull request is merged and you have the necessary privileges you can also replace the label `9.needs: port to stable` with `8.has: port to stable` on the original pull request. This way maintainers can keep track of missing backports easier.
## Criteria for Backporting changes ## Criteria for Backporting changes

View File

@ -185,7 +185,7 @@ Sample template for a new module review is provided below.
##### Comments ##### Comments
``` ```
## Individual maintainer list {#reviewing-contributions-indvidual-maintainer-list} ## Individual maintainer list {#reviewing-contributions-individual-maintainer-list}
When adding users to `maintainers/maintainer-list.nix`, the following When adding users to `maintainers/maintainer-list.nix`, the following
checks should be performed: checks should be performed:

View File

@ -1,4 +1,4 @@
# Generates the documentation for library functons via nixdoc. To add # Generates the documentation for library functions via nixdoc. To add
# another library function file to this list, the include list in the # another library function file to this list, the include list in the
# file `doc/functions/library.xml` must also be updated. # file `doc/functions/library.xml` must also be updated.

View File

@ -93,7 +93,7 @@ Practical steps:
- run `mix2nix > mix_deps.nix` in the upstream repo. - run `mix2nix > mix_deps.nix` in the upstream repo.
- pass `mixNixDeps = with pkgs; import ./mix_deps.nix { inherit lib beamPackages; };` as an argument to mixRelease. - pass `mixNixDeps = with pkgs; import ./mix_deps.nix { inherit lib beamPackages; };` as an argument to mixRelease.
If there are git depencencies. If there are git dependencies.
- You'll need to fix the version artificially in mix.exs and regenerate the mix.lock with fixed version (on upstream). This will enable you to run `mix2nix > mix_deps.nix`. - You'll need to fix the version artificially in mix.exs and regenerate the mix.lock with fixed version (on upstream). This will enable you to run `mix2nix > mix_deps.nix`.
- From the mix_deps.nix file, remove the dependencies that had git versions and pass them as an override to the import function. - From the mix_deps.nix file, remove the dependencies that had git versions and pass them as an override to the import function.

View File

@ -8,7 +8,7 @@ The Coq derivation is overridable through the `coq.override overrides`, where ov
* `customOCamlPackages` (optional, defaults to `null`, which lets Coq choose a version automatically), which can be set to any of the ocaml packages attribute of `ocaml-ng` (such as `ocaml-ng.ocamlPackages_4_10` which is the default for Coq 8.11 for example). * `customOCamlPackages` (optional, defaults to `null`, which lets Coq choose a version automatically), which can be set to any of the ocaml packages attribute of `ocaml-ng` (such as `ocaml-ng.ocamlPackages_4_10` which is the default for Coq 8.11 for example).
* `coq-version` (optional, defaults to the short version e.g. "8.10"), is a version number of the form "x.y" that indicates which Coq's version build behavior to mimic when using a source which is not a release. E.g. `coq.override { version = "d370a9d1328a4e1cdb9d02ee032f605a9d94ec7a"; coq-version = "8.10"; }`. * `coq-version` (optional, defaults to the short version e.g. "8.10"), is a version number of the form "x.y" that indicates which Coq's version build behavior to mimic when using a source which is not a release. E.g. `coq.override { version = "d370a9d1328a4e1cdb9d02ee032f605a9d94ec7a"; coq-version = "8.10"; }`.
The associated package set can be optained using `mkCoqPackages coq`, where `coq` is the derivation to use. The associated package set can be obtained using `mkCoqPackages coq`, where `coq` is the derivation to use.
## Coq packages attribute sets: `coqPackages` {#coq-packages-attribute-sets-coqpackages} ## Coq packages attribute sets: `coqPackages` {#coq-packages-attribute-sets-coqpackages}

View File

@ -38,7 +38,7 @@ want to target for in terms of SASS (real hardware) or PTX (JIT kernels).
Nixpkgs tries to target support real architecture defaults based on the Nixpkgs tries to target support real architecture defaults based on the
CUDA toolkit version with PTX support for future hardware. Experienced CUDA toolkit version with PTX support for future hardware. Experienced
users may optmize this configuration for a variety of reasons such as users may optimize this configuration for a variety of reasons such as
reducing binary size and compile time, supporting legacy hardware, or reducing binary size and compile time, supporting legacy hardware, or
optimizing for specific hardware. optimizing for specific hardware.

View File

@ -37,9 +37,9 @@ pkgs.writeCueValidator
``` ```
- The first parameter is the Cue schema file. - The first parameter is the Cue schema file.
- The second paramter is an options parameter, currently, only: `document` can be passed. - The second parameter is an options parameter, currently, only: `document` can be passed.
`document` : match your input data against this fragment of structure or definition, e.g. you may use the same schema file but differents documents based on the data you are validating. `document` : match your input data against this fragment of structure or definition, e.g. you may use the same schema file but different documents based on the data you are validating.
Another example, given the following `validator.nix` : Another example, given the following `validator.nix` :
``` ```

View File

@ -4,10 +4,10 @@
### Installation without packages {#installation-without-packages} ### Installation without packages {#installation-without-packages}
You can install `hy` via nix-env or by adding it to `configuration.nix` by reffering to it as a `hy` attribute. This kind of installation adds `hy` to your environment and it succesfully works with `python3`. You can install `hy` via nix-env or by adding it to `configuration.nix` by referring to it as a `hy` attribute. This kind of installation adds `hy` to your environment and it successfully works with `python3`.
::: {.caution} ::: {.caution}
Packages that are installed with your python derivation, are not accesible by `hy` this way. Packages that are installed with your python derivation, are not accessible by `hy` this way.
::: :::
### Installation with packages {#installation-with-packages} ### Installation with packages {#installation-with-packages}

View File

@ -3,7 +3,7 @@
xml:id="chap-language-support"> xml:id="chap-language-support">
<title>Languages and frameworks</title> <title>Languages and frameworks</title>
<para> <para>
The <link linkend="chap-stdenv">standard build environment</link> makes it easy to build typical Autotools-based packages with very little code. Any other kind of package can be accomodated by overriding the appropriate phases of <literal>stdenv</literal>. However, there are specialised functions in Nixpkgs to easily build packages for other programming languages, such as Perl or Haskell. These are described in this chapter. The <link linkend="chap-stdenv">standard build environment</link> makes it easy to build typical Autotools-based packages with very little code. Any other kind of package can be accommodated by overriding the appropriate phases of <literal>stdenv</literal>. However, there are specialised functions in Nixpkgs to easily build packages for other programming languages, such as Perl or Haskell. These are described in this chapter.
</para> </para>
<xi:include href="agda.section.xml" /> <xi:include href="agda.section.xml" />
<xi:include href="android.section.xml" /> <xi:include href="android.section.xml" />

View File

@ -605,7 +605,7 @@ been removed, in this case, it's recommended to use `pytestCheckHook`.
`test` command for a `checkPhase` which runs `pytest`. This is also beneficial `test` command for a `checkPhase` which runs `pytest`. This is also beneficial
when a package may need many items disabled to run the test suite. when a package may need many items disabled to run the test suite.
Using the example above, the analagous `pytestCheckHook` usage would be: Using the example above, the analogous `pytestCheckHook` usage would be:
``` ```
checkInputs = [ pytestCheckHook ]; checkInputs = [ pytestCheckHook ];
@ -624,7 +624,7 @@ Using the example above, the analagous `pytestCheckHook` usage would be:
]; ];
``` ```
This is expecially useful when tests need to be conditionally disabled, This is especially useful when tests need to be conditionally disabled,
for example: for example:
``` ```

View File

@ -319,7 +319,7 @@ The above are just guidelines, and exceptions may be granted on a case-by-case b
However, please check if it's possible to disable a problematic subset of the However, please check if it's possible to disable a problematic subset of the
test suite and leave a comment explaining your reasoning. test suite and leave a comment explaining your reasoning.
This can be achived with `--skip` in `checkFlags`: This can be achieved with `--skip` in `checkFlags`:
```nix ```nix
rustPlatform.buildRustPackage { rustPlatform.buildRustPackage {

View File

@ -303,7 +303,7 @@ One of the compiler flags that GCC uses for this compiler is called X_CFLAGS.
This is used by the Nix build process to set the dynamic linker, glibc This is used by the Nix build process to set the dynamic linker, glibc
in the case of i686-linux using the default Nix packages collection. in the case of i686-linux using the default Nix packages collection.
Obiously, since we need to compile libstc++ for arm-linux with uClibc linking Obviously, since we need to compile libstc++ for arm-linux with uClibc linking
will not be done correctly: you can't link object files built for arm-linux will not be done correctly: you can't link object files built for arm-linux
with a glibc built for i686-linux. with a glibc built for i686-linux.

View File

@ -29,7 +29,7 @@ NixOS provides two ways to select the outputs to install for packages listed in
`nix-env` lacks an easy way to select the outputs to install. When installing a package, `nix-env` always installs the outputs listed in `meta.outputsToInstall`, even when the user explicitly selects an output. `nix-env` lacks an easy way to select the outputs to install. When installing a package, `nix-env` always installs the outputs listed in `meta.outputsToInstall`, even when the user explicitly selects an output.
::: {.warning} ::: {.warning}
`nix-env` silenty disregards the outputs selected by the user, and instead installs the outputs from `meta.outputsToInstall`. For example, `nix-env` silently disregards the outputs selected by the user, and instead installs the outputs from `meta.outputsToInstall`. For example,
```ShellSession ```ShellSession
$ nix-env -iA nixpkgs.coreutils.info $ nix-env -iA nixpkgs.coreutils.info

View File

@ -719,11 +719,11 @@ If set, libraries and executables are not stripped. By default, they are.
##### `dontStripHost` {#var-stdenv-dontStripHost} ##### `dontStripHost` {#var-stdenv-dontStripHost}
Like `dontStrip`, but only affects the `strip` command targetting the packages host platform. Useful when supporting cross compilation, but otherwise feel free to ignore. Like `dontStrip`, but only affects the `strip` command targeting the packages host platform. Useful when supporting cross compilation, but otherwise feel free to ignore.
##### `dontStripTarget` {#var-stdenv-dontStripTarget} ##### `dontStripTarget` {#var-stdenv-dontStripTarget}
Like `dontStrip`, but only affects the `strip` command targetting the packages target platform. Useful when supporting cross compilation, but otherwise feel free to ignore. Like `dontStrip`, but only affects the `strip` command targeting the packages target platform. Useful when supporting cross compilation, but otherwise feel free to ignore.
##### `dontMoveSbin` {#var-stdenv-dontMoveSbin} ##### `dontMoveSbin` {#var-stdenv-dontMoveSbin}

View File

@ -757,7 +757,7 @@ rec {
matchAttrs :: AttrSet -> AttrSet -> Bool matchAttrs :: AttrSet -> AttrSet -> Bool
*/ */
matchAttrs = matchAttrs =
# Attribute set strucutre to match # Attribute set structure to match
pattern: pattern:
# Attribute set to find patterns in # Attribute set to find patterns in
attrs: attrs:

View File

@ -17,7 +17,7 @@ in
situations below. situations below.
For illustration and/or testing, we define derivation such that its For illustration and/or testing, we define derivation such that its
evaluation is very noticable. evaluation is very noticeable.
let derivation = throw "This won't be evaluated."; let derivation = throw "This won't be evaluated.";

View File

@ -479,7 +479,7 @@ rec {
) (lib.functionArgs f); ) (lib.functionArgs f);
# Note: we append in the opposite order such that we can add an error # Note: we append in the opposite order such that we can add an error
# context on the explicited arguments of "args" too. This update # context on the explicit arguments of "args" too. This update
# operator is used to make the "args@{ ... }: with args.lib;" notation # operator is used to make the "args@{ ... }: with args.lib;" notation
# works. # works.
in f (args // extraArgs) in f (args // extraArgs)

View File

@ -185,7 +185,7 @@ rec {
*/ */
makeBinPath = makeSearchPathOutput "bin" "bin"; makeBinPath = makeSearchPathOutput "bin" "bin";
/* Normalize path, removing extranous /s /* Normalize path, removing extraneous /s
Type: normalizePath :: string -> string Type: normalizePath :: string -> string
@ -330,7 +330,7 @@ rec {
*/ */
escape = list: replaceStrings list (map (c: "\\${c}") list); escape = list: replaceStrings list (map (c: "\\${c}") list);
/* Escape occurence of the element of `list` in `string` by /* Escape occurrence of the element of `list` in `string` by
converting to its ASCII value and prefixing it with \\x. converting to its ASCII value and prefixing it with \\x.
Only works for printable ascii characters. Only works for printable ascii characters.

View File

@ -67,7 +67,7 @@ rec {
# #
# Note: # Note:
# #
# - The succesors of `skylake` (`cannonlake`, `icelake`, etc) use `avx512` # - The successors of `skylake` (`cannonlake`, `icelake`, etc) use `avx512`
# which no current AMD Zen michroarch support. # which no current AMD Zen michroarch support.
# - `znver1` uses `ABM`, `CLZERO`, `CX16`, `MWAITX`, and `SSE4A` which no # - `znver1` uses `ABM`, `CLZERO`, `CX16`, `MWAITX`, and `SSE4A` which no
# current Intel microarch support. # current Intel microarch support.

View File

@ -20,7 +20,7 @@ rec {
# necessary. # necessary.
# #
# `parsed` is inferred from args, both because there are two options with one # `parsed` is inferred from args, both because there are two options with one
# clearly prefered, and to prevent cycles. A simpler fixed point where the RHS # clearly preferred, and to prevent cycles. A simpler fixed point where the RHS
# always just used `final.*` would fail on both counts. # always just used `final.*` would fail on both counts.
elaborate = args': let elaborate = args': let
args = if lib.isString args' then { system = args'; } args = if lib.isString args' then { system = args'; }
@ -62,7 +62,7 @@ rec {
linker = linker =
/**/ if final.useLLVM or false then "lld" /**/ if final.useLLVM or false then "lld"
else if final.isDarwin then "cctools" else if final.isDarwin then "cctools"
# "bfd" and "gold" both come from GNU binutils. The existance of Gold # "bfd" and "gold" both come from GNU binutils. The existence of Gold
# is why we use the more obscure "bfd" and not "binutils" for this # is why we use the more obscure "bfd" and not "binutils" for this
# choice. # choice.
else "bfd"; else "bfd";

View File

@ -1,6 +1,6 @@
# See [RFC 46] for mandated platform support and ../../pkgs/stdenv for # See [RFC 46] for mandated platform support and ../../pkgs/stdenv for
# implemented platform support. This list is mainly descriptive, i.e. all # implemented platform support. This list is mainly descriptive, i.e. all
# system doubles for platforms where nixpkgs can do native compiliation # system doubles for platforms where nixpkgs can do native compilation
# reasonably well are included. # reasonably well are included.
# #
# [RFC 46]: https://github.com/NixOS/rfcs/blob/master/rfcs/0046-platform-support-tiers.md # [RFC 46]: https://github.com/NixOS/rfcs/blob/master/rfcs/0046-platform-support-tiers.md

View File

@ -246,7 +246,7 @@ checkConfigError 'A definition for option .* is not of type .*' \
## Freeform modules ## Freeform modules
# Assigning without a declared option should work # Assigning without a declared option should work
checkConfigOutput '^"24"$' config.value ./freeform-attrsOf.nix ./define-value-string.nix checkConfigOutput '^"24"$' config.value ./freeform-attrsOf.nix ./define-value-string.nix
# No freeform assigments shouldn't make it error # No freeform assignments shouldn't make it error
checkConfigOutput '^{ }$' config ./freeform-attrsOf.nix checkConfigOutput '^{ }$' config ./freeform-attrsOf.nix
# but only if the type matches # but only if the type matches
checkConfigError 'A definition for option .* is not of type .*' config.value ./freeform-attrsOf.nix ./define-value-list.nix checkConfigError 'A definition for option .* is not of type .*' config.value ./freeform-attrsOf.nix ./define-value-list.nix

View File

@ -7,7 +7,7 @@ This includes a hardened kernel, and limiting the system information
available to processes through the `/sys` and available to processes through the `/sys` and
`/proc` filesystems. It also disables the User Namespaces `/proc` filesystems. It also disables the User Namespaces
feature of the kernel, which stops Nix from being able to build anything feature of the kernel, which stops Nix from being able to build anything
(this particular setting can be overriden via (this particular setting can be overridden via
[](#opt-security.allowUserNamespaces)). See the [](#opt-security.allowUserNamespaces)). See the
[profile source](https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix) [profile source](https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix)
for further detail on which settings are altered. for further detail on which settings are altered.

View File

@ -34,7 +34,7 @@ read which is set to `dry-activate` when a dry activation is done.
An activation script can write to special files instructing An activation script can write to special files instructing
`switch-to-configuration` to restart/reload units. The script will take these `switch-to-configuration` to restart/reload units. The script will take these
requests into account and will incorperate the unit configuration as described requests into account and will incorporate the unit configuration as described
above. This means that the activation script will "fake" a modified unit file above. This means that the activation script will "fake" a modified unit file
and `switch-to-configuration` will act accordingly. By doing so, configuration and `switch-to-configuration` will act accordingly. By doing so, configuration
like [systemd.services.\<name\>.restartIfChanged](#opt-systemd.services) is like [systemd.services.\<name\>.restartIfChanged](#opt-systemd.services) is
@ -49,7 +49,7 @@ dry activation being `/run/nixos/dry-activation-restart-list` and
`/run/nixos/dry-activation-reload-list`. Those files can contain `/run/nixos/dry-activation-reload-list`. Those files can contain
newline-separated lists of unit names where duplicates are being ignored. These newline-separated lists of unit names where duplicates are being ignored. These
files are not create automatically and activation scripts must take the files are not create automatically and activation scripts must take the
possiblility into account that they have to create them first. possibility into account that they have to create them first.
## NixOS snippets {#sec-activation-script-nixos-snippets} ## NixOS snippets {#sec-activation-script-nixos-snippets}

View File

@ -345,7 +345,7 @@ that are handled like a separate module.
It takes a parameter *`o`*, that should be a set, or a function returning It takes a parameter *`o`*, that should be a set, or a function returning
a set with an `options` key defining the sub-options. Submodule option a set with an `options` key defining the sub-options. Submodule option
definitions are type-checked accordingly to the `options` declarations. definitions are type-checked accordingly to the `options` declarations.
Of course, you can nest submodule option definitons for even higher Of course, you can nest submodule option definitions for even higher
modularity. modularity.
The option set can be defined directly The option set can be defined directly

View File

@ -298,7 +298,7 @@ The following methods are available on machine objects:
: Wait until the supplied regular expressions match a line of the : Wait until the supplied regular expressions match a line of the
serial console output. This method is useful when OCR is not serial console output. This method is useful when OCR is not
possibile or accurate enough. possible or accurate enough.
`wait_for_window` `wait_for_window`
@ -351,7 +351,7 @@ This applies to `systemctl`, `get_unit_info`, `wait_for_unit`,
`start_job` and `stop_job`. `start_job` and `stop_job`.
For faster dev cycles it\'s also possible to disable the code-linters For faster dev cycles it\'s also possible to disable the code-linters
(this shouldn\'t be commited though): (this shouldn\'t be committed though):
```nix ```nix
{ {

View File

@ -9,7 +9,7 @@
available to processes through the <literal>/sys</literal> and available to processes through the <literal>/sys</literal> and
<literal>/proc</literal> filesystems. It also disables the User <literal>/proc</literal> filesystems. It also disables the User
Namespaces feature of the kernel, which stops Nix from being able to Namespaces feature of the kernel, which stops Nix from being able to
build anything (this particular setting can be overriden via build anything (this particular setting can be overridden via
<xref linkend="opt-security.allowUserNamespaces" />). See the <xref linkend="opt-security.allowUserNamespaces" />). See the
<link xlink:href="https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix">profile <link xlink:href="https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix">profile
source</link> for further detail on which settings are altered. source</link> for further detail on which settings are altered.

View File

@ -45,7 +45,7 @@ system.activationScripts.my-activation-script = {
An activation script can write to special files instructing An activation script can write to special files instructing
<literal>switch-to-configuration</literal> to restart/reload units. <literal>switch-to-configuration</literal> to restart/reload units.
The script will take these requests into account and will The script will take these requests into account and will
incorperate the unit configuration as described above. This means incorporate the unit configuration as described above. This means
that the activation script will <quote>fake</quote> a modified unit that the activation script will <quote>fake</quote> a modified unit
file and <literal>switch-to-configuration</literal> will act file and <literal>switch-to-configuration</literal> will act
accordingly. By doing so, configuration like accordingly. By doing so, configuration like
@ -66,7 +66,7 @@ system.activationScripts.my-activation-script = {
<literal>/run/nixos/dry-activation-reload-list</literal>. Those <literal>/run/nixos/dry-activation-reload-list</literal>. Those
files can contain newline-separated lists of unit names where files can contain newline-separated lists of unit names where
duplicates are being ignored. These files are not create duplicates are being ignored. These files are not create
automatically and activation scripts must take the possiblility into automatically and activation scripts must take the possibility into
account that they have to create them first. account that they have to create them first.
</para> </para>
<section xml:id="sec-activation-script-nixos-snippets"> <section xml:id="sec-activation-script-nixos-snippets">

View File

@ -712,7 +712,7 @@
<literal>options</literal> key defining the sub-options. Submodule <literal>options</literal> key defining the sub-options. Submodule
option definitions are type-checked accordingly to the option definitions are type-checked accordingly to the
<literal>options</literal> declarations. Of course, you can nest <literal>options</literal> declarations. Of course, you can nest
submodule option definitons for even higher modularity. submodule option definitions for even higher modularity.
</para> </para>
<para> <para>
The option set can be defined directly The option set can be defined directly

View File

@ -536,7 +536,7 @@ start_all()
<para> <para>
Wait until the supplied regular expressions match a line of Wait until the supplied regular expressions match a line of
the serial console output. This method is useful when OCR is the serial console output. This method is useful when OCR is
not possibile or accurate enough. not possible or accurate enough.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -631,7 +631,7 @@ machine.wait_for_unit(&quot;xautolock.service&quot;, &quot;x-session-user&quot;)
</para> </para>
<para> <para>
For faster dev cycles it's also possible to disable the For faster dev cycles it's also possible to disable the
code-linters (this shouldn't be commited though): code-linters (this shouldn't be committed though):
</para> </para>
<programlisting language="bash"> <programlisting language="bash">
{ {

View File

@ -24,7 +24,7 @@
</itemizedlist> </itemizedlist>
<para> <para>
System images, such as the live installer ones, know how to enforce System images, such as the live installer ones, know how to enforce
configuration settings on wich they immediately depend in order to configuration settings on which they immediately depend in order to
work correctly. work correctly.
</para> </para>
<para> <para>
@ -102,7 +102,7 @@ $ nix-build -A config.system.build.isoImage -I nixos-config=modules/installer/cd
it needs at a minimum for correct functioning, while the installer it needs at a minimum for correct functioning, while the installer
base image overrides the entire file system layout because there base image overrides the entire file system layout because there
cant be any other guarantees on a live medium than those given by cant be any other guarantees on a live medium than those given by
the live medium itself. The latter is especially true befor the live medium itself. The latter is especially true before
formatting the target block device(s). On the other hand, the formatting the target block device(s). On the other hand, the
netboot iso only overrides its minimum dependencies since netboot netboot iso only overrides its minimum dependencies since netboot
images are always made-to-target. images are always made-to-target.

View File

@ -223,7 +223,7 @@ $ sudo `which nixos-generate-config`
<para> <para>
You'll likely want to set a root password for your first boot You'll likely want to set a root password for your first boot
using the configuration files because you won't have a chance to using the configuration files because you won't have a chance to
enter a password until after you reboot. You can initalize the enter a password until after you reboot. You can initialize the
root password to an empty one with this line: (and of course root password to an empty one with this line: (and of course
don't forget to set one once you've rebooted or to lock the don't forget to set one once you've rebooted or to lock the
account with <literal>sudo passwd -l root</literal> if you use account with <literal>sudo passwd -l root</literal> if you use

View File

@ -1,4 +1,4 @@
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-instaling-virtualbox-guest"> <section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-installing-virtualbox-guest">
<title>Installing in a VirtualBox guest</title> <title>Installing in a VirtualBox guest</title>
<para> <para>
Installing NixOS into a VirtualBox guest is convenient for users who Installing NixOS into a VirtualBox guest is convenient for users who

View File

@ -256,7 +256,7 @@ $ sudo -i
</para> </para>
<para> <para>
On the minimal installer, NetworkManager is not available, so On the minimal installer, NetworkManager is not available, so
configuration must be perfomed manually. To configure the wifi, configuration must be performed manually. To configure the wifi,
first start wpa_supplicant with first start wpa_supplicant with
<literal>sudo systemctl start wpa_supplicant</literal>, then run <literal>sudo systemctl start wpa_supplicant</literal>, then run
<literal>wpa_cli</literal>. For most home networks, you need to <literal>wpa_cli</literal>. For most home networks, you need to

View File

@ -545,7 +545,7 @@ nginx.override {
<literal>services.udev.extraRules</literal> option now writes <literal>services.udev.extraRules</literal> option now writes
rules to <literal>99-local.rules</literal> instead of rules to <literal>99-local.rules</literal> instead of
<literal>10-local.rules</literal>. This makes all the user rules <literal>10-local.rules</literal>. This makes all the user rules
apply after others, so their results wouldn't be overriden by apply after others, so their results wouldn't be overridden by
anything else. anything else.
</para> </para>
</listitem> </listitem>

View File

@ -666,7 +666,7 @@ rmdir /var/lib/ipfs/.ipfs
<listitem> <listitem>
<para> <para>
<literal>services.firefox.syncserver</literal> now runs by <literal>services.firefox.syncserver</literal> now runs by
default as a non-root user. To accomodate this change, the default as a non-root user. To accommodate this change, the
default sqlite database location has also been changed. default sqlite database location has also been changed.
Migration should work automatically. Refer to the description Migration should work automatically. Refer to the description
of the options for more details. of the options for more details.

View File

@ -271,7 +271,7 @@
<listitem> <listitem>
<para> <para>
The versioned <literal>postgresql</literal> have been renamed The versioned <literal>postgresql</literal> have been renamed
to use underscore number seperators. For example, to use underscore number separators. For example,
<literal>postgresql96</literal> has been renamed to <literal>postgresql96</literal> has been renamed to
<literal>postgresql_9_6</literal>. <literal>postgresql_9_6</literal>.
</para> </para>

View File

@ -498,7 +498,7 @@
<listitem> <listitem>
<para> <para>
The <literal>prometheus-nginx-exporter</literal> package now The <literal>prometheus-nginx-exporter</literal> package now
uses the offical exporter provided by NGINX Inc. Its metrics uses the official exporter provided by NGINX Inc. Its metrics
are differently structured and are incompatible to the old are differently structured and are incompatible to the old
ones. For information about the metrics, have a look at the ones. For information about the metrics, have a look at the
<link xlink:href="https://github.com/nginxinc/nginx-prometheus-exporter">official <link xlink:href="https://github.com/nginxinc/nginx-prometheus-exporter">official
@ -524,7 +524,7 @@
<para> <para>
By default, prometheus exporters are now run with By default, prometheus exporters are now run with
<literal>DynamicUser</literal> enabled. Exporters that need a <literal>DynamicUser</literal> enabled. Exporters that need a
real user, now run under a seperate user and group which real user, now run under a separate user and group which
follow the pattern follow the pattern
<literal>&lt;exporter-name&gt;-exporter</literal>, instead of <literal>&lt;exporter-name&gt;-exporter</literal>, instead of
the previous default <literal>nobody</literal> and the previous default <literal>nobody</literal> and

View File

@ -1304,7 +1304,7 @@ self: super:
<listitem> <listitem>
<para> <para>
In the ACME module, the data used to build the hash for the In the ACME module, the data used to build the hash for the
account directory has changed to accomodate new features to account directory has changed to accommodate new features to
reduce account rate limit issues. This will trigger new reduce account rate limit issues. This will trigger new
account creation on the first rebuild following this update. account creation on the first rebuild following this update.
No issues are expected to arise from this, thanks to the new No issues are expected to arise from this, thanks to the new

View File

@ -328,7 +328,7 @@
<listitem> <listitem>
<para> <para>
<link xlink:href="https://maddy.email/">Maddy</link>, a free <link xlink:href="https://maddy.email/">Maddy</link>, a free
an open source mail server. Availabe as an open source mail server. Available as
<link linkend="opt-services.maddy.enable">services.maddy</link>. <link linkend="opt-services.maddy.enable">services.maddy</link>.
</para> </para>
</listitem> </listitem>
@ -1422,7 +1422,7 @@
derivation if <literal>name</literal> is derivation if <literal>name</literal> is
<literal>&quot;vim&quot;</literal> (the default). This <literal>&quot;vim&quot;</literal> (the default). This
makes the <literal>wrapManual</literal> argument obsolete, makes the <literal>wrapManual</literal> argument obsolete,
but this behavior can be overriden by setting the but this behavior can be overridden by setting the
<literal>standalone</literal> argument. <literal>standalone</literal> argument.
</para> </para>
</listitem> </listitem>

View File

@ -1280,9 +1280,9 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
Option descriptions, examples, and defaults writting in Option descriptions, examples, and defaults writing in DocBook
DocBook are now deprecated. Using CommonMark is preferred and are now deprecated. Using CommonMark is preferred and will
will become the default in a future release. become the default in a future release.
</para> </para>
</listitem> </listitem>
<listitem> <listitem>

View File

@ -114,8 +114,8 @@
<link linkend="opt-services.snapserver.openFirewall">services.snapserver.openFirewall</link> <link linkend="opt-services.snapserver.openFirewall">services.snapserver.openFirewall</link>
module option default value has been changed from module option default value has been changed from
<literal>true</literal> to <literal>false</literal>. You will <literal>true</literal> to <literal>false</literal>. You will
need to explicitely set this option to need to explicitly set this option to <literal>true</literal>,
<literal>true</literal>, or configure your firewall. or configure your firewall.
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -124,8 +124,8 @@
<link linkend="opt-services.tmate-ssh-server.openFirewall">services.tmate-ssh-server.openFirewall</link> <link linkend="opt-services.tmate-ssh-server.openFirewall">services.tmate-ssh-server.openFirewall</link>
module option default value has been changed from module option default value has been changed from
<literal>true</literal> to <literal>false</literal>. You will <literal>true</literal> to <literal>false</literal>. You will
need to explicitely set this option to need to explicitly set this option to <literal>true</literal>,
<literal>true</literal>, or configure your firewall. or configure your firewall.
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -134,8 +134,8 @@
<link linkend="opt-services.unifi-video.openFirewall">services.unifi-video.openFirewall</link> <link linkend="opt-services.unifi-video.openFirewall">services.unifi-video.openFirewall</link>
module option default value has been changed from module option default value has been changed from
<literal>true</literal> to <literal>false</literal>. You will <literal>true</literal> to <literal>false</literal>. You will
need to explicitely set this option to need to explicitly set this option to <literal>true</literal>,
<literal>true</literal>, or configure your firewall. or configure your firewall.
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -268,6 +268,14 @@
dynamically. dynamically.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Enabling global redirect in
<literal>services.nginx.virtualHosts</literal> now allows one
to add exceptions with the <literal>locations</literal>
option.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
Resilio sync secret keys can now be provided using a secrets Resilio sync secret keys can now be provided using a secrets

View File

@ -9,7 +9,7 @@ You have two options:
- Combine them with (any of) your host config(s) - Combine them with (any of) your host config(s)
System images, such as the live installer ones, know how to enforce configuration settings System images, such as the live installer ones, know how to enforce configuration settings
on wich they immediately depend in order to work correctly. on which they immediately depend in order to work correctly.
However, if you are confident, you can opt to override those However, if you are confident, you can opt to override those
enforced values with `mkForce`. enforced values with `mkForce`.
@ -75,6 +75,6 @@ configuration values upon which the correct functioning of the image depends.
For example, the iso base image overrides those file systems which it needs at a minimum For example, the iso base image overrides those file systems which it needs at a minimum
for correct functioning, while the installer base image overrides the entire file system for correct functioning, while the installer base image overrides the entire file system
layout because there can't be any other guarantees on a live medium than those given layout because there can't be any other guarantees on a live medium than those given
by the live medium itself. The latter is especially true befor formatting the target by the live medium itself. The latter is especially true before formatting the target
block device(s). On the other hand, the netboot iso only overrides its minimum dependencies block device(s). On the other hand, the netboot iso only overrides its minimum dependencies
since netboot images are always made-to-target. since netboot images are always made-to-target.

View File

@ -158,7 +158,7 @@ The first steps to all these are the same:
You\'ll likely want to set a root password for your first boot using You\'ll likely want to set a root password for your first boot using
the configuration files because you won\'t have a chance to enter a the configuration files because you won\'t have a chance to enter a
password until after you reboot. You can initalize the root password password until after you reboot. You can initialize the root password
to an empty one with this line: (and of course don\'t forget to set to an empty one with this line: (and of course don\'t forget to set
one once you\'ve rebooted or to lock the account with one once you\'ve rebooted or to lock the account with
`sudo passwd -l root` if you use `sudo`) `sudo passwd -l root` if you use `sudo`)

View File

@ -1,4 +1,4 @@
# Installing in a VirtualBox guest {#sec-instaling-virtualbox-guest} # Installing in a VirtualBox guest {#sec-installing-virtualbox-guest}
Installing NixOS into a VirtualBox guest is convenient for users who Installing NixOS into a VirtualBox guest is convenient for users who
want to try NixOS without installing it on bare metal. If you want to want to try NixOS without installing it on bare metal. If you want to

View File

@ -162,7 +162,7 @@ network manually, disable NetworkManager with
`systemctl stop NetworkManager`. `systemctl stop NetworkManager`.
On the minimal installer, NetworkManager is not available, so On the minimal installer, NetworkManager is not available, so
configuration must be perfomed manually. To configure the wifi, first configuration must be performed manually. To configure the wifi, first
start wpa_supplicant with `sudo systemctl start wpa_supplicant`, then start wpa_supplicant with `sudo systemctl start wpa_supplicant`, then
run `wpa_cli`. For most home networks, you need to type in the following run `wpa_cli`. For most home networks, you need to type in the following
commands: commands:

View File

@ -202,7 +202,7 @@ When upgrading from a previous release, please be aware of the following incompa
} }
``` ```
- `services.udev.extraRules` option now writes rules to `99-local.rules` instead of `10-local.rules`. This makes all the user rules apply after others, so their results wouldn\'t be overriden by anything else. - `services.udev.extraRules` option now writes rules to `99-local.rules` instead of `10-local.rules`. This makes all the user rules apply after others, so their results wouldn\'t be overridden by anything else.
- Large parts of the `services.gitlab` module has been been rewritten. There are new configuration options available. The `stateDir` option was renamned to `statePath` and the `satellitesDir` option was removed. Please review the currently available options. - Large parts of the `services.gitlab` module has been been rewritten. There are new configuration options available. The `stateDir` option was renamned to `statePath` and the `satellitesDir` option was removed. Please review the currently available options.

View File

@ -238,7 +238,7 @@ When upgrading from a previous release, please be aware of the following incompa
- `cc-wrapper`\'s setup-hook now exports a number of environment variables corresponding to binutils binaries, (e.g. `LD`, `STRIP`, `RANLIB`, etc). This is done to prevent packages\' build systems guessing, which is harder to predict, especially when cross-compiling. However, some packages have broken due to this---their build systems either not supporting, or claiming to support without adequate testing, taking such environment variables as parameters. - `cc-wrapper`\'s setup-hook now exports a number of environment variables corresponding to binutils binaries, (e.g. `LD`, `STRIP`, `RANLIB`, etc). This is done to prevent packages\' build systems guessing, which is harder to predict, especially when cross-compiling. However, some packages have broken due to this---their build systems either not supporting, or claiming to support without adequate testing, taking such environment variables as parameters.
- `services.firefox.syncserver` now runs by default as a non-root user. To accomodate this change, the default sqlite database location has also been changed. Migration should work automatically. Refer to the description of the options for more details. - `services.firefox.syncserver` now runs by default as a non-root user. To accommodate this change, the default sqlite database location has also been changed. Migration should work automatically. Refer to the description of the options for more details.
- The `compiz` window manager and package was removed. The system support had been broken for several years. - The `compiz` window manager and package was removed. The system support had been broken for several years.

View File

@ -73,7 +73,7 @@ When upgrading from a previous release, please be aware of the following incompa
- OpenSMTPD has been upgraded to version 6.4.0p1. This release makes backwards-incompatible changes to the configuration file format. See `man smtpd.conf` for more information on the new file format. - OpenSMTPD has been upgraded to version 6.4.0p1. This release makes backwards-incompatible changes to the configuration file format. See `man smtpd.conf` for more information on the new file format.
- The versioned `postgresql` have been renamed to use underscore number seperators. For example, `postgresql96` has been renamed to `postgresql_9_6`. - The versioned `postgresql` have been renamed to use underscore number separators. For example, `postgresql96` has been renamed to `postgresql_9_6`.
- Package `consul-ui` and passthrough `consul.ui` have been removed. The package `consul` now uses upstream releases that vendor the UI into the binary. See [\#48714](https://github.com/NixOS/nixpkgs/pull/48714#issuecomment-433454834) for details. - Package `consul-ui` and passthrough `consul.ui` have been removed. The package `consul` now uses upstream releases that vendor the UI into the binary. See [\#48714](https://github.com/NixOS/nixpkgs/pull/48714#issuecomment-433454834) for details.

View File

@ -154,13 +154,13 @@ When upgrading from a previous release, please be aware of the following incompa
- The setopt declarations will be evaluated at the end of `/etc/zshrc`, so any code in [programs.zsh.interactiveShellInit](options.html#opt-programs.zsh.interactiveShellInit), [programs.zsh.loginShellInit](options.html#opt-programs.zsh.loginShellInit) and [programs.zsh.promptInit](options.html#opt-programs.zsh.promptInit) may break if it relies on those options being set. - The setopt declarations will be evaluated at the end of `/etc/zshrc`, so any code in [programs.zsh.interactiveShellInit](options.html#opt-programs.zsh.interactiveShellInit), [programs.zsh.loginShellInit](options.html#opt-programs.zsh.loginShellInit) and [programs.zsh.promptInit](options.html#opt-programs.zsh.promptInit) may break if it relies on those options being set.
- The `prometheus-nginx-exporter` package now uses the offical exporter provided by NGINX Inc. Its metrics are differently structured and are incompatible to the old ones. For information about the metrics, have a look at the [official repo](https://github.com/nginxinc/nginx-prometheus-exporter). - The `prometheus-nginx-exporter` package now uses the official exporter provided by NGINX Inc. Its metrics are differently structured and are incompatible to the old ones. For information about the metrics, have a look at the [official repo](https://github.com/nginxinc/nginx-prometheus-exporter).
- The `shibboleth-sp` package has been updated to version 3. It is largely backward compatible, for further information refer to the [release notes](https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes) and [upgrade guide](https://wiki.shibboleth.net/confluence/display/SP3/UpgradingFromV2). - The `shibboleth-sp` package has been updated to version 3. It is largely backward compatible, for further information refer to the [release notes](https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes) and [upgrade guide](https://wiki.shibboleth.net/confluence/display/SP3/UpgradingFromV2).
Nodejs 8 is scheduled EOL under the lifetime of 19.09 and has been dropped. Nodejs 8 is scheduled EOL under the lifetime of 19.09 and has been dropped.
- By default, prometheus exporters are now run with `DynamicUser` enabled. Exporters that need a real user, now run under a seperate user and group which follow the pattern `<exporter-name>-exporter`, instead of the previous default `nobody` and `nogroup`. Only some exporters are affected by the latter, namely the exporters `dovecot`, `node`, `postfix` and `varnish`. - By default, prometheus exporters are now run with `DynamicUser` enabled. Exporters that need a real user, now run under a separate user and group which follow the pattern `<exporter-name>-exporter`, instead of the previous default `nobody` and `nogroup`. Only some exporters are affected by the latter, namely the exporters `dovecot`, `node`, `postfix` and `varnish`.
- The `ibus-qt` package is not installed by default anymore when [i18n.inputMethod.enabled](options.html#opt-i18n.inputMethod.enabled) is set to `ibus`. If IBus support in Qt 4.x applications is required, add the `ibus-qt` package to your [environment.systemPackages](options.html#opt-environment.systemPackages) manually. - The `ibus-qt` package is not installed by default anymore when [i18n.inputMethod.enabled](options.html#opt-i18n.inputMethod.enabled) is set to `ibus`. If IBus support in Qt 4.x applications is required, add the `ibus-qt` package to your [environment.systemPackages](options.html#opt-environment.systemPackages) manually.

View File

@ -369,7 +369,7 @@ When upgrading from a previous release, please be aware of the following incompa
- The zookeeper package does not provide `zooInspector.sh` anymore, as that \"contrib\" has been dropped from upstream releases. - The zookeeper package does not provide `zooInspector.sh` anymore, as that \"contrib\" has been dropped from upstream releases.
- In the ACME module, the data used to build the hash for the account directory has changed to accomodate new features to reduce account rate limit issues. This will trigger new account creation on the first rebuild following this update. No issues are expected to arise from this, thanks to the new account creation handling. - In the ACME module, the data used to build the hash for the account directory has changed to accommodate new features to reduce account rate limit issues. This will trigger new account creation on the first rebuild following this update. No issues are expected to arise from this, thanks to the new account creation handling.
- [users.users._name_.createHome](options.html#opt-users.users._name_.createHome) now always ensures home directory permissions to be `0700`. Permissions had previously been ignored for already existing home directories, possibly leaving them readable by others. The option\'s description was incorrect regarding ownership management and has been simplified greatly. - [users.users._name_.createHome](options.html#opt-users.users._name_.createHome) now always ensures home directory permissions to be `0700`. Permissions had previously been ignored for already existing home directories, possibly leaving them readable by others. The option\'s description was incorrect regarding ownership management and has been simplified greatly.

View File

@ -107,7 +107,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- [kanidm](https://kanidm.github.io/kanidm/stable/), an identity management server written in Rust. Available as [services.kanidm](#opt-services.kanidm.enableServer) - [kanidm](https://kanidm.github.io/kanidm/stable/), an identity management server written in Rust. Available as [services.kanidm](#opt-services.kanidm.enableServer)
- [Maddy](https://maddy.email/), a free an open source mail server. Availabe as [services.maddy](#opt-services.maddy.enable). - [Maddy](https://maddy.email/), a free an open source mail server. Available as [services.maddy](#opt-services.maddy.enable).
- [matrix-conduit](https://conduit.rs/), a simple, fast and reliable chat server powered by matrix. Available as [services.matrix-conduit](option.html#opt-services.matrix-conduit.enable). - [matrix-conduit](https://conduit.rs/), a simple, fast and reliable chat server powered by matrix. Available as [services.matrix-conduit](option.html#opt-services.matrix-conduit.enable).
@ -562,7 +562,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- `pkgs._7zz` is now correctly licensed as LGPL3+ and BSD3 with optional unfree unRAR licensed code - `pkgs._7zz` is now correctly licensed as LGPL3+ and BSD3 with optional unfree unRAR licensed code
- The `vim.customize` function produced by `vimUtils.makeCustomizable` now has a slightly different interface: - The `vim.customize` function produced by `vimUtils.makeCustomizable` now has a slightly different interface:
* The wrapper now includes everything in the given Vim derivation if `name` is `"vim"` (the default). This makes the `wrapManual` argument obsolete, but this behavior can be overriden by setting the `standalone` argument. * The wrapper now includes everything in the given Vim derivation if `name` is `"vim"` (the default). This makes the `wrapManual` argument obsolete, but this behavior can be overridden by setting the `standalone` argument.
* All the executables present in the given derivation (or, in `standalone` mode, only the `*vim` ones) are wrapped. This makes the `wrapGui` argument obsolete. * All the executables present in the given derivation (or, in `standalone` mode, only the `*vim` ones) are wrapped. This makes the `wrapGui` argument obsolete.
* The `vimExecutableName` and `gvimExecutableName` arguments were replaced by a single `executableName` argument in which the shell variable `$exe` can be used to refer to the wrapped executable's name. * The `vimExecutableName` and `gvimExecutableName` arguments were replaced by a single `executableName` argument in which the shell variable `$exe` can be used to refer to the wrapped executable's name.

View File

@ -385,7 +385,7 @@ In addition to numerous new and upgraded packages, this release includes the fol
- memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2. It is now the upstream version from https://www.memtest.org/, as coreboot's fork is no longer available. - memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2. It is now the upstream version from https://www.memtest.org/, as coreboot's fork is no longer available.
- Option descriptions, examples, and defaults writting in DocBook are now deprecated. Using CommonMark is preferred and will become the default in a future release. - Option descriptions, examples, and defaults writing in DocBook are now deprecated. Using CommonMark is preferred and will become the default in a future release.
- The `documentation.nixos.options.allowDocBook` option was added to ease the transition to CommonMark option documentation. Setting this option to `false` causes an error for every option included in the manual that uses DocBook documentation; it defaults to `true` to preserve the previous behavior and will be removed once the transition to CommonMark is complete. - The `documentation.nixos.options.allowDocBook` option was added to ease the transition to CommonMark option documentation. Setting this option to `false` causes an error for every option included in the manual that uses DocBook documentation; it defaults to `true` to preserve the previous behavior and will be removed once the transition to CommonMark is complete.

View File

@ -37,11 +37,11 @@ In addition to numerous new and upgraded packages, this release has the followin
- `services.sourcehut.dispatch` and the corresponding package (`sourcehut.dispatchsrht`) have been removed due to [upstream deprecation](https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/). - `services.sourcehut.dispatch` and the corresponding package (`sourcehut.dispatchsrht`) have been removed due to [upstream deprecation](https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/).
- The [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall. - The [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall.
- The [services.tmate-ssh-server.openFirewall](#opt-services.tmate-ssh-server.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall. - The [services.tmate-ssh-server.openFirewall](#opt-services.tmate-ssh-server.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall.
- The [services.unifi-video.openFirewall](#opt-services.unifi-video.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall. - The [services.unifi-video.openFirewall](#opt-services.unifi-video.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall.
- The EC2 image module previously detected and automatically mounted ext3-formatted instance store devices and partitions in stage-1 (initramfs), storing `/tmp` on the first discovered device. This behaviour, which only catered to very specific use cases and could not be disabled, has been removed. Users relying on this should provide their own implementation, and probably use ext4 and perform the mount in stage-2. - The EC2 image module previously detected and automatically mounted ext3-formatted instance store devices and partitions in stage-1 (initramfs), storing `/tmp` on the first discovered device. This behaviour, which only catered to very specific use cases and could not be disabled, has been removed. Users relying on this should provide their own implementation, and probably use ext4 and perform the mount in stage-2.
@ -78,6 +78,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically. - The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically.
- Enabling global redirect in `services.nginx.virtualHosts` now allows one to add exceptions with the `locations` option.
- Resilio sync secret keys can now be provided using a secrets file at runtime, preventing these secrets from ending up in the Nix store. - Resilio sync secret keys can now be provided using a secrets file at runtime, preventing these secrets from ending up in the Nix store.
- The `services.fwupd` module now allows arbitrary daemon settings to be configured in a structured manner ([`services.fwupd.daemonSettings`](#opt-services.fwupd.daemonSettings)). - The `services.fwupd` module now allows arbitrary daemon settings to be configured in a structured manner ([`services.fwupd.daemonSettings`](#opt-services.fwupd.daemonSettings)).

View File

@ -19,7 +19,7 @@
{ pkgs { pkgs
, lib , lib
, options , options
, transformOptions ? lib.id # function for additional tranformations of the options , transformOptions ? lib.id # function for additional transformations of the options
, documentType ? "appendix" # TODO deprecate "appendix" in favor of "none" , documentType ? "appendix" # TODO deprecate "appendix" in favor of "none"
# and/or rename function to moduleOptionDoc for clean slate # and/or rename function to moduleOptionDoc for clean slate

View File

@ -8,7 +8,7 @@ let
# https://salsa.debian.org/debian/gnupg2/-/blob/debian/main/debian/scdaemon.udev # https://salsa.debian.org/debian/gnupg2/-/blob/debian/main/debian/scdaemon.udev
# the latest rev of the entire debian gnupg2 repo as of 2021-04-28 # the latest rev of the entire debian gnupg2 repo as of 2021-04-28
# the scdaemon.udev file was last commited on 2021-01-05 (7817a03): # the scdaemon.udev file was last committed on 2021-01-05 (7817a03):
scdaemonUdevRev = "01898735a015541e3ffb43c7245ac1e612f40836"; scdaemonUdevRev = "01898735a015541e3ffb43c7245ac1e612f40836";
scdaemonRules = pkgs.fetchurl { scdaemonRules = pkgs.fetchurl {

View File

@ -110,7 +110,7 @@ in
boot.extraModulePackages = [ kernelPackages.openrazer ]; boot.extraModulePackages = [ kernelPackages.openrazer ];
boot.kernelModules = drivers; boot.kernelModules = drivers;
# Makes the man pages available so you can succesfully run # Makes the man pages available so you can successfully run
# > systemctl --user help openrazer-daemon # > systemctl --user help openrazer-daemon
environment.systemPackages = [ pkgs.python3Packages.openrazer-daemon.man ]; environment.systemPackages = [ pkgs.python3Packages.openrazer-daemon.man ];

View File

@ -100,7 +100,7 @@ in {
default = {}; default = {};
description = lib.mdDoc '' description = lib.mdDoc ''
Sets PPD options for the printer. Sets PPD options for the printer.
{command}`lpoptions [-p printername] -l` shows suported PPD options for the given printer. {command}`lpoptions [-p printername] -l` shows supported PPD options for the given printer.
''; '';
}; };
}; };

View File

@ -81,7 +81,7 @@ let
# The configuration file for syslinux. # The configuration file for syslinux.
# Notes on syslinux configuration and UNetbootin compatiblity: # Notes on syslinux configuration and UNetbootin compatibility:
# * Do not use '/syslinux/syslinux.cfg' as the path for this # * Do not use '/syslinux/syslinux.cfg' as the path for this
# configuration. UNetbootin will not parse the file and use it as-is. # configuration. UNetbootin will not parse the file and use it as-is.
# This results in a broken configuration if the partition label does # This results in a broken configuration if the partition label does

View File

@ -27,7 +27,7 @@ in
variable (defaults to the value of variable (defaults to the value of
{option}`system.nixos.version`). {option}`system.nixos.version`).
Can be overriden by setting {env}`NIXOS_LABEL`. Can be overridden by setting {env}`NIXOS_LABEL`.
Useful for not loosing track of configurations built from different Useful for not loosing track of configurations built from different
nixos branches/revisions, e.g.: nixos branches/revisions, e.g.:

View File

@ -714,7 +714,7 @@ in {
default = false; default = false;
description = lib.mdDoc '' description = lib.mdDoc ''
Whether to use the root user when generating certs. This is not recommended Whether to use the root user when generating certs. This is not recommended
for security + compatiblity reasons. If a service requires root owned certificates for security + compatibility reasons. If a service requires root owned certificates
consider following the guide on "Using ACME with services demanding root consider following the guide on "Using ACME with services demanding root
owned certificates" in the NixOS manual, and only using this as a fallback owned certificates" in the NixOS manual, and only using this as a fallback
or for testing. or for testing.
@ -765,7 +765,7 @@ in {
To use the let's encrypt staging server, use security.acme.server = To use the let's encrypt staging server, use security.acme.server =
"https://acme-staging-v02.api.letsencrypt.org/directory". "https://acme-staging-v02.api.letsencrypt.org/directory".
'') '')
(mkRemovedOptionModule [ "security" "acme" "directory" ] "ACME Directory is now hardcoded to /var/lib/acme and its permisisons are managed by systemd. See https://github.com/NixOS/nixpkgs/issues/53852 for more info.") (mkRemovedOptionModule [ "security" "acme" "directory" ] "ACME Directory is now hardcoded to /var/lib/acme and its permissions are managed by systemd. See https://github.com/NixOS/nixpkgs/issues/53852 for more info.")
(mkRemovedOptionModule [ "security" "acme" "preDelay" ] "This option has been removed. If you want to make sure that something executes before certificates are provisioned, add a RequiredBy=acme-\${cert}.service to the service you want to execute before the cert renewal") (mkRemovedOptionModule [ "security" "acme" "preDelay" ] "This option has been removed. If you want to make sure that something executes before certificates are provisioned, add a RequiredBy=acme-\${cert}.service to the service you want to execute before the cert renewal")
(mkRemovedOptionModule [ "security" "acme" "activationDelay" ] "This option has been removed. If you want to make sure that something executes before certificates are provisioned, add a RequiredBy=acme-\${cert}.service to the service you want to execute before the cert renewal") (mkRemovedOptionModule [ "security" "acme" "activationDelay" ] "This option has been removed. If you want to make sure that something executes before certificates are provisioned, add a RequiredBy=acme-\${cert}.service to the service you want to execute before the cert renewal")
(mkChangedOptionModule [ "security" "acme" "validMin" ] [ "security" "acme" "defaults" "validMinDays" ] (config: config.security.acme.validMin / (24 * 3600))) (mkChangedOptionModule [ "security" "acme" "validMin" ] [ "security" "acme" "defaults" "validMinDays" ] (config: config.security.acme.validMin / (24 * 3600)))

View File

@ -202,7 +202,7 @@ in
# (indirectly read from /etc/apparmor.d/*, without recursing into sub-directory). # (indirectly read from /etc/apparmor.d/*, without recursing into sub-directory).
# Note that this does not remove profiles dynamically generated by libvirt. # Note that this does not remove profiles dynamically generated by libvirt.
[ "${pkgs.apparmor-utils}/bin/aa-remove-unknown" ] ++ [ "${pkgs.apparmor-utils}/bin/aa-remove-unknown" ] ++
# Optionaly kill the processes which are unconfined but now have a profile loaded # Optionally kill the processes which are unconfined but now have a profile loaded
# (because AppArmor can only start to confine new processes). # (because AppArmor can only start to confine new processes).
optional cfg.killUnconfinedConfinables killUnconfinedConfinables; optional cfg.killUnconfinedConfinables killUnconfinedConfinables;
ExecStop = "${pkgs.apparmor-utils}/bin/aa-teardown"; ExecStop = "${pkgs.apparmor-utils}/bin/aa-teardown";

View File

@ -282,7 +282,7 @@ let
defaultText = literalExpression "config.security.pam.mount.enable"; defaultText = literalExpression "config.security.pam.mount.enable";
type = types.bool; type = types.bool;
description = lib.mdDoc '' description = lib.mdDoc ''
Enable PAM mount (pam_mount) system to mount fileystems on user login. Enable PAM mount (pam_mount) system to mount filesystems on user login.
''; '';
}; };
@ -305,7 +305,7 @@ let
default = false; default = false;
type = types.bool; type = types.bool;
description = lib.mdDoc '' description = lib.mdDoc ''
Wheather the delay after typing a wrong password should be disabled. Whether the delay after typing a wrong password should be disabled.
''; '';
}; };

View File

@ -24,7 +24,7 @@ in
type = types.bool; type = types.bool;
default = false; default = false;
description = lib.mdDoc '' description = lib.mdDoc ''
Enable PAM mount system to mount fileystems on user login. Enable PAM mount system to mount filesystems on user login.
''; '';
}; };

View File

@ -202,7 +202,7 @@ in
internal = true; internal = true;
description = lib.mdDoc '' description = lib.mdDoc ''
This option defines the path to the wrapper programs. It This option defines the path to the wrapper programs. It
should not be overriden. should not be overridden.
''; '';
}; };
}; };

View File

@ -48,7 +48,7 @@ in {
hostname = mkOption { hostname = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
description = lib.mdDoc "DNS name or IP address that will be used for the stream directory lookups or possibily the playlist generation if a Host header is not provided."; description = lib.mdDoc "DNS name or IP address that will be used for the stream directory lookups or possibly the playlist generation if a Host header is not provided.";
default = config.networking.domain; default = config.networking.domain;
defaultText = literalExpression "config.networking.domain"; defaultText = literalExpression "config.networking.domain";
}; };

View File

@ -12,7 +12,7 @@ in {
enable = mkEnableOption (lib.mdDoc "ZFS snapshot replication."); enable = mkEnableOption (lib.mdDoc "ZFS snapshot replication.");
followDelete = mkOption { followDelete = mkOption {
description = lib.mdDoc "Remove remote snapshots that don't have a local correspondant."; description = lib.mdDoc "Remove remote snapshots that don't have a local correspondent.";
default = true; default = true;
type = types.bool; type = types.bool;
}; };
@ -30,7 +30,7 @@ in {
}; };
localFilesystem = mkOption { localFilesystem = mkOption {
description = lib.mdDoc "Local ZFS fileystem from which snapshots should be sent. Defaults to the attribute name."; description = lib.mdDoc "Local ZFS filesystem from which snapshots should be sent. Defaults to the attribute name.";
example = "pool/file/path"; example = "pool/file/path";
type = types.str; type = types.str;
}; };

View File

@ -9,7 +9,7 @@ let
The znapzend backup plan to use for the source. The znapzend backup plan to use for the source.
The plan specifies how often to backup and for how long to keep the The plan specifies how often to backup and for how long to keep the
backups. It consists of a series of retention periodes to interval backups. It consists of a series of retention periods to interval
associations: associations:
``` ```
@ -268,7 +268,7 @@ let
mkSrcAttrs = srcCfg: with srcCfg; { mkSrcAttrs = srcCfg: with srcCfg; {
enabled = onOff enable; enabled = onOff enable;
# mbuffer is not referenced by its full path to accomodate non-NixOS systems or differing mbuffer versions between source and target # mbuffer is not referenced by its full path to accommodate non-NixOS systems or differing mbuffer versions between source and target
mbuffer = with mbuffer; if enable then "mbuffer" mbuffer = with mbuffer; if enable then "mbuffer"
+ optionalString (port != null) ":${toString port}" else "off"; + optionalString (port != null) ":${toString port}" else "off";
mbuffer_size = mbuffer.size; mbuffer_size = mbuffer.size;
@ -372,7 +372,7 @@ in
compressed feature which adds the options `-Lce` to compressed feature which adds the options `-Lce` to
the {command}`zfs send` command. When this is enabled, make the {command}`zfs send` command. When this is enabled, make
sure that both the sending and receiving pool have the same relevant sure that both the sending and receiving pool have the same relevant
features enabled. Using `-c` will skip unneccessary features enabled. Using `-c` will skip unnecessary
decompress-compress stages, `-L` is for large block decompress-compress stages, `-L` is for large block
support and -e is for embedded data support. see support and -e is for embedded data support. see
{manpage}`znapzend(1)` {manpage}`znapzend(1)`

View File

@ -51,7 +51,7 @@ in {
type = types.bool; type = types.bool;
default = false; default = false;
description = lib.mdDoc '' description = lib.mdDoc ''
Explictly disables syncing of deposit logs from the execution node. Explicitly disables syncing of deposit logs from the execution node.
This overrides any previous option that depends on it. This overrides any previous option that depends on it.
Useful if you intend to run a non-validating beacon node. Useful if you intend to run a non-validating beacon node.
''; '';

View File

@ -22,7 +22,7 @@ in
bootstrapAddons = mkOption { bootstrapAddons = mkOption {
description = lib.mdDoc '' description = lib.mdDoc ''
Bootstrap addons are like regular addons, but they are applied with cluster-admin rigths. Bootstrap addons are like regular addons, but they are applied with cluster-admin rights.
They are applied at addon-manager startup only. They are applied at addon-manager startup only.
''; '';
default = { }; default = { };

View File

@ -323,7 +323,7 @@ in
systemctl restart flannel systemctl restart flannel
''} ''}
echo "Node joined succesfully" echo "Node joined successfully"
'')]; '')];
# isolate etcd on loopback at the master node # isolate etcd on loopback at the master node

View File

@ -1,4 +1,4 @@
# NixOS module for Buildbot continous integration server. # NixOS module for Buildbot continuous integration server.
{ config, lib, options, pkgs, ... }: { config, lib, options, pkgs, ... }:

View File

@ -49,7 +49,7 @@ with lib;
registration token on startup as needed. Make sure the PAT has a scope of registration token on startup as needed. Make sure the PAT has a scope of
`admin:org` for organization-wide registrations or a scope of `admin:org` for organization-wide registrations or a scope of
`repo` for a single repository. Fine-grained PATs need read and write permission `repo` for a single repository. Fine-grained PATs need read and write permission
to the "Adminstration" resources. to the "Administration" resources.
Changing this option or the file's content triggers a new runner registration. Changing this option or the file's content triggers a new runner registration.
''; '';

View File

@ -141,7 +141,7 @@ in
default = false; default = false;
description = lib.mdDoc '' description = lib.mdDoc ''
Finish all remaining jobs before stopping. Finish all remaining jobs before stopping.
If not set gitlab-runner will stop immediatly without waiting If not set gitlab-runner will stop immediately without waiting
for jobs to finish, which will lead to failed builds. for jobs to finish, which will lead to failed builds.
''; '';
}; };

View File

@ -15,8 +15,8 @@ in {
default = false; default = false;
description = lib.mdDoc '' description = lib.mdDoc ''
Enables the Hail Auto Update Service. Hail can automatically deploy artifacts Enables the Hail Auto Update Service. Hail can automatically deploy artifacts
built by a Hydra Continous Integration server. A common use case is to provide built by a Hydra Continuous Integration server. A common use case is to provide
continous deployment for single services or a full NixOS configuration.''; continuous deployment for single services or a full NixOS configuration.'';
}; };
profile = mkOption { profile = mkOption {
type = types.str; type = types.str;

View File

@ -14,7 +14,7 @@
# #
# Be careful, virtuoso-opensource also provides a different isql command ! # Be careful, virtuoso-opensource also provides a different isql command !
# There are at least two ways to run firebird. superserver has been choosen # There are at least two ways to run firebird. superserver has been chosen
# however there are no strong reasons to prefer this or the other one AFAIK # however there are no strong reasons to prefer this or the other one AFAIK
# Eg superserver is said to be most efficiently using resources according to # Eg superserver is said to be most efficiently using resources according to
# http://www.firebirdsql.org/manual/qsg25-classic-or-super.html # http://www.firebirdsql.org/manual/qsg25-classic-or-super.html

View File

@ -45,7 +45,7 @@ in
default = !(cfg.settings ? initial_session); default = !(cfg.settings ? initial_session);
defaultText = literalExpression "!(config.services.greetd.settings ? initial_session)"; defaultText = literalExpression "!(config.services.greetd.settings ? initial_session)";
description = lib.mdDoc '' description = lib.mdDoc ''
Wether to restart greetd when it terminates (e.g. on failure). Whether to restart greetd when it terminates (e.g. on failure).
This is usually desirable so a user can always log in, but should be disabled when using 'settings.initial_session' (autologin), This is usually desirable so a user can always log in, but should be disabled when using 'settings.initial_session' (autologin),
because every greetd restart will trigger the autologin again. because every greetd restart will trigger the autologin again.
''; '';

View File

@ -35,7 +35,7 @@ in
description = lib.mdDoc '' description = lib.mdDoc ''
If enabled, starts the ArchisSteamFarm service. If enabled, starts the ArchisSteamFarm service.
For configuring the SteamGuard token you will need to use the web-ui, which is enabled by default over on 127.0.0.1:1242. For configuring the SteamGuard token you will need to use the web-ui, which is enabled by default over on 127.0.0.1:1242.
You cannot configure ASF in any way outside of nix, since all the config files get wiped on restart and replaced with the programatically set ones by nix. You cannot configure ASF in any way outside of nix, since all the config files get wiped on restart and replaced with the programnatically set ones by nix.
''; '';
default = false; default = false;
}; };
@ -98,7 +98,7 @@ in
ipcPasswordFile = mkOption { ipcPasswordFile = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
description = lib.mdDoc "Path to a file containig the password. The file must be readable by the `asf` user/group."; description = lib.mdDoc "Path to a file containing the password. The file must be readable by the `asf` user/group.";
}; };
ipcSettings = mkOption { ipcSettings = mkOption {
@ -129,7 +129,7 @@ in
}; };
passwordFile = mkOption { passwordFile = mkOption {
type = types.path; type = types.path;
description = lib.mdDoc "Path to a file containig the password. The file must be readable by the `asf` user/group."; description = lib.mdDoc "Path to a file containing the password. The file must be readable by the `asf` user/group.";
}; };
enabled = mkOption { enabled = mkOption {
type = types.bool; type = types.bool;

View File

@ -62,7 +62,7 @@ in
Path to logfile for logging. Path to logfile for logging.
If set to null, logging will be output to stdout which means If set to null, logging will be output to stdout which means
all output will be catched by systemd. all output will be caught by systemd.
''; '';
}; };

View File

@ -19,7 +19,7 @@ in {
[lircd] [lircd]
nodaemon = False nodaemon = False
''; '';
description = lib.mdDoc "LIRC default options descriped in man:lircd(8) ({file}`lirc_options.conf`)"; description = lib.mdDoc "LIRC default options described in man:lircd(8) ({file}`lirc_options.conf`)";
}; };
configs = mkOption { configs = mkOption {

View File

@ -141,7 +141,7 @@ in
description = lib.mdDoc '' description = lib.mdDoc ''
Enable saned network daemon for remote connection to scanners. Enable saned network daemon for remote connection to scanners.
saned would be runned from `scanner` user; to allow saned would be run from `scanner` user; to allow
access to hardware that doesn't have `scanner` group access to hardware that doesn't have `scanner` group
you should add needed groups to this user. you should add needed groups to this user.
''; '';

View File

@ -163,7 +163,7 @@ in
default = null; default = null;
description = lib.mdDoc '' description = lib.mdDoc ''
How often to rotate the logs. Defaults to previously set global setting, How often to rotate the logs. Defaults to previously set global setting,
which itself defauts to weekly. which itself defaults to weekly.
''; '';
}; };

View File

@ -113,7 +113,7 @@ in {
type = types.str; type = types.str;
example = "/run/secrets/ldap-bind"; example = "/run/secrets/ldap-bind";
description = lib.mdDoc '' description = lib.mdDoc ''
Path to the file containing the bind password of the servie account Path to the file containing the bind password of the service account
defined by [](#opt-services.mailman.ldap.bindDn). defined by [](#opt-services.mailman.ldap.bindDn).
''; '';
}; };

View File

@ -234,12 +234,12 @@ let
headerChecks = concatStringsSep "\n" (map (x: "${x.pattern} ${x.action}") cfg.headerChecks) + cfg.extraHeaderChecks; headerChecks = concatStringsSep "\n" (map (x: "${x.pattern} ${x.action}") cfg.headerChecks) + cfg.extraHeaderChecks;
aliases = let seperator = if cfg.aliasMapType == "hash" then ":" else ""; in aliases = let separator = if cfg.aliasMapType == "hash" then ":" else ""; in
optionalString (cfg.postmasterAlias != "") '' optionalString (cfg.postmasterAlias != "") ''
postmaster${seperator} ${cfg.postmasterAlias} postmaster${separator} ${cfg.postmasterAlias}
'' ''
+ optionalString (cfg.rootAlias != "") '' + optionalString (cfg.rootAlias != "") ''
root${seperator} ${cfg.rootAlias} root${separator} ${cfg.rootAlias}
'' ''
+ cfg.extraAliases + cfg.extraAliases
; ;

View File

@ -39,7 +39,7 @@ in
''; '';
description = lib.mdDoc '' description = lib.mdDoc ''
The package which contains roundcube's sources. Can be overriden to create The package which contains roundcube's sources. Can be overridden to create
an environment which contains roundcube and third-party plugins. an environment which contains roundcube and third-party plugins.
''; '';
}; };
@ -92,7 +92,7 @@ in
default = []; default = [];
example = literalExpression "with pkgs.aspellDicts; [ en fr de ]"; example = literalExpression "with pkgs.aspellDicts; [ en fr de ]";
description = lib.mdDoc '' description = lib.mdDoc ''
List of aspell dictionnaries for spell checking. If empty, spell checking is disabled. List of aspell dictionaries for spell checking. If empty, spell checking is disabled.
''; '';
}; };

View File

@ -105,7 +105,7 @@ in {
`MAUTRIX_TELEGRAM_TELEGRAM_BOT_TOKEN`. `MAUTRIX_TELEGRAM_TELEGRAM_BOT_TOKEN`.
These environment variables can also be used to set other options by These environment variables can also be used to set other options by
replacing hierachy levels by `.`, converting the name to uppercase replacing hierarchy levels by `.`, converting the name to uppercase
and prepending `MAUTRIX_TELEGRAM_`. and prepending `MAUTRIX_TELEGRAM_`.
For example, the first value above maps to For example, the first value above maps to
{option}`settings.appservice.as_token`. {option}`settings.appservice.as_token`.
@ -140,7 +140,7 @@ in {
path = [ pkgs.lottieconverter ]; path = [ pkgs.lottieconverter ];
# mautrix-telegram tries to generate a dotfile in the home directory of # mautrix-telegram tries to generate a dotfile in the home directory of
# the running user if using a postgresql databse: # the running user if using a postgresql database:
# #
# File "python3.10/site-packages/asyncpg/connect_utils.py", line 257, in _dot_postgre> # File "python3.10/site-packages/asyncpg/connect_utils.py", line 257, in _dot_postgre>
# return (pathlib.Path.home() / '.postgresql' / filename).resolve() # return (pathlib.Path.home() / '.postgresql' / filename).resolve()

View File

@ -80,7 +80,7 @@ in {
(mkRemovedOptionModule [ "services" "matrix-synapse" "user_creation_max_duration" ] "It is no longer supported by synapse." ) (mkRemovedOptionModule [ "services" "matrix-synapse" "user_creation_max_duration" ] "It is no longer supported by synapse." )
(mkRemovedOptionModule [ "services" "matrix-synapse" "verbose" ] "Use a log config instead." ) (mkRemovedOptionModule [ "services" "matrix-synapse" "verbose" ] "Use a log config instead." )
# options that were moved into rfc42 style settigns # options that were moved into rfc42 style settings
(mkRemovedOptionModule [ "services" "matrix-synapse" "app_service_config_files" ] "Use settings.app_service_config_files instead" ) (mkRemovedOptionModule [ "services" "matrix-synapse" "app_service_config_files" ] "Use settings.app_service_config_files instead" )
(mkRemovedOptionModule [ "services" "matrix-synapse" "database_args" ] "Use settings.database.args instead" ) (mkRemovedOptionModule [ "services" "matrix-synapse" "database_args" ] "Use settings.database.args instead" )
(mkRemovedOptionModule [ "services" "matrix-synapse" "database_name" ] "Use settings.database.args.database instead" ) (mkRemovedOptionModule [ "services" "matrix-synapse" "database_name" ] "Use settings.database.args.database instead" )

View File

@ -114,7 +114,7 @@ in
}; };
components = mkOption { components = mkOption {
description = lib.mdDoc "An atttribute set in which each key represents a container and each value an attribute set in which each key represents a component and each value a derivation constructing its initial state"; description = lib.mdDoc "An attribute set in which each key represents a container and each value an attribute set in which each key represents a component and each value a derivation constructing its initial state";
default = {}; default = {};
type = types.attrsOf types.attrs; type = types.attrsOf types.attrs;
}; };

View File

@ -192,7 +192,7 @@ in {
password = mkOption { password = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
description = lib.mdDoc "User password used for connetion to the database"; description = lib.mdDoc "User password used for connection to the database";
}; };
}; };
}; };

View File

@ -183,7 +183,7 @@ in
file = mkOption { file = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
description = lib.mdDoc "Filename to be used for the dump. If `null` a default name is choosen by gitea."; description = lib.mdDoc "Filename to be used for the dump. If `null` a default name is chosen by gitea.";
example = "gitea-dump"; example = "gitea-dump";
}; };
}; };
@ -487,7 +487,7 @@ in
# In older versions the secret naming for JWT was kind of confusing. # In older versions the secret naming for JWT was kind of confusing.
# The file jwt_secret hold the value for LFS_JWT_SECRET and JWT_SECRET # The file jwt_secret hold the value for LFS_JWT_SECRET and JWT_SECRET
# wasn't persistant at all. # wasn't persistent at all.
# To fix that, there is now the file oauth2_jwt_secret containing the # To fix that, there is now the file oauth2_jwt_secret containing the
# values for JWT_SECRET and the file jwt_secret gets renamed to # values for JWT_SECRET and the file jwt_secret gets renamed to
# lfs_jwt_secret. # lfs_jwt_secret.

View File

@ -141,7 +141,7 @@ services.gitlab = {
</para> </para>
<para> <para>
A list of all availabe rake tasks can be obtained by running: A list of all available rake tasks can be obtained by running:
<screen> <screen>
<prompt>$ </prompt>sudo -u git -H gitlab-rake -T <prompt>$ </prompt>sudo -u git -H gitlab-rake -T
</screen> </screen>

View File

@ -81,7 +81,7 @@ in
ProtectKernelTunables = !config.boot.isContainer; ProtectKernelTunables = !config.boot.isContainer;
LockPersonality = true; LockPersonality = true;
PrivateTmp = !config.boot.isContainer; PrivateTmp = !config.boot.isContainer;
# needed for hardware accelaration # needed for hardware acceleration
PrivateDevices = false; PrivateDevices = false;
PrivateUsers = true; PrivateUsers = true;
RemoveIPC = true; RemoveIPC = true;

View File

@ -609,7 +609,7 @@ in
By default, pseudo-features `nixos-test`, `benchmark`, By default, pseudo-features `nixos-test`, `benchmark`,
and `big-parallel` used in Nixpkgs are set, `kvm` and `big-parallel` used in Nixpkgs are set, `kvm`
is also included in it is avaliable. is also included in it is available.
''; '';
}; };
@ -642,7 +642,7 @@ in
description = lib.mdDoc '' description = lib.mdDoc ''
Configuration for Nix, see Configuration for Nix, see
<https://nixos.org/manual/nix/stable/#sec-conf-file> or <https://nixos.org/manual/nix/stable/#sec-conf-file> or
{manpage}`nix.conf(5)` for avalaible options. {manpage}`nix.conf(5)` for available options.
The value declared here will be translated directly to the key-value pairs Nix expects. The value declared here will be translated directly to the key-value pairs Nix expects.
You can use {command}`nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.nix.settings` You can use {command}`nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.nix.settings`

View File

@ -12,7 +12,7 @@ in
example = "/run/secrets/password.env"; example = "/run/secrets/password.env";
description = lib.mdDoc '' description = lib.mdDoc ''
The path to a file containing the PASSWORD environment variable The path to a file containing the PASSWORD environment variable
definition for Podgrab's authentification. definition for Podgrab's authentication.
''; '';
}; };

View File

@ -135,7 +135,7 @@ in
type = types.bool; type = types.bool;
default = false; default = false;
description = lib.mdDoc '' description = lib.mdDoc ''
Wether to enable LDAPS protocol. Whether to enable LDAPS protocol.
This also adds two entries to the `/etc/hosts` file to point [](#opt-services.portunus.domain) to localhost, This also adds two entries to the `/etc/hosts` file to point [](#opt-services.portunus.domain) to localhost,
so that CLIs and programs can use ldaps protocol and verify the certificate without opening the firewall port for the protocol. so that CLIs and programs can use ldaps protocol and verify the certificate without opening the firewall port for the protocol.

View File

@ -80,7 +80,7 @@ in {
23424 # mediabrowser 23424 # mediabrowser
]; ];
allowedUDPPorts = [ allowedUDPPorts = [
1900 # UPnP service discovey 1900 # UPnP service discovery
]; ];
}; };
}; };

View File

@ -71,7 +71,7 @@ let
# Note that each systemd service gets its own ${runDir}/config.ini file. # Note that each systemd service gets its own ${runDir}/config.ini file.
ExecStartPre = mkBefore [("+"+pkgs.writeShellScript "${serviceName}-credentials" '' ExecStartPre = mkBefore [("+"+pkgs.writeShellScript "${serviceName}-credentials" ''
set -x set -x
# Replace values begining with a '<' by the content of the file whose name is after. # Replace values beginning with a '<' by the content of the file whose name is after.
gawk '{ if (match($0,/^([^=]+=)<(.+)/,m)) { getline f < m[2]; print m[1] f } else print $0 }' ${configIni} | gawk '{ if (match($0,/^([^=]+=)<(.+)/,m)) { getline f < m[2]; print m[1] f } else print $0 }' ${configIni} |
${optionalString (!allowStripe) "gawk '!/^stripe-secret-key=/' |"} ${optionalString (!allowStripe) "gawk '!/^stripe-secret-key=/' |"}
install -o ${srvCfg.user} -g root -m 400 /dev/stdin ${runDir}/config.ini install -o ${srvCfg.user} -g root -m 400 /dev/stdin ${runDir}/config.ini

View File

@ -145,7 +145,7 @@ in {
in lib.mdDoc '' in lib.mdDoc ''
Whether to enable the Taskwarrior server. Whether to enable the Taskwarrior server.
More instructions about NixOS in conjuction with Taskserver can be More instructions about NixOS in conjunction with Taskserver can be
found [in the NixOS manual](${url}). found [in the NixOS manual](${url}).
''; '';
}; };
@ -251,7 +251,7 @@ in {
client id (such as `task 2.3.0`). client id (such as `task 2.3.0`).
The values `all` or `none` have The values `all` or `none` have
special meaning. Overidden by any entry in the option special meaning. Overridden by any entry in the option
{option}`services.taskserver.disallowedClientIDs`. {option}`services.taskserver.disallowedClientIDs`.
''; '';
}; };

View File

@ -154,14 +154,14 @@ in {
}; };
blacklist = mkOption { blacklist = mkOption {
description = lib.mdDoc "Any metrics received which match one of the experssions will be dropped."; description = lib.mdDoc "Any metrics received which match one of the expressions will be dropped.";
default = null; default = null;
type = types.nullOr types.str; type = types.nullOr types.str;
example = "^some\\.noisy\\.metric\\.prefix\\..*"; example = "^some\\.noisy\\.metric\\.prefix\\..*";
}; };
whitelist = mkOption { whitelist = mkOption {
description = lib.mdDoc "Only metrics received which match one of the experssions will be persisted."; description = lib.mdDoc "Only metrics received which match one of the expressions will be persisted.";
default = null; default = null;
type = types.nullOr types.str; type = types.nullOr types.str;
example = ".*"; example = ".*";

View File

@ -37,7 +37,7 @@
by default</link>, via http under <literal>/metrics</literal>. In this by default</link>, via http under <literal>/metrics</literal>. In this
example the firewall should just allow incoming connections to the example the firewall should just allow incoming connections to the
exporter's port on the bridge interface <literal>br0</literal> (this would exporter's port on the bridge interface <literal>br0</literal> (this would
have to be configured seperately of course). For more information about have to be configured separately of course). For more information about
configuration see <literal>man configuration.nix</literal> or search through configuration see <literal>man configuration.nix</literal> or search through
the the
<link xlink:href="https://nixos.org/nixos/options.html#prometheus.exporters">available <link xlink:href="https://nixos.org/nixos/options.html#prometheus.exporters">available
@ -179,7 +179,7 @@ in
# for the exporter's systemd service. One of # for the exporter's systemd service. One of
# `serviceOpts.script` and `serviceOpts.serviceConfig.ExecStart` # `serviceOpts.script` and `serviceOpts.serviceConfig.ExecStart`
# has to be specified here. This will be merged with the default # has to be specified here. This will be merged with the default
# service confiuration. # service configuration.
# Note that by default 'DynamicUser' is 'true'. # Note that by default 'DynamicUser' is 'true'.
serviceOpts = { serviceOpts = {
serviceConfig = { serviceConfig = {

Some files were not shown because too many files have changed in this diff Show More