From e1af37634b387e18361f15b2db1c7f7f93d37ebc Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Wed, 23 Sep 2020 00:38:04 +0200 Subject: [PATCH 1/2] doc: Improve code listings By adding prompts and removing unnecessary indentation. --- doc/builders/images/dockertools.xml | 12 +- doc/builders/images/ocitools.xml | 3 +- doc/builders/packages/citrix.xml | 8 +- doc/builders/packages/urxvt.xml | 50 ++++--- doc/contributing/submitting-changes.xml | 12 +- doc/languages-frameworks/beam.xml | 6 +- doc/languages-frameworks/perl.xml | 186 ++++++++++++------------ doc/languages-frameworks/qt.xml | 2 +- doc/languages-frameworks/ruby.xml | 25 ++-- doc/languages-frameworks/texlive.xml | 10 +- doc/stdenv/multiple-output.xml | 2 +- doc/using/configuration.xml | 8 +- doc/using/overlays.xml | 10 +- 13 files changed, 173 insertions(+), 161 deletions(-) diff --git a/doc/builders/images/dockertools.xml b/doc/builders/images/dockertools.xml index 126698d0a9e..d881e712a04 100644 --- a/doc/builders/images/dockertools.xml +++ b/doc/builders/images/dockertools.xml @@ -132,11 +132,11 @@ buildImage { By default buildImage will use a static date of one second past the UNIX Epoch. This allows buildImage to produce binary reproducible images. When listing images with docker images, the newly created images will be listed like this: - +$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE hello latest 08c791c7846e 48 years ago 25.2MB -]]> + You can break binary reproducibility but have a sorted, meaningful CREATED column by setting created to now. @@ -152,11 +152,11 @@ pkgs.dockerTools.buildImage { ]]> and now the Docker CLI will display a reasonable date and sort the images as expected: - +$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE hello latest de2bf4786de6 About a minute ago 25.2MB -]]> + however, the produced images will not be binary reproducible. diff --git a/doc/builders/images/ocitools.xml b/doc/builders/images/ocitools.xml index e8cd3472f54..f26ed864427 100644 --- a/doc/builders/images/ocitools.xml +++ b/doc/builders/images/ocitools.xml @@ -38,8 +38,7 @@ buildContainer { readonly = false; } - - + diff --git a/doc/builders/packages/citrix.xml b/doc/builders/packages/citrix.xml index 16f1bc6f8f2..803eb2e4fc4 100644 --- a/doc/builders/packages/citrix.xml +++ b/doc/builders/packages/citrix.xml @@ -22,10 +22,10 @@ In order to set this up, you first have to download the .cr file from the Netscaler Gateway. After that you can configure the selfservice like this: - - $ storebrowse -C ~/Downloads/receiverconfig.cr - $ selfservice - + +$ storebrowse -C ~/Downloads/receiverconfig.cr +$ selfservice + diff --git a/doc/builders/packages/urxvt.xml b/doc/builders/packages/urxvt.xml index 135cc82a0b5..330e056b656 100644 --- a/doc/builders/packages/urxvt.xml +++ b/doc/builders/packages/urxvt.xml @@ -18,10 +18,13 @@ includes all available plugins. To make use of this functionality, use an overlay or directly install an expression that overrides its configuration, such as - rxvt-unicode.override { configure = { availablePlugins, ... }: { + +rxvt-unicode.override { + configure = { availablePlugins, ... }: { plugins = with availablePlugins; [ perls resize-font vtwheel ]; - } -} + }; +} + If the configure function returns an attrset without the plugins attribute, availablePlugins will be used automatically. @@ -30,18 +33,22 @@ In order to add plugins but also keep all default plugins installed, it is possible to use the following method: - rxvt-unicode.override { configure = { availablePlugins, ... }: { - plugins = (builtins.attrValues availablePlugins) ++ [ custom-plugin ]; - }; -} + +rxvt-unicode.override { + configure = { availablePlugins, ... }: { + plugins = (builtins.attrValues availablePlugins) ++ [ custom-plugin ]; + }; +} + To get a list of all the plugins available, open the Nix REPL and run - $ nix repl + +$ nix repl :l <nixpkgs> map (p: p.name) pkgs.rxvt-unicode.plugins - + Alternatively, if your shell is bash or zsh and have completion enabled, simply type nixpkgs.rxvt-unicode.plugins.<tab>. @@ -53,18 +60,24 @@ map (p: p.name) pkgs.rxvt-unicode.plugins extraDeps can be used, for example, to provide xsel (a clipboard manager) to the clipboard plugin, without installing it globally: - rxvt-unicode.override { configure = { availablePlugins, ... }: { - pluginsDeps = [ xsel ]; - } -} + +rxvt-unicode.override { + configure = { availablePlugins, ... }: { + pluginsDeps = [ xsel ]; + }; +} + perlDeps is a handy way to provide Perl packages to your custom plugins (in $HOME/.urxvt/ext). For example, if you need AnyEvent you can do: - rxvt-unicode.override { configure = { availablePlugins, ... }: { - perlDeps = with perlPackages; [ AnyEvent ]; - } -} + +rxvt-unicode.override { + configure = { availablePlugins, ... }: { + perlDeps = with perlPackages; [ AnyEvent ]; + }; +} + @@ -90,7 +103,8 @@ map (p: p.name) pkgs.rxvt-unicode.plugins If the plugin is itself a perl package that needs to be imported from other plugins or scripts, add the following passthrough: - passthru.perlPackages = [ "self" ]; + +passthru.perlPackages = [ "self" ]; This will make the urxvt wrapper pick up the dependency and set up the perl path accordingly. diff --git a/doc/contributing/submitting-changes.xml b/doc/contributing/submitting-changes.xml index a88965f5cc6..22389c24ea2 100644 --- a/doc/contributing/submitting-changes.xml +++ b/doc/contributing/submitting-changes.xml @@ -209,12 +209,12 @@ Additional information. - (fetchpatch { - name = "CVE-2019-11068.patch"; - url = "https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch"; - sha256 = "0pkpb4837km15zgg6h57bncp66d5lwrlvkr73h0lanywq7zrwhj8"; - }) - +(fetchpatch { + name = "CVE-2019-11068.patch"; + url = "https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch"; + sha256 = "0pkpb4837km15zgg6h57bncp66d5lwrlvkr73h0lanywq7zrwhj8"; +}) + If a security fix applies to both master and a stable release then, similar to regular changes, they are preferably delivered via master first and cherry-picked to the release branch. diff --git a/doc/languages-frameworks/beam.xml b/doc/languages-frameworks/beam.xml index 1d307e1d6dc..addab24f7f6 100644 --- a/doc/languages-frameworks/beam.xml +++ b/doc/languages-frameworks/beam.xml @@ -72,9 +72,9 @@ To install any of those builders into your profile, refer to them by their attribute path beamPackages.rebar3: - - $ nix-env -f "<nixpkgs>" -iA beamPackages.rebar3 - + +$ nix-env -f "<nixpkgs>" -iA beamPackages.rebar3 +
diff --git a/doc/languages-frameworks/perl.xml b/doc/languages-frameworks/perl.xml index ff0f350e99c..b017c028f64 100644 --- a/doc/languages-frameworks/perl.xml +++ b/doc/languages-frameworks/perl.xml @@ -8,28 +8,28 @@ When executing a Perl script, it is possible you get an error such as ./myscript.pl: bad interpreter: /usr/bin/perl: no such file or directory. This happens when the script expects Perl to be installed at /usr/bin/perl, which is not the case when using Perl from nixpkgs. You can fix the script by changing the first line to: - - #!/usr/bin/env perl - + +#!/usr/bin/env perl + to take the Perl installation from the PATH environment variable, or invoke Perl directly with: - - $ perl ./myscript.pl - + +$ perl ./myscript.pl + When the script is using a Perl library that is not installed globally, you might get an error such as Can't locate DB_File.pm in @INC (you may need to install the DB_File module). In that case, you can use nix-shell to start an ad-hoc shell with that library installed, for instance: - - $ nix-shell -p perl perlPackages.DBFile --run ./myscript.pl - + +$ nix-shell -p perl perlPackages.DBFile --run ./myscript.pl + If you are always using the script in places where nix-shell is available, you can embed the nix-shell invocation in the shebang like this: - - #!/usr/bin/env nix-shell - #! nix-shell -i perl -p perl perlPackages.DBFile - + +#!/usr/bin/env nix-shell +#! nix-shell -i perl -p perl perlPackages.DBFile +
@@ -44,30 +44,30 @@ Perl packages from CPAN are defined in pkgs/top-level/perl-packages.nix, rather than pkgs/all-packages.nix. Most Perl packages are so straight-forward to build that they are defined here directly, rather than having a separate function for each package called from perl-packages.nix. However, more complicated packages should be put in a separate file, typically in pkgs/development/perl-modules. Here is an example of the former: - - ClassC3 = buildPerlPackage rec { - name = "Class-C3-0.21"; - src = fetchurl { - url = "mirror://cpan/authors/id/F/FL/FLORA/${name}.tar.gz"; - sha256 = "1bl8z095y4js66pwxnm7s853pi9czala4sqc743fdlnk27kq94gz"; - }; - }; - + +ClassC3 = buildPerlPackage rec { + name = "Class-C3-0.21"; + src = fetchurl { + url = "mirror://cpan/authors/id/F/FL/FLORA/${name}.tar.gz"; + sha256 = "1bl8z095y4js66pwxnm7s853pi9czala4sqc743fdlnk27kq94gz"; + }; +}; + Note the use of mirror://cpan/, and the ${name} in the URL definition to ensure that the name attribute is consistent with the source that we’re actually downloading. Perl packages are made available in all-packages.nix through the variable perlPackages. For instance, if you have a package that needs ClassC3, you would typically write - - foo = import ../path/to/foo.nix { - inherit stdenv fetchurl ...; - inherit (perlPackages) ClassC3; - }; - + +foo = import ../path/to/foo.nix { + inherit stdenv fetchurl ...; + inherit (perlPackages) ClassC3; +}; + in all-packages.nix. You can test building a Perl package as follows: - - $ nix-build -A perlPackages.ClassC3 - + +$ nix-build -A perlPackages.ClassC3 + buildPerlPackage adds perl- to the start of the name attribute, so the package above is actually called perl-Class-C3-0.21. So to install it, you can say: - - $ nix-env -i perl-Class-C3 - + +$ nix-env -i perl-Class-C3 + (Of course you can also install using the attribute name: nix-env -i -A perlPackages.ClassC3.) @@ -94,61 +94,61 @@ buildPerlPackage is built on top of stdenv, so everything can be customised in the usual way. For instance, the BerkeleyDB module has a preConfigure hook to generate a configuration file used by Makefile.PL: - - { buildPerlPackage, fetchurl, db }: + +{ buildPerlPackage, fetchurl, db }: - buildPerlPackage rec { - name = "BerkeleyDB-0.36"; +buildPerlPackage rec { + name = "BerkeleyDB-0.36"; - src = fetchurl { - url = "mirror://cpan/authors/id/P/PM/PMQS/${name}.tar.gz"; - sha256 = "07xf50riarb60l1h6m2dqmql8q5dij619712fsgw7ach04d8g3z1"; - }; + src = fetchurl { + url = "mirror://cpan/authors/id/P/PM/PMQS/${name}.tar.gz"; + sha256 = "07xf50riarb60l1h6m2dqmql8q5dij619712fsgw7ach04d8g3z1"; + }; - preConfigure = '' - echo "LIB = ${db.out}/lib" > config.in - echo "INCLUDE = ${db.dev}/include" >> config.in - ''; - } - + preConfigure = '' + echo "LIB = ${db.out}/lib" > config.in + echo "INCLUDE = ${db.dev}/include" >> config.in + ''; +} + Dependencies on other Perl packages can be specified in the buildInputs and propagatedBuildInputs attributes. If something is exclusively a build-time dependency, use buildInputs; if it’s (also) a runtime dependency, use propagatedBuildInputs. For instance, this builds a Perl module that has runtime dependencies on a bunch of other modules: - - ClassC3Componentised = buildPerlPackage rec { - name = "Class-C3-Componentised-1.0004"; - src = fetchurl { - url = "mirror://cpan/authors/id/A/AS/ASH/${name}.tar.gz"; - sha256 = "0xql73jkcdbq4q9m0b0rnca6nrlvf5hyzy8is0crdk65bynvs8q1"; - }; - propagatedBuildInputs = [ - ClassC3 ClassInspector TestException MROCompat - ]; - }; - + +ClassC3Componentised = buildPerlPackage rec { + name = "Class-C3-Componentised-1.0004"; + src = fetchurl { + url = "mirror://cpan/authors/id/A/AS/ASH/${name}.tar.gz"; + sha256 = "0xql73jkcdbq4q9m0b0rnca6nrlvf5hyzy8is0crdk65bynvs8q1"; + }; + propagatedBuildInputs = [ + ClassC3 ClassInspector TestException MROCompat + ]; +}; + On Darwin, if a script has too many -Idir flags in its first line (its “shebang line”), it will not run. This can be worked around by calling the shortenPerlShebang function from the postInstall phase: - - { stdenv, buildPerlPackage, fetchurl, shortenPerlShebang }: + +{ stdenv, buildPerlPackage, fetchurl, shortenPerlShebang }: - ImageExifTool = buildPerlPackage { - pname = "Image-ExifTool"; - version = "11.50"; +ImageExifTool = buildPerlPackage { + pname = "Image-ExifTool"; + version = "11.50"; - src = fetchurl { - url = "https://www.sno.phy.queensu.ca/~phil/exiftool/Image-ExifTool-11.50.tar.gz"; - sha256 = "0d8v48y94z8maxkmw1rv7v9m0jg2dc8xbp581njb6yhr7abwqdv3"; - }; + src = fetchurl { + url = "https://www.sno.phy.queensu.ca/~phil/exiftool/Image-ExifTool-11.50.tar.gz"; + sha256 = "0d8v48y94z8maxkmw1rv7v9m0jg2dc8xbp581njb6yhr7abwqdv3"; + }; - buildInputs = stdenv.lib.optional stdenv.isDarwin shortenPerlShebang; - postInstall = stdenv.lib.optional stdenv.isDarwin '' - shortenPerlShebang $out/bin/exiftool - ''; - }; - + buildInputs = stdenv.lib.optional stdenv.isDarwin shortenPerlShebang; + postInstall = stdenv.lib.optional stdenv.isDarwin '' + shortenPerlShebang $out/bin/exiftool + ''; +}; + This will remove the -I flags from the shebang line, rewrite them in the use lib form, and put them on the next line instead. This function can be given any number of Perl scripts as arguments; it will modify them in-place. @@ -159,27 +159,27 @@ Nix expressions for Perl packages can be generated (almost) automatically from CPAN. This is done by the program nix-generate-from-cpan, which can be installed as follows: - - $ nix-env -i nix-generate-from-cpan - + +$ nix-env -i nix-generate-from-cpan + This program takes a Perl module name, looks it up on CPAN, fetches and unpacks the corresponding package, and prints a Nix expression on standard output. For example: - - $ nix-generate-from-cpan XML::Simple - XMLSimple = buildPerlPackage rec { - name = "XML-Simple-2.22"; - src = fetchurl { - url = "mirror://cpan/authors/id/G/GR/GRANTM/${name}.tar.gz"; - sha256 = "b9450ef22ea9644ae5d6ada086dc4300fa105be050a2030ebd4efd28c198eb49"; - }; - propagatedBuildInputs = [ XMLNamespaceSupport XMLSAX XMLSAXExpat ]; - meta = { - description = "An API for simple XML files"; - license = with stdenv.lib.licenses; [ artistic1 gpl1Plus ]; - }; - }; - + +$ nix-generate-from-cpan XML::Simple + XMLSimple = buildPerlPackage rec { + name = "XML-Simple-2.22"; + src = fetchurl { + url = "mirror://cpan/authors/id/G/GR/GRANTM/${name}.tar.gz"; + sha256 = "b9450ef22ea9644ae5d6ada086dc4300fa105be050a2030ebd4efd28c198eb49"; + }; + propagatedBuildInputs = [ XMLNamespaceSupport XMLSAX XMLSAXExpat ]; + meta = { + description = "An API for simple XML files"; + license = with stdenv.lib.licenses; [ artistic1 gpl1Plus ]; + }; + }; + The output can be pasted into pkgs/top-level/perl-packages.nix or wherever else you need it. diff --git a/doc/languages-frameworks/qt.xml b/doc/languages-frameworks/qt.xml index 8d97de504ad..ec95621d8ff 100644 --- a/doc/languages-frameworks/qt.xml +++ b/doc/languages-frameworks/qt.xml @@ -18,7 +18,7 @@ mkDerivation { buildInputs = [ qtbase ]; } - + diff --git a/doc/languages-frameworks/ruby.xml b/doc/languages-frameworks/ruby.xml index 9b36801fb96..9b579d6804f 100644 --- a/doc/languages-frameworks/ruby.xml +++ b/doc/languages-frameworks/ruby.xml @@ -12,14 +12,14 @@ - Gemfile +$ cd pkgs/servers/monitoring +$ mkdir sensu +$ cd sensu +$ cat > Gemfile source 'https://rubygems.org' gem 'sensu' -$ $(nix-build '' -A bundix --no-out-link)/bin/bundix --magic -$ cat > default.nix +$ $(nix-build '<nixpkgs>' -A bundix --no-out-link)/bin/bundix --magic +$ cat > default.nix { lib, bundlerEnv, ruby }: bundlerEnv rec { @@ -37,7 +37,7 @@ bundlerEnv rec { maintainers = with maintainers; [ theuni ]; platforms = platforms.unix; }; -}]]> +} @@ -49,17 +49,16 @@ bundlerEnv rec { - +$ cd pkgs/servers/monitoring/sensu +$ nix-shell -p bundler --run 'bundle lock --update' +$ nix-shell -p bundix --run 'bundix' For tools written in Ruby - i.e. where the desire is to install a package and then execute e.g. rake at the command line, there is an alternative builder called bundlerApp. Set up the gemset.nix the same way, and then, for example: - + - + The chief advantage of bundlerApp over bundlerEnv is the executables introduced in the environment are precisely those selected in the exes list, as opposed to bundlerEnv which adds all the executables made available by gems in the gemset, which can mean e.g. rspec or rake in unpredictable versions available from various packages. diff --git a/doc/languages-frameworks/texlive.xml b/doc/languages-frameworks/texlive.xml index a581ec5911c..141c46e5a62 100644 --- a/doc/languages-frameworks/texlive.xml +++ b/doc/languages-frameworks/texlive.xml @@ -44,11 +44,11 @@ texlive.combine { You can list packages e.g. by nix repl. - :l -nix-repl> texlive.collection- -]]> + +$ nix repl +nix-repl> :l <nixpkgs> +nix-repl> texlive.collection- + diff --git a/doc/stdenv/multiple-output.xml b/doc/stdenv/multiple-output.xml index 0f177ec719f..20658918db7 100644 --- a/doc/stdenv/multiple-output.xml +++ b/doc/stdenv/multiple-output.xml @@ -67,7 +67,7 @@ nix-env silenty disregards the outputs selected by the user, and instead installs the outputs from meta.outputsToInstall. For example, -$ nix-env -iA nixpkgs.coreutils.info +$ nix-env -iA nixpkgs.coreutils.info installs the "out" output (coreutils.meta.outputsToInstall is [ "out" ]) instead of the requested "info". diff --git a/doc/using/configuration.xml b/doc/using/configuration.xml index b670f78f28b..3e21b0e2284 100644 --- a/doc/using/configuration.xml +++ b/doc/using/configuration.xml @@ -66,7 +66,7 @@ For allowing the build of a broken package once, you can use an environment variable for a single invocation of the nix tools: -$ export NIXPKGS_ALLOW_BROKEN=1 +$ export NIXPKGS_ALLOW_BROKEN=1 @@ -92,7 +92,7 @@ For allowing the build of an unsupported package once, you can use an environment variable for a single invocation of the nix tools: -$ export NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=1 +$ export NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=1 @@ -122,7 +122,7 @@ To temporarily allow all unfree packages, you can use an environment variable for a single invocation of the nix tools: -$ export NIXPKGS_ALLOW_UNFREE=1 +$ export NIXPKGS_ALLOW_UNFREE=1 @@ -187,7 +187,7 @@ To temporarily allow all insecure packages, you can use an environment variable for a single invocation of the nix tools: -$ export NIXPKGS_ALLOW_INSECURE=1 +$ export NIXPKGS_ALLOW_INSECURE=1 diff --git a/doc/using/overlays.xml b/doc/using/overlays.xml index f6e02b969ea..4937e950885 100644 --- a/doc/using/overlays.xml +++ b/doc/using/overlays.xml @@ -240,7 +240,7 @@ self: super: lapackProvider = self.mkl; } } - + This overlay uses Intel’s MKL library for both BLAS and LAPACK interfaces. Note that the same can be accomplished at runtime @@ -248,9 +248,9 @@ self: super: libblas.so.3 and liblapack.so.3. For instance: - -$ LD_LIBRARY_PATH=$(nix-build -A mkl)/lib:$LD_LIBRARY_PATH nix-shell -p octave --run octave - + +$ LD_LIBRARY_PATH=$(nix-build -A mkl)/lib:$LD_LIBRARY_PATH nix-shell -p octave --run octave + Intel MKL requires an openmp implementation when running with multiple processors. By default, @@ -288,7 +288,7 @@ assert (!blas.isILP64) && (!lapack.isILP64); stdenv.mkDerivation { ... } - + From e6ce041caef09405283081a8b5c5412153eccc85 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Wed, 23 Sep 2020 00:38:47 +0200 Subject: [PATCH 2/2] nixos/doc: Improve code listings By adding prompts and replaceables and removing unnecessary indentation. --- .../administration/imperative-containers.xml | 32 +++++++++---------- .../administration/maintenance-mode.xml | 2 +- .../administration/network-problems.xml | 4 +-- nixos/doc/manual/administration/rebooting.xml | 6 ++-- nixos/doc/manual/administration/rollback.xml | 6 ++-- .../manual/administration/service-mgmt.xml | 6 ++-- .../manual/administration/user-sessions.xml | 2 +- .../configuration/adding-custom-packages.xml | 2 +- .../doc/manual/configuration/linux-kernel.xml | 16 +++++----- .../configuration/luks-file-systems.xml | 20 ++++++------ nixos/doc/manual/configuration/user-mgmt.xml | 8 ++--- nixos/doc/manual/configuration/x-windows.xml | 2 +- .../manual/development/meta-attributes.xml | 2 +- .../development/writing-documentation.xml | 4 +-- .../installing-behind-a-proxy.xml | 14 ++++---- .../installing-from-other-distro.xml | 16 +++++----- nixos/doc/manual/installation/upgrading.xml | 12 +++---- nixos/doc/manual/man-nixos-enter.xml | 4 +-- nixos/doc/manual/man-nixos-version.xml | 4 +-- nixos/modules/services/backup/borgbackup.xml | 8 ++--- nixos/modules/system/activation/top-level.nix | 6 ++-- 21 files changed, 88 insertions(+), 88 deletions(-) diff --git a/nixos/doc/manual/administration/imperative-containers.xml b/nixos/doc/manual/administration/imperative-containers.xml index 435ed230f51..bc19acf9f69 100644 --- a/nixos/doc/manual/administration/imperative-containers.xml +++ b/nixos/doc/manual/administration/imperative-containers.xml @@ -14,18 +14,18 @@ You create a container with identifier foo as follows: -# nixos-container create foo +# nixos-container create foo This creates the container’s root directory in - /var/lib/containers/foo and a small configuration file - in /etc/containers/foo.conf. It also builds the + /var/lib/containers/foo and a small configuration file + in /etc/containers/foo.conf. It also builds the container’s initial system configuration and stores it in - /nix/var/nix/profiles/per-container/foo/system. You can + /nix/var/nix/profiles/per-container/foo/system. You can modify the initial configuration of the container on the command line. For instance, to create a container that has sshd running, with the given public key for root: -# nixos-container create foo --config ' +# nixos-container create foo --config ' = true; users.users.root.openssh.authorizedKeys.keys = ["ssh-dss AAAAB3N…"]; ' @@ -34,7 +34,7 @@ as container IP. This behavior can be altered by setting --host-address and --local-address: -# nixos-container create test --config-file test-container.nix \ +# nixos-container create test --config-file test-container.nix \ --local-address 10.235.1.2 --host-address 10.235.1.1 @@ -42,7 +42,7 @@ Creating a container does not start it. To start the container, run: -# nixos-container start foo +# nixos-container start foo This command will return as soon as the container has booted and has reached multi-user.target. On the host, the container runs within @@ -51,7 +51,7 @@ Thus, if something went wrong, you can get status info using systemctl: -# systemctl status container@foo +# systemctl status container@foo @@ -59,22 +59,22 @@ If the container has started successfully, you can log in as root using the root-login operation: -# nixos-container root-login foo -[root@foo:~]# +# nixos-container root-login foo +[root@foo:~]# Note that only root on the host can do this (since there is no authentication). You can also get a regular login prompt using the login operation, which is available to all users on the host: -# nixos-container login foo +# nixos-container login foo foo login: alice Password: *** With nixos-container run, you can execute arbitrary commands in the container: -# nixos-container run foo -- uname -a +# nixos-container run foo -- uname -a Linux foo 3.4.82 #1-NixOS SMP Thu Mar 20 14:44:05 UTC 2014 x86_64 GNU/Linux @@ -85,18 +85,18 @@ Linux foo 3.4.82 #1-NixOS SMP Thu Mar 20 14:44:05 UTC 2014 x86_64 GNU/Linux /var/lib/container/name/etc/nixos/configuration.nix, and run -# nixos-container update foo +# nixos-container update foo This will build and activate the new configuration. You can also specify a new configuration on the command line: -# nixos-container update foo --config ' +# nixos-container update foo --config ' = true; = "foo@example.org"; = [ 80 ]; ' -# curl http://$(nixos-container show-ip foo)/ +# curl http://$(nixos-container show-ip foo)/ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">… However, note that this will overwrite the container’s @@ -117,7 +117,7 @@ Linux foo 3.4.82 #1-NixOS SMP Thu Mar 20 14:44:05 UTC 2014 x86_64 GNU/Linux by using systemctl on the container’s service unit. To destroy a container, including its file system, do -# nixos-container destroy foo +# nixos-container destroy foo diff --git a/nixos/doc/manual/administration/maintenance-mode.xml b/nixos/doc/manual/administration/maintenance-mode.xml index 71e3f9ea665..74abfdd7c66 100644 --- a/nixos/doc/manual/administration/maintenance-mode.xml +++ b/nixos/doc/manual/administration/maintenance-mode.xml @@ -8,7 +8,7 @@ You can enter rescue mode by running: -# systemctl rescue +# systemctl rescue This will eventually give you a single-user root shell. Systemd will stop (almost) all system services. To get out of maintenance mode, just exit from the rescue shell. diff --git a/nixos/doc/manual/administration/network-problems.xml b/nixos/doc/manual/administration/network-problems.xml index 570f5835884..1035e4e056a 100644 --- a/nixos/doc/manual/administration/network-problems.xml +++ b/nixos/doc/manual/administration/network-problems.xml @@ -16,12 +16,12 @@ disable the use of the binary cache by adding , e.g. -# nixos-rebuild switch --option use-binary-caches false +# nixos-rebuild switch --option use-binary-caches false If you have an alternative binary cache at your disposal, you can use it instead: -# nixos-rebuild switch --option binary-caches http://my-cache.example.org/ +# nixos-rebuild switch --option binary-caches http://my-cache.example.org/ diff --git a/nixos/doc/manual/administration/rebooting.xml b/nixos/doc/manual/administration/rebooting.xml index a5abd6f0258..c57d885c5f3 100644 --- a/nixos/doc/manual/administration/rebooting.xml +++ b/nixos/doc/manual/administration/rebooting.xml @@ -7,20 +7,20 @@ The system can be shut down (and automatically powered off) by doing: -# shutdown +# shutdown This is equivalent to running systemctl poweroff. To reboot the system, run -# reboot +# reboot which is equivalent to systemctl reboot. Alternatively, you can quickly reboot the system using kexec, which bypasses the BIOS by directly loading the new kernel into memory: -# systemctl kexec +# systemctl kexec diff --git a/nixos/doc/manual/administration/rollback.xml b/nixos/doc/manual/administration/rollback.xml index fb87810ba46..80d79e1a53f 100644 --- a/nixos/doc/manual/administration/rollback.xml +++ b/nixos/doc/manual/administration/rollback.xml @@ -20,16 +20,16 @@ has booted, you can make the selected configuration the default for subsequent boots: -# /run/current-system/bin/switch-to-configuration boot +# /run/current-system/bin/switch-to-configuration boot Second, you can switch to the previous configuration in a running system: -# nixos-rebuild switch --rollback +# nixos-rebuild switch --rollback This is equivalent to running: -# /nix/var/nix/profiles/system-N-link/bin/switch-to-configuration switch +# /nix/var/nix/profiles/system-N-link/bin/switch-to-configuration switch where N is the number of the NixOS system configuration. To get a list of the available configurations, do: diff --git a/nixos/doc/manual/administration/service-mgmt.xml b/nixos/doc/manual/administration/service-mgmt.xml index 1b9c745eb59..1c5d48a5bcf 100644 --- a/nixos/doc/manual/administration/service-mgmt.xml +++ b/nixos/doc/manual/administration/service-mgmt.xml @@ -58,9 +58,9 @@ Jan 07 15:55:57 hagbard systemd[1]: Started PostgreSQL Server. Units can be stopped, started or restarted: -# systemctl stop postgresql.service -# systemctl start postgresql.service -# systemctl restart postgresql.service +# systemctl stop postgresql.service +# systemctl start postgresql.service +# systemctl restart postgresql.service These operations are synchronous: they wait until the service has finished starting or stopping (or has failed). Starting a unit will cause the diff --git a/nixos/doc/manual/administration/user-sessions.xml b/nixos/doc/manual/administration/user-sessions.xml index 80daf6bdbff..9acb147ac1a 100644 --- a/nixos/doc/manual/administration/user-sessions.xml +++ b/nixos/doc/manual/administration/user-sessions.xml @@ -39,7 +39,7 @@ c3 - root (0) can terminate a session in a way that ensures that all the session’s processes are gone: -# loginctl terminate-session c3 +# loginctl terminate-session c3 diff --git a/nixos/doc/manual/configuration/adding-custom-packages.xml b/nixos/doc/manual/configuration/adding-custom-packages.xml index 02cb78f47e8..19eb2429d0a 100644 --- a/nixos/doc/manual/configuration/adding-custom-packages.xml +++ b/nixos/doc/manual/configuration/adding-custom-packages.xml @@ -25,7 +25,7 @@ xlink:href="https://nixos.org/nixpkgs/manual">Nixpkgs and you run nixos-rebuild, specifying your own Nixpkgs tree: -# nixos-rebuild switch -I nixpkgs=/path/to/my/nixpkgs +# nixos-rebuild switch -I nixpkgs=/path/to/my/nixpkgs diff --git a/nixos/doc/manual/configuration/linux-kernel.xml b/nixos/doc/manual/configuration/linux-kernel.xml index 644d3a33ffd..dbdcc941495 100644 --- a/nixos/doc/manual/configuration/linux-kernel.xml +++ b/nixos/doc/manual/configuration/linux-kernel.xml @@ -126,13 +126,13 @@ nixpkgs.config.packageOverrides = pkgs: mellanox drivers. -' -A linuxPackages.kernel.dev -$ nix-shell '' -A linuxPackages.kernel -$ unpackPhase -$ cd linux-* -$ make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules -# insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko -]]> + +$ nix-build '<nixpkgs>' -A linuxPackages.kernel.dev +$ nix-shell '<nixpkgs>' -A linuxPackages.kernel +$ unpackPhase +$ cd linux-* +$ make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules +# insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko + diff --git a/nixos/doc/manual/configuration/luks-file-systems.xml b/nixos/doc/manual/configuration/luks-file-systems.xml index 8a8168c095f..405a50a9e43 100644 --- a/nixos/doc/manual/configuration/luks-file-systems.xml +++ b/nixos/doc/manual/configuration/luks-file-systems.xml @@ -11,7 +11,7 @@ you create an encrypted Ext4 file system on the device /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: -# cryptsetup luksFormat /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d +# cryptsetup luksFormat /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d WARNING! ======== @@ -21,17 +21,17 @@ Are you sure? (Type uppercase yes): YES Enter LUKS passphrase: *** Verify passphrase: *** -# cryptsetup luksOpen /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d crypted +# cryptsetup luksOpen /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d crypted Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: *** -# mkfs.ext4 /dev/mapper/crypted +# mkfs.ext4 /dev/mapper/crypted To ensure that this file system is automatically mounted at boot time as /, add the following to configuration.nix: -boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d"; -."/".device = "/dev/mapper/crypted"; +boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d"; +."/".device = "/dev/mapper/crypted"; Should grub be used as bootloader, and /boot is located on an encrypted partition, it is necessary to add the following grub option: @@ -45,11 +45,11 @@ Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: *** and add it as a new key to our existing device /dev/sda2: -# export FIDO2_LABEL="/dev/sda2 @ $HOSTNAME" -# fido2luks credential "$FIDO2_LABEL" +# export FIDO2_LABEL="/dev/sda2 @ $HOSTNAME" +# fido2luks credential "$FIDO2_LABEL" f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7 -# fido2luks -i add-key /dev/sda2 f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7 +# fido2luks -i add-key /dev/sda2 f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7 Password: Password (again): Old password: @@ -60,13 +60,13 @@ Added to key to device /dev/sda2, slot: 2 To ensure that this file system is decrypted using the FIDO2 compatible key, add the following to configuration.nix: boot.initrd.luks.fido2Support = true; -boot.initrd.luks.devices."/dev/sda2".fido2.credential = "f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7"; +boot.initrd.luks.devices."/dev/sda2".fido2.credential = "f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7"; You can also use the FIDO2 passwordless setup, but for security reasons, you might want to enable it only when your device is PIN protected, such as Trezor. -boot.initrd.luks.devices."/dev/sda2".fido2.passwordLess = true; +boot.initrd.luks.devices."/dev/sda2".fido2.passwordLess = true; diff --git a/nixos/doc/manual/configuration/user-mgmt.xml b/nixos/doc/manual/configuration/user-mgmt.xml index 68324cc85b5..cbec83814c9 100644 --- a/nixos/doc/manual/configuration/user-mgmt.xml +++ b/nixos/doc/manual/configuration/user-mgmt.xml @@ -62,24 +62,24 @@ uid = 1000; useradd, groupmod and so on. For instance, to create a user account named alice: -# useradd -m alice +# useradd -m alice To make all nix tools available to this new user use `su - USER` which opens a login shell (==shell that loads the profile) for given user. This will create the ~/.nix-defexpr symlink. So run: -# su - alice -c "true" +# su - alice -c "true" The flag causes the creation of a home directory for the new user, which is generally what you want. The user does not have an initial password and therefore cannot log in. A password can be set using the passwd utility: -# passwd alice +# passwd alice Enter new UNIX password: *** Retype new UNIX password: *** A user can be deleted using userdel: -# userdel -r alice +# userdel -r alice The flag deletes the user’s home directory. Accounts can be modified using usermod. Unix groups can be managed using groupadd, groupmod and diff --git a/nixos/doc/manual/configuration/x-windows.xml b/nixos/doc/manual/configuration/x-windows.xml index 18f0be5e7f3..b33f6cf82b5 100644 --- a/nixos/doc/manual/configuration/x-windows.xml +++ b/nixos/doc/manual/configuration/x-windows.xml @@ -58,7 +58,7 @@ The X server can then be started manually: -# systemctl start display-manager.service +# systemctl start display-manager.service diff --git a/nixos/doc/manual/development/meta-attributes.xml b/nixos/doc/manual/development/meta-attributes.xml index 3d019a4987e..c626ef30e9d 100644 --- a/nixos/doc/manual/development/meta-attributes.xml +++ b/nixos/doc/manual/development/meta-attributes.xml @@ -57,7 +57,7 @@ linkend="ch-configuration"/>. Changes to a module documentation have to be checked to not break building the NixOS manual: -$ nix-build nixos/release.nix -A manual +$ nix-build nixos/release.nix -A manual diff --git a/nixos/doc/manual/development/writing-documentation.xml b/nixos/doc/manual/development/writing-documentation.xml index 2183937ad0d..32e00544cef 100644 --- a/nixos/doc/manual/development/writing-documentation.xml +++ b/nixos/doc/manual/development/writing-documentation.xml @@ -24,8 +24,8 @@ - $ cd /path/to/nixpkgs/nixos/doc/manual - $ make +$ cd /path/to/nixpkgs/nixos/doc/manual +$ make diff --git a/nixos/doc/manual/installation/installing-behind-a-proxy.xml b/nixos/doc/manual/installation/installing-behind-a-proxy.xml index c1ef638e876..6788882aa8c 100644 --- a/nixos/doc/manual/installation/installing-behind-a-proxy.xml +++ b/nixos/doc/manual/installation/installing-behind-a-proxy.xml @@ -27,13 +27,13 @@ networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; Setup the proxy environment variables in the shell where you are running nixos-install. - -# proxy_url="http://user:password@proxy:port/" -# export http_proxy="$proxy_url" -# export HTTP_PROXY="$proxy_url" -# export https_proxy="$proxy_url" -# export HTTPS_PROXY="$proxy_url" - + +# proxy_url="http://user:password@proxy:port/" +# export http_proxy="$proxy_url" +# export HTTP_PROXY="$proxy_url" +# export https_proxy="$proxy_url" +# export HTTPS_PROXY="$proxy_url" + diff --git a/nixos/doc/manual/installation/installing-from-other-distro.xml b/nixos/doc/manual/installation/installing-from-other-distro.xml index d2d1245c57a..8aac3226473 100644 --- a/nixos/doc/manual/installation/installing-from-other-distro.xml +++ b/nixos/doc/manual/installation/installing-from-other-distro.xml @@ -325,14 +325,14 @@ sudo /nix/var/nix/profiles/system/bin/switch-to-configuration boot to boot on a USB rescue disk and do something along these lines: -# mkdir root -# mount /dev/sdaX root -# mkdir root/nixos-root -# mv -v root/* root/nixos-root/ -# mv -v root/nixos-root/old-root/* root/ -# mv -v root/boot.bak root/boot # We had renamed this by hand earlier -# umount root -# reboot +# mkdir root +# mount /dev/sdaX root +# mkdir root/nixos-root +# mv -v root/* root/nixos-root/ +# mv -v root/nixos-root/old-root/* root/ +# mv -v root/boot.bak root/boot # We had renamed this by hand earlier +# umount root +# reboot This may work as is or you might also need to reinstall the boot loader diff --git a/nixos/doc/manual/installation/upgrading.xml b/nixos/doc/manual/installation/upgrading.xml index e5e02aa0752..08780051d5f 100644 --- a/nixos/doc/manual/installation/upgrading.xml +++ b/nixos/doc/manual/installation/upgrading.xml @@ -67,32 +67,32 @@ nixos-20.03 channel. To see which NixOS channel you’re subscribed to, run the following as root: -# nix-channel --list | grep nixos +# nix-channel --list | grep nixos nixos https://nixos.org/channels/nixos-unstable To switch to a different NixOS channel, do -# nix-channel --add https://nixos.org/channels/channel-name nixos +# nix-channel --add https://nixos.org/channels/channel-name nixos (Be sure to include the nixos parameter at the end.) For instance, to use the NixOS 20.03 stable channel: -# nix-channel --add https://nixos.org/channels/nixos-20.03 nixos +# nix-channel --add https://nixos.org/channels/nixos-20.03 nixos If you have a server, you may want to use the “small” channel instead: -# nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos +# nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos And if you want to live on the bleeding edge: -# nix-channel --add https://nixos.org/channels/nixos-unstable nixos +# nix-channel --add https://nixos.org/channels/nixos-unstable nixos You can then upgrade NixOS to the latest version in your chosen channel by running -# nixos-rebuild switch --upgrade +# nixos-rebuild switch --upgrade which is equivalent to the more verbose nix-channel --update nixos; nixos-rebuild switch. diff --git a/nixos/doc/manual/man-nixos-enter.xml b/nixos/doc/manual/man-nixos-enter.xml index f533d66099d..41f0e6b9751 100644 --- a/nixos/doc/manual/man-nixos-enter.xml +++ b/nixos/doc/manual/man-nixos-enter.xml @@ -136,13 +136,13 @@ /mnt: -# nixos-enter --root /mnt +# nixos-enter --root /mnt Run a shell command: -# nixos-enter -c 'ls -l /; cat /proc/mounts' +# nixos-enter -c 'ls -l /; cat /proc/mounts' Run a non-shell command: diff --git a/nixos/doc/manual/man-nixos-version.xml b/nixos/doc/manual/man-nixos-version.xml index aada08c5b4a..fae25721e39 100644 --- a/nixos/doc/manual/man-nixos-version.xml +++ b/nixos/doc/manual/man-nixos-version.xml @@ -33,7 +33,7 @@ This command shows the version of the currently active NixOS configuration. For example: -$ nixos-version +$ nixos-version 16.03.1011.6317da4 (Emu) The version consists of the following elements: @@ -111,7 +111,7 @@ Show the full SHA1 hash of the Git commit from which this configuration was built, e.g. -$ nixos-version --hash +$ nixos-version --hash 6317da40006f6bc2480c6781999c52d88dde2acf diff --git a/nixos/modules/services/backup/borgbackup.xml b/nixos/modules/services/backup/borgbackup.xml index a197f38ffb9..8f623c93656 100644 --- a/nixos/modules/services/backup/borgbackup.xml +++ b/nixos/modules/services/backup/borgbackup.xml @@ -69,10 +69,10 @@ access this single repository. You need the output of the generate pub file. - -# sudo ssh-keygen -N '' -t ed25519 -f /run/keys/id_ed25519_my_borg_repo -# cat /run/keys/id_ed25519_my_borg_repo -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos + +# sudo ssh-keygen -N '' -t ed25519 -f /run/keys/id_ed25519_my_borg_repo +# cat /run/keys/id_ed25519_my_borg_repo +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos Add the following snippet to your NixOS configuration: diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix index fb8644dd13a..2724d9f9cb6 100644 --- a/nixos/modules/system/activation/top-level.nix +++ b/nixos/modules/system/activation/top-level.nix @@ -159,9 +159,9 @@ in To switch to a specialised configuration (e.g. fewJobsManyCores) at runtime, run: - - # sudo /run/current-system/specialisation/fewJobsManyCores/bin/switch-to-configuration test - + + # sudo /run/current-system/specialisation/fewJobsManyCores/bin/switch-to-configuration test + ''; type = types.attrsOf (types.submodule ( { ... }: {