nixos/doc: Improve code listings

By adding prompts and replaceables and removing unnecessary indentation.
This commit is contained in:
Jan Tojnar 2020-09-23 00:38:47 +02:00
parent e1af37634b
commit e6ce041cae
No known key found for this signature in database
GPG Key ID: 7FAB2A15F7A607A4
21 changed files with 88 additions and 88 deletions

View File

@ -14,18 +14,18 @@
<para>
You create a container with identifier <literal>foo</literal> as follows:
<screen>
# nixos-container create foo
<prompt># </prompt>nixos-container create <replaceable>foo</replaceable>
</screen>
This creates the containers root directory in
<filename>/var/lib/containers/foo</filename> and a small configuration file
in <filename>/etc/containers/foo.conf</filename>. It also builds the
<filename>/var/lib/containers/<replaceable>foo</replaceable></filename> and a small configuration file
in <filename>/etc/containers/<replaceable>foo</replaceable>.conf</filename>. It also builds the
containers initial system configuration and stores it in
<filename>/nix/var/nix/profiles/per-container/foo/system</filename>. You can
<filename>/nix/var/nix/profiles/per-container/<replaceable>foo</replaceable>/system</filename>. You can
modify the initial configuration of the container on the command line. For
instance, to create a container that has <command>sshd</command> running,
with the given public key for <literal>root</literal>:
<screen>
# nixos-container create foo --config '
<prompt># </prompt>nixos-container create <replaceable>foo</replaceable> --config '
<xref linkend="opt-services.openssh.enable"/> = true;
<link linkend="opt-users.users._name_.openssh.authorizedKeys.keys">users.users.root.openssh.authorizedKeys.keys</link> = ["ssh-dss AAAAB3N…"];
'
@ -34,7 +34,7 @@
as container IP. This behavior can be altered by setting <literal>--host-address</literal> and
<literal>--local-address</literal>:
<screen>
# nixos-container create test --config-file test-container.nix \
<prompt># </prompt>nixos-container create test --config-file test-container.nix \
--local-address 10.235.1.2 --host-address 10.235.1.1
</screen>
</para>
@ -42,7 +42,7 @@
<para>
Creating a container does not start it. To start the container, run:
<screen>
# nixos-container start foo
<prompt># </prompt>nixos-container start <replaceable>foo</replaceable>
</screen>
This command will return as soon as the container has booted and has reached
<literal>multi-user.target</literal>. On the host, the container runs within
@ -51,7 +51,7 @@
Thus, if something went wrong, you can get status info using
<command>systemctl</command>:
<screen>
# systemctl status container@foo
<prompt># </prompt>systemctl status container@<replaceable>foo</replaceable>
</screen>
</para>
@ -59,22 +59,22 @@
If the container has started successfully, you can log in as root using the
<command>root-login</command> operation:
<screen>
# nixos-container root-login foo
[root@foo:~]#
<prompt># </prompt>nixos-container root-login <replaceable>foo</replaceable>
<prompt>[root@foo:~]#</prompt>
</screen>
Note that only root on the host can do this (since there is no
authentication). You can also get a regular login prompt using the
<command>login</command> operation, which is available to all users on the
host:
<screen>
# nixos-container login foo
<prompt># </prompt>nixos-container login <replaceable>foo</replaceable>
foo login: alice
Password: ***
</screen>
With <command>nixos-container run</command>, you can execute arbitrary
commands in the container:
<screen>
# nixos-container run foo -- uname -a
<prompt># </prompt>nixos-container run <replaceable>foo</replaceable> -- uname -a
Linux foo 3.4.82 #1-NixOS SMP Thu Mar 20 14:44:05 UTC 2014 x86_64 GNU/Linux
</screen>
</para>
@ -85,18 +85,18 @@ Linux foo 3.4.82 #1-NixOS SMP Thu Mar 20 14:44:05 UTC 2014 x86_64 GNU/Linux
<literal>/var/lib/container/<replaceable>name</replaceable>/etc/nixos/configuration.nix</literal>,
and run
<screen>
# nixos-container update foo
<prompt># </prompt>nixos-container update <replaceable>foo</replaceable>
</screen>
This will build and activate the new configuration. You can also specify a
new configuration on the command line:
<screen>
# nixos-container update foo --config '
<prompt># </prompt>nixos-container update <replaceable>foo</replaceable> --config '
<xref linkend="opt-services.httpd.enable"/> = true;
<xref linkend="opt-services.httpd.adminAddr"/> = "foo@example.org";
<xref linkend="opt-networking.firewall.allowedTCPPorts"/> = [ 80 ];
'
# curl http://$(nixos-container show-ip foo)/
<prompt># </prompt>curl http://$(nixos-container show-ip <replaceable>foo</replaceable>)/
&lt;!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">…
</screen>
However, note that this will overwrite the containers
@ -117,7 +117,7 @@ Linux foo 3.4.82 #1-NixOS SMP Thu Mar 20 14:44:05 UTC 2014 x86_64 GNU/Linux
by using <command>systemctl</command> on the containers service unit. To
destroy a container, including its file system, do
<screen>
# nixos-container destroy foo
<prompt># </prompt>nixos-container destroy <replaceable>foo</replaceable>
</screen>
</para>
</section>

View File

@ -8,7 +8,7 @@
<para>
You can enter rescue mode by running:
<screen>
# systemctl rescue</screen>
<prompt># </prompt>systemctl rescue</screen>
This will eventually give you a single-user root shell. Systemd will stop
(almost) all system services. To get out of maintenance mode, just exit from
the rescue shell.

View File

@ -16,12 +16,12 @@
disable the use of the binary cache by adding <option>--option
use-binary-caches false</option>, e.g.
<screen>
# nixos-rebuild switch --option use-binary-caches false
<prompt># </prompt>nixos-rebuild switch --option use-binary-caches false
</screen>
If you have an alternative binary cache at your disposal, you can use it
instead:
<screen>
# nixos-rebuild switch --option binary-caches http://my-cache.example.org/
<prompt># </prompt>nixos-rebuild switch --option binary-caches <replaceable>http://my-cache.example.org/</replaceable>
</screen>
</para>
</section>

View File

@ -7,20 +7,20 @@
<para>
The system can be shut down (and automatically powered off) by doing:
<screen>
# shutdown
<prompt># </prompt>shutdown
</screen>
This is equivalent to running <command>systemctl poweroff</command>.
</para>
<para>
To reboot the system, run
<screen>
# reboot
<prompt># </prompt>reboot
</screen>
which is equivalent to <command>systemctl reboot</command>. Alternatively,
you can quickly reboot the system using <literal>kexec</literal>, which
bypasses the BIOS by directly loading the new kernel into memory:
<screen>
# systemctl kexec
<prompt># </prompt>systemctl kexec
</screen>
</para>
<para>

View File

@ -20,16 +20,16 @@
has booted, you can make the selected configuration the default for
subsequent boots:
<screen>
# /run/current-system/bin/switch-to-configuration boot</screen>
<prompt># </prompt>/run/current-system/bin/switch-to-configuration boot</screen>
</para>
<para>
Second, you can switch to the previous configuration in a running system:
<screen>
# nixos-rebuild switch --rollback</screen>
<prompt># </prompt>nixos-rebuild switch --rollback</screen>
This is equivalent to running:
<screen>
# /nix/var/nix/profiles/system-<replaceable>N</replaceable>-link/bin/switch-to-configuration switch</screen>
<prompt># </prompt>/nix/var/nix/profiles/system-<replaceable>N</replaceable>-link/bin/switch-to-configuration switch</screen>
where <replaceable>N</replaceable> is the number of the NixOS system
configuration. To get a list of the available configurations, do:
<screen>

View File

@ -58,9 +58,9 @@ Jan 07 15:55:57 hagbard systemd[1]: Started PostgreSQL Server.
<para>
Units can be stopped, started or restarted:
<screen>
# systemctl stop postgresql.service
# systemctl start postgresql.service
# systemctl restart postgresql.service
<prompt># </prompt>systemctl stop postgresql.service
<prompt># </prompt>systemctl start postgresql.service
<prompt># </prompt>systemctl restart postgresql.service
</screen>
These operations are synchronous: they wait until the service has finished
starting or stopping (or has failed). Starting a unit will cause the

View File

@ -39,7 +39,7 @@ c3 - root (0)
can terminate a session in a way that ensures that all the sessions
processes are gone:
<screen>
# loginctl terminate-session c3
<prompt># </prompt>loginctl terminate-session c3
</screen>
</para>
</chapter>

View File

@ -25,7 +25,7 @@ xlink:href="https://nixos.org/nixpkgs/manual">Nixpkgs
and you run <command>nixos-rebuild</command>, specifying your own Nixpkgs
tree:
<screen>
# nixos-rebuild switch -I nixpkgs=/path/to/my/nixpkgs</screen>
<prompt># </prompt>nixos-rebuild switch -I nixpkgs=/path/to/my/nixpkgs</screen>
</para>
<para>

View File

@ -126,13 +126,13 @@ nixpkgs.config.packageOverrides = pkgs:
<literal>mellanox</literal> drivers.
</para>
<screen><![CDATA[
$ nix-build '<nixpkgs>' -A linuxPackages.kernel.dev
$ nix-shell '<nixpkgs>' -A linuxPackages.kernel
$ unpackPhase
$ cd linux-*
$ make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules
# insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko
]]></screen>
<screen>
<prompt>$ </prompt>nix-build '&lt;nixpkgs>' -A linuxPackages.kernel.dev
<prompt>$ </prompt>nix-shell '&lt;nixpkgs>' -A linuxPackages.kernel
<prompt>$ </prompt>unpackPhase
<prompt>$ </prompt>cd linux-*
<prompt>$ </prompt>make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules
<prompt># </prompt>insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko
</screen>
</section>
</chapter>

View File

@ -11,7 +11,7 @@
you create an encrypted Ext4 file system on the device
<filename>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</filename>:
<screen>
# cryptsetup luksFormat /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d
<prompt># </prompt>cryptsetup luksFormat <replaceable>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</replaceable>
WARNING!
========
@ -21,17 +21,17 @@ Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase: ***
Verify passphrase: ***
# cryptsetup luksOpen /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d crypted
<prompt># </prompt>cryptsetup luksOpen <replaceable>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</replaceable> <replaceable>crypted</replaceable>
Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: ***
# mkfs.ext4 /dev/mapper/crypted
<prompt># </prompt>mkfs.ext4 /dev/mapper/<replaceable>crypted</replaceable>
</screen>
To ensure that this file system is automatically mounted at boot time as
<filename>/</filename>, add the following to
<filename>configuration.nix</filename>:
<programlisting>
<link linkend="opt-boot.initrd.luks.devices._name_.device">boot.initrd.luks.devices.crypted.device</link> = "/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d";
<xref linkend="opt-fileSystems"/>."/".device = "/dev/mapper/crypted";
<link linkend="opt-boot.initrd.luks.devices._name_.device">boot.initrd.luks.devices.crypted.device</link> = "<replaceable>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</replaceable>";
<xref linkend="opt-fileSystems"/>."/".device = "/dev/mapper/<replaceable>crypted</replaceable>";
</programlisting>
Should grub be used as bootloader, and <filename>/boot</filename> is located
on an encrypted partition, it is necessary to add the following grub option:
@ -45,11 +45,11 @@ Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: ***
and add it as a new key to our existing device <filename>/dev/sda2</filename>:
<screen>
# export FIDO2_LABEL="/dev/sda2 @ $HOSTNAME"
# fido2luks credential "$FIDO2_LABEL"
<prompt># </prompt>export FIDO2_LABEL="<replaceable>/dev/sda2</replaceable> @ $HOSTNAME"
<prompt># </prompt>fido2luks credential "$FIDO2_LABEL"
f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7
# fido2luks -i add-key /dev/sda2 f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7
<prompt># </prompt>fido2luks -i add-key <replaceable>/dev/sda2</replaceable> <replaceable>f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7</replaceable>
Password:
Password (again):
Old password:
@ -60,13 +60,13 @@ Added to key to device /dev/sda2, slot: 2
To ensure that this file system is decrypted using the FIDO2 compatible key, add the following to <filename>configuration.nix</filename>:
<programlisting>
<link linkend="opt-boot.initrd.luks.fido2Support">boot.initrd.luks.fido2Support</link> = true;
<link linkend="opt-boot.initrd.luks.devices._name_.fido2.credential">boot.initrd.luks.devices."/dev/sda2".fido2.credential</link> = "f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7";
<link linkend="opt-boot.initrd.luks.devices._name_.fido2.credential">boot.initrd.luks.devices."<replaceable>/dev/sda2</replaceable>".fido2.credential</link> = "<replaceable>f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7</replaceable>";
</programlisting>
You can also use the FIDO2 passwordless setup, but for security reasons, you might want to enable it only when your device is PIN protected, such as <link xlink:href="https://trezor.io/">Trezor</link>.
<programlisting>
<link linkend="opt-boot.initrd.luks.devices._name_.fido2.passwordLess">boot.initrd.luks.devices."/dev/sda2".fido2.passwordLess</link> = true;
<link linkend="opt-boot.initrd.luks.devices._name_.fido2.passwordLess">boot.initrd.luks.devices."<replaceable>/dev/sda2</replaceable>".fido2.passwordLess</link> = true;
</programlisting>
</para>
</section>

View File

@ -62,24 +62,24 @@ uid = 1000;
<command>useradd</command>, <command>groupmod</command> and so on. For
instance, to create a user account named <literal>alice</literal>:
<screen>
# useradd -m alice</screen>
<prompt># </prompt>useradd -m <replaceable>alice</replaceable></screen>
To make all nix tools available to this new user use `su - USER` which opens
a login shell (==shell that loads the profile) for given user. This will
create the ~/.nix-defexpr symlink. So run:
<screen>
# su - alice -c "true"</screen>
<prompt># </prompt>su - <replaceable>alice</replaceable> -c "true"</screen>
The flag <option>-m</option> causes the creation of a home directory for the
new user, which is generally what you want. The user does not have an initial
password and therefore cannot log in. A password can be set using the
<command>passwd</command> utility:
<screen>
# passwd alice
<prompt># </prompt>passwd <replaceable>alice</replaceable>
Enter new UNIX password: ***
Retype new UNIX password: ***
</screen>
A user can be deleted using <command>userdel</command>:
<screen>
# userdel -r alice</screen>
<prompt># </prompt>userdel -r <replaceable>alice</replaceable></screen>
The flag <option>-r</option> deletes the users home directory. Accounts
can be modified using <command>usermod</command>. Unix groups can be managed
using <command>groupadd</command>, <command>groupmod</command> and

View File

@ -58,7 +58,7 @@
</programlisting>
The X server can then be started manually:
<screen>
# systemctl start display-manager.service
<prompt># </prompt>systemctl start display-manager.service
</screen>
</para>
<para>

View File

@ -57,7 +57,7 @@
linkend="ch-configuration"/>. Changes to a module documentation
have to be checked to not break building the NixOS manual:
</para>
<programlisting>$ nix-build nixos/release.nix -A manual</programlisting>
<screen><prompt>$ </prompt>nix-build nixos/release.nix -A manual</screen>
</callout>
</calloutlist>
</section>

View File

@ -24,8 +24,8 @@
</para>
<screen>
$ cd /path/to/nixpkgs/nixos/doc/manual
$ make
<prompt>$ </prompt>cd /path/to/nixpkgs/nixos/doc/manual
<prompt>$ </prompt>make
</screen>
<para>

View File

@ -27,13 +27,13 @@ networking.proxy.noProxy = &quot;127.0.0.1,localhost,internal.domain&quot;;
Setup the proxy environment variables in the shell where you are running
<literal>nixos-install</literal>.
</para>
<programlisting>
# proxy_url=&quot;http://user:password@proxy:port/&quot;
# export http_proxy=&quot;$proxy_url&quot;
# export HTTP_PROXY=&quot;$proxy_url&quot;
# export https_proxy=&quot;$proxy_url&quot;
# export HTTPS_PROXY=&quot;$proxy_url&quot;
</programlisting>
<screen>
<prompt># </prompt>proxy_url=&quot;http://user:password@proxy:port/&quot;
<prompt># </prompt>export http_proxy=&quot;$proxy_url&quot;
<prompt># </prompt>export HTTP_PROXY=&quot;$proxy_url&quot;
<prompt># </prompt>export https_proxy=&quot;$proxy_url&quot;
<prompt># </prompt>export HTTPS_PROXY=&quot;$proxy_url&quot;
</screen>
</listitem>
</orderedlist>

View File

@ -325,14 +325,14 @@ sudo /nix/var/nix/profiles/system/bin/switch-to-configuration boot
to boot on a USB rescue disk and do something along these lines:
</para>
<screen>
# mkdir root
# mount /dev/sdaX root
# mkdir root/nixos-root
# mv -v root/* root/nixos-root/
# mv -v root/nixos-root/old-root/* root/
# mv -v root/boot.bak root/boot # We had renamed this by hand earlier
# umount root
# reboot</screen>
<prompt># </prompt>mkdir root
<prompt># </prompt>mount /dev/sdaX root
<prompt># </prompt>mkdir root/nixos-root
<prompt># </prompt>mv -v root/* root/nixos-root/
<prompt># </prompt>mv -v root/nixos-root/old-root/* root/
<prompt># </prompt>mv -v root/boot.bak root/boot # We had renamed this by hand earlier
<prompt># </prompt>umount root
<prompt># </prompt>reboot</screen>
<para>
This may work as is or you might also need to reinstall the boot loader
</para>

View File

@ -67,32 +67,32 @@
<literal>nixos-20.03</literal> channel. To see which NixOS channel youre
subscribed to, run the following as root:
<screen>
# nix-channel --list | grep nixos
<prompt># </prompt>nix-channel --list | grep nixos
nixos https://nixos.org/channels/nixos-unstable
</screen>
To switch to a different NixOS channel, do
<screen>
# nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos
<prompt># </prompt>nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos
</screen>
(Be sure to include the <literal>nixos</literal> parameter at the end.) For
instance, to use the NixOS 20.03 stable channel:
<screen>
# nix-channel --add https://nixos.org/channels/nixos-20.03 nixos
<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-20.03 nixos
</screen>
If you have a server, you may want to use the “small” channel instead:
<screen>
# nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos
<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos
</screen>
And if you want to live on the bleeding edge:
<screen>
# nix-channel --add https://nixos.org/channels/nixos-unstable nixos
<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-unstable nixos
</screen>
</para>
<para>
You can then upgrade NixOS to the latest version in your chosen channel by
running
<screen>
# nixos-rebuild switch --upgrade
<prompt># </prompt>nixos-rebuild switch --upgrade
</screen>
which is equivalent to the more verbose <literal>nix-channel --update nixos;
nixos-rebuild switch</literal>.

View File

@ -136,13 +136,13 @@
<filename>/mnt</filename>:
</para>
<screen>
# nixos-enter --root /mnt
<prompt># </prompt>nixos-enter --root /mnt
</screen>
<para>
Run a shell command:
</para>
<screen>
# nixos-enter -c 'ls -l /; cat /proc/mounts'
<prompt># </prompt>nixos-enter -c 'ls -l /; cat /proc/mounts'
</screen>
<para>
Run a non-shell command:

View File

@ -33,7 +33,7 @@
<para>
This command shows the version of the currently active NixOS configuration.
For example:
<screen>$ nixos-version
<screen><prompt>$ </prompt>nixos-version
16.03.1011.6317da4 (Emu)
</screen>
The version consists of the following elements:
@ -111,7 +111,7 @@
<para>
Show the full SHA1 hash of the Git commit from which this configuration
was built, e.g.
<screen>$ nixos-version --hash
<screen><prompt>$ </prompt>nixos-version --hash
6317da40006f6bc2480c6781999c52d88dde2acf
</screen>
</para>

View File

@ -69,10 +69,10 @@
access this single repository. You need the output of the generate pub file.
</para>
<para>
<programlisting>
# sudo ssh-keygen -N '' -t ed25519 -f /run/keys/id_ed25519_my_borg_repo
# cat /run/keys/id_ed25519_my_borg_repo
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos</programlisting>
<screen>
<prompt># </prompt>sudo ssh-keygen -N '' -t ed25519 -f /run/keys/id_ed25519_my_borg_repo
<prompt># </prompt>cat /run/keys/id_ed25519_my_borg_repo
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos</screen>
</para>
<para>
Add the following snippet to your NixOS configuration:

View File

@ -159,9 +159,9 @@ in
To switch to a specialised configuration
(e.g. <literal>fewJobsManyCores</literal>) at runtime, run:
<programlisting>
# sudo /run/current-system/specialisation/fewJobsManyCores/bin/switch-to-configuration test
</programlisting>
<screen>
<prompt># </prompt>sudo /run/current-system/specialisation/fewJobsManyCores/bin/switch-to-configuration test
</screen>
'';
type = types.attrsOf (types.submodule (
{ ... }: {