Merge commit '432fc2d9a67f92e05438dff5fdc2b39d33f77997'

# Conflicts: # nixpkgs/pkgs/applications/editors/emacs/elisp-packages/elpa-generated.nix # nixpkgs/pkgs/applications/networking/mailreaders/thunderbird/default.nix # nixpkgs/pkgs/applications/window-managers/sway/default.nix # nixpkgs/pkgs/build-support/rust/default.nix # nixpkgs/pkgs/development/go-modules/generic/default.nix
author: Alyssa Ross <hi@alyssa.is> 2021-06-22 15:01:47 +0000
committer: Alyssa Ross <hi@alyssa.is> 2021-06-22 16:57:59 +0000
commit: 633cab0ecb07627706c6b523e219490f019eaab5 (patch)
tree: 4fb472bdfe2723037dad53dc1b8a87c939015f5e /nixpkgs/nixos/doc/manual
parent: ffb691c199e7e0cbc4e45e5310779c9e3f7c2a73 (diff)
parent: 432fc2d9a67f92e05438dff5fdc2b39d33f77997 (diff)
download: nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar
nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.gz
nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.bz2
nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.lz
nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.xz
nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.zst
nixlib-633cab0ecb07627706c6b523e219490f019eaab5.zip
30 files changed, 1058 insertions, 628 deletions
diff --git a/nixpkgs/nixos/doc/manual/configuration/abstractions.section.md b/nixpkgs/nixos/doc/manual/configuration/abstractions.section.md
new file mode 100644
index 000000000000..bf26e4c51ed3
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/configuration/abstractions.section.md
@@ -0,0 +1,80 @@
+# Abstractions {#sec-module-abstractions}
+
+If you find yourself repeating yourself over and over, it’s time to abstract. Take, for instance, this Apache HTTP Server configuration:
+
+```nix
+{
+  services.httpd.virtualHosts =
+    { "blog.example.org" = {
+        documentRoot = "/webroot/blog.example.org";
+        adminAddr = "alice@example.org";
+        forceSSL = true;
+        enableACME = true;
+        enablePHP = true;
+      };
+      "wiki.example.org" = {
+        documentRoot = "/webroot/wiki.example.org";
+        adminAddr = "alice@example.org";
+        forceSSL = true;
+        enableACME = true;
+        enablePHP = true;
+      };
+    };
+}
+```
+
+It defines two virtual hosts with nearly identical configuration; the only difference is the document root directories. To prevent this duplication, we can use a `let`:
+```nix
+let
+  commonConfig =
+    { adminAddr = "alice@example.org";
+      forceSSL = true;
+      enableACME = true;
+    };
+in
+{
+  services.httpd.virtualHosts =
+    { "blog.example.org" = (commonConfig // { documentRoot = "/webroot/blog.example.org"; });
+      "wiki.example.org" = (commonConfig // { documentRoot = "/webroot/wiki.example.com"; });
+    };
+}
+```
+
+The `let commonConfig = ...` defines a variable named `commonConfig`. The `//` operator merges two attribute sets, so the configuration of the second virtual host is the set `commonConfig` extended with the document root option.
+
+You can write a `let` wherever an expression is allowed. Thus, you also could have written:
+
+```nix
+{
+  services.httpd.virtualHosts =
+    let commonConfig = ...; in
+    { "blog.example.org" = (commonConfig // { ... })
+      "wiki.example.org" = (commonConfig // { ... })
+    };
+}
+```
+
+but not `{ let commonConfig = ...; in ...; }` since attributes (as opposed to attribute values) are not expressions.
+
+**Functions** provide another method of abstraction. For instance, suppose that we want to generate lots of different virtual hosts, all with identical configuration except for the document root. This can be done as follows:
+
+```nix
+{
+  services.httpd.virtualHosts =
+    let
+      makeVirtualHost = webroot:
+        { documentRoot = webroot;
+          adminAddr = "alice@example.org";
+          forceSSL = true;
+          enableACME = true;
+        };
+    in
+      { "example.org" = (makeVirtualHost "/webroot/example.org");
+        "example.com" = (makeVirtualHost "/webroot/example.com");
+        "example.gov" = (makeVirtualHost "/webroot/example.gov");
+        "example.nl" = (makeVirtualHost "/webroot/example.nl");
+      };
+}
+```
+
+Here, `makeVirtualHost` is a function that takes a single argument `webroot` and returns the configuration for a virtual host. That function is then called for several names to produce the list of virtual host configurations.
diff --git a/nixpkgs/nixos/doc/manual/configuration/abstractions.xml b/nixpkgs/nixos/doc/manual/configuration/abstractions.xml
deleted file mode 100644
index df9ff2615e1a..000000000000
--- a/nixpkgs/nixos/doc/manual/configuration/abstractions.xml
+++ /dev/null
@@ -1,101 +0,0 @@
-<section xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xmlns:xi="http://www.w3.org/2001/XInclude"
-         version="5.0"
-         xml:id="sec-module-abstractions">
- <title>Abstractions</title>
-
- <para>
-  If you find yourself repeating yourself over and over, it’s time to
-  abstract. Take, for instance, this Apache HTTP Server configuration:
-<programlisting>
-{
-  <xref linkend="opt-services.httpd.virtualHosts"/> =
-    { "blog.example.org" = {
-        documentRoot = "/webroot/blog.example.org";
-        adminAddr = "alice@example.org";
-        forceSSL = true;
-        enableACME = true;
-        enablePHP = true;
-      };
-      "wiki.example.org" = {
-        documentRoot = "/webroot/wiki.example.org";
-        adminAddr = "alice@example.org";
-        forceSSL = true;
-        enableACME = true;
-        enablePHP = true;
-      };
-    };
-}
-</programlisting>
-  It defines two virtual hosts with nearly identical configuration; the only
-  difference is the document root directories. To prevent this
-  duplication, we can use a <literal>let</literal>:
-<programlisting>
-let
-  commonConfig =
-    { adminAddr = "alice@example.org";
-      forceSSL = true;
-      enableACME = true;
-    };
-in
-{
-  <xref linkend="opt-services.httpd.virtualHosts"/> =
-    { "blog.example.org" = (commonConfig // { documentRoot = "/webroot/blog.example.org"; });
-      "wiki.example.org" = (commonConfig // { documentRoot = "/webroot/wiki.example.com"; });
-    };
-}
-</programlisting>
-  The <literal>let commonConfig = <replaceable>...</replaceable></literal>
-  defines a variable named <literal>commonConfig</literal>. The
-  <literal>//</literal> operator merges two attribute sets, so the
-  configuration of the second virtual host is the set
-  <literal>commonConfig</literal> extended with the document root option.
- </para>
-
- <para>
-  You can write a <literal>let</literal> wherever an expression is allowed.
-  Thus, you also could have written:
-<programlisting>
-{
-  <xref linkend="opt-services.httpd.virtualHosts"/> =
-    let commonConfig = <replaceable>...</replaceable>; in
-    { "blog.example.org" = (commonConfig // { <replaceable>...</replaceable> })
-      "wiki.example.org" = (commonConfig // { <replaceable>...</replaceable> })
-    };
-}
-</programlisting>
-  but not <literal>{ let commonConfig = <replaceable>...</replaceable>; in
-  <replaceable>...</replaceable>; }</literal> since attributes (as opposed to
-  attribute values) are not expressions.
- </para>
-
- <para>
-  <emphasis>Functions</emphasis> provide another method of abstraction. For
-  instance, suppose that we want to generate lots of different virtual hosts,
-  all with identical configuration except for the document root. This can be done
-  as follows:
-<programlisting>
-{
-  <xref linkend="opt-services.httpd.virtualHosts"/> =
-    let
-      makeVirtualHost = webroot:
-        { documentRoot = webroot;
-          adminAddr = "alice@example.org";
-          forceSSL = true;
-          enableACME = true;
-        };
-    in
-      { "example.org" = (makeVirtualHost "/webroot/example.org");
-        "example.com" = (makeVirtualHost "/webroot/example.com");
-        "example.gov" = (makeVirtualHost "/webroot/example.gov");
-        "example.nl" = (makeVirtualHost "/webroot/example.nl");
-      };
-}
-</programlisting>
-  Here, <varname>makeVirtualHost</varname> is a function that takes a single
-  argument <literal>webroot</literal> and returns the configuration for a virtual
-  host. That function is then called for several names to produce the list of
-  virtual host configurations.
- </para>
-</section>
diff --git a/nixpkgs/nixos/doc/manual/configuration/config-syntax.xml b/nixpkgs/nixos/doc/manual/configuration/config-syntax.xml
index 5526dea247c0..a374c6a87074 100644
--- a/nixpkgs/nixos/doc/manual/configuration/config-syntax.xml
+++ b/nixpkgs/nixos/doc/manual/configuration/config-syntax.xml
@@ -19,7 +19,7 @@ xlink:href="https://nixos.org/nix/manual/#chap-writing-nix-expressions">Nix
   constructs useful in NixOS configuration files.
  </para>
  <xi:include href="config-file.xml" />
- <xi:include href="abstractions.xml" />
+ <xi:include href="../from_md/configuration/abstractions.section.xml" />
  <xi:include href="modularity.xml" />
  <xi:include href="summary.xml" />
 </chapter>
diff --git a/nixpkgs/nixos/doc/manual/configuration/gpu-accel.xml b/nixpkgs/nixos/doc/manual/configuration/gpu-accel.xml
index 3695a5ff445a..9aa9be86a061 100644
--- a/nixpkgs/nixos/doc/manual/configuration/gpu-accel.xml
+++ b/nixpkgs/nixos/doc/manual/configuration/gpu-accel.xml
@@ -178,9 +178,9 @@ GPU1:
        Core Next</link> (GCN) GPUs are supported through either radv, which is
        part of <package>mesa</package>, or the <package>amdvlk</package> package.
        Adding the <package>amdvlk</package> package to
-       <xref linkend="opt-hardware.opengl.extraPackages"/> makes both drivers
-       available for applications and lets them choose. A specific driver can
-       be forced as follows:
+       <xref linkend="opt-hardware.opengl.extraPackages"/> makes amdvlk the
+       default driver and hides radv and lavapipe from the device list. A
+       specific driver can be forced as follows:
 
        <programlisting><xref linkend="opt-hardware.opengl.extraPackages"/> = [
          pkgs.<package>amdvlk</package>
@@ -191,10 +191,9 @@ GPU1:
          pkgs.driversi686Linux.<package>amdvlk</package>
        ];
 
-       # For amdvlk
-       <xref linkend="opt-environment.variables"/>.VK_ICD_FILENAMES =
-          "/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json";
-       # For radv
+       # Force radv
+       <xref linkend="opt-environment.variables"/>.AMD_VULKAN_ICD = "RADV";
+       # Or
        <xref linkend="opt-environment.variables"/>.VK_ICD_FILENAMES =
          "/run/opengl-driver/share/vulkan/icd.d/radeon_icd.x86_64.json";
        </programlisting>
diff --git a/nixpkgs/nixos/doc/manual/configuration/ipv6-config.xml b/nixpkgs/nixos/doc/manual/configuration/ipv6-config.xml
index 7b89b4092be7..45e85dbf3dfd 100644
--- a/nixpkgs/nixos/doc/manual/configuration/ipv6-config.xml
+++ b/nixpkgs/nixos/doc/manual/configuration/ipv6-config.xml
@@ -7,8 +7,12 @@
 
  <para>
   IPv6 is enabled by default. Stateless address autoconfiguration is used to
-  automatically assign IPv6 addresses to all interfaces. You can disable IPv6
-  support globally by setting:
+  automatically assign IPv6 addresses to all interfaces, and Privacy
+  Extensions (RFC 4946) are enabled by default. You can adjust the default
+  for this by setting <xref linkend="opt-networking.tempAddresses"/>.
+  This option may be overridden on a per-interface basis by
+  <xref linkend="opt-networking.interfaces._name_.tempAddress"/>.
+  You can disable IPv6 support globally by setting:
 <programlisting>
 <xref linkend="opt-networking.enableIPv6"/> = false;
 </programlisting>
diff --git a/nixpkgs/nixos/doc/manual/configuration/x-windows.xml b/nixpkgs/nixos/doc/manual/configuration/x-windows.xml
index 757174c52632..e72193897068 100644
--- a/nixpkgs/nixos/doc/manual/configuration/x-windows.xml
+++ b/nixpkgs/nixos/doc/manual/configuration/x-windows.xml
@@ -25,7 +25,7 @@
 <programlisting>
 <xref linkend="opt-services.xserver.desktopManager.plasma5.enable"/> = true;
 <xref linkend="opt-services.xserver.desktopManager.xfce.enable"/> = true;
-<xref linkend="opt-services.xserver.desktopManager.gnome3.enable"/> = true;
+<xref linkend="opt-services.xserver.desktopManager.gnome.enable"/> = true;
 <xref linkend="opt-services.xserver.desktopManager.mate.enable"/> = true;
 <xref linkend="opt-services.xserver.windowManager.xmonad.enable"/> = true;
 <xref linkend="opt-services.xserver.windowManager.twm.enable"/> = true;
diff --git a/nixpkgs/nixos/doc/manual/contributing-to-this-manual.chapter.md b/nixpkgs/nixos/doc/manual/contributing-to-this-manual.chapter.md
new file mode 100644
index 000000000000..26813d1042d6
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/contributing-to-this-manual.chapter.md
@@ -0,0 +1,13 @@
+# Contributing to this manual {#chap-contributing}
+
+The DocBook and CommonMark sources of NixOS' manual are in the [nixos/doc/manual](https://github.com/NixOS/nixpkgs/tree/master/nixos/doc/manual) subdirectory of the [Nixpkgs](https://github.com/NixOS/nixpkgs) repository.
+
+You can quickly check your edits with the following:
+
+```ShellSession
+$ cd /path/to/nixpkgs
+$ ./nixos/doc/manual/md-to-db.sh
+$ nix-build nixos/release.nix -A manual.x86_64-linux
+```
+
+If the build succeeds, the manual will be in `./result/share/doc/nixos/index.html`.
diff --git a/nixpkgs/nixos/doc/manual/contributing-to-this-manual.xml b/nixpkgs/nixos/doc/manual/contributing-to-this-manual.xml
deleted file mode 100644
index 137e04bb313b..000000000000
--- a/nixpkgs/nixos/doc/manual/contributing-to-this-manual.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-<chapter xmlns="http://docbook.org/ns/docbook"
-         xmlns:xlink="http://www.w3.org/1999/xlink"
-         xml:id="chap-contributing">
- <title>Contributing to this manual</title>
- <para>
-  The DocBook sources of NixOS' manual are in the <filename
-xlink:href="https://github.com/NixOS/nixpkgs/tree/master/nixos/doc/manual">
-nixos/doc/manual</filename> subdirectory of the <link
-xlink:href="https://github.com/NixOS/nixpkgs">Nixpkgs</link> repository.
- </para>
- <para>
-  You can quickly check your edits with the following:
- </para>
-<screen>
-<prompt>$ </prompt>cd /path/to/nixpkgs
-<prompt>$ </prompt>nix-build nixos/release.nix -A manual.x86_64-linux
-</screen>
- <para>
-  If the build succeeds, the manual will be in
-  <filename>./result/share/doc/nixos/index.html</filename>.
- </para>
-</chapter>
diff --git a/nixpkgs/nixos/doc/manual/development/building-nixos.chapter.md b/nixpkgs/nixos/doc/manual/development/building-nixos.chapter.md
new file mode 100644
index 000000000000..699a75f41152
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/development/building-nixos.chapter.md
@@ -0,0 +1,18 @@
+# Building Your Own NixOS CD {#sec-building-cd}
+Building a NixOS CD is as easy as configuring your own computer. The idea is to use another module which will replace your `configuration.nix` to configure the system that would be installed on the CD.
+
+Default CD/DVD configurations are available inside `nixos/modules/installer/cd-dvd`
+
+```ShellSession
+$ git clone https://github.com/NixOS/nixpkgs.git
+$ cd nixpkgs/nixos
+$ nix-build -A config.system.build.isoImage -I nixos-config=modules/installer/cd-dvd/installation-cd-minimal.nix default.nix
+```
+
+Before burning your CD/DVD, you can check the content of the image by mounting anywhere like suggested by the following command:
+
+```ShellSession
+# mount -o loop -t iso9660 ./result/iso/cd.iso /mnt/iso</screen>
+```
+
+If you want to customize your NixOS CD in more detail, or generate other kinds of images, you might want to check out [nixos-generators](https://github.com/nix-community/nixos-generators). This can also be a good starting point when you want to use Nix to build a 'minimal' image that doesn't include a NixOS installation.
diff --git a/nixpkgs/nixos/doc/manual/development/building-nixos.xml b/nixpkgs/nixos/doc/manual/development/building-nixos.xml
deleted file mode 100644
index d58b6354d1d3..000000000000
--- a/nixpkgs/nixos/doc/manual/development/building-nixos.xml
+++ /dev/null
@@ -1,33 +0,0 @@
-<chapter xmlns="http://docbook.org/ns/docbook"
-        xmlns:xlink="http://www.w3.org/1999/xlink"
-        xmlns:xi="http://www.w3.org/2001/XInclude"
-        version="5.0"
-        xml:id="sec-building-cd">
- <title>Building Your Own NixOS CD</title>
- <para>
-  Building a NixOS CD is as easy as configuring your own computer. The idea is
-  to use another module which will replace your
-  <filename>configuration.nix</filename> to configure the system that would be
-  installed on the CD.
- </para>
- <para>
-  Default CD/DVD configurations are available inside
-  <filename>nixos/modules/installer/cd-dvd</filename>.
-<screen>
-<prompt>$ </prompt>git clone https://github.com/NixOS/nixpkgs.git
-<prompt>$ </prompt>cd nixpkgs/nixos
-<prompt>$ </prompt>nix-build -A config.system.build.isoImage -I nixos-config=modules/installer/cd-dvd/installation-cd-minimal.nix default.nix</screen>
- </para>
- <para>
-  Before burning your CD/DVD, you can check the content of the image by
-  mounting anywhere like suggested by the following command:
-<screen>
-<prompt># </prompt>mount -o loop -t iso9660 ./result/iso/cd.iso /mnt/iso</screen>
- </para>
- <para>
- If you want to customize your NixOS CD in more detail, or generate other kinds
- of images, you might want to check out <link
- xlink:href="https://github.com/nix-community/nixos-generators">nixos-generators</link>. This can also be a good starting point when you want to use Nix to build a
- 'minimal' image that doesn't include a NixOS installation.
- </para>
-</chapter>
diff --git a/nixpkgs/nixos/doc/manual/development/development.xml b/nixpkgs/nixos/doc/manual/development/development.xml
index 43f511b3e96b..eb505567962c 100644
--- a/nixpkgs/nixos/doc/manual/development/development.xml
+++ b/nixpkgs/nixos/doc/manual/development/development.xml
@@ -13,8 +13,7 @@
  <xi:include href="writing-modules.xml" />
  <xi:include href="building-parts.xml" />
  <xi:include href="writing-documentation.xml" />
- <xi:include href="building-nixos.xml" />
+ <xi:include href="../from_md/development/building-nixos.chapter.xml" />
  <xi:include href="nixos-tests.xml" />
  <xi:include href="testing-installer.xml" />
- <xi:include href="releases.xml" />
 </part>
diff --git a/nixpkgs/nixos/doc/manual/development/releases.xml b/nixpkgs/nixos/doc/manual/development/releases.xml
deleted file mode 100755
index cd68a428a6fb..000000000000
--- a/nixpkgs/nixos/doc/manual/development/releases.xml
+++ /dev/null
@@ -1,366 +0,0 @@
-<chapter xmlns="http://docbook.org/ns/docbook"
-        xmlns:xlink="http://www.w3.org/1999/xlink"
-        xmlns:xi="http://www.w3.org/2001/XInclude"
-        version="5.0"
-        xml:id="ch-releases">
- <title>Releases</title>
- <section xml:id="release-process">
-  <title>Release process</title>
-
-  <para>
-   Going through an example of releasing NixOS 19.09:
-  </para>
-
-  <section xml:id="one-month-before-the-beta">
-   <title>One month before the beta</title>
-
-   <itemizedlist>
-    <listitem>
-     <para>
-      Create an announcement on <link xlink:href="https://discourse.nixos.org">Discourse</link> as a warning about upcoming beta <quote>feature freeze</quote> in a month. <link xlink:href="https://discourse.nixos.org/t/nixos-19-09-feature-freeze/3707">See this post as an example</link>.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      Discuss with Eelco Dolstra and the community (via IRC, ML) about what will reach the deadline. Any issue or Pull Request targeting the release should be included in the release milestone.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      Remove attributes that we know we will not be able to support, especially if there is a stable alternative. E.g. Check that our Linux kernels’ <link xlink:href="https://www.kernel.org/category/releases.html">projected end-of-life</link> are after our release projected end-of-life.
-     </para>
-    </listitem>
-   </itemizedlist>
-  </section>
-
-  <section xml:id="at-beta-release-time">
-   <title>At beta release time</title>
-
-   <orderedlist>
-    <listitem>
-     <para>
-      From the master branch run:
-     </para>
-<programlisting>
-git checkout -b release-19.09
-</programlisting>
-    </listitem>
-    <listitem>
-     <para>
-      <link xlink:href="https://github.com/NixOS/nixpkgs/commit/10e61bf5be57736035ec7a804cb0bf3d083bf2cf#diff-9c798092bac0caeb5c52d509be0ca263R69">Bump the <literal>system.defaultChannel</literal> attribute in <literal>nixos/modules/misc/version.nix</literal></link>
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      <link xlink:href="https://github.com/NixOS/nixpkgs/commit/10e61bf5be57736035ec7a804cb0bf3d083bf2cf#diff-831e8d9748240fb23e6734fdc2a6d16eR15">Update <literal>versionSuffix</literal> in <literal>nixos/release.nix</literal></link>
-     </para>
-    </listitem>
-   </orderedlist>
-
-   <para>
-    To get the commit count, use the following command:
-   </para>
-
-<programlisting>
-git rev-list --count release-19.09
-</programlisting>
-
-   <orderedlist>
-    <listitem>
-     <para>
-      Edit changelog at <literal>nixos/doc/manual/release-notes/rl-1909.xml</literal>.
-     </para>
-     <itemizedlist>
-      <listitem>
-       <para>
-        Get all new NixOS modules:
-       </para>
-<programlisting>
-git diff release-19.03..release-19.09 nixos/modules/module-list.nix | grep ^+
-</programlisting>
-      </listitem>
-      <listitem>
-       <para>
-        Note systemd, kernel, glibc, desktop environment, and Nix upgrades.
-       </para>
-      </listitem>
-     </itemizedlist>
-    </listitem>
-    <listitem>
-     <para>
-      Tag the release:
-     </para>
-<programlisting>
-git tag --annotate --message="Release 19.09-beta" 19.09-beta
-git push upstream 19.09-beta
-</programlisting>
-    </listitem>
-    <listitem>
-     <para>
-      <link xlink:href="https://github.com/NixOS/nixpkgs/commit/01268fda85b7eee4e462c873d8654f975067731f#diff-2bc0e46110b507d6d5a344264ef15adaR1">On the <literal>master</literal> branch, increment the <literal>.version</literal> file</link>
-     </para>
-<programlisting>
-echo -n "20.03" > .version
-</programlisting>
-    </listitem>
-    <listitem>
-     <para>
-      <link xlink:href="https://github.com/NixOS/nixpkgs/commit/01268fda85b7eee4e462c873d8654f975067731f#diff-03f3d41b68f62079c55001f1a1c55c1dR137">Update <literal>codeName</literal> in <literal>lib/trivial.nix</literal></link> This will be the name for the next release.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      <link xlink:href="https://github.com/NixOS/nixpkgs/commit/01268fda85b7eee4e462c873d8654f975067731f#diff-e7ee5ff686cdcc513ca089d6e5682587R11">Create a new release notes file for the upcoming release + 1</link>, in our case this is <literal>rl-2003.xml</literal>.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      Contact the infrastructure team to create the necessary Hydra Jobsets.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      <link xlink:href="https://github.com/NixOS/nixos-org-configurations/blob/master/channels.nix">Create a channel at https://nixos.org/channels by creating a PR to nixos-org-configurations, changing <literal>channels.nix</literal></link>
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      Get all Hydra jobsets for the release to have their first evaluation.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      <link xlink:href="https://github.com/NixOS/nixpkgs/issues/13559">Create an issue for tracking Zero Hydra Failures progress. ZHF is an effort to get build failures down to zero.</link>
-     </para>
-    </listitem>
-   </orderedlist>
-  </section>
-
-  <section xml:id="during-beta">
-   <title>During Beta</title>
-
-   <itemizedlist>
-    <listitem>
-     <para>
-      Monitor the master branch for bugfixes and minor updates and cherry-pick them to the release branch.
-     </para>
-    </listitem>
-   </itemizedlist>
-  </section>
-
-  <section xml:id="before-the-final-release">
-   <title>Before the final release</title>
-
-   <itemizedlist>
-    <listitem>
-     <para>
-      Re-check that the release notes are complete.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      Release Nix (currently only Eelco Dolstra can do that). <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/installer/tools/nix-fallback-paths.nix">Make sure fallback is updated.</link>
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      <link xlink:href="https://github.com/NixOS/nixpkgs/commit/40fd9ae3ac8048758abdcfc7d28a78b5f22fe97e">Update README.md with new stable NixOS version information.</link>
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      Change <literal>stableBranch</literal> to <literal>true</literal> in Hydra and wait for the channel to update.
-     </para>
-    </listitem>
-   </itemizedlist>
-  </section>
-
-  <section xml:id="at-final-release-time">
-   <title>At final release time</title>
-
-   <orderedlist>
-    <listitem>
-     <para>
-      Update <xref linkend="sec-upgrading" /> section of the manual to match new stable release version.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      Update <literal>rl-1909.xml</literal> with the release date.
-     </para>
-    </listitem>
-    <listitem>
-     <para>
-      Tag the final release
-     </para>
-<programlisting>
-git tag --annotate --message="Release 19.09" 19.09
-git push upstream 19.09
-</programlisting>
-    </listitem>
-    <listitem>
-     <para>
-      Update <link xlink:href="https://github.com/NixOS/nixos-homepage">nixos-homepage</link> for the release.
-     </para>
-     <orderedlist>
-      <listitem>
-       <para>
-        <link xlink:href="https://github.com/NixOS/nixos-homepage/blob/47ac3571c4d71e841fd4e6c6e1872e762b9c4942/Makefile#L1">Update <literal>NIXOS_SERIES</literal> in the <literal>Makefile</literal></link>.
-       </para>
-      </listitem>
-      <listitem>
-       <para>
-        <link xlink:href="https://github.com/NixOS/nixos-homepage/blob/47ac3571c4d71e841fd4e6c6e1872e762b9c4942/nixos-release.tt#L1">Update <literal>nixos-release.tt</literal> with the new NixOS version</link>.
-       </para>
-      </listitem>
-      <listitem>
-       <para>
-        <link xlink:href="https://github.com/NixOS/nixos-homepage/blob/47ac3571c4d71e841fd4e6c6e1872e762b9c4942/flake.nix#L10">Update the <literal>flake.nix</literal> input <literal>released-nixpkgs</literal> to 19.09</link>.
-       </para>
-      </listitem>
-      <listitem>
-       <para>
-        Run <literal>./update.sh</literal> (this updates flake.lock to updated channel).
-       </para>
-      </listitem>
-      <listitem>
-       <para>
-        <link xlink:href="https://github.com/NixOS/nixos-homepage/blob/a5626c71c03a2dd69086564e56f1a230a2bb177a/logo/nixos-logo-19.09-loris-lores.png">Add a compressed version of the NixOS logo for 19.09</link>.
-       </para>
-      </listitem>
-      <listitem>
-       <para>
-        <link xlink:href="https://github.com/NixOS/nixos-homepage/commit/a5626c71c03a2dd69086564e56f1a230a2bb177a#diff-9cdc6434d3e4fd93a6e5bb0a531a7c71R5">Compose a news item for the website RSS feed</link>.
-       </para>
-      </listitem>
-     </orderedlist>
-    </listitem>
-    <listitem>
-     <para>
-      Create a new topic on <link xlink:href="https://discourse.nixos.org/">the Discourse instance</link> to announce the release.
-     </para>
-    </listitem>
-   </orderedlist>
-
-   <para>
-    You should include the following information:
-   </para>
-
-   <itemizedlist>
-    <listitem>
-     <para>
-      Number of commits for the release:
-     </para>
-<programlisting>
-bash git log release-19.03..release-19.09 --format=%an | wc -l
-</programlisting>
-    </listitem>
-    <listitem>
-     <para>
-      Commits by contributor:
-     </para>
-<programlisting>
-git shortlog --summary --numbered release-19.03..release-19.09
-</programlisting>
-    </listitem>
-   </itemizedlist>
-
-   <para>
-    Best to check how the previous post was formulated to see what needs to be included.
-   </para>
-  </section>
- </section>
- <section xml:id="release-management-team">
-  <title>Release Management Team</title>
-
-  <para>
-   For each release there are two release managers. After each release the release manager having managed two releases steps down and the release management team of the last release appoints a new release manager.
-  </para>
-
-  <para>
-   This makes sure a release management team always consists of one release manager who already has managed one release and one release manager being introduced to their role, making it easier to pass on knowledge and experience.
-  </para>
-
-  <para>
-   Release managers for the current NixOS release are tracked by GitHub team <link xlink:href="https://github.com/orgs/NixOS/teams/nixos-release-managers/members"><literal>@NixOS/nixos-release-managers</literal></link>.
-  </para>
-
-  <para>
-   A release manager’s role and responsibilities are:
-  </para>
-
-  <itemizedlist>
-   <listitem>
-    <para>
-     manage the release process
-    </para>
-   </listitem>
-   <listitem>
-    <para>
-     start discussions about features and changes for a given release
-    </para>
-   </listitem>
-   <listitem>
-    <para>
-     create a roadmap
-    </para>
-   </listitem>
-   <listitem>
-    <para>
-     release in cooperation with Eelco Dolstra
-    </para>
-   </listitem>
-   <listitem>
-    <para>
-     decide which bug fixes, features, etc… get backported after a release
-    </para>
-   </listitem>
-  </itemizedlist>
- </section>
- <section xml:id="release-schedule">
-  <title>Release schedule</title>
-
-  <informaltable>
-   <tgroup cols="2">
-    <colspec align="left" />
-    <colspec align="left" />
-    <thead>
-     <row>
-      <entry>
-            Date
-          </entry>
-      <entry>
-            Event
-          </entry>
-     </row>
-    </thead>
-    <tbody>
-     <row>
-      <entry>
-            2016-07-25
-          </entry>
-      <entry>
-            Send email to nix-dev about upcoming branch-off
-          </entry>
-     </row>
-     <row>
-      <entry>
-            2016-09-01
-          </entry>
-      <entry><literal>release-16.09</literal> branch and corresponding jobsets are created,
-            change freeze
-          </entry>
-     </row>
-     <row>
-      <entry>
-            2016-09-30
-          </entry>
-      <entry>
-            NixOS 16.09 released
-          </entry>
-     </row>
-    </tbody>
-   </tgroup>
-  </informaltable>
- </section>
-</chapter>
diff --git a/nixpkgs/nixos/doc/manual/development/settings-options.xml b/nixpkgs/nixos/doc/manual/development/settings-options.xml
index 7795d7c80445..7292cac62b70 100644
--- a/nixpkgs/nixos/doc/manual/development/settings-options.xml
+++ b/nixpkgs/nixos/doc/manual/development/settings-options.xml
@@ -50,7 +50,7 @@
        </varlistentry>
        <varlistentry>
          <term>
-           <varname>pkgs.formats.ini</varname> { <replaceable>listsAsDuplicateKeys</replaceable> ? false, ... }
+           <varname>pkgs.formats.ini</varname> { <replaceable>listsAsDuplicateKeys</replaceable> ? false, <replaceable>listToValue</replaceable> ? null, ... }
          </term>
          <listitem>
            <para>
@@ -66,6 +66,16 @@
                    </para>
                  </listitem>
                </varlistentry>
+               <varlistentry>
+                 <term>
+                   <varname>listToValue</varname>
+                 </term>
+                 <listitem>
+                   <para>
+                     A function for turning a list of values into a single value.
+                   </para>
+                 </listitem>
+               </varlistentry>
              </variablelist>
             It returns a set with INI-specific attributes <varname>type</varname> and <varname>generate</varname> as specified <link linkend='pkgs-formats-result'>below</link>.
            </para>
diff --git a/nixpkgs/nixos/doc/manual/development/writing-nixos-tests.xml b/nixpkgs/nixos/doc/manual/development/writing-nixos-tests.xml
index 5a95436915fa..e372c66410de 100644
--- a/nixpkgs/nixos/doc/manual/development/writing-nixos-tests.xml
+++ b/nixpkgs/nixos/doc/manual/development/writing-nixos-tests.xml
@@ -274,8 +274,29 @@ start_all()
     </term>
     <listitem>
      <para>
-      Execute a shell command, raising an exception if the exit status is not
-      zero, otherwise returning the standard output.
+      Execute a shell command, raising an exception if the exit status
+      is not zero, otherwise returning the standard output. Commands
+      are run with <literal>set -euo pipefail</literal> set:
+      <itemizedlist>
+        <listitem>
+          <para>
+            If several commands are separated by <literal>;</literal>
+            and one fails, the command as a whole will fail.
+          </para>
+        </listitem>
+        <listitem>
+          <para>
+            For pipelines, the last non-zero exit status will be
+            returned (if there is one, zero will be returned
+            otherwise).
+          </para>
+        </listitem>
+        <listitem>
+          <para>
+            Dereferencing unset variables fail the command.
+          </para>
+        </listitem>
+      </itemizedlist>
      </para>
     </listitem>
    </varlistentry>
@@ -436,6 +457,18 @@ machine.systemctl("list-jobs --no-pager", "any-user") # spawns a shell for `any-
      </para>
     </listitem>
    </varlistentry>
+   <varlistentry>
+    <term>
+     <methodname>shell_interact</methodname>
+    </term>
+    <listitem>
+     <para>
+      Allows you to directly interact with the guest shell.
+      This should only be used during test development, not in production tests.
+      Killing the interactive session with <literal>Ctrl-d</literal> or <literal>Ctrl-c</literal> also ends the guest session.
+     </para>
+    </listitem>
+   </varlistentry>
   </variablelist>
  </para>
 
diff --git a/nixpkgs/nixos/doc/manual/from_md/README.md b/nixpkgs/nixos/doc/manual/from_md/README.md
new file mode 100644
index 000000000000..cc6d08ca0a15
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/from_md/README.md
@@ -0,0 +1,5 @@
+This directory is temporarily needed while we transition the manual to CommonMark. It stores the output of the ../md-to-db.sh script that converts CommonMark files back to DocBook.
+
+We are choosing to convert the Markdown to DocBook at authoring time instead of manual building time, because we do not want the pandoc toolchain to become part of the NixOS closure.
+
+Do not edit the DocBook files inside this directory or its subdirectories. Instead, edit the corresponding .md file in the normal manual directories, and run ../md-to-db.sh to update the file here.
diff --git a/nixpkgs/nixos/doc/manual/from_md/configuration/abstractions.section.xml b/nixpkgs/nixos/doc/manual/from_md/configuration/abstractions.section.xml
new file mode 100644
index 000000000000..c71e23e34adf
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/from_md/configuration/abstractions.section.xml
@@ -0,0 +1,101 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-module-abstractions">
+  <title>Abstractions</title>
+  <para>
+    If you find yourself repeating yourself over and over, it’s time to
+    abstract. Take, for instance, this Apache HTTP Server configuration:
+  </para>
+  <programlisting language="bash">
+{
+  services.httpd.virtualHosts =
+    { &quot;blog.example.org&quot; = {
+        documentRoot = &quot;/webroot/blog.example.org&quot;;
+        adminAddr = &quot;alice@example.org&quot;;
+        forceSSL = true;
+        enableACME = true;
+        enablePHP = true;
+      };
+      &quot;wiki.example.org&quot; = {
+        documentRoot = &quot;/webroot/wiki.example.org&quot;;
+        adminAddr = &quot;alice@example.org&quot;;
+        forceSSL = true;
+        enableACME = true;
+        enablePHP = true;
+      };
+    };
+}
+</programlisting>
+  <para>
+    It defines two virtual hosts with nearly identical configuration;
+    the only difference is the document root directories. To prevent
+    this duplication, we can use a <literal>let</literal>:
+  </para>
+  <programlisting language="bash">
+let
+  commonConfig =
+    { adminAddr = &quot;alice@example.org&quot;;
+      forceSSL = true;
+      enableACME = true;
+    };
+in
+{
+  services.httpd.virtualHosts =
+    { &quot;blog.example.org&quot; = (commonConfig // { documentRoot = &quot;/webroot/blog.example.org&quot;; });
+      &quot;wiki.example.org&quot; = (commonConfig // { documentRoot = &quot;/webroot/wiki.example.com&quot;; });
+    };
+}
+</programlisting>
+  <para>
+    The <literal>let commonConfig = ...</literal> defines a variable
+    named <literal>commonConfig</literal>. The <literal>//</literal>
+    operator merges two attribute sets, so the configuration of the
+    second virtual host is the set <literal>commonConfig</literal>
+    extended with the document root option.
+  </para>
+  <para>
+    You can write a <literal>let</literal> wherever an expression is
+    allowed. Thus, you also could have written:
+  </para>
+  <programlisting language="bash">
+{
+  services.httpd.virtualHosts =
+    let commonConfig = ...; in
+    { &quot;blog.example.org&quot; = (commonConfig // { ... })
+      &quot;wiki.example.org&quot; = (commonConfig // { ... })
+    };
+}
+</programlisting>
+  <para>
+    but not <literal>{ let commonConfig = ...; in ...; }</literal> since
+    attributes (as opposed to attribute values) are not expressions.
+  </para>
+  <para>
+    <emphasis role="strong">Functions</emphasis> provide another method
+    of abstraction. For instance, suppose that we want to generate lots
+    of different virtual hosts, all with identical configuration except
+    for the document root. This can be done as follows:
+  </para>
+  <programlisting language="bash">
+{
+  services.httpd.virtualHosts =
+    let
+      makeVirtualHost = webroot:
+        { documentRoot = webroot;
+          adminAddr = &quot;alice@example.org&quot;;
+          forceSSL = true;
+          enableACME = true;
+        };
+    in
+      { &quot;example.org&quot; = (makeVirtualHost &quot;/webroot/example.org&quot;);
+        &quot;example.com&quot; = (makeVirtualHost &quot;/webroot/example.com&quot;);
+        &quot;example.gov&quot; = (makeVirtualHost &quot;/webroot/example.gov&quot;);
+        &quot;example.nl&quot; = (makeVirtualHost &quot;/webroot/example.nl&quot;);
+      };
+}
+</programlisting>
+  <para>
+    Here, <literal>makeVirtualHost</literal> is a function that takes a
+    single argument <literal>webroot</literal> and returns the
+    configuration for a virtual host. That function is then called for
+    several names to produce the list of virtual host configurations.
+  </para>
+</section>
diff --git a/nixpkgs/nixos/doc/manual/from_md/contributing-to-this-manual.chapter.xml b/nixpkgs/nixos/doc/manual/from_md/contributing-to-this-manual.chapter.xml
new file mode 100644
index 000000000000..a9b0c6a5eefa
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/from_md/contributing-to-this-manual.chapter.xml
@@ -0,0 +1,22 @@
+<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="chap-contributing">
+  <title>Contributing to this manual</title>
+  <para>
+    The DocBook and CommonMark sources of NixOS’ manual are in the
+    <link xlink:href="https://github.com/NixOS/nixpkgs/tree/master/nixos/doc/manual">nixos/doc/manual</link>
+    subdirectory of the
+    <link xlink:href="https://github.com/NixOS/nixpkgs">Nixpkgs</link>
+    repository.
+  </para>
+  <para>
+    You can quickly check your edits with the following:
+  </para>
+  <programlisting>
+$ cd /path/to/nixpkgs
+$ ./nixos/doc/manual/md-to-db.sh
+$ nix-build nixos/release.nix -A manual.x86_64-linux
+</programlisting>
+  <para>
+    If the build succeeds, the manual will be in
+    <literal>./result/share/doc/nixos/index.html</literal>.
+  </para>
+</chapter>
diff --git a/nixpkgs/nixos/doc/manual/from_md/development/building-nixos.chapter.xml b/nixpkgs/nixos/doc/manual/from_md/development/building-nixos.chapter.xml
new file mode 100644
index 000000000000..ceb744447dab
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/from_md/development/building-nixos.chapter.xml
@@ -0,0 +1,33 @@
+<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-building-cd">
+  <title>Building Your Own NixOS CD</title>
+  <para>
+    Building a NixOS CD is as easy as configuring your own computer. The
+    idea is to use another module which will replace your
+    <literal>configuration.nix</literal> to configure the system that
+    would be installed on the CD.
+  </para>
+  <para>
+    Default CD/DVD configurations are available inside
+    <literal>nixos/modules/installer/cd-dvd</literal>
+  </para>
+  <programlisting>
+$ git clone https://github.com/NixOS/nixpkgs.git
+$ cd nixpkgs/nixos
+$ nix-build -A config.system.build.isoImage -I nixos-config=modules/installer/cd-dvd/installation-cd-minimal.nix default.nix
+</programlisting>
+  <para>
+    Before burning your CD/DVD, you can check the content of the image
+    by mounting anywhere like suggested by the following command:
+  </para>
+  <programlisting>
+# mount -o loop -t iso9660 ./result/iso/cd.iso /mnt/iso&lt;/screen&gt;
+</programlisting>
+  <para>
+    If you want to customize your NixOS CD in more detail, or generate
+    other kinds of images, you might want to check out
+    <link xlink:href="https://github.com/nix-community/nixos-generators">nixos-generators</link>.
+    This can also be a good starting point when you want to use Nix to
+    build a <quote>minimal</quote> image that doesn’t include a NixOS
+    installation.
+  </para>
+</chapter>
diff --git a/nixpkgs/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml b/nixpkgs/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
new file mode 100644
index 000000000000..070e7b142937
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
@@ -0,0 +1,236 @@
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="release-21.11">
+  <title>Release 21.11 (<quote>?</quote>, 2021.11/??)</title>
+  <para>
+    In addition to numerous new and upgraded packages, this release has
+    the following highlights:
+  </para>
+  <itemizedlist spacing="compact">
+    <listitem>
+      <para>
+        Support is planned until the end of April 2022, handing over to
+        22.05.
+      </para>
+    </listitem>
+  </itemizedlist>
+  <section xml:id="highlights">
+    <title>Highlights</title>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>
+          PHP now defaults to PHP 8.0, updated from 7.4.
+        </para>
+      </listitem>
+    </itemizedlist>
+  </section>
+  <section xml:id="new-services">
+    <title>New Services</title>
+    <itemizedlist>
+      <listitem>
+        <para>
+          <link xlink:href="https://github.com/maxmind/geoipupdate">geoipupdate</link>,
+          a GeoIP database updater from MaxMind. Available as
+          <link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>.
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          <link xlink:href="https://sr.ht">sourcehut</link>, a
+          collection of tools useful for software development. Available
+          as
+          <link xlink:href="options.html#opt-services.sourcehut.enable">services.sourcehut</link>.
+        </para>
+      </listitem>
+    </itemizedlist>
+  </section>
+  <section xml:id="backward-incompatibilities">
+    <title>Backward Incompatibilities</title>
+    <itemizedlist>
+      <listitem>
+        <para>
+          The <literal>staticjinja</literal> package has been upgraded
+          from 1.0.4 to 2.0.0
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          <literal>services.geoip-updater</literal> was broken and has
+          been replaced by
+          <link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>.
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          PHP 7.3 is no longer supported due to upstream not supporting
+          this version for the entire lifecycle of the 21.11 release.
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          Those making use of <literal>buildBazelPackage</literal> will
+          need to regenerate the fetch hashes (preferred), or set
+          <literal>fetchConfigured = false;</literal>.
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          fsharp41 has been removed in preference to use the latest
+          dotnet-sdk
+        </para>
+      </listitem>
+      <listitem>
+        <para>
+          The following F#-related packages have been removed for being
+          unmaintaned. Please use <literal>fetchNuGet</literal> for
+          specific packages.
+        </para>
+        <itemizedlist spacing="compact">
+          <listitem>
+            <para>
+              ExtCore
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              Fake
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              Fantomas
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FsCheck
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FsCheck262
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FsCheckNunit
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpAutoComplete
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpCompilerCodeDom
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpCompilerService
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpCompilerTools
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpCore302
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpCore3125
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpCore4001
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpCore4117
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpData
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpData225
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpDataSQLProvider
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FSharpFormatting
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FsLexYacc
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FsLexYacc706
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FsLexYaccRuntime
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FsPickler
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              FsUnit
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              Projekt
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              Suave
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              UnionArgParser
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              ExcelDnaRegistration
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              MathNetNumerics
+            </para>
+          </listitem>
+        </itemizedlist>
+      </listitem>
+    </itemizedlist>
+  </section>
+  <section xml:id="other-notable-changes">
+    <title>Other Notable Changes</title>
+    <para>
+    </para>
+  </section>
+</section>
diff --git a/nixpkgs/nixos/doc/manual/installation/installing-from-other-distro.xml b/nixpkgs/nixos/doc/manual/installation/installing-from-other-distro.xml
index 43f69b923d14..63d1d52b01b2 100644
--- a/nixpkgs/nixos/doc/manual/installation/installing-from-other-distro.xml
+++ b/nixpkgs/nixos/doc/manual/installation/installing-from-other-distro.xml
@@ -84,12 +84,12 @@ nixpkgs https://nixos.org/channels/nixpkgs-unstable</screen>
    </para>
    <para>
     You'll need <literal>nixos-generate-config</literal> and
-    <literal>nixos-install</literal> and we'll throw in some man pages and
-    <literal>nixos-enter</literal> just in case you want to chroot into your
-    NixOS partition. They are installed by default on NixOS, but you don't have
+    <literal>nixos-install</literal>, but this also makes some man pages
+    and <literal>nixos-enter</literal> available, just in case you want to chroot into your
+    NixOS partition. NixOS installs these by default, but you don't have
     NixOS yet..
    </para>
-<screen><prompt>$ </prompt>nix-env -f '&lt;nixpkgs/nixos&gt;' --arg configuration {} -iA config.system.build.{nixos-generate-config,nixos-install,nixos-enter,manual.manpages}</screen>
+   <screen><prompt>$ </prompt>nix-env -f '&lt;nixpkgs>' -iA nixos-install-tools</screen>
   </listitem>
   <listitem>
    <note>
diff --git a/nixpkgs/nixos/doc/manual/installation/installing.xml b/nixpkgs/nixos/doc/manual/installation/installing.xml
index 02f6bd6bed4e..f03b9443d23b 100644
--- a/nixpkgs/nixos/doc/manual/installation/installing.xml
+++ b/nixpkgs/nixos/doc/manual/installation/installing.xml
@@ -46,6 +46,12 @@
    to increase the font size.
   </para>
 
+  <para>
+    To install over a serial port connect with <literal>115200n8</literal>
+    (e.g. <command>picocom -b 115200 /dev/ttyUSB0</command>). When the
+    bootloader lists boot entries, select the serial console boot entry.
+  </para>
+
   <section xml:id="sec-installation-booting-networking">
    <title>Networking in the installer</title>
 
diff --git a/nixpkgs/nixos/doc/manual/installation/upgrading.xml b/nixpkgs/nixos/doc/manual/installation/upgrading.xml
index 15ba5db9a37b..960d4fa9a436 100644
--- a/nixpkgs/nixos/doc/manual/installation/upgrading.xml
+++ b/nixpkgs/nixos/doc/manual/installation/upgrading.xml
@@ -14,7 +14,7 @@
     <para>
      <emphasis>Stable channels</emphasis>, such as
      <literal
-    xlink:href="https://nixos.org/channels/nixos-20.09">nixos-20.09</literal>.
+    xlink:href="https://nixos.org/channels/nixos-21.05">nixos-21.05</literal>.
      These only get conservative bug fixes and package upgrades. For instance,
      a channel update may cause the Linux kernel on your system to be upgraded
      from 4.19.34 to 4.19.38 (a minor bug fix), but not from
@@ -38,7 +38,7 @@
     <para>
      <emphasis>Small channels</emphasis>, such as
      <literal
-    xlink:href="https://nixos.org/channels/nixos-20.09-small">nixos-20.09-small</literal>
+    xlink:href="https://nixos.org/channels/nixos-21.05-small">nixos-21.05-small</literal>
      or
      <literal
     xlink:href="https://nixos.org/channels/nixos-unstable-small">nixos-unstable-small</literal>.
@@ -63,8 +63,8 @@
  <para>
   When you first install NixOS, you’re automatically subscribed to the NixOS
   channel that corresponds to your installation source. For instance, if you
-  installed from a 20.09 ISO, you will be subscribed to the
-  <literal>nixos-20.09</literal> channel. To see which NixOS channel you’re
+  installed from a 21.05 ISO, you will be subscribed to the
+  <literal>nixos-21.05</literal> channel. To see which NixOS channel you’re
   subscribed to, run the following as root:
 <screen>
 <prompt># </prompt>nix-channel --list | grep nixos
@@ -75,13 +75,13 @@ nixos https://nixos.org/channels/nixos-unstable
 <prompt># </prompt>nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos
 </screen>
   (Be sure to include the <literal>nixos</literal> parameter at the end.) For
-  instance, to use the NixOS 20.09 stable channel:
+  instance, to use the NixOS 21.05 stable channel:
 <screen>
-<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-20.09 nixos
+<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-21.05 nixos
 </screen>
   If you have a server, you may want to use the “small” channel instead:
 <screen>
-<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-20.09-small nixos
+<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-21.05-small nixos
 </screen>
   And if you want to live on the bleeding edge:
 <screen>
@@ -132,7 +132,7 @@ nixos https://nixos.org/channels/nixos-unstable
    kernel, initrd or kernel modules.
    You can also specify a channel explicitly, e.g.
 <programlisting>
-<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-20.09;
+<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-21.05;
 </programlisting>
   </para>
  </section>
diff --git a/nixpkgs/nixos/doc/manual/man-nixos-rebuild.xml b/nixpkgs/nixos/doc/manual/man-nixos-rebuild.xml
index d0ff81c1dbb3..2e1069828c1b 100644
--- a/nixpkgs/nixos/doc/manual/man-nixos-rebuild.xml
+++ b/nixpkgs/nixos/doc/manual/man-nixos-rebuild.xml
@@ -91,6 +91,10 @@
     <option>--flake</option> <replaceable>flake-uri</replaceable>
    </arg>
 
+   <arg>
+    <option>--override-input</option> <replaceable>input-name</replaceable> <replaceable>flake-uri</replaceable>
+   </arg>
+
    <sbr />
 
    <arg>
@@ -402,10 +406,9 @@
     </term>
     <listitem>
      <para>
-      Equivalent to <option>--no-build-nix</option>
-      <option>--show-trace</option>. This option is useful if you call
-      <command>nixos-rebuild</command> frequently (e.g. if you’re hacking on
-      a NixOS module).
+      Equivalent to <option>--no-build-nix</option>. This option is
+      useful if you call <command>nixos-rebuild</command> frequently
+      (e.g. if you’re hacking on a NixOS module).
      </para>
     </listitem>
    </varlistentry>
diff --git a/nixpkgs/nixos/doc/manual/manual.xml b/nixpkgs/nixos/doc/manual/manual.xml
index db9e7313831d..158b3507a58e 100644
--- a/nixpkgs/nixos/doc/manual/manual.xml
+++ b/nixpkgs/nixos/doc/manual/manual.xml
@@ -19,6 +19,6 @@
   <xi:include href="./generated/options-db.xml"
                 xpointer="configuration-variable-list" />
  </appendix>
- <xi:include href="contributing-to-this-manual.xml" />
+ <xi:include href="./from_md/contributing-to-this-manual.chapter.xml" />
  <xi:include href="release-notes/release-notes.xml" />
 </book>
diff --git a/nixpkgs/nixos/doc/manual/md-to-db.sh b/nixpkgs/nixos/doc/manual/md-to-db.sh
new file mode 100755
index 000000000000..fc4be7da22ba
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/md-to-db.sh
@@ -0,0 +1,33 @@
+#! /usr/bin/env nix-shell
+#! nix-shell -I nixpkgs=channel:nixpkgs-unstable -i bash -p pandoc
+
+# This script is temporarily needed while we transition the manual to
+# CommonMark. It converts the .md files in the regular manual folder
+# into DocBook files in the from_md folder.
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+pushd $DIR
+
+OUT="$DIR/from_md"
+mapfile -t MD_FILES < <(find . -type f -regex '.*\.md$')
+
+for mf in ${MD_FILES[*]}; do
+  if [ "${mf: -11}" == ".section.md" ]; then
+    mkdir -p $(dirname "$OUT/$mf")
+    pandoc "$mf" -t docbook \
+      --extract-media=media \
+      -f markdown+smart \
+    | cat  > "$OUT/${mf%".section.md"}.section.xml"
+  fi
+
+  if [ "${mf: -11}" == ".chapter.md" ]; then
+    mkdir -p $(dirname "$OUT/$mf")
+    pandoc "$mf" -t docbook \
+      --top-level-division=chapter \
+      --extract-media=media \
+      -f markdown+smart \
+    | cat  > "$OUT/${mf%".chapter.md"}.chapter.xml"
+  fi
+done
+
+popd
diff --git a/nixpkgs/nixos/doc/manual/release-notes/release-notes.xml b/nixpkgs/nixos/doc/manual/release-notes/release-notes.xml
index e083d51406c7..6d7899f6dcdb 100644
--- a/nixpkgs/nixos/doc/manual/release-notes/release-notes.xml
+++ b/nixpkgs/nixos/doc/manual/release-notes/release-notes.xml
@@ -8,6 +8,7 @@
   This section lists the release notes for each stable version of NixOS and
   current unstable revision.
  </para>
+ <xi:include href="../from_md/release-notes/rl-2111.section.xml" />
  <xi:include href="rl-2105.xml" />
  <xi:include href="rl-2009.xml" />
  <xi:include href="rl-2003.xml" />
diff --git a/nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml b/nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml
index 4102fe206e19..0dae49c636f6 100644
--- a/nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml
+++ b/nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml
@@ -83,10 +83,10 @@
       like games.
       <itemizedlist>
       <para>This can be achieved with the following options which the desktop manager default enables, excluding <literal>games</literal>.</para>
-      <listitem><para><xref linkend="opt-services.gnome3.core-os-services.enable"/></para></listitem>
-      <listitem><para><xref linkend="opt-services.gnome3.core-shell.enable"/></para></listitem>
-      <listitem><para><xref linkend="opt-services.gnome3.core-utilities.enable"/></para></listitem>
-      <listitem><para><xref linkend="opt-services.gnome3.games.enable"/></para></listitem>
+      <listitem><para><option>services.gnome3.core-os-services.enable</option></para></listitem>
+      <listitem><para><option>services.gnome3.core-shell.enable</option></para></listitem>
+      <listitem><para><option>services.gnome3.core-utilities.enable</option></para></listitem>
+      <listitem><para><option>services.gnome3.games.enable</option></para></listitem>
       </itemizedlist>
       With these options we hope to give users finer grained control over their systems. Prior to this change you'd either have to manually
       disable options or use <option>environment.gnome3.excludePackages</option> which only excluded the optional applications.
diff --git a/nixpkgs/nixos/doc/manual/release-notes/rl-2105.xml b/nixpkgs/nixos/doc/manual/release-notes/rl-2105.xml
index 5fbef88c4a5c..54abbb6e38e4 100644
--- a/nixpkgs/nixos/doc/manual/release-notes/rl-2105.xml
+++ b/nixpkgs/nixos/doc/manual/release-notes/rl-2105.xml
@@ -3,8 +3,11 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-release-21.05">
- <title>Release 21.05 (“Okapi”, 2021.05/??)</title>
+ <title>Release 21.05 (“Okapi”, 2021.05/31)</title>
 
+ <para>
+  Support is planned until the end of December 2021, handing over to 21.11.
+ </para>
  <section xmlns="http://docbook.org/ns/docbook"
          xmlns:xlink="http://www.w3.org/1999/xlink"
          xmlns:xi="http://www.w3.org/2001/XInclude"
@@ -18,82 +21,81 @@
   </para>
 
   <itemizedlist>
+
    <listitem>
     <para>
-     Support is planned until the end of December 2021, handing over to 21.11.
-    </para>
-   </listitem>
-   <listitem>
-    <para>The default Linux kernel was updated to the 5.10 LTS series, coming from the 5.4 LTS series.</para>
-   </listitem>
-   <listitem>
-    <para>GNOME desktop environment was upgraded to 3.38, see its <link xlink:href="https://help.gnome.org/misc/release-notes/3.38/">release notes</link>.</para>
-   </listitem>
-   <listitem>
-    <para>
-     <link xlink:href="https://www.gnuradio.org/">GNURadio</link> 3.8 was
-     <link xlink:href="https://github.com/NixOS/nixpkgs/issues/82263">finally</link>
-     packaged, along with a rewrite to the Nix expressions, allowing users to
-     override the features upstream supports selecting to compile or not to.
-     Additionally, the attribute <code>gnuradio</code> and <code>gnuradio3_7</code>
-     now point to an externally wrapped by default derivations, that allow you to
-     also add `extraPythonPackages` to the Python interpreter used by GNURadio.
-     Missing environmental variables needed for operational GUI were also added
-     (<link xlink:href="https://github.com/NixOS/nixpkgs/issues/75478">#75478</link>).
-    </para>
-   </listitem>
-   <listitem>
-    <para>
-     <link xlink:href="https://www.gnuradio.org/">GNURadio</link> has a
-     <code>pkgs</code> attribute set, and there's a <code>gnuradio.callPackage</code>
-     function that extends <code>pkgs</code> with a <code>mkDerivation</code>, and a
-     <code>mkDerivationWith</code>, like Qt5. Now all <code>gnuradio.pkgs</code> are
-     defined with <code>gnuradio.callPackage</code> and some packages that depend
-     on gnuradio are defined with this as well.
-    </para>
-   </listitem>
-   <listitem>
-    <para>
-     <link xlink:href="https://www.privoxy.org/">Privoxy</link> has been updated
-     to version 3.0.32 (See <link xlink:href="https://lists.privoxy.org/pipermail/privoxy-announce/2021-February/000007.html">announcement</link>).
-     Compared to the previous release, Privoxy has gained support for HTTPS
-     inspection (still experimental), Brotli decompression, several new filters
-     and lots of bug fixes, including security ones. In addition, the package
-     is now built with compression and external filters support, which were
-     previously disabled.
-    </para>
-    <para>
-     Regarding the NixOS module, new options for HTTPS inspection have been added
-     and <option>services.privoxy.extraConfig</option> has been replaced by the new
-     <xref linkend="opt-services.privoxy.settings"/>
-     (See <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC 0042</link>
-     for the motivation).
+     Core version changes:
     </para>
+    <itemizedlist>
+     <listitem>
+      <para>
+       gcc: 9.3.0 -> 10.3.0
+      </para>
+     </listitem>
+     <listitem>
+      <para>
+       glibc: 2.30 -> 2.32
+      </para>
+     </listitem>
+     <listitem>
+      <para>
+        default linux: 5.4 -> 5.10, all supported kernels available
+      </para>
+     </listitem>
+     <listitem>
+      <para>
+        mesa: 20.1.7 -> 21.0.1
+      </para>
+     </listitem>
+    </itemizedlist>
    </listitem>
    <listitem>
     <para>
-     Python optimizations were disabled again. Builds with optimizations enabled
-     are not reproducible. Optimizations can now be enabled with an option.
+     Desktop Environments:
     </para>
+    <itemizedlist>
+     <listitem>
+      <para>
+        GNOME: 3.36 -> 40, see its <link xlink:href="https://help.gnome.org/misc/release-notes/40.0/">release notes</link>
+      </para>
+     </listitem>
+     <listitem>
+      <para>
+        Plasma5: 5.18.5 -> 5.21.3
+      </para>
+     </listitem>
+     <listitem>
+      <para>
+        kdeApplications: 20.08.1 -> 20.12.3
+      </para>
+     </listitem>
+      <listitem>
+       <para>
+         cinnamon: 4.6 -> 4.8.1
+      </para>
+     </listitem>
+    </itemizedlist>
    </listitem>
+
    <listitem>
     <para>
-     <link xlink:href="https://kodi.tv/">Kodi</link> has been updated to version 19.0 "Matrix". See
-     the <link xlink:href="https://kodi.tv/article/kodi-190-matrix-release">announcement</link> for
-     further details.
+     Programming Languages and Frameworks:
     </para>
+    <itemizedlist>
+
+     <listitem>
+      <para>
+       Python optimizations were disabled again. Builds with optimizations enabled
+       are not reproducible. Optimizations can now be enabled with an option.
+      </para>
+     </listitem>
+
+    </itemizedlist>
    </listitem>
    <listitem>
-    <para>
-     The <option>services.packagekit.backend</option> option has been removed as
-     it only supported a single setting which would always be the default.
-     Instead new <link
-     xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
-     0042</link> compliant <xref linkend="opt-services.packagekit.settings"/>
-     and <xref linkend="opt-services.packagekit.vendorSettings"/> options have
-     been introduced.
-    </para>
+    <para>The <package>linux_latest</package> kernel was updated to the 5.12 series. It currently is not officially supported for use with the zfs filesystem. If you use zfs, you should use a different kernel version (either the LTS kernel, or track a specific one). </para>
    </listitem>
+
   </itemizedlist>
  </section>
 
@@ -110,6 +112,20 @@
 
   <itemizedlist>
    <listitem>
+    <para>
+     <link xlink:href="https://www.gnuradio.org/">GNURadio</link> 3.8 was
+     <link xlink:href="https://github.com/NixOS/nixpkgs/issues/82263">finally</link>
+     packaged, along with a rewrite to the Nix expressions, allowing users to
+     override the features upstream supports selecting to compile or not to.
+     Additionally, the attribute <code>gnuradio</code> and <code>gnuradio3_7</code>
+     now point to an externally wrapped by default derivations, that allow you to
+     also add `extraPythonPackages` to the Python interpreter used by GNURadio.
+     Missing environmental variables needed for operational GUI were also added
+     (<link xlink:href="https://github.com/NixOS/nixpkgs/issues/75478">#75478</link>).
+    </para>
+   </listitem>
+
+   <listitem>
      <para>
        <link xlink:href="https://www.keycloak.org/">Keycloak</link>,
        an open source identity and access management server with
@@ -139,6 +155,11 @@
        section of the NixOS manual</link> for more information.
      </para>
    </listitem>
+   <listitem>
+     <para>
+       <xref linkend="opt-services.nebula.networks" /> <link xlink:href="https://github.com/slackhq/nebula">Nebula VPN</link>
+     </para>
+   </listitem>
   </itemizedlist>
 
  </section>
@@ -157,6 +178,10 @@
 
   <itemizedlist>
    <listitem>
+    <para>GNOME desktop environment was upgraded to 40, see the release notes for <link xlink:href="https://help.gnome.org/misc/release-notes/40.0/">40.0</link> and <link xlink:href="https://help.gnome.org/misc/release-notes/3.38/">3.38</link>. The <code>gnome3</code> attribute set has been renamed to <code>gnome</code> and so have been the NixOS options.</para>
+   </listitem>
+
+   <listitem>
     <para>
      If you are using <option>services.udev.extraRules</option> to assign
      custom names to network interfaces, this may stop working due to a change
@@ -172,6 +197,12 @@
      It was broken since the switch to cgroups-v2.
     </para>
    </listitem>
+   <listitem>
+    <para>
+      The <literal>linuxPackages.ati_drivers_x11</literal> kernel modules have been removed.
+     The drivers only supported kernels prior to 4.2, and thus have become obsolete.
+    </para>
+   </listitem>
     <listitem>
       <para>
         The <literal>systemConfig</literal> kernel parameter is no longer added to boot loader entries. It has been unused since September 2010, but if do have a system generation from that era, you will now be unable to boot into them.
@@ -265,6 +296,24 @@
    </listitem>
    <listitem>
      <para>
+       The <literal>mediatomb</literal> service is
+       now using by default the new and maintained fork
+       <literal>gerbera</literal> package instead of the unmaintained
+       <literal>mediatomb</literal> package. If you want to keep the old
+       behavior, you must declare it with:
+       <programlisting>
+       services.mediatomb.package = pkgs.mediatomb;
+       </programlisting>
+       One new option <literal>openFirewall</literal> has been introduced which
+       defaults to false. If you relied on the service declaration to add the
+       firewall rules itself before, you should now declare it with:
+       <programlisting>
+       services.mediatomb.openFirewall = true;
+       </programlisting>
+     </para>
+   </listitem>
+   <listitem>
+     <para>
        xfsprogs was update from 4.19 to 5.11. It now enables reflink support by default on filesystem creation.
        Support for reflinks was added with an experimental status to kernel 4.9 and deemed stable in kernel 4.16.
        If you want to be able to mount XFS filesystems created with this release of xfsprogs on kernel releases older than those, you need to format them
@@ -324,7 +373,18 @@
    </listitem>
    <listitem>
     <para>
-      <literal>vim</literal> switched to Python 3, dropping all Python 2 support.
+      <literal>vim</literal> and <literal>neovim</literal> switched to Python 3, dropping all Python 2 support.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     <link linkend="opt-networking.wireguard.interfaces">networking.wireguard.interfaces.&lt;name&gt;.generatePrivateKeyFile</link>,
+     which is off by default, had a <literal>chmod</literal> race condition
+     fixed. As an aside, the parent directory's permissions were widened,
+     and the key files were made owner-writable.
+     This only affects newly created keys.
+     However, if the exact permissions are important for your setup, read
+     <link xlink:href="https://github.com/NixOS/nixpkgs/pull/121294">#121294</link>.
     </para>
    </listitem>
    <listitem>
@@ -344,6 +404,15 @@
    </listitem>
    <listitem>
     <para>
+     The WireGuard module gained a new option
+     <option>networking.wireguard.interfaces.&lt;name&gt;.peers.*.dynamicEndpointRefreshSeconds</option>
+     that implements refreshing the IP of DNS-based endpoints periodically
+     (which WireGuard itself
+     <link xlink:href="https://lists.zx2c4.com/pipermail/wireguard/2017-November/002028.html">cannot do</link>).
+    </para>
+   </listitem>
+   <listitem>
+    <para>
      MariaDB has been updated to 10.5.
      Before you upgrade, it would be best to take a backup of your database and read
      <link xlink:href="https://mariadb.com/kb/en/upgrading-from-mariadb-104-to-mariadb-105/#incompatible-changes-between-104-and-105">
@@ -374,7 +443,7 @@
     </para>
     <programlisting>
       TMPDIR=$(mktemp -d)
-      slaptest -f /path/to/slapd.conf $TMPDIR
+      slaptest -f /path/to/slapd.conf -F $TMPDIR
       slapcat -F $TMPDIR -n0 -H 'ldap:///???(!(objectClass=olcSchemaConfig))'
     </programlisting>
     <para>
@@ -519,7 +588,7 @@ http://some.json-exporter.host:7979/probe?target=https://example.com/some/json/e
        <programlisting>
 self: super:
 {
- mpi = super.mpich;
+  mpi = super.mpich;
 }
        </programlisting>
      </para>
@@ -682,10 +751,56 @@ environment.systemPackages = [
    </listitem>
    <listitem>
      <para>
+       The <package>kbdKeymaps</package> package was removed since dvp and neo
+       are now included in <package>kbd</package>.
+
+       If you want to use the Programmer Dvorak Keyboard Layout, you have to use
+       <literal>dvorak-programmer</literal> in <option>console.keyMap</option>
+       now instead of <literal>dvp</literal>.
+       In <option>services.xserver.xkbVariant</option> it's still <literal>dvp</literal>.
+    </para>
+   </listitem>
+   <listitem>
+     <para>
        The <package>babeld</package> service is now being run as an unprivileged user. To achieve that the module configures
        <literal>skip-kernel-setup true</literal> and takes care of setting forwarding and rp_filter sysctls by itself as well
        as for each interface in <varname>services.babeld.interfaces</varname>.
      </para>
+    </listitem>
+   <listitem>
+     <para>
+      The <option>services.zigbee2mqtt.config</option> option has been renamed to <option>services.zigbee2mqtt.settings</option> and
+      now follows <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC 0042</link>.
+     </para>
+   </listitem>
+   <listitem>
+    <para>
+     The <package>yadm</package> dotfile manager has been updated from 2.x to 3.x, which has new (XDG) default locations for some data/state files. Most yadm commands will fail and print a legacy path warning (which describes how to upgrade/migrate your repository). If you have scripts, daemons, scheduled jobs, shell profiles, etc. that invoke yadm, expect them to fail or misbehave until you perform this migration and prepare accordingly.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     Instead of determining <option>services.radicale.package</option>
+     automatically based on <option>system.stateVersion</option>, the latest
+     version is always used because old versions are not officially supported.
+    </para>
+    <para>
+     Furthermore, Radicale's systemd unit was hardened which might break some
+     deployments.  In particular, a non-default
+     <literal>filesystem_folder</literal> has to be added to
+     <option>systemd.services.radicale.serviceConfig.ReadWritePaths</option> if
+     the deprecated <option>services.radicale.config</option> is used.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     In the <option>security.acme</option> module, use of <literal>--reuse-key</literal>
+     parameter for Lego has been removed. It was introduced for HKPK, but this security
+     feature is now deprecated. It is a better security practice to rotate key pairs
+     instead of always keeping the same. If you need to keep this parameter, you can add
+     it back using <literal>extraLegoRenewFlags</literal> as an option for the
+     appropriate certificate.
+    </para>
    </listitem>
   </itemizedlist>
  </section>
@@ -706,6 +821,85 @@ environment.systemPackages = [
      for details.
     </para>
    </listitem>
+
+   <listitem>
+    <para>
+     <link xlink:href="https://www.gnuradio.org/">GNURadio</link> has a
+     <code>pkgs</code> attribute set, and there's a <code>gnuradio.callPackage</code>
+     function that extends <code>pkgs</code> with a <code>mkDerivation</code>, and a
+     <code>mkDerivationWith</code>, like Qt5. Now all <code>gnuradio.pkgs</code> are
+     defined with <code>gnuradio.callPackage</code> and some packages that depend
+     on gnuradio are defined with this as well.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     <link xlink:href="https://www.privoxy.org/">Privoxy</link> has been updated
+     to version 3.0.32 (See <link xlink:href="https://lists.privoxy.org/pipermail/privoxy-announce/2021-February/000007.html">announcement</link>).
+     Compared to the previous release, Privoxy has gained support for HTTPS
+     inspection (still experimental), Brotli decompression, several new filters
+     and lots of bug fixes, including security ones. In addition, the package
+     is now built with compression and external filters support, which were
+     previously disabled.
+    </para>
+    <para>
+     Regarding the NixOS module, new options for HTTPS inspection have been added
+     and <option>services.privoxy.extraConfig</option> has been replaced by the new
+     <xref linkend="opt-services.privoxy.settings"/>
+     (See <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC 0042</link>
+     for the motivation).
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     <link xlink:href="https://kodi.tv/">Kodi</link> has been updated to version 19.1 "Matrix". See
+     the <link xlink:href="https://kodi.tv/article/kodi-190-matrix-release">announcement</link> for
+     further details.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     The <option>services.packagekit.backend</option> option has been removed as
+     it only supported a single setting which would always be the default.
+     Instead new <link
+     xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
+     0042</link> compliant <xref linkend="opt-services.packagekit.settings"/>
+     and <xref linkend="opt-services.packagekit.vendorSettings"/> options have
+     been introduced.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+      <link xlink:href="https://nginx.org">Nginx</link> has been updated to stable version 1.20.0.
+      Now nginx uses the zlib-ng library by default.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     KDE Gear (formerly KDE Applications) is upgraded to 21.04, see its
+     <link xlink:href="https://kde.org/announcements/gear/21.04/">release
+     notes</link> for details.
+    </para>
+    <para>
+     The <code>kdeApplications</code> package set is now <code>kdeGear</code>,
+     in keeping with the new name. The old name remains for compatibility, but
+     it is deprecated.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     <link xlink:href="https://libreswan.org/">Libreswan</link> has been updated
+     to version 4.4. The package now includes example configurations and manual
+     pages by default. The NixOS module has been changed to use the upstream
+     systemd units and write the configuration in the <literal>/etc/ipsec.d/
+     </literal> directory. In addition, two new options have been added to
+     specify connection policies
+     (<xref linkend="opt-services.libreswan.policies"/>)
+     and disable send/receive redirects
+     (<xref linkend="opt-services.libreswan.disableRedirects"/>).
+    </para>
+   </listitem>
+
    <listitem>
     <para>
      The Mailman NixOS module (<literal>services.mailman</literal>) has a new
@@ -747,6 +941,29 @@ environment.systemPackages = [
     </para>
    </listitem>
    <listitem>
+     <para>
+       The <literal>mediatomb</literal> service
+       declares new options. It also adapts existing options so the
+       configuration generation is now lazy. The existing option
+       <literal>customCfg</literal> (defaults to false), when enabled, stops
+       the service configuration generation completely. It then expects the
+       users to provide their own correct configuration at the right location
+       (whereas the configuration was generated and not used at all before).
+       The new option <literal>transcodingOption</literal> (defaults to no)
+       allows a generated configuration. It makes the mediatomb service pulls
+       the necessary runtime dependencies in the nix store (whereas it was
+       generated with hardcoded values before). The new option
+       <literal>mediaDirectories</literal> allows the users to declare autoscan
+       media directories from their nixos configuration:
+       <programlisting>
+       services.mediatomb.mediaDirectories = [
+         { path = "/var/lib/mediatomb/pictures"; recursive = false; hidden-files = false; }
+         { path = "/var/lib/mediatomb/audio"; recursive = true; hidden-files = false; }
+       ];
+       </programlisting>
+     </para>
+   </listitem>
+   <listitem>
     <para>
      The Unbound DNS resolver service (<literal>services.unbound</literal>) has been refactored to allow reloading, control sockets and to fix startup ordering issues.
     </para>
@@ -801,6 +1018,23 @@ environment.systemPackages = [
      default in the CLI tooling which in turn enables us to use
      <literal>unbound-control</literal> without passing a custom configuration location.
     </para>
+
+    <para>
+     The module has also been reworked to be <link
+     xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
+     0042</link> compliant. As such,
+     <option>sevices.unbound.extraConfig</option> has been removed and replaced
+     by <xref linkend="opt-services.unbound.settings"/>. <option>services.unbound.interfaces</option>
+     has been renamed to <option>services.unbound.settings.server.interface</option>.
+    </para>
+
+    <para>
+     <option>services.unbound.forwardAddresses</option> and
+     <option>services.unbound.allowedAccess</option> have also been changed to
+     use the new settings interface. You can follow the instructions when
+     executing <literal>nixos-rebuild</literal> to upgrade your configuration to
+     use the new interface.
+    </para>
    </listitem>
    <listitem>
     <para>
@@ -827,7 +1061,8 @@ environment.systemPackages = [
      PulseAudio was upgraded to 14.0, with changes to the handling of default sinks.
      See its <link xlink:href="https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/14.0/">release notes</link>.
     </para>
-
+   </listitem>
+   <listitem>
     <para>
      GNOME users may wish to delete their <literal>~/.config/pulse</literal> due to the changes to stream routing
      logic. See <link xlink:href="https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/issues/832">PulseAudio bug 832</link>
@@ -865,8 +1100,25 @@ environment.systemPackages = [
     </para>
    </listitem>
    <listitem>
+    <para>
+     The <literal>security.apparmor</literal> module,
+     for the <link xlink:href="https://gitlab.com/apparmor/apparmor/-/wikis/Documentation">AppArmor</link>
+     Mandatory Access Control system,
+     has been substantialy improved along with related tools,
+     so that module maintainers can now more easily write AppArmor profiles for NixOS.
+     The most notable change on the user-side is the new option <xref linkend="opt-security.apparmor.policies"/>,
+     replacing the previous <literal>profiles</literal> option
+     to provide a way to disable a profile
+     and to select whether to confine in enforce mode (default)
+     or in complain mode (see <literal>journalctl -b --grep apparmor</literal>).
+     Security-minded users may also want to enable <xref linkend="opt-security.apparmor.killUnconfinedConfinables"/>,
+     at the cost of having some of their processes killed
+     when updating to a NixOS version introducing new AppArmor profiles.
+    </para>
+   </listitem>
+   <listitem>
      <para>
-       The GNOME desktop manager once again installs <package>gnome3.epiphany</package> by default.
+       The GNOME desktop manager once again installs <package>gnome.epiphany</package> by default.
      </para>
    </listitem>
    <listitem>
@@ -972,6 +1224,43 @@ environment.systemPackages = [
      PostgreSQL 9.5 is scheduled EOL during the 21.05 life cycle and has been removed.
     </para>
    </listitem>
+   <listitem>
+    <para>
+     <link xlink:href="https://www.xfce.org/">Xfce4</link> relies on
+     GIO/GVfs for userspace virtual filesystem access in applications
+     like <link xlink:href="https://docs.xfce.org/xfce/thunar/">thunar</link> and
+     <link xlink:href="https://docs.xfce.org/apps/gigolo/">gigolo</link>.
+     For that to work, the gvfs nixos service is enabled by default,
+     and it can be configured with the specific package that provides
+     GVfs. Until now Xfce4 was setting it to use a lighter version of
+     GVfs (without support for samba). To avoid conflicts with other
+     desktop environments this setting has been dropped. Users that
+     still want it should add the following to their system
+     configuration:
+     <programlisting>
+<xref linkend="opt-services.gvfs.package" /> = pkgs.gvfs.override { samba = null; };
+     </programlisting>
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     The newly enabled <literal>systemd-pstore.service</literal> now automatically evacuates crashdumps and panic logs from the persistent storage to <literal>/var/lib/systemd/pstore</literal>.
+     This prevents NVRAM from filling up, which ensures the latest diagnostic data is always stored and alleviates problems with writing new boot configurations.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     Nixpkgs now contains <link xlink:href="https://github.com/NixOS/nixpkgs/pull/118232">automatically packaged GNOME Shell extensions</link> from the <link xlink:href="https://extensions.gnome.org/">GNOME Extensions</link> portal. You can find them, filed by their UUID, under <literal>gnome38Extensions</literal> attribute for GNOME 3.38 and under <literal>gnome40Extensions</literal> for GNOME 40. Finally, the <literal>gnomeExtensions</literal> attribute contains extensions for the latest GNOME Shell version in Nixpkgs, listed under a more human-friendly name. The unqualified attribute scope also contains manually packaged extensions. Note that the automatically packaged extensions are provided for convenience and are not checked or guaranteed to work.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     Erlang/OTP versions older than R21 got dropped. We also dropped the cuter package, as it was purely an example of how to build a package.
+     We also dropped <literal>lfe_1_2</literal> as it could not build with R21+.
+     Moving forward, we expect to only support 3 yearly releases of OTP.
+    </para>
+   </listitem>
+
   </itemizedlist>
  </section>
 </section>
diff --git a/nixpkgs/nixos/doc/manual/release-notes/rl-2111.section.md b/nixpkgs/nixos/doc/manual/release-notes/rl-2111.section.md
new file mode 100644
index 000000000000..c1fde5a032b4
--- /dev/null
+++ b/nixpkgs/nixos/doc/manual/release-notes/rl-2111.section.md
@@ -0,0 +1,67 @@
+# Release 21.11 (“?”, 2021.11/??) {#release-21.11}
+
+In addition to numerous new and upgraded packages, this release has the following highlights:
+
+* Support is planned until the end of April 2022, handing over to 22.05.
+
+## Highlights
+
+* PHP now defaults to PHP 8.0, updated from 7.4.
+
+## New Services
+
+* [geoipupdate](https://github.com/maxmind/geoipupdate), a GeoIP
+  database updater from MaxMind. Available as
+  [services.geoipupdate](options.html#opt-services.geoipupdate.enable).
+
+* [sourcehut](https://sr.ht), a collection of tools useful for software
+  development. Available as
+  [services.sourcehut](options.html#opt-services.sourcehut.enable).
+
+## Backward Incompatibilities
+
+* The `staticjinja` package has been upgraded from 1.0.4 to 2.0.0
+
+* `services.geoip-updater` was broken and has been replaced by
+  [services.geoipupdate](options.html#opt-services.geoipupdate.enable).
+
+* PHP 7.3 is no longer supported due to upstream not supporting this
+  version for the entire lifecycle of the 21.11 release.
+
+* Those making use of `buildBazelPackage` will need to regenerate the fetch
+  hashes (preferred), or set `fetchConfigured = false;`.
+
+* fsharp41 has been removed in preference to use the latest dotnet-sdk
+
+* The following F#-related packages have been removed for being unmaintaned.
+  Please use `fetchNuGet` for specific packages.
+  - ExtCore
+  - Fake
+  - Fantomas
+  - FsCheck
+  - FsCheck262
+  - FsCheckNunit
+  - FSharpAutoComplete
+  - FSharpCompilerCodeDom
+  - FSharpCompilerService
+  - FSharpCompilerTools
+  - FSharpCore302
+  - FSharpCore3125
+  - FSharpCore4001
+  - FSharpCore4117
+  - FSharpData
+  - FSharpData225
+  - FSharpDataSQLProvider
+  - FSharpFormatting
+  - FsLexYacc
+  - FsLexYacc706
+  - FsLexYaccRuntime
+  - FsPickler
+  - FsUnit
+  - Projekt
+  - Suave
+  - UnionArgParser
+  - ExcelDnaRegistration
+  - MathNetNumerics
+
+## Other Notable Changes
diff --git a/nixpkgs/nixos/doc/manual/shell.nix b/nixpkgs/nixos/doc/manual/shell.nix
index cc3609d750e0..e5ec9b8f97f7 100644
--- a/nixpkgs/nixos/doc/manual/shell.nix
+++ b/nixpkgs/nixos/doc/manual/shell.nix
@@ -4,5 +4,5 @@ in
 pkgs.mkShell {
   name = "nixos-manual";
 
-  buildInputs = with pkgs; [ xmlformat jing xmloscopy ruby ];
+  packages = with pkgs; [ xmlformat jing xmloscopy ruby ];
 }
author	Alyssa Ross <hi@alyssa.is>	2021-06-22 15:01:47 +0000
committer	Alyssa Ross <hi@alyssa.is>	2021-06-22 16:57:59 +0000
commit	633cab0ecb07627706c6b523e219490f019eaab5 (patch)
tree	4fb472bdfe2723037dad53dc1b8a87c939015f5e /nixpkgs/nixos/doc/manual
parent	ffb691c199e7e0cbc4e45e5310779c9e3f7c2a73 (diff)
parent	432fc2d9a67f92e05438dff5fdc2b39d33f77997 (diff)
download	nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.gz nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.bz2 nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.lz nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.xz nixlib-633cab0ecb07627706c6b523e219490f019eaab5.tar.zst nixlib-633cab0ecb07627706c6b523e219490f019eaab5.zip