diff options
| author | Alyssa Ross <hi@alyssa.is> | 2023-08-08 16:04:42 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2023-08-13 06:35:37 +0000 |
| commit | 12aaa58dac35800b5b7d77f81cf2a87c21ee55da (patch) | |
| tree | be0add9e5c22a85d20b5d78206aa74f956eb2a1b /nixpkgs/nixos/doc | |
| parent | 45892a5591202f75a1c2f1ca7c62a92c7566e3c5 (diff) | |
| parent | 5a8e9243812ba528000995b294292d3b5e120947 (diff) | |
| download | nixlib-12aaa58dac35800b5b7d77f81cf2a87c21ee55da.tar nixlib-12aaa58dac35800b5b7d77f81cf2a87c21ee55da.tar.gz nixlib-12aaa58dac35800b5b7d77f81cf2a87c21ee55da.tar.bz2 nixlib-12aaa58dac35800b5b7d77f81cf2a87c21ee55da.tar.lz nixlib-12aaa58dac35800b5b7d77f81cf2a87c21ee55da.tar.xz nixlib-12aaa58dac35800b5b7d77f81cf2a87c21ee55da.tar.zst nixlib-12aaa58dac35800b5b7d77f81cf2a87c21ee55da.zip | |
Merge branch 'nixos-unstable' of https://github.com/NixOS/nixpkgs
Conflicts: nixpkgs/pkgs/applications/window-managers/sway/default.nix nixpkgs/pkgs/build-support/go/module.nix nixpkgs/pkgs/build-support/rust/build-rust-package/default.nix nixpkgs/pkgs/development/libraries/mesa/default.nix nixpkgs/pkgs/servers/dict/dictd-db.nix Link: https://gitlab.freedesktop.org/xkeyboard-config/xkeyboard-config/-/issues/391
Diffstat (limited to 'nixpkgs/nixos/doc')
13 files changed, 257 insertions, 446 deletions
diff --git a/nixpkgs/nixos/doc/manual/common.nix b/nixpkgs/nixos/doc/manual/common.nix new file mode 100644 index 000000000000..48d1d909492d --- /dev/null +++ b/nixpkgs/nixos/doc/manual/common.nix @@ -0,0 +1,4 @@ +{ + outputPath = "share/doc/nixos"; + indexPath = "index.html"; +} diff --git a/nixpkgs/nixos/doc/manual/configuration/gpu-accel.chapter.md b/nixpkgs/nixos/doc/manual/configuration/gpu-accel.chapter.md index aa41e25e56f3..40878b5da4b5 100644 --- a/nixpkgs/nixos/doc/manual/configuration/gpu-accel.chapter.md +++ b/nixpkgs/nixos/doc/manual/configuration/gpu-accel.chapter.md @@ -189,7 +189,7 @@ Older Intel GPUs use the i965 driver, which can be installed with: ```nix hardware.opengl.extraPackages = [ - vaapiIntel + intel-vaapi-driver ]; ``` diff --git a/nixpkgs/nixos/doc/manual/configuration/renaming-interfaces.section.md b/nixpkgs/nixos/doc/manual/configuration/renaming-interfaces.section.md index 18390c959b24..5b515e9f82a0 100644 --- a/nixpkgs/nixos/doc/manual/configuration/renaming-interfaces.section.md +++ b/nixpkgs/nixos/doc/manual/configuration/renaming-interfaces.section.md @@ -37,7 +37,7 @@ even if networkd is disabled. Alternatively, we can use a plain old udev rule: ```nix -services.udev.initrdRules = '' +boot.initrd.services.udev.rules = '' SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", \ ATTR{address}=="52:54:00:12:01:01", KERNEL=="eth*", NAME="wan" ''; @@ -45,7 +45,7 @@ services.udev.initrdRules = '' ::: {.warning} The rule must be installed in the initrd using -`services.udev.initrdRules`, not the usual `services.udev.extraRules` +`boot.initrd.services.udev.rules`, not the usual `services.udev.extraRules` option. This is to avoid race conditions with other programs controlling the interface. ::: diff --git a/nixpkgs/nixos/doc/manual/contributing-to-this-manual.chapter.md b/nixpkgs/nixos/doc/manual/contributing-to-this-manual.chapter.md index c306cc084cdb..4633c7e1b058 100644 --- a/nixpkgs/nixos/doc/manual/contributing-to-this-manual.chapter.md +++ b/nixpkgs/nixos/doc/manual/contributing-to-this-manual.chapter.md @@ -11,6 +11,8 @@ $ nix-build nixos/release.nix -A manual.x86_64-linux If the build succeeds, the manual will be in `./result/share/doc/nixos/index.html`. +There's also [a convenient development daemon](https://nixos.org/manual/nixpkgs/unstable/#sec-contributing-devmode). + **Contributing to the man pages** The man pages are written in [DocBook] which is XML. diff --git a/nixpkgs/nixos/doc/manual/default.nix b/nixpkgs/nixos/doc/manual/default.nix index 68132f302e42..902dee701801 100644 --- a/nixpkgs/nixos/doc/manual/default.nix +++ b/nixpkgs/nixos/doc/manual/default.nix @@ -6,7 +6,6 @@ , extraSources ? [] , baseOptionsJSON ? null , warningsAreErrors ? true -, allowDocBook ? true , prefix ? ../../.. }: @@ -17,9 +16,7 @@ let lib = pkgs.lib; - docbook_xsl_ns = pkgs.docbook-xsl-ns.override { - withManOptDedupPatch = true; - }; + common = import ./common.nix; manpageUrls = pkgs.path + "/doc/manpage-urls.json"; @@ -33,7 +30,7 @@ let stripAnyPrefixes = lib.flip (lib.foldr lib.removePrefix) prefixesToStrip; optionsDoc = buildPackages.nixosOptionsDoc { - inherit options revision baseOptionsJSON warningsAreErrors allowDocBook; + inherit options revision baseOptionsJSON warningsAreErrors; transformOptions = opt: opt // { # Clean up declaration sites to not refer to the NixOS source tree. declarations = map stripAnyPrefixes opt.declarations; @@ -68,72 +65,8 @@ let optionIdPrefix = "test-opt-"; }; - toc = builtins.toFile "toc.xml" - '' - <toc role="chunk-toc"> - <d:tocentry xmlns:d="http://docbook.org/ns/docbook" linkend="book-nixos-manual"><?dbhtml filename="index.html"?> - <d:tocentry linkend="ch-options"><?dbhtml filename="options.html"?></d:tocentry> - <d:tocentry linkend="ch-release-notes"><?dbhtml filename="release-notes.html"?></d:tocentry> - </d:tocentry> - </toc> - ''; - - manualXsltprocOptions = toString [ - "--param chapter.autolabel 0" - "--param part.autolabel 0" - "--param preface.autolabel 0" - "--param reference.autolabel 0" - "--param section.autolabel 0" - "--stringparam html.stylesheet 'style.css overrides.css highlightjs/mono-blue.css'" - "--stringparam html.script './highlightjs/highlight.pack.js ./highlightjs/loader.js'" - "--param xref.with.number.and.title 0" - "--param toc.section.depth 0" - "--param generate.consistent.ids 1" - "--stringparam admon.style ''" - "--stringparam callout.graphics.extension .svg" - "--stringparam current.docid manual" - "--param chunk.section.depth 0" - "--param chunk.first.sections 1" - "--param use.id.as.filename 1" - "--stringparam chunk.toc ${toc}" - ]; - - linterFunctions = '' - # outputs the context of an xmllint error output - # LEN lines around the failing line are printed - function context { - # length of context - local LEN=6 - # lines to print before error line - local BEFORE=4 - - # xmllint output lines are: - # file.xml:1234: there was an error on line 1234 - while IFS=':' read -r file line rest; do - echo - if [[ -n "$rest" ]]; then - echo "$file:$line:$rest" - local FROM=$(($line>$BEFORE ? $line - $BEFORE : 1)) - # number lines & filter context - nl --body-numbering=a "$file" | sed -n "$FROM,+$LEN p" - else - if [[ -n "$line" ]]; then - echo "$file:$line" - else - echo "$file" - fi - fi - done - } - - function lintrng { - xmllint --debug --noout --nonet \ - --relaxng ${docbook5}/xml/rng/docbook/docbook.rng \ - "$1" \ - 2>&1 | context 1>&2 - # ^ redirect assumes xmllint doesn’t print to stdout - } - ''; + testDriverMachineDocstrings = pkgs.callPackage + ../../../nixos/lib/test-driver/nixos-test-driver-docstrings.nix {}; prepareManualFromMD = '' cp -r --no-preserve=all $inputs/* . @@ -147,112 +80,49 @@ let substituteInPlace ./nixos-options.md \ --replace \ '@NIXOS_OPTIONS_JSON@' \ - ${optionsDoc.optionsJSON}/share/doc/nixos/options.json + ${optionsDoc.optionsJSON}/${common.outputPath}/options.json substituteInPlace ./development/writing-nixos-tests.section.md \ --replace \ '@NIXOS_TEST_OPTIONS_JSON@' \ - ${testOptionsDoc.optionsJSON}/share/doc/nixos/options.json + ${testOptionsDoc.optionsJSON}/${common.outputPath}/options.json + sed -e '/@PYTHON_MACHINE_METHODS@/ {' -e 'r ${testDriverMachineDocstrings}/machine-methods.md' -e 'd' -e '}' \ + -i ./development/writing-nixos-tests.section.md ''; - manual-combined = runCommand "nixos-manual-combined" - { inputs = lib.sourceFilesBySuffices ./. [ ".xml" ".md" ]; - nativeBuildInputs = [ pkgs.nixos-render-docs pkgs.libxml2.bin pkgs.libxslt.bin ]; - meta.description = "The NixOS manual as plain docbook XML"; - } - '' - ${prepareManualFromMD} - - nixos-render-docs -j $NIX_BUILD_CORES manual docbook \ - --manpage-urls ${manpageUrls} \ - --revision ${lib.escapeShellArg revision} \ - ./manual.md \ - ./manual-combined-pre.xml - - xsltproc \ - -o manual-combined.xml ${./../../lib/make-options-doc/postprocess-option-descriptions.xsl} \ - manual-combined-pre.xml - - ${linterFunctions} - - mkdir $out - cp manual-combined.xml $out/ - - lintrng $out/manual-combined.xml - ''; - - manpages-combined = runCommand "nixos-manpages-combined.xml" - { nativeBuildInputs = [ buildPackages.libxml2.bin buildPackages.libxslt.bin ]; - meta.description = "The NixOS manpages as plain docbook XML"; - } - '' - mkdir generated - cp -prd ${./man-pages.xml} man-pages.xml - ln -s ${optionsDoc.optionsDocBook} generated/options-db.xml - - xmllint --xinclude --noxincludenode --output $out ./man-pages.xml - - ${linterFunctions} - - lintrng $out - ''; - in rec { - inherit (optionsDoc) optionsJSON optionsNix optionsDocBook optionsUsedDocbook; + inherit (optionsDoc) optionsJSON optionsNix optionsDocBook; # Generate the NixOS manual. manualHTML = runCommand "nixos-manual-html" - { nativeBuildInputs = - if allowDocBook then [ - buildPackages.libxml2.bin - buildPackages.libxslt.bin - ] else [ - buildPackages.nixos-render-docs - ]; - inputs = lib.optionals (! allowDocBook) (lib.sourceFilesBySuffices ./. [ ".md" ]); + { nativeBuildInputs = [ buildPackages.nixos-render-docs ]; + inputs = lib.sourceFilesBySuffices ./. [ ".md" ]; meta.description = "The NixOS manual in HTML format"; allowedReferences = ["out"]; } '' # Generate the HTML manual. - dst=$out/share/doc/nixos + dst=$out/${common.outputPath} mkdir -p $dst cp ${../../../doc/style.css} $dst/style.css cp ${../../../doc/overrides.css} $dst/overrides.css cp -r ${pkgs.documentation-highlighter} $dst/highlightjs - ${if allowDocBook then '' - xsltproc \ - ${manualXsltprocOptions} \ - --stringparam id.warnings "1" \ - --nonet --output $dst/ \ - ${docbook_xsl_ns}/xml/xsl/docbook/xhtml/chunktoc.xsl \ - ${manual-combined}/manual-combined.xml \ - |& tee xsltproc.out - grep "^ID recommended on" xsltproc.out &>/dev/null && echo "error: some IDs are missing" && false - rm xsltproc.out - - mkdir -p $dst/images/callouts - cp ${docbook_xsl_ns}/xml/xsl/docbook/images/callouts/*.svg $dst/images/callouts/ - '' else '' - ${prepareManualFromMD} + ${prepareManualFromMD} - # TODO generator is set like this because the docbook/md manual compare workflow will - # trigger if it's different - nixos-render-docs -j $NIX_BUILD_CORES manual html \ - --manpage-urls ${manpageUrls} \ - --revision ${lib.escapeShellArg revision} \ - --generator "DocBook XSL Stylesheets V${docbook_xsl_ns.version}" \ - --stylesheet style.css \ - --stylesheet overrides.css \ - --stylesheet highlightjs/mono-blue.css \ - --script ./highlightjs/highlight.pack.js \ - --script ./highlightjs/loader.js \ - --toc-depth 1 \ - --chunk-toc-depth 1 \ - ./manual.md \ - $dst/index.html - ''} + nixos-render-docs -j $NIX_BUILD_CORES manual html \ + --manpage-urls ${manpageUrls} \ + --revision ${lib.escapeShellArg revision} \ + --generator "nixos-render-docs ${lib.version}" \ + --stylesheet style.css \ + --stylesheet overrides.css \ + --stylesheet highlightjs/mono-blue.css \ + --script ./highlightjs/highlight.pack.js \ + --script ./highlightjs/loader.js \ + --toc-depth 1 \ + --chunk-toc-depth 1 \ + ./manual.md \ + $dst/${common.indexPath} mkdir -p $out/nix-support echo "nix-build out $out" >> $out/nix-support/hydra-build-products @@ -263,23 +133,45 @@ in rec { manual = manualHTML; # Index page of the NixOS manual. - manualHTMLIndex = "${manualHTML}/share/doc/nixos/index.html"; + manualHTMLIndex = "${manualHTML}/${common.outputPath}/${common.indexPath}"; manualEpub = runCommand "nixos-manual-epub" { nativeBuildInputs = [ buildPackages.libxml2.bin buildPackages.libxslt.bin buildPackages.zip ]; + doc = '' + <book xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + version="5.0" + xml:id="book-nixos-manual"> + <info> + <title>NixOS Manual</title> + <subtitle>Version ${lib.version}</subtitle> + </info> + <chapter> + <title>Temporarily unavailable</title> + <para> + The NixOS manual is currently not available in EPUB format, + please use the <link xlink:href="https://nixos.org/nixos/manual">HTML manual</link> + instead. + </para> + <para> + If you've used the EPUB manual in the past and it has been useful to you, please + <link xlink:href="https://github.com/NixOS/nixpkgs/issues/237234">let us know</link>. + </para> + </chapter> + </book> + ''; + passAsFile = [ "doc" ]; } '' # Generate the epub manual. - dst=$out/share/doc/nixos + dst=$out/${common.outputPath} xsltproc \ - ${manualXsltprocOptions} \ + --param chapter.autolabel 0 \ --nonet --xinclude --output $dst/epub/ \ ${docbook_xsl_ns}/xml/xsl/docbook/epub/docbook.xsl \ - ${manual-combined}/manual-combined.xml + $docPath - mkdir -p $dst/epub/OEBPS/images/callouts - cp -r ${docbook_xsl_ns}/xml/xsl/docbook/images/callouts/*.svg $dst/epub/OEBPS/images/callouts # */ echo "application/epub+zip" > mimetype manual="$dst/nixos-manual.epub" zip -0Xq "$manual" mimetype @@ -296,10 +188,6 @@ in rec { manpages = runCommand "nixos-manpages" { nativeBuildInputs = [ buildPackages.installShellFiles - ] ++ lib.optionals allowDocBook [ - buildPackages.libxml2.bin - buildPackages.libxslt.bin - ] ++ lib.optionals (! allowDocBook) [ buildPackages.nixos-render-docs ]; allowedReferences = ["out"]; @@ -308,24 +196,11 @@ in rec { # Generate manpages. mkdir -p $out/share/man/man8 installManPage ${./manpages}/* - ${if allowDocBook - then '' - xsltproc --nonet \ - --maxdepth 6000 \ - --param man.output.in.separate.dir 1 \ - --param man.output.base.dir "'$out/share/man/'" \ - --param man.endnotes.are.numbered 0 \ - --param man.break.after.slash 1 \ - ${docbook_xsl_ns}/xml/xsl/docbook/manpages/docbook.xsl \ - ${manpages-combined} - '' - else '' - mkdir -p $out/share/man/man5 - nixos-render-docs -j $NIX_BUILD_CORES options manpage \ - --revision ${lib.escapeShellArg revision} \ - ${optionsJSON}/share/doc/nixos/options.json \ - $out/share/man/man5/configuration.nix.5 - ''} + mkdir -p $out/share/man/man5 + nixos-render-docs -j $NIX_BUILD_CORES options manpage \ + --revision ${lib.escapeShellArg revision} \ + ${optionsJSON}/${common.outputPath}/options.json \ + $out/share/man/man5/configuration.nix.5 ''; } diff --git a/nixpkgs/nixos/doc/manual/development/option-types.section.md b/nixpkgs/nixos/doc/manual/development/option-types.section.md index 9e156ebff9d3..44bb3b4782e1 100644 --- a/nixpkgs/nixos/doc/manual/development/option-types.section.md +++ b/nixpkgs/nixos/doc/manual/development/option-types.section.md @@ -20,6 +20,11 @@ merging is handled. coerced to a string. Even if derivations can be considered as paths, the more specific `types.package` should be preferred. +`types.pathInStore` + +: A path that is contained in the Nix store. This can be a top-level store + path like `pkgs.hello` or a descendant like `"${pkgs.hello}/bin/hello"`. + `types.package` : A top-level store path. This can be an attribute set pointing diff --git a/nixpkgs/nixos/doc/manual/development/writing-nixos-tests.section.md b/nixpkgs/nixos/doc/manual/development/writing-nixos-tests.section.md index 486a4b64a262..84b247fd2042 100644 --- a/nixpkgs/nixos/doc/manual/development/writing-nixos-tests.section.md +++ b/nixpkgs/nixos/doc/manual/development/writing-nixos-tests.section.md @@ -139,210 +139,7 @@ to Python as `machine_a`. The following methods are available on machine objects: -`start` - -: Start the virtual machine. This method is asynchronous --- it does - not wait for the machine to finish booting. - -`shutdown` - -: Shut down the machine, waiting for the VM to exit. - -`crash` - -: Simulate a sudden power failure, by telling the VM to exit - immediately. - -`block` - -: Simulate unplugging the Ethernet cable that connects the machine to - the other machines. - -`unblock` - -: Undo the effect of `block`. - -`screenshot` - -: Take a picture of the display of the virtual machine, in PNG format. - The screenshot is linked from the HTML log. - -`get_screen_text_variants` - -: Return a list of different interpretations of what is currently - visible on the machine's screen using optical character - recognition. The number and order of the interpretations is not - specified and is subject to change, but if no exception is raised at - least one will be returned. - - ::: {.note} - This requires [`enableOCR`](#test-opt-enableOCR) to be set to `true`. - ::: - -`get_screen_text` - -: Return a textual representation of what is currently visible on the - machine's screen using optical character recognition. - - ::: {.note} - This requires [`enableOCR`](#test-opt-enableOCR) to be set to `true`. - ::: - -`send_monitor_command` - -: Send a command to the QEMU monitor. This is rarely used, but allows - doing stuff such as attaching virtual USB disks to a running - machine. - -`send_key` - -: Simulate pressing keys on the virtual keyboard, e.g., - `send_key("ctrl-alt-delete")`. - -`send_chars` - -: Simulate typing a sequence of characters on the virtual keyboard, - e.g., `send_chars("foobar\n")` will type the string `foobar` - followed by the Enter key. - -`send_console` - -: Send keys to the kernel console. This allows interaction with the systemd - emergency mode, for example. Takes a string that is sent, e.g., - `send_console("\n\nsystemctl default\n")`. - -`execute` - -: Execute a shell command, returning a list `(status, stdout)`. - - Commands are run with `set -euo pipefail` set: - - - If several commands are separated by `;` and one fails, the - command as a whole will fail. - - - For pipelines, the last non-zero exit status will be returned - (if there is one; otherwise zero will be returned). - - - Dereferencing unset variables fails the command. - - - It will wait for stdout to be closed. - - If the command detaches, it must close stdout, as `execute` will wait - for this to consume all output reliably. This can be achieved by - redirecting stdout to stderr `>&2`, to `/dev/console`, `/dev/null` or - a file. Examples of detaching commands are `sleep 365d &`, where the - shell forks a new process that can write to stdout and `xclip -i`, where - the `xclip` command itself forks without closing stdout. - - Takes an optional parameter `check_return` that defaults to `True`. - Setting this parameter to `False` will not check for the return code - and return -1 instead. This can be used for commands that shut down - the VM and would therefore break the pipe that would be used for - retrieving the return code. - - A timeout for the command can be specified (in seconds) using the optional - `timeout` parameter, e.g., `execute(cmd, timeout=10)` or - `execute(cmd, timeout=None)`. The default is 900 seconds. - -`succeed` - -: Execute a shell command, raising an exception if the exit status is - not zero, otherwise returning the standard output. Similar to `execute`, - except that the timeout is `None` by default. See `execute` for details on - command execution. - -`fail` - -: Like `succeed`, but raising an exception if the command returns a zero - status. - -`wait_until_succeeds` - -: Repeat a shell command with 1-second intervals until it succeeds. - Has a default timeout of 900 seconds which can be modified, e.g. - `wait_until_succeeds(cmd, timeout=10)`. See `execute` for details on - command execution. - -`wait_until_fails` - -: Like `wait_until_succeeds`, but repeating the command until it fails. - -`wait_for_unit` - -: Wait until the specified systemd unit has reached the "active" - state. - -`wait_for_file` - -: Wait until the specified file exists. - -`wait_for_open_port` - -: Wait until a process is listening on the given TCP port and IP address - (default `localhost`). - -`wait_for_closed_port` - -: Wait until nobody is listening on the given TCP port and IP address - (default `localhost`). - -`wait_for_x` - -: Wait until the X11 server is accepting connections. - -`wait_for_text` - -: Wait until the supplied regular expressions matches the textual - contents of the screen by using optical character recognition (see - `get_screen_text` and `get_screen_text_variants`). - - ::: {.note} - This requires [`enableOCR`](#test-opt-enableOCR) to be set to `true`. - ::: - -`wait_for_console_text` - -: Wait until the supplied regular expressions match a line of the - serial console output. This method is useful when OCR is not - possible or accurate enough. - -`wait_for_window` - -: Wait until an X11 window has appeared whose name matches the given - regular expression, e.g., `wait_for_window("Terminal")`. - -`copy_from_host` - -: Copies a file from host to machine, e.g., - `copy_from_host("myfile", "/etc/my/important/file")`. - - The first argument is the file on the host. The file needs to be - accessible while building the nix derivation. The second argument is - the location of the file on the machine. - -`systemctl` - -: Runs `systemctl` commands with optional support for - `systemctl --user` - - ```py - machine.systemctl("list-jobs --no-pager") # runs `systemctl list-jobs --no-pager` - machine.systemctl("list-jobs --no-pager", "any-user") # spawns a shell for `any-user` and runs `systemctl --user list-jobs --no-pager` - ``` - -`shell_interact` - -: Allows you to directly interact with the guest shell. This should - only be used during test development, not in production tests. - Killing the interactive session with `Ctrl-d` or `Ctrl-c` also ends - the guest session. - -`console_interact` - -: Allows you to directly interact with QEMU's stdin. This should - only be used during test development, not in production tests. - Output from QEMU is only read line-wise. `Ctrl-c` kills QEMU and - `Ctrl-d` closes console and returns to the test runner. +@PYTHON_MACHINE_METHODS@ To test user units declared by `systemd.user.services` the optional `user` argument can be used: diff --git a/nixpkgs/nixos/doc/manual/installation/installing.chapter.md b/nixpkgs/nixos/doc/manual/installation/installing.chapter.md index 53cf9ed14c33..815bcc071cd9 100644 --- a/nixpkgs/nixos/doc/manual/installation/installing.chapter.md +++ b/nixpkgs/nixos/doc/manual/installation/installing.chapter.md @@ -249,14 +249,14 @@ update /etc/fstab. which will be used by the boot partition. ```ShellSession - # parted /dev/sda -- mkpart primary 512MB -8GB + # parted /dev/sda -- mkpart root ext4 512MB -8GB ``` 3. Next, add a *swap* partition. The size required will vary according to needs, here a 8GB one is created. ```ShellSession - # parted /dev/sda -- mkpart primary linux-swap -8GB 100% + # parted /dev/sda -- mkpart swap linux-swap -8GB 100% ``` ::: {.note} @@ -550,8 +550,8 @@ corresponding configuration Nix expression. ### Example partition schemes for NixOS on `/dev/sda` (UEFI) ```ShellSession # parted /dev/sda -- mklabel gpt -# parted /dev/sda -- mkpart primary 512MB -8GB -# parted /dev/sda -- mkpart primary linux-swap -8GB 100% +# parted /dev/sda -- mkpart root ext4 512MB -8GB +# parted /dev/sda -- mkpart swap linux-swap -8GB 100% # parted /dev/sda -- mkpart ESP fat32 1MB 512MB # parted /dev/sda -- set 3 esp on ``` diff --git a/nixpkgs/nixos/doc/manual/man-pages.xml b/nixpkgs/nixos/doc/manual/man-pages.xml deleted file mode 100644 index 52183f1f9ee0..000000000000 --- a/nixpkgs/nixos/doc/manual/man-pages.xml +++ /dev/null @@ -1,46 +0,0 @@ -<reference xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude"> - <title>NixOS Reference Pages</title> - <info> - <author> - <personname><firstname>Eelco</firstname><surname>Dolstra</surname></personname> - <contrib>Author</contrib> - </author> - <author> - <personname><othername>The Nixpkgs/NixOS contributors</othername></personname> - <contrib>Author</contrib> - </author> - <copyright><year>2007-2022</year><holder>Eelco Dolstra and the Nixpkgs/NixOS contributors</holder> - </copyright> - </info> - <refentry> - <refmeta> - <refentrytitle><filename>configuration.nix</filename> - </refentrytitle><manvolnum>5</manvolnum> - <refmiscinfo class="source">NixOS</refmiscinfo> - <!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> --> - </refmeta> - <refnamediv> - <refname><filename>configuration.nix</filename></refname> - <refpurpose>NixOS system configuration specification</refpurpose> - </refnamediv> - <refsection> - <title>Description</title> - <para> - The file <filename>/etc/nixos/configuration.nix</filename> contains the - declarative specification of your NixOS system configuration. The command - <command>nixos-rebuild</command> takes this file and realises the system - configuration specified therein. - </para> - </refsection> - <refsection> - <title>Options</title> - <para> - You can use the following options in <filename>configuration.nix</filename>. - </para> - <xi:include href="./generated/options-db.xml" - xpointer="configuration-variable-list" /> - </refsection> - </refentry> -</reference> diff --git a/nixpkgs/nixos/doc/manual/release-notes/rl-2111.section.md b/nixpkgs/nixos/doc/manual/release-notes/rl-2111.section.md index 159881a0ac4c..400eb1062d9a 100644 --- a/nixpkgs/nixos/doc/manual/release-notes/rl-2111.section.md +++ b/nixpkgs/nixos/doc/manual/release-notes/rl-2111.section.md @@ -441,6 +441,8 @@ In addition to numerous new and upgraded packages, this release has the followin - `pkgs.haskell-language-server` will now by default be linked dynamically to improve TemplateHaskell compatibility. To mitigate the increased closure size it will now by default only support our current default ghc (at the moment 9.0.2). Add other ghc versions via e.g. `pkgs.haskell-language-server.override { supportedGhcVersions = [ "90" "92" ]; }`. +- `pkgs.redis` is now built using the system jemalloc. This disables the experimental active defragmentation feature of redis. Users who require this feature can switch back to redis' vendored version of jemalloc by setting `services.redis.package = pkgs.redis.override { useSystemJemalloc = false; };`. + ## Other Notable Changes {#sec-release-21.11-notable-changes} diff --git a/nixpkgs/nixos/doc/manual/release-notes/rl-2305.section.md b/nixpkgs/nixos/doc/manual/release-notes/rl-2305.section.md index cca1d48ec564..c9da29063e1a 100644 --- a/nixpkgs/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixpkgs/nixos/doc/manual/release-notes/rl-2305.section.md @@ -83,6 +83,8 @@ In addition to numerous new and updated packages, this release has the following - [gitea-actions-runner](https://gitea.com/gitea/act_runner), a CI runner for Gitea/Forgejo Actions. Available as [services.gitea-actions-runner](#opt-services.gitea-actions-runner.instances). +- [evdevremapkeys](https://github.com/philipl/evdevremapkeys), a daemon to remap key events. Available as [services.evdevremapkeys](#opt-services.evdevremapkeys.enable). + - [gmediarender](https://github.com/hzeller/gmrender-resurrect), a simple, headless UPnP/DLNA renderer. Available as [services.gmediarender](options.html#opt-services.gmediarender.enable). - [go2rtc](https://github.com/AlexxIT/go2rtc), a camera streaming appliation with support for RTSP, WebRTC, HomeKit, FFMPEG, RTMP and other protocols. Available as [services.go2rtc](options.html#opt-services.go2rtc.enable). @@ -192,7 +194,7 @@ In addition to numerous new and updated packages, this release has the following "hmac-sha2-512" "hmac-sha2-256" "umac-128@openssh.com" - }; + ]; ``` - `podman` now uses the `netavark` network stack. Users will need to delete all of their local containers, images, volumes, etc, by running `podman system reset --force` once before upgrading their systems. @@ -201,7 +203,7 @@ In addition to numerous new and updated packages, this release has the following - `graylog` has been updated to version 5, which can not be updated directly from the previously packaged version 3.3. If you had installed the previously packaged version 3.3, please follow the [upgrade path](https://go2docs.graylog.org/5-0/upgrading_graylog/upgrade_path.htm) from 3.3 to 4.0 to 4.3 to 5.0. -- `buildFHSUserEnv` is now called `buildFHSEnv` and uses FlatPak's Bubblewrap sandboxing tool rather than Nixpkgs' own chrootenv. The old chrootenv-based implemenation is still available via `buildFHSEnvChrootenv` but is considered deprecated and will be removed when the remaining uses inside Nixpkgs have been migrated. If your FHSEnv-wrapped application misbehaves when using the new bubblewrap implementation, please create an issue in Nixpkgs. +- `buildFHSUserEnv` is now called `buildFHSEnv` and uses FlatPak's Bubblewrap sandboxing tool rather than Nixpkgs' own chrootenv. The old chrootenv-based implemenation is still available via `buildFHSEnvChroot` but is considered deprecated and will be removed when the remaining uses inside Nixpkgs have been migrated. If your FHSEnv-wrapped application misbehaves when using the new bubblewrap implementation, please create an issue in Nixpkgs. - `nushell` has been updated to at least version 0.77.0, which includes potential breaking changes in aliases. The old aliases are now available as `old-alias` but it is recommended you migrate to the new format. See [Reworked aliases](https://www.nushell.sh/blog/2023-03-14-nushell_0_77.html#reworked-aliases-breaking-changes-kubouch). @@ -316,7 +318,7 @@ In addition to numerous new and updated packages, this release has the following - The ppp plugin `rp-pppoe.so` has been renamed to `pppoe.so` in ppp 2.4.9. Starting from ppp 2.5.0, there is no longer an alias for backwards compatibility. Configurations that use this plugin must be updated accordingly from `plugin rp-pppoe.so` to `plugin pppoe.so`. See [upstream change](https://github.com/ppp-project/ppp/commit/610a7bd76eb1f99f22317541b35001b1e24877ed). -- [services.xserver.videoDrivers](options.html#opt-services.xserver.videoDrivers) now defaults to the `modesetting` driver over device-specific ones. The `radeon`, `amdgpu` and `nouveau` drivers are still available, but effectively unmaintained and not recommended for use. +- [services.xserver.videoDrivers](options.html#opt-services.xserver.videoDrivers) now defaults to the `modesetting` driver over device-specific ones. The `radeon`, `amdgpu` and `nouveau` drivers are still available, but effectively unmaintained and not recommended for use. Note that this __does not__ affect your regular graphics drivers; this only concerns the DDX component of the driver, which most people are not relying on. - [services.xserver.libinput.enable](options.html#opt-services.xserver.libinput.enable) is now set by default, enabling the more actively maintained and consistently behaved input device driver. @@ -553,7 +555,7 @@ In addition to numerous new and updated packages, this release has the following - `buildDunePackage` now defaults to `strictDeps = true` which means that any library should go into `buildInputs` or `checkInputs`. Any executable that is run on the building machine should go into `nativeBuildInputs` or `nativeCheckInputs` respectively. Example of executables are `ocaml`, `findlib` and `menhir`. PPXs are libraries which are built by dune and should therefore not go into `nativeBuildInputs`. -- `buildFHSUserEnv` is now called `buildFHSEnv` and uses FlatPak's Bubblewrap sandboxing tool rather than Nixpkgs' own chrootenv. The old chrootenv-based implemenation is still available via `buildFHSEnvChrootenv` but is considered deprecated and will be removed when the remaining uses inside Nixpkgs have been migrated. If your FHSEnv-wrapped application misbehaves when using the new bubblewrap implementation, please create an issue in Nixpkgs. +- `buildFHSUserEnv` is now called `buildFHSEnv` and uses FlatPak's Bubblewrap sandboxing tool rather than Nixpkgs' own chrootenv. The old chrootenv-based implemenation is still available via `buildFHSEnvChroot` but is considered deprecated and will be removed when the remaining uses inside Nixpkgs have been migrated. If your FHSEnv-wrapped application misbehaves when using the new bubblewrap implementation, please create an issue in Nixpkgs. - Top-level `buildPlatform`, `hostPlatform`, `targetPlatform` have been deprecated, use `stdenv.X` instead. diff --git a/nixpkgs/nixos/doc/manual/release-notes/rl-2311.section.md b/nixpkgs/nixos/doc/manual/release-notes/rl-2311.section.md index bc10f5b587c7..c69e8b4317ce 100644 --- a/nixpkgs/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixpkgs/nixos/doc/manual/release-notes/rl-2311.section.md @@ -4,9 +4,11 @@ - FoundationDB now defaults to major version 7. +- Support for WiFi6 (IEEE 802.11ax) and WPA3-SAE-PK was enabled in the `hostapd` package, along with a significant rework of the hostapd module. + ## New Services {#sec-release-23.11-new-services} -- Create the first release note entry in this section! +- [MCHPRS](https://github.com/MCHPR/MCHPRS), a multithreaded Minecraft server built for redstone. Available as [services.mchprs](#opt-services.mchprs.enable). - [acme-dns](https://github.com/joohoi/acme-dns), a limited DNS server to handle ACME DNS challenges easily and securely. Available as [services.acme-dns](#opt-services.acme-dns.enable). @@ -14,32 +16,180 @@ - [river](https://github.com/riverwm/river), A dynamic tiling wayland compositor. Available as [programs.river](#opt-programs.river.enable). +- [wayfire](https://wayfire.org), A modular and extensible wayland compositor. Available as [programs.wayfire](#opt-programs.wayfire.enable). + +- [mautrix-whatsapp](https://docs.mau.fi/bridges/go/whatsapp/index.html) A Matrix-WhatsApp puppeting bridge + +- [GoToSocial](https://gotosocial.org/), an ActivityPub social network server, written in Golang. Available as [services.gotosocial](#opt-services.gotosocial.enable). + +- [Typesense](https://github.com/typesense/typesense), a fast, typo-tolerant search engine for building delightful search experiences. Available as [services.typesense](#opt-services.typesense.enable). + +* [NS-USBLoader](https://github.com/developersu/ns-usbloader/), an all-in-one tool for managing Nintendo Switch homebrew. Available as [programs.ns-usbloader](#opt-programs.ns-usbloader.enable). + +- [Anuko Time Tracker](https://github.com/anuko/timetracker), a simple, easy to use, open source time tracking system. Available as [services.anuko-time-tracker](#opt-services.anuko-time-tracker.enable). + - [sitespeed-io](https://sitespeed.io), a tool that can generate metrics (timings, diagnostics) for websites. Available as [services.sitespeed-io](#opt-services.sitespeed-io.enable). +- [Apache Guacamole](https://guacamole.apache.org/), a cross-platform, clientless remote desktop gateway. Available as [services.guacamole-server](#opt-services.guacamole-server.enable) and [services.guacamole-client](#opt-services.guacamole-client.enable) services. + +- [pgBouncer](https://www.pgbouncer.org), a PostgreSQL connection pooler. Available as [services.pgbouncer](#opt-services.pgbouncer.enable). + +- [trust-dns](https://trust-dns.org/), a Rust based DNS server built to be safe and secure from the ground up. Available as [services.trust-dns](#opt-services.trust-dns.enable). + +- [osquery](https://www.osquery.io/), a SQL powered operating system instrumentation, monitoring, and analytics. + +- [ebusd](https://ebusd.eu), a daemon for handling communication with eBUS devices connected to a 2-wire bus system (“energy bus” used by numerous heating systems). Available as [services.ebusd](#opt-services.ebusd.enable). + +- [systemd-sysupdate](https://www.freedesktop.org/software/systemd/man/systemd-sysupdate.html), atomically updates the host OS, container images, portable service images or other sources. Available as [systemd.sysupdate](opt-systemd.sysupdate). + ## Backward Incompatibilities {#sec-release-23.11-incompatibilities} +- The `boot.loader.raspberryPi` options have been marked deprecated, with intent for removal for NixOS 24.11. They had a limited use-case, and do not work like people expect. They required either very old installs ([before mid-2019](https://github.com/NixOS/nixpkgs/pull/62462)) or customized builds out of scope of the standard and generic AArch64 support. That option set never supported the Raspberry Pi 4 family of devices. + +- `python3.pkgs.sequoia` was removed in favor of `python3.pkgs.pysequoia`. The latter package is based on upstream's dedicated repository for sequoia's Python bindings, where the Python bindings from [gitlab:sequoia-pgp/sequoia](https://gitlab.com/sequoia-pgp/sequoia) were removed long ago. + - `writeTextFile` now requires `executable` to be boolean, values like `null` or `""` will now fail to evaluate. - The latest version of `clonehero` now stores custom content in `~/.clonehero`. See the [migration instructions](https://clonehero.net/2022/11/29/v23-to-v1-migration-instructions.html). Typically, these content files would exist along side the binary, but the previous build used a wrapper script that would store them in `~/.config/unity3d/srylain Inc_/Clone Hero`. +- The `services.hostapd` module was rewritten to support `passwordFile` like options, WPA3-SAE, and management of multiple interfaces. This breaks compatibility with older configurations. + - `hostapd` is now started with additional systemd sandbox/hardening options for better security. + - `services.hostapd.interface` was replaced with a per-radio and per-bss configuration scheme using [services.hostapd.radios](#opt-services.hostapd.radios). + - `services.hostapd.wpa` has been replaced by [services.hostapd.radios.<name>.networks.<name>.authentication.wpaPassword](#opt-services.hostapd.radios._name_.networks._name_.authentication.wpaPassword) and [services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords](#opt-services.hostapd.radios._name_.networks._name_.authentication.saePasswords) which configure WPA2-PSK and WP3-SAE respectively. + - The default authentication has been changed to WPA3-SAE. Options for other (legacy) schemes are still available. + - `python3.pkgs.fetchPypi` (and `python3Packages.fetchPypi`) has been deprecated in favor of top-level `fetchPypi`. - `mariadb` now defaults to `mariadb_1011` instead of `mariadb_106`, meaning the default version was upgraded from 10.6.x to 10.11.x. See the [upgrade notes](https://mariadb.com/kb/en/upgrading-from-mariadb-10-6-to-mariadb-10-11/) for potential issues. +- `getent` has been moved from `glibc`'s `bin` output to its own dedicated output, reducing closure size for many dependents. Dependents using the `getent` alias should not be affected; others should move from using `glibc.bin` or `getBin glibc` to `getent` (which also improves compatibility with non-glibc platforms). + +- The `services.ananicy.extraRules` option now has the type of `listOf attrs` instead of `string`. + - `etcd` has been updated to 3.5, you will want to read the [3.3 to 3.4](https://etcd.io/docs/v3.5/upgrades/upgrade_3_4/) and [3.4 to 3.5](https://etcd.io/docs/v3.5/upgrades/upgrade_3_5/) upgrade guides +- `consul` has been updated to `1.16.0`. See the [release note](https://github.com/hashicorp/consul/releases/tag/v1.16.0) for more details. Once a new Consul version has started and upgraded its data directory, it generally cannot be downgraded to the previous version. + - `himalaya` has been updated to `0.8.0`, which drops the native TLS support (in favor of Rustls) and add OAuth 2.0 support. See the [release note](https://github.com/soywod/himalaya/releases/tag/v0.8.0) for more details. +- The [services.caddy.acmeCA](#opt-services.caddy.acmeCA) option now defaults to `null` instead of `"https://acme-v02.api.letsencrypt.org/directory"`, to use all of Caddy's default ACME CAs and enable Caddy's automatic issuer fallback feature by default, as recommended by upstream. + +- The default priorities of [`services.nextcloud.phpOptions`](#opt-services.nextcloud.phpOptions) have changed. This means that e.g. + `services.nextcloud.phpOptions."opcache.interned_strings_buffer" = "23";` doesn't discard all of the other defaults from this option + anymore. The attribute values of `phpOptions` are still defaults, these can be overridden as shown here. + + To override all of the options (including including `upload_max_filesize`, `post_max_size` + and `memory_limit` which all point to [`services.nextcloud.maxUploadSize`](#opt-services.nextcloud.maxUploadSize) + by default) can be done like this: + + ```nix + { + services.nextcloud.phpOptions = lib.mkForce { + /* ... */ + }; + } + ``` + +- `php80` is no longer supported due to upstream not supporting this version anymore. + +- PHP now defaults to PHP 8.2, updated from 8.1. + +- The ISC DHCP package and corresponding module have been removed, because they are end of life upstream. See https://www.isc.org/blogs/isc-dhcp-eol/ for details and switch to a different DHCP implementation like kea or dnsmasq. + - `util-linux` is now supported on Darwin and is no longer an alias to `unixtools`. Use the `unixtools.util-linux` package for access to the Apple variants of the utilities. +- `services.keyd` changed API. Now you can create multiple configuration files. + +- `services.ddclient` has been removed on the request of the upstream maintainer because it is unmaintained and has bugs. Please switch to a different software like `inadyn` or `knsupdate`. + +- The `vlock` program from the `kbd` package has been moved into its own package output and should now be referenced explicitly as `kbd.vlock` or replaced with an alternative such as the standalone `vlock` package or `physlock`. + - `fileSystems.<name>.autoFormat` now uses `systemd-makefs`, which does not accept formatting options. Therefore, `fileSystems.<name>.formatOptions` has been removed. - `fileSystems.<name>.autoResize` now uses `systemd-growfs` to resize the file system online in stage 2. This means that `f2fs` and `ext2` can no longer be auto resized, while `xfs` and `btrfs` now can be. +- The `services.vaultwarden.config` option default value was changed to make Vaultwarden only listen on localhost, following the [secure defaults for most NixOS services](https://github.com/NixOS/nixpkgs/issues/100192). + +- `services.lemmy.settings.federation` was removed in 0.17.0 and no longer has any effect. To enable federation, the hostname must be set in the configuration file and then federation must be enabled in the admin web UI. See the [release notes](https://github.com/LemmyNet/lemmy/blob/c32585b03429f0f76d1e4ff738786321a0a9df98/RELEASES.md#upgrade-instructions) for more details. + +- `pict-rs` was upgraded from 0.3 to 0.4 and contains an incompatible database & configuration change. To upgrade on systems with `stateVersion = "23.05";` or older follow the migration steps from https://git.asonix.dog/asonix/pict-rs#user-content-0-3-to-0-4-migration-guide and set `services.pict-rs.package = pkgs.pict-rs;`. + +- The following packages in `haskellPackages` have now a separate bin output: `cabal-fmt`, `calligraphy`, `eventlog2html`, `ghc-debug-brick`, `hindent`, `nixfmt`, `releaser`. This means you need to replace e.g. `"${pkgs.haskellPackages.nixfmt}/bin/nixfmt"` with `"${lib.getBin pkgs.haskellPackages.nixfmt}/bin/nixfmt"` or `"${lib.getExe pkgs.haskellPackages.nixfmt}"`. The binaries also won’t be in scope if you rely on them being installed e.g. via `ghcWithPackages`. `environment.packages` picks the `bin` output automatically, so for normal installation no intervention is required. Also, toplevel attributes like `pkgs.nixfmt` are not impacted negatively by this change. + +- `spamassassin` no longer supports the `Hashcash` module. The module needs to be removed from the `loadplugin` list if it was copied over from the default `initPreConf` option. + +- `services.outline.sequelizeArguments` has been removed, as `outline` no longer executes database migrations via the `sequelize` cli. + +- The binary of the package `cloud-sql-proxy` has changed from `cloud_sql_proxy` to `cloud-sql-proxy`. + +- The `woodpecker-*` CI packages have been updated to 1.0.0. This release is wildly incompatible with the 0.15.X versions that were previously packaged. Please read [upstream's documentation](https://woodpecker-ci.org/docs/next/migrations#100) to learn how to update your CI configurations. + +- The Caddy module gained a new option named `services.caddy.enableReload` which is enabled by default. It allows reloading the service instead of restarting it, if only a config file has changed. This option must be disabled if you have turned off the [Caddy admin API](https://caddyserver.com/docs/caddyfile/options#admin). If you keep this option enabled, you should consider setting [`grace_period`](https://caddyserver.com/docs/caddyfile/options#grace-period) to a non-infinite value to prevent Caddy from delaying the reload indefinitely. + +- mdraid support is now optional. This reduces initramfs size and prevents the potentially undesired automatic detection and activation of software RAID pools. It is disabled by default in new configurations (determined by `stateVersion`), but the appropriate settings will be generated by `nixos-generate-config` when installing to a software RAID device, so the standard installation procedure should be unaffected. If you have custom configs relying on mdraid, ensure that you use `stateVersion` correctly or set `boot.swraid.enable` manually. + +- The `go-ethereum` package has been updated to v1.12.0. This drops support for proof-of-work. Its GraphQL API now encodes all numeric values as hex strings and the GraphQL UI is updated to version 2.0. The default database has changed from `leveldb` to `pebble` but `leveldb` can be forced with the --db.engine=leveldb flag. The `checkpoint-admin` command was [removed along with trusted checkpoints](https://github.com/ethereum/go-ethereum/pull/27147). + +- The default `kops` version is now 1.27.0 and support for 1.24 and older has been dropped. + +- `pharo` has been updated to latest stable (PharoVM 10.0.5), which is compatible with the latest stable and oldstable images (Pharo 10 and 11). The VM in question is the 64bit Spur. The 32bit version has been dropped due to lack of maintenance. The Cog VM has been deleted because it is severily outdated. Finally, the `pharo-launcher` package has been deleted because it was not compatible with the newer VM, and due to lack of maintenance. + ## Other Notable Changes {#sec-release-23.11-notable-changes} - The Cinnamon module now enables XDG desktop integration by default. If you are experiencing collisions related to xdg-desktop-portal-gtk you can safely remove `xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];` from your NixOS configuration. +- `fontconfig` now defaults to using greyscale antialiasing instead of subpixel antialiasing because of a [recommendation from one of the downstreams](https://gitlab.freedesktop.org/fontconfig/fontconfig/-/issues/337). You can change this value by configuring [](#opt-fonts.fontconfig.subpixel.rgba) accordingly. + +- The latest available version of Nextcloud is v27 (available as `pkgs.nextcloud27`). The installation logic is as follows: + - If [`services.nextcloud.package`](#opt-services.nextcloud.package) is specified explicitly, this package will be installed (**recommended**) + - If [`system.stateVersion`](#opt-system.stateVersion) is >=23.11, `pkgs.nextcloud27` will be installed by default. + - If [`system.stateVersion`](#opt-system.stateVersion) is >=23.05, `pkgs.nextcloud26` will be installed by default. + - Please note that an upgrade from v25 (or older) to v27 directly is not possible. Please upgrade to `nextcloud26` (or earlier) first. Nextcloud prohibits skipping major versions while upgrading. You can upgrade by declaring [`services.nextcloud.package = pkgs.nextcloud26;`](options.html#opt-services.nextcloud.package). + +- New options were added to `services.searx` for better SearXNG support, including options for the built-in rate limiter and bot protection and automatically configuring a local redis server. + - A new option was added to the virtualisation module that enables specifying explicitly named network interfaces in QEMU VMs. The existing `virtualisation.vlans` is still supported for cases where the name of the network interface is irrelevant. +- DocBook option documentation is no longer supported, all module documentation now uses markdown. + +- `buildGoModule` `go-modules` attrs have been renamed to `goModules`. + +- The `fonts.fonts` and `fonts.enableDefaultFonts` options have been renamed to `fonts.packages` and `fonts.enableDefaultPackages` respectively. + +- `services.fail2ban.jails` can now be configured with attribute sets defining settings and filters instead of lines. The stringed options `daemonConfig` and `extraSettings` have respectively been replaced by `daemonSettings` and `jails.DEFAULT.settings` which use attribute sets. + +- The module [services.ankisyncd](#opt-services.ankisyncd.package) has been switched to [anki-sync-server-rs](https://github.com/ankicommunity/anki-sync-server-rs) from the old python version, which was difficult to update, had not been updated in a while, and did not support recent versions of anki. +Unfortunately all servers supporting new clients (newer version of anki-sync-server, anki's built in sync server and this new rust package) do not support the older sync protocol that was used in the old server, so such old clients will also need updating and in particular the anki package in nixpkgs is also being updated in this release. +The module update takes care of the new config syntax and the data itself (user login and cards) are compatible, so users of the module will be able to just log in again after updating both client and server without any extra action. + - `services.nginx` gained a `defaultListen` option at server-level with support for PROXY protocol listeners, also `proxyProtocol` is now exposed in `services.nginx.virtualHosts.<name>.listen` option. It is now possible to run PROXY listeners and non-PROXY listeners at a server-level, see [#213510](https://github.com/NixOS/nixpkgs/pull/213510/) for more details. + +- `services.prometheus.exporters` has a new exporter to monitor electrical power consumption based on PowercapRAPL sensor called [Scaphandre](https://github.com/hubblo-org/scaphandre), see [#239803](https://github.com/NixOS/nixpkgs/pull/239803) for more details. + +- The module `services.calibre-server` has new options to configure the `host`, `port`, `auth.enable`, `auth.mode` and `auth.userDb` path, see [#216497](https://github.com/NixOS/nixpkgs/pull/216497/) for more details. + +- `services.prometheus.exporters` has a new [exporter](https://github.com/hipages/php-fpm_exporter) to monitor PHP-FPM processes, see [#240394](https://github.com/NixOS/nixpkgs/pull/240394) for more details. + +- `programs.gnupg.agent.pinentryFlavor` is now set in `/etc/gnupg/gpg-agent.conf`, and will no longer take precedence over a `pinentry-program` set in `~/.gnupg/gpg-agent.conf`. + +- `wrapHelm` now exposes `passthru.pluginsDir` which can be passed to `helmfile`. For convenience, a top-level package `helmfile-wrapped` has been added, which inherits `passthru.pluginsDir` from `kubernetes-helm-wrapped`. See [#217768](https://github.com/NixOS/nixpkgs/issues/217768) for details. + +- `boot.initrd.network.udhcp.enable` allows control over dhcp during stage 1 regardless of what `networking.useDHCP` is set to. + +- Suricata was upgraded from 6.0 to 7.0 and no longer considers HTTP/2 support as experimental, see [upstream release notes](https://forum.suricata.io/t/suricata-7-0-0-released/3715) for more details. + +## Nixpkgs internals {#sec-release-23.11-nixpkgs-internals} + +- The use of `sourceRoot = "source";`, `sourceRoot = "source/subdir";`, and similar lines in package derivations using the default `unpackPhase` is deprecated as it requires `unpackPhase` to always produce a directory named "source". Use `sourceRoot = src.name`, `sourceRoot = "${src.name}/subdir";`, or `setSourceRoot = "sourceRoot=$(echo */subdir)";` or similar instead. + +- The `qemu-vm.nix` module by default now identifies block devices via + persistent names available in `/dev/disk/by-*`. Because the rootDevice is + identfied by its filesystem label, it needs to be formatted before the VM is + started. The functionality of automatically formatting the rootDevice in the + initrd is removed from the QEMU module. However, for tests that depend on + this functionality, a test utility for the scripted initrd is added + (`nixos/tests/common/auto-format-root-device.nix`). To use this in a NixOS + test, import the module, e.g. `imports = [ + ./common/auto-format-root-device.nix ];` When you use the systemd initrd, you + can automatically format the root device by setting + `virtualisation.fileSystems."/".autoFormat = true;`. diff --git a/nixpkgs/nixos/doc/manual/shell.nix b/nixpkgs/nixos/doc/manual/shell.nix new file mode 100644 index 000000000000..70500a12b037 --- /dev/null +++ b/nixpkgs/nixos/doc/manual/shell.nix @@ -0,0 +1,20 @@ +let + pkgs = import ../../.. { + config = {}; + overlays = []; + }; + + common = import ./common.nix; + inherit (common) outputPath indexPath; + + web-devmode = import ../../../pkgs/tools/nix/web-devmode.nix { + inherit pkgs; + buildArgs = "../../release.nix -A manualHTML.${builtins.currentSystem}"; + open = "/${outputPath}/${indexPath}"; + }; +in + pkgs.mkShell { + packages = [ + web-devmode + ]; + } |