diff --git a/doc/using/configuration.chapter.md b/doc/using/configuration.chapter.md index 0391af0f1760..e657cb21c295 100644 --- a/doc/using/configuration.chapter.md +++ b/doc/using/configuration.chapter.md @@ -73,7 +73,7 @@ There are also two ways to try compiling a package which has been marked as unsu } ``` -The difference between a package being unsupported on some system and being broken is admittedly a bit fuzzy. If a program *ought* to work on a certain platform, but doesn't, the platform should be included in `meta.platforms`, but marked as broken with e.g. `meta.broken = !hostPlatform.isWindows`. Of course, this begs the question of what \"ought\" means exactly. That is left to the package maintainer. +The difference between a package being unsupported on some system and being broken is admittedly a bit fuzzy. If a program *ought* to work on a certain platform, but doesn't, the platform should be included in `meta.platforms`, but marked as broken with e.g. `meta.broken = !hostPlatform.isWindows`. Of course, this begs the question of what "ought" means exactly. That is left to the package maintainer. ## Installing unfree packages {#sec-allow-unfree} diff --git a/nixos/doc/manual/configuration/kubernetes.chapter.md b/nixos/doc/manual/configuration/kubernetes.chapter.md index 5d7b083289d9..f39726090e43 100644 --- a/nixos/doc/manual/configuration/kubernetes.chapter.md +++ b/nixos/doc/manual/configuration/kubernetes.chapter.md @@ -17,7 +17,7 @@ services.kubernetes = { }; ``` -Another way is to assign cluster roles (\"master\" and/or \"node\") to +Another way is to assign cluster roles ("master" and/or "node") to the host. This enables apiserver, controllerManager, scheduler, addonManager, kube-proxy and etcd: diff --git a/nixos/doc/manual/configuration/xfce.chapter.md b/nixos/doc/manual/configuration/xfce.chapter.md index edfb7419c820..c331e63cfe54 100644 --- a/nixos/doc/manual/configuration/xfce.chapter.md +++ b/nixos/doc/manual/configuration/xfce.chapter.md @@ -46,7 +46,7 @@ Thunar:2410): GVFS-RemoteVolumeMonitor-WARNING **: remote volume monitor with db ``` This is caused by some needed GNOME services not running. This is all -fixed by enabling \"Launch GNOME services on startup\" in the Advanced +fixed by enabling "Launch GNOME services on startup" in the Advanced tab of the Session and Startup settings panel. Alternatively, you can run this command to do the same thing. diff --git a/nixos/doc/manual/from_md/configuration/kubernetes.chapter.xml b/nixos/doc/manual/from_md/configuration/kubernetes.chapter.xml index 1de19f64bdad..01bb5db3f832 100644 --- a/nixos/doc/manual/from_md/configuration/kubernetes.chapter.xml +++ b/nixos/doc/manual/from_md/configuration/kubernetes.chapter.xml @@ -21,8 +21,8 @@ services.kubernetes = { }; - Another way is to assign cluster roles ("master" and/or - "node") to the host. This enables apiserver, + Another way is to assign cluster roles (master and/or + node) to the host. This enables apiserver, controllerManager, scheduler, addonManager, kube-proxy and etcd: diff --git a/nixos/doc/manual/from_md/configuration/xfce.chapter.xml b/nixos/doc/manual/from_md/configuration/xfce.chapter.xml index 2deec20395e5..6b63b7d2390d 100644 --- a/nixos/doc/manual/from_md/configuration/xfce.chapter.xml +++ b/nixos/doc/manual/from_md/configuration/xfce.chapter.xml @@ -54,9 +54,10 @@ Thunar:2410): GVFS-RemoteVolumeMonitor-WARNING **: remote volume monitor with db This is caused by some needed GNOME services not running. This is - all fixed by enabling "Launch GNOME services on startup" - in the Advanced tab of the Session and Startup settings panel. - Alternatively, you can run this command to do the same thing. + all fixed by enabling Launch GNOME services on + startup in the Advanced tab of the Session and Startup + settings panel. Alternatively, you can run this command to do the + same thing. $ xfconf-query -c xfce4-session -p /compat/LaunchGNOME -s true diff --git a/nixos/doc/manual/from_md/installation/installing-from-other-distro.section.xml b/nixos/doc/manual/from_md/installation/installing-from-other-distro.section.xml index bcb8573f1b47..95be68659c04 100644 --- a/nixos/doc/manual/from_md/installation/installing-from-other-distro.section.xml +++ b/nixos/doc/manual/from_md/installation/installing-from-other-distro.section.xml @@ -290,12 +290,12 @@ $ sudo chown -R 0:0 /nix Support for NIXOS_LUSTRATE was added in - NixOS 16.09. The act of "lustrating" refers to the - wiping of the existing distribution. Creating + NixOS 16.09. The act of lustrating refers to + the wiping of the existing distribution. Creating /etc/NIXOS_LUSTRATE can also be used on NixOS to remove all mutable files from your root partition (anything that’s not in /nix or - /boot gets "lustrated" on the + /boot gets lustrated on the next boot. diff --git a/nixos/doc/manual/from_md/installation/installing-usb.section.xml b/nixos/doc/manual/from_md/installation/installing-usb.section.xml index e89d812ecc77..cb0fd95bc7c5 100644 --- a/nixos/doc/manual/from_md/installation/installing-usb.section.xml +++ b/nixos/doc/manual/from_md/installation/installing-usb.section.xml @@ -110,9 +110,9 @@ diskutil unmountDisk diskX sudo dd if=<path-to-image> of=/dev/rdiskX bs=4m - After dd completes, a GUI dialog "The disk - you inserted was not readable by this computer" will pop up, - which can be ignored. + After dd completes, a GUI dialog The + disk you inserted was not readable by this computer will + pop up, which can be ignored. diff --git a/nixos/doc/manual/from_md/installation/installing-virtualbox-guest.section.xml b/nixos/doc/manual/from_md/installation/installing-virtualbox-guest.section.xml index 8b82a617e7f5..36e04e49e033 100644 --- a/nixos/doc/manual/from_md/installation/installing-virtualbox-guest.section.xml +++ b/nixos/doc/manual/from_md/installation/installing-virtualbox-guest.section.xml @@ -11,8 +11,8 @@ - Add a New Machine in VirtualBox with OS Type "Linux / Other - Linux" + Add a New Machine in VirtualBox with OS Type Linux / + Other Linux @@ -38,7 +38,7 @@ Click on Settings / System / Acceleration and enable - "VT-x/AMD-V" acceleration + VT-x/AMD-V acceleration @@ -71,7 +71,7 @@ boot.initrd.checkJournalingFS = false; Shared folders can be given a name and a path in the host system in the VirtualBox settings (Machine / Settings / Shared Folders, then - click on the "Add" icon). Add the following to the + click on the Add icon). Add the following to the /etc/nixos/configuration.nix to auto-mount them. If you do not add "nofail", the system will not boot properly. diff --git a/nixos/doc/manual/from_md/release-notes/rl-1509.section.xml b/nixos/doc/manual/from_md/release-notes/rl-1509.section.xml index 8b9ab5a544ce..2420747da08e 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-1509.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-1509.section.xml @@ -9,7 +9,7 @@ The Haskell packages infrastructure has been re-designed from the ground up - ("Haskell NG"). NixOS now distributes the latest + (Haskell NG). NixOS now distributes the latest version of every single package registered on Hackage -- well in excess of 8,000 Haskell packages. Detailed instructions @@ -23,8 +23,8 @@ Haskell release since version 0.0 as well as the most recent Stackage Nightly snapshot. The announcement - "Full - Stackage Support in Nixpkgs" gives additional + Full + Stackage Support in Nixpkgs gives additional details. @@ -534,9 +534,9 @@ - "nix-env -qa" no longer discovers - Haskell packages by name. The only packages visible in the - global scope are ghc, + nix-env -qa no longer + discovers Haskell packages by name. The only packages visible in + the global scope are ghc, cabal-install, and stack, but all other packages are hidden. The reason for this inconvenience is the sheer size of the Haskell package set. diff --git a/nixos/doc/manual/from_md/release-notes/rl-1603.section.xml b/nixos/doc/manual/from_md/release-notes/rl-1603.section.xml index dd869dcb7562..bdb58ab8e493 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-1603.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-1603.section.xml @@ -632,8 +632,8 @@ error: path ‘/nix/store/*-broadcom-sta-*’ does not exist and cannot be creat The services.xserver.startGnuPGAgent option has been removed. GnuPG 2.1.x changed the way the gpg-agent works, and that new approach no longer requires (or even - supports) the "start everything as a child of the - agent" scheme we’ve implemented in NixOS for older + supports) the start everything as a child of the + agent scheme we’ve implemented in NixOS for older versions. To configure the gpg-agent for your X session, add the following code to ~/.bashrc or some file that’s sourced when your shell is started: @@ -670,7 +670,7 @@ export GPG_TTY The gpg-agent(1) man page has more details - about this subject, i.e. in the "EXAMPLES" section. + about this subject, i.e. in the EXAMPLES section. diff --git a/nixos/doc/manual/from_md/release-notes/rl-1803.section.xml b/nixos/doc/manual/from_md/release-notes/rl-1803.section.xml index 6c2a7344f900..7e32c6f0cfdc 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-1803.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-1803.section.xml @@ -495,11 +495,11 @@ The propagation logic has been changed. The new logic, along with new types of dependencies that go with, is thoroughly - documented in the "Specifying dependencies" section - of the "Standard Environment" chapter of the nixpkgs - manual. The old logic isn’t but is easy to describe: - dependencies were propagated as the same type of dependency no - matter what. In practice, that means that many + documented in the Specifying dependencies + section of the Standard Environment chapter of + the nixpkgs manual. The old logic isn’t but is easy to + describe: dependencies were propagated as the same type of + dependency no matter what. In practice, that means that many propagatedNativeBuildInputs should instead be propagatedBuildInputs. Thankfully, that was and is the least used type of dependency. Also, it means diff --git a/nixos/doc/manual/from_md/release-notes/rl-1903.section.xml b/nixos/doc/manual/from_md/release-notes/rl-1903.section.xml index a876cad30c54..b932f3da9ebd 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-1903.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-1903.section.xml @@ -342,7 +342,7 @@ preserved when also setting interface specific rules such as networking.firewall.interfaces.en0.allow*. These rules continue to use the pseudo device - "default" + default (networking.firewall.interfaces.default.*), and assigning to this pseudo device will override the (networking.firewall.allow*) options. diff --git a/nixos/doc/manual/from_md/release-notes/rl-1909.section.xml b/nixos/doc/manual/from_md/release-notes/rl-1909.section.xml index f8b8129cfe49..3bf83e1eccbd 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-1909.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-1909.section.xml @@ -746,9 +746,9 @@ services.gitlab.secrets.jwsFile). This was done so that secrets aren’t stored in the world-readable nix store, but means that for each option you’ll have to create a - file with the same exact string, add "File" to the - end of the option name, and change the definition to a string - pointing to the corresponding file; e.g. + file with the same exact string, add File to + the end of the option name, and change the definition to a + string pointing to the corresponding file; e.g. services.gitlab.databasePassword = "supersecurepassword" becomes services.gitlab.databasePasswordFile = "/path/to/secret_file" diff --git a/nixos/doc/manual/from_md/release-notes/rl-2009.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2009.section.xml index 4ba5406d97a5..a912702814f2 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2009.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2009.section.xml @@ -1472,8 +1472,8 @@ $ sudo /run/current-system/fine-tune/child-1/bin/switch-to-configuration test The base package has also been upgraded to the 2020-07-29 - "Hogfather" release. Plugins might be incompatible - or require upgrading. + Hogfather release. Plugins might be + incompatible or require upgrading. @@ -1736,11 +1736,11 @@ CREATE ROLE postgres LOGIN SUPERUSER; - The cc- and binutils-wrapper’s "infix salt" and + The cc- and binutils-wrapper’s infix salt and _BUILD_ and _TARGET_ - user infixes have been replaced with with a "suffix - salt" and suffixes and _FOR_BUILD and - _FOR_TARGET. This matches the autotools + user infixes have been replaced with with a suffix + salt and suffixes and _FOR_BUILD + and _FOR_TARGET. This matches the autotools convention for env vars which standard for these things, making interfacing with other tools easier. diff --git a/nixos/doc/manual/from_md/release-notes/rl-2105.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2105.section.xml index 3f84323f3a41..0a0cbe2790bd 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2105.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2105.section.xml @@ -235,8 +235,8 @@ The networking.wireless.iwd module now installs the upstream-provided 80-iwd.link file, which sets - the NamePolicy= for all wlan devices to "keep - kernel", to avoid race conditions between iwd and + the NamePolicy= for all wlan devices to keep + kernel, to avoid race conditions between iwd and networkd. If you don’t want this, you can set systemd.network.links."80-iwd" = lib.mkForce {}. @@ -1027,7 +1027,7 @@ self: super: Kodi has been - updated to version 19.1 "Matrix". See the + updated to version 19.1 Matrix. See the announcement for further details. @@ -1298,7 +1298,8 @@ self: super: The zookeeper package does not provide zooInspector.sh anymore, as that - "contrib" has been dropped from upstream releases. + contrib has been dropped from upstream + releases. diff --git a/nixos/doc/manual/installation/installing-from-other-distro.section.md b/nixos/doc/manual/installation/installing-from-other-distro.section.md index 662918e2f797..921592fe5357 100644 --- a/nixos/doc/manual/installation/installing-from-other-distro.section.md +++ b/nixos/doc/manual/installation/installing-from-other-distro.section.md @@ -201,10 +201,10 @@ The first steps to all these are the same: ::: {.note} Support for `NIXOS_LUSTRATE` was added in NixOS 16.09. The act of - \"lustrating\" refers to the wiping of the existing distribution. + "lustrating" refers to the wiping of the existing distribution. Creating `/etc/NIXOS_LUSTRATE` can also be used on NixOS to remove all mutable files from your root partition (anything that's not in - `/nix` or `/boot` gets \"lustrated\" on the next boot. + `/nix` or `/boot` gets "lustrated" on the next boot. lustrate /ˈlʌstreɪt/ verb. diff --git a/nixos/doc/manual/installation/installing-usb.section.md b/nixos/doc/manual/installation/installing-usb.section.md index 3f026fea2820..adfe22ea2f00 100644 --- a/nixos/doc/manual/installation/installing-usb.section.md +++ b/nixos/doc/manual/installation/installing-usb.section.md @@ -56,8 +56,8 @@ select the image, select the USB flash drive and click "Write". sudo dd if= of=/dev/rdiskX bs=4m ``` - After `dd` completes, a GUI dialog \"The disk - you inserted was not readable by this computer\" will pop up, which can + After `dd` completes, a GUI dialog "The disk + you inserted was not readable by this computer" will pop up, which can be ignored. ::: {.note} diff --git a/nixos/doc/manual/installation/installing-virtualbox-guest.section.md b/nixos/doc/manual/installation/installing-virtualbox-guest.section.md index c3bbfe12152e..004838e586be 100644 --- a/nixos/doc/manual/installation/installing-virtualbox-guest.section.md +++ b/nixos/doc/manual/installation/installing-virtualbox-guest.section.md @@ -6,7 +6,7 @@ use a pre-made VirtualBox appliance, it is available at [the downloads page](https://nixos.org/nixos/download.html). If you want to set up a VirtualBox guest manually, follow these instructions: -1. Add a New Machine in VirtualBox with OS Type \"Linux / Other Linux\" +1. Add a New Machine in VirtualBox with OS Type "Linux / Other Linux" 1. Base Memory Size: 768 MB or higher. @@ -16,7 +16,7 @@ VirtualBox guest manually, follow these instructions: 1. Click on Settings / System / Processor and enable PAE/NX -1. Click on Settings / System / Acceleration and enable \"VT-x/AMD-V\" +1. Click on Settings / System / Acceleration and enable "VT-x/AMD-V" acceleration 1. Click on Settings / Display / Screen and select VMSVGA as Graphics @@ -41,7 +41,7 @@ boot.initrd.checkJournalingFS = false; Shared folders can be given a name and a path in the host system in the VirtualBox settings (Machine / Settings / Shared Folders, then click on -the \"Add\" icon). Add the following to the +the "Add" icon). Add the following to the `/etc/nixos/configuration.nix` to auto-mount them. If you do not add `"nofail"`, the system will not boot properly. diff --git a/nixos/doc/manual/release-notes/rl-1509.section.md b/nixos/doc/manual/release-notes/rl-1509.section.md index 9b9adc5a1d92..1422ae4c299c 100644 --- a/nixos/doc/manual/release-notes/rl-1509.section.md +++ b/nixos/doc/manual/release-notes/rl-1509.section.md @@ -2,7 +2,7 @@ In addition to numerous new and upgraded packages, this release has the following highlights: -- The [Haskell](http://haskell.org/) packages infrastructure has been re-designed from the ground up (\"Haskell NG\"). NixOS now distributes the latest version of every single package registered on [Hackage](http://hackage.haskell.org/) \-- well in excess of 8,000 Haskell packages. Detailed instructions on how to use that infrastructure can be found in the [User's Guide to the Haskell Infrastructure](https://nixos.org/nixpkgs/manual/#users-guide-to-the-haskell-infrastructure). Users migrating from an earlier release may find helpful information below, in the list of backwards-incompatible changes. Furthermore, we distribute 51(!) additional Haskell package sets that provide every single [LTS Haskell](http://www.stackage.org/) release since version 0.0 as well as the most recent [Stackage Nightly](http://www.stackage.org/) snapshot. The announcement [\"Full Stackage Support in Nixpkgs\"](https://nixos.org/nix-dev/2015-September/018138.html) gives additional details. +- The [Haskell](http://haskell.org/) packages infrastructure has been re-designed from the ground up ("Haskell NG"). NixOS now distributes the latest version of every single package registered on [Hackage](http://hackage.haskell.org/) \-- well in excess of 8,000 Haskell packages. Detailed instructions on how to use that infrastructure can be found in the [User's Guide to the Haskell Infrastructure](https://nixos.org/nixpkgs/manual/#users-guide-to-the-haskell-infrastructure). Users migrating from an earlier release may find helpful information below, in the list of backwards-incompatible changes. Furthermore, we distribute 51(!) additional Haskell package sets that provide every single [LTS Haskell](http://www.stackage.org/) release since version 0.0 as well as the most recent [Stackage Nightly](http://www.stackage.org/) snapshot. The announcement ["Full Stackage Support in Nixpkgs"](https://nixos.org/nix-dev/2015-September/018138.html) gives additional details. - Nix has been updated to version 1.10, which among other improvements enables cryptographic signatures on binary caches for improved security. @@ -203,7 +203,7 @@ The new option `system.stateVersion` ensures that certain configuration changes } ``` -- \"`nix-env -qa`\" no longer discovers Haskell packages by name. The only packages visible in the global scope are `ghc`, `cabal-install`, and `stack`, but all other packages are hidden. The reason for this inconvenience is the sheer size of the Haskell package set. Name-based lookups are expensive, and most `nix-env -qa` operations would become much slower if we'd add the entire Hackage database into the top level attribute set. Instead, the list of Haskell packages can be displayed by running: +- "`nix-env -qa`" no longer discovers Haskell packages by name. The only packages visible in the global scope are `ghc`, `cabal-install`, and `stack`, but all other packages are hidden. The reason for this inconvenience is the sheer size of the Haskell package set. Name-based lookups are expensive, and most `nix-env -qa` operations would become much slower if we'd add the entire Hackage database into the top level attribute set. Instead, the list of Haskell packages can be displayed by running: ```ShellSession nix-env -f "" -qaP -A haskellPackages diff --git a/nixos/doc/manual/release-notes/rl-1603.section.md b/nixos/doc/manual/release-notes/rl-1603.section.md index 471454345f8a..532a16f937b0 100644 --- a/nixos/doc/manual/release-notes/rl-1603.section.md +++ b/nixos/doc/manual/release-notes/rl-1603.section.md @@ -246,7 +246,7 @@ When upgrading from a previous release, please be aware of the following incompa you should either re-run `nixos-generate-config` or manually replace `"${config.boot.kernelPackages.broadcom_sta}"` by `config.boot.kernelPackages.broadcom_sta` in your `/etc/nixos/hardware-configuration.nix`. More discussion is on [ the github issue](https://github.com/NixOS/nixpkgs/pull/12595). -- The `services.xserver.startGnuPGAgent` option has been removed. GnuPG 2.1.x changed the way the gpg-agent works, and that new approach no longer requires (or even supports) the \"start everything as a child of the agent\" scheme we've implemented in NixOS for older versions. To configure the gpg-agent for your X session, add the following code to `~/.bashrc` or some file that's sourced when your shell is started: +- The `services.xserver.startGnuPGAgent` option has been removed. GnuPG 2.1.x changed the way the gpg-agent works, and that new approach no longer requires (or even supports) the "start everything as a child of the agent" scheme we've implemented in NixOS for older versions. To configure the gpg-agent for your X session, add the following code to `~/.bashrc` or some file that's sourced when your shell is started: ```shell GPG_TTY=$(tty) @@ -273,7 +273,7 @@ When upgrading from a previous release, please be aware of the following incompa gpg --import ~/.gnupg/secring.gpg ``` - The `gpg-agent(1)` man page has more details about this subject, i.e. in the \"EXAMPLES\" section. + The `gpg-agent(1)` man page has more details about this subject, i.e. in the "EXAMPLES" section. Other notable improvements: diff --git a/nixos/doc/manual/release-notes/rl-1803.section.md b/nixos/doc/manual/release-notes/rl-1803.section.md index 287b56286e55..681894eb13ec 100644 --- a/nixos/doc/manual/release-notes/rl-1803.section.md +++ b/nixos/doc/manual/release-notes/rl-1803.section.md @@ -176,7 +176,7 @@ When upgrading from a previous release, please be aware of the following incompa - `cc-wrapper` has been split in two; there is now also a `bintools-wrapper`. The most commonly used files in `nix-support` are now split between the two wrappers. Some commonly used ones, like `nix-support/dynamic-linker`, are duplicated for backwards compatability, even though they rightly belong only in `bintools-wrapper`. Other more obscure ones are just moved. -- The propagation logic has been changed. The new logic, along with new types of dependencies that go with, is thoroughly documented in the \"Specifying dependencies\" section of the \"Standard Environment\" chapter of the nixpkgs manual. The old logic isn't but is easy to describe: dependencies were propagated as the same type of dependency no matter what. In practice, that means that many `propagatedNativeBuildInputs` should instead be `propagatedBuildInputs`. Thankfully, that was and is the least used type of dependency. Also, it means that some `propagatedBuildInputs` should instead be `depsTargetTargetPropagated`. Other types dependencies should be unaffected. +- The propagation logic has been changed. The new logic, along with new types of dependencies that go with, is thoroughly documented in the "Specifying dependencies" section of the "Standard Environment" chapter of the nixpkgs manual. The old logic isn't but is easy to describe: dependencies were propagated as the same type of dependency no matter what. In practice, that means that many `propagatedNativeBuildInputs` should instead be `propagatedBuildInputs`. Thankfully, that was and is the least used type of dependency. Also, it means that some `propagatedBuildInputs` should instead be `depsTargetTargetPropagated`. Other types dependencies should be unaffected. - `lib.addPassthru drv passthru` is removed. Use `lib.extendDerivation true passthru drv` instead. diff --git a/nixos/doc/manual/release-notes/rl-1903.section.md b/nixos/doc/manual/release-notes/rl-1903.section.md index 14bd60e18d51..b43518c471fd 100644 --- a/nixos/doc/manual/release-notes/rl-1903.section.md +++ b/nixos/doc/manual/release-notes/rl-1903.section.md @@ -89,7 +89,7 @@ When upgrading from a previous release, please be aware of the following incompa - The option `services.xserver.displayManager.job.logToFile` which was previously set to `true` when using the display managers `lightdm`, `sddm` or `xpra` has been reset to the default value (`false`). -- Network interface indiscriminate NixOS firewall options (`networking.firewall.allow*`) are now preserved when also setting interface specific rules such as `networking.firewall.interfaces.en0.allow*`. These rules continue to use the pseudo device \"default\" (`networking.firewall.interfaces.default.*`), and assigning to this pseudo device will override the (`networking.firewall.allow*`) options. +- Network interface indiscriminate NixOS firewall options (`networking.firewall.allow*`) are now preserved when also setting interface specific rules such as `networking.firewall.interfaces.en0.allow*`. These rules continue to use the pseudo device "default" (`networking.firewall.interfaces.default.*`), and assigning to this pseudo device will override the (`networking.firewall.allow*`) options. - The `nscd` service now disables all caching of `passwd` and `group` databases by default. This was interferring with the correct functioning of the `libnss_systemd.so` module which is used by `systemd` to manage uids and usernames in the presence of `DynamicUser=` in systemd services. This was already the default behaviour in presence of `services.sssd.enable = true` because nscd caching would interfere with `sssd` in unpredictable ways as well. Because we're using nscd not for caching, but for convincing glibc to find NSS modules in the nix store instead of an absolute path, we have decided to disable caching globally now, as it's usually not the behaviour the user wants and can lead to surprising behaviour. Furthermore, negative caching of host lookups is also disabled now by default. This should fix the issue of dns lookups failing in the presence of an unreliable network. diff --git a/nixos/doc/manual/release-notes/rl-1909.section.md b/nixos/doc/manual/release-notes/rl-1909.section.md index 8be39c0abd89..428352388193 100644 --- a/nixos/doc/manual/release-notes/rl-1909.section.md +++ b/nixos/doc/manual/release-notes/rl-1909.section.md @@ -210,7 +210,7 @@ When upgrading from a previous release, please be aware of the following incompa - Citrix Receiver (`citrix_receiver`) has been dropped in favor of Citrix Workspace (`citrix_workspace`). -- The `services.gitlab` module has had its literal secret options (`services.gitlab.smtp.password`, `services.gitlab.databasePassword`, `services.gitlab.initialRootPassword`, `services.gitlab.secrets.secret`, `services.gitlab.secrets.db`, `services.gitlab.secrets.otp` and `services.gitlab.secrets.jws`) replaced by file-based versions (`services.gitlab.smtp.passwordFile`, `services.gitlab.databasePasswordFile`, `services.gitlab.initialRootPasswordFile`, `services.gitlab.secrets.secretFile`, `services.gitlab.secrets.dbFile`, `services.gitlab.secrets.otpFile` and `services.gitlab.secrets.jwsFile`). This was done so that secrets aren't stored in the world-readable nix store, but means that for each option you'll have to create a file with the same exact string, add \"File\" to the end of the option name, and change the definition to a string pointing to the corresponding file; e.g. `services.gitlab.databasePassword = "supersecurepassword"` becomes `services.gitlab.databasePasswordFile = "/path/to/secret_file"` where the file `secret_file` contains the string `supersecurepassword`. +- The `services.gitlab` module has had its literal secret options (`services.gitlab.smtp.password`, `services.gitlab.databasePassword`, `services.gitlab.initialRootPassword`, `services.gitlab.secrets.secret`, `services.gitlab.secrets.db`, `services.gitlab.secrets.otp` and `services.gitlab.secrets.jws`) replaced by file-based versions (`services.gitlab.smtp.passwordFile`, `services.gitlab.databasePasswordFile`, `services.gitlab.initialRootPasswordFile`, `services.gitlab.secrets.secretFile`, `services.gitlab.secrets.dbFile`, `services.gitlab.secrets.otpFile` and `services.gitlab.secrets.jwsFile`). This was done so that secrets aren't stored in the world-readable nix store, but means that for each option you'll have to create a file with the same exact string, add "File" to the end of the option name, and change the definition to a string pointing to the corresponding file; e.g. `services.gitlab.databasePassword = "supersecurepassword"` becomes `services.gitlab.databasePasswordFile = "/path/to/secret_file"` where the file `secret_file` contains the string `supersecurepassword`. The state path (`services.gitlab.statePath`) now has the following restriction: no parent directory can be owned by any other user than `root` or the user specified in `services.gitlab.user`; i.e. if `services.gitlab.statePath` is set to `/var/lib/gitlab/state`, `gitlab` and all parent directories must be owned by either `root` or the user specified in `services.gitlab.user`. diff --git a/nixos/doc/manual/release-notes/rl-2009.section.md b/nixos/doc/manual/release-notes/rl-2009.section.md index 97d0753d7549..6995ef1d406c 100644 --- a/nixos/doc/manual/release-notes/rl-2009.section.md +++ b/nixos/doc/manual/release-notes/rl-2009.section.md @@ -522,7 +522,7 @@ When upgrading from a previous release, please be aware of the following incompa } ``` - The base package has also been upgraded to the 2020-07-29 \"Hogfather\" release. Plugins might be incompatible or require upgrading. + The base package has also been upgraded to the 2020-07-29 "Hogfather" release. Plugins might be incompatible or require upgrading. - The [services.postgresql.dataDir](options.html#opt-services.postgresql.dataDir) option is now set to `"/var/lib/postgresql/${cfg.package.psqlSchema}"` regardless of your [system.stateVersion](options.html#opt-system.stateVersion). Users with an existing postgresql install that have a [system.stateVersion](options.html#opt-system.stateVersion) of `17.03` or below should double check what the value of their [services.postgresql.dataDir](options.html#opt-services.postgresql.dataDir) option is (`/var/db/postgresql`) and then explicitly set this value to maintain compatibility: @@ -590,7 +590,7 @@ When upgrading from a previous release, please be aware of the following incompa Please note that Rust packages utilizing a custom build/install procedure (e.g. by using a `Makefile`) or test suites that rely on the structure of the `target/` directory may break due to those assumptions. For further information, please read the Rust section in the Nixpkgs manual. -- The cc- and binutils-wrapper's \"infix salt\" and `_BUILD_` and `_TARGET_` user infixes have been replaced with with a \"suffix salt\" and suffixes and `_FOR_BUILD` and `_FOR_TARGET`. This matches the autotools convention for env vars which standard for these things, making interfacing with other tools easier. +- The cc- and binutils-wrapper's "infix salt" and `_BUILD_` and `_TARGET_` user infixes have been replaced with with a "suffix salt" and suffixes and `_FOR_BUILD` and `_FOR_TARGET`. This matches the autotools convention for env vars which standard for these things, making interfacing with other tools easier. - Additional Git documentation (HTML and text files) is now available via the `git-doc` package. diff --git a/nixos/doc/manual/release-notes/rl-2105.section.md b/nixos/doc/manual/release-notes/rl-2105.section.md index ade08f9f0e29..6244d79e7e78 100644 --- a/nixos/doc/manual/release-notes/rl-2105.section.md +++ b/nixos/doc/manual/release-notes/rl-2105.section.md @@ -68,7 +68,7 @@ When upgrading from a previous release, please be aware of the following incompa - If the `services.dbus` module is enabled, then the user D-Bus session is now always socket activated. The associated options `services.dbus.socketActivated` and `services.xserver.startDbusSession` have therefore been removed and you will receive a warning if they are present in your configuration. This change makes the user D-Bus session available also for non-graphical logins. -- The `networking.wireless.iwd` module now installs the upstream-provided 80-iwd.link file, which sets the NamePolicy= for all wlan devices to \"keep kernel\", to avoid race conditions between iwd and networkd. If you don't want this, you can set `systemd.network.links."80-iwd" = lib.mkForce {}`. +- The `networking.wireless.iwd` module now installs the upstream-provided 80-iwd.link file, which sets the NamePolicy= for all wlan devices to "keep kernel", to avoid race conditions between iwd and networkd. If you don't want this, you can set `systemd.network.links."80-iwd" = lib.mkForce {}`. - `rubyMinimal` was removed due to being unused and unusable. The default ruby interpreter includes JIT support, which makes it reference it's compiler. Since JIT support is probably needed by some Gems, it was decided to enable this feature with all cc references by default, and allow to build a Ruby derivation without references to cc, by setting `jitSupport = false;` in an overlay. See [\#90151](https://github.com/NixOS/nixpkgs/pull/90151) for more info. @@ -300,7 +300,7 @@ When upgrading from a previous release, please be aware of the following incompa Regarding the NixOS module, new options for HTTPS inspection have been added and `services.privoxy.extraConfig` has been replaced by the new [services.privoxy.settings](options.html#opt-services.privoxy.settings) (See [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) for the motivation). -- [Kodi](https://kodi.tv/) has been updated to version 19.1 \"Matrix\". See the [announcement](https://kodi.tv/article/kodi-19-0-matrix-release) for further details. +- [Kodi](https://kodi.tv/) has been updated to version 19.1 "Matrix". See the [announcement](https://kodi.tv/article/kodi-19-0-matrix-release) for further details. - The `services.packagekit.backend` option has been removed as it only supported a single setting which would always be the default. Instead new [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) compliant [services.packagekit.settings](options.html#opt-services.packagekit.settings) and [services.packagekit.vendorSettings](options.html#opt-services.packagekit.vendorSettings) options have been introduced. @@ -367,7 +367,7 @@ When upgrading from a previous release, please be aware of the following incompa - GNOME users may wish to delete their `~/.config/pulse` due to the changes to stream routing logic. See [PulseAudio bug 832](https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/issues/832) for more information. -- The zookeeper package does not provide `zooInspector.sh` anymore, as that \"contrib\" has been dropped from upstream releases. +- The zookeeper package does not provide `zooInspector.sh` anymore, as that "contrib" has been dropped from upstream releases. - In the ACME module, the data used to build the hash for the account directory has changed to accommodate new features to reduce account rate limit issues. This will trigger new account creation on the first rebuild following this update. No issues are expected to arise from this, thanks to the new account creation handling.