diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/nixos/doc')
18 files changed, 1379 insertions, 267 deletions
diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/README b/infra/libkookie/nixpkgs/nixos/doc/manual/README index 587f6275197a..120c127d7af2 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/README +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/README @@ -1,12 +1,3 @@ -To build the manual, you need Nix installed on your system (no need -for NixOS). To install Nix, follow the instructions at +Moved to: ./contributing-to-this-manual.xml. Link: - https://nixos.org/nix/download.html - -When you have Nix on your system, in the root directory of the project -(i.e., `nixpkgs`), run: - - nix-build nixos/release.nix -A manual.x86_64-linux - -When this command successfully finishes, it will tell you where the -manual got generated. +https://nixos.org/manual/nixos/unstable/#chap-contributing diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/administration/service-mgmt.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/administration/service-mgmt.xml index 1c5d48a5bcf0..863b0d47f6c7 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/administration/service-mgmt.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/administration/service-mgmt.xml @@ -6,7 +6,7 @@ <title>Service Management</title> <para> In NixOS, all system services are started and monitored using the systemd - program. Systemd is the “init” process of the system (i.e. PID 1), the + program. systemd is the “init” process of the system (i.e. PID 1), the parent of all other processes. It manages a set of so-called “units”, which can be things like system services (programs), but also mount points, swap files, devices, targets (groups of units) and more. Units can have @@ -16,10 +16,17 @@ dependencies of this unit cause all system services to be started, file systems to be mounted, swap files to be activated, and so on. </para> - <para> - The command <command>systemctl</command> is the main way to interact with - <command>systemd</command>. Without any arguments, it shows the status of - active units: + <section xml:id="sect-nixos-systemd-general"> + <title>Interacting with a running systemd</title> + <para> + The command <command>systemctl</command> is the main way to interact with + <command>systemd</command>. The following paragraphs demonstrate ways to + interact with any OS running systemd as init system. NixOS is of no + exception. The <link xlink:href="#sect-nixos-systemd-nixos">next section + </link> explains NixOS specific things worth knowing. + </para> + <para> + Without any arguments, <literal>systmctl</literal> the status of active units: <screen> <prompt>$ </prompt>systemctl -.mount loaded active mounted / @@ -28,10 +35,10 @@ sshd.service loaded active running SSH Daemon graphical.target loaded active active Graphical Interface <replaceable>...</replaceable> </screen> - </para> - <para> - You can ask for detailed status information about a unit, for instance, the - PostgreSQL database service: + </para> + <para> + You can ask for detailed status information about a unit, for instance, the + PostgreSQL database service: <screen> <prompt>$ </prompt>systemctl status postgresql.service postgresql.service - PostgreSQL Server @@ -62,11 +69,72 @@ Jan 07 15:55:57 hagbard systemd[1]: Started PostgreSQL Server. <prompt># </prompt>systemctl start postgresql.service <prompt># </prompt>systemctl restart postgresql.service </screen> - These operations are synchronous: they wait until the service has finished - starting or stopping (or has failed). Starting a unit will cause the - dependencies of that unit to be started as well (if necessary). - </para> -<!-- - cgroups: each service and user session is a cgroup + These operations are synchronous: they wait until the service has finished + starting or stopping (or has failed). Starting a unit will cause the + dependencies of that unit to be started as well (if necessary). + </para> + <!-- TODO: document cgroups, draft: + each service and user session is a cgroup -- cgroup resource management --> + - cgroup resource management --> + </section> + <section xml:id="sect-nixos-systemd-nixos"> + <title>systemd in NixOS</title> + <para> + Packages in Nixpkgs sometimes provide systemd units with them, usually in + e.g <literal>#pkg-out#/lib/systemd/</literal>. Putting such a package in + <literal>environment.systemPackages</literal> doesn't make the service + available to users or the system. + </para> + <para> + In order to enable a systemd <emphasis>system</emphasis> service with + provided upstream package, use (e.g): +<programlisting> +<xref linkend="opt-systemd.packages"/> = [ pkgs.packagekit ]; +</programlisting> + </para> + <para> + Usually NixOS modules written by the community do the above, plus take care of + other details. If a module was written for a service you are interested in, + you'd probably need only to use + <literal>services.#name#.enable = true;</literal>. These services are defined + in Nixpkgs' + <link xlink:href="https://github.com/NixOS/nixpkgs/tree/master/nixos/modules"> + <literal>nixos/modules/</literal> directory </link>. In case the service is + simple enough, the above method should work, and start the service on boot. + </para> + <para> + <emphasis>User</emphasis> systemd services on the other hand, should be + treated differently. Given a package that has a systemd unit file at + <literal>#pkg-out#/lib/systemd/user/</literal>, using + <xref linkend="opt-systemd.packages"/> will make you able to start the service via + <literal>systemctl --user start</literal>, but it won't start automatically on login. + <!-- TODO: Document why systemd.packages doesn't work for user services or fix this. + https://github.com/NixOS/nixpkgs/blob/2cd6594a8710a801038af2b72348658f732ce84a/nixos/modules/system/boot/systemd-lib.nix#L177-L198 + + This has been talked over at https://discourse.nixos.org/t/how-to-enable-upstream-systemd-user-services-declaratively/7649/5 + --> + However, You can imperatively enable it by adding the package's attribute to + <link linkend="opt-environment.systemPackages"> + <literal>systemd.packages</literal></link> and then do this (e.g): +<screen> +<prompt>$ </prompt>mkdir -p ~/.config/systemd/user/default.target.wants +<prompt>$ </prompt>ln -s /run/current-system/sw/lib/systemd/user/syncthing.service ~/.config/systemd/user/default.target.wants/ +<prompt>$ </prompt>systemctl --user daemon-reload +<prompt>$ </prompt>systemctl --user enable syncthing.service +</screen> + If you are interested in a timer file, use <literal>timers.target.wants</literal> + instead of <literal>default.target.wants</literal> in the 1st and 2nd command. + </para> + <para> + Using <literal>systemctl --user enable syncthing.service</literal> instead of + the above, will work, but it'll use the absolute path of + <literal>syncthing.service</literal> for the symlink, and this path is in + <literal>/nix/store/.../lib/systemd/user/</literal>. Hence + <link xlink:href="#sec-nix-gc">garbage collection</link> will remove that file + and you will wind up with a broken symlink in your systemd configuration, which + in turn will not make the service / timer start on login. + </para> + </section> </chapter> + diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/configuration.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/configuration.xml index 6eb8f50bacac..6949189b8883 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/configuration.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/configuration.xml @@ -18,10 +18,12 @@ <xi:include href="user-mgmt.xml" /> <xi:include href="file-systems.xml" /> <xi:include href="x-windows.xml" /> + <xi:include href="wayland.xml" /> <xi:include href="gpu-accel.xml" /> <xi:include href="xfce.xml" /> <xi:include href="networking.xml" /> <xi:include href="linux-kernel.xml" /> + <xi:include href="subversion.xml" /> <xi:include href="../generated/modules.xml" xpointer="xpointer(//section[@id='modules']/*)" /> <xi:include href="profiles.xml" /> <xi:include href="kubernetes.xml" /> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/gpu-accel.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/gpu-accel.xml index 95ee13f4796e..3695a5ff445a 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/gpu-accel.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/gpu-accel.xml @@ -65,16 +65,16 @@ Platform Vendor Advanced Micro Devices, Inc.</screen> <title>AMD</title> <para> - Modern AMD <link - xlink:href="https://en.wikipedia.org/wiki/Graphics_Core_Next">Graphics - Core Next</link> (GCN) GPUs are supported through the - <package>rocm-opencl-icd</package> package. Adding this package to - <xref linkend="opt-hardware.opengl.extraPackages"/> enables OpenCL - support: - - <programlisting><xref linkend="opt-hardware.opengl.extraPackages"/> = [ - rocm-opencl-icd -];</programlisting> + Modern AMD <link + xlink:href="https://en.wikipedia.org/wiki/Graphics_Core_Next">Graphics + Core Next</link> (GCN) GPUs are supported through the + <package>rocm-opencl-icd</package> package. Adding this package to + <xref linkend="opt-hardware.opengl.extraPackages"/> enables OpenCL + support: + + <programlisting><xref linkend="opt-hardware.opengl.extraPackages"/> = [ + rocm-opencl-icd + ];</programlisting> </para> </section> @@ -100,9 +100,9 @@ Platform Vendor Advanced Micro Devices, Inc.</screen> support. For example, for Gen8 and later GPUs, the following configuration can be used: - <programlisting><xref linkend="opt-hardware.opengl.extraPackages"/> = [ - intel-compute-runtime -];</programlisting> + <programlisting><xref linkend="opt-hardware.opengl.extraPackages"/> = [ + intel-compute-runtime + ];</programlisting> </para> </section> @@ -173,31 +173,31 @@ GPU1: <title>AMD</title> <para> - Modern AMD <link - xlink:href="https://en.wikipedia.org/wiki/Graphics_Core_Next">Graphics - Core Next</link> (GCN) GPUs are supported through either radv, which is - part of <package>mesa</package>, or the <package>amdvlk</package> package. - Adding the <package>amdvlk</package> package to - <xref linkend="opt-hardware.opengl.extraPackages"/> makes both drivers - available for applications and lets them choose. A specific driver can - be forced as follows: - - <programlisting><xref linkend="opt-hardware.opengl.extraPackages"/> = [ - pkgs.<package>amdvlk</package> -]; - -# To enable Vulkan support for 32-bit applications, also add: -<xref linkend="opt-hardware.opengl.extraPackages32"/> = [ - pkgs.driversi686Linux.<package>amdvlk</package> -]; - -# For amdvlk -<xref linkend="opt-environment.variables"/>.VK_ICD_FILENAMES = - "/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json"; -# For radv -<xref linkend="opt-environment.variables"/>.VK_ICD_FILENAMES = - "/run/opengl-driver/share/vulkan/icd.d/radeon_icd.x86_64.json"; -</programlisting> + Modern AMD <link + xlink:href="https://en.wikipedia.org/wiki/Graphics_Core_Next">Graphics + Core Next</link> (GCN) GPUs are supported through either radv, which is + part of <package>mesa</package>, or the <package>amdvlk</package> package. + Adding the <package>amdvlk</package> package to + <xref linkend="opt-hardware.opengl.extraPackages"/> makes both drivers + available for applications and lets them choose. A specific driver can + be forced as follows: + + <programlisting><xref linkend="opt-hardware.opengl.extraPackages"/> = [ + pkgs.<package>amdvlk</package> + ]; + + # To enable Vulkan support for 32-bit applications, also add: + <xref linkend="opt-hardware.opengl.extraPackages32"/> = [ + pkgs.driversi686Linux.<package>amdvlk</package> + ]; + + # For amdvlk + <xref linkend="opt-environment.variables"/>.VK_ICD_FILENAMES = + "/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json"; + # For radv + <xref linkend="opt-environment.variables"/>.VK_ICD_FILENAMES = + "/run/opengl-driver/share/vulkan/icd.d/radeon_icd.x86_64.json"; + </programlisting> </para> </section> </section> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/subversion.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/subversion.xml new file mode 100644 index 000000000000..940d63cc4e6d --- /dev/null +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/subversion.xml @@ -0,0 +1,140 @@ +<chapter xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="module-services-subversion"> + <title>Subversion</title> + + <para> + <link xlink:href="https://subversion.apache.org/">Subversion</link> + is a centralized version-control system. It can use a <link + xlink:href="http://svnbook.red-bean.com/en/1.7/svn-book.html#svn.serverconfig.choosing">variety + of protocols</link> for communication between client and server. + </para> + <section xml:id="module-services-subversion-apache-httpd"> + <title>Subversion inside Apache HTTP</title> + + <para> + This section focuses on configuring a web-based server on top of + the Apache HTTP server, which uses + <link xlink:href="http://www.webdav.org/">WebDAV</link>/<link + xlink:href="http://www.webdav.org/deltav/WWW10/deltav-intro.htm">DeltaV</link> + for communication. + </para> + + <para>For more information on the general setup, please refer to + the <link + xlink:href="http://svnbook.red-bean.com/en/1.7/svn-book.html#svn.serverconfig.httpd">the + appropriate section of the Subversion book</link>. + </para> + + <para>To configure, include in + <literal>/etc/nixos/configuration.nix</literal> code to activate + Apache HTTP, setting <xref linkend="opt-services.httpd.adminAddr" /> + appropriately: + </para> + + <para> +<programlisting> + services.httpd.enable = true; + services.httpd.adminAddr = ...; + networking.firewall.allowedTCPPorts = [ 80 443 ]; +</programlisting> + </para> + + <para>For a simple Subversion server with basic authentication, + configure the Subversion module for Apache as follows, setting + <literal>hostName</literal> and <literal>documentRoot</literal> + appropriately, and <literal>SVNParentPath</literal> to the parent + directory of the repositories, + <literal>AuthzSVNAccessFile</literal> to the location of the + <code>.authz</code> file describing access permission, and + <literal>AuthUserFile</literal> to the password file. + </para> + <para> +<programlisting> +services.httpd.extraModules = [ + # note that order is *super* important here + { name = "dav_svn"; path = "${pkgs.apacheHttpdPackages.subversion}/modules/mod_dav_svn.so"; } + { name = "authz_svn"; path = "${pkgs.apacheHttpdPackages.subversion}/modules/mod_authz_svn.so"; } + ]; + services.httpd.virtualHosts = { + "svn" = { + hostName = HOSTNAME; + documentRoot = DOCUMENTROOT; + locations."/svn".extraConfig = '' + DAV svn + SVNParentPath REPO_PARENT + AuthzSVNAccessFile ACCESS_FILE + AuthName "SVN Repositories" + AuthType Basic + AuthUserFile PASSWORD_FILE + Require valid-user + ''; + } +</programlisting> + </para> + + <para> + The key <code>"svn"</code> is just a symbolic name identifying the + virtual host. The <code>"/svn"</code> in + <code>locations."/svn".extraConfig</code> is the path underneath + which the repositories will be served. + </para> + + <para><link + xlink:href="https://wiki.archlinux.org/index.php/Subversion">This + page</link> explains how to set up the Subversion configuration + itself. This boils down to the following: + </para> + <para> + Underneath <literal>REPO_PARENT</literal> repositories can be set up + as follows: + </para> + <para> +<screen> +<prompt>$ </prompt> svn create REPO_NAME +</screen> + </para> + <para>Repository files need to be accessible by + <literal>wwwrun</literal>: + </para> + <para> +<screen> +<prompt>$ </prompt> chown -R wwwrun:wwwrun REPO_PARENT +</screen> + </para> + <para> + The password file <literal>PASSWORD_FILE</literal> can be created as follows: + </para> + <para> +<screen> +<prompt>$ </prompt> htpasswd -cs PASSWORD_FILE USER_NAME +</screen> + </para> + <para> + Additional users can be set up similarly, omitting the + <code>c</code> flag: + </para> + <para> +<screen> +<prompt>$ </prompt> htpasswd -s PASSWORD_FILE USER_NAME +</screen> + </para> + <para> + The file describing access permissions + <literal>ACCESS_FILE</literal> will look something like + the following: + </para> + <para> +<programlisting> +[/] +* = r + +[REPO_NAME:/] +USER_NAME = rw +</programlisting> + </para> + <para>The Subversion repositories will be accessible as <code>http://HOSTNAME/svn/REPO_NAME</code>.</para> + </section> +</chapter> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/user-mgmt.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/user-mgmt.xml index cbec83814c9a..e83e7b75ef54 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/user-mgmt.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/user-mgmt.xml @@ -38,7 +38,7 @@ assigned by setting the user's <link linkend="opt-users.users._name_.hashedPassword">hashedPassword</link> option. A hashed password can be generated using <command>mkpasswd -m - sha-512</command> after installing the <literal>mkpasswd</literal> package. + sha-512</command>. </para> <para> A user ID (uid) is assigned automatically. You can also specify a uid diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/wayland.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/wayland.xml new file mode 100644 index 000000000000..231c219cf081 --- /dev/null +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/configuration/wayland.xml @@ -0,0 +1,23 @@ +<chapter xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-wayland"> + <title>Wayland</title> + + <para> + While X11 (see <xref linkend="sec-x11"/>) is still the primary display + technology on NixOS, Wayland support is steadily improving. + Where X11 separates the X Server and the window manager, on Wayland those + are combined: a Wayland Compositor is like an X11 window manager, but also + embeds the Wayland 'Server' functionality. This means it is sufficient to + install a Wayland Compositor such as <package>sway</package> without + separately enabling a Wayland server: +<programlisting> +<xref linkend="opt-programs.sway.enable"/> = true; +</programlisting> + This installs the <package>sway</package> compositor along with some + essential utilities. Now you can start <package>sway</package> from the TTY + console. + </para> +</chapter> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/contributing-to-this-manual.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/contributing-to-this-manual.xml new file mode 100644 index 000000000000..935dd66bc141 --- /dev/null +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/contributing-to-this-manual.xml @@ -0,0 +1,22 @@ +<chapter xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xml:id="chap-contributing"> + <title>Contributing to this documentation</title> + <para> + The DocBook sources of NixOS' manual are in the <filename +xlink:href="https://github.com/NixOS/nixpkgs/tree/master/nixos/doc/manual"> +nixos/doc/manual</filename> subdirectory of the <link +xlink:href="https://github.com/NixOS/nixpkgs">Nixpkgs</link> repository. + </para> + <para> + You can quickly check your edits with the following: + </para> +<screen> +<prompt>$ </prompt>cd /path/to/nixpkgs +<prompt>$ </prompt>nix-build nixos/release.nix -A manual.x86_64-linux +</screen> + <para> + If the build succeeds, the manual will be in + <filename>./result/share/doc/nixos/index.html</filename>. + </para> +</chapter> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/default.nix b/infra/libkookie/nixpkgs/nixos/doc/manual/default.nix index 6ca75f869f45..af7a2e08220c 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/default.nix +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/default.nix @@ -63,6 +63,7 @@ let "--stringparam html.script './highlightjs/highlight.pack.js ./highlightjs/loader.js'" "--param xref.with.number.and.title 1" "--param toc.section.depth 0" + "--param generate.consistent.ids 1" "--stringparam admon.style ''" "--stringparam callout.graphics.extension .svg" "--stringparam current.docid manual" diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/development/running-nixos-tests-interactively.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/development/running-nixos-tests-interactively.xml index a11a9382764d..a6044d5f89e8 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/development/running-nixos-tests-interactively.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/development/running-nixos-tests-interactively.xml @@ -9,7 +9,7 @@ The test itself can be run interactively. This is particularly useful when developing or debugging a test: <screen> -<prompt>$ </prompt>nix-build nixos/tests/login.nix -A driver +<prompt>$ </prompt>nix-build nixos/tests/login.nix -A driverInteractive <prompt>$ </prompt>./result/bin/nixos-test-driver starting VDE switch for network 1 <prompt>></prompt> @@ -30,7 +30,7 @@ starting VDE switch for network 1 <para> To just start and experiment with the VMs, run: <screen> -<prompt>$ </prompt>nix-build nixos/tests/login.nix -A driver +<prompt>$ </prompt>nix-build nixos/tests/login.nix -A driverInteractive <prompt>$ </prompt>./result/bin/nixos-run-vms </screen> The script <command>nixos-run-vms</command> starts the virtual machines diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/installation/installing-from-other-distro.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/installation/installing-from-other-distro.xml index f10a7d658879..43f69b923d14 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/installation/installing-from-other-distro.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/installation/installing-from-other-distro.xml @@ -161,6 +161,13 @@ nixpkgs https://nixos.org/channels/nixpkgs-unstable</screen> existing systems without the help of a rescue USB drive or similar. </para> </warning> + <note> + <para> + On some distributions there are separate PATHS for programs intended only for root. + In order for the installation to succeed, you might have to use <literal>PATH="$PATH:/usr/sbin:/sbin"</literal> + in the following command. + </para> + </note> <screen><prompt>$ </prompt>sudo PATH="$PATH" NIX_PATH="$NIX_PATH" `which nixos-install` --root /mnt</screen> <para> Again, please refer to the <literal>nixos-install</literal> step in diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/installation/installing.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/installation/installing.xml index 6df1d8303483..bedeb7ccfa8e 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/installation/installing.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/installation/installing.xml @@ -480,13 +480,8 @@ Retype new UNIX password: ***</screen> <prompt>$ </prompt>passwd eelco</screen> </para> <para> - You may also want to install some software. For instance, -<screen> -<prompt>$ </prompt>nix-env -qaP \*</screen> - shows what packages are available, and -<screen> -<prompt>$ </prompt>nix-env -f '<nixpkgs>' -iA w3m</screen> - installs the <literal>w3m</literal> browser. + You may also want to install some software. This will be covered + in <xref linkend="sec-package-management" />. </para> </listitem> </orderedlist> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/installation/upgrading.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/installation/upgrading.xml index 08780051d5f6..15ba5db9a37b 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/installation/upgrading.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/installation/upgrading.xml @@ -14,7 +14,7 @@ <para> <emphasis>Stable channels</emphasis>, such as <literal - xlink:href="https://nixos.org/channels/nixos-20.03">nixos-20.03</literal>. + xlink:href="https://nixos.org/channels/nixos-20.09">nixos-20.09</literal>. These only get conservative bug fixes and package upgrades. For instance, a channel update may cause the Linux kernel on your system to be upgraded from 4.19.34 to 4.19.38 (a minor bug fix), but not from @@ -38,7 +38,7 @@ <para> <emphasis>Small channels</emphasis>, such as <literal - xlink:href="https://nixos.org/channels/nixos-20.03-small">nixos-20.03-small</literal> + xlink:href="https://nixos.org/channels/nixos-20.09-small">nixos-20.09-small</literal> or <literal xlink:href="https://nixos.org/channels/nixos-unstable-small">nixos-unstable-small</literal>. @@ -63,8 +63,8 @@ <para> When you first install NixOS, you’re automatically subscribed to the NixOS channel that corresponds to your installation source. For instance, if you - installed from a 20.03 ISO, you will be subscribed to the - <literal>nixos-20.03</literal> channel. To see which NixOS channel you’re + installed from a 20.09 ISO, you will be subscribed to the + <literal>nixos-20.09</literal> channel. To see which NixOS channel you’re subscribed to, run the following as root: <screen> <prompt># </prompt>nix-channel --list | grep nixos @@ -75,13 +75,13 @@ nixos https://nixos.org/channels/nixos-unstable <prompt># </prompt>nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos </screen> (Be sure to include the <literal>nixos</literal> parameter at the end.) For - instance, to use the NixOS 20.03 stable channel: + instance, to use the NixOS 20.09 stable channel: <screen> -<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-20.03 nixos +<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-20.09 nixos </screen> If you have a server, you may want to use the “small” channel instead: <screen> -<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos +<prompt># </prompt>nix-channel --add https://nixos.org/channels/nixos-20.09-small nixos </screen> And if you want to live on the bleeding edge: <screen> @@ -132,7 +132,7 @@ nixos https://nixos.org/channels/nixos-unstable kernel, initrd or kernel modules. You can also specify a channel explicitly, e.g. <programlisting> -<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-20.03; +<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-20.09; </programlisting> </para> </section> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/man-nixos-install.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/man-nixos-install.xml index b205e2309687..91542d37cbd5 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/man-nixos-install.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/man-nixos-install.xml @@ -50,6 +50,12 @@ </arg> <arg> + <group choice='req'> + <arg choice='plain'><option>--impure</option></arg> + </group> + </arg> + + <arg> <arg choice='plain'> <option>--channel</option> </arg> @@ -102,6 +108,12 @@ <arg> <arg choice='plain'> + <option>--keep-going</option> + </arg> + </arg> + + <arg> + <arg choice='plain'> <option>--help</option> </arg> </arg> @@ -297,6 +309,17 @@ </varlistentry> <varlistentry> <term> + <option>--keep-going</option> + </term> + <listitem> + <para> + Causes Nix to continue building derivations as far as possible + in the face of failed builds. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term> <option>--help</option> </term> <listitem> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/manual.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/manual.xml index 18a67a2dd941..db9e7313831d 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/manual.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/manual.xml @@ -19,5 +19,6 @@ <xi:include href="./generated/options-db.xml" xpointer="configuration-variable-list" /> </appendix> + <xi:include href="contributing-to-this-manual.xml" /> <xi:include href="release-notes/release-notes.xml" /> </book> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/release-notes/rl-2009.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/release-notes/rl-2009.xml index d9ff51ae3df0..afb09d7c5d26 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/release-notes/rl-2009.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/release-notes/rl-2009.xml @@ -3,8 +3,11 @@ xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="sec-release-20.09"> - <title>Release 20.09 (“Nightingale”, 2020.09/??)</title> + <title>Release 20.09 (“Nightingale”, 2020.10/27)</title> + <para> + Support is planned until the end of April 2021, handing over to 21.03. + </para> <section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude" @@ -13,88 +16,611 @@ <title>Highlights</title> <para> - In addition to numerous new and upgraded packages, this release has the + In addition to 7349 new, 14442 updated, and 8181 removed packages, this release has the following highlights: </para> <itemizedlist> <listitem> <para> - Support is planned until the end of April 2021, handing over to 21.03. + Core version changes: </para> + <itemizedlist> + <listitem> + <para> + gcc: 9.2.0 -> 9.3.0 + </para> + </listitem> + <listitem> + <para> + glibc: 2.30 -> 2.31 + </para> + </listitem> + <listitem> + <para> + linux: still defaults to 5.4.x, all supported kernels available + </para> + </listitem> + <listitem> + <para> + mesa: 19.3.5 -> 20.1.7 + </para> + </listitem> + </itemizedlist> </listitem> <listitem> - <para>GNOME desktop environment was upgraded to 3.36, see its <link xlink:href="https://help.gnome.org/misc/release-notes/3.36/">release notes</link>.</para> - </listitem> - <listitem> - <para> - The Cinnamon desktop environment (v4.6) has been added. <varname>services.xserver.desktopManager.cinnamon.enable = true;</varname> to try it out! - Remember that, with any new feature it's possible you could run into issues, so please send all support requests to <link xlink:href="https://github.com/NixOS/nixpkgs/issues">github.com/NixOS/nixpkgs</link> to notify the maintainers. - </para> + <para> + Desktop Environments: + </para> + <itemizedlist> + <listitem> + <para> + plasma5: 5.17.5 -> 5.18.5 + </para> + </listitem> + <listitem> + <para> + kdeApplications: 19.12.3 -> 20.08.1 + </para> + </listitem> + <listitem> + <para> + gnome3: 3.34 -> 3.36, see its <link xlink:href="https://help.gnome.org/misc/release-notes/3.36/">release notes</link> + </para> + </listitem> + <listitem> + <para> + cinnamon: added at 4.6 + </para> + </listitem> + <listitem> + <para> + NixOS now distributes an official <link xlink:href="https://nixos.org/download.html#nixos-iso">GNOME ISO</link> + </para> + </listitem> + </itemizedlist> </listitem> + <listitem> <para> - Quickly configure a complete, private, self-hosted video - conferencing solution with the new Jitsi Meet module. + Programming Languages and Frameworks: </para> + <itemizedlist> + + <listitem> + <para> + Agda ecosystem was heavily reworked (see more details below) + </para> + </listitem> + <listitem> + <para> + PHP now defaults to PHP 7.4, updated from 7.3 + </para> + </listitem> + <listitem> + <para> + PHP 7.2 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 20.09 release + </para> + </listitem> + <listitem> + <para> + Python 3 now defaults to Python 3.8 instead of 3.7 + </para> + </listitem> + <listitem> + <para> + Python 3.5 reached its upstream EOL at the end of September 2020: it + has been removed from the list of available packages + </para> + </listitem> + </itemizedlist> </listitem> + <listitem> <para> - <package>maxx</package> package removed along with <varname>services.xserver.desktopManager.maxx</varname> module. - Please migrate to <package>cdesktopenv</package> and <varname>services.xserver.desktopManager.cde</varname> module. + Databases and Service Monitoring: </para> + <itemizedlist> + <listitem> + <para> + MariaDB has been updated to 10.4, MariaDB Galera to 26.4. Please read the related upgrade instructions under <link linkend="sec-release-20.09-incompatibilities">backwards incompatibilities</link> before upgrading. + </para> + </listitem> + <listitem> + <para> + Zabbix now defaults to 5.0, updated from 4.4. Please read related sections under <link linkend="sec-release-20.09-incompatibilities">backwards compatibilities</link> before upgrading. + </para> + </listitem> + </itemizedlist> </listitem> + <listitem> <para> - We now distribute a GNOME ISO. + Major module changes: </para> + <itemizedlist> + <listitem> + <para> + Quickly configure a complete, private, self-hosted video + conferencing solution with the new Jitsi Meet module. + </para> + </listitem> + <listitem> + <para> + Two new options, <link linkend="opt-services.openssh.authorizedKeysCommand">authorizedKeysCommand</link> + and <link linkend="opt-services.openssh.authorizedKeysCommandUser">authorizedKeysCommandUser</link>, have + been added to the <literal>openssh</literal> module. If you have <literal>AuthorizedKeysCommand</literal> + in your <link linkend="opt-services.openssh.extraConfig">services.openssh.extraConfig</link> you should + make use of these new options instead. + </para> + </listitem> + <listitem> + <para> + There is a new module for Podman (<varname>virtualisation.podman</varname>), a drop-in replacement for the Docker command line. + </para> + </listitem> + <listitem> + <para> + The new <varname>virtualisation.containers</varname> module manages configuration shared by the CRI-O and Podman modules. + </para> + </listitem> + <listitem> + <para> + Declarative Docker containers are renamed from <varname>docker-containers</varname> to <varname>virtualisation.oci-containers.containers</varname>. + This is to make it possible to use <literal>podman</literal> instead of <literal>docker</literal>. + </para> + </listitem> + <listitem> + <para> + The new option <link linkend="opt-documentation.man.generateCaches">documentation.man.generateCaches</link> + has been added to automatically generate the <literal>man-db</literal> caches, which are needed by utilities + like <command>whatis</command> and <command>apropos</command>. The caches are generated during the build of + the NixOS configuration: since this can be expensive when a large number of packages are installed, the + feature is disabled by default. + </para> + </listitem> + <listitem> + <para> + <varname>services.postfix.sslCACert</varname> was replaced by <varname>services.postfix.tlsTrustedAuthorities</varname> which now defaults to system certificate authorities. + </para> + </listitem> + <listitem> + <para> + The various documented workarounds to use steam have been converted to a module. <varname>programs.steam.enable</varname> enables steam, controller support and the workarounds. + </para> + </listitem> + <listitem> + <para> + Support for built-in LCDs in various pieces of Logitech hardware (keyboards and USB speakers). <varname>hardware.logitech.lcd.enable</varname> enables support for all hardware supported by the <link xlink:href="https://sourceforge.net/projects/g15daemon/">g15daemon project</link>. + </para> + </listitem> + <listitem> + <para> + The GRUB module gained support for basic password protection, which + allows to restrict non-default entries in the boot menu to one or more + users. The users and passwords are defined via the option + <option>boot.loader.grub.users</option>. + Note: Password support is only available in GRUB version 2. + </para> + </listitem> + </itemizedlist> </listitem> + <listitem> <para> - PHP now defaults to PHP 7.4, updated from 7.3. + NixOS module changes: </para> + <itemizedlist> + <listitem> + <para> + The NixOS module system now supports freeform modules as a mix between <literal>types.attrsOf</literal> and <literal>types.submodule</literal>. These allow you to explicitly declare a subset of options while still permitting definitions without an associated option. See <xref linkend='sec-freeform-modules'/> for how to use them. + </para> + </listitem> + <listitem> + <para> + Following its deprecation in 20.03, the Perl NixOS test driver has been removed. + All remaining tests have been ported to the Python test framework. + Code outside nixpkgs using <filename>make-test.nix</filename> or + <filename>testing.nix</filename> needs to be ported to + <filename>make-test-python.nix</filename> and + <filename>testing-python.nix</filename> respectively. + </para> + </listitem> + <listitem> + <para> + Subordinate GID and UID mappings are now set up automatically for all normal users. + This will make container tools like Podman work as non-root users out of the box. + </para> + </listitem> + </itemizedlist> </listitem> <listitem> <para> - PHP 7.2 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 20.09 release. + Starting with this release, the hydra-build-result + <literal>nixos-<replaceable>YY.MM</replaceable></literal> + branches no longer exist in the <link + xlink:href="https://github.com/nixos/nixpkgs-channels">deprecated + nixpkgs-channels repository</link>. These branches are now in + <link xlink:href="https://github.com/nixos/nixpkgs">the main nixpkgs + repository</link>. </para> </listitem> + </itemizedlist> + </section> + + <section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-release-20.09-new-services"> + <title>New Services</title> + + <para> + In addition to 1119 new, 118 updated, and 476 removed options; 61 new modules were added since the last release: + </para> + + <itemizedlist> <listitem> <para> - Python 3 now defaults to Python 3.8 instead of 3.7. + Hardware: </para> + <itemizedlist> + <listitem> + <para> + <xref linkend="opt-hardware.system76.firmware-daemon.enable" /> adds easy support of system76 firmware + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-hardware.uinput.enable" /> loads uinput kernel module + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-hardware.video.hidpi.enable" /> enable good defaults for HiDPI displays + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-hardware.wooting.enable" /> support for Wooting keyboards + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-hardware.xpadneo.enable" /> xpadneo driver for Xbox One wireless controllers + </para> + </listitem> + </itemizedlist> </listitem> <listitem> <para> - Python 3.5 has reached its upstream EOL at the end of September 2020: it - has been removed from the list of available packages. + Programs: </para> + <itemizedlist> + <listitem> + <para> + <xref linkend="opt-programs.hamster.enable" /> enable hamster time tracking + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-programs.steam.enable" /> adds easy enablement of steam and related system configuration + </para> + </listitem> + </itemizedlist> </listitem> <listitem> <para> - Two new options, <link linkend="opt-services.openssh.authorizedKeysCommand">authorizedKeysCommand</link> - and <link linkend="opt-services.openssh.authorizedKeysCommandUser">authorizedKeysCommandUser</link>, have - been added to the <literal>openssh</literal> module. If you have <literal>AuthorizedKeysCommand</literal> - in your <link linkend="opt-services.openssh.extraConfig">services.openssh.extraConfig</link> you should - make use of these new options instead. + Security: </para> + <itemizedlist> + <listitem> + <para> + <xref linkend="opt-security.doas.enable" /> alternative to sudo, allows non-root users to execute commands as root + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-security.tpm2.enable" /> add Trusted Platform Module 2 support + </para> + </listitem> + </itemizedlist> </listitem> <listitem> <para> - There is a new module for Podman(<varname>virtualisation.podman</varname>), a drop-in replacement for the Docker command line. + System: </para> + <itemizedlist> + <listitem> + <para> + <xref linkend="opt-boot.initrd.network.openvpn.enable" /> start an OpenVPN client during initrd boot + </para> + </listitem> + </itemizedlist> </listitem> <listitem> <para> - The new <varname>virtualisation.containers</varname> module manages configuration shared by the CRI-O and Podman modules. + Virtualization: </para> + <itemizedlist> + <listitem> + <para> + <xref linkend="opt-boot.enableContainers" /> use nixos-containers + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-virtualisation.oci-containers.containers" /> run OCI (Docker) containers + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-virtualisation.podman.enable" /> daemonless container engine + </para> + </listitem> + </itemizedlist> </listitem> + <listitem> <para> - Declarative Docker containers are renamed from <varname>docker-containers</varname> to <varname>virtualisation.oci-containers.containers</varname>. - This is to make it possible to use <literal>podman</literal> instead of <literal>docker</literal>. + Services: </para> + <itemizedlist> + <listitem> + <para> + <xref linkend="opt-services.ankisyncd.enable" /> Anki sync server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.bazarr.enable" /> Subtitle manager for Sonarr and Radarr + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.biboumi.enable" /> Biboumi XMPP gateway to IRC + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.blockbook-frontend" /> Blockbook-frontend, a service for the Trezor wallet + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.cage.enable" /> Wayland cage service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.convos.enable" /> IRC daemon, which can be accessed throught the browser + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.engelsystem.enable" /> Tool for coordinating volunteers and shifts on large events + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.espanso.enable" /> text-expander written in rust + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.foldingathome.enable" /> Folding@home client + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.gerrit.enable" /> Web-based team code collaboration tool + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.go-neb.enable" /> Matrix bot + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.hardware.xow.enable" /> xow as a systemd service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.hercules-ci-agent.enable" /> Hercules CI build agent + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.jicofo.enable" /> Jitsi Conference Focus, component of Jitsi Meet + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.jirafeau.enable" /> A web file repository + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.jitsi-meet.enable" /> Secure, simple and scalable video conferences + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.jitsi-videobridge.enable" /> Jitsi Videobridge, a WebRTC compatible router + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.jupyterhub.enable" /> Jupyterhub development server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.k3s.enable" /> Lightweight Kubernetes distribution + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.magic-wormhole-mailbox-server.enable" /> Magic Wormhole Mailbox Server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.malcontent.enable" /> Parental Control support + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.matrix-appservice-discord.enable" /> Matrix and Discord bridge + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.mautrix-telegram.enable" /> Matrix-Telegram puppeting/relaybot bridge + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.mirakurun.enable" /> Japanese DTV Tuner Server Service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.molly-brown.enable" /> Molly-Brown Gemini server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.mullvad-vpn.enable" /> Mullvad VPN daemon + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.ncdns.enable" /> Namecoin to DNS bridge + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.nextdns.enable" /> NextDNS to DoH Proxy service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.nix-store-gcs-proxy" /> Google storage bucket to be used as a nix store + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.onedrive.enable" /> OneDrive sync service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.pinnwand.enable" /> Pastebin-like service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.pixiecore.enable" /> Manage network booting of machines + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.privacyidea.enable" /> Privacy authentication server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.quorum.enable" /> Quorum blockchain daemon + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.robustirc-bridge.enable" /> RobustIRC bridge + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.rss-bridge.enable" /> Generate RSS and Atom feeds + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.rtorrent.enable" /> rTorrent service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.smartdns.enable" /> SmartDNS DNS server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.sogo.enable" /> SOGo groupware + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.teeworlds.enable" /> Teeworlds game server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.torque.mom.enable" /> torque computing node + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.torque.server.enable" /> torque server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.tuptime.enable" /> A total uptime service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.urserver.enable" /> X11 remote server + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.wasabibackend.enable" /> Wasabi backend service + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.yubikey-agent.enable" /> Yubikey agent + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.zigbee2mqtt.enable" /> Zigbee to MQTT bridge + </para> + </listitem> + </itemizedlist> </listitem> + + </itemizedlist> + + </section> + + <section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-release-20.09-incompatibilities"> + <title>Backward Incompatibilities</title> + + <para> + When upgrading from a previous release, please be aware of the following + incompatible changes: + </para> + + <itemizedlist> <listitem> <para> MariaDB has been updated to 10.4, MariaDB Galera to 26.4. @@ -144,36 +670,7 @@ GRANT ALL PRIVILEGES ON *.* TO 'mysql'@'localhost' WITH GRANT OPTION; from the default of <literal>mysql</literal> to a different user please change <literal>'mysql'@'localhost'</literal> to the corresponding user instead. </para> </listitem> - <listitem> - <para> - The new option <link linkend="opt-documentation.man.generateCaches">documentation.man.generateCaches</link> - has been added to automatically generate the <literal>man-db</literal> caches, which are needed by utilities - like <command>whatis</command> and <command>apropos</command>. The caches are generated during the build of - the NixOS configuration: since this can be expensive when a large number of packages are installed, the - feature is disabled by default. - </para> - </listitem> - <listitem> - <para> - <varname>services.postfix.sslCACert</varname> was replaced by <varname>services.postfix.tlsTrustedAuthorities</varname> which now defaults to system certificate authorities. - </para> - </listitem> - <listitem> - <para> - Subordinate GID and UID mappings are now set up automatically for all normal users. - This will make container tools like Podman work as non-root users out of the box. - </para> - </listitem> - <listitem> - <para> - The various documented workarounds to use steam have been converted to a module. <varname>programs.steam.enable</varname> enables steam, controller support and the workarounds. - </para> - </listitem> - <listitem> - <para> - Support for built-in LCDs in various pieces of Logitech hardware (keyboards and USB speakers). <varname>hardware.logitech.lcd.enable</varname> enables support for all hardware supported by the g15daemon project. - </para> - </listitem> + <listitem> <para> Zabbix now defaults to 5.0, updated from 4.4. Please carefully read through @@ -208,72 +705,13 @@ GRANT ALL PRIVILEGES ON *.* TO 'mysql'@'localhost' WITH GRANT OPTION; </programlisting> </para> </listitem> - <listitem> - <para> - The NixOS module system now supports freeform modules as a mix between <literal>types.attrsOf</literal> and <literal>types.submodule</literal>. These allow you to explicitly declare a subset of options while still permitting definitions without an associated option. See <xref linkend='sec-freeform-modules'/> for how to use them. - </para> - </listitem> - <listitem> - <para> - The GRUB module gained support for basic password protection, which - allows to restrict non-default entries in the boot menu to one or more - users. The users and passwords are defined via the option - <option>boot.loader.grub.users</option>. - Note: Password support is only avaiable in GRUB version 2. - </para> - </listitem> - <listitem> - <para> - Following its deprecation in 20.03, the Perl NixOS test driver has been removed. - All remaining tests have been ported to the Python test framework. - Code outside nixpkgs using <filename>make-test.nix</filename> or - <filename>testing.nix</filename> needs to be ported to - <filename>make-test-python.nix</filename> and - <filename>testing-python.nix</filename> respectively. - </para> - </listitem> - </itemizedlist> - </section> - <section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-release-20.09-new-services"> - <title>New Services</title> - - <para> - The following new services were added since the last release: - </para> - - <itemizedlist> <listitem> <para> - There is a new <xref linkend="opt-security.doas.enable"/> module that provides <command>doas</command>, a lighter alternative to <command>sudo</command> with many of the same features. - </para> - </listitem> - <listitem> - <para> - <link xlink:href="https://hercules-ci.com">Hercules CI</link> Agent is a specialized build agent for projects built with Nix. See the <link xlink:href="https://nixos.org/nixos/options.html#services.hercules-ci-agent">options</link> and <link xlink:href="https://docs.hercules-ci.com/hercules-ci/getting-started/#deploy-agent">setup</link>. + <package>maxx</package> package removed along with <varname>services.xserver.desktopManager.maxx</varname> module. + Please migrate to <package>cdesktopenv</package> and <varname>services.xserver.desktopManager.cde</varname> module. </para> </listitem> - </itemizedlist> - - </section> - - <section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-release-20.09-incompatibilities"> - <title>Backward Incompatibilities</title> - - <para> - When upgrading from a previous release, please be aware of the following - incompatible changes: - </para> - - <itemizedlist> <listitem> <para> The <link linkend="opt-services.matrix-synapse.enable">matrix-synapse</link> module no longer includes optional dependencies by default, they have to be added through the <link linkend="opt-services.matrix-synapse.plugins">plugins</link> option. @@ -300,7 +738,7 @@ GRANT ALL PRIVILEGES ON *.* TO 'mysql'@'localhost' WITH GRANT OPTION; It can still be enabled by providing <literal>phantomJsSupport = true</literal> to the package instantiation: <programlisting>{ services.grafana.package = pkgs.grafana.overrideAttrs (oldAttrs: rec { - phantomJsSupport = false; + phantomJsSupport = true; }); }</programlisting> </para> @@ -451,12 +889,23 @@ php.override { <listitem> <para> Nginx web server now starting with additional sandbox/hardening options. By default, write access - to <literal>services.nginx.stateDir</literal> is allowed. To allow writing to other folders, + to <literal>/var/log/nginx</literal> and <literal>/var/cache/nginx</literal> is allowed. To allow writing to other folders, use <literal>systemd.services.nginx.serviceConfig.ReadWritePaths</literal> <programlisting> systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ]; </programlisting> </para> + <para> + Nginx is also started with the systemd option <literal>ProtectHome = mkDefault true;</literal> + which forbids it to read anything from <literal>/home</literal>, <literal>/root</literal> + and <literal>/run/user</literal> (see + <link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProtectHome=">ProtectHome docs</link> + for details). + If you require serving files from home directories, you may choose to set e.g. +<programlisting> +systemd.services.nginx.serviceConfig.ProtectHome = "read-only"; +</programlisting> + </para> </listitem> <listitem> <para> @@ -643,6 +1092,13 @@ systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ]; In the <literal>resilio</literal> module, <xref linkend="opt-services.resilio.httpListenAddr"/> has been changed to listen to <literal>[::1]</literal> instead of <literal>0.0.0.0</literal>. </para> </listitem> + <listitem> + <para> + <literal>sslh</literal> has been updated to version + <literal>1.21</literal>. The <literal>ssl</literal> probe must be + renamed to <literal>tls</literal> in <xref linkend="opt-services.sslh.appendConfig"/>. + </para> + </listitem> <listitem> <para> Users of <link xlink:href="http://openafs.org">OpenAFS 1.6</link> must @@ -1102,6 +1558,8 @@ services.transmission.settings.rpc-bind-address = "0.0.0.0"; <package>nextcloud18</package> before upgrading to <package>nextcloud19</package> since Nextcloud doesn't support upgrades across multiple major versions. </para> + </listitem> + <listitem> <para> The <literal>nixos-run-vms</literal> script now deletes the previous run machines states on test startup. You can use the @@ -1145,30 +1603,30 @@ services.transmission.settings.rpc-bind-address = "0.0.0.0"; <para> Agda has been heavily reworked. <itemizedlist> - <listitem> - <para> - <literal>agda.mkDerivation</literal> has been heavily changed and - is now located at <package>agdaPackages.mkDerivation</package>. - </para> - </listitem> - <listitem> - <para> - New top-level packages <package>agda</package> and - <literal>agda.withPackages</literal> have been added, the second - of which sets up agda with access to chosen libraries. - </para> - </listitem> - <listitem> - <para> - All agda libraries now live under - <literal>agdaPackages</literal>. - </para> - </listitem> - <listitem> - <para> - Many broken libraries have been removed. - </para> - </listitem> + <listitem> + <para> + <literal>agda.mkDerivation</literal> has been heavily changed and + is now located at <package>agdaPackages.mkDerivation</package>. + </para> + </listitem> + <listitem> + <para> + New top-level packages <package>agda</package> and + <literal>agda.withPackages</literal> have been added, the second + of which sets up agda with access to chosen libraries. + </para> + </listitem> + <listitem> + <para> + All agda libraries now live under + <literal>agdaPackages</literal>. + </para> + </listitem> + <listitem> + <para> + Many broken libraries have been removed. + </para> + </listitem> </itemizedlist> See the <link xlink:href="https://nixos.org/nixpkgs/manual/#agda">new @@ -1181,7 +1639,7 @@ services.transmission.settings.rpc-bind-address = "0.0.0.0"; nixpkgs. It was a work in progress to package the <link xlink:href="https://www.deepin.org/en/dde/">Deepin Desktop Environment (DDE)</link>, including libraries, tools and applications, and it was still - missing a service to lauch the desktop environment. It has shown + missing a service to launch the desktop environment. It has shown to no longer be a feasible goal due to reasons discussed in <link xlink:href="https://github.com/NixOS/nixpkgs/issues/94870">issue #94870</link>. The package <literal>netease-cloud-music</literal> has also been @@ -1226,4 +1684,131 @@ services.transmission.settings.rpc-bind-address = "0.0.0.0"; </listitem> </itemizedlist> </section> + + <section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-release-20.09-contributions"> + <title>Contributions</title> + <para> + I, Jonathan Ringer, would like to thank the following individuals for their work on nixpkgs. This release could not be done without the hard work of the NixOS community. There were 31282 contributions across 1313 contributors. + </para> + <orderedlist> + <para> + Top contributors to NixOS/Nixpkgs from the 20.03 release to the 20.09 release: + </para> + <listitem> + <para> + 2288 Mario Rodas + </para> + </listitem> + <listitem> + <para> + 1837 Frederik Rietdijk + </para> + </listitem> + <listitem> + <para> + 946 Jörg Thalheim + </para> + </listitem> + <listitem> + <para> + 925 Maximilian Bosch + </para> + </listitem> + <listitem> + <para> + 687 Jonathan Ringer + </para> + </listitem> + <listitem> + <para> + 651 Jan Tojnar + </para> + </listitem> + <listitem> + <para> + 622 Daniël de Kok + </para> + </listitem> + <listitem> + <para> + 605 WORLDofPEACE + </para> + </listitem> + <listitem> + <para> + 597 Florian Klink + </para> + </listitem> + <listitem> + <para> + 528 José Romildo Malaquias + </para> + </listitem> + </orderedlist> + + <orderedlist> + <para> + Top contributors to stabilizing this release (Zero Hydra Failures period): + </para> + <listitem> + <para> + 281 volth + </para> + </listitem> + <listitem> + <para> + 101 Robert Scott + </para> + </listitem> + <listitem> + <para> + 86 Tim Steinbach + </para> + </listitem> + <listitem> + <para> + 76 WORLDofPEACE + </para> + </listitem> + <listitem> + <para> + 49 Maximilian Bosch + </para> + </listitem> + <listitem> + <para> + 42 Thomas Tuegel + </para> + </listitem> + <listitem> + <para> + 37 Doron Behar + </para> + </listitem> + <listitem> + <para> + 36 Vladimír Čunát + </para> + </listitem> + <listitem> + <para> + 27 Jonathan Ringer + </para> + </listitem> + <listitem> + <para> + 27 Maciej Krüger + </para> + </listitem> + </orderedlist> + + <para> + I, Jonathan Ringer, would also like to personally thank @WORLDofPEACE for their help in mentoring me on the release process. Special thanks also goes to Thomas Tuegel for helping immensely with stabilizing Qt, KDE, and Plasma5; I would also like to thank Robert Scott for his numerous fixes and pull request reviews. + </para> + + </section> </section> diff --git a/infra/libkookie/nixpkgs/nixos/doc/manual/release-notes/rl-2103.xml b/infra/libkookie/nixpkgs/nixos/doc/manual/release-notes/rl-2103.xml index fb1d50434b80..ffb00aa0362e 100644 --- a/infra/libkookie/nixpkgs/nixos/doc/manual/release-notes/rl-2103.xml +++ b/infra/libkookie/nixpkgs/nixos/doc/manual/release-notes/rl-2103.xml @@ -23,6 +23,22 @@ Support is planned until the end of October 2021, handing over to 21.09. </para> </listitem> + <listitem> + <para>GNOME desktop environment was upgraded to 3.38, see its <link xlink:href="https://help.gnome.org/misc/release-notes/3.38/">release notes</link>.</para> + </listitem> + <listitem> + <para> + <link xlink:href="https://www.gnuradio.org/">GNURadio</link> 3.8 was + <link xlink:href="https://github.com/NixOS/nixpkgs/issues/82263">finnally</link> + packaged, along with a rewrite to the Nix expressions, allowing users to + override the features upstream supports selecting to compile or not to. + Additionally, the attribute <code>gnuradio</code> and <code>gnuradio3_7</code> + now point to an externally wrapped by default derivations, that allow you to + also add `extraPythonPackages` to the Python interpreter used by GNURadio. + Missing environmental variables needed for operational GUI were also added + (<link xlink:href="https://github.com/NixOS/nixpkgs/issues/75478">#7547</link>). + </para> + </listitem> </itemizedlist> </section> @@ -39,7 +55,24 @@ <itemizedlist> <listitem> - <para /> + <para> + <link xlink:href="https://www.keycloak.org/">Keycloak</link>, + an open source identity and access management server with + support for <link + xlink:href="https://openid.net/connect/">OpenID Connect</link>, + <link xlink:href="https://oauth.net/2/">OAUTH 2.0</link> and + <link xlink:href="https://en.wikipedia.org/wiki/SAML_2.0">SAML + 2.0</link>. + </para> + <para> + See the <link linkend="module-services-keycloak">Keycloak + section of the NixOS manual</link> for more information. + </para> + </listitem> + <listitem> + <para> + <xref linkend="opt-services.samba-wsdd.enable" /> Web Services Dynamic Discovery host daemon + </para> </listitem> </itemizedlist> @@ -75,6 +108,25 @@ </para> </listitem> <listitem> + <para> + <literal>rubyMinimal</literal> was removed due to being unused and + unusable. The default ruby interpreter includes JIT support, which makes + it reference it's compiler. Since JIT support is probably needed by some + Gems, it was decided to enable this feature with all cc references by + default, and allow to build a Ruby derivation without references to cc, + by setting <literal>jitSupport = false;</literal> in an overlay. See + <link xlink:href="https://github.com/NixOS/nixpkgs/pull/90151">#90151</link> + for more info. + </para> + </listitem> + <listitem> + <para> + Setting <option>services.openssh.authorizedKeysFiles</option> now also affects which keys <option>security.pam.enableSSHAgentAuth</option> will use. + + WARNING: If you are using these options in combination do make sure that any key paths you use are present in <option>services.openssh.authorizedKeysFiles</option>! + </para> + </listitem> + <listitem> <para> The option <option>fonts.enableFontDir</option> has been renamed to <xref linkend="opt-fonts.fontDir.enable"/>. The path of font directory @@ -93,6 +145,126 @@ <literal>kicad/default.nix</literal>. </para> </listitem> + <listitem> + <para> + The socket for the <literal>pdns-recursor</literal> module was moved from <literal>/var/lib/pdns-recursor</literal> + to <literal>/run/pdns-recursor</literal> to match upstream. + </para> + </listitem> + <listitem> + <para> + Paperwork was updated to version 2. The on-disk format slightly changed, + and it is not possible to downgrade from Paperwork 2 back to Paperwork + 1.3. Back your documents up before upgrading. See <link xlink:href="https://forum.openpaper.work/t/paperwork-2-0/112/5">this thread</link> for more details. + </para> + </listitem> + <listitem> + <para> + PowerDNS has been updated from <literal>4.2.x</literal> to <literal>4.3.x</literal>. Please + be sure to review the <link xlink:href="https://doc.powerdns.com/authoritative/upgrading.html#x-to-4-3-0">Upgrade Notes</link> + provided by upstream before upgrading. Worth specifically noting is that the service now runs + entirely as a dedicated <literal>pdns</literal> user, instead of starting as <literal>root</literal> + and dropping privileges, as well as the default <literal>socket-dir</literal> location changing from + <literal>/var/lib/powerdns</literal> to <literal>/run/pdns</literal>. + </para> + </listitem> + <listitem> + <para> + <package>btc1</package> has been abandoned upstream, and removed. + </para> + </listitem> + <listitem> + <para> + <package>cpp_ethereum</package> (aleth) has been abandoned upstream, and removed. + </para> + </listitem> + <listitem> + <para> + <package>riak-cs</package> package removed along with <varname>services.riak-cs</varname> module. + </para> + </listitem> + <listitem> + <para> + <package>stanchion</package> package removed along with <varname>services.stanchion</varname> module. + </para> + </listitem> + <listitem> + <para> + <package>mutt</package> has been updated to a new major version (2.x), which comes with + some backward incompatible changes that are described in the + <link xlink:href="http://www.mutt.org/relnotes/2.0/">release notes for Mutt 2.0</link>. + </para> + </listitem> + <listitem> + <para> + <literal>vim</literal> switched to Python 3, dropping all Python 2 support. + </para> + </listitem> + <listitem> + <para> + <link linkend="opt-boot.zfs.forceImportAll">boot.zfs.forceImportAll</link> + previously did nothing, but has been fixed. However its default has been + changed to <literal>false</literal> to preserve the existing default + behaviour. If you have this explicitly set to <literal>true</literal>, + please note that your non-root pools will now be forcibly imported. + </para> + </listitem> + <listitem> + <para> + <package>openafs</package> now points to <package>openafs_1_8</package>, + which is the new stable release. OpenAFS 1.6 was removed. + </para> + </listitem> + <listitem> + <para> + The <literal>openldap</literal> module now has support for OLC-style + configuration, users of the <literal>configDir</literal> option may wish + to migrate. If you continue to use <literal>configDir</literal>, ensure that + <literal>olcPidFile</literal> is set to <literal>/run/slapd/slapd.pid</literal>. + </para> + <para> + As a result, <literal>extraConfig</literal> and <literal>extraDatabaseConfig</literal> + are removed. To help with migration, you can convert your <literal>slapd.conf</literal> + file to OLC configuration with the following script (find the location of this + configuration file by running <literal>systemctl status openldap</literal>, it is the + <literal>-f</literal> option. + </para> + <programlisting> + TMPDIR=$(mktemp -d) + slaptest -f /path/to/slapd.conf $TMPDIR + slapcat -F $TMPDIR -n0 -H 'ldap:///???(!(objectClass=olcSchemaConfig))' + </programlisting> + <para> + This will dump your current configuration in LDIF format, which should be + straightforward to convert into Nix settings. This does not show your schema + configuration, as this is unnecessarily verbose for users of the default schemas + and <literal>slaptest</literal> is buggy with schemas directly in the config file. + </para> + </listitem> + <listitem> + <para> + Amazon EC2 and OpenStack Compute (nova) images now re-fetch instance meta data and user data from the instance + metadata service (IMDS) on each boot. For example: stopping an EC2 instance, changing its user data, and + restarting the instance will now cause it to fetch and apply the new user data. + </para> + <warning> + <para> + Specifically, <literal>/etc/ec2-metadata</literal> is re-populated on each boot. Some NixOS scripts that read + from this directory are guarded to only run if the files they want to manipulate do not already exist, and so + will not re-apply their changes if the IMDS response changes. Examples: <literal>root</literal>'s SSH key is + only added if <literal>/root/.ssh/authorized_keys</literal> does not exist, and SSH host keys are only set from + user data if they do not exist in <literal>/etc/ssh</literal>. + </para> + </warning> + </listitem> + <listitem> + <para> + The <literal>rspamd</literal> services is now sandboxed. It is run as + a dynamic user instead of root, so secrets and other files may have to + be moved or their permissions may have to be fixed. The sockets are now + located in <literal>/run/rspamd</literal> instead of <literal>/run</literal>. + </para> + </listitem> </itemizedlist> </section> @@ -116,6 +288,88 @@ to <package>nextcloud20</package>. </para> </listitem> + <listitem> + <para> + The setting <xref linkend="opt-services.redis.bind" /> defaults to <literal>127.0.0.1</literal> now, making Redis listen on the loopback interface only, and not all public network interfaces. + </para> + </listitem> + <listitem> + <para> + NixOS now emits a deprecation warning if systemd's <literal>StartLimitInterval</literal> setting is used in a <literal>serviceConfig</literal> section instead of in a <literal>unitConfig</literal>; that setting is deprecated and now undocumented for the service section by systemd upstream, but still effective and somewhat buggy there, which can be confusing. See <link xlink:href="https://github.com/NixOS/nixpkgs/issues/45785">#45785</link> for details. + </para> + <para> + All services should use <xref linkend="opt-systemd.services._name_.startLimitIntervalSec" /> or <literal>StartLimitIntervalSec</literal> in <xref linkend="opt-systemd.services._name_.unitConfig" /> instead. + </para> + </listitem> + <listitem> + <para> + The Unbound DNS resolver service (<literal>services.unbound</literal>) has been refactored to allow reloading, control sockets and to fix startup ordering issues. + </para> + + <para> + It is now possible to enable a local UNIX control socket for unbound by setting the <xref linkend="opt-services.unbound.localControlSocketPath" /> + option. + </para> + + <para> + Previously we just applied a very minimal set of restrictions and + trusted unbound to properly drop root privs and capabilities. + </para> + + <para> + As of this we are (for the most part) just using the upstream + example unit file for unbound. The main difference is that we start + unbound as <literal>unbound</literal> user with the required capabilities instead of + letting unbound do the chroot & uid/gid changes. + </para> + + <para> + The upstream unit configuration this is based on is a lot stricter with + all kinds of permissions then our previous variant. It also came with + the default of having the <literal>Type</literal> set to <literal>notify</literal>, therefore we are now also + using the <literal>unbound-with-systemd</literal> package here. Unbound will start up, + read the configuration files and start listening on the configured ports + before systemd will declare the unit <literal>active (running)</literal>. + This will likely help with startup order and the occasional race condition during system + activation where the DNS service is started but not yet ready to answer + queries. Services depending on <literal>nss-lookup.target</literal> or <literal>unbound.service</literal> + are now be able to use unbound when those targets have been reached. + </para> + + <para> + Aditionally to the much stricter runtime environmet the + <literal>/dev/urandom</literal> mount lines we previously had in the code (that would + randomly failed during the stop-phase) have been removed as systemd will take care of those for us. + </para> + + <para> + The <literal>preStart</literal> script is now only required if we enabled the trust + anchor updates (which are still enabled by default). + </para> + + <para> + Another benefit of the refactoring is that we can now issue reloads via + either <literal>pkill -HUP unbound</literal> and <literal>systemctl reload unbound</literal> to reload the + running configuration without taking the daemon offline. A prerequisite + of this was that unbound configuration is available on a well known path + on the file system. We are using the path <literal>/etc/unbound/unbound.conf</literal> as that is the + default in the CLI tooling which in turn enables us to use + <literal>unbound-control</literal> without passing a custom configuration location. + </para> + </listitem> + <listitem> + <para> + NixOS now defaults to the unified cgroup hierarchy (cgroupsv2). + See the <link xlink:href="https://www.redhat.com/sysadmin/fedora-31-control-group-v2">Fedora Article for 31</link> + for details on why this is desirable, and how it impacts containers. + </para> + <para> + If you want to run containers with a runtime that does not yet support cgroupsv2, + you can switch back to the old behaviour by setting + <xref linkend="opt-systemd.enableUnifiedCgroupHierarchy"/> = <literal>false</literal>; + and rebooting. + </para> + </listitem> </itemizedlist> </section> </section> diff --git a/infra/libkookie/nixpkgs/nixos/doc/varlistentry-fixer.rb b/infra/libkookie/nixpkgs/nixos/doc/varlistentry-fixer.rb index 6c7cc1e6439b..02168016b554 100755 --- a/infra/libkookie/nixpkgs/nixos/doc/varlistentry-fixer.rb +++ b/infra/libkookie/nixpkgs/nixos/doc/varlistentry-fixer.rb @@ -15,8 +15,8 @@ require "rexml/document" include REXML if ARGV.length < 1 then - $stderr.puts "Needs a filename." - exit 1 + $stderr.puts "Needs a filename." + exit 1 end filename = ARGV.shift @@ -51,17 +51,17 @@ $touched = false # Generates: --optionnamevalue # ^^ ^^ doc.elements.each("//varlistentry/term") do |term| - ["varname", "function", "option", "replaceable"].each do |prev_name| - term.elements.each(prev_name) do |el| - if el.next_element and - el.next_element.name == "replaceable" and - el.next_sibling_node.class == Element - then - $touched = true - term.insert_after(el, Text.new(" ")) - end - end - end + ["varname", "function", "option", "replaceable"].each do |prev_name| + term.elements.each(prev_name) do |el| + if el.next_element and + el.next_element.name == "replaceable" and + el.next_sibling_node.class == Element + then + $touched = true + term.insert_after(el, Text.new(" ")) + end + end + end end @@ -75,17 +75,17 @@ end # Generates: -Ipath # ^^ doc.elements.each("//cmdsynopsis/arg") do |term| - ["option", "replaceable"].each do |prev_name| - term.elements.each(prev_name) do |el| - if el.next_element and - el.next_element.name == "replaceable" and - el.next_sibling_node.class == Element - then - $touched = true - term.insert_after(el, Text.new(" ")) - end - end - end + ["option", "replaceable"].each do |prev_name| + term.elements.each(prev_name) do |el| + if el.next_element and + el.next_element.name == "replaceable" and + el.next_sibling_node.class == Element + then + $touched = true + term.insert_after(el, Text.new(" ")) + end + end + end end # <cmdsynopsis> @@ -104,21 +104,21 @@ end # Generates: [{--profile-name | -p }name] # ^^^^ doc.elements.each("//cmdsynopsis/arg") do |term| - ["group"].each do |prev_name| - term.elements.each(prev_name) do |el| - if el.next_element and - el.next_element.name == "replaceable" and - el.next_sibling_node.class == Element - then - $touched = true - term.insert_after(el, Text.new(" ")) - end - end - end + ["group"].each do |prev_name| + term.elements.each(prev_name) do |el| + if el.next_element and + el.next_element.name == "replaceable" and + el.next_sibling_node.class == Element + then + $touched = true + term.insert_after(el, Text.new(" ")) + end + end + end end if $touched then - doc.context[:attribute_quote] = :quote - doc.write(output: File.open(filename, "w")) + doc.context[:attribute_quote] = :quote + doc.write(output: File.open(filename, "w")) end |