diff --git a/infra/libkookie/nixpkgs/unstable/.github/CODEOWNERS b/infra/libkookie/nixpkgs/unstable/.github/CODEOWNERS
index 557542772cf..b9f69a6ce7b 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/CODEOWNERS
+++ b/infra/libkookie/nixpkgs/unstable/.github/CODEOWNERS
@@ -48,6 +48,7 @@
/pkgs/build-support/writers @lassulus @Profpatsch
# Nixpkgs documentation
+/doc @fricklerhandwerk
/maintainers/scripts/db-to-md.sh @jtojnar @ryantm
/maintainers/scripts/doc @jtojnar @ryantm
/doc/build-aux/pandoc-filters @jtojnar
@@ -256,8 +257,8 @@
/pkgs/development/go-packages @kalbasit @Mic92 @zowoq
# GNOME
-/pkgs/desktops/gnome @jtojnar @hedning
-/pkgs/desktops/gnome/extensions @piegamesde @jtojnar @hedning
+/pkgs/desktops/gnome @jtojnar
+/pkgs/desktops/gnome/extensions @piegamesde @jtojnar
# Cinnamon
/pkgs/desktops/cinnamon @mkg20001
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/backport.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/backport.yml
index 4ee5adfaac1..53066456f98 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/backport.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/backport.yml
@@ -8,8 +8,14 @@ on:
# the GitHub repository. This means that it should not evaluate user input in a
# way that allows code injection.
+permissions:
+ contents: read
+
jobs:
backport:
+ permissions:
+ contents: write # for zeebe-io/backport-action to create branch
+ pull-requests: write # for zeebe-io/backport-action to create PR to backport
name: Backport Pull Request
if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name))
runs-on: ubuntu-latest
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/basic-eval.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/basic-eval.yml
index 9a196923cf4..2d31392caf4 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/basic-eval.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/basic-eval.yml
@@ -10,6 +10,9 @@ on:
# branches:
# - master
# - release-**
+permissions:
+ contents: read
+
jobs:
tests:
runs-on: ubuntu-latest
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/direct-push.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/direct-push.yml
index 082a4806e61..167253ac6db 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/direct-push.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/direct-push.yml
@@ -4,8 +4,13 @@ on:
branches:
- master
- release-**
+permissions:
+ contents: read
+
jobs:
build:
+ permissions:
+ contents: write # for peter-evans/commit-comment to comment on commit
runs-on: ubuntu-latest
if: github.repository_owner == 'NixOS'
env:
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/nixos-manual.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/nixos-manual.yml
index a77b9026042..5453513a53a 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/nixos-manual.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/nixos-manual.yml
@@ -23,4 +23,12 @@ jobs:
- name: Check DocBook files generated from Markdown are consistent
run: |
nixos/doc/manual/md-to-db.sh
- git diff --exit-code
+ git diff --exit-code || {
+ echo
+ echo 'Generated manual files are out of date.'
+ echo 'Please run'
+ echo
+ echo ' nixos/doc/manual/md-to-db.sh'
+ echo
+ exit 1
+ }
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/no-channel.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/no-channel.yml
index fb9a95851f0..90c38f22c00 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/no-channel.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/no-channel.yml
@@ -6,8 +6,13 @@ on:
- 'nixos-**'
- 'nixpkgs-**'
+permissions:
+ contents: read
+
jobs:
fail:
+ permissions:
+ contents: none
name: "This PR is is targeting a channel branch"
runs-on: ubuntu-latest
steps:
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/pending-clear.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/pending-clear.yml
index d06b1e2143f..7e8960597e5 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/pending-clear.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/pending-clear.yml
@@ -4,8 +4,13 @@ on:
check_suite:
types: [ completed ]
+permissions:
+ contents: read
+
jobs:
action:
+ permissions:
+ statuses: write
runs-on: ubuntu-latest
steps:
- name: clear pending status
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/pending-set.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/pending-set.yml
index b15e4847e67..0dc3031d87c 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/pending-set.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/pending-set.yml
@@ -8,8 +8,13 @@ on:
# the GitHub repository. This means that it should not evaluate user input in a
# way that allows code injection.
+permissions:
+ contents: read
+
jobs:
action:
+ permissions:
+ statuses: write
runs-on: ubuntu-latest
steps:
- name: set pending status
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/periodic-merge-24h.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/periodic-merge-24h.yml
index da785a8d162..2eec69f6525 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/periodic-merge-24h.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/periodic-merge-24h.yml
@@ -14,8 +14,14 @@ on:
# Merge every 24 hours
- cron: '0 0 * * *'
+permissions:
+ contents: read
+
jobs:
periodic-merge:
+ permissions:
+ contents: write # for devmasx/merge-branch to merge branches
+ issues: write # for peter-evans/create-or-update-comment to create or update comment
if: github.repository_owner == 'NixOS'
runs-on: ubuntu-latest
strategy:
@@ -28,10 +34,6 @@ jobs:
pairs:
- from: master
into: haskell-updates
- - from: release-21.11
- into: staging-next-21.11
- - from: staging-next-21.11
- into: staging-21.11
- from: release-22.05
into: staging-next-22.05
- from: staging-next-22.05
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/periodic-merge-6h.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/periodic-merge-6h.yml
index 5588d216ea0..bcc9f488358 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/periodic-merge-6h.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/periodic-merge-6h.yml
@@ -14,8 +14,14 @@ on:
# Merge every 6 hours
- cron: '0 */6 * * *'
+permissions:
+ contents: read
+
jobs:
periodic-merge:
+ permissions:
+ contents: write # for devmasx/merge-branch to merge branches
+ issues: write # for peter-evans/create-or-update-comment to create or update comment
if: github.repository_owner == 'NixOS'
runs-on: ubuntu-latest
strategy:
diff --git a/infra/libkookie/nixpkgs/unstable/.github/workflows/update-terraform-providers.yml b/infra/libkookie/nixpkgs/unstable/.github/workflows/update-terraform-providers.yml
index 8bd82acbe79..1650f537b7b 100644
--- a/infra/libkookie/nixpkgs/unstable/.github/workflows/update-terraform-providers.yml
+++ b/infra/libkookie/nixpkgs/unstable/.github/workflows/update-terraform-providers.yml
@@ -2,11 +2,18 @@ name: "Update terraform-providers"
on:
schedule:
- - cron: "14 3 * * 1"
+ - cron: "14 3 * * 0"
workflow_dispatch:
+permissions:
+ contents: read
+
jobs:
tf-providers:
+ permissions:
+ contents: write # for peter-evans/create-pull-request to create branch
+ issues: write # for peter-evans/create-or-update-comment to create or update comment
+ pull-requests: write # for peter-evans/create-pull-request to create a PR
if: github.repository_owner == 'NixOS' && github.ref == 'refs/heads/master' # ensure workflow_dispatch only runs on master
runs-on: ubuntu-latest
steps:
@@ -32,7 +39,7 @@ jobs:
Check that all providers build with:
```
- @ofborg build terraform-full
+ @ofborg build terraform.full
```
branch: terraform-providers-update
delete-branch: false
diff --git a/infra/libkookie/nixpkgs/unstable/doc/builders/images/dockertools.section.md b/infra/libkookie/nixpkgs/unstable/doc/builders/images/dockertools.section.md
index d7f8741437c..2a41d48cf13 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/builders/images/dockertools.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/builders/images/dockertools.section.md
@@ -20,7 +20,12 @@ buildImage {
fromImageName = null;
fromImageTag = "latest";
- contents = pkgs.redis;
+ copyToRoot = pkgs.buildEnv {
+ name = "image-root";
+ paths = [ pkgs.redis ];
+ pathsToLink = [ "/bin" ];
+ };
+
runAsRoot = ''
#!${pkgs.runtimeShell}
mkdir -p /data
@@ -46,7 +51,7 @@ The above example will build a Docker image `redis/latest` from the given base i
- `fromImageTag` can be used to further specify the tag of the base image within the repository, in case an image contains multiple tags. By default it's `null`, in which case `buildImage` will peek the first tag available for the base image.
-- `contents` is a derivation that will be copied in the new layer of the resulting image. This can be similarly seen as `ADD contents/ /` in a `Dockerfile`. By default it's `null`.
+- `copyToRoot` is a derivation that will be copied in the new layer of the resulting image. This can be similarly seen as `ADD contents/ /` in a `Dockerfile`. By default it's `null`.
- `runAsRoot` is a bash script that will run as root in an environment that overlays the existing layers of the base image with the new resulting layer, including the previously copied `contents` derivation. This can be similarly seen as `RUN ...` in a `Dockerfile`.
@@ -81,7 +86,11 @@ pkgs.dockerTools.buildImage {
name = "hello";
tag = "latest";
created = "now";
- contents = pkgs.hello;
+ copyToRoot = pkgs.buildEnv {
+ name = "image-root";
+ paths = [ pkgs.hello ];
+ pathsToLink = [ "/bin" ];
+ };
config.Cmd = [ "/bin/hello" ];
}
diff --git a/infra/libkookie/nixpkgs/unstable/doc/builders/packages/unfree.xml b/infra/libkookie/nixpkgs/unstable/doc/builders/packages/unfree.xml
deleted file mode 100644
index 3d4f199f8fb..00000000000
--- a/infra/libkookie/nixpkgs/unstable/doc/builders/packages/unfree.xml
+++ /dev/null
@@ -1,13 +0,0 @@
-
- Unfree software
-
-
- All users of Nixpkgs are free software users, and many users (and developers) of Nixpkgs want to limit and tightly control their exposure to unfree software. At the same time, many users need (or want) to run some specific pieces of proprietary software. Nixpkgs includes some expressions for unfree software packages. By default unfree software cannot be installed and doesn’t show up in searches. To allow installing unfree software in a single Nix invocation one can export NIXPKGS_ALLOW_UNFREE=1. For a persistent solution, users can set allowUnfree in the Nixpkgs configuration.
-
-
-
- Fine-grained control is possible by defining allowUnfreePredicate function in config; it takes the mkDerivation parameter attrset and returns true for unfree packages that should be allowed.
-
-
diff --git a/infra/libkookie/nixpkgs/unstable/doc/contributing/submitting-changes.chapter.md b/infra/libkookie/nixpkgs/unstable/doc/contributing/submitting-changes.chapter.md
index 471e45d7dfb..d1aa701f0b3 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/contributing/submitting-changes.chapter.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/contributing/submitting-changes.chapter.md
@@ -167,24 +167,30 @@ Packages with automated tests are much more likely to be merged in a timely fash
### Tested compilation of all pkgs that depend on this change using `nixpkgs-review` {#submitting-changes-tested-compilation}
-If you are updating a package’s version, you can use nixpkgs-review to make sure all packages that depend on the updated package still compile correctly. The `nixpkgs-review` utility can look for and build all dependencies either based on uncommited changes with the `wip` option or specifying a github pull request number.
+If you are updating a package’s version, you can use `nixpkgs-review` to make sure all packages that depend on the updated package still compile correctly. The `nixpkgs-review` utility can look for and build all dependencies either based on uncommitted changes with the `wip` option or specifying a GitHub pull request number.
-review changes from pull request number 12345:
+Review changes from pull request number 12345:
```ShellSession
-nix run nixpkgs.nixpkgs-review -c nixpkgs-review pr 12345
+nix-shell -p nixpkgs-review --run "nixpkgs-review pr 12345"
```
-review uncommitted changes:
+Alternatively, with flakes (and analogously for the other commands below):
```ShellSession
-nix run nixpkgs.nixpkgs-review -c nixpkgs-review wip
+nix run nixpkgs#nixpkgs-review -- pr 12345
```
-review changes from last commit:
+Review uncommitted changes:
```ShellSession
-nix run nixpkgs.nixpkgs-review -c nixpkgs-review rev HEAD
+nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
+```
+
+Review changes from last commit:
+
+```ShellSession
+nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
```
### Tested execution of all binary files (usually in `./result/bin/`) {#submitting-changes-tested-execution}
diff --git a/infra/libkookie/nixpkgs/unstable/doc/doc-support/parameters.xml b/infra/libkookie/nixpkgs/unstable/doc/doc-support/parameters.xml
index e4b33e66ee4..8b413dcd337 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/doc-support/parameters.xml
+++ b/infra/libkookie/nixpkgs/unstable/doc/doc-support/parameters.xml
@@ -11,4 +11,5 @@
+
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/coq.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/coq.section.md
index 80d8566f804..901332a7d34 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/coq.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/coq.section.md
@@ -5,9 +5,11 @@
The Coq derivation is overridable through the `coq.override overrides`, where overrides is an attribute set which contains the arguments to override. We recommend overriding either of the following
* `version` (optional, defaults to the latest version of Coq selected for nixpkgs, see `pkgs/top-level/coq-packages` to witness this choice), which follows the conventions explained in the `coqPackages` section below,
-* `customOCamlPackage` (optional, defaults to `null`, which lets Coq choose a version automatically), which can be set to any of the ocaml packages attribute of `ocaml-ng` (such as `ocaml-ng.ocamlPackages_4_10` which is the default for Coq 8.11 for example).
+* `customOCamlPackages` (optional, defaults to `null`, which lets Coq choose a version automatically), which can be set to any of the ocaml packages attribute of `ocaml-ng` (such as `ocaml-ng.ocamlPackages_4_10` which is the default for Coq 8.11 for example).
* `coq-version` (optional, defaults to the short version e.g. "8.10"), is a version number of the form "x.y" that indicates which Coq's version build behavior to mimic when using a source which is not a release. E.g. `coq.override { version = "d370a9d1328a4e1cdb9d02ee032f605a9d94ec7a"; coq-version = "8.10"; }`.
+The associated package set can be optained using `mkCoqPackages coq`, where `coq` is the derivation to use.
+
## Coq packages attribute sets: `coqPackages` {#coq-packages-attribute-sets-coqpackages}
The recommended way of defining a derivation for a Coq library, is to use the `coqPackages.mkCoqDerivation` function, which is essentially a specialization of `mkDerivation` taking into account most of the specifics of Coq libraries. The following attributes are supported:
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/dotnet.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/dotnet.section.md
index 408446674e9..4c245a7544e 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/dotnet.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/dotnet.section.md
@@ -87,6 +87,7 @@ To package Dotnet applications, you can use `buildDotnetModule`. This has simila
* `executables` is used to specify which executables get wrapped to `$out/bin`, relative to `$out/lib/$pname`. If this is unset, all executables generated will get installed. If you do not want to install any, set this to `[]`. This gets done in the `preFixup` phase.
* `runtimeDeps` is used to wrap libraries into `LD_LIBRARY_PATH`. This is how dotnet usually handles runtime dependencies.
* `buildType` is used to change the type of build. Possible values are `Release`, `Debug`, etc. By default, this is set to `Release`.
+* `selfContainedBuild` allows to enable the [self-contained](https://docs.microsoft.com/en-us/dotnet/core/deploying/#publish-self-contained) build flag. By default, it is set to false and generated applications have a dependency on the selected dotnet runtime. If enabled, the dotnet runtime is bundled into the executable and the built app has no dependency on Dotnet.
* `dotnet-sdk` is useful in cases where you need to change what dotnet SDK is being used.
* `dotnet-runtime` is useful in cases where you need to change what dotnet runtime is being used. This can be either a regular dotnet runtime, or an aspnetcore.
* `dotnet-test-sdk` is useful in cases where unit tests expect a different dotnet SDK. By default, this is set to the `dotnet-sdk` attribute.
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/go.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/go.section.md
index 9c67a514335..8616d64e7c4 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/go.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/go.section.md
@@ -11,8 +11,8 @@ The function `buildGoModule` builds Go programs managed with Go modules. It buil
In the following is an example expression using `buildGoModule`, the following arguments are of special significance to the function:
-- `vendorSha256`: is the hash of the output of the intermediate fetcher derivation. `vendorSha256` can also take `null` as an input. When `null` is used as a value, rather than fetching the dependencies and vendoring them, we use the vendoring included within the source repo. If you'd like to not have to update this field on dependency changes, run `go mod vendor` in your source repo and set `vendorSha256 = null;`
-- `proxyVendor`: Fetches (go mod download) and proxies the vendor directory. This is useful if your code depends on c code and go mod tidy does not include the needed sources to build or if any dependency has case-insensitive conflicts which will produce platform dependant `vendorSha256` checksums.
+- `vendorHash`: is the hash of the output of the intermediate fetcher derivation. `vendorHash` can also take `null` as an input. When `null` is used as a value, rather than fetching the dependencies and vendoring them, we use the vendoring included within the source repo. If you'd like to not have to update this field on dependency changes, run `go mod vendor` in your source repo and set `vendorHash = null;`
+- `proxyVendor`: Fetches (go mod download) and proxies the vendor directory. This is useful if your code depends on c code and go mod tidy does not include the needed sources to build or if any dependency has case-insensitive conflicts which will produce platform dependant `vendorHash` checksums.
```nix
pet = buildGoModule rec {
@@ -26,7 +26,7 @@ pet = buildGoModule rec {
sha256 = "0m2fzpqxk7hrbxsgqplkg7h2p7gv6s1miymv3gvw0cz039skag0s";
};
- vendorSha256 = "1879j77k96684wi554rkjxydrj8g3hpp0kvxz03sd8dmwr3lh83j";
+ vendorHash = "sha256-ciBIR+a1oaYH+H1PcC8cD8ncfJczk1IiJ8iYNM+R6aA=";
meta = with lib; {
description = "Simple command-line snippet manager, written in Go";
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/javascript.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/javascript.section.md
index 19e31ea6902..9d16b951e8d 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/javascript.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/javascript.section.md
@@ -180,18 +180,27 @@ See `node2nix` [docs](https://github.com/svanderburg/node2nix) for more info.
#### Preparation {#javascript-yarn2nix-preparation}
-You will need at least a yarn.lock and yarn.nix file.
+You will need at least a `yarn.lock` file. If upstream does not have one you need to generate it and reference it in your package definition.
-- Generate a yarn.lock in upstream if it is not already there.
-- `yarn2nix > yarn.nix` will generate the dependencies in a Nix format.
+If the downloaded files contain the `package.json` and `yarn.lock` files they can be used like this:
+
+```nix
+offlineCache = fetchYarnDeps {
+ yarnLock = src + "/yarn.lock";
+ sha256 = "....";
+};
+```
#### mkYarnPackage {#javascript-yarn2nix-mkYarnPackage}
-This will by default try to generate a binary. For package only generating static assets (Svelte, Vue, React...), you will need to explicitly override the build step with your instructions. It's important to use the `--offline` flag. For example if you script is `"build": "something"` in package.json use:
+`mkYarnPackage` will by default try to generate a binary. For package only generating static assets (Svelte, Vue, React, WebPack, ...), you will need to explicitly override the build step with your instructions.
+
+It's important to use the `--offline` flag. For example if you script is `"build": "something"` in `package.json` use:
```nix
buildPhase = ''
- yarn build --offline
+ export HOME=$(mktemp -d)
+ yarn --offline build
'';
```
@@ -201,15 +210,27 @@ The dist phase is also trying to build a binary, the only way to override it is
distPhase = "true";
```
-The configure phase can sometimes fail because it tries to be too clever. One common override is:
+The configure phase can sometimes fail because it makes many assumptions which may not always apply. One common override is:
+
+```nix
+configurePhase = ''
+ ln -s $node_modules node_modules
+'';
+```
+
+or if you need a writeable node_modules directory:
```nix
-configurePhase = "ln -s $node_modules node_modules";
+configurePhase = ''
+ cp -r $node_modules node_modules
+ chmod +w node_modules
+'';
```
#### mkYarnModules {#javascript-yarn2nix-mkYarnModules}
-This will generate a derivation including the node_modules. If you have to build a derivation for an integrated web framework (rails, phoenix..), this is probably the easiest way. [Plausible](https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/web-apps/plausible/default.nix#L39) offers a good example of how to do this.
+This will generate a derivation including the `node_modules` directory.
+If you have to build a derivation for an integrated web framework (rails, phoenix..), this is probably the easiest way.
#### Overriding dependency behavior
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/maven.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/maven.section.md
index f53a6fa8ac2..cc5b4e3ed79 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/maven.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/maven.section.md
@@ -233,7 +233,8 @@ in stdenv.mkDerivation rec {
src = builtins.fetchTarball
"https://github.com/fzakaria/nixos-maven-example/archive/main.tar.gz";
- buildInputs = [ maven makeWrapper ];
+ nativeBuildInputs = [ makeWrapper ];
+ buildInputs = [ maven ];
buildPhase = ''
echo "Using repository ${repository}"
@@ -310,7 +311,8 @@ in stdenv.mkDerivation rec {
src = builtins.fetchTarball
"https://github.com/fzakaria/nixos-maven-example/archive/main.tar.gz";
- buildInputs = [ maven makeWrapper ];
+ nativeBuildInputs = [ makeWrapper ];
+ buildInputs = [ maven ];
buildPhase = ''
echo "Using repository ${repository}"
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/perl.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/perl.section.md
index 9bfd209fec5..28a78cc2344 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/perl.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/perl.section.md
@@ -1,6 +1,6 @@
# Perl {#sec-language-perl}
-## Running perl programs on the shell {#ssec-perl-running}
+## Running Perl programs on the shell {#ssec-perl-running}
When executing a Perl script, it is possible you get an error such as `./myscript.pl: bad interpreter: /usr/bin/perl: no such file or directory`. This happens when the script expects Perl to be installed at `/usr/bin/perl`, which is not the case when using Perl from nixpkgs. You can fix the script by changing the first line to:
@@ -35,15 +35,16 @@ Perl packages from CPAN are defined in [pkgs/top-level/perl-packages.nix](https:
```nix
ClassC3 = buildPerlPackage rec {
- name = "Class-C3-0.21";
+ pname = "Class-C3";
+ version = "0.21";
src = fetchurl {
- url = "mirror://cpan/authors/id/F/FL/FLORA/${name}.tar.gz";
+ url = "mirror://cpan/authors/id/F/FL/FLORA/${pname}-${version}.tar.gz";
sha256 = "1bl8z095y4js66pwxnm7s853pi9czala4sqc743fdlnk27kq94gz";
};
};
```
-Note the use of `mirror://cpan/`, and the `${name}` in the URL definition to ensure that the name attribute is consistent with the source that we’re actually downloading. Perl packages are made available in `all-packages.nix` through the variable `perlPackages`. For instance, if you have a package that needs `ClassC3`, you would typically write
+Note the use of `mirror://cpan/`, and the `pname` and `version` in the URL definition to ensure that the `pname` attribute is consistent with the source that we’re actually downloading. Perl packages are made available in `all-packages.nix` through the variable `perlPackages`. For instance, if you have a package that needs `ClassC3`, you would typically write
```nix
foo = import ../path/to/foo.nix {
@@ -72,10 +73,11 @@ So what does `buildPerlPackage` do? It does the following:
{ buildPerlPackage, fetchurl, db }:
buildPerlPackage rec {
- name = "BerkeleyDB-0.36";
+ pname = "BerkeleyDB";
+ version = "0.36";
src = fetchurl {
- url = "mirror://cpan/authors/id/P/PM/PMQS/${name}.tar.gz";
+ url = "mirror://cpan/authors/id/P/PM/PMQS/${pname}-${version}.tar.gz";
sha256 = "07xf50riarb60l1h6m2dqmql8q5dij619712fsgw7ach04d8g3z1";
};
@@ -90,9 +92,10 @@ Dependencies on other Perl packages can be specified in the `buildInputs` and `p
```nix
ClassC3Componentised = buildPerlPackage rec {
- name = "Class-C3-Componentised-1.0004";
+ pname = "Class-C3-Componentised";
+ version = "1.0004";
src = fetchurl {
- url = "mirror://cpan/authors/id/A/AS/ASH/${name}.tar.gz";
+ url = "mirror://cpan/authors/id/A/AS/ASH/${pname}-${version}.tar.gz";
sha256 = "0xql73jkcdbq4q9m0b0rnca6nrlvf5hyzy8is0crdk65bynvs8q1";
};
propagatedBuildInputs = [
@@ -111,7 +114,7 @@ ImageExifTool = buildPerlPackage {
version = "11.50";
src = fetchurl {
- url = "https://www.sno.phy.queensu.ca/~phil/exiftool/Image-ExifTool-11.50.tar.gz";
+ url = "https://www.sno.phy.queensu.ca/~phil/exiftool/${pname}-${version}.tar.gz";
sha256 = "0d8v48y94z8maxkmw1rv7v9m0jg2dc8xbp581njb6yhr7abwqdv3";
};
@@ -139,9 +142,10 @@ This program takes a Perl module name, looks it up on CPAN, fetches and unpacks
```ShellSession
$ nix-generate-from-cpan XML::Simple
XMLSimple = buildPerlPackage rec {
- name = "XML-Simple-2.22";
+ pname = "XML-Simple";
+ version = "2.22";
src = fetchurl {
- url = "mirror://cpan/authors/id/G/GR/GRANTM/${name}.tar.gz";
+ url = "mirror://cpan/authors/id/G/GR/GRANTM/XML-Simple-2.22.tar.gz";
sha256 = "b9450ef22ea9644ae5d6ada086dc4300fa105be050a2030ebd4efd28c198eb49";
};
propagatedBuildInputs = [ XMLNamespaceSupport XMLSAX XMLSAXExpat ];
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/python.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/python.section.md
index 09e177c7a48..7df8464917c 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/python.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/python.section.md
@@ -602,10 +602,10 @@ been removed, in this case, it's recommended to use `pytestCheckHook`.
#### Using pytestCheckHook {#using-pytestcheckhook}
`pytestCheckHook` is a convenient hook which will substitute the setuptools
-`test` command for a checkPhase which runs `pytest`. This is also beneficial
+`test` command for a `checkPhase` which runs `pytest`. This is also beneficial
when a package may need many items disabled to run the test suite.
-Using the example above, the analagous pytestCheckHook usage would be:
+Using the example above, the analagous `pytestCheckHook` usage would be:
```
checkInputs = [ pytestCheckHook ];
@@ -624,7 +624,7 @@ Using the example above, the analagous pytestCheckHook usage would be:
];
```
-This is expecially useful when tests need to be conditionallydisabled,
+This is expecially useful when tests need to be conditionally disabled,
for example:
```
@@ -640,31 +640,35 @@ for example:
"socket"
];
```
-Trying to concatenate the related strings to disable tests in a regular checkPhase
-would be much harder to read. This also enables us to comment on why specific tests
-are disabled.
+
+Trying to concatenate the related strings to disable tests in a regular
+`checkPhase` would be much harder to read. This also enables us to comment on
+why specific tests are disabled.
#### Using pythonImportsCheck {#using-pythonimportscheck}
-Although unit tests are highly prefered to validate correctness of a package, not
-all packages have test suites that can be ran easily, and some have none at all.
+Although unit tests are highly preferred to validate correctness of a package, not
+all packages have test suites that can be run easily, and some have none at all.
To help ensure the package still works, `pythonImportsCheck` can attempt to import
the listed modules.
```
pythonImportsCheck = [ "requests" "urllib" ];
```
+
roughly translates to:
+
```
postCheck = ''
PYTHONPATH=$out/${python.sitePackages}:$PYTHONPATH
python -c "import requests; import urllib"
'';
```
-However, this is done in it's own phase, and not dependent on whether `doCheck = true;`
+
+However, this is done in its own phase, and not dependent on whether `doCheck = true;`.
This can also be useful in verifying that the package doesn't assume commonly
-present packages (e.g. `setuptools`)
+present packages (e.g. `setuptools`).
#### Using pythonRelaxDepsHook {#using-pythonrelaxdepshook}
@@ -719,7 +723,7 @@ pkg3
```
In general you should always use `pythonRelaxDeps`, because `pythonRemoveDeps`
-will convert build errors in runtime errors. However `pythonRemoveDeps` may
+will convert build errors into runtime errors. However `pythonRemoveDeps` may
still be useful in exceptional cases, and also to remove dependencies wrongly
declared by upstream (for example, declaring `black` as a runtime dependency
instead of a dev dependency).
@@ -738,14 +742,14 @@ creates a special link to the project code. That way, you can run updated code
without having to reinstall after each and every change you make. Development
mode is also available. Let's see how you can use it.
-In the previous Nix expression the source was fetched from an url. We can also
+In the previous Nix expression the source was fetched from a url. We can also
refer to a local source instead using `src = ./path/to/source/tree;`
If we create a `shell.nix` file which calls `buildPythonPackage`, and if `src`
is a local source, and if the local source has a `setup.py`, then development
mode is activated.
-In the following example we create a simple environment that has a Python 3.9
+In the following example, we create a simple environment that has a Python 3.9
version of our package in it, as well as its dependencies and other packages we
like to have in the environment, all specified with `propagatedBuildInputs`.
Indeed, we can just add any package we like to have in our environment to
@@ -862,7 +866,7 @@ Each interpreter has the following attributes:
### Optimizations {#optimizations}
-The Python interpreters are by default not build with optimizations enabled, because
+The Python interpreters are by default not built with optimizations enabled, because
the builds are in that case not reproducible. To enable optimizations, override the
interpreter of interest, e.g using
@@ -913,7 +917,7 @@ and the aliases
#### `buildPythonPackage` function {#buildpythonpackage-function}
The `buildPythonPackage` function is implemented in
-`pkgs/development/interpreters/python/mk-python-derivation`
+`pkgs/development/interpreters/python/mk-python-derivation.nix`
using setup hooks.
The following is an example:
@@ -954,7 +958,7 @@ The `buildPythonPackage` mainly does four things:
* In the `postFixup` phase, the `wrapPythonPrograms` bash function is called to
wrap all programs in the `$out/bin/*` directory to include `$PATH`
environment variable and add dependent libraries to script's `sys.path`.
-* In the `installCheck` phase, `${python.interpreter} setup.py test` is ran.
+* In the `installCheck` phase, `${python.interpreter} setup.py test` is run.
By default tests are run because `doCheck = true`. Test dependencies, like
e.g. the test runner, should be added to `checkInputs`.
@@ -969,7 +973,7 @@ following are specific to `buildPythonPackage`:
* `catchConflicts ? true`: If `true`, abort package build if a package name
appears more than once in dependency tree. Default is `true`.
-* `disabled` ? false: If `true`, package is not built for the particular Python
+* `disabled ? false`: If `true`, package is not built for the particular Python
interpreter version.
* `dontWrapPythonPrograms ? false`: Skip wrapping of Python programs.
* `permitUserSite ? false`: Skip setting the `PYTHONNOUSERSITE` environment
@@ -1421,7 +1425,8 @@ in newpkgs.inkscape
### `python setup.py bdist_wheel` cannot create .whl {#python-setup.py-bdist_wheel-cannot-create-.whl}
-Executing `python setup.py bdist_wheel` in a `nix-shell `fails with
+Executing `python setup.py bdist_wheel` in a `nix-shell`fails with
+
```
ValueError: ZIP does not support timestamps before 1980
```
@@ -1513,7 +1518,7 @@ in pkgs.mkShell rec {
# the environment.
pythonPackages.python
- # This execute some shell code to initialize a venv in $venvDir before
+ # This executes some shell code to initialize a venv in $venvDir before
# dropping into the shell
pythonPackages.venvShellHook
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/ruby.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/ruby.section.md
index e29f97c566c..d1265097d20 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/ruby.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/ruby.section.md
@@ -274,7 +274,7 @@ bundlerApp {
gemdir = ./.;
exes = [ "r10k" ];
- buildInputs = [ makeWrapper ];
+ nativeBuildInputs = [ makeWrapper ];
postBuild = ''
wrapProgram $out/bin/r10k --prefix PATH : ${lib.makeBinPath [ git gnutar gzip ]}
diff --git a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/vim.section.md b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/vim.section.md
index 6d7efe455b1..ec0e6038915 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/vim.section.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/languages-frameworks/vim.section.md
@@ -5,11 +5,9 @@ and additional libraries.
Loading can be deferred; see examples.
-At the moment we support three different methods for managing plugins:
+At the moment we support two different methods for managing plugins:
-- Vim packages (*recommend*)
-- VAM (=vim-addon-manager)
-- Pathogen
+- Vim packages (*recommended*)
- vim-plug
## Custom configuration {#custom-configuration}
@@ -45,7 +43,7 @@ neovim.override {
```
If you want to use `neovim-qt` as a graphical editor, you can configure it by overriding Neovim in an overlay
-or passing it an overridden Neovimn:
+or passing it an overridden Neovim:
```nix
neovim-qt.override {
@@ -61,7 +59,7 @@ neovim-qt.override {
## Managing plugins with Vim packages {#managing-plugins-with-vim-packages}
-To store you plugins in Vim packages (the native Vim plugin manager, see `:help packages`) the following example can be used:
+To store your plugins in Vim packages (the native Vim plugin manager, see `:help packages`) the following example can be used:
```nix
vim_configurable.customize {
@@ -110,7 +108,7 @@ The resulting package can be added to `packageOverrides` in `~/.nixpkgs/config.n
};
myNeovim = neovim.override {
configure = {
- # add here code from the example section
+ # add code from the example section here
};
};
};
@@ -158,10 +156,10 @@ in
```
### Specificities for some plugins
-#### Tree sitter
+#### Treesitter
By default `nvim-treesitter` encourages you to download, compile and install
-the required tree-sitter grammars at run time with `:TSInstall`. This works
+the required Treesitter grammars at run time with `:TSInstall`. This works
poorly on NixOS. Instead, to install the `nvim-treesitter` plugins with a set
of precompiled grammars, you can use `nvim-treesitter.withPlugins` function:
@@ -204,7 +202,7 @@ For Neovim the syntax is:
neovim.override {
configure = {
customRC = ''
- # here your custom configuration goes!
+ # your custom configuration goes here!
'';
plug.plugins = with pkgs.vimPlugins; [
vim-go
@@ -213,100 +211,6 @@ neovim.override {
}
```
-## Managing plugins with VAM {#managing-plugins-with-vam}
-
-### Handling dependencies of Vim plugins {#handling-dependencies-of-vim-plugins}
-
-VAM introduced .json files supporting dependencies without versioning
-assuming that "using latest version" is ok most of the time.
-
-### Example {#example}
-
-First create a vim-scripts file having one plugin name per line. Example:
-
-```vim
-"tlib"
-{'name': 'vim-addon-sql'}
-{'filetype_regex': '\%(vim)$', 'names': ['reload', 'vim-dev-plugin']}
-```
-
-Such vim-scripts file can be read by VAM as well like this:
-
-```vim
-call vam#Scripts(expand('~/.vim-scripts'), {})
-```
-
-Create a default.nix file:
-
-```nix
-{ nixpkgs ? import {}, compiler ? "ghc7102" }:
-nixpkgs.vim_configurable.customize { name = "vim"; vimrcConfig.vam.pluginDictionaries = [ "vim-addon-vim2nix" ]; }
-```
-
-Create a generate.vim file:
-
-```vim
-ActivateAddons vim-addon-vim2nix
-let vim_scripts = "vim-scripts"
-call nix#ExportPluginsForNix({
-\ 'path_to_nixpkgs': eval('{"'.substitute(substitute(substitute($NIX_PATH, ':', ',', 'g'), '=',':', 'g'), '\([:,]\)', '"\1"',"g").'"}')["nixpkgs"],
-\ 'cache_file': '/tmp/vim2nix-cache',
-\ 'try_catch': 0,
-\ 'plugin_dictionaries': ["vim-addon-manager"]+map(readfile(vim_scripts), 'eval(v:val)')
-\ })
-```
-
-Then run
-
-```bash
-nix-shell -p vimUtils.vim_with_vim2nix --command "vim -c 'source generate.vim'"
-```
-
-You should get a Vim buffer with the nix derivations (output1) and vam.pluginDictionaries (output2).
-You can add your Vim to your system's configuration file like this and start it by "vim-my":
-
-```nix
-my-vim =
- let plugins = let inherit (vimUtils) buildVimPluginFrom2Nix; in {
- copy paste output1 here
- }; in vim_configurable.customize {
- name = "vim-my";
-
- vimrcConfig.vam.knownPlugins = plugins; # optional
- vimrcConfig.vam.pluginDictionaries = [
- copy paste output2 here
- ];
-
- };
-```
-
-Sample output1:
-
-```nix
-"reload" = buildVimPluginFrom2Nix { # created by nix#NixDerivation
- name = "reload";
- src = fetchgit {
- url = "https://github.com/xolox/vim-reload";
- rev = "0a601a668727f5b675cb1ddc19f6861f3f7ab9e1";
- sha256 = "0vb832l9yxj919f5hfg6qj6bn9ni57gnjd3bj7zpq7d4iv2s4wdh";
- };
- dependencies = ["nim-misc"];
-
-};
-[...]
-```
-
-Sample output2:
-
-```nix
-[
- ''vim-addon-manager''
- ''tlib''
- { "name" = ''vim-addon-sql''; }
- { "filetype_regex" = ''\%(vim)$$''; "names" = [ ''reload'' ''vim-dev-plugin'' ]; }
-]
-```
-
## Adding new plugins to nixpkgs {#adding-new-plugins-to-nixpkgs}
Nix expressions for Vim plugins are stored in [pkgs/applications/editors/vim/plugins](https://github.com/NixOS/nixpkgs/tree/master/pkgs/applications/editors/vim/plugins). For the vast majority of plugins, Nix expressions are automatically generated by running [`./update.py`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/editors/vim/plugins/update.py). This creates a [generated.nix](https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/editors/vim/plugins/generated.nix) file based on the plugins listed in [vim-plugin-names](https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/editors/vim/plugins/vim-plugin-names). Plugins are listed in alphabetical order in `vim-plugin-names` using the format `[github username]/[repository]@[gitref]`. For example https://github.com/scrooloose/nerdtree becomes `scrooloose/nerdtree`.
@@ -323,7 +227,7 @@ Sometimes plugins require an override that must be changed when the plugin is up
To add a new plugin, run `./update.py --add "[owner]/[name]"`. **NOTE**: This script automatically commits to your git repository. Be sure to check out a fresh branch before running.
-Finally, there are some plugins that are also packaged in nodePackages because they have Javascript-related build steps, such as running webpack. Those plugins are not listed in `vim-plugin-names` or managed by `update.py` at all, and are included separately in `overrides.nix`. Currently, all these plugins are related to the `coc.nvim` ecosystem of Language Server Protocol integration with vim/neovim.
+Finally, there are some plugins that are also packaged in nodePackages because they have Javascript-related build steps, such as running webpack. Those plugins are not listed in `vim-plugin-names` or managed by `update.py` at all, and are included separately in `overrides.nix`. Currently, all these plugins are related to the `coc.nvim` ecosystem of the Language Server Protocol integration with vim/neovim.
## Updating plugins in nixpkgs {#updating-plugins-in-nixpkgs}
diff --git a/infra/libkookie/nixpkgs/unstable/doc/stdenv/cross-compilation.chapter.md b/infra/libkookie/nixpkgs/unstable/doc/stdenv/cross-compilation.chapter.md
index 7b8f2b4ce6c..0eff70de5ca 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/stdenv/cross-compilation.chapter.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/stdenv/cross-compilation.chapter.md
@@ -155,14 +155,14 @@ doCheck = stdenv.hostPlatform == stdenv.buildPlatform;
#### Package using Meson needs to run binaries for the host platform during build. {#cross-meson-runs-host-code}
-Add `mesonEmulatorHook` cross conditionally to `nativeBuildInputs`.
+Add `mesonEmulatorHook` to `nativeBuildInputs` conditionally on if the target binaries can be executed.
e.g.
```
nativeBuildInputs = [
meson
-] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [
+] ++ lib.optionals (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) [
mesonEmulatorHook
];
```
diff --git a/infra/libkookie/nixpkgs/unstable/doc/stdenv/platform-notes.chapter.md b/infra/libkookie/nixpkgs/unstable/doc/stdenv/platform-notes.chapter.md
index 03e61e333f8..b47f5af349b 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/stdenv/platform-notes.chapter.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/stdenv/platform-notes.chapter.md
@@ -60,3 +60,8 @@ Some common issues when packaging software for Darwin:
```
The package `xcbuild` can be used to build projects that really depend on Xcode. However, this replacement is not 100% compatible with Xcode and can occasionally cause issues.
+
+- x86_64-darwin uses the 10.12 SDK by default, but some software is not compatible with that version of the SDK. In that case,
+ the 11.0 SDK used by aarch64-darwin is available for use on x86_64-darwin. To use it, reference `apple_sdk_11_0` instead of
+ `apple_sdk` in your derivation and use `pkgs.darwin.apple_sdk_11_0.callPackage` instead of `pkgs.callPackage`. On Linux, this will
+ have the same effect as `pkgs.callPackage`, so you can use `pkgs.darwin.apple_sdk_11_0.callPackage` regardless of platform.
diff --git a/infra/libkookie/nixpkgs/unstable/doc/stdenv/stdenv.chapter.md b/infra/libkookie/nixpkgs/unstable/doc/stdenv/stdenv.chapter.md
index b57698cb90b..5f7f45dc443 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/stdenv/stdenv.chapter.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/stdenv/stdenv.chapter.md
@@ -77,7 +77,7 @@ where the builder can do anything it wants, but typically starts with
source $stdenv/setup
```
-to let `stdenv` set up the environment (e.g., process the `buildInputs`). If you want, you can still use `stdenv`’s generic builder:
+to let `stdenv` set up the environment (e.g. by resetting `PATH` and populating it from build inputs). If you want, you can still use `stdenv`’s generic builder:
```bash
source $stdenv/setup
@@ -698,12 +698,12 @@ Hook executed at the end of the install phase.
### The fixup phase {#ssec-fixup-phase}
-The fixup phase performs some (Nix-specific) post-processing actions on the files installed under `$out` by the install phase. The default `fixupPhase` does the following:
+The fixup phase performs (Nix-specific) post-processing actions on the files installed under `$out` by the install phase. The default `fixupPhase` does the following:
- It moves the `man/`, `doc/` and `info/` subdirectories of `$out` to `share/`.
- It strips libraries and executables of debug information.
- On Linux, it applies the `patchelf` command to ELF executables and libraries to remove unused directories from the `RPATH` in order to prevent unnecessary runtime dependencies.
-- It rewrites the interpreter paths of shell scripts to paths found in `PATH`. E.g., `/usr/bin/perl` will be rewritten to `/nix/store/some-perl/bin/perl` found in `PATH`.
+- It rewrites the interpreter paths of shell scripts to paths found in `PATH`. E.g., `/usr/bin/perl` will be rewritten to `/nix/store/some-perl/bin/perl` found in `PATH`. See [](#patch-shebangs.sh) for details.
#### Variables controlling the fixup phase {#variables-controlling-the-fixup-phase}
@@ -749,7 +749,7 @@ If set, the `patchelf` command is not used to remove unnecessary `RPATH` entries
##### `dontPatchShebangs` {#var-stdenv-dontPatchShebangs}
-If set, scripts starting with `#!` do not have their interpreter paths rewritten to paths in the Nix store.
+If set, scripts starting with `#!` do not have their interpreter paths rewritten to paths in the Nix store. See [](#patch-shebangs.sh) on how patching shebangs works.
##### `dontPruneLibtoolFiles` {#var-stdenv-dontPruneLibtoolFiles}
@@ -983,7 +983,7 @@ addEnvHooks "$hostOffset" myBashFunction
The *existence* of setups hooks has long been documented and packages inside Nixpkgs are free to use this mechanism. Other packages, however, should not rely on these mechanisms not changing between Nixpkgs versions. Because of the existing issues with this system, there’s little benefit from mandating it be stable for any period of time.
-First, let’s cover some setup hooks that are part of Nixpkgs default stdenv. This means that they are run for every package built using `stdenv.mkDerivation`. Some of these are platform specific, so they may run on Linux but not Darwin or vice-versa.
+First, let’s cover some setup hooks that are part of Nixpkgs default `stdenv`. This means that they are run for every package built using `stdenv.mkDerivation` or when using a custom builder that has `source $stdenv/setup`. Some of these are platform specific, so they may run on Linux but not Darwin or vice-versa.
### `move-docs.sh` {#move-docs.sh}
@@ -999,7 +999,70 @@ This runs the strip command on installed binaries and libraries. This removes un
### `patch-shebangs.sh` {#patch-shebangs.sh}
-This setup hook patches installed scripts to use the full path to the shebang interpreter. A shebang interpreter is the first commented line of a script telling the operating system which program will run the script (e.g `#!/bin/bash`). In Nix, we want an exact path to that interpreter to be used. This often replaces `/bin/sh` with a path in the Nix store.
+This setup hook patches installed scripts to add Nix store paths to their shebang interpreter as found in the build environment. The [shebang](https://en.wikipedia.org/wiki/Shebang_(Unix)) line tells a Unix-like operating system which interpreter to use to execute the script's contents.
+
+::: note
+The [generic builder][generic-builder] populates `PATH` from inputs of the derivation.
+:::
+
+[generic-builder]: https://github.com/NixOS/nixpkgs/blob/19d4f7dc485f74109bd66ef74231285ff797a823/pkgs/stdenv/generic/builder.sh
+
+#### Invocation {#patch-shebangs.sh-invocation}
+
+Multiple paths can be specified.
+
+```
+patchShebangs [--build | --host] PATH...
+```
+
+##### Flags
+
+`--build`
+: Look up commands available at build time
+
+`--host`
+: Look up commands available at run time
+
+##### Examples
+
+```sh
+patchShebangs --host /nix/store/-hello-1.0/bin
+```
+
+```sh
+patchShebangs --build configure
+```
+
+`#!/bin/sh` will be rewritten to `#!/nix/store/-some-bash/bin/sh`.
+
+`#!/usr/bin/env` gets special treatment: `#!/usr/bin/env python` is rewritten to `/nix/store//bin/python`.
+
+Interpreter paths that point to a valid Nix store location are not changed.
+
+::: note
+A script file must be marked as executable, otherwise it will not be
+considered.
+:::
+
+This mechanism ensures that the interpreter for a given script is always found and is exactly the one specified by the build.
+
+It can be disabled by setting [`dontPatchShebangs`](#var-stdenv-dontPatchShebangs):
+
+```nix
+stdenv.mkDerivation {
+ # ...
+ dontPatchShebangs = true;
+ # ...
+}
+```
+
+The file [`patch-shebangs.sh`][patch-shebangs.sh] defines the [`patchShebangs`][patchShebangs] function. It is used to implement [`patchShebangsAuto`][patchShebangsAuto], the [setup hook](#ssec-setup-hooks) that is registered to run during the [fixup phase](#ssec-fixup-phase) by default.
+
+If you need to run `patchShebangs` at build time, it must be called explicitly within [one of the build phases](#sec-stdenv-phases).
+
+[patch-shebangs.sh]: https://github.com/NixOS/nixpkgs/blob/19d4f7dc485f74109bd66ef74231285ff797a823/pkgs/build-support/setup-hooks/patch-shebangs.sh
+[patchShebangs]: https://github.com/NixOS/nixpkgs/blob/19d4f7dc485f74109bd66ef74231285ff797a823/pkgs/build-support/setup-hooks/patch-shebangs.sh#L24-L105
+[patchShebangsAuto]: https://github.com/NixOS/nixpkgs/blob/19d4f7dc485f74109bd66ef74231285ff797a823/pkgs/build-support/setup-hooks/patch-shebangs.sh#L107-L119
### `audit-tmpdir.sh` {#audit-tmpdir.sh}
@@ -1155,7 +1218,7 @@ The `validatePkgConfig` hook validates all pkg-config (`.pc`) files in a package
### cmake {#cmake}
-Overrides the default configure phase to run the CMake command. By default, we use the Make generator of CMake. In addition, dependencies are added automatically to CMAKE_PREFIX_PATH so that packages are correctly detected by CMake. Some additional flags are passed in to give similar behavior to configure-based packages. You can disable this hook’s behavior by setting configurePhase to a custom value, or by setting dontUseCmakeConfigure. cmakeFlags controls flags passed only to CMake. By default, parallel building is enabled as CMake supports parallel building almost everywhere. When Ninja is also in use, CMake will detect that and use the ninja generator.
+Overrides the default configure phase to run the CMake command. By default, we use the Make generator of CMake. In addition, dependencies are added automatically to `CMAKE_PREFIX_PATH` so that packages are correctly detected by CMake. Some additional flags are passed in to give similar behavior to configure-based packages. You can disable this hook’s behavior by setting `configurePhase` to a custom value, or by setting `dontUseCmakeConfigure`. `cmakeFlags` controls flags passed only to CMake. By default, parallel building is enabled as CMake supports parallel building almost everywhere. When Ninja is also in use, CMake will detect that and use the ninja generator.
### xcbuildHook {#xcbuildhook}
@@ -1316,7 +1379,7 @@ If the libraries lack `-fPIE`, you will get the error `recompile with -fPIE`.
[^footnote-stdenv-ignored-build-platform]: The build platform is ignored because it is a mere implementation detail of the package satisfying the dependency: As a general programming principle, dependencies are always *specified* as interfaces, not concrete implementation.
[^footnote-stdenv-native-dependencies-in-path]: Currently, this means for native builds all dependencies are put on the `PATH`. But in the future that may not be the case for sake of matching cross: the platforms would be assumed to be unique for native and cross builds alike, so only the `depsBuild*` and `nativeBuildInputs` would be added to the `PATH`.
-[^footnote-stdenv-propagated-dependencies]: Nix itself already takes a package’s transitive dependencies into account, but this propagation ensures nixpkgs-specific infrastructure like setup hooks (mentioned above) also are run as if the propagated dependency.
+[^footnote-stdenv-propagated-dependencies]: Nix itself already takes a package’s transitive dependencies into account, but this propagation ensures nixpkgs-specific infrastructure like [setup hooks](#ssec-setup-hooks) also are run as if it were a propagated dependency.
[^footnote-stdenv-find-inputs-location]: The `findInputs` function, currently residing in `pkgs/stdenv/generic/setup.sh`, implements the propagation logic.
[^footnote-stdenv-sys-lib-search-path]: It clears the `sys_lib_*search_path` variables in the Libtool script to prevent Libtool from using libraries in `/usr/lib` and such.
[^footnote-stdenv-build-time-guessing-impurity]: Eventually these will be passed building natively as well, to improve determinism: build-time guessing, as is done today, is a risk of impurity.
diff --git a/infra/libkookie/nixpkgs/unstable/doc/using/configuration.chapter.md b/infra/libkookie/nixpkgs/unstable/doc/using/configuration.chapter.md
index 2445aa32f2a..3c46dc3227a 100644
--- a/infra/libkookie/nixpkgs/unstable/doc/using/configuration.chapter.md
+++ b/infra/libkookie/nixpkgs/unstable/doc/using/configuration.chapter.md
@@ -77,6 +77,11 @@ The difference between a package being unsupported on some system and being brok
## Installing unfree packages {#sec-allow-unfree}
+All users of Nixpkgs are free software users, and many users (and developers) of Nixpkgs want to limit and tightly control their exposure to unfree software.
+At the same time, many users need (or want) to run some specific pieces of proprietary software.
+Nixpkgs includes some expressions for unfree software packages.
+By default unfree software cannot be installed and doesn’t show up in searches.
+
There are several ways to tweak how Nix handles a package which has been marked as unfree.
- To temporarily allow all unfree packages, you can use an environment variable for a single invocation of the nix tools:
diff --git a/infra/libkookie/nixpkgs/unstable/flake.nix b/infra/libkookie/nixpkgs/unstable/flake.nix
index 8c0403adc4a..67ecfc6eb08 100644
--- a/infra/libkookie/nixpkgs/unstable/flake.nix
+++ b/infra/libkookie/nixpkgs/unstable/flake.nix
@@ -20,13 +20,20 @@
nixos = import ./nixos/lib { lib = final; };
nixosSystem = args:
- import ./nixos/lib/eval-config.nix (args // {
- modules = args.modules ++ [ {
- system.nixos.versionSuffix =
- ".${final.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")}.${self.shortRev or "dirty"}";
- system.nixos.revision = final.mkIf (self ? rev) self.rev;
- } ];
- });
+ import ./nixos/lib/eval-config.nix (
+ args // {
+ modules = args.modules ++ [{
+ system.nixos.versionSuffix =
+ ".${final.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101")}.${self.shortRev or "dirty"}";
+ system.nixos.revision = final.mkIf (self ? rev) self.rev;
+ }];
+ } // lib.optionalAttrs (! args?system) {
+ # Allow system to be set modularly in nixpkgs.system.
+ # We set it to null, to remove the "legacy" entrypoint's
+ # non-hermetic default.
+ system = null;
+ }
+ );
});
checks.x86_64-linux.tarball = jobs.tarball;
diff --git a/infra/libkookie/nixpkgs/unstable/lib/licenses.nix b/infra/libkookie/nixpkgs/unstable/lib/licenses.nix
index 4fa6d6abc7a..56299612a0e 100644
--- a/infra/libkookie/nixpkgs/unstable/lib/licenses.nix
+++ b/infra/libkookie/nixpkgs/unstable/lib/licenses.nix
@@ -55,6 +55,12 @@ in mkLicense lset) ({
fullName = "GNU Affero General Public License v3.0 or later";
};
+ aladdin = {
+ spdxId = "Aladdin";
+ fullName = "Aladdin Free Public License";
+ free = false;
+ };
+
amazonsl = {
fullName = "Amazon Software License";
url = "https://aws.amazon.com/asl/";
@@ -514,6 +520,13 @@ in mkLicense lset) ({
free = false;
};
+ databricks-dbx = {
+ fullName = "DataBricks eXtensions aka dbx License";
+ url = "https://github.com/databrickslabs/dbx/blob/743b579a4ac44531f764c6e522dbe5a81a7dc0e4/LICENSE";
+ free = false;
+ redistributable = false;
+ };
+
issl = {
fullName = "Intel Simplified Software License";
url = "https://software.intel.com/en-us/license/intel-simplified-software-license";
diff --git a/infra/libkookie/nixpkgs/unstable/lib/systems/default.nix b/infra/libkookie/nixpkgs/unstable/lib/systems/default.nix
index d9d0918c1cc..25340825c4b 100644
--- a/infra/libkookie/nixpkgs/unstable/lib/systems/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/lib/systems/default.nix
@@ -36,6 +36,7 @@ rec {
config = parse.tripleFromSystem final.parsed;
# Determine whether we can execute binaries built for the provided platform.
canExecute = platform:
+ final.isAndroid == platform.isAndroid &&
parse.isCompatible final.parsed.cpu platform.parsed.cpu
&& final.parsed.kernel == platform.parsed.kernel;
isCompatible = _: throw "2022-05-23: isCompatible has been removed in favor of canExecute, refer to the 22.11 changelog for details";
diff --git a/infra/libkookie/nixpkgs/unstable/lib/systems/examples.nix b/infra/libkookie/nixpkgs/unstable/lib/systems/examples.nix
index b26407117c8..65dc9c07e34 100644
--- a/infra/libkookie/nixpkgs/unstable/lib/systems/examples.nix
+++ b/infra/libkookie/nixpkgs/unstable/lib/systems/examples.nix
@@ -57,23 +57,23 @@ rec {
armv7a-android-prebuilt = {
config = "armv7a-unknown-linux-androideabi";
rustc.config = "armv7-linux-androideabi";
- sdkVer = "29";
- ndkVer = "21";
+ sdkVer = "28";
+ ndkVer = "24";
useAndroidPrebuilt = true;
} // platforms.armv7a-android;
aarch64-android-prebuilt = {
config = "aarch64-unknown-linux-android";
rustc.config = "aarch64-linux-android";
- sdkVer = "29";
- ndkVer = "21";
+ sdkVer = "28";
+ ndkVer = "24";
useAndroidPrebuilt = true;
};
aarch64-android = {
config = "aarch64-unknown-linux-android";
sdkVer = "30";
- ndkVer = "21";
+ ndkVer = "24";
libc = "bionic";
useAndroidPrebuilt = false;
useLLVM = true;
@@ -91,25 +91,23 @@ rec {
config = "mipsel-unknown-linux-gnu";
} // platforms.fuloong2f_n32;
- # MIPS ABI table transcribed from here: https://wiki.debian.org/Multiarch/Tuples
-
# can execute on 32bit chip
- mips-linux-gnu = { config = "mips-linux-gnu"; } // platforms.gcc_mips32r2_o32;
- mipsel-linux-gnu = { config = "mipsel-linux-gnu"; } // platforms.gcc_mips32r2_o32;
- mipsisa32r6-linux-gnu = { config = "mipsisa32r6-linux-gnu"; } // platforms.gcc_mips32r6_o32;
- mipsisa32r6el-linux-gnu = { config = "mipsisa32r6el-linux-gnu"; } // platforms.gcc_mips32r6_o32;
+ mips-linux-gnu = { config = "mips-unknown-linux-gnu"; } // platforms.gcc_mips32r2_o32;
+ mipsel-linux-gnu = { config = "mipsel-unknown-linux-gnu"; } // platforms.gcc_mips32r2_o32;
+ mipsisa32r6-linux-gnu = { config = "mipsisa32r6-unknown-linux-gnu"; } // platforms.gcc_mips32r6_o32;
+ mipsisa32r6el-linux-gnu = { config = "mipsisa32r6el-unknown-linux-gnu"; } // platforms.gcc_mips32r6_o32;
# require 64bit chip (for more registers, 64-bit floating point, 64-bit "long long") but use 32bit pointers
- mips64-linux-gnuabin32 = { config = "mips64-linux-gnuabin32"; } // platforms.gcc_mips64r2_n32;
- mips64el-linux-gnuabin32 = { config = "mips64el-linux-gnuabin32"; } // platforms.gcc_mips64r2_n32;
- mipsisa64r6-linux-gnuabin32 = { config = "mipsisa64r6-linux-gnuabin32"; } // platforms.gcc_mips64r6_n32;
- mipsisa64r6el-linux-gnuabin32 = { config = "mipsisa64r6el-linux-gnuabin32"; } // platforms.gcc_mips64r6_n32;
+ mips64-linux-gnuabin32 = { config = "mips64-unknown-linux-gnuabin32"; } // platforms.gcc_mips64r2_n32;
+ mips64el-linux-gnuabin32 = { config = "mips64el-unknown-linux-gnuabin32"; } // platforms.gcc_mips64r2_n32;
+ mipsisa64r6-linux-gnuabin32 = { config = "mipsisa64r6-unknown-linux-gnuabin32"; } // platforms.gcc_mips64r6_n32;
+ mipsisa64r6el-linux-gnuabin32 = { config = "mipsisa64r6el-unknown-linux-gnuabin32"; } // platforms.gcc_mips64r6_n32;
# 64bit pointers
- mips64-linux-gnuabi64 = { config = "mips64-linux-gnuabi64"; } // platforms.gcc_mips64r2_64;
- mips64el-linux-gnuabi64 = { config = "mips64el-linux-gnuabi64"; } // platforms.gcc_mips64r2_64;
- mipsisa64r6-linux-gnuabi64 = { config = "mipsisa64r6-linux-gnuabi64"; } // platforms.gcc_mips64r6_64;
- mipsisa64r6el-linux-gnuabi64 = { config = "mipsisa64r6el-linux-gnuabi64"; } // platforms.gcc_mips64r6_64;
+ mips64-linux-gnuabi64 = { config = "mips64-unknown-linux-gnuabi64"; } // platforms.gcc_mips64r2_64;
+ mips64el-linux-gnuabi64 = { config = "mips64el-unknown-linux-gnuabi64"; } // platforms.gcc_mips64r2_64;
+ mipsisa64r6-linux-gnuabi64 = { config = "mipsisa64r6-unknown-linux-gnuabi64"; } // platforms.gcc_mips64r6_64;
+ mipsisa64r6el-linux-gnuabi64 = { config = "mipsisa64r6el-unknown-linux-gnuabi64"; } // platforms.gcc_mips64r6_64;
muslpi = raspberryPi // {
config = "armv6l-unknown-linux-musleabihf";
diff --git a/infra/libkookie/nixpkgs/unstable/lib/systems/inspect.nix b/infra/libkookie/nixpkgs/unstable/lib/systems/inspect.nix
index e5bd879e2c4..dbffca0300b 100644
--- a/infra/libkookie/nixpkgs/unstable/lib/systems/inspect.nix
+++ b/infra/libkookie/nixpkgs/unstable/lib/systems/inspect.nix
@@ -16,6 +16,7 @@ rec {
isx86 = { cpu = { family = "x86"; }; };
isAarch32 = { cpu = { family = "arm"; bits = 32; }; };
isAarch64 = { cpu = { family = "arm"; bits = 64; }; };
+ isAarch = { cpu = { family = "arm"; }; };
isMips = { cpu = { family = "mips"; }; };
isMips32 = { cpu = { family = "mips"; bits = 32; }; };
isMips64 = { cpu = { family = "mips"; bits = 64; }; };
diff --git a/infra/libkookie/nixpkgs/unstable/lib/systems/platforms.nix b/infra/libkookie/nixpkgs/unstable/lib/systems/platforms.nix
index d93d292a9fb..41c25484cea 100644
--- a/infra/libkookie/nixpkgs/unstable/lib/systems/platforms.nix
+++ b/infra/libkookie/nixpkgs/unstable/lib/systems/platforms.nix
@@ -483,8 +483,8 @@ rec {
};
# can execute on 32bit chip
- gcc_mips32r2_o32 = { gcc = { arch = "mips32r2"; abi = "o32"; }; };
- gcc_mips32r6_o32 = { gcc = { arch = "mips32r6"; abi = "o32"; }; };
+ gcc_mips32r2_o32 = { gcc = { arch = "mips32r2"; abi = "32"; }; };
+ gcc_mips32r6_o32 = { gcc = { arch = "mips32r6"; abi = "32"; }; };
gcc_mips64r2_n32 = { gcc = { arch = "mips64r2"; abi = "n32"; }; };
gcc_mips64r6_n32 = { gcc = { arch = "mips64r6"; abi = "n32"; }; };
gcc_mips64r2_64 = { gcc = { arch = "mips64r2"; abi = "64"; }; };
diff --git a/infra/libkookie/nixpkgs/unstable/lib/trivial.nix b/infra/libkookie/nixpkgs/unstable/lib/trivial.nix
index ec5dd5a5a5e..5d4fad8266b 100644
--- a/infra/libkookie/nixpkgs/unstable/lib/trivial.nix
+++ b/infra/libkookie/nixpkgs/unstable/lib/trivial.nix
@@ -179,7 +179,7 @@ rec {
they take effect as soon as the oldest release reaches end of life. */
oldestSupportedRelease =
# Update on master only. Do not backport.
- 2111;
+ 2205;
/* Whether a feature is supported in all supported releases (at the time of
release branch-off, if applicable). See `oldestSupportedRelease`. */
diff --git a/infra/libkookie/nixpkgs/unstable/lib/types.nix b/infra/libkookie/nixpkgs/unstable/lib/types.nix
index 354714b2873..d7655bc1a6a 100644
--- a/infra/libkookie/nixpkgs/unstable/lib/types.nix
+++ b/infra/libkookie/nixpkgs/unstable/lib/types.nix
@@ -55,6 +55,7 @@ let
concatMapStringsSep
concatStringsSep
escapeNixString
+ hasInfix
isCoercibleToString
;
inherit (lib.trivial)
@@ -360,6 +361,11 @@ rec {
deprecationMessage = "See https://github.com/NixOS/nixpkgs/pull/66346 for better alternative types.";
};
+ passwdEntry = entryType: addCheck entryType (str: !(hasInfix ":" str || hasInfix "\n" str)) // {
+ name = "passwdEntry ${entryType.name}";
+ description = "${entryType.description}, not containing newlines or colons";
+ };
+
attrs = mkOptionType {
name = "attrs";
description = "attribute set";
diff --git a/infra/libkookie/nixpkgs/unstable/maintainers/maintainer-list.nix b/infra/libkookie/nixpkgs/unstable/maintainers/maintainer-list.nix
index bff3019a09d..8eac070f26c 100644
--- a/infra/libkookie/nixpkgs/unstable/maintainers/maintainer-list.nix
+++ b/infra/libkookie/nixpkgs/unstable/maintainers/maintainer-list.nix
@@ -85,6 +85,12 @@
githubId = 56617252;
matrix = "@oxc45:matrix.org";
};
+ _0xd61 = {
+ email = "dgl@degit.co";
+ name = "Daniel Glinka";
+ github = "0xd61";
+ githubId = 8351869;
+ };
_1000101 = {
email = "b1000101@pm.me";
github = "1000101";
@@ -97,6 +103,12 @@
github = "1000teslas";
githubId = 47207223;
};
+ _2gn = {
+ name = "Hiram Tanner";
+ email = "101851090+2gn@users.noreply.github.com";
+ github = "2gn";
+ githubId = 101851090;
+ };
_3699n = {
email = "nicholas@nvk.pm";
github = "3699n";
@@ -133,6 +145,12 @@
githubId = 241628;
name = "Adam Russell";
};
+ aacebedo = {
+ email = "alexandre@acebedo.fr";
+ github = "aacebedo";
+ githubId = 1217680;
+ name = "Alexandre Acebedo";
+ };
aadibajpai = {
email = "hello@aadibajpai.com";
github = "aadibajpai";
@@ -207,7 +225,7 @@
};
abigailbuccaneer = {
email = "abigailbuccaneer@gmail.com";
- github = "abigailbuccaneer";
+ github = "AbigailBuccaneer";
githubId = 908758;
name = "Abigail Bunyan";
};
@@ -329,7 +347,7 @@
};
aethelz = {
email = "aethelz@protonmail.com";
- github = "aethelz";
+ github = "eugenezastrogin";
githubId = 10677343;
name = "Eugene";
};
@@ -399,6 +417,12 @@
githubId = 4732885;
name = "Ivan Jager";
};
+ aiotter = {
+ email = "git@aiotter.com";
+ github = "aiotter";
+ githubId = 37664775;
+ name = "Yuto Oguchi";
+ };
airwoodix = {
email = "airwoodix@posteo.me";
github = "airwoodix";
@@ -523,7 +547,7 @@
alexnortung = {
name = "alexnortung";
email = "alex_nortung@live.dk";
- github = "alexnortung";
+ github = "Alexnortung";
githubId = 1552267;
};
alexshpilkin = {
@@ -556,7 +580,7 @@
};
alibabzo = {
email = "alistair.bill@gmail.com";
- github = "alibabzo";
+ github = "alistairbill";
githubId = 2822871;
name = "Alistair Bill";
};
@@ -578,10 +602,6 @@
githubId = 11599075;
name = "Pierre-Louis Braun";
};
- all = {
- email = "nix-commits@lists.science.uu.nl";
- name = "Nix Committers";
- };
allonsy = {
email = "linuxbash8@gmail.com";
github = "allonsy";
@@ -617,7 +637,7 @@
};
alva = {
email = "alva@skogen.is";
- github = "fjallarefur";
+ github = "illfygli";
githubId = 42881386;
name = "Alva";
keys = [{
@@ -641,7 +661,7 @@
};
amar1729 = {
email = "amar.paul16@gmail.com";
- github = "amar1729";
+ github = "Amar1729";
githubId = 15623522;
name = "Amar Paul";
};
@@ -707,7 +727,7 @@
};
amorsillo = {
email = "andrew.morsillo@gmail.com";
- github = "AndrewMorsillo";
+ github = "evelant";
githubId = 858965;
name = "Andrew Morsillo";
};
@@ -825,6 +845,16 @@
githubId = 11699655;
name = "Stanislas Lange";
};
+ AngryAnt = {
+ name = "Emil Johansen";
+ email = "git@eej.dk";
+ matrix = "@angryant:envs.net";
+ github = "AngryAnt";
+ githubId = 102513;
+ keys = [{
+ fingerprint = "B7B7 582E 564E 789B FCB8 71AB 0C6D FE2F B234 534A";
+ }];
+ };
anhdle14 = {
name = "Le Anh Duc";
email = "anhdle14@icloud.com";
@@ -873,6 +903,13 @@
githubId = 661909;
name = "Antonio Nuno Monteiro";
};
+ anoa = {
+ matrix = "@andrewm:amorgan.xyz";
+ email = "andrew@amorgan.xyz";
+ github = "anoadragon453";
+ githubId = 1342360;
+ name = "Andrew Morgan";
+ };
anpryl = {
email = "anpryl@gmail.com";
github = "anpryl";
@@ -1035,13 +1072,13 @@
};
arnoutkroeze = {
email = "nixpkgs@arnoutkroeze.nl";
- github = "arnoutkroeze";
+ github = "ArnoutKroeze";
githubId = 37151054;
name = "Arnout Kroeze";
};
arobyn = {
email = "shados@shados.net";
- github = "shados";
+ github = "Shados";
githubId = 338268;
name = "Alexei Robyn";
};
@@ -1174,7 +1211,7 @@
};
atnnn = {
email = "etienne@atnnn.com";
- github = "atnnn";
+ github = "AtnNn";
githubId = 706854;
name = "Etienne Laurin";
};
@@ -1216,7 +1253,7 @@
};
avaq = {
email = "nixpkgs@account.avaq.it";
- github = "avaq";
+ github = "Avaq";
githubId = 1217745;
name = "Aldwin Vlasblom";
};
@@ -1274,7 +1311,7 @@
artturin = {
email = "artturin@artturin.com";
matrix = "@artturin:matrix.org";
- github = "artturin";
+ github = "Artturin";
githubId = 56650223;
name = "Artturi N";
};
@@ -1290,7 +1327,7 @@
};
ayazhafiz = {
email = "ayaz.hafiz.1@gmail.com";
- github = "ayazhafiz";
+ github = "hafiz";
githubId = 262763;
name = "Ayaz Hafiz";
};
@@ -1346,10 +1383,6 @@
githubId = 35324;
name = "Badi' Abdul-Wahid";
};
- balajisivaraman = {
- email = "sivaraman.balaji@gmail.com";
- name = "Balaji Sivaraman";
- };
balodja = {
email = "balodja@gmail.com";
github = "balodja";
@@ -1370,7 +1403,7 @@
};
bandresen = {
email = "bandresen@gmail.com";
- github = "bandresen";
+ github = "bennyandresen";
githubId = 80325;
name = "Benjamin Andresen";
};
@@ -1623,6 +1656,12 @@
githubId = 13324165;
name = "Bill Ewanick";
};
+ billhuang = {
+ email = "bill.huang2001@gmail.com";
+ github = "BillHuang2001";
+ githubId = 11801831;
+ name = "Bill Huang";
+ };
binarin = {
email = "binarin@binarin.ru";
github = "binarin";
@@ -1635,10 +1674,6 @@
githubId = 30630233;
name = "Timo Triebensky";
};
- bjg = {
- email = "bjg@gnu.org";
- name = "Brian Gough";
- };
bjornfor = {
email = "bjorn.forsman@gmail.com";
github = "bjornfor";
@@ -1670,12 +1705,6 @@
githubId = 37907;
name = "Julian Stecklina";
};
- bloomvdomino = {
- name = "Laura Fäßler";
- email = "0x@ytex.de";
- github = "bloomvdomino";
- githubId = 33204710;
- };
bluescreen303 = {
email = "mathijs@bluescreen303.nl";
github = "bluescreen303";
@@ -1782,7 +1811,7 @@
};
brainrape = {
email = "martonboros@gmail.com";
- github = "brainrape";
+ github = "brainrake";
githubId = 302429;
name = "Marton Boros";
};
@@ -1904,7 +1933,7 @@
};
builditluc = {
email = "builditluc@icloud.com";
- github = "builditluc";
+ github = "Builditluc";
githubId = 37375448;
name = "Buildit";
};
@@ -1991,7 +2020,7 @@
};
cameronnemo = {
email = "cnemo@tutanota.com";
- github = "cameronnemo";
+ github = "CameronNemo";
githubId = 3212452;
name = "Cameron Nemo";
};
@@ -2049,6 +2078,12 @@
githubId = 1945;
name = "Casey Rodarmor";
};
+ catap = {
+ email = "kirill@korins.ky";
+ github = "catap";
+ githubId = 37775;
+ name = "Kirill A. Korinsky";
+ };
catern = {
email = "sbaugh@catern.com";
github = "catern";
@@ -2176,10 +2211,6 @@
githubId = 89596;
name = "Florian Friesdorf";
};
- chattered = {
- email = "me@philscotted.com";
- name = "Phil Scott";
- };
chekoopa = {
email = "chekoopa@mail.ru";
github = "chekoopa";
@@ -2263,7 +2294,7 @@
};
chrisjefferson = {
email = "chris@bubblescope.net";
- github = "chrisjefferson";
+ github = "ChrisJefferson";
githubId = 811527;
name = "Christopher Jefferson";
};
@@ -2343,7 +2374,7 @@
};
citadelcore = {
email = "alex@arctarus.co.uk";
- github = "citadelcore";
+ github = "CitadelCore";
githubId = 5567402;
name = "Alex Zero";
keys = [{
@@ -2432,7 +2463,7 @@
};
cmcdragonkai = {
email = "roger.qiu@matrix.ai";
- github = "cmcdragonkai";
+ github = "CMCDragonkai";
githubId = 640797;
name = "Roger Qiu";
};
@@ -2442,6 +2473,12 @@
githubId = 20808761;
name = "cmfwyp";
};
+ cmm = {
+ email = "repo@cmm.kakpryg.net";
+ github = "cmm";
+ githubId = 718298;
+ name = "Michael Livshin";
+ };
cobbal = {
email = "andrew.cobb@gmail.com";
github = "cobbal";
@@ -2560,7 +2597,7 @@
congee = {
email = "changshengwu@pm.me";
matrix = "@congeec:matrix.org";
- github = "congee";
+ github = "Congee";
name = "Changsheng Wu";
githubId = 2083950;
};
@@ -2612,6 +2649,12 @@
fingerprint = "8026 D24A A966 BF9C D3CD CB3C 08FB 2BFC 470E 75B4";
}];
};
+ Crafter = {
+ email = "crafter@crafter.rocks";
+ github = "Craftzman7";
+ githubId = 70068692;
+ name = "Crafter";
+ };
craigem = {
email = "craige@mcwhirter.io";
github = "craigem";
@@ -2632,7 +2675,7 @@
};
creator54 = {
email = "hi.creator54@gmail.com";
- github = "creator54";
+ github = "Creator54";
githubId = 34543609;
name = "creator54";
};
@@ -2760,6 +2803,15 @@
githubId = 16895361;
name = "Deniz Alp Durmaz";
};
+ DAlperin = {
+ email = "git@dov.dev";
+ github = "DAlperin";
+ githubId = 16063713;
+ name = "Dov Alperin";
+ keys = [{
+ fingerprint = "4EED 5096 B925 86FA 1101 6673 7F2C 07B9 1B52 BB61";
+ }];
+ };
DamienCassou = {
email = "damien@cassou.me";
github = "DamienCassou";
@@ -2772,6 +2824,15 @@
githubId = 743057;
name = "Danylo Hlynskyi";
};
+ danc86 = {
+ name = "Dan Callaghan";
+ email = "djc@djc.id.au";
+ github = "danc86";
+ githubId = 398575;
+ keys = [{
+ fingerprint = "1C56 01F1 D70A B56F EABB 6BC0 26B5 AA2F DAF2 F30A";
+ }];
+ };
dancek = {
email = "hannu.hartikainen@gmail.com";
github = "dancek";
@@ -2797,12 +2858,6 @@
githubId = 24708079;
name = "Dan Eads";
};
- danharaj = {
- email = "dan@obsidian.systems";
- github = "danharaj";
- githubId = 23366017;
- name = "Dan Haraj";
- };
danielbarter = {
email = "danielbarter@gmail.com";
github = "danielbarter";
@@ -2872,10 +2927,6 @@
githubId = 7589338;
name = "Daniel Șerbănescu";
};
- dasuxullebt = {
- email = "christoph.senjak@googlemail.com";
- name = "Christoph-Simon Senjak";
- };
datafoo = {
email = "34766150+datafoo@users.noreply.github.com";
github = "datafoo";
@@ -2982,7 +3033,7 @@
dearrude = {
name = "Ebrahim Nejati";
email = "dearrude@tfwno.gf";
- github = "dearrude";
+ github = "DearRude";
githubId = 30749142;
keys = [{
fingerprint = "4E35 F2E5 2132 D654 E815 A672 DB2C BC24 2868 6000";
@@ -3020,6 +3071,8 @@
};
delta = {
email = "d4delta@outlook.fr";
+ github = "D4Delta";
+ githubId = 12224254;
name = "Delta";
};
deltadelta = {
@@ -3094,6 +3147,13 @@
githubId = 1311761;
name = "Didier J. Devroye";
};
+ desttinghim = {
+ email = "opensource@louispearson.work";
+ matrix = "@desttinghim:matrix.org";
+ github = "desttinghim";
+ githubId = 10042482;
+ name = "Louis Pearson";
+ };
devhell = {
email = ''"^"@regexmail.net'';
github = "devhell";
@@ -3162,7 +3222,7 @@
};
diegolelis = {
email = "diego.o.lelis@gmail.com";
- github = "diegolelis";
+ github = "DiegoLelis";
githubId = 8404455;
name = "Diego Lelis";
};
@@ -3174,7 +3234,7 @@
};
diffumist = {
email = "git@diffumist.me";
- github = "diffumist";
+ github = "Diffumist";
githubId = 32810399;
name = "Diffumist";
};
@@ -3216,7 +3276,7 @@
};
dizfer = {
email = "david@izquierdofernandez.com";
- github = "dizfer";
+ github = "DIzFer";
githubId = 8852888;
name = "David Izquierdo";
};
@@ -3377,10 +3437,6 @@
githubId = 6199462;
name = "Dmytro Rets";
};
- drewkett = {
- email = "burkett.andrew@gmail.com";
- name = "Andrew Burkett";
- };
drewrisinger = {
email = "drisinger+nixpkgs@gmail.com";
github = "drewrisinger";
@@ -3490,7 +3546,7 @@
};
e-user = {
email = "nixos@sodosopa.io";
- github = "e-user";
+ github = "outergod";
githubId = 93086;
name = "Alexander Kahl";
};
@@ -3578,7 +3634,7 @@
};
emantor = {
email = "rouven+nixos@czerwinskis.de";
- github = "emantor";
+ github = "Emantor";
githubId = 934284;
name = "Rouven Czerwinski";
};
@@ -3663,7 +3719,7 @@
ekleog = {
email = "leo@gaspard.io";
matrix = "@leo:gaspard.ninja";
- github = "ekleog";
+ github = "Ekleog";
githubId = 411447;
name = "Leo Gaspard";
};
@@ -3722,6 +3778,12 @@
githubId = 1897147;
name = "Elijah Caine";
};
+ Elinvention = {
+ email = "elia@elinvention.ovh";
+ github = "Elinvention";
+ githubId = 5737945;
+ name = "Elia Argentieri";
+ };
elitak = {
email = "elitak@gmail.com";
github = "elitak";
@@ -3746,24 +3808,12 @@
githubId = 2536303;
name = "Enno Lohmeier";
};
- elseym = {
- email = "elseym@me.com";
- github = "elseym";
- githubId = 907478;
- name = "Simon Waibl";
- };
elvishjerricco = {
email = "elvishjerricco@gmail.com";
github = "ElvishJerricco";
githubId = 1365692;
name = "Will Fancher";
};
- elyhaka = {
- email = "elyhaka@protonmail.com";
- github = "Elyhaka";
- githubId = 57923898;
- name = "Elyhaka";
- };
emmabastas = {
email = "emma.bastas@protonmail.com";
matrix = "@emmabastas:matrix.org";
@@ -3820,10 +3870,6 @@
githubId = 5085029;
name = "Emanuele Peruffo";
};
- epitrochoid = {
- email = "mpcervin@uncg.edu";
- name = "Mabry Cervin";
- };
equirosa = {
email = "eduardo@eduardoquiros.com";
github = "equirosa";
@@ -3879,7 +3925,7 @@
ericson2314 = {
email = "John.Ericson@Obsidian.Systems";
matrix = "@ericson2314:matrix.org";
- github = "ericson2314";
+ github = "Ericson2314";
githubId = 1055245;
name = "John Ericson";
};
@@ -3918,7 +3964,7 @@
};
ersin = {
email = "me@ersinakinci.com";
- github = "earksiinni";
+ github = "DesertDevErsin";
githubId = 5427394;
name = "Ersin Akinci";
};
@@ -3940,10 +3986,6 @@
githubId = 2544204;
name = "Erik Skytthe";
};
- Esteth = {
- email = "adam.copp@gmail.com";
- name = "Adam Copp";
- };
ethancedwards8 = {
email = "ethan@ethancedwards.com";
github = "ethancedwards8";
@@ -4043,7 +4085,7 @@
};
exfalso = {
email = "0slemi0@gmail.com";
- github = "exfalso";
+ github = "exFalso";
githubId = 1042674;
name = "Andras Slemmer";
};
@@ -4169,7 +4211,7 @@
};
fedx-sudo = {
email = "fedx-sudo@pm.me";
- github = "Fedx-sudo";
+ github = "FedX-sudo";
githubId = 66258975;
name = "Fedx sudo";
matrix = "fedx:matrix.org";
@@ -4346,15 +4388,21 @@
githubId = 405105;
name = "Dustin Frisch";
};
+ foo-dogsquared = {
+ email = "foo.dogsquared@gmail.com";
+ github = "foo-dogsquared";
+ githubId = 34962634;
+ name = "Gabriel Arazas";
+ };
forkk = {
email = "forkk@forkk.net";
- github = "forkk";
+ github = "Forkk";
githubId = 1300078;
name = "Andrew Okin";
};
fornever = {
email = "friedrich@fornever.me";
- github = "fornever";
+ github = "ForNeVeR";
githubId = 92793;
name = "Friedrich von Never";
};
@@ -4389,13 +4437,13 @@
};
freax13 = {
email = "erbse.13@gmx.de";
- github = "freax13";
+ github = "Freax13";
githubId = 14952658;
name = "Tom Dohrmann";
};
fredeb = {
email = "im@fredeb.dev";
- github = "fredeeb";
+ github = "FredeEB";
githubId = 7551358;
name = "Frede Emil";
};
@@ -4413,7 +4461,7 @@
};
fridh = {
email = "fridh@fridh.nl";
- github = "fridh";
+ github = "FRidh";
githubId = 2129135;
name = "Frederik Rietdijk";
};
@@ -4471,10 +4519,6 @@
githubId = 36706276;
name = "Fufezan Mihai";
};
- funfunctor = {
- email = "eocallaghan@alterapraxis.com";
- name = "Edward O'Callaghan";
- };
fusion809 = {
email = "brentonhorne77@gmail.com";
github = "fusion809";
@@ -4483,26 +4527,16 @@
};
fuuzetsu = {
email = "fuuzetsu@fuuzetsu.co.uk";
- github = "fuuzetsu";
+ github = "Fuuzetsu";
githubId = 893115;
name = "Mateusz Kowalczyk";
};
- fuwa = {
- email = "echowss@gmail.com";
- github = "fuwa0529";
- githubId = 40521440;
- name = "Haruka Akiyama";
- };
fuzen = {
email = "me@fuzen.cafe";
- github = "fuzen-py";
+ github = "Fuzen-py";
githubId = 17859309;
name = "Fuzen";
};
- fuzzy-id = {
- email = "hacking+nixos@babibo.de";
- name = "Thomas Bach";
- };
fxfactorial = {
email = "edgar.factorial@gmail.com";
github = "fxfactorial";
@@ -4517,7 +4551,7 @@
};
Gabriel439 = {
email = "Gabriel439@gmail.com";
- github = "Gabriel439";
+ github = "Gabriella439";
githubId = 1313787;
name = "Gabriel Gonzalez";
};
@@ -4544,7 +4578,7 @@
};
galagora = {
email = "lightningstrikeiv@gmail.com";
- github = "galagora";
+ github = "Galagora";
githubId = 45048741;
name = "Alwanga Oyango";
};
@@ -4635,7 +4669,7 @@
ggpeti = {
email = "ggpeti@gmail.com";
matrix = "@ggpeti:ggpeti.com";
- github = "ggpeti";
+ github = "ggPeti";
githubId = 3217744;
name = "Peter Ferenczy";
};
@@ -4689,7 +4723,7 @@
};
glenns = {
email = "glenn.searby@gmail.com";
- github = "glenns";
+ github = "GlennS";
githubId = 615606;
name = "Glenn Searby";
};
@@ -4756,7 +4790,7 @@
govanify = {
name = "Gauvain 'GovanifY' Roussel-Tarbouriech";
email = "gauvain@govanify.com";
- github = "govanify";
+ github = "GovanifY";
githubId = 6375438;
keys = [{
fingerprint = "5214 2D39 A7CE F8FA 872B CA7F DE62 E1E2 A614 5556";
@@ -4945,7 +4979,7 @@
};
hanemile = {
email = "mail@emile.space";
- github = "hanemile";
+ github = "HanEmile";
githubId = 22756350;
name = "Emile Hansmaennel";
};
@@ -4957,7 +4991,7 @@
};
HaoZeke = {
email = "r95g10@gmail.com";
- github = "haozeke";
+ github = "HaoZeke";
githubId = 4336207;
name = "Rohit Goswami";
keys = [{
@@ -5000,7 +5034,7 @@
};
havvy = {
email = "ryan.havvy@gmail.com";
- github = "havvy";
+ github = "Havvy";
githubId = 731722;
name = "Ryan Scheel";
};
@@ -5052,7 +5086,7 @@
};
heel = {
email = "parizhskiy@gmail.com";
- github = "heel";
+ github = "HeeL";
githubId = 287769;
name = "Sergii Paryzhskyi";
};
@@ -5130,6 +5164,12 @@
githubId = 3656888;
name = "hhm";
};
+ hhydraa = {
+ email = "hcurfman@keemail.me";
+ github = "hhydraa";
+ githubId = 58676303;
+ name = "hhydraa";
+ };
higebu = {
name = "Yuya Kusakabe";
email = "yuya.kusakabe@gmail.com";
@@ -5142,10 +5182,6 @@
github = "hiljusti";
githubId = 17605298;
};
- hinton = {
- email = "t@larkery.com";
- name = "Tom Hinton";
- };
hirenashah = {
email = "hiren@hiren.io";
github = "hirenashah";
@@ -5179,7 +5215,7 @@
hleboulanger = {
email = "hleboulanger@protonmail.com";
name = "Harold Leboulanger";
- github = "thbkrhsw";
+ github = "thbkrshw";
githubId = 33122;
};
hlolli = {
@@ -5190,7 +5226,7 @@
};
hugoreeves = {
email = "hugo@hugoreeves.com";
- github = "hugoreeves";
+ github = "HugoReeves";
githubId = 20039091;
name = "Hugo Reeves";
keys = [{
@@ -5236,7 +5272,7 @@
hoverbear = {
email = "operator+nix@hoverbear.org";
matrix = "@hoverbear:matrix.org";
- github = "hoverbear";
+ github = "Hoverbear";
githubId = 130903;
name = "Ana Hobden";
};
@@ -5276,6 +5312,12 @@
githubId = 39689;
name = "Hugo Tavares Reis";
};
+ hufman = {
+ email = "hufman@gmail.com";
+ github = "hufman";
+ githubId = 1592375;
+ name = "Walter Huf";
+ };
hugolgst = {
email = "hugo.lageneste@pm.me";
github = "hugolgst";
@@ -5333,7 +5375,7 @@
iammrinal0 = {
email = "nixpkgs@mrinalpurohit.in";
matrix = "@iammrinal0:nixos.dev";
- github = "iammrinal0";
+ github = "iAmMrinal0";
githubId = 890062;
name = "Mrinal";
};
@@ -5420,6 +5462,13 @@
githubId = 40234257;
name = "ilkecan bozdogan";
};
+ not-my-segfault = {
+ email = "michal@tar.black";
+ matrix = "@michal:tar.black";
+ github = "not-my-segfault";
+ githubId = 30374463;
+ name = "Michal S.";
+ };
illegalprime = {
email = "themichaeleden@gmail.com";
github = "illegalprime";
@@ -5470,7 +5519,7 @@
};
imgabe = {
email = "gabrielpmonte@hotmail.com";
- github = "imgabe";
+ github = "ImGabe";
githubId = 24387926;
name = "Gabriel Pereira";
};
@@ -5546,7 +5595,7 @@
isgy = {
name = "isgy";
email = "isgy@teiyg.com";
- github = "isgy";
+ github = "tgys";
githubId = 13622947;
keys = [{
fingerprint = "1412 816B A9FA F62F D051 1975 D3E1 B013 B463 1293";
@@ -5579,6 +5628,8 @@
};
ivan-tkatchev = {
email = "tkatchev@gmail.com";
+ github = "ivan-tkatchev";
+ githubId = 650601;
name = "Ivan Tkatchev";
};
ivanbrennan = {
@@ -5625,7 +5676,7 @@
};
izorkin = {
email = "Izorkin@gmail.com";
- github = "izorkin";
+ github = "Izorkin";
githubId = 26877687;
name = "Yurii Izorkin";
};
@@ -5833,7 +5884,7 @@
};
jdanek = {
email = "jdanek@redhat.com";
- github = "jdanekrh";
+ github = "jirkadanek";
githubId = 17877663;
keys = [{
fingerprint = "D4A6 F051 AD58 2E7C BCED 5439 6927 5CAD F15D 872E";
@@ -5884,7 +5935,7 @@
};
jefflabonte = {
email = "grimsleepless@protonmail.com";
- github = "jefflabonte";
+ github = "JeffLabonte";
githubId = 9425955;
name = "Jean-François Labonté";
};
@@ -5908,7 +5959,7 @@
};
jeschli = {
email = "jeschli@gmail.com";
- github = "Jeschli";
+ github = "0mbi";
githubId = 10786794;
name = "Markus Hihn";
};
@@ -6134,9 +6185,15 @@
githubId = 60272884;
name = "Jonathan Jeppener-Haltenhoff";
};
+ jocelynthode = {
+ email = "jocelyn.thode@gmail.com";
+ github = "jocelynthode";
+ githubId = 3967312;
+ name = "Jocelyn Thode";
+ };
joelancaster = {
email = "joe.a.lancas@gmail.com";
- github = "joelancaster";
+ github = "JoeLancaster";
githubId = 16760945;
name = "Joe Lancaster";
};
@@ -6152,10 +6209,6 @@
githubId = 336631;
name = "Joel Moberg";
};
- joelteon = {
- email = "me@joelt.io";
- name = "Joel Taylor";
- };
joepie91 = {
email = "admin@cryto.net";
matrix = "@joepie91:pixie.town";
@@ -6183,7 +6236,7 @@
};
johnazoidberg = {
email = "git@danielschaefer.me";
- github = "johnazoidberg";
+ github = "JohnAZoidberg";
githubId = 5307138;
name = "Daniel Schäfer";
};
@@ -6195,7 +6248,7 @@
};
johnmh = {
email = "johnmh@openblox.org";
- github = "johnmh";
+ github = "JohnMH";
githubId = 2576152;
name = "John M. Harris, Jr.";
};
@@ -6286,6 +6339,12 @@
github = "JoshuaFern";
githubId = 4300747;
};
+ joshvanl = {
+ email = " me@joshvanl.dev ";
+ github = "joshvanl";
+ githubId = 15893072;
+ name = "Josh van Leeuwen";
+ };
jpas = {
name = "Jarrod Pas";
email = "jarrod@jarrodpas.com";
@@ -6373,6 +6432,12 @@
github = "jsimonetti";
githubId = 5478838;
};
+ jsoo1 = {
+ email = "jsoo1@asu.edu";
+ github = "jsoo1";
+ name = "John Soo";
+ githubId = 10039785;
+ };
jtcoolen = {
email = "jtcoolen@pm.me";
name = "Julien Coolen";
@@ -6489,10 +6554,6 @@
githubId = 46386452;
name = "Jeroen Wijenbergh";
};
- jwilberding = {
- email = "jwilberding@afiniate.com";
- name = "Jordan Wilberding";
- };
jwoudenberg = {
email = "nixpkgs@jasperwoudenberg.com";
github = "jwoudenberg";
@@ -6548,7 +6609,7 @@
kaction = {
name = "Dmitry Bogatov";
email = "KAction@disroot.org";
- github = "kaction";
+ github = "KAction";
githubId = 44864956;
keys = [{
fingerprint = "3F87 0A7C A7B4 3731 2F13 6083 749F D4DF A2E9 4236";
@@ -6556,7 +6617,7 @@
};
kaiha = {
email = "kai.harries@gmail.com";
- github = "kaiha";
+ github = "KaiHa";
githubId = 6544084;
name = "Kai Harries";
};
@@ -6614,6 +6675,8 @@
};
karolchmist = {
email = "info+nix@chmist.com";
+ github = "karolchmist";
+ githubId = 1927188;
name = "karolchmist";
};
kayhide = {
@@ -6634,12 +6697,30 @@
githubId = 37185887;
name = "Calvin Kim";
};
+ keksbg = {
+ email = "keksbg@riseup.net";
+ name = "Stella";
+ github = "keksbg";
+ githubId = 10682187;
+ keys = [{
+ fingerprint = "AB42 1F18 5A19 A160 AD77 9885 3D6D CA5B 6F2C 2A7A";
+ }];
+ };
keldu = {
email = "mail@keldu.de";
github = "keldu";
githubId = 15373888;
name = "Claudius Holeksa";
};
+ ken-matsui = {
+ email = "nix@kmatsui.me";
+ github = "ken-matsui";
+ githubId = 26405363;
+ name = "Ken Matsui";
+ keys = [{
+ fingerprint = "3611 8CD3 6DE8 3334 B44A DDE4 1033 60B3 298E E433";
+ }];
+ };
kennyballou = {
email = "kb@devnulllabs.io";
github = "kennyballou";
@@ -6658,7 +6739,7 @@
};
kentjames = {
email = "jameschristopherkent@gmail.com";
- github = "kentjames";
+ github = "KentJames";
githubId = 2029444;
name = "James Kent";
};
@@ -6702,7 +6783,7 @@
};
kho-dialga = {
email = "ivandashenyou@gmail.com";
- github = "kho-dialga";
+ github = "Kho-Dialga";
githubId = 55767703;
name = "Iván Brito";
};
@@ -6745,6 +6826,12 @@
githubId = 845652;
name = "Kier Davis";
};
+ kilimnik = {
+ email = "mail@kilimnik.de";
+ github = "kilimnik";
+ githubId = 5883283;
+ name = "Daniel Kilimnik";
+ };
killercup = {
email = "killercup@gmail.com";
github = "killercup";
@@ -6830,10 +6917,6 @@
github = "kjeremy";
githubId = 4325700;
};
- kkallio = {
- email = "tierpluspluslists@gmail.com";
- name = "Karn Kallio";
- };
klden = {
name = "Kenzyme Le";
email = "kl@kenzymele.com";
@@ -6850,7 +6933,7 @@
email = "me@kloenk.dev";
matrix = "@kloenk:petabyte.dev";
name = "Finn Behrens";
- github = "kloenk";
+ github = "Kloenk";
githubId = 12898828;
keys = [{
fingerprint = "6881 5A95 D715 D429 659B 48A4 B924 45CF C954 6F9D";
@@ -6943,7 +7026,7 @@
};
kovirobi = {
email = "kovirobi@gmail.com";
- github = "kovirobi";
+ github = "KoviRobi";
githubId = 1903418;
name = "Kovacsics Robert";
};
@@ -6997,7 +7080,7 @@
};
kristian-brucaj = {
email = "kbrucaj@gmail.com";
- github = "kristian-brucaj";
+ github = "Kristian-Brucaj";
githubId = 8893110;
name = "Kristian Brucaj";
};
@@ -7051,7 +7134,7 @@
};
kyleondy = {
email = "kyle@ondy.org";
- github = "kyleondy";
+ github = "KyleOndy";
githubId = 1640900;
name = "Kyle Ondy";
keys = [{
@@ -7132,19 +7215,6 @@
githubId = 621759;
name = "Lassulus";
};
- lattfein = {
- email = "lattfein@gmail.com";
- # Their GitHub account was deleted.
- #
- # See: https://github.com/NixOS/nixpkgs/pull/69007 where this
- # was added but is now owned by a ghost.
- #
- # Possibly the username lattfein (currently github ID 56827487) is
- # owned by the same person, but we should confirm before adding
- # the GitHub name or ID back.
- # github = "lattfein";
- name = "Koki Yasuno";
- };
layus = {
email = "layus.on@gmail.com";
github = "layus";
@@ -7226,7 +7296,7 @@
};
leemachin = {
email = "me@mrl.ee";
- github = "leemachin";
+ github = "leemeichin";
githubId = 736291;
name = "Lee Machin";
};
@@ -7236,6 +7306,13 @@
githubId = 4158274;
name = "Michiel Leenaars";
};
+ logo = {
+ email = "logo4poop@protonmail.com";
+ matrix = "@logo4poop:matrix.org";
+ github = "logo4poop";
+ githubId = 24994565;
+ name = "Isaac Silverstein";
+ };
lom = {
email = "legendofmiracles@protonmail.com";
matrix = "@legendofmiracles:matrix.org";
@@ -7249,7 +7326,7 @@
leixb = {
email = "abone9999+nixpkgs@gmail.com";
matrix = "@leix_b:matrix.org";
- github = "LeixB";
+ github = "Leixb";
githubId = 17183803;
name = "Aleix Boné";
keys = [{
@@ -7263,10 +7340,14 @@
name = "Daniel Kuehn";
};
leo60228 = {
- email = "iakornfeld@gmail.com";
+ email = "leo@60228.dev";
+ matrix = "@leo60228:matrix.org";
github = "leo60228";
githubId = 8355305;
name = "leo60228";
+ keys = [{
+ fingerprint = "5BE4 98D5 1C24 2CCD C21A 4604 AC6F 4BA0 78E6 7833";
+ }];
};
leona = {
email = "nix@leona.is";
@@ -7406,6 +7487,16 @@
githubId = 667272;
name = "Lincoln Lee";
};
+ linj = {
+ name = "Lin Jian";
+ email = "me@linj.tech";
+ matrix = "@me:linj.tech";
+ github = "jian-lin";
+ githubId = 75130626;
+ keys = [{
+ fingerprint = "80EE AAD8 43F9 3097 24B5 3D7E 27E9 7B91 E63A 7FF8";
+ }];
+ };
linquize = {
email = "linquize@yahoo.com.hk";
github = "linquize";
@@ -7454,6 +7545,16 @@
githubId = 22085373;
name = "Luis Hebendanz";
};
+ luizribeiro = {
+ email = "nixpkgs@l9o.dev";
+ matrix = "@luizribeiro:matrix.org";
+ name = "Luiz Ribeiro";
+ github = "luizribeiro";
+ githubId = 112069;
+ keys = [{
+ fingerprint = "97A0 AE5E 03F3 499B 7D7A 65C6 76A4 1432 37EF 5817";
+ }];
+ };
lunarequest = {
email = "nullarequest@vivlaid.net";
github = "Lunarequest";
@@ -7480,7 +7581,7 @@
};
lnl7 = {
email = "daiderd@gmail.com";
- github = "lnl7";
+ github = "LnL7";
githubId = 689294;
name = "Daiderd Jordan";
};
@@ -7544,7 +7645,7 @@
};
louisdk1 = {
email = "louis@louis.dk";
- github = "louisdk1";
+ github = "LouisDK1";
githubId = 4969294;
name = "Louis Tim Larsen";
};
@@ -7582,10 +7683,6 @@
githubId = 1597330;
name = "Leonardo Romor";
};
- lrworth = {
- email = "luke@worth.id.au";
- name = "Luke Worth";
- };
lschuermann = {
email = "leon.git@is.currently.online";
matrix = "@leons:is.currently.online";
@@ -7699,6 +7796,7 @@
};
lux = {
email = "lux@lux.name";
+ github = "luxferresum";
githubId = 1208273;
matrix = "@lux:ontheblueplanet.com";
name = "Lux";
@@ -7723,14 +7821,10 @@
};
lynty = {
email = "ltdong93+nix@gmail.com";
- github = "lynty";
+ github = "Lynty";
githubId = 39707188;
name = "Lynn Dong";
};
- lyt = {
- email = "wheatdoge@gmail.com";
- name = "Tim Liou";
- };
m00wl = {
name = "Moritz Lumme";
email = "moritz.lumme@gmail.com";
@@ -7743,14 +7837,10 @@
githubId = 3044438;
name = "Lucas Savva";
};
- m3tti = {
- email = "mathaeus.peter.sander@gmail.com";
- name = "Mathaeus Sander";
- };
ma27 = {
email = "maximilian@mbosch.me";
matrix = "@ma27:nicht-so.sexy";
- github = "ma27";
+ github = "Ma27";
githubId = 6025220;
name = "Maximilian Bosch";
};
@@ -7814,6 +7904,12 @@
githubId = 31056089;
name = "Tom Ho";
};
+ majiir = {
+ email = "majiir@nabaal.net";
+ github = "Majiir";
+ githubId = 963511;
+ name = "Majiir Paktu";
+ };
makefu = {
email = "makefu@syntax-fehler.de";
github = "makefu";
@@ -7866,7 +7962,7 @@
};
marcweber = {
email = "marco-oweber@gmx.de";
- github = "marcweber";
+ github = "MarcWeber";
githubId = 34086;
name = "Marc Weber";
};
@@ -7894,9 +7990,11 @@
githubId = 26470037;
name = "Markus Kowalewski";
};
- markWot = {
- email = "markus@wotringer.de";
- name = "Markus Wotringer";
+ mariaa144 = {
+ email = "speechguard_intensivist@aleeas.com";
+ github = "mariaa144";
+ githubId = 105451387;
+ name = "Maria";
};
marijanp = {
name = "Marijan Petričević";
@@ -7975,7 +8073,7 @@
};
mathnerd314 = {
email = "mathnerd314.gph+hs@gmail.com";
- github = "mathnerd314";
+ github = "Mathnerd314";
githubId = 322214;
name = "Mathnerd314";
};
@@ -8232,12 +8330,6 @@
githubId = 1788114;
name = "Meghea Iulian";
};
- mehandes = {
- email = "niewskici@gmail.com";
- github = "mehandes";
- githubId = 32581276;
- name = "Matt Deming";
- };
meisternu = {
email = "meister@krutt.org";
github = "meisternu";
@@ -8258,14 +8350,10 @@
};
melkor333 = {
email = "samuel@ton-kunst.ch";
- github = "melkor333";
+ github = "Melkor333";
githubId = 6412377;
name = "Samuel Ruprecht";
};
- metabar = {
- email = "softs@metabarcoding.org";
- name = "Celine Mercier";
- };
kira-bruneau = {
email = "kira.bruneau@pm.me";
name = "Kira Bruneau";
@@ -8335,7 +8423,7 @@
mic92 = {
email = "joerg@thalheim.io";
matrix = "@mic92:nixos.dev";
- github = "mic92";
+ github = "Mic92";
githubId = 96200;
name = "Jörg Thalheim";
keys = [{
@@ -8436,7 +8524,7 @@
};
milesbreslin = {
email = "milesbreslin@gmail.com";
- github = "milesbreslin";
+ github = "MilesBreslin";
githubId = 38543128;
name = "Miles Breslin";
};
@@ -8458,10 +8546,6 @@
githubId = 5378535;
name = "Milo Gertjejansen";
};
- miltador = {
- email = "miltador@yandex.ua";
- name = "Vasiliy Solovey";
- };
mimame = {
email = "miguel.madrid.mencia@gmail.com";
github = "mimame";
@@ -8513,7 +8597,7 @@
};
misterio77 = {
email = "eu@misterio.me";
- github = "misterio77";
+ github = "Misterio77";
githubId = 5727578;
matrix = "@misterio:matrix.org";
name = "Gabriel Fontes";
@@ -8602,7 +8686,7 @@
};
mmesch = {
email = "mmesch@noreply.github.com";
- github = "mmesch";
+ github = "MMesch";
githubId = 2597803;
name = "Matthias Meschede";
};
@@ -8678,7 +8762,7 @@
};
moredread = {
email = "code@apb.name";
- github = "moredread";
+ github = "Moredread";
githubId = 100848;
name = "André-Patrick Bubel";
keys = [{
@@ -8705,13 +8789,13 @@
};
mothsart = {
email = "jerem.ferry@gmail.com";
- github = "mothsart";
+ github = "mothsART";
githubId = 10601196;
name = "Jérémie Ferry";
};
mounium = {
email = "muoniurn@gmail.com";
- github = "mounium";
+ github = "Mounium";
githubId = 20026143;
name = "Katona László";
};
@@ -8781,14 +8865,6 @@
githubId = 839693;
name = "Ingolf Wanger";
};
- msackman = {
- email = "matthew@wellquite.org";
- name = "Matthew Sackman";
- };
- mschneider = {
- email = "markus.schneider.sic+nix@gmail.com";
- name = "Markus Schneider";
- };
mschristiansen = {
email = "mikkel@rheosystems.com";
github = "mschristiansen";
@@ -8882,12 +8958,6 @@
githubId = 220262;
name = "Ion Mudreac";
};
- muflax = {
- email = "mail@muflax.com";
- github = "muflax";
- githubId = 69918;
- name = "Stefan Dorn";
- };
multun = {
email = "victor.collod@epita.fr";
github = "multun";
@@ -8937,7 +9007,7 @@
};
myrl = {
email = "myrl.0xf@gmail.com";
- github = "myrl";
+ github = "Myrl";
githubId = 9636071;
name = "Myrl Hex";
};
@@ -8949,7 +9019,7 @@
};
nadrieril = {
email = "nadrieril@gmail.com";
- github = "nadrieril";
+ github = "Nadrieril";
githubId = 6783654;
name = "Nadrieril Feneanar";
};
@@ -8974,10 +9044,6 @@
fingerprint = "7A10 AB8E 0BEC 566B 090C 9BE3 D812 6E55 9CE7 C35D";
}];
};
- Nate-Devv = {
- email = "natedevv@gmail.com";
- name = "Nathan Moore";
- };
nathanruiz = {
email = "nathanruiz@protonmail.com";
github = "nathanruiz";
@@ -8996,6 +9062,15 @@
githubId = 818502;
name = "Nathan Yong";
};
+ natsukium = {
+ email = "nixpkgs@natsukium.com";
+ github = "natsukium";
+ githubId = 25083790;
+ name = "Tomoya Otabi";
+ keys = [{
+ fingerprint = "3D14 6004 004C F882 D519 6CD4 9EA4 5A31 DB99 4C53";
+ }];
+ };
natto1784 = {
email = "natto@weirdnatto.in";
github = "natto1784";
@@ -9090,7 +9165,7 @@
};
nequissimus = {
email = "tim@nequissimus.com";
- github = "nequissimus";
+ github = "NeQuissimus";
githubId = 628342;
name = "Tim Steinbach";
};
@@ -9103,8 +9178,18 @@
nessdoor = {
name = "Tomas Antonio Lopez";
email = "entropy.overseer@protonmail.com";
+ github = "nessdoor";
githubId = 25993494;
};
+ netali = {
+ name = "Jennifer Graul";
+ email = "me@netali.de";
+ github = "NetaliDev";
+ githubId = 15304894;
+ keys = [{
+ fingerprint = "F729 2594 6F58 0B05 8FB3 F271 9C55 E636 426B 40A9";
+ }];
+ };
netcrns = {
email = "jason.wing@gmx.de";
github = "netcrns";
@@ -9141,10 +9226,6 @@
githubId = 6391776;
name = "Nikita Voloboev";
};
- nfjinjing = {
- email = "nfjinjing@gmail.com";
- name = "Jinjing Wang";
- };
ngiger = {
email = "niklaus.giger@member.fsf.org";
github = "ngiger";
@@ -9187,7 +9268,7 @@
};
nickhu = {
email = "me@nickhu.co.uk";
- github = "nickhu";
+ github = "NickHu";
githubId = 450276;
name = "Nick Hu";
};
@@ -9245,7 +9326,7 @@
ninjatrappeur = {
email = "felix@alternativebit.fr";
matrix = "@ninjatrappeur:matrix.org";
- github = "ninjatrappeur";
+ github = "NinjaTrappeur";
githubId = 1219785;
name = "Félix Baylac-Jacqué";
};
@@ -9281,7 +9362,7 @@
};
nkpvk = {
email = "niko.pavlinek@gmail.com";
- github = "nkpvk";
+ github = "npavlinek";
githubId = 16385648;
name = "Niko Pavlinek";
};
@@ -9362,6 +9443,12 @@
githubId = 40049608;
name = "Andy Chun";
};
+ nook = {
+ name = "Tom Nook";
+ email = "0xnook@protonmail.com";
+ github = "0xnook";
+ githubId = 88323754;
+ };
noreferences = {
email = "norkus@norkus.net";
github = "jozuas";
@@ -9376,7 +9463,7 @@
};
notthemessiah = {
email = "brian.cohen.88@gmail.com";
- github = "notthemessiah";
+ github = "NOTtheMessiah";
githubId = 2946283;
name = "Brian Cohen";
};
@@ -9411,9 +9498,11 @@
githubId = 20391;
name = "Nahum Shalman";
};
- nslqqq = {
- email = "nslqqq@gmail.com";
- name = "Nikita Mikhailov";
+ nsnelson = {
+ email = "noah.snelson@protonmail.com";
+ github = "peeley";
+ githubId = 30942198;
+ name = "Noah Snelson";
};
nthorne = {
email = "notrupertthorne@gmail.com";
@@ -9502,6 +9591,15 @@
fingerprint = "D5E4 A51D F8D2 55B9 FAC6 A9BB 2F96 07F0 9B36 0F2D";
}];
};
+ ocfox = {
+ email = "i@ocfox.me";
+ github = "ocfox";
+ githubId = 47410251;
+ name = "ocfox";
+ keys = [{
+ fingerprint = "939E F8A5 CED8 7F50 5BB5 B2D0 24BC 2738 5F70 234F";
+ }];
+ };
odi = {
email = "oliver.dunkl@gmail.com";
github = "odi";
@@ -9526,10 +9624,6 @@
githubId = 7249506;
name = "oida";
};
- okasu = {
- email = "oka.sux@gmail.com";
- name = "Okasu";
- };
olcai = {
email = "dev@timan.info";
github = "olcai";
@@ -9574,7 +9668,7 @@
};
omnipotententity = {
email = "omnipotententity@gmail.com";
- github = "omnipotententity";
+ github = "OmnipotentEntity";
githubId = 1538622;
name = "Michael Reilly";
};
@@ -9596,6 +9690,12 @@
githubId = 757752;
name = "Jonas Heinrich";
};
+ onthestairs = {
+ email = "austinplatt@gmail.com";
+ github = "onthestairs";
+ githubId = 915970;
+ name = "Austin Platt";
+ };
ony = {
name = "Mykola Orliuk";
email = "virkony@gmail.com";
@@ -9640,7 +9740,7 @@
};
oro = {
email = "marco@orovecchia.at";
- github = "oro";
+ github = "Oro";
githubId = 357005;
name = "Marco Orovecchia";
};
@@ -9703,7 +9803,7 @@
};
pablovsky = {
email = "dealberapablo07@gmail.com";
- github = "pablo1107";
+ github = "Pablo1107";
githubId = 17091659;
name = "Pablo Andres Dealbera";
};
@@ -9753,7 +9853,7 @@
};
panaeon = {
email = "vitalii.voloshyn@gmail.com";
- github = "panaeon";
+ github = "PanAeon";
githubId = 686076;
name = "Vitalii Voloshyn";
};
@@ -9769,12 +9869,12 @@
githubId = 71795;
name = "Mica Semrick";
};
- papojari = {
- email = "papojari-git.ovoid@aleeas.com";
+ annaaurora = {
+ email = "anna@annaaurora.eu";
matrix = "@papojari:artemislena.eu";
- github = "papojari";
+ github = "auroraanna";
githubId = 81317317;
- name = "papojari";
+ name = "Anna Aurora";
};
paraseba = {
email = "paraseba@gmail.com";
@@ -9784,7 +9884,7 @@
};
parasrah = {
email = "nixos@parasrah.com";
- github = "parasrah";
+ github = "Parasrah";
githubId = 14935550;
name = "Brad Pfannmuller";
};
@@ -9827,6 +9927,12 @@
fingerprint = "196A BFEC 6A1D D1EC 7594 F8D1 F625 47D0 75E0 9767";
}];
};
+ patryk4815 = {
+ email = "patryk.sondej@gmail.com";
+ github = "patryk4815";
+ githubId = 3074260;
+ name = "Patryk Sondej";
+ };
patternspandemic = {
email = "patternspandemic@live.com";
github = "patternspandemic";
@@ -9835,7 +9941,7 @@
};
payas = {
email = "relekarpayas@gmail.com";
- github = "payasrelekar";
+ github = "bhankas";
githubId = 24254289;
name = "Payas Relekar";
};
@@ -9869,6 +9975,12 @@
githubId = 6498458;
name = "pebble kite";
};
+ pbsds = {
+ name = "Peder Bergebakken Sundt";
+ email = "pbsds@hotmail.com";
+ github = "pbsds";
+ githubId = 140964;
+ };
pcarrier = {
email = "pc@rrier.ca";
github = "pcarrier";
@@ -9905,13 +10017,6 @@
githubId = 152312;
name = "Periklis Tsirakidis";
};
- petabyteboy = {
- email = "milan@petabyte.dev";
- matrix = "@milan:petabyte.dev";
- github = "petabyteboy";
- githubId = 3250809;
- name = "Milan Pässler";
- };
petercommand = {
email = "petercommand@gmail.com";
github = "petercommand";
@@ -9961,6 +10066,17 @@
githubId = 645664;
name = "Philippe Hürlimann";
};
+ phaer = {
+ name = "Paul Haerle";
+ email = "nix@phaer.org";
+
+ matrix = "@phaer:matrix.org";
+ github = "phaer";
+ githubId = 101753;
+ keys = [{
+ fingerprint = "5D69 CF04 B7BC 2BC1 A567 9267 00BC F29B 3208 0700";
+ }];
+ };
philandstuff = {
email = "philip.g.potter@gmail.com";
github = "philandstuff";
@@ -10024,7 +10140,7 @@
};
pierrer = {
email = "pierrer@pi3r.be";
- github = "pierrer";
+ github = "PierreR";
githubId = 93115;
name = "Pierre Radermecker";
};
@@ -10058,10 +10174,6 @@
fingerprint = "D03B 218C AE77 1F77 D7F9 20D9 823A 6154 4264 08D3";
}];
};
- piotr = {
- email = "ppietrasa@gmail.com";
- name = "Piotr Pietraszkiewicz";
- };
pjbarnoy = {
email = "pjbarnoy@gmail.com";
github = "pjbarnoy";
@@ -10082,7 +10194,7 @@
};
pkmx = {
email = "pkmx.tw@gmail.com";
- github = "pkmx";
+ github = "PkmX";
githubId = 610615;
name = "Chih-Mao Chen";
};
@@ -10166,7 +10278,7 @@
};
pneumaticat = {
email = "kevin@potatofrom.space";
- github = "pneumaticat";
+ github = "kliu128";
githubId = 11365056;
name = "Kevin Liu";
};
@@ -10235,7 +10347,7 @@
};
pombeirp = {
email = "nix@endgr.33mail.com";
- github = "PombeirP";
+ github = "pedropombeiro";
githubId = 138074;
name = "Pedro Pombeiro";
};
@@ -10310,6 +10422,12 @@
}
];
};
+ ProducerMatt = {
+ name = "Matthew Pherigo";
+ email = "ProducerMatt42@gmail.com";
+ github = "ProducerMatt";
+ githubId = 58014742;
+ };
Profpatsch = {
email = "mail@profpatsch.de";
github = "Profpatsch";
@@ -10324,7 +10442,7 @@
};
progval = {
email = "progval+nix@progval.net";
- github = "ProgVal";
+ github = "progval";
githubId = 406946;
name = "Valentin Lorentz";
};
@@ -10443,7 +10561,7 @@
};
peelz = {
email = "peelz.dev+nixpkgs@gmail.com";
- github = "louistakepillz";
+ github = "notpeelz";
githubId = 920910;
name = "peelz";
};
@@ -10473,7 +10591,7 @@
};
queezle = {
email = "git@queezle.net";
- github = "qzle";
+ github = "queezle42";
githubId = 1024891;
name = "Jens Nolte";
};
@@ -10545,13 +10663,13 @@
ralith = {
email = "ben.e.saunders@gmail.com";
matrix = "@ralith:ralith.com";
- github = "ralith";
+ github = "Ralith";
githubId = 104558;
name = "Benjamin Saunders";
};
ramkromberg = {
email = "ramkromberg@mail.com";
- github = "ramkromberg";
+ github = "RamKromberg";
githubId = 14829269;
name = "Ram Kromberg";
};
@@ -10585,10 +10703,6 @@
githubId = 25647735;
name = "Victor Freire";
};
- ravloony = {
- email = "ravloony@gmail.com";
- name = "Tom Macdonald";
- };
rawkode = {
email = "david.andrew.mckay@gmail.com";
github = "rawkode";
@@ -10597,7 +10711,7 @@
};
razvan = {
email = "razvan.panda@gmail.com";
- github = "razvan-panda";
+ github = "razvan-flavius-panda";
githubId = 1758708;
name = "Răzvan Flavius Panda";
};
@@ -10685,7 +10799,7 @@
};
regnat = {
email = "regnat@regnat.ovh";
- github = "regnat";
+ github = "thufschmitt";
githubId = 7226587;
name = "Théophane Hufschmitt";
};
@@ -10784,7 +10898,7 @@
};
rhoriguchi = {
email = "ryan.horiguchi@gmail.com";
- github = "rhoriguchi ";
+ github = "rhoriguchi";
githubId = 6047658;
name = "Ryan Horiguchi";
};
@@ -11005,7 +11119,7 @@
};
ronanmacf = {
email = "macfhlar@tcd.ie";
- github = "ronanmacf";
+ github = "RonanMacF";
githubId = 25930627;
name = "Ronan Mac Fhlannchadha";
};
@@ -11202,7 +11316,7 @@
};
rytone = {
email = "max@ryt.one";
- github = "rytone";
+ github = "rastertail";
githubId = 8082305;
name = "Maxwell Beck";
keys = [{
@@ -11401,10 +11515,6 @@
githubId = 5104601;
name = "schnusch";
};
- schristo = {
- email = "schristopher@konputa.com";
- name = "Scott Christopher";
- };
sciencentistguy = {
email = "jamie@quigley.xyz";
name = "Jamie Quigley";
@@ -11423,7 +11533,7 @@
scoder12 = {
name = "Spencer Pogorzelski";
email = "34356756+Scoder12@users.noreply.github.com";
- github = "scoder12";
+ github = "Scoder12";
githubId = 34356756;
};
scolobb = {
@@ -11441,7 +11551,7 @@
Scriptkiddi = {
email = "nixos@scriptkiddi.de";
matrix = "@fritz.otlinghaus:helsinki-systems.de";
- github = "scriptkiddi";
+ github = "Scriptkiddi";
githubId = 3598650;
name = "Fritz Otlinghaus";
};
@@ -11490,7 +11600,7 @@
};
sebtm = {
email = "mail@sebastian-sellmeier.de";
- github = "sebtm";
+ github = "SebTM";
githubId = 17243347;
name = "Sebastian Sellmeier";
};
@@ -11562,7 +11672,7 @@
};
sfrijters = {
email = "sfrijters@gmail.com";
- github = "sfrijters";
+ github = "SFrijters";
githubId = 918365;
name = "Stefan Frijters";
};
@@ -11584,6 +11694,13 @@
githubId = 543055;
name = "Shadaj Laddad";
};
+ shadowrz = {
+ email = "shadowrz+nixpkgs@disroot.org";
+ matrix = "@ShadowRZ:matrixim.cc";
+ github = "ShadowRZ";
+ githubId = 23130178;
+ name = "夜坂雅";
+ };
shahrukh330 = {
email = "shahrukh330@gmail.com";
github = "shahrukh330";
@@ -11619,13 +11736,13 @@
};
shawndellysse = {
email = "sdellysse@gmail.com";
- github = "shawndellysse";
+ github = "sdellysse";
githubId = 293035;
name = "Shawn Dellysse";
};
shawn8901 = {
email = "shawn8901@googlemail.com";
- github = "shawn8901";
+ github = "Shawn8901";
githubId = 12239057;
name = "Shawn8901";
};
@@ -11755,7 +11872,7 @@
simarra = {
name = "simarra";
email = "loic.martel@protonmail.com";
- github = "simarra";
+ github = "Simarra";
githubId = 14372987;
};
simoneruffini = {
@@ -11806,7 +11923,7 @@
};
sirseruju = {
email = "sir.seruju@yandex.ru";
- github = "sirseruju";
+ github = "SirSeruju";
githubId = 74881555;
name = "Fofanov Sergey";
};
@@ -11840,20 +11957,12 @@
githubId = 158321;
name = "Stewart Mackenzie";
};
- sjourdois = {
- email = "sjourdois@gmail.com";
- name = "Stéphane ‘kwisatz’ Jourdois";
- };
skeidel = {
email = "svenkeidel@gmail.com";
github = "svenkeidel";
githubId = 266500;
name = "Sven Keidel";
};
- skrzyp = {
- email = "jot.skrzyp@gmail.com";
- name = "Jakub Skrzypnik";
- };
skykanin = {
email = "skykanin@users.noreply.github.com";
github = "skykanin";
@@ -11875,7 +11984,7 @@
};
smakarov = {
email = "setser200018@gmail.com";
- github = "setser";
+ github = "SeTSeR";
githubId = 12733495;
name = "Sergey Makarov";
keys = [{
@@ -11918,7 +12027,7 @@
};
sna = {
email = "abouzahra.9@wright.edu";
- github = "s-na";
+ github = "S-NA";
githubId = 20214715;
name = "S. Nordin Abouzahra";
};
@@ -11928,6 +12037,12 @@
githubId = 602439;
name = "Serguei Narojnyi";
};
+ snapdgn = {
+ email = "snapdgn@proton.me";
+ name = "Nitish Kumar";
+ github = "snapdgn";
+ githubId = 85608760;
+ };
snicket2100 = {
email = "57048005+snicket2100@users.noreply.github.com";
github = "snicket2100";
@@ -11948,7 +12063,7 @@
};
sohalt = {
email = "nixos@sohalt.net";
- github = "sohalt";
+ github = "Sohalt";
githubId = 2157287;
name = "sohalt";
};
@@ -11972,15 +12087,6 @@
githubId = 9720532;
name = "Sergei K";
};
- sondr3 = {
- email = "nilsen.sondre@gmail.com";
- github = "sondr3";
- githubId = 2280539;
- name = "Sondre Nilsen";
- keys = [{
- fingerprint = "0EC3 FA89 EFBA B421 F82E 40B0 2567 6BCB FFAD 76B1";
- }];
- };
sophrosyne = {
email = "joshuaortiz@tutanota.com";
github = "sophrosyne97";
@@ -12043,7 +12149,7 @@
name = "Spencer Whitt";
};
squalus = {
- email = "squalus@tuta.io";
+ email = "squalus@squalus.net";
github = "squalus";
githubId = 36899624;
name = "squalus";
@@ -12062,7 +12168,7 @@
};
srgom = {
email = "srgom@users.noreply.github.com";
- github = "srgom";
+ github = "SRGOM";
githubId = 8103619;
name = "SRGOM";
};
@@ -12081,14 +12187,14 @@
};
sstef = {
email = "stephane@nix.frozenid.net";
- github = "fkstef";
+ github = "haskelious";
githubId = 8668915;
name = "Stephane Schitter";
};
staccato = {
name = "staccato";
email = "moveq@riseup.net";
- github = "staccato";
+ github = "braaandon";
githubId = 86573128;
};
stackshadow = {
@@ -12191,13 +12297,13 @@
};
stevebob = {
email = "stephen@sherra.tt";
- github = "stevebob";
+ github = "gridbugs";
githubId = 417118;
name = "Stephen Sherratt";
};
steveej = {
email = "mail@stefanjunker.de";
- github = "steveej";
+ github = "steveeJ";
githubId = 1181362;
name = "Stefan Junker";
};
@@ -12404,7 +12510,7 @@
};
szczyp = {
email = "qb@szczyp.com";
- github = "szczyp";
+ github = "Szczyp";
githubId = 203195;
name = "Szczyp";
};
@@ -12557,7 +12663,7 @@
};
tchekda = {
email = "contact@tchekda.fr";
- github = "tchekda";
+ github = "Tchekda";
githubId = 23559888;
keys = [{
fingerprint = "44CE A8DD 3B31 49CD 6246 9D8F D0A0 07ED A4EA DA0F";
@@ -12642,6 +12748,16 @@
githubId = 886074;
name = "Matthieu Coudron";
};
+ teutat3s = {
+ email = "teutates@mailbox.org";
+ matrix = "@teutat3s:pub.solar";
+ github = "teutat3s";
+ githubId = 10206665;
+ name = "teutat3s";
+ keys = [{
+ fingerprint = "81A1 1C61 F413 8C84 9139 A4FA 18DA E600 A6BB E705";
+ }];
+ };
tex = {
email = "milan.svoboda@centrum.cz";
github = "tex";
@@ -12729,7 +12845,7 @@
name = "The Hedgehog";
email = "hedgehog@mrhedgehog.xyz";
matrix = "@mrhedgehog:jupiterbroadcasting.com";
- github = "ModdedGamers";
+ github = "theHedgehog0";
githubId = 35778371;
keys = [{
fingerprint = "38A0 29B0 4A7E 4C13 A4BB 86C8 7D51 0786 6B1C 6752";
@@ -12749,7 +12865,7 @@
};
thesola10 = {
email = "me@thesola.io";
- github = "thesola10";
+ github = "Thesola10";
githubId = 7287268;
keys = [{
fingerprint = "1D05 13A6 1AC4 0D8D C6D6 5F2C 8924 5619 BEBB 95BA";
@@ -12767,6 +12883,7 @@
github = "thiagokokada";
githubId = 844343;
name = "Thiago K. Okada";
+ matrix = "@k0kada:matrix.org";
};
thibaultlemaire = {
email = "thibault.lemaire@protonmail.com";
@@ -12992,12 +13109,25 @@
githubId = 61303;
name = "Tom Fitzhenry";
};
+ tomhoule = {
+ email = "secondary+nixpkgs@tomhoule.com";
+ github = "tomhoule";
+ githubId = 13155277;
+ name = "Tom Houle";
+ };
tomsmeets = {
email = "tom.tsmeets@gmail.com";
- github = "tomsmeets";
+ github = "TomSmeets";
githubId = 6740669;
name = "Tom Smeets";
};
+ tomsiewert = {
+ email = "tom@siewert.io";
+ matrix = "@tom:frickel.earth";
+ github = "tomsiewert";
+ githubId = 8794235;
+ name = "Tom Siewert";
+ };
toonn = {
email = "nixpkgs@toonn.io";
matrix = "@toonn:matrix.org";
@@ -13038,7 +13168,7 @@
};
travisdavis-ops = {
email = "travisdavismedia@gmail.com";
- github = "travisdavis-ops";
+ github = "TravisDavis-ops";
githubId = 52011418;
name = "Travis Davis";
};
@@ -13108,10 +13238,6 @@
githubId = 15064765;
name = "tshaynik";
};
- tstrobel = {
- email = "4ZKTUB6TEP74PYJOPWIR013S2AV29YUBW5F9ZH2F4D5UMJUJ6S@hash.domains";
- name = "Thomas Strobel";
- };
ttuegel = {
email = "ttuegel@mailbox.org";
github = "ttuegel";
@@ -13159,7 +13285,7 @@
};
tvorog = {
email = "marszaripov@gmail.com";
- github = "tvorog";
+ github = "TvoroG";
githubId = 1325161;
name = "Marsel Zaripov";
};
@@ -13319,7 +13445,7 @@
valodim = {
email = "look@my.amazin.horse";
matrix = "@Valodim:stratum0.org";
- github = "valodim";
+ github = "Valodim";
githubId = 27813;
name = "Vincent Breitmoser";
};
@@ -13539,12 +13665,6 @@
githubId = 5604643;
name = "Mikhail Volkhov";
};
- volth = {
- email = "jaroslavas@volth.com";
- github = "volth";
- githubId = 508305;
- name = "Jaroslavas Pocepko";
- };
vonfry = {
email = "nixos@vonfry.name";
github = "Vonfry";
@@ -13553,6 +13673,8 @@
};
vq = {
email = "vq@erq.se";
+ github = "vq";
+ githubId = 230381;
name = "Daniel Nilsson";
};
vrinek = {
@@ -13569,7 +13691,7 @@
};
vskilet = {
email = "victor@sene.ovh";
- github = "vskilet";
+ github = "Vskilet";
githubId = 7677567;
name = "Victor SENE";
};
@@ -13633,10 +13755,6 @@
github = "wdavidw";
githubId = 46896;
};
- wedens = {
- email = "kirill.wedens@gmail.com";
- name = "wedens";
- };
WeebSorceress = {
name = "WeebSorceress";
email = "hello@weebsorceress.anonaddy.me";
@@ -13703,24 +13821,16 @@
};
willibutz = {
email = "willibutz@posteo.de";
- github = "willibutz";
+ github = "WilliButz";
githubId = 20464732;
name = "Willi Butz";
};
- willtim = {
- email = "tim.williams.public@gmail.com";
- name = "Tim Philip Williams";
- };
willcohen = {
email = "willcohen@users.noreply.github.com";
github = "willcohen";
githubId = 5185341;
name = "Will Cohen";
};
- winden = {
- email = "windenntw@gmail.com";
- name = "Antonio Vargas Gonzalez";
- };
winpat = {
email = "patrickwinter@posteo.ch";
github = "winpat";
@@ -13801,7 +13911,7 @@
};
wolfangaukang = {
email = "clone.gleeful135+nixpkgs@anonaddy.me";
- github = "wolfangaukang";
+ github = "WolfangAukang";
githubId = 8378365;
name = "P. R. d. O.";
};
@@ -13868,7 +13978,7 @@
};
wyvie = {
email = "elijahrum@gmail.com";
- github = "wyvie";
+ github = "alicerum";
githubId = 3992240;
name = "Elijah Rum";
};
@@ -13942,7 +14052,7 @@
};
xnwdd = {
email = "nwdd+nixos@no.team";
- github = "xnwdd";
+ github = "xNWDD";
githubId = 3028542;
name = "Guillermo NWDD";
};
@@ -13973,7 +14083,7 @@
xyenon = {
name = "XYenon";
email = "i@xyenon.bid";
- github = "xyenon";
+ github = "XYenon";
githubId = 20698483;
};
xzfc = {
@@ -14031,6 +14141,12 @@
githubId = 5978566;
name = "Yves-Stan Le Cornec";
};
+ ylh = {
+ email = "nixpkgs@ylh.io";
+ github = "ylh";
+ githubId = 9125590;
+ name = "Yestin L. Harrison";
+ };
ylwghst = {
email = "ylwghst@onionmail.info";
github = "ylwghst";
@@ -14058,7 +14174,7 @@
yorickvp = {
email = "yorickvanpelt@gmail.com";
matrix = "@yorickvp:matrix.org";
- github = "yorickvp";
+ github = "yorickvP";
githubId = 647076;
name = "Yorick van Pelt";
};
@@ -14195,7 +14311,7 @@
};
zauberpony = {
email = "elmar@athmer.org";
- github = "zauberpony";
+ github = "elmarx";
githubId = 250877;
name = "Elmar Athmer";
};
@@ -14212,13 +14328,9 @@
githubId = 1557253;
name = "Lennart Eichhorn";
};
- zef = {
- email = "zef@zef.me";
- name = "Zef Hemel";
- };
zeratax = {
email = "mail@zera.tax";
- github = "ZerataX";
+ github = "zeratax";
githubId = 5024958;
name = "Jona Abdinghoff";
keys = [{
@@ -14342,7 +14454,7 @@
};
rakesh4g = {
email = "rakeshgupta4u@gmail.com";
- github = "rakesh4g";
+ github = "Rakesh4G";
githubId = 50867187;
name = "Rakesh Gupta";
};
@@ -14372,7 +14484,7 @@
};
matthewcroughan = {
email = "matt@croughan.sh";
- github = "matthewcroughan";
+ github = "MatthewCroughan";
githubId = 26458780;
name = "Matthew Croughan";
};
@@ -14538,7 +14650,7 @@
name = "Josh Hoffer";
email = "jhoffer@sansorgan.es";
matrix = "@princemachiavelli:matrix.org";
- github = "princemachiavelli";
+ github = "Princemachiavelli";
githubId = 2730968;
keys = [{
fingerprint = "DD54 130B ABEC B65C 1F6B 2A38 8312 4F97 A318 EA18";
@@ -14719,6 +14831,15 @@
github = "snpschaaf";
githubId = 105843013;
};
+ SohamG = {
+ email = "sohamg2@gmail.com";
+ name = "Soham S Gumaste";
+ github = "SohamG";
+ githubId = 7116239;
+ keys = [{
+ fingerprint = "E067 520F 5EF2 C175 3F60 50C0 BA46 725F 6A26 7442";
+ }];
+ };
jali-clarke = {
email = "jinnah.ali-clarke@outlook.com";
name = "Jinnah Ali-Clarke";
@@ -14731,4 +14852,22 @@
github = "npatsakula";
githubId = 23001619;
};
+ dfithian = {
+ email = "daniel.m.fithian@gmail.com";
+ name = "Daniel Fithian";
+ github = "dfithian";
+ githubId = 8409320;
+ };
+ nikstur = {
+ email = "nikstur@outlook.com";
+ name = "nikstur";
+ github = "nikstur";
+ githubId = 61635709;
+ };
+ yisuidenghua = {
+ email = "bileiner@gmail.com";
+ name = "Milena Yisui";
+ github = "yisuidenghua";
+ githubId = 102890144;
+ };
}
diff --git a/infra/libkookie/nixpkgs/unstable/maintainers/scripts/fetch-kde-qt.sh b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/fetch-kde-qt.sh
index 22d78151978..9e2348fda70 100755
--- a/infra/libkookie/nixpkgs/unstable/maintainers/scripts/fetch-kde-qt.sh
+++ b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/fetch-kde-qt.sh
@@ -2,30 +2,159 @@
#! nix-shell -i bash -p coreutils findutils gnused nix wget
set -efuo pipefail
+export LC_COLLATE=C # fix sort order
-SRCS=
-if [ -d "$1" ]; then
- SRCS="$(pwd)/$1/srcs.nix"
- . "$1/fetch.sh"
+# parse files and folders from https://download.kde.org/ and https://download.qt.io/
+# you can override this function in fetch.sh
+function PARSE_INDEX() {
+ cat "$1" | grep -o -E -e '\s+href="[^"]+\.tar\.xz"' -e '\s+href="[-_a-zA-Z0-9]+/"' | cut -d'"' -f2 | sort | uniq
+}
+
+if [ $# != 1 ]; then
+ echo "example use:" >&2
+ echo "cd nixpkgs/" >&2
+ echo "./maintainers/scripts/fetch-kde-qt.sh pkgs/development/libraries/qt-5/5.12" >&2
+ exit 1
+fi
+
+if ! echo "$1" | grep -q '^pkgs/'; then
+ echo "error: path argument must start with pkgs/" >&2
+ exit 1
+fi
+
+# need absolute path for the pushd-popd block
+if [ -f "$1" ]; then
+ echo "ok: using fetchfile $1"
+ fetchfilerel="$1"
+ fetchfile="$(readlink -f "$fetchfilerel")" # resolve absolute path
+ basedir="$(dirname "$fetchfile")"
+ basedirrel="$(dirname "$fetchfilerel")"
+elif [ -d "$1" ]; then
+ echo "ok: using basedir $1"
+ basedirrel="$1"
+ basedir="$(readlink -f "$basedirrel")" # resolve absolute path
+ if ! [ -d "$basedir" ]; then
+ basedir="$(dirname "$basedir")"
+ fi
+ fetchfile="$basedir/fetch.sh"
else
- SRCS="$(pwd)/$(dirname $1)/srcs.nix"
- . "$1"
+ echo 'error: $1 must be file or dir' >&2
+ exit 1
fi
-tmp=$(mktemp -d)
+pkgname=$(basename "$basedir")
+SRCS="$basedir/srcs.nix"
+srcsrel="$basedirrel/srcs.nix"
+
+source "$fetchfile"
+
+if [ -n "$WGET_ARGS" ]; then # old format
+ BASE_URL="${WGET_ARGS[0]}" # convert to new format
+ # validate
+ if ! echo "$BASE_URL" | grep -q -E '^(http|https|ftp)://'; then
+ printf 'error: from WGET_ARGS, converted invalid BASE_URL: %q\n' "$BASE_URL" >&2
+ exit 1
+ fi
+ printf 'ok: from WGET_ARGS, converted BASE_URL: %q\n' "$BASE_URL"
+elif [ -n "$BASE_URL" ]; then # new format
+ :
+else
+ echo "error: fetch.sh must set either WGET_ARGS or BASE_URL" >&2
+ exit 1
+fi
+
+tmptpl=tmp.fetch-kde-qt.$pkgname.XXXXXXXXXX
+
+tmp=$(mktemp -d $tmptpl)
pushd $tmp >/dev/null
-wget -nH -r -c --no-parent "${WGET_ARGS[@]}" >/dev/null
+echo "tempdir is $tmp"
+
+wgetargs='--quiet --show-progress'
+#wgetargs='' # debug
+
+dirlist="$BASE_URL"
+filelist=""
+base_url_len=${#BASE_URL}
-csv=$(mktemp)
-find . -type f | while read src; do
+clean_urls() {
+ # // -> /
+ sed -E 's,//+,/,g' | sed -E 's,^(http|https|ftp):/,&/,'
+}
+
+while [ -n "$dirlist" ]
+do
+ for dirurl in $dirlist
+ do
+ echo "fetching index.html from $dirurl"
+ relpath=$(echo "./${dirurl:$base_url_len}" | clean_urls)
+ mkdir -p "$relpath"
+ indexfile=$(echo "$relpath/index.html" | clean_urls)
+ wget $wgetargs -O "$indexfile" "$dirurl"
+ echo "parsing $indexfile"
+ filedirlist="$(PARSE_INDEX "$indexfile")"
+ filelist_next="$(echo "$filedirlist" | grep '\.tar\.xz$' | while read file; do echo "$dirurl/$file"; done)"
+ filelist_next="$(echo "$filelist_next" | clean_urls)"
+ [ -n "$filelist" ] && filelist+=$'\n'
+ filelist+="$filelist_next"
+ dirlist="$(echo "$filedirlist" | grep -v '\.tar\.xz$' | while read dir; do echo "$dirurl/$dir"; done || true)"
+ dirlist="$(echo "$dirlist" | clean_urls)"
+ done
+done
+
+filecount=$(echo "$filelist" | wc -l)
+
+if [ -z "$filelist" ]
+then
+ echo "error: no files parsed from $tmp/index.html"
+ exit 1
+fi
+
+echo "parsed $filecount tar.xz files:"; echo "$filelist"
+
+# most time is spent here
+echo "fetching $filecount sha256 files ..."
+urllist="$(echo "$filelist" | while read file; do echo "$file.sha256"; done)"
+# wget -r: keep directory structure
+echo "$urllist" | xargs wget $wgetargs -nH -r -c --no-parent && {
+ actual=$(find . -type f -name '*.sha256' | wc -l)
+ echo "fetching $filecount sha256 files done: got $actual files"
+} || {
+ # workaround: in rare cases, the server does not provide the sha256 files
+ # for example when the release is just a few hours old
+ # and the servers are not yet fully synced
+ actual=$(find . -type f -name '*.sha256' | wc -l)
+ echo "fetching $filecount sha256 files failed: got only $actual files"
+
+ # TODO fetch only missing tar.xz files
+ echo "fetching $filecount tar.xz files ..."
+ urllist="$(echo "$filelist" | while read file; do echo "$BASE_URL/$file"; done)"
+ echo "$urllist" | xargs wget $wgetargs -nH -r -c --no-parent
+
+ echo "generating sha256 files ..."
+ find . -type f -name '*.tar.xz' | while read src; do
+ name=$(basename "$src")
+ sha256=$(sha256sum "$src" | cut -d' ' -f1)
+ echo "$sha256 $name" >"$src.sha256"
+ done
+}
+
+csv=$(mktemp $tmptpl.csv)
+echo "writing temporary file $csv ..."
+find . -type f -name '*.sha256' | while read sha256file; do
+ src="${sha256file%.*}" # remove extension
+ sha256=$(cat $sha256file | cut -d' ' -f1) # base16
+ sha256=$(nix-hash --type sha256 --to-base32 $sha256)
# Sanitize file name
filename=$(basename "$src" | tr '@' '_')
nameVersion="${filename%.tar.*}"
name=$(echo "$nameVersion" | sed -e 's,-[[:digit:]].*,,' | sed -e 's,-opensource-src$,,' | sed -e 's,-everywhere-src$,,')
version=$(echo "$nameVersion" | sed -e 's,^\([[:alpha:]][[:alnum:]]*-\)\+,,')
- echo "$name,$version,$src,$filename" >>$csv
+ echo "$name,$version,$src,$filename,$sha256" >>$csv
done
+files_before=$(grep -c 'src = ' "$SRCS")
+
+echo "writing output file $SRCS ..."
cat >"$SRCS" <>"$SRCS" <>"$SRCS"
+files_after=$(grep -c 'src = ' "$SRCS")
+echo "files before: $files_before"
+echo "files after: $files_after"
+
+echo "compare:"
+echo "git diff $srcsrel"
+
popd >/dev/null
rm -fr $tmp >/dev/null
diff --git a/infra/libkookie/nixpkgs/unstable/maintainers/scripts/fix-maintainers.pl b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/fix-maintainers.pl
new file mode 100755
index 00000000000..81f6450c5fa
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/fix-maintainers.pl
@@ -0,0 +1,52 @@
+#!/usr/bin/env nix-shell
+#!nix-shell -i perl -p perl -p perlPackages.LWP -p perlPackages.LWPProtocolHttps -p perlPackages.LWPUserAgent -p perlPackages.JSON -p perlPackages.PathTiny
+use LWP::UserAgent;
+use JSON;
+use Path::Tiny;
+use strict;
+use warnings;
+
+my $maintainers_list_nix = "../maintainer-list.nix";
+my $maintainers_json = from_json(`nix-instantiate --json --eval --expr 'builtins.fromJSON (builtins.toJSON (import $maintainers_list_nix))'`);
+
+STDOUT->autoflush(1);
+
+my $ua = LWP::UserAgent->new();
+
+keys %$maintainers_json; # reset the internal iterator so a prior each() doesn't affect the loop
+while(my($k, $v) = each %$maintainers_json) {
+ my $current_user = %$v{'github'};
+ if (!defined $current_user) {
+ print "$k has no github handle\n";
+ next;
+ }
+ my $github_id = %$v{'githubId'};
+ if (!defined $github_id) {
+ print "$k has no githubId\n";
+ next;
+ }
+ my $url = 'https://api.github.com/user/' . $github_id;
+ my $resp = $ua->get(
+ $url,
+ "Authorization" => "Token $ENV{GH_TOKEN}"
+ );
+
+ if ($resp->header("X-RateLimit-Remaining") == 0) {
+ my $ratelimit_reset = $resp->header("X-RateLimit-Reset");
+ print "Request limit exceeded, waiting until " . scalar localtime $ratelimit_reset . "\n";
+ sleep($ratelimit_reset - time() + 5);
+ }
+ if ($resp->code != 200) {
+ print $current_user . " likely deleted their github account\n";
+ next;
+ }
+ my $resp_json = from_json($resp->content);
+ my $api_user = %$resp_json{"login"};
+ if ($current_user ne $api_user) {
+ print $current_user . " is now known on github as " . $api_user . ". Editing maintainer-list.nix…\n";
+ my $file = path($maintainers_list_nix);
+ my $data = $file->slurp_utf8;
+ $data =~ s/github = "$current_user";$/github = "$api_user";/m;
+ $file->spew_utf8($data);
+ }
+}
diff --git a/infra/libkookie/nixpkgs/unstable/maintainers/scripts/haskell/hydra-report.hs b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/haskell/hydra-report.hs
index 60b57b97a2b..fe55f13de70 100755
--- a/infra/libkookie/nixpkgs/unstable/maintainers/scripts/haskell/hydra-report.hs
+++ b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/haskell/hydra-report.hs
@@ -451,8 +451,8 @@ printBuildSummary
showBuild (name, entry) = printJob id name (summaryBuilds entry, Text.pack (if summaryReverseDeps entry > 0 then " :arrow_heading_up: " <> show (summaryUnbrokenReverseDeps entry) <>" | "<> show (summaryReverseDeps entry) else ""))
showMaintainedBuild (name, (table, maintainers)) = printJob id name (table, Text.intercalate " " (fmap ("@" <>) (toList maintainers)))
tldr = case (errors, warnings) of
- ([],[]) -> [":green_circle: **Ready to merge**"]
- ([],_) -> [":yellow_circle: **Potential issues**"]
+ ([],[]) -> [":green_circle: **Ready to merge** (if there are no [Evaluation Errors](https://hydra.nixos.org/jobset/nixpkgs/haskell-updates))"]
+ ([],_) -> [":yellow_circle: **Potential issues** (and possibly [Evaluation Errors](https://hydra.nixos.org/jobset/nixpkgs/haskell-updates))"]
_ -> [":red_circle: **Branch not mergeable**"]
warnings =
if' (Unfinished > maybe Success worstState maintainedJob) "`maintained` jobset failed." <>
diff --git a/infra/libkookie/nixpkgs/unstable/maintainers/scripts/luarocks-packages.csv b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/luarocks-packages.csv
index c7b1e405ebb..2511f068186 100644
--- a/infra/libkookie/nixpkgs/unstable/maintainers/scripts/luarocks-packages.csv
+++ b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/luarocks-packages.csv
@@ -86,6 +86,7 @@ plenary.nvim,https://github.com/nvim-lua/plenary.nvim.git,,,,lua5_1,
rapidjson,https://github.com/xpol/lua-rapidjson.git,,,,,
readline,,,,,,
say,https://github.com/Olivine-Labs/say.git,,,,,
+serpent,,,,,,lockejan
sqlite,,,,,,
std._debug,https://github.com/lua-stdlib/_debug.git,,,,,
std.normalize,https://github.com/lua-stdlib/normalize.git,,,,,
diff --git a/infra/libkookie/nixpkgs/unstable/maintainers/scripts/mdize-module.sh b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/mdize-module.sh
new file mode 100755
index 00000000000..e2d2e5467aa
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/maintainers/scripts/mdize-module.sh
@@ -0,0 +1,83 @@
+#! /usr/bin/env nix-shell
+#! nix-shell -I nixpkgs=. -i bash -p delta jq perl
+
+set -euo pipefail
+shopt -s inherit_errexit
+
+cat <<'EOF'
+This script attempts to automatically convert option descriptions from
+DocBook syntax to markdown. Naturally this process is incomplete and
+imperfect, so any changes generated by this script MUST be reviewed.
+
+Possible problems include: incorrectly replaced tags, badly formatted
+markdown, DocBook tags this script doesn't recognize remaining in the
+output and crashing the docs build, incorrect escaping of markdown
+metacharacters, incorrect unescaping of XML entities—and the list goes on.
+
+Always review the generated changes!
+
+Some known limitations:
+ - Does not transform literalDocBook items
+ - Replacements can occur in non-option code, such as string literals
+
+
+EOF
+
+
+
+build-options-json() {
+ nix-build --no-out-link --expr '
+ let
+ sys = import ./nixos/default.nix {
+ configuration = {};
+ };
+ in
+ [
+ sys.config.system.build.manual.optionsJSON
+ ]
+ '
+}
+
+
+
+git diff --quiet || {
+ echo "Worktree is dirty. Please stash or commit first."
+ exit 1
+}
+
+echo "Building options.json ..."
+old_options=$(build-options-json)
+
+echo "Applying replacements ..."
+perl -pi -e '
+ BEGIN {
+ undef $/;
+ }
+
+ s,([^`]*?),`$1`,smg;
+ s,([^»]*?),«$1»,smg;
+ s,([^`]*?),{file}`$1`,smg;
+ s,,{option}`$1`,smg;
+ s,([^`]*?),`$1`,smg;
+ s,([^`]*?),{command}`$1`,smg;
+ s,,<$1>,smg;
+ s,(.*?),[$2]($1),smg;
+ s,([^`]*?),`$1`,smg;
+ s,([^*]*?),*$1*,smg;
+ s,\s*
+ \s*(.*?)\s*\s*
+ \s*(.*?)\s*\s*
+ ,{manpage}`$1($2)`,smgx;
+ s,^( +description =),\1 lib.mdDoc,smg;
+' "$@"
+
+echo "Building options.json again ..."
+new_options=$(build-options-json)
+
+
+! cmp -s {$old_options,$new_options}/share/doc/nixos/options.json && {
+ diff -U10 \
+ <(jq . <$old_options/share/doc/nixos/options.json) \
+ <(jq . <$new_options/share/doc/nixos/options.json) \
+ | delta
+}
diff --git a/infra/libkookie/nixpkgs/unstable/maintainers/team-list.nix b/infra/libkookie/nixpkgs/unstable/maintainers/team-list.nix
index 413a6f9b1d7..3dda306cd16 100644
--- a/infra/libkookie/nixpkgs/unstable/maintainers/team-list.nix
+++ b/infra/libkookie/nixpkgs/unstable/maintainers/team-list.nix
@@ -98,6 +98,7 @@ with lib.maintainers; {
members = [
astro
SuperSandro2000
+ revol-xut
];
scope = "Maintain packages used in the C3D2 hackspace";
shortName = "c3d2";
@@ -325,7 +326,6 @@ with lib.maintainers; {
jitsi = {
members = [
cleeyv
- petabyteboy
ryantm
yuka
];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/configuration/adding-custom-packages.section.md b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/configuration/adding-custom-packages.section.md
index 5d1198fb0f4..9219396722f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/configuration/adding-custom-packages.section.md
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/configuration/adding-custom-packages.section.md
@@ -1,11 +1,18 @@
# Adding Custom Packages {#sec-custom-packages}
It's possible that a package you need is not available in NixOS. In that
-case, you can do two things. First, you can clone the Nixpkgs
-repository, add the package to your clone, and (optionally) submit a
-patch or pull request to have it accepted into the main Nixpkgs repository.
-This is described in detail in the [Nixpkgs manual](https://nixos.org/nixpkgs/manual).
-In short, you clone Nixpkgs:
+case, you can do two things. Either you can package it with Nix, or you can try
+to use prebuilt packages from upstream. Due to the peculiarities of NixOS, it
+is important to note that building software from source is often easier than
+using pre-built executables.
+
+## Building with Nix {#sec-custom-packages-nix}
+
+This can be done either in-tree or out-of-tree. For an in-tree build, you can
+clone the Nixpkgs repository, add the package to your clone, and (optionally)
+submit a patch or pull request to have it accepted into the main Nixpkgs
+repository. This is described in detail in the [Nixpkgs
+manual](https://nixos.org/nixpkgs/manual). In short, you clone Nixpkgs:
```ShellSession
$ git clone https://github.com/NixOS/nixpkgs
@@ -72,3 +79,21 @@ $ nix-build my-hello.nix
$ ./result/bin/hello
Hello, world!
```
+
+## Using pre-built executables {#sec-custom-packages-prebuilt}
+
+Most pre-built executables will not work on NixOS. There are two notable
+exceptions: flatpaks and AppImages. For flatpaks see the [dedicated
+section](#module-services-flatpak). AppImages will not run "as-is" on NixOS.
+First you need to install `appimage-run`: add to `/etc/nixos/configuration.nix`
+
+```nix
+environment.systemPackages = [ pkgs.appimage-run ];
+```
+
+Then instead of running the AppImage "as-is", run `appimage-run foo.appimage`.
+
+To make other pre-built executables work on NixOS, you need to package them
+with Nix and special helpers like `autoPatchelfHook` or `buildFHSUserEnv`. See
+the [Nixpkgs manual](https://nixos.org/nixpkgs/manual) for details. This
+is complex and often doing a source build is easier.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/development/writing-nixos-tests.section.md b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/development/writing-nixos-tests.section.md
index f4f4056ad98..da965ce09e3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/development/writing-nixos-tests.section.md
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/development/writing-nixos-tests.section.md
@@ -362,7 +362,6 @@ with foo_running:
... # Put `foo` through its paces
```
-
`polling_condition` takes the following (optional) arguments:
`seconds_interval`
@@ -407,6 +406,9 @@ import ./make-test-python.nix
nodes = { };
+ # Type checking on extra packages doesn't work yet
+ skipTypeCheck = true;
+
testScript = ''
import numpy as np
assert str(np.zeros(4) == "array([0., 0., 0., 0.])")
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/configuration/adding-custom-packages.section.xml b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/configuration/adding-custom-packages.section.xml
index 4fa40d61966..07f541666cb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/configuration/adding-custom-packages.section.xml
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/configuration/adding-custom-packages.section.xml
@@ -2,40 +2,50 @@
Adding Custom Packages
It’s possible that a package you need is not available in NixOS. In
- that case, you can do two things. First, you can clone the Nixpkgs
- repository, add the package to your clone, and (optionally) submit a
- patch or pull request to have it accepted into the main Nixpkgs
- repository. This is described in detail in the
- Nixpkgs
- manual. In short, you clone Nixpkgs:
+ that case, you can do two things. Either you can package it with
+ Nix, or you can try to use prebuilt packages from upstream. Due to
+ the peculiarities of NixOS, it is important to note that building
+ software from source is often easier than using pre-built
+ executables.
-
+
+ Building with Nix
+
+ This can be done either in-tree or out-of-tree. For an in-tree
+ build, you can clone the Nixpkgs repository, add the package to
+ your clone, and (optionally) submit a patch or pull request to
+ have it accepted into the main Nixpkgs repository. This is
+ described in detail in the
+ Nixpkgs
+ manual. In short, you clone Nixpkgs:
+
+
$ git clone https://github.com/NixOS/nixpkgs
$ cd nixpkgs
-
- Then you write and test the package as described in the Nixpkgs
- manual. Finally, you add it to
- , e.g.
-
-
+
+ Then you write and test the package as described in the Nixpkgs
+ manual. Finally, you add it to
+ , e.g.
+
+
environment.systemPackages = [ pkgs.my-package ];
-
- and you run nixos-rebuild, specifying your own
- Nixpkgs tree:
-
-
+
+ and you run nixos-rebuild, specifying your own
+ Nixpkgs tree:
+
+
# nixos-rebuild switch -I nixpkgs=/path/to/my/nixpkgs
-
- The second possibility is to add the package outside of the Nixpkgs
- tree. For instance, here is how you specify a build of the
- GNU
- Hello package directly in
- configuration.nix:
-
-
+
+ The second possibility is to add the package outside of the
+ Nixpkgs tree. For instance, here is how you specify a build of the
+ GNU
+ Hello package directly in
+ configuration.nix:
+
+
environment.systemPackages =
let
my-hello = with pkgs; stdenv.mkDerivation rec {
@@ -48,17 +58,17 @@ environment.systemPackages =
in
[ my-hello ];
-
- Of course, you can also move the definition of
- my-hello into a separate Nix expression, e.g.
-
-
+
+ Of course, you can also move the definition of
+ my-hello into a separate Nix expression, e.g.
+
+
environment.systemPackages = [ (import ./my-hello.nix) ];
-
- where my-hello.nix contains:
-
-
+
+ where my-hello.nix contains:
+
+
with import <nixpkgs> {}; # bring all of Nixpkgs into scope
stdenv.mkDerivation rec {
@@ -69,12 +79,40 @@ stdenv.mkDerivation rec {
};
}
-
- This allows testing the package easily:
-
-
+
+ This allows testing the package easily:
+
+
$ nix-build my-hello.nix
$ ./result/bin/hello
Hello, world!
+
+
+ Using pre-built executables
+
+ Most pre-built executables will not work on NixOS. There are two
+ notable exceptions: flatpaks and AppImages. For flatpaks see the
+ dedicated section.
+ AppImages will not run as-is on NixOS. First you
+ need to install appimage-run: add to
+ /etc/nixos/configuration.nix
+
+
+environment.systemPackages = [ pkgs.appimage-run ];
+
+
+ Then instead of running the AppImage as-is, run
+ appimage-run foo.appimage.
+
+
+ To make other pre-built executables work on NixOS, you need to
+ package them with Nix and special helpers like
+ autoPatchelfHook or
+ buildFHSUserEnv. See the
+ Nixpkgs
+ manual for details. This is complex and often doing a
+ source build is easier.
+
+
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml
index 46367bdd345..7e4af038290 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml
@@ -680,6 +680,9 @@ import ./make-test-python.nix
nodes = { };
+ # Type checking on extra packages doesn't work yet
+ skipTypeCheck = true;
+
testScript = ''
import numpy as np
assert str(np.zeros(4) == "array([0., 0., 0., 0.])")
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/installation/building-nixos.chapter.xml b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/installation/building-nixos.chapter.xml
index e7a76a6d715..ea2d01bebcc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/installation/building-nixos.chapter.xml
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/installation/building-nixos.chapter.xml
@@ -33,9 +33,14 @@
Practical Instructions
+
+ To build an ISO image for the channel
+ nixos-unstable:
+
$ git clone https://github.com/NixOS/nixpkgs.git
$ cd nixpkgs/nixos
+$ git switch nixos-unstable
$ nix-build -A config.system.build.isoImage -I nixos-config=modules/installer/cd-dvd/installation-cd-minimal.nix default.nix
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/installation/installing.chapter.xml b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/installation/installing.chapter.xml
index 19ff841f5a6..0fcbcf2e66c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/installation/installing.chapter.xml
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/installation/installing.chapter.xml
@@ -426,7 +426,9 @@ OK
- You must set the option
+ You must select a boot-loader, either system-boot or
+ GRUB. The recommended option is systemd-boot: set the
+ option
to true.
nixos-generate-config should do this
@@ -440,6 +442,23 @@ OK
boot.loader.systemd-boot
as well.
+
+ If you want to use GRUB, set
+ to
+ nodev and
+ to
+ true.
+
+
+ With system-boot, you should not need any special
+ configuration to detect other installed systems. With
+ GRUB, set
+ to
+ true, but this will only detect
+ windows partitions, not other linux distributions. If
+ you dual boot another linux distribution, use
+ system-boot instead.
+
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
index a11c2bb61ff..882eea3c4a4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml
@@ -133,6 +133,14 @@
services.infnoise.
+
+
+ kanata,
+ a tool to improve keyboard comfort and usability with advanced
+ customization. Available as
+ services.kanata.
+
+
persistent-evdev,
@@ -156,6 +164,13 @@
services.expressvpn.
+
+
+ Grafana
+ Tempo, a distributed tracing store. Available as
+ services.tempo.
+
+
@@ -243,6 +258,12 @@
this version for the entire lifecycle of the 22.11 release.
+
+
+ pkgs.cosign does not provide the
+ cosigned binary anymore.
+
+
riak package removed along with
@@ -250,6 +271,31 @@
maintainer to update the package.
+
+
+ xow package removed along with the
+ hardware.xow module, due to the project
+ being deprecated in favor of xone, which is
+ available via the hardware.xone module.
+
+
+
+
+ The services.graphite.api and
+ services.graphite.beacon NixOS options, and
+ the python3.pkgs.graphite_api,
+ python3.pkgs.graphite_beacon and
+ python3.pkgs.influxgraph packages, have
+ been removed due to lack of upstream maintenance.
+
+
+
+
+ The meta.mainProgram attribute of packages
+ in wineWowPackages now defaults to
+ "wine64".
+
+
(Neo)Vim can not be configured with
@@ -285,6 +331,13 @@
hardware.saleae-logic.package.
+
+
+ The Redis module now disables RDB persistence when
+ services.redis.servers.<name>.save = []
+ instead of using the Redis default.
+
+
Matrix Synapse now requires entries in the
@@ -296,6 +349,15 @@
and require manual remediation.
+
+
+ dockerTools.buildImage deprecates the
+ misunderstood contents parameter, in favor
+ of copyToRoot. Use
+ copyToRoot = buildEnv { ... }; or similar
+ if you intend to add packages to /bin.
+
+
memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2.
@@ -303,6 +365,20 @@
as coreboot’s fork is no longer available.
+
+
+ Add udev rules for the Teensy family of microcontrollers.
+
+
+
+
+ The pass-secret-service package now
+ includes systemd units from upstream, so adding it to the
+ NixOS services.dbus.packages option will
+ make it start automatically as a systemd user service when an
+ application tries to talk to the libsecret D-Bus API.
+
+
There is a new module for the thunar
@@ -315,6 +391,13 @@
release it may be removed.
+
+
+ There is a new module for the xfconf
+ program (the Xfce configuration storage system), which has a
+ dbus service.
+
+
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/installation/building-nixos.chapter.md b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/installation/building-nixos.chapter.md
index 27d7e1d3855..17da261fbda 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/installation/building-nixos.chapter.md
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/installation/building-nixos.chapter.md
@@ -18,9 +18,12 @@ enforced values with `mkForce`.
## Practical Instructions {#sec-building-image-instructions}
+To build an ISO image for the channel `nixos-unstable`:
+
```ShellSession
$ git clone https://github.com/NixOS/nixpkgs.git
$ cd nixpkgs/nixos
+$ git switch nixos-unstable
$ nix-build -A config.system.build.isoImage -I nixos-config=modules/installer/cd-dvd/installation-cd-minimal.nix default.nix
```
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/installation/installing.chapter.md b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/installation/installing.chapter.md
index 7e830f8e458..dd7f883bb3c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/installation/installing.chapter.md
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/installation/installing.chapter.md
@@ -303,7 +303,8 @@ Use the following commands:
UEFI systems
- : You *must* set the option [](#opt-boot.loader.systemd-boot.enable)
+ : You must select a boot-loader, either system-boot or GRUB. The recommended
+ option is systemd-boot: set the option [](#opt-boot.loader.systemd-boot.enable)
to `true`. `nixos-generate-config` should do this automatically
for new configurations when booted in UEFI mode.
@@ -312,6 +313,15 @@ Use the following commands:
[`boot.loader.systemd-boot`](#opt-boot.loader.systemd-boot.enable)
as well.
+ : If you want to use GRUB, set [](#opt-boot.loader.grub.device) to `nodev` and
+ [](#opt-boot.loader.grub.efiSupport) to `true`.
+
+ : With system-boot, you should not need any special configuration to detect
+ other installed systems. With GRUB, set [](#opt-boot.loader.grub.useOSProber)
+ to `true`, but this will only detect windows partitions, not other linux
+ distributions. If you dual boot another linux distribution, use system-boot
+ instead.
+
If you need to configure networking for your machine the
configuration options are described in [](#sec-networking). In
particular, while wifi is supported on the installation image, it is
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/release-notes/rl-2211.section.md b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/release-notes/rl-2211.section.md
index 275c522a54f..a2757d67e89 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/release-notes/rl-2211.section.md
+++ b/infra/libkookie/nixpkgs/unstable/nixos/doc/manual/release-notes/rl-2211.section.md
@@ -58,12 +58,18 @@ In addition to numerous new and upgraded packages, this release has the followin
- [infnoise](https://github.com/leetronics/infnoise), a hardware True Random Number Generator dongle.
Available as [services.infnoise](options.html#opt-services.infnoise.enable).
+
+- [kanata](https://github.com/jtroo/kanata), a tool to improve keyboard comfort and usability with advanced customization.
+ Available as [services.kanata](options.html#opt-services.kanata.enable).
+
- [persistent-evdev](https://github.com/aiberia/persistent-evdev), a daemon to add virtual proxy devices that mirror a physical input device but persist even if the underlying hardware is hot-plugged. Available as [services.persistent-evdev](#opt-services.persistent-evdev.enable).
- [schleuder](https://schleuder.org/), a mailing list manager with PGP support. Enable using [services.schleuder](#opt-services.schleuder.enable).
- [expressvpn](https://www.expressvpn.com), the CLI client for ExpressVPN. Available as [services.expressvpn](#opt-services.expressvpn.enable).
+- [Grafana Tempo](https://www.grafana.com/oss/tempo/), a distributed tracing store. Available as [services.tempo](#opt-services.tempo.enable).
+
## Backward Incompatibilities {#sec-release-22.11-incompatibilities}
@@ -95,8 +101,19 @@ In addition to numerous new and upgraded packages, this release has the followin
- PHP 7.4 is no longer supported due to upstream not supporting this
version for the entire lifecycle of the 22.11 release.
+- `pkgs.cosign` does not provide the `cosigned` binary anymore.
+
- riak package removed along with `services.riak` module, due to lack of maintainer to update the package.
+- xow package removed along with the `hardware.xow` module, due to the project being deprecated in favor of `xone`, which is available via the `hardware.xone` module.
+
+- The `services.graphite.api` and `services.graphite.beacon` NixOS options, and
+ the `python3.pkgs.graphite_api`, `python3.pkgs.graphite_beacon` and
+ `python3.pkgs.influxgraph` packages, have been removed due to lack of upstream
+ maintenance.
+
+- The `meta.mainProgram` attribute of packages in `wineWowPackages` now defaults to `"wine64"`.
+
- (Neo)Vim can not be configured with `configure.pathogen` anymore to reduce maintainance burden.
Use `configure.packages` instead.
@@ -110,10 +127,21 @@ Use `configure.packages` instead.
- A new module was added for the Saleae Logic device family, providing the options `hardware.saleae-logic.enable` and `hardware.saleae-logic.package`.
+- The Redis module now disables RDB persistence when `services.redis.servers..save = []` instead of using the Redis default.
+
- Matrix Synapse now requires entries in the `state_group_edges` table to be unique, in order to prevent accidentally introducing duplicate information (for example, because a database backup was restored multiple times). If your Synapse database already has duplicate rows in this table, this could fail with an error and require manual remediation.
+- `dockerTools.buildImage` deprecates the misunderstood `contents` parameter, in favor of `copyToRoot`.
+ Use `copyToRoot = buildEnv { ... };` or similar if you intend to add packages to `/bin`.
+
- memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2. It is now the upstream version from https://www.memtest.org/, as coreboot's fork is no longer available.
+- Add udev rules for the Teensy family of microcontrollers.
+
+- The `pass-secret-service` package now includes systemd units from upstream, so adding it to the NixOS `services.dbus.packages` option will make it start automatically as a systemd user service when an application tries to talk to the libsecret D-Bus API.
+
- There is a new module for the `thunar` program (the Xfce file manager), which depends on the `xfconf` dbus service, and also has a dbus service and a systemd unit. The option `services.xserver.desktopManager.xfce.thunarPlugins` has been renamed to `programs.thunar.plugins`, and in a future release it may be removed.
+- There is a new module for the `xfconf` program (the Xfce configuration storage system), which has a dbus service.
+
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/lib/eval-config.nix b/infra/libkookie/nixpkgs/unstable/nixos/lib/eval-config.nix
index 3b58ef29797..791a03a3ba3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/lib/eval-config.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/lib/eval-config.nix
@@ -9,7 +9,9 @@
# expressions are ever made modular at the top level) can just use
# types.submodule instead of using eval-config.nix
evalConfigArgs@
-{ # !!! system can be set modularly, would be nice to remove
+{ # !!! system can be set modularly, would be nice to remove,
+ # however, removing or changing this default is too much
+ # of a breaking change. To set it modularly, pass `null`.
system ? builtins.currentSystem
, # !!! is this argument needed any more? The pkgs argument can
# be set modularly anyway.
@@ -48,7 +50,7 @@ let
# this. Since the latter defaults to the former, the former should
# default to the argument. That way this new default could propagate all
# they way through, but has the last priority behind everything else.
- nixpkgs.system = lib.mkDefault system;
+ nixpkgs.system = lib.mkIf (system != null) (lib.mkDefault system);
_module.args.pkgs = lib.mkIf (pkgs_ != null) (lib.mkForce pkgs_);
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/lib/make-multi-disk-zfs-image.nix b/infra/libkookie/nixpkgs/unstable/nixos/lib/make-multi-disk-zfs-image.nix
index a84732aa117..0a894c8b988 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/lib/make-multi-disk-zfs-image.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/lib/make-multi-disk-zfs-image.nix
@@ -128,7 +128,7 @@ let
gptfdisk
nix
parted
- utillinux
+ util-linux
zfs
]
);
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/lib/make-options-doc/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/lib/make-options-doc/default.nix
index 6649fc41d41..e039bc4a9b7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/lib/make-options-doc/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/lib/make-options-doc/default.nix
@@ -99,6 +99,14 @@ let
optionsNix = builtins.listToAttrs (map (o: { name = o.name; value = removeAttrs o ["name" "visible" "internal"]; }) optionsList);
+ pythonMD =
+ let
+ self = (pkgs.python3Minimal.override {
+ inherit self;
+ includeSiteCustomize = true;
+ });
+ in self.withPackages (p: [ p.mistune_2_0 ]);
+
in rec {
inherit optionsNix;
@@ -116,17 +124,20 @@ in rec {
optionsJSON = pkgs.runCommand "options.json"
{ meta.description = "List of NixOS options in JSON format";
- buildInputs = [
- pkgs.brotli
- (let
- self = (pkgs.python3Minimal.override {
- inherit self;
- includeSiteCustomize = true;
- });
- in self.withPackages (p: [ p.mistune_2_0 ]))
- ];
+ buildInputs = [ pkgs.brotli pythonMD ];
options = builtins.toFile "options.json"
(builtins.unsafeDiscardStringContext (builtins.toJSON optionsNix));
+ # convert markdown to docbook in its own derivation to cache the
+ # conversion results. the conversion is surprisingly expensive.
+ baseJSON =
+ if baseOptionsJSON != null
+ then
+ pkgs.runCommand "base-json-md-converted" {
+ buildInputs = [ pythonMD ];
+ } ''
+ python ${./mergeJSON.py} ${baseOptionsJSON} <(echo '{}') > $out
+ ''
+ else null;
}
''
# Export list of options in different format.
@@ -143,7 +154,7 @@ in rec {
else ''
python ${./mergeJSON.py} \
${lib.optionalString warningsAreErrors "--warnings-are-errors"} \
- ${baseOptionsJSON} $options \
+ $baseJSON $options \
> $dst/options.json
''
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/lib/make-options-doc/mergeJSON.py b/infra/libkookie/nixpkgs/unstable/nixos/lib/make-options-doc/mergeJSON.py
index 33e5172270b..e95352f4fe6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/lib/make-options-doc/mergeJSON.py
+++ b/infra/libkookie/nixpkgs/unstable/nixos/lib/make-options-doc/mergeJSON.py
@@ -53,12 +53,14 @@ def convertMD(options: Dict[str, Any]) -> str:
'.note': 'note'
}
class Renderer(mistune.renderers.BaseRenderer):
+ def __init__(self, path):
+ self.path = path
def _get_method(self, name):
try:
return super(Renderer, self)._get_method(name)
except AttributeError:
def not_supported(*args, **kwargs):
- raise NotImplementedError("md node not supported yet", name, args, **kwargs)
+ raise NotImplementedError("md node not supported yet", self.path, name, args, **kwargs)
return not_supported
def text(self, text):
@@ -166,8 +168,8 @@ def convertMD(options: Dict[str, Any]) -> str:
md.block.rules.append('admonition')
plugins.append(admonition)
- def convertString(text: str) -> str:
- rendered = mistune.markdown(text, renderer=Renderer(), plugins=plugins)
+ def convertString(path: str, text: str) -> str:
+ rendered = mistune.markdown(text, renderer=Renderer(path), plugins=plugins)
# keep trailing spaces so we can diff the generated XML to check for conversion bugs.
return rendered.rstrip() + text[len(text.rstrip()):]
@@ -179,12 +181,12 @@ def convertMD(options: Dict[str, Any]) -> str:
for (name, option) in options.items():
if optionIs(option, 'description', 'mdDoc'):
- option['description'] = convertString(option['description']['text'])
+ option['description'] = convertString(name, option['description']['text'])
if optionIs(option, 'example', 'literalMD'):
- docbook = convertString(option['example']['text'])
+ docbook = convertString(name, option['example']['text'])
option['example'] = { '_type': 'literalDocBook', 'text': docbook }
if optionIs(option, 'default', 'literalMD'):
- docbook = convertString(option['default']['text'])
+ docbook = convertString(name, option['default']['text'])
option['default'] = { '_type': 'literalDocBook', 'text': docbook }
return options
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/lib/make-single-disk-zfs-image.nix b/infra/libkookie/nixpkgs/unstable/nixos/lib/make-single-disk-zfs-image.nix
index 9310febd917..98150584fb3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/lib/make-single-disk-zfs-image.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/lib/make-single-disk-zfs-image.nix
@@ -116,7 +116,7 @@ let
gptfdisk
nix
parted
- utillinux
+ util-linux
zfs
]
);
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/lib/qemu-common.nix b/infra/libkookie/nixpkgs/unstable/nixos/lib/qemu-common.nix
index 250f714be0a..fc3dcb24ab9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/lib/qemu-common.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/lib/qemu-common.nix
@@ -18,7 +18,7 @@ rec {
];
qemuSerialDevice = if pkgs.stdenv.hostPlatform.isx86 || pkgs.stdenv.hostPlatform.isRiscV then "ttyS0"
- else if (with pkgs.stdenv.hostPlatform; isAarch32 || isAarch64 || isPower) then "ttyAMA0"
+ else if (with pkgs.stdenv.hostPlatform; isAarch || isPower) then "ttyAMA0"
else throw "Unknown QEMU serial device for system '${pkgs.stdenv.hostPlatform.system}'";
qemuBinary = qemuPkg: {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/lib/test-driver/test_driver/vlan.py b/infra/libkookie/nixpkgs/unstable/nixos/lib/test-driver/test_driver/vlan.py
index e5c8f07b4ed..f2a7f250d1d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/lib/test-driver/test_driver/vlan.py
+++ b/infra/libkookie/nixpkgs/unstable/nixos/lib/test-driver/test_driver/vlan.py
@@ -32,8 +32,12 @@ class VLan:
rootlog.info("start vlan")
pty_master, pty_slave = pty.openpty()
+ # The --hub is required for the scenario determined by
+ # nixos/tests/networking.nix vlan-ping.
+ # VLAN Tagged traffic (802.1Q) seams to be blocked if a vde_switch is
+ # used without the hub mode (flood packets to all ports).
self.process = subprocess.Popen(
- ["vde_switch", "-s", self.socket_dir, "--dirmode", "0700"],
+ ["vde_switch", "-s", self.socket_dir, "--dirmode", "0700", "--hub"],
stdin=pty_slave,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
@@ -50,7 +54,7 @@ class VLan:
if not (self.socket_dir / "ctl").exists():
rootlog.error("cannot start vde_switch")
- rootlog.info(f"running vlan (pid {self.pid})")
+ rootlog.info(f"running vlan (pid {self.pid}; ctl {self.socket_dir})")
def __del__(self) -> None:
rootlog.info(f"kill vlan (pid {self.pid})")
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/appstream.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/appstream.nix
index a72215c2f56..5b48f6e1705 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/appstream.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/appstream.nix
@@ -6,9 +6,9 @@ with lib;
appstream.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to install files to support the
- AppStream metadata specification.
+ [AppStream metadata specification](https://www.freedesktop.org/software/appstream/docs/index.html).
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/console.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/console.nix
index 97e6405db91..7bcbf54cedd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/console.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/console.nix
@@ -58,7 +58,7 @@ in
type = with types; either str path;
default = "us";
example = "fr";
- description = ''
+ description = lib.mdDoc ''
The keyboard mapping table for the virtual consoles.
'';
};
@@ -72,7 +72,7 @@ in
"002b36" "cb4b16" "586e75" "657b83"
"839496" "6c71c4" "93a1a1" "fdf6e3"
];
- description = ''
+ description = lib.mdDoc ''
The 16 colors palette used by the virtual consoles.
Leave empty to use the default colors.
Colors must be in hexadecimal format and listed in
@@ -84,7 +84,7 @@ in
packages = mkOption {
type = types.listOf types.package;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of additional packages that provide console fonts, keymaps and
other resources for virtual consoles use.
'';
@@ -93,7 +93,7 @@ in
useXkbConfig = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If set, configure the virtual console keymap from the xserver
keyboard settings.
'';
@@ -102,7 +102,7 @@ in
earlySetup = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable setting virtual console options as early as possible (in initrd).
'';
};
@@ -159,7 +159,11 @@ in
"${config.boot.initrd.systemd.package}/lib/systemd/systemd-vconsole-setup"
"${config.boot.initrd.systemd.package.kbd}/bin/setfont"
"${config.boot.initrd.systemd.package.kbd}/bin/loadkeys"
- "${config.boot.initrd.systemd.package.kbd.gzip}/bin/gzip" # keyboard layouts are compressed
+ "${config.boot.initrd.systemd.package.kbd.gzip}/bin/gzip" # Fonts and keyboard layouts are compressed
+ ] ++ optionals (hasPrefix builtins.storeDir cfg.font) [
+ "${cfg.font}"
+ ] ++ optionals (hasPrefix builtins.storeDir cfg.keyMap) [
+ "${cfg.keyMap}"
];
systemd.services.reload-systemd-vconsole-setup =
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fontconfig.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fontconfig.nix
index a10a8c6428a..f86c0387e91 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fontconfig.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fontconfig.nix
@@ -246,7 +246,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
If enabled, a Fontconfig configuration file will be built
pointing to a set of default fonts. If you don't care about
running X11 applications or any other program that uses
@@ -267,7 +267,7 @@ in
antialias = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable font antialiasing. At high resolution (> 200 DPI),
antialiasing has no visible effect; users of such displays may want
to disable this option.
@@ -277,9 +277,9 @@ in
localConf = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
System-wide customization file contents, has higher priority than
- defaultFonts settings.
+ `defaultFonts` settings.
'';
};
@@ -287,7 +287,7 @@ in
monospace = mkOption {
type = types.listOf types.str;
default = ["DejaVu Sans Mono"];
- description = ''
+ description = lib.mdDoc ''
System-wide default monospace font(s). Multiple fonts may be
listed in case multiple languages must be supported.
'';
@@ -296,7 +296,7 @@ in
sansSerif = mkOption {
type = types.listOf types.str;
default = ["DejaVu Sans"];
- description = ''
+ description = lib.mdDoc ''
System-wide default sans serif font(s). Multiple fonts may be
listed in case multiple languages must be supported.
'';
@@ -305,7 +305,7 @@ in
serif = mkOption {
type = types.listOf types.str;
default = ["DejaVu Serif"];
- description = ''
+ description = lib.mdDoc ''
System-wide default serif font(s). Multiple fonts may be listed
in case multiple languages must be supported.
'';
@@ -314,7 +314,7 @@ in
emoji = mkOption {
type = types.listOf types.str;
default = ["Noto Color Emoji"];
- description = ''
+ description = lib.mdDoc ''
System-wide default emoji font(s). Multiple fonts may be listed
in case a font does not support all emoji.
@@ -331,7 +331,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable font hinting. Hinting aligns glyphs to pixel boundaries to
improve rendering sharpness at low resolution. At high resolution
(> 200 dpi) hinting will do nothing (at best); users of such
@@ -342,7 +342,7 @@ in
autohint = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the autohinter in place of the default interpreter.
The results are usually lower quality than correctly-hinted
fonts, but better than unhinted fonts.
@@ -352,7 +352,7 @@ in
style = mkOption {
type = types.enum [ "hintnone" "hintslight" "hintmedium" "hintfull" ];
default = "hintslight";
- description = ''
+ description = lib.mdDoc ''
Hintstyle is the amount of font reshaping done to line up
to the grid.
@@ -367,10 +367,10 @@ in
includeUserConf = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Include the user configuration from
- ~/.config/fontconfig/fonts.conf or
- ~/.config/fontconfig/conf.d.
+ {file}`~/.config/fontconfig/fonts.conf` or
+ {file}`~/.config/fontconfig/conf.d`.
'';
};
@@ -379,26 +379,26 @@ in
rgba = mkOption {
default = "rgb";
type = types.enum ["rgb" "bgr" "vrgb" "vbgr" "none"];
- description = ''
+ description = lib.mdDoc ''
Subpixel order. The overwhelming majority of displays are
- rgb in their normal orientation. Select
- vrgb for mounting such a display 90 degrees
- clockwise from its normal orientation or vbgr
+ `rgb` in their normal orientation. Select
+ `vrgb` for mounting such a display 90 degrees
+ clockwise from its normal orientation or `vbgr`
for mounting 90 degrees counter-clockwise. Select
- bgr in the unlikely event of mounting 180
+ `bgr` in the unlikely event of mounting 180
degrees from the normal orientation. Reverse these directions in
the improbable event that the display's native subpixel order is
- bgr.
+ `bgr`.
'';
};
lcdfilter = mkOption {
default = "default";
type = types.enum ["none" "default" "light" "legacy"];
- description = ''
+ description = lib.mdDoc ''
FreeType LCD filter. At high resolution (> 200 DPI), LCD filtering
has no visible effect; users of such displays may want to select
- none.
+ `none`.
'';
};
@@ -407,7 +407,7 @@ in
cache32Bit = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Generate system fonts cache for 32-bit applications.
'';
};
@@ -415,8 +415,8 @@ in
allowBitmaps = mkOption {
type = types.bool;
default = true;
- description = ''
- Allow bitmap fonts. Set to false to ban all
+ description = lib.mdDoc ''
+ Allow bitmap fonts. Set to `false` to ban all
bitmap fonts.
'';
};
@@ -424,8 +424,8 @@ in
allowType1 = mkOption {
type = types.bool;
default = false;
- description = ''
- Allow Type-1 fonts. Default is false because of
+ description = lib.mdDoc ''
+ Allow Type-1 fonts. Default is `false` because of
poor rendering.
'';
};
@@ -433,7 +433,7 @@ in
useEmbeddedBitmaps = mkOption {
type = types.bool;
default = false;
- description = "Use embedded bitmaps in fonts like Calibri.";
+ description = lib.mdDoc "Use embedded bitmaps in fonts like Calibri.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fontdir.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fontdir.nix
index 560918302ca..30e0dfe2566 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fontdir.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fontdir.nix
@@ -30,9 +30,9 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to create a directory with links to all fonts in
- /run/current-system/sw/share/X11/fonts.
+ {file}`/run/current-system/sw/share/X11/fonts`.
'';
};
@@ -40,9 +40,9 @@ in
type = types.bool;
default = config.programs.xwayland.enable;
defaultText = literalExpression "config.programs.xwayland.enable";
- description = ''
+ description = lib.mdDoc ''
Whether to decompress fonts in
- /run/current-system/sw/share/X11/fonts.
+ {file}`/run/current-system/sw/share/X11/fonts`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fonts.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fonts.nix
index adc6654afc7..c0619fa31a3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fonts.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/fonts.nix
@@ -57,13 +57,13 @@ in
type = types.listOf types.path;
default = [];
example = literalExpression "[ pkgs.dejavu_fonts ]";
- description = "List of primary font paths.";
+ description = lib.mdDoc "List of primary font paths.";
};
enableDefaultFonts = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable a basic set of fonts providing several font styles
and families and reasonable coverage of Unicode.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/ghostscript.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/ghostscript.nix
index b1dd81bf2d2..c284c4a0b0a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/ghostscript.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/fonts/ghostscript.nix
@@ -11,7 +11,7 @@ with lib;
enableGhostscriptFonts = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to add the fonts provided by Ghostscript (such as
various URW fonts and the “Base-14” Postscript fonts) to the
list of system fonts, making them available to X11
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/gnu.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/gnu.nix
index 255d9741ba7..d06b479e2af 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/gnu.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/gnu.nix
@@ -5,7 +5,7 @@
gnu = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
When enabled, GNU software is chosen by default whenever a there is
a choice between GNU and non-GNU software (e.g., GNU lsh
vs. OpenSSH).
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/gtk/gtk-icon-cache.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/gtk/gtk-icon-cache.nix
index ff9aa7c6a04..87d5483e36a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/gtk/gtk-icon-cache.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/gtk/gtk-icon-cache.nix
@@ -7,7 +7,7 @@ with lib;
type = types.bool;
default = config.services.xserver.enable;
defaultText = literalExpression "config.services.xserver.enable";
- description = ''
+ description = lib.mdDoc ''
Whether to build icon theme caches for GTK applications.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/i18n.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/i18n.nix
index c55726d09c6..80ef515fbfe 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/i18n.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/i18n.nix
@@ -21,7 +21,7 @@ with lib;
}
'';
example = literalExpression "pkgs.glibcLocales";
- description = ''
+ description = lib.mdDoc ''
Customized pkg.glibcLocales package.
Changing this option can disable handling of i18n.defaultLocale
@@ -33,7 +33,7 @@ with lib;
type = types.str;
default = "en_US.UTF-8";
example = "nl_NL.UTF-8";
- description = ''
+ description = lib.mdDoc ''
The default locale. It determines the language for program
messages, the format for dates and times, sort order, and so on.
It also determines the character set, such as UTF-8.
@@ -44,25 +44,30 @@ with lib;
type = types.attrsOf types.str;
default = {};
example = { LC_MESSAGES = "en_US.UTF-8"; LC_TIME = "de_DE.UTF-8"; };
- description = ''
+ description = lib.mdDoc ''
A set of additional system-wide locale settings other than
- LANG which can be configured with
- .
+ `LANG` which can be configured with
+ {option}`i18n.defaultLocale`.
'';
};
supportedLocales = mkOption {
type = types.listOf types.str;
- default = builtins.map (l: l + "/UTF-8")
- (unique (
- [ config.i18n.defaultLocale ] ++
- (attrValues (filterAttrs (n: v: n != "LANGUAGE") config.i18n.extraLocaleSettings))
+ default = unique
+ (builtins.map (l: (replaceStrings [ "utf8" "utf-8" "UTF8" ] [ "UTF-8" "UTF-8" "UTF-8" ] l) + "/UTF-8") (
+ [
+ "C.UTF-8"
+ "en_US.UTF-8"
+ config.i18n.defaultLocale
+ ] ++ (attrValues (filterAttrs (n: v: n != "LANGUAGE") config.i18n.extraLocaleSettings))
));
defaultText = literalExpression ''
- builtins.map (l: l + "/UTF-8")
- (unique (
- [ config.i18n.defaultLocale ] ++
- (attrValues (filterAttrs (n: v: n != "LANGUAGE") config.i18n.extraLocaleSettings))
+ unique
+ (builtins.map (l: (replaceStrings [ "utf8" "utf-8" "UTF8" ] [ "UTF-8" "UTF-8" "UTF-8" ] l) + "/UTF-8") (
+ [
+ "C.UTF-8"
+ config.i18n.defaultLocale
+ ] ++ (attrValues (filterAttrs (n: v: n != "LANGUAGE") config.i18n.extraLocaleSettings))
))
'';
example = ["en_US.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "nl_NL/ISO-8859-1"];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/iproute2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/iproute2.nix
index 5f41f3d21e4..2e059e28170 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/iproute2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/iproute2.nix
@@ -11,7 +11,7 @@ in
rttablesExtraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Verbatim lines to add to /etc/iproute2/rt_tables
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/krb5/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/krb5/default.nix
index 911c5b629a9..6cc30c47b7d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/krb5/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/krb5/default.nix
@@ -85,9 +85,9 @@ in {
default = pkgs.krb5Full;
defaultText = literalExpression "pkgs.krb5Full";
example = literalExpression "pkgs.heimdal";
- description = ''
+ description = lib.mdDoc ''
The Kerberos implementation that will be present in
- environment.systemPackages after enabling this
+ `environment.systemPackages` after enabling this
service.
'';
};
@@ -101,7 +101,7 @@ in {
default_realm = "ATHENA.MIT.EDU";
};
'';
- description = ''
+ description = lib.mdDoc ''
Settings used by the Kerberos V5 library.
'';
};
@@ -121,7 +121,7 @@ in {
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
- description = "Realm-specific contact information and settings.";
+ description = lib.mdDoc "Realm-specific contact information and settings.";
};
domain_realm = mkOption {
@@ -134,7 +134,7 @@ in {
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
- description = ''
+ description = lib.mdDoc ''
Map of server hostnames to Kerberos realms.
'';
};
@@ -153,7 +153,7 @@ in {
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
- description = ''
+ description = lib.mdDoc ''
Authentication paths for non-hierarchical cross-realm authentication.
'';
};
@@ -174,7 +174,7 @@ in {
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
- description = ''
+ description = lib.mdDoc ''
Settings used by some Kerberos V5 applications.
'';
};
@@ -190,7 +190,7 @@ in {
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
- description = ''
+ description = lib.mdDoc ''
Controls plugin module registration.
'';
};
@@ -235,14 +235,14 @@ in {
admin_server = SYSLOG:NOTICE
default = SYSLOG:NOTICE
'';
- description = ''
- Verbatim krb5.conf configuration. Note that this
+ description = lib.mdDoc ''
+ Verbatim `krb5.conf` configuration. Note that this
is mutually exclusive with configuration via
- libdefaults, realms,
- domain_realm, capaths,
- appdefaults, plugins and
- extraConfig configuration options. Consult
- man krb5.conf for documentation.
+ `libdefaults`, `realms`,
+ `domain_realm`, `capaths`,
+ `appdefaults`, `plugins` and
+ `extraConfig` configuration options. Consult
+ `man krb5.conf` for documentation.
'';
};
@@ -250,9 +250,9 @@ in {
type = with types; nullOr str;
default = null;
example = "ATHENA.MIT.EDU";
- description = ''
+ description = lib.mdDoc ''
DEPRECATED, please use
- krb5.libdefaults.default_realm.
+ `krb5.libdefaults.default_realm`.
'';
};
@@ -260,9 +260,9 @@ in {
type = with types; nullOr str;
default = null;
example = "athena.mit.edu";
- description = ''
+ description = lib.mdDoc ''
DEPRECATED, please create a map of server hostnames to Kerberos realms
- in krb5.domain_realm.
+ in `krb5.domain_realm`.
'';
};
@@ -270,9 +270,9 @@ in {
type = with types; nullOr str;
default = null;
example = "kerberos.mit.edu";
- description = ''
- DEPRECATED, please pass a kdc attribute to a realm
- in krb5.realms.
+ description = lib.mdDoc ''
+ DEPRECATED, please pass a `kdc` attribute to a realm
+ in `krb5.realms`.
'';
};
@@ -280,9 +280,9 @@ in {
type = with types; nullOr str;
default = null;
example = "kerberos.mit.edu";
- description = ''
- DEPRECATED, please pass an admin_server attribute
- to a realm in krb5.realms.
+ description = lib.mdDoc ''
+ DEPRECATED, please pass an `admin_server` attribute
+ to a realm in `krb5.realms`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/ldap.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/ldap.nix
index 85cad8b93d8..0f54e4a8cf0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/ldap.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/ldap.nix
@@ -64,34 +64,34 @@ in
loginPam = mkOption {
type = types.bool;
default = true;
- description = "Whether to include authentication against LDAP in login PAM.";
+ description = lib.mdDoc "Whether to include authentication against LDAP in login PAM.";
};
nsswitch = mkOption {
type = types.bool;
default = true;
- description = "Whether to include lookup against LDAP in NSS.";
+ description = lib.mdDoc "Whether to include lookup against LDAP in NSS.";
};
server = mkOption {
type = types.str;
example = "ldap://ldap.example.org/";
- description = "The URL of the LDAP server.";
+ description = lib.mdDoc "The URL of the LDAP server.";
};
base = mkOption {
type = types.str;
example = "dc=example,dc=org";
- description = "The distinguished name of the search base.";
+ description = lib.mdDoc "The distinguished name of the search base.";
};
useTLS = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, use TLS (encryption) over an LDAP (port 389)
connection. The alternative is to specify an LDAPS server (port
- 636) in or to forego
+ 636) in {option}`users.ldap.server` or to forego
security.
'';
};
@@ -99,7 +99,7 @@ in
timeLimit = mkOption {
default = 0;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Specifies the time limit (in seconds) to use when performing
searches. A value of zero (0), which is the default, is to
wait indefinitely for searches to be completed.
@@ -110,7 +110,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to let the nslcd daemon (nss-pam-ldapd) handle the
LDAP lookups for NSS and PAM. This can improve performance,
and if you need to bind to the LDAP server with a password,
@@ -125,9 +125,9 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration options that will be added verbatim at
- the end of the nslcd configuration file (nslcd.conf(5)).
+ the end of the nslcd configuration file (`nslcd.conf(5)`).
'' ;
} ;
@@ -135,7 +135,7 @@ in
default = "";
example = "cn=admin,dc=example,dc=com";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The distinguished name to use to bind to the LDAP server
when the root user tries to modify a user's password.
'';
@@ -145,7 +145,7 @@ in
default = "";
example = "/run/keys/nslcd.rootpwmodpw";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The path to a file containing the credentials with which to bind to
the LDAP server if the root user tries to change a user's password.
'';
@@ -157,7 +157,7 @@ in
default = "";
example = "cn=admin,dc=example,dc=com";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The distinguished name to bind to the LDAP server with. If this
is not specified, an anonymous bind will be done.
'';
@@ -166,7 +166,7 @@ in
passwordFile = mkOption {
default = "/etc/ldap/bind.password";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The path to a file containing the credentials to use when binding
to the LDAP server (if not binding anonymously).
'';
@@ -175,10 +175,10 @@ in
timeLimit = mkOption {
default = 30;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Specifies the time limit (in seconds) to use when connecting
to the directory server. This is distinct from the time limit
- specified in and affects
+ specified in {option}`users.ldap.timeLimit` and affects
the initial server connection only.
'';
};
@@ -205,12 +205,12 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration options that will be added verbatim at
- the end of the ldap configuration file (ldap.conf(5)).
- If is enabled, this
+ the end of the ldap configuration file (`ldap.conf(5)`).
+ If {option}`users.ldap.daemon` is enabled, this
configuration will not be used. In that case, use
- instead.
+ {option}`users.ldap.daemon.extraConfig` instead.
'' ;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/locale.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/locale.nix
index 6f056588187..7716e121c71 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/locale.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/locale.nix
@@ -22,9 +22,8 @@ in
default = null;
type = timezone;
example = "America/New_York";
- description = ''
- The time zone used when displaying times and dates. See
+ description = lib.mdDoc ''
+ The time zone used when displaying times and dates. See
for a comprehensive list of possible values for this setting.
If null, the timezone will default to UTC and can be set imperatively
@@ -35,7 +34,7 @@ in
hardwareClockInLocalTime = mkOption {
default = false;
type = types.bool;
- description = "If set, keep the hardware clock in local time instead of UTC.";
+ description = lib.mdDoc "If set, keep the hardware clock in local time instead of UTC.";
};
};
@@ -44,18 +43,18 @@ in
latitude = mkOption {
type = types.float;
- description = ''
+ description = lib.mdDoc ''
Your current latitude, between
- -90.0 and 90.0. Must be provided
+ `-90.0` and `90.0`. Must be provided
along with longitude.
'';
};
longitude = mkOption {
type = types.float;
- description = ''
+ description = lib.mdDoc ''
Your current longitude, between
- between -180.0 and 180.0. Must be
+ between `-180.0` and `180.0`. Must be
provided along with latitude.
'';
};
@@ -63,9 +62,9 @@ in
provider = mkOption {
type = types.enum [ "manual" "geoclue2" ];
default = "manual";
- description = ''
+ description = lib.mdDoc ''
The location provider to use for determining your location. If set to
- manual you must also provide latitude/longitude.
+ `manual` you must also provide latitude/longitude.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/networking.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/networking.nix
index bebfeb352c0..185eff746de 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/networking.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/networking.nix
@@ -28,7 +28,7 @@ in
"192.168.0.2" = [ "fileserver.local" "nameserver.local" ];
};
'';
- description = ''
+ description = lib.mdDoc ''
Locally defined maps of hostnames to IP addresses.
'';
};
@@ -37,8 +37,8 @@ in
type = types.listOf types.path;
defaultText = literalDocBook "Hosts from and ";
example = literalExpression ''[ "''${pkgs.my-blocklist-package}/share/my-blocklist/hosts" ]'';
- description = ''
- Files that should be concatenated together to form /etc/hosts.
+ description = lib.mdDoc ''
+ Files that should be concatenated together to form {file}`/etc/hosts`.
'';
};
@@ -46,9 +46,9 @@ in
type = types.lines;
default = "";
example = "192.168.0.1 lanlocalhost";
- description = ''
- Additional verbatim entries to be appended to /etc/hosts.
- For adding hosts from derivation results, use instead.
+ description = lib.mdDoc ''
+ Additional verbatim entries to be appended to {file}`/etc/hosts`.
+ For adding hosts from derivation results, use {option}`networking.hostFiles` instead.
'';
};
@@ -60,7 +60,7 @@ in
"3.nixos.pool.ntp.org"
];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The set of NTP servers from which to synchronise.
'';
};
@@ -70,7 +70,7 @@ in
default = lib.mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
This option specifies the default value for httpProxy, httpsProxy, ftpProxy and rsyncProxy.
'';
example = "http://127.0.0.1:3128";
@@ -80,7 +80,7 @@ in
type = types.nullOr types.str;
default = cfg.proxy.default;
defaultText = literalExpression "config.${opt.proxy.default}";
- description = ''
+ description = lib.mdDoc ''
This option specifies the http_proxy environment variable.
'';
example = "http://127.0.0.1:3128";
@@ -90,7 +90,7 @@ in
type = types.nullOr types.str;
default = cfg.proxy.default;
defaultText = literalExpression "config.${opt.proxy.default}";
- description = ''
+ description = lib.mdDoc ''
This option specifies the https_proxy environment variable.
'';
example = "http://127.0.0.1:3128";
@@ -100,7 +100,7 @@ in
type = types.nullOr types.str;
default = cfg.proxy.default;
defaultText = literalExpression "config.${opt.proxy.default}";
- description = ''
+ description = lib.mdDoc ''
This option specifies the ftp_proxy environment variable.
'';
example = "http://127.0.0.1:3128";
@@ -110,7 +110,7 @@ in
type = types.nullOr types.str;
default = cfg.proxy.default;
defaultText = literalExpression "config.${opt.proxy.default}";
- description = ''
+ description = lib.mdDoc ''
This option specifies the rsync_proxy environment variable.
'';
example = "http://127.0.0.1:3128";
@@ -120,7 +120,7 @@ in
type = types.nullOr types.str;
default = cfg.proxy.default;
defaultText = literalExpression "config.${opt.proxy.default}";
- description = ''
+ description = lib.mdDoc ''
This option specifies the all_proxy environment variable.
'';
example = "http://127.0.0.1:3128";
@@ -129,7 +129,7 @@ in
noProxy = lib.mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
This option specifies the no_proxy environment variable.
If a default proxy is used and noProxy is null,
then noProxy will be set to 127.0.0.1,localhost.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/no-x-libs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/no-x-libs.nix
index 14fe180d0bc..42e68c2eadc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/no-x-libs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/no-x-libs.nix
@@ -10,7 +10,7 @@ with lib;
environment.noXlibs = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Switch off the options in the default configuration that
require X11 libraries. This includes client-side font
configuration and SSH forwarding of X11 authentication
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/nsswitch.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/nsswitch.nix
index e494ff5f74d..b004072813b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/nsswitch.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/nsswitch.nix
@@ -13,10 +13,10 @@ with lib;
type = types.listOf types.path;
internal = true;
default = [];
- description = ''
+ description = lib.mdDoc ''
Search path for NSS (Name Service Switch) modules. This allows
several DNS resolution methods to be specified via
- /etc/nsswitch.conf.
+ {file}`/etc/nsswitch.conf`.
'';
apply = list:
{
@@ -28,8 +28,8 @@ with lib;
system.nssDatabases = {
passwd = mkOption {
type = types.listOf types.str;
- description = ''
- List of passwd entries to configure in /etc/nsswitch.conf.
+ description = lib.mdDoc ''
+ List of passwd entries to configure in {file}`/etc/nsswitch.conf`.
Note that "files" is always prepended while "systemd" is appended if nscd is enabled.
@@ -40,8 +40,8 @@ with lib;
group = mkOption {
type = types.listOf types.str;
- description = ''
- List of group entries to configure in /etc/nsswitch.conf.
+ description = lib.mdDoc ''
+ List of group entries to configure in {file}`/etc/nsswitch.conf`.
Note that "files" is always prepended while "systemd" is appended if nscd is enabled.
@@ -52,8 +52,8 @@ with lib;
shadow = mkOption {
type = types.listOf types.str;
- description = ''
- List of shadow entries to configure in /etc/nsswitch.conf.
+ description = lib.mdDoc ''
+ List of shadow entries to configure in {file}`/etc/nsswitch.conf`.
Note that "files" is always prepended.
@@ -64,8 +64,8 @@ with lib;
hosts = mkOption {
type = types.listOf types.str;
- description = ''
- List of hosts entries to configure in /etc/nsswitch.conf.
+ description = lib.mdDoc ''
+ List of hosts entries to configure in {file}`/etc/nsswitch.conf`.
Note that "files" is always prepended, and "dns" and "myhostname" are always appended.
@@ -76,8 +76,8 @@ with lib;
services = mkOption {
type = types.listOf types.str;
- description = ''
- List of services entries to configure in /etc/nsswitch.conf.
+ description = lib.mdDoc ''
+ List of services entries to configure in {file}`/etc/nsswitch.conf`.
Note that "files" is always prepended.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/power-management.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/power-management.nix
index 710842e1503..919bb824bc5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/power-management.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/power-management.nix
@@ -20,7 +20,7 @@ in
type = types.bool;
default = true;
description =
- ''
+ lib.mdDoc ''
Whether to enable power management. This includes support
for suspend-to-RAM and powersave features on laptops.
'';
@@ -29,7 +29,7 @@ in
resumeCommands = mkOption {
type = types.lines;
default = "";
- description = "Commands executed after the system resumes from suspend-to-RAM.";
+ description = lib.mdDoc "Commands executed after the system resumes from suspend-to-RAM.";
};
powerUpCommands = mkOption {
@@ -39,7 +39,7 @@ in
"''${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
'';
description =
- ''
+ lib.mdDoc ''
Commands executed when the machine powers up. That is,
they're executed both when the system first boots and when
it resumes from suspend or hibernation.
@@ -53,7 +53,7 @@ in
"''${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
'';
description =
- ''
+ lib.mdDoc ''
Commands executed when the machine powers down. That is,
they're executed both when the system shuts down and when
it goes to suspend or hibernation.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/pulseaudio.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/pulseaudio.nix
index 01555d28b73..aa3ca549f09 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/pulseaudio.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/pulseaudio.nix
@@ -89,7 +89,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the PulseAudio sound server.
'';
};
@@ -97,7 +97,7 @@ in {
systemWide = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If false, a PulseAudio server is launched automatically for
each user that tries to use the sound system. The server runs
with user privileges. If true, one system-wide PulseAudio
@@ -112,7 +112,7 @@ in {
support32Bit = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to include the 32-bit pulseaudio libraries in the system or not.
This is only useful on 64-bit systems and currently limited to x86_64-linux.
'';
@@ -120,7 +120,7 @@ in {
configFile = mkOption {
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
The path to the default configuration options the PulseAudio server
should use. By default, the "default.pa" configuration
from the PulseAudio distribution is used.
@@ -130,8 +130,8 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
- Literal string to append to configFile
+ description = lib.mdDoc ''
+ Literal string to append to `configFile`
and the config file generated by the pulseaudio module.
'';
};
@@ -139,7 +139,7 @@ in {
extraClientConf = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration appended to pulse/client.conf file.
'';
};
@@ -151,10 +151,10 @@ in {
else pkgs.pulseaudio;
defaultText = literalExpression "pkgs.pulseaudio";
example = literalExpression "pkgs.pulseaudioFull";
- description = ''
+ description = lib.mdDoc ''
The PulseAudio derivation to use. This can be used to enable
features (such as JACK support, Bluetooth) via the
- pulseaudioFull package.
+ `pulseaudioFull` package.
'';
};
@@ -162,7 +162,7 @@ in {
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.pulseaudio-modules-bt ]";
- description = ''
+ description = lib.mdDoc ''
Extra pulseaudio modules to use. This is intended for out-of-tree
pulseaudio modules like extra bluetooth codecs.
@@ -174,7 +174,7 @@ in {
logLevel = mkOption {
type = types.str;
default = "notice";
- description = ''
+ description = lib.mdDoc ''
The log level that the system-wide pulseaudio daemon should use,
if activated.
'';
@@ -183,7 +183,7 @@ in {
config = mkOption {
type = types.attrsOf types.unspecified;
default = {};
- description = "Config of the pulse daemon. See man pulse-daemon.conf.";
+ description = lib.mdDoc "Config of the pulse daemon. See `man pulse-daemon.conf`.";
example = literalExpression ''{ realtime-scheduling = "yes"; }'';
};
};
@@ -205,7 +205,7 @@ in {
type = types.listOf types.str;
default = [];
example = literalExpression ''[ "127.0.0.1" "192.168.1.0/24" ]'';
- description = ''
+ description = lib.mdDoc ''
A list of IP subnets that are allowed to stream to the server.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/qt5.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/qt5.nix
index eabba9ad95f..9e19774b582 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/qt5.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/qt5.nix
@@ -8,14 +8,21 @@ let
isQGnome = cfg.platformTheme == "gnome" && builtins.elem cfg.style ["adwaita" "adwaita-dark"];
isQtStyle = cfg.platformTheme == "gtk2" && !(builtins.elem cfg.style ["adwaita" "adwaita-dark"]);
+ isQt5ct = cfg.platformTheme == "qt5ct";
+ isLxqt = cfg.platformTheme == "lxqt";
+ isKde = cfg.platformTheme == "kde";
packages = if isQGnome then [ pkgs.qgnomeplatform pkgs.adwaita-qt ]
else if isQtStyle then [ pkgs.libsForQt5.qtstyleplugins ]
+ else if isQt5ct then [ pkgs.libsForQt5.qt5ct ]
+ else if isLxqt then [ pkgs.lxqt.lxqt-qtplugin pkgs.lxqt.lxqt-config ]
+ else if isKde then [ pkgs.libsForQt5.plasma-integration pkgs.libsForQt5.systemsettings ]
else throw "`qt5.platformTheme` ${cfg.platformTheme} and `qt5.style` ${cfg.style} are not compatible.";
in
{
+ meta.maintainers = [ maintainers.romildo ];
options = {
qt5 = {
@@ -26,29 +33,29 @@ in
type = types.enum [
"gtk2"
"gnome"
+ "lxqt"
+ "qt5ct"
+ "kde"
];
example = "gnome";
relatedPackages = [
"qgnomeplatform"
["libsForQt5" "qtstyleplugins"]
+ ["libsForQt5" "qt5ct"]
+ ["lxqt" "lxqt-qtplugin"]
+ ["libsForQt5" "plasma-integration"]
];
- description = ''
- Selects the platform theme to use for Qt5 applications.
- The options are
-
-
- gtk
- Use GTK theme with
- qtstyleplugins
-
-
-
- gnome
- Use GNOME theme with
- qgnomeplatform
-
-
-
+ description = lib.mdDoc ''
+ Selects the platform theme to use for Qt5 applications.
+
+ The options are
+ - `gtk`: Use GTK theme with [qtstyleplugins](https://github.com/qt/qtstyleplugins)
+ - `gnome`: Use GNOME theme with [qgnomeplatform](https://github.com/FedoraQt/QGnomePlatform)
+ - `lxqt`: Use LXQt style set using the [lxqt-config-appearance](https://github.com/lxqt/lxqt-config)
+ application.
+ - `qt5ct`: Use Qt style set using the [qt5ct](https://sourceforge.net/projects/qt5ct/)
+ application.
+ - `kde`: Use Qt settings from Plasma.
'';
};
@@ -66,27 +73,14 @@ in
"adwaita-qt"
["libsForQt5" "qtstyleplugins"]
];
- description = ''
- Selects the style to use for Qt5 applications.
- The options are
-
-
- adwaita
- adwaita-dark
- Use Adwaita Qt style with
- adwaita
-
-
-
- cleanlooks
- gtk2
- motif
- plastique
- Use styles from
- qtstyleplugins
-
-
-
+ description = lib.mdDoc ''
+ Selects the style to use for Qt5 applications.
+
+ The options are
+ - `adwaita`, `adwaita-dark`: Use Adwaita Qt style with
+ [adwaita](https://github.com/FedoraQt/adwaita-qt)
+ - `cleanlooks`, `gtk2`, `motif`, `plastique`: Use styles from
+ [qtstyleplugins](https://github.com/qt/qtstyleplugins)
'';
};
};
@@ -96,7 +90,7 @@ in
environment.variables.QT_QPA_PLATFORMTHEME = cfg.platformTheme;
- environment.variables.QT_STYLE_OVERRIDE = cfg.style;
+ environment.variables.QT_STYLE_OVERRIDE = mkIf (! (isQt5ct || isLxqt || isKde)) cfg.style;
environment.systemPackages = packages;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/resolvconf.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/resolvconf.nix
index 4499481811f..cdc40d2c810 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/resolvconf.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/resolvconf.nix
@@ -49,15 +49,28 @@ in
type = types.bool;
default = !(config.environment.etc ? "resolv.conf");
defaultText = literalExpression ''!(config.environment.etc ? "resolv.conf")'';
- description = ''
- DNS configuration is managed by resolvconf.
+ description = lib.mdDoc ''
+ Whether DNS configuration is managed by resolvconf.
+ '';
+ };
+
+ package = mkOption {
+ type = types.package;
+ default = pkgs.openresolv;
+ defaultText = literalExpression "pkgs.openresolv";
+ description = lib.mdDoc ''
+ The package that provides the system-wide resolvconf command. Defaults to `openresolv`
+ if this module is enabled. Otherwise, can be used by other modules (for example {option}`services.resolved`) to
+ provide a compatibility layer.
+
+ This option generally shouldn't be set by the user.
'';
};
dnsSingleRequest = lib.mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Recent versions of glibc will issue both ipv4 (A) and ipv6 (AAAA)
address queries at the same time, from the same port. Sometimes upstream
routers will systemically drop the ipv4 queries. The symptom of this problem is
@@ -82,8 +95,8 @@ in
type = types.lines;
default = "";
example = "libc=NO";
- description = ''
- Extra configuration to append to resolvconf.conf.
+ description = lib.mdDoc ''
+ Extra configuration to append to {file}`resolvconf.conf`.
'';
};
@@ -91,15 +104,15 @@ in
type = types.listOf types.str;
default = [];
example = [ "ndots:1" "rotate" ];
- description = ''
- Set the options in /etc/resolv.conf.
+ description = lib.mdDoc ''
+ Set the options in {file}`/etc/resolv.conf`.
'';
};
useLocalResolver = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Use local DNS server for resolving.
'';
};
@@ -119,10 +132,12 @@ in
exit 1
''
else configText;
+
+ environment.systemPackages = [ cfg.package ];
}
(mkIf cfg.enable {
- environment.systemPackages = [ pkgs.openresolv ];
+ networking.resolvconf.package = pkgs.openresolv;
systemd.services.resolvconf = {
description = "resolvconf update";
@@ -134,7 +149,7 @@ in
serviceConfig = {
Type = "oneshot";
- ExecStart = "${pkgs.openresolv}/bin/resolvconf -u";
+ ExecStart = "${cfg.package}/bin/resolvconf -u";
RemainAfterExit = true;
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/shells-environment.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/shells-environment.nix
index ae3f618e273..660b2e1fa4b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/shells-environment.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/shells-environment.nix
@@ -35,7 +35,7 @@ in
environment.variables = mkOption {
default = {};
example = { EDITOR = "nvim"; VISUAL = "nvim"; };
- description = ''
+ description = lib.mdDoc ''
A set of environment variables used in the global environment.
These variables will be set on shell initialisation (e.g. in /etc/profile).
The value of each variable can be either a string or a list of
@@ -48,7 +48,7 @@ in
environment.profiles = mkOption {
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of profiles used to setup the global environment.
'';
type = types.listOf types.str;
@@ -57,10 +57,10 @@ in
environment.profileRelativeEnvVars = mkOption {
type = types.attrsOf (types.listOf types.str);
example = { PATH = [ "/bin" ]; MANPATH = [ "/man" "/share/man" ]; };
- description = ''
+ description = lib.mdDoc ''
Attribute set of environment variable. Each attribute maps to a list
of relative paths. Each relative path is appended to the each profile
- of to form the content of the
+ of {option}`environment.profiles` to form the content of the
corresponding environment variable.
'';
};
@@ -68,7 +68,7 @@ in
# !!! isn't there a better way?
environment.extraInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during global environment initialisation
after all variables and profileVariables have been set.
This code is assumed to be shell-independent, which means you should
@@ -79,7 +79,7 @@ in
environment.shellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during shell initialisation.
This code is assumed to be shell-independent, which means you should
stick to pure sh without sh word split.
@@ -89,7 +89,7 @@ in
environment.loginShellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during login shell initialisation.
This code is assumed to be shell-independent, which means you should
stick to pure sh without sh word split.
@@ -99,7 +99,7 @@ in
environment.interactiveShellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during interactive shell initialisation.
This code is assumed to be shell-independent, which means you should
stick to pure sh without sh word split.
@@ -119,7 +119,7 @@ in
};
environment.homeBinInPath = mkOption {
- description = ''
+ description = lib.mdDoc ''
Include ~/bin/ in $PATH.
'';
default = false;
@@ -127,7 +127,7 @@ in
};
environment.localBinInPath = mkOption {
- description = ''
+ description = lib.mdDoc ''
Add ~/.local/bin/ to $PATH
'';
default = false;
@@ -151,9 +151,9 @@ in
environment.shells = mkOption {
default = [];
example = literalExpression "[ pkgs.bashInteractive pkgs.zsh ]";
- description = ''
+ description = lib.mdDoc ''
A list of permissible login shells for user accounts.
- No need to mention /bin/sh
+ No need to mention `/bin/sh`
here, it is placed into this list implicitly.
'';
type = types.listOf (types.either types.shellPackage types.path);
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/swap.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/swap.nix
index 2b94b954cb8..3216590d8f9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/swap.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/swap.nix
@@ -14,7 +14,7 @@ let
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Encrypt swap device with a random key. This way you won't have a persistent swap device.
WARNING: Don't try to hibernate when you have at least one swap partition with
@@ -31,7 +31,7 @@ let
default = "aes-xts-plain64";
example = "serpent-xts-plain64";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Use specified cipher for randomEncryption.
Hint: Run "cryptsetup benchmark" to see which one is fastest on your machine.
@@ -42,7 +42,7 @@ let
default = "/dev/urandom";
example = "/dev/random";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Define the source of randomness to obtain a random key for encryption.
'';
};
@@ -50,7 +50,7 @@ let
allowDiscards = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to allow TRIM requests to the underlying device. This option
has security implications; please read the LUKS documentation before
activating it.
@@ -67,7 +67,7 @@ let
device = mkOption {
example = "/dev/sda3";
type = types.str;
- description = "Path of the device or swap file.";
+ description = lib.mdDoc "Path of the device or swap file.";
};
label = mkOption {
@@ -82,7 +82,7 @@ let
default = null;
example = 2048;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
If this option is set, ‘device’ is interpreted as the
path of a swapfile that will be created automatically
with the indicated size (in megabytes).
@@ -93,7 +93,7 @@ let
default = null;
example = 2048;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
Specify the priority of the swap device. Priority is a value between 0 and 32767.
Higher numbers indicate higher priority.
null lets the kernel choose a priority, which will show up as a negative value.
@@ -108,7 +108,7 @@ let
source = "/dev/random";
};
type = types.coercedTo types.bool randomEncryptionCoerce (types.submodule randomEncryptionOpts);
- description = ''
+ description = lib.mdDoc ''
Encrypt swap device with a random key. This way you won't have a persistent swap device.
HINT: run "cryptsetup benchmark" to test cipher performance on your machine.
@@ -127,7 +127,7 @@ let
default = null;
example = "once";
type = types.nullOr (types.enum ["once" "pages" "both" ]);
- description = ''
+ description = lib.mdDoc ''
Specify the discard policy for the swap device. If "once", then the
whole swap space is discarded at swapon invocation. If "pages",
asynchronous discard on freed pages is performed, before returning to
@@ -140,7 +140,7 @@ let
default = [ "defaults" ];
example = [ "nofail" ];
type = types.listOf types.nonEmptyStr;
- description = ''
+ description = lib.mdDoc ''
Options used to mount the swap.
'';
};
@@ -181,13 +181,13 @@ in
{ device = "/var/swapfile"; }
{ label = "bigswap"; }
];
- description = ''
+ description = lib.mdDoc ''
The swap devices and swap files. These must have been
- initialised using mkswap. Each element
+ initialised using {command}`mkswap`. Each element
should be an attribute set specifying either the path of the
- swap device or file (device) or the label
- of the swap device (label, see
- mkswap -L). Using a label is
+ swap device or file (`device`) or the label
+ of the swap device (`label`, see
+ {command}`mkswap -L`). Using a label is
recommended.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/system-path.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/system-path.nix
index 875c4c9c441..de980e7383b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/system-path.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/system-path.nix
@@ -64,14 +64,14 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
- description = ''
+ description = lib.mdDoc ''
The set of packages that appear in
/run/current-system/sw. These packages are
automatically available to all users, and are
automatically updated every time you rebuild the system
configuration. (The latter is the main difference with
installing them in the default profile,
- /nix/var/nix/profiles/default.
+ {file}`/nix/var/nix/profiles/default`.
'';
};
@@ -109,20 +109,20 @@ in
# to work.
default = [];
example = ["/"];
- description = "List of directories to be symlinked in /run/current-system/sw.";
+ description = lib.mdDoc "List of directories to be symlinked in {file}`/run/current-system/sw`.";
};
extraOutputsToInstall = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "doc" "info" "devdoc" ];
- description = "List of additional package outputs to be symlinked into /run/current-system/sw.";
+ description = lib.mdDoc "List of additional package outputs to be symlinked into {file}`/run/current-system/sw`.";
};
extraSetup = mkOption {
type = types.lines;
default = "";
- description = "Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at $out.";
+ description = lib.mdDoc "Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at $out.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/terminfo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/terminfo.nix
index 693404a429c..82f9ae48372 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/terminfo.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/terminfo.nix
@@ -9,7 +9,7 @@ with lib;
options.environment.enableAllTerminfo = with lib; mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to install all terminfo outputs
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/unix-odbc-drivers.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/unix-odbc-drivers.nix
index 055c3b2364e..7bd3fa1600b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/unix-odbc-drivers.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/unix-odbc-drivers.nix
@@ -20,10 +20,10 @@ in {
type = types.listOf types.package;
default = [];
example = literalExpression "with pkgs.unixODBCDrivers; [ sqlite psql ]";
- description = ''
+ description = lib.mdDoc ''
Specifies Unix ODBC drivers to be registered in
- /etc/odbcinst.ini. You may also want to
- add pkgs.unixODBC to the system path to get
+ {file}`/etc/odbcinst.ini`. You may also want to
+ add `pkgs.unixODBC` to the system path to get
a command line client to connect to ODBC databases.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/users-groups.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/users-groups.nix
index d3bdf218c33..466e3f6138a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/users-groups.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/users-groups.nix
@@ -6,12 +6,6 @@ let
ids = config.ids;
cfg = config.users;
- isPasswdCompatible = str: !(hasInfix ":" str || hasInfix "\n" str);
- passwdEntry = type: lib.types.addCheck type isPasswdCompatible // {
- name = "passwdEntry ${type.name}";
- description = "${type.description}, not containing newlines or colons";
- };
-
# Check whether a password hash will allow login.
allowsLogin = hash:
hash == "" # login without password
@@ -60,29 +54,29 @@ let
options = {
name = mkOption {
- type = passwdEntry types.str;
+ type = types.passwdEntry types.str;
apply = x: assert (builtins.stringLength x < 32 || abort "Username '${x}' is longer than 31 characters which is not allowed!"); x;
- description = ''
+ description = lib.mdDoc ''
The name of the user account. If undefined, the name of the
attribute set will be used.
'';
};
description = mkOption {
- type = passwdEntry types.str;
+ type = types.passwdEntry types.str;
default = "";
example = "Alice Q. User";
- description = ''
+ description = lib.mdDoc ''
A short description of the user account, typically the
user's full name. This is actually the “GECOS” or “comment”
- field in /etc/passwd.
+ field in {file}`/etc/passwd`.
'';
};
uid = mkOption {
type = with types; nullOr int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The account UID. If the UID is null, a free UID is picked on
activation.
'';
@@ -91,15 +85,15 @@ let
isSystemUser = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Indicates if the user is a system user or not. This option
- only has an effect if is
- , in which case it determines whether
+ only has an effect if {option}`uid` is
+ {option}`null`, in which case it determines whether
the user's UID is allocated in the range for system users
(below 500) or in the range for normal users (starting at
1000).
- Exactly one of isNormalUser and
- isSystemUser must be true.
+ Exactly one of `isNormalUser` and
+ `isSystemUser` must be true.
'';
};
@@ -124,31 +118,31 @@ let
type = types.str;
apply = x: assert (builtins.stringLength x < 32 || abort "Group name '${x}' is longer than 31 characters which is not allowed!"); x;
default = "";
- description = "The user's primary group.";
+ description = lib.mdDoc "The user's primary group.";
};
extraGroups = mkOption {
type = types.listOf types.str;
default = [];
- description = "The user's auxiliary groups.";
+ description = lib.mdDoc "The user's auxiliary groups.";
};
home = mkOption {
- type = passwdEntry types.path;
+ type = types.passwdEntry types.path;
default = "/var/empty";
- description = "The user's home directory.";
+ description = lib.mdDoc "The user's home directory.";
};
homeMode = mkOption {
type = types.strMatching "[0-7]{1,5}";
default = "700";
- description = "The user's home directory mode in numeric format. See chmod(1). The mode is only applied if is true.";
+ description = lib.mdDoc "The user's home directory mode in numeric format. See chmod(1). The mode is only applied if {option}`users.users..createHome` is true.";
};
cryptHomeLuks = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to encrypted luks device that contains
the user's home directory.
'';
@@ -169,7 +163,7 @@ let
};
shell = mkOption {
- type = types.nullOr (types.either types.shellPackage (passwdEntry types.path));
+ type = types.nullOr (types.either types.shellPackage (types.passwdEntry types.path));
default = pkgs.shadow;
defaultText = literalExpression "pkgs.shadow";
example = literalExpression "pkgs.bashInteractive";
@@ -189,10 +183,10 @@ let
{ startUid = 1000; count = 1; }
{ startUid = 100001; count = 65534; }
];
- description = ''
+ description = lib.mdDoc ''
Subordinate user ids that user is allowed to use.
- They are set into /etc/subuid and are used
- by newuidmap for user namespaces.
+ They are set into {file}`/etc/subuid` and are used
+ by `newuidmap` for user namespaces.
'';
};
@@ -203,10 +197,10 @@ let
{ startGid = 100; count = 1; }
{ startGid = 1001; count = 999; }
];
- description = ''
+ description = lib.mdDoc ''
Subordinate group ids that user is allowed to use.
- They are set into /etc/subgid and are used
- by newgidmap for user namespaces.
+ They are set into {file}`/etc/subgid` and are used
+ by `newgidmap` for user namespaces.
'';
};
@@ -214,7 +208,7 @@ let
type = types.bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Automatically allocate subordinate user and group ids for this user.
Allocated range is currently always of size 65536.
'';
@@ -223,7 +217,7 @@ let
createHome = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to create the home directory and ensure ownership as well as
permissions to match the user.
'';
@@ -232,9 +226,9 @@ let
useDefaultShell = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If true, the user's shell will be set to
- .
+ {option}`users.defaultUserShell`.
'';
};
@@ -290,13 +284,13 @@ let
initialPassword = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist. If
- is true, the password
+ {option}`users.mutableUsers` is true, the password
can be changed subsequently using the
- passwd command. Otherwise, it's
- equivalent to setting the
+ {command}`passwd` command. Otherwise, it's
+ equivalent to setting the {option}`password`
option. The same caveat applies: the password specified here
is world-readable in the Nix store, so it should only be
used for guest accounts or passwords that will be changed
@@ -308,9 +302,9 @@ let
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
- description = ''
+ description = lib.mdDoc ''
The set of packages that should be made available to the user.
- This is in contrast to ,
+ This is in contrast to {option}`environment.systemPackages`,
which adds packages to all users.
'';
};
@@ -349,8 +343,8 @@ let
options = {
name = mkOption {
- type = passwdEntry types.str;
- description = ''
+ type = types.passwdEntry types.str;
+ description = lib.mdDoc ''
The name of the group. If undefined, the name of the attribute set
will be used.
'';
@@ -359,7 +353,7 @@ let
gid = mkOption {
type = with types; nullOr int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The group GID. If the GID is null, a free GID is picked on
activation.
'';
@@ -368,9 +362,9 @@ let
members = mkOption {
type = with types; listOf (passwdEntry str);
default = [];
- description = ''
+ description = lib.mdDoc ''
The user names of the group members, added to the
- /etc/group file.
+ `/etc/group` file.
'';
};
@@ -390,7 +384,7 @@ let
options = {
startUid = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Start of the range of subordinate user ids that user is
allowed to use.
'';
@@ -398,7 +392,7 @@ let
count = mkOption {
type = types.int;
default = 1;
- description = "Count of subordinate user ids";
+ description = lib.mdDoc "Count of subordinate user ids";
};
};
};
@@ -407,7 +401,7 @@ let
options = {
startGid = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Start of the range of subordinate group ids that user is
allowed to use.
'';
@@ -415,7 +409,7 @@ let
count = mkOption {
type = types.int;
default = 1;
- description = "Count of subordinate group ids";
+ description = lib.mdDoc "Count of subordinate group ids";
};
};
};
@@ -490,7 +484,7 @@ in {
users.enforceIdUniqueness = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to require that no two users/groups share the same uid/gid.
'';
};
@@ -509,7 +503,7 @@ in {
shell = "/bin/sh";
};
};
- description = ''
+ description = lib.mdDoc ''
Additional user accounts to be created automatically by the system.
This can also be used to set options for root.
'';
@@ -522,7 +516,7 @@ in {
hackers = { };
};
type = with types; attrsOf (submodule groupOpts);
- description = ''
+ description = lib.mdDoc ''
Additional groups to be created automatically by the system.
'';
};
@@ -531,8 +525,8 @@ in {
users.allowNoPasswordLogin = mkOption {
type = types.bool;
default = false;
- description = ''
- Disable checking that at least the root user or a user in the wheel group can log in using
+ description = lib.mdDoc ''
+ Disable checking that at least the `root` user or a user in the `wheel` group can log in using
a password or an SSH key.
WARNING: enabling this can lock you out of your system. Enable this only if you know what are you doing.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/vte.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/vte.nix
index 24d32a00fd4..a969607f6e0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/vte.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/vte.nix
@@ -25,7 +25,7 @@ in
programs.bash.vteIntegration = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Bash integration for VTE terminals.
This allows it to preserve the current directory of the shell
across terminals.
@@ -35,7 +35,7 @@ in
programs.zsh.vteIntegration = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Zsh integration for VTE terminals.
This allows it to preserve the current directory of the shell
across terminals.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/autostart.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/autostart.nix
index 40984cb5ec5..a4fdbda911a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/autostart.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/autostart.nix
@@ -10,9 +10,9 @@ with lib;
xdg.autostart.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to install files to support the
- XDG Autostart specification.
+ [XDG Autostart specification](https://specifications.freedesktop.org/autostart-spec/autostart-spec-latest.html).
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/icons.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/icons.nix
index 1e91670cf03..8d44a431445 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/icons.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/icons.nix
@@ -10,9 +10,9 @@ with lib;
xdg.icons.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to install files to support the
- XDG Icon Theme specification.
+ [XDG Icon Theme specification](https://specifications.freedesktop.org/icon-theme-spec/icon-theme-spec-latest.html).
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/menus.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/menus.nix
index 6735a7a5c43..b8f829e8154 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/menus.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/menus.nix
@@ -10,9 +10,9 @@ with lib;
xdg.menus.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to install files to support the
- XDG Desktop Menu specification.
+ [XDG Desktop Menu specification](https://specifications.freedesktop.org/menu-spec/menu-spec-latest.html).
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/mime.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/mime.nix
index 9b6dd4cab5f..3aa86308321 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/mime.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/mime.nix
@@ -18,10 +18,10 @@ in
xdg.mime.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to install files to support the
- XDG Shared MIME-info specification and the
- XDG MIME Applications specification.
+ [XDG Shared MIME-info specification](https://specifications.freedesktop.org/shared-mime-info-spec/shared-mime-info-spec-latest.html) and the
+ [XDG MIME Applications specification](https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html).
'';
};
@@ -32,10 +32,10 @@ in
"application/pdf" = "firefox.desktop";
"text/xml" = [ "nvim.desktop" "codium.desktop" ];
};
- description = ''
+ description = lib.mdDoc ''
Adds associations between mimetypes and applications. See the
-
- specifications for more information.
+ [
+ specifications](https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html#associations) for more information.
'';
};
@@ -46,10 +46,10 @@ in
"application/pdf" = "firefox.desktop";
"image/png" = [ "sxiv.desktop" "gimp.desktop" ];
};
- description = ''
+ description = lib.mdDoc ''
Sets the default applications for given mimetypes. See the
-
- specifications for more information.
+ [
+ specifications](https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html#default) for more information.
'';
};
@@ -60,10 +60,10 @@ in
"audio/mp3" = [ "mpv.desktop" "umpv.desktop" ];
"inode/directory" = "codium.desktop";
};
- description = ''
+ description = lib.mdDoc ''
Removes associations between mimetypes and applications. See the
-
- specifications for more information.
+ [
+ specifications](https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html#associations) for more information.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/portal.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/portal.nix
index 088f2af59e2..1e6ddd7c4a2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/portal.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/portal.nix
@@ -1,10 +1,30 @@
{ config, pkgs, lib, ... }:
-with lib;
+let
+ inherit (lib)
+ mkEnableOption
+ mkIf
+ mkOption
+ mkRenamedOptionModule
+ teams
+ types;
+in
{
imports = [
(mkRenamedOptionModule [ "services" "flatpak" "extraPortals" ] [ "xdg" "portal" "extraPortals" ])
+
+ ({ config, lib, options, ... }:
+ let
+ from = [ "xdg" "portal" "gtkUsePortal" ];
+ fromOpt = lib.getAttrFromPath from options;
+ in
+ {
+ warnings = lib.mkIf config.xdg.portal.gtkUsePortal [
+ "The option `${lib.showOption from}' defined in ${lib.showFiles fromOpt.files} has been deprecated. Setting the variable globally with `environment.sessionVariables' NixOS option can have unforseen side-effects."
+ ];
+ }
+ )
];
meta = {
@@ -32,11 +52,12 @@ with lib;
gtkUsePortal = mkOption {
type = types.bool;
+ visible = false;
default = false;
description = ''
Sets environment variable GTK_USE_PORTAL to 1.
- This is needed for packages ran outside Flatpak to respect and use XDG Desktop Portals.
- For example, you'd need to set this for non-flatpak Firefox to use native filechoosers.
+ This will force GTK-based programs ran outside Flatpak to respect and use XDG Desktop Portals
+ for features like file chooser but it is an unsupported hack that can easily break things.
Defaults to false to respect its opt-in nature.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/portals/lxqt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/portals/lxqt.nix
new file mode 100644
index 00000000000..e85e2cc3269
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/portals/lxqt.nix
@@ -0,0 +1,49 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+
+let
+ cfg = config.xdg.portal.lxqt;
+
+in
+{
+ meta = {
+ maintainers = teams.lxqt.members;
+ };
+
+ options.xdg.portal.lxqt = {
+ enable = mkEnableOption ''
+ the desktop portal for the LXQt desktop environment.
+
+ This will add the lxqt.xdg-desktop-portal-lxqt
+ package (with the extra Qt styles) into the
+ option
+ '';
+
+ styles = mkOption {
+ type = types.listOf types.package;
+ default = [];
+ example = literalExpression ''[
+ pkgs.libsForQt5.qtstyleplugin-kvantum
+ pkgs.breeze-qt5
+ pkgs.qtcurve
+ ];
+ '';
+ description = ''
+ Extra Qt styles that will be available to the
+ lxqt.xdg-desktop-portal-lxqt.
+ '';
+ };
+ };
+
+ config = mkIf cfg.enable {
+ xdg.portal = {
+ enable = true;
+ extraPortals = [
+ (pkgs.lxqt.xdg-desktop-portal-lxqt.override { extraQtStyles = cfg.styles; })
+ ];
+ };
+
+ environment.systemPackages = cfg.styles;
+ };
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/sounds.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/sounds.nix
index 0b94f550929..713d68131fc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/sounds.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/xdg/sounds.nix
@@ -10,9 +10,9 @@ with lib;
xdg.sounds.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to install files to support the
- XDG Sound Theme specification.
+ [XDG Sound Theme specification](https://www.freedesktop.org/wiki/Specifications/sound-theme-spec/).
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/zram.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/zram.nix
index 1f513b7e4da..34e80df47a4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/config/zram.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/config/zram.nix
@@ -40,21 +40,21 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable in-memory compressed devices and swap space provided by the zram
kernel module.
- See
+ See [
https://www.kernel.org/doc/Documentation/blockdev/zram.txt
- .
+ ](https://www.kernel.org/doc/Documentation/blockdev/zram.txt).
'';
};
numDevices = mkOption {
default = 1;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Number of zram devices to create. See also
- zramSwap.swapDevices
+ `zramSwap.swapDevices`
'';
};
@@ -62,20 +62,20 @@ in
default = null;
example = 1;
type = with types; nullOr int;
- description = ''
+ description = lib.mdDoc ''
Number of zram devices to be used as swap. Must be
- <= zramSwap.numDevices.
- Default is same as zramSwap.numDevices, recommended is 1.
+ `<= zramSwap.numDevices`.
+ Default is same as `zramSwap.numDevices`, recommended is 1.
'';
};
memoryPercent = mkOption {
default = 50;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Maximum amount of memory that can be used by the zram swap devices
(as a percentage of your total memory). Defaults to 1/2 of your total
- RAM. Run zramctl to check how good memory is
+ RAM. Run `zramctl` to check how good memory is
compressed.
'';
};
@@ -83,7 +83,7 @@ in
memoryMax = mkOption {
default = null;
type = with types; nullOr int;
- description = ''
+ description = lib.mdDoc ''
Maximum total amount of memory (in bytes) that can be used by the zram
swap devices.
'';
@@ -92,7 +92,7 @@ in
priority = mkOption {
default = 5;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Priority of the zram swap devices. It should be a number higher than
the priority of your disk-based swap devices (so that the system will
fill the zram swap devices before falling back to disk swap).
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/acpilight.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/acpilight.nix
index 2de448a265c..d8d82b0e81a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/acpilight.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/acpilight.nix
@@ -10,7 +10,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable acpilight.
This will allow brightness control via xbacklight from users in the video group
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/all-firmware.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/all-firmware.nix
index 89a1217dfb3..2d5a0007ff0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/all-firmware.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/all-firmware.nix
@@ -21,7 +21,7 @@ in {
hardware.enableAllFirmware = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Turn on this option if you want to enable all the firmware.
'';
};
@@ -30,7 +30,7 @@ in {
default = config.hardware.enableAllFirmware;
defaultText = lib.literalExpression "config.hardware.enableAllFirmware";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Turn on this option if you want to enable all the firmware with a license allowing redistribution.
'';
};
@@ -38,7 +38,7 @@ in {
hardware.wirelessRegulatoryDatabase = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Load the wireless regulatory database at boot.
'';
};
@@ -62,7 +62,7 @@ in {
alsa-firmware
sof-firmware
libreelec-dvb-firmware
- ] ++ optional (pkgs.stdenv.hostPlatform.isAarch32 || pkgs.stdenv.hostPlatform.isAarch64) raspberrypiWirelessFirmware
+ ] ++ optional pkgs.stdenv.hostPlatform.isAarch raspberrypiWirelessFirmware
++ optionals (versionOlder config.boot.kernelPackages.kernel.version "4.13") [
rtl8723bs-firmware
] ++ optionals (versionOlder config.boot.kernelPackages.kernel.version "5.16") [
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/bladeRF.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/bladeRF.nix
index 35b74b8382e..52a1f52024c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/bladeRF.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/bladeRF.nix
@@ -12,7 +12,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables udev rules for BladeRF devices. By default grants access
to users in the "bladerf" group. You may want to install the
libbladeRF package.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ckb-next.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ckb-next.nix
index b2bbd77c9d7..287d287a775 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ckb-next.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ckb-next.nix
@@ -19,7 +19,7 @@ in
type = types.nullOr types.int;
default = null;
example = 100;
- description = ''
+ description = lib.mdDoc ''
Limit access to the ckb daemon to a particular group.
'';
};
@@ -28,7 +28,7 @@ in
type = types.package;
default = pkgs.ckb-next;
defaultText = literalExpression "pkgs.ckb-next";
- description = ''
+ description = lib.mdDoc ''
The package implementing the Corsair keyboard/mouse driver.
'';
};
@@ -48,6 +48,6 @@ in
};
meta = {
- maintainers = with lib.maintainers; [ kierdavis ];
+ maintainers = with lib.maintainers; [ superherointj ];
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/amd-microcode.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/amd-microcode.nix
index 621c7066bfe..3f52cb1fca3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/amd-microcode.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/amd-microcode.nix
@@ -11,7 +11,7 @@ with lib;
hardware.cpu.amd.updateMicrocode = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Update the CPU microcode for AMD processors.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/intel-microcode.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/intel-microcode.nix
index acce565fd80..d30ebfefeea 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/intel-microcode.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/intel-microcode.nix
@@ -11,7 +11,7 @@ with lib;
hardware.cpu.intel.updateMicrocode = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Update the CPU microcode for Intel processors.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/intel-sgx.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/intel-sgx.nix
index 1355ee753f0..76664133a08 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/intel-sgx.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/cpu/intel-sgx.nix
@@ -6,13 +6,13 @@ let
in
{
options.hardware.cpu.intel.sgx.enableDcapCompat = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to enable backward compatibility for SGX software build for the
out-of-tree Intel SGX DCAP driver.
- Creates symbolic links for the SGX devices /dev/sgx_enclave
- and /dev/sgx_provision to make them available as
- /dev/sgx/enclave and /dev/sgx/provision,
+ Creates symbolic links for the SGX devices `/dev/sgx_enclave`
+ and `/dev/sgx_provision` to make them available as
+ `/dev/sgx/enclave` and `/dev/sgx/provision`,
respectively.
'';
type = types.bool;
@@ -22,17 +22,17 @@ in
options.hardware.cpu.intel.sgx.provision = {
enable = mkEnableOption "access to the Intel SGX provisioning device";
user = mkOption {
- description = "Owner to assign to the SGX provisioning device.";
+ description = lib.mdDoc "Owner to assign to the SGX provisioning device.";
type = types.str;
default = "root";
};
group = mkOption {
- description = "Group to assign to the SGX provisioning device.";
+ description = lib.mdDoc "Group to assign to the SGX provisioning device.";
type = types.str;
default = defaultPrvGroup;
};
mode = mkOption {
- description = "Mode to set for the SGX provisioning device.";
+ description = lib.mdDoc "Mode to set for the SGX provisioning device.";
type = types.str;
default = "0660";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/device-tree.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/device-tree.nix
index 5a8a8e27bee..55852776220 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/device-tree.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/device-tree.nix
@@ -9,14 +9,14 @@ let
options = {
name = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of this overlay
'';
};
dtsFile = mkOption {
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path to .dts overlay file, overlay is applied to
each .dtb file matching "compatible" of the overlay.
'';
@@ -27,7 +27,7 @@ let
dtsText = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Literal DTS contents, overlay is applied to
each .dtb file matching "compatible" of the overlay.
'';
@@ -49,7 +49,7 @@ let
dtboFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to .dtbo compiled overlay file.
'';
};
@@ -115,7 +115,7 @@ in
enable = mkOption {
default = pkgs.stdenv.hostPlatform.linux-kernel.DTB or false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Build device tree files. These are used to describe the
non-discoverable hardware of a system.
'';
@@ -126,7 +126,7 @@ in
defaultText = literalExpression "config.boot.kernelPackages.kernel";
example = literalExpression "pkgs.linux_latest";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Kernel package containing the base device-tree (.dtb) to boot. Uses
device trees bundled with the Linux kernel by default.
'';
@@ -136,7 +136,7 @@ in
default = null;
example = "some-dtb.dtb";
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The name of an explicit dtb to be loaded, relative to the dtb base.
Useful in extlinux scenarios if the bootloader doesn't pick the
right .dtb file from FDTDIR.
@@ -147,7 +147,7 @@ in
type = types.nullOr types.str;
default = null;
example = "*rpi*.dtb";
- description = ''
+ description = lib.mdDoc ''
Only include .dtb files matching glob expression.
'';
};
@@ -167,7 +167,7 @@ in
name = baseNameOf path;
dtboFile = path;
}) overlayType);
- description = ''
+ description = lib.mdDoc ''
List of overlays to apply to base device-tree (.dtb) files.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/digitalbitbox.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/digitalbitbox.nix
index 097448a74f4..74e46bd34ac 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/digitalbitbox.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/digitalbitbox.nix
@@ -11,7 +11,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables udev rules for Digital Bitbox devices.
'';
};
@@ -20,7 +20,7 @@ in
type = types.package;
default = pkgs.digitalbitbox;
defaultText = literalExpression "pkgs.digitalbitbox";
- description = "The Digital Bitbox package to use. This can be used to install a package with udev rules that differ from the defaults.";
+ description = lib.mdDoc "The Digital Bitbox package to use. This can be used to install a package with udev rules that differ from the defaults.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/hackrf.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/hackrf.nix
index 7f03b765bbd..38ef7fa6d3d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/hackrf.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/hackrf.nix
@@ -9,7 +9,7 @@ in
enable = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables hackrf udev rules and ensures 'plugdev' group exists.
This is a prerequisite to using HackRF devices without being root, since HackRF USB descriptors will be owned by plugdev through udev.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/i2c.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/i2c.nix
index ff14b4b1c89..0b57cd1c28d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/i2c.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/i2c.nix
@@ -17,7 +17,7 @@ in
group = mkOption {
type = types.str;
default = "i2c";
- description = ''
+ description = lib.mdDoc ''
Grant access to i2c devices (/dev/i2c-*) to users in this group.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/keyboard/zsa.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/keyboard/zsa.nix
index bb69cfa0bf0..5bf4022cdc4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/keyboard/zsa.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/keyboard/zsa.nix
@@ -9,7 +9,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables udev rules for keyboards from ZSA like the ErgoDox EZ, Planck EZ and Moonlander Mark I.
You need it when you want to flash a new configuration on the keyboard
or use their live training in the browser.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ksm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ksm.nix
index 829c3532c45..ba7a1c12169 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ksm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ksm.nix
@@ -15,9 +15,9 @@ in {
sleep = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
How many milliseconds ksmd should sleep between scans.
- Setting it to null uses the kernel's default time.
+ Setting it to `null` uses the kernel's default time.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/logitech.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/logitech.nix
index 3ebe6aacf5d..2e3a71c0415 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/logitech.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/logitech.nix
@@ -24,7 +24,7 @@ in
startWhenNeeded = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Only run the service when an actual supported device is plugged.
'';
};
@@ -47,7 +47,7 @@ in
enableGraphical = mkOption {
type = types.bool;
default = false;
- description = "Enable graphical support applications.";
+ description = lib.mdDoc "Enable graphical support applications.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/mcelog.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/mcelog.nix
index 13ad238870c..be8fc8cd192 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/mcelog.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/mcelog.nix
@@ -10,7 +10,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the Machine Check Exception logger.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/ath-user-regd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/ath-user-regd.nix
index b5ade5ed501..a7f023d26ce 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/ath-user-regd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/ath-user-regd.nix
@@ -14,7 +14,7 @@ in
options.networking.wireless.athUserRegulatoryDomain = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If enabled, sets the ATH_USER_REGD kernel config switch to true to
disable the enforcement of EEPROM regulatory restrictions for ath
drivers. Requires at least Linux ${linuxKernelMinVersion}.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/b43.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/b43.nix
index eb03bf223cc..7f045f7b70f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/b43.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/b43.nix
@@ -13,7 +13,7 @@ let kernelVersion = config.boot.kernelPackages.kernel.version; in
networking.enableB43Firmware = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Turn on this option if you want firmware for the NICs supported by the b43 module.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/intel-2200bg.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/intel-2200bg.nix
index 17b973474c9..e1ec8134129 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/intel-2200bg.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/network/intel-2200bg.nix
@@ -9,7 +9,7 @@
networking.enableIntel2200BGFirmware = lib.mkOption {
default = false;
type = lib.types.bool;
- description = ''
+ description = lib.mdDoc ''
Turn on this option if you want firmware for the Intel
PRO/Wireless 2200BG to be loaded automatically. This is
required if you want to use this device.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/new-lg4ff.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/new-lg4ff.nix
index 3c7f66f8d89..fac376eb7a7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/new-lg4ff.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/new-lg4ff.nix
@@ -10,7 +10,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables improved Linux module drivers for Logitech driving wheels.
This will replace the existing in-kernel hid-logitech modules.
Works most notably on the Logitech G25, G27, G29 and Driving Force (GT).
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/nitrokey.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/nitrokey.nix
index baa07203118..fa9dd4d6d8f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/nitrokey.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/nitrokey.nix
@@ -13,7 +13,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables udev rules for Nitrokey devices. By default grants access
to users in the "nitrokey" group. You may want to install the
nitrokey-app package, depending on your device and needs.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/onlykey/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/onlykey/default.nix
index 07358c8a878..59e159dce48 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/onlykey/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/onlykey/default.nix
@@ -12,7 +12,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable OnlyKey device (https://crp.to/p/) support.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/opengl.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/opengl.nix
index 0d8aaf73459..dd30bd92b45 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/opengl.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/opengl.nix
@@ -35,7 +35,7 @@ in
hardware.opengl = {
enable = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to enable OpenGL drivers. This is needed to enable
OpenGL support in X11 systems, as well as for Wayland compositors
like sway and Weston. It is enabled by default
@@ -51,7 +51,7 @@ in
driSupport = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable accelerated OpenGL rendering through the
Direct Rendering Interface (DRI).
'';
@@ -60,11 +60,11 @@ in
driSupport32Bit = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
On 64-bit systems, whether to support Direct Rendering for
32-bit applications (such as Wine). This is currently only
- supported for the nvidia as well as
- Mesa.
+ supported for the `nvidia` as well as
+ `Mesa`.
'';
};
@@ -90,7 +90,7 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "with pkgs; [ vaapiIntel libvdpau-va-gl vaapiVdpau intel-ocl ]";
- description = ''
+ description = lib.mdDoc ''
Additional packages to add to OpenGL drivers. This can be used
to add OpenCL drivers, VA-API/VDPAU drivers etc.
'';
@@ -100,9 +100,9 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "with pkgs.pkgsi686Linux; [ vaapiIntel libvdpau-va-gl vaapiVdpau ]";
- description = ''
+ description = lib.mdDoc ''
Additional packages to add to 32-bit OpenGL drivers on
- 64-bit systems. Used when is
+ 64-bit systems. Used when {option}`driSupport32Bit` is
set. This can be used to add OpenCL drivers, VA-API/VDPAU drivers etc.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/openrazer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/openrazer.nix
index bd9fc485e17..315a4a6824b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/openrazer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/openrazer.nix
@@ -56,7 +56,7 @@ in
verboseLogging = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable verbose logging. Logs debug messages.
'';
};
@@ -64,7 +64,7 @@ in
syncEffectsEnabled = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Set the sync effects flag to true so any assignment of
effects will work across devices.
'';
@@ -73,7 +73,7 @@ in
devicesOffOnScreensaver = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Turn off the devices when the systems screensaver kicks in.
'';
};
@@ -81,7 +81,7 @@ in
mouseBatteryNotifier = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Mouse battery notifier.
'';
};
@@ -89,7 +89,7 @@ in
keyStatistics = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Collects number of keypresses per hour per key used to
generate a heatmap.
'';
@@ -98,7 +98,7 @@ in
users = mkOption {
type = with types; listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Usernames to be added to the "openrazer" group, so that they
can start and interact with the OpenRazer userspace daemon.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/opentabletdriver.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/opentabletdriver.nix
index caba934ebe7..6c5ca3d949e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/opentabletdriver.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/opentabletdriver.nix
@@ -12,7 +12,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable OpenTabletDriver udev rules, user service and blacklist kernel
modules known to conflict with OpenTabletDriver.
'';
@@ -21,7 +21,7 @@ in
blacklistedKernelModules = mkOption {
type = types.listOf types.str;
default = [ "hid-uclogic" "wacom" ];
- description = ''
+ description = lib.mdDoc ''
Blacklist of kernel modules known to conflict with OpenTabletDriver.
'';
};
@@ -30,7 +30,7 @@ in
type = types.package;
default = pkgs.opentabletdriver;
defaultText = literalExpression "pkgs.opentabletdriver";
- description = ''
+ description = lib.mdDoc ''
OpenTabletDriver derivation to use.
'';
};
@@ -39,7 +39,7 @@ in
enable = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to start OpenTabletDriver daemon as a systemd user service.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/pcmcia.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/pcmcia.nix
index aef35a28e54..f7a5565d773 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/pcmcia.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/pcmcia.nix
@@ -20,7 +20,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable this option to support PCMCIA card.
'';
};
@@ -28,7 +28,7 @@ in
firmware = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of firmware used to handle specific PCMCIA card.
'';
};
@@ -36,7 +36,7 @@ in
config = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the configuration file which maps the memory, IRQs
and ports used by the PCMCIA hardware.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/printers.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/printers.nix
index ef07542950b..64c29bb0a5b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/printers.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/printers.nix
@@ -30,17 +30,17 @@ in {
ensureDefaultPrinter = mkOption {
type = types.nullOr printerName;
default = null;
- description = ''
+ description = lib.mdDoc ''
Ensures the named printer is the default CUPS printer / printer queue.
'';
};
ensurePrinters = mkOption {
- description = ''
+ description = lib.mdDoc ''
Will regularly ensure that the given CUPS printers are configured as declared here.
If a printer's options are manually changed afterwards, they will be overwritten eventually.
This option will never delete any printer, even if removed from this list.
- You can check existing printers with lpstat -s
- and remove printers with lpadmin -x <printer-name>.
+ You can check existing printers with {command}`lpstat -s`
+ and remove printers with {command}`lpadmin -x `.
Printers not listed here can still be manually configured.
'';
default = [];
@@ -49,7 +49,7 @@ in {
name = mkOption {
type = printerName;
example = "BrotherHL_Workroom";
- description = ''
+ description = lib.mdDoc ''
Name of the printer / printer queue.
May contain any printable characters except "/", "#", and space.
'';
@@ -58,7 +58,7 @@ in {
type = types.nullOr types.str;
default = null;
example = "Workroom";
- description = ''
+ description = lib.mdDoc ''
Optional human-readable location.
'';
};
@@ -66,7 +66,7 @@ in {
type = types.nullOr types.str;
default = null;
example = "Brother HL-5140";
- description = ''
+ description = lib.mdDoc ''
Optional human-readable description.
'';
};
@@ -76,9 +76,9 @@ in {
"ipp://printserver.local/printers/BrotherHL_Workroom"
"usb://HP/DESKJET%20940C?serial=CN16E6C364BH"
'';
- description = ''
+ description = lib.mdDoc ''
How to reach the printer.
- lpinfo -v shows a list of supported device URIs and schemes.
+ {command}`lpinfo -v` shows a list of supported device URIs and schemes.
'';
};
model = mkOption {
@@ -86,9 +86,9 @@ in {
example = literalExpression ''
"gutenprint.''${lib.versions.majorMinor (lib.getVersion pkgs.gutenprint)}://brother-hl-5140/expert"
'';
- description = ''
+ description = lib.mdDoc ''
Location of the ppd driver file for the printer.
- lpinfo -m shows a list of supported models.
+ {command}`lpinfo -m` shows a list of supported models.
'';
};
ppdOptions = mkOption {
@@ -98,9 +98,9 @@ in {
Duplex = "DuplexNoTumble";
};
default = {};
- description = ''
+ description = lib.mdDoc ''
Sets PPD options for the printer.
- lpoptions [-p printername] -l shows suported PPD options for the given printer.
+ {command}`lpoptions [-p printername] -l` shows suported PPD options for the given printer.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/raid/hpsa.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/raid/hpsa.nix
index fa6f0b8fc84..120348a74bf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/raid/hpsa.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/raid/hpsa.nix
@@ -40,7 +40,7 @@ let
homepage = "https://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/";
license = licenses.unfreeRedistributable;
platforms = [ "x86_64-linux" ];
- maintainers = with maintainers; [ volth ];
+ maintainers = with maintainers; [ ];
};
};
in {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/rtl-sdr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/rtl-sdr.nix
index e85fc04e29b..7f462005f15 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/rtl-sdr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/rtl-sdr.nix
@@ -8,7 +8,7 @@ in {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables rtl-sdr udev rules, ensures 'plugdev' group exists, and blacklists DVB kernel modules.
This is a prerequisite to using devices supported by rtl-sdr without being root, since rtl-sdr USB descriptors will be owned by plugdev through udev.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/saleae-logic.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/saleae-logic.nix
index a3810d640c4..02d234cd3f0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/saleae-logic.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/saleae-logic.nix
@@ -11,7 +11,7 @@ in
type = lib.types.package;
default = pkgs.saleae-logic-2;
defaultText = lib.literalExpression "pkgs.saleae-logic-2";
- description = ''
+ description = lib.mdDoc ''
Saleae Logic package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sata.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sata.nix
index 81592997d6e..bac24236f7d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sata.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sata.nix
@@ -41,7 +41,7 @@ in
deciSeconds = mkOption {
example = 70;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Set SCT Error Recovery Control timeout in deciseconds for use in RAID configurations.
Values are as follows:
@@ -53,17 +53,17 @@ in
};
drives = mkOption {
- description = "List of drives for which to configure the timeout.";
+ description = lib.mdDoc "List of drives for which to configure the timeout.";
type = types.listOf
(types.submodule {
options = {
name = mkOption {
- description = "Drive name without the full path.";
+ description = lib.mdDoc "Drive name without the full path.";
type = types.str;
};
idBy = mkOption {
- description = "The method to identify the drive.";
+ description = lib.mdDoc "The method to identify the drive.";
type = types.enum [ "path" "wwn" ];
default = "path";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sensor/hddtemp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sensor/hddtemp.nix
index df3f75e229a..b69d012b4d0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sensor/hddtemp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sensor/hddtemp.nix
@@ -30,7 +30,7 @@ in
options = {
hardware.sensor.hddtemp = {
enable = mkOption {
- description = ''
+ description = lib.mdDoc ''
Enable this option to support HDD/SSD temperature sensors.
'';
type = types.bool;
@@ -38,24 +38,24 @@ in
};
drives = mkOption {
- description = "List of drives to monitor. If you pass /dev/disk/by-path/* entries the symlinks will be resolved as hddtemp doesn't like names with colons.";
+ description = lib.mdDoc "List of drives to monitor. If you pass /dev/disk/by-path/* entries the symlinks will be resolved as hddtemp doesn't like names with colons.";
type = types.listOf types.str;
};
unit = mkOption {
- description = "Celcius or Fahrenheit";
+ description = lib.mdDoc "Celcius or Fahrenheit";
type = types.enum [ "C" "F" ];
default = "C";
};
dbEntries = mkOption {
- description = "Additional DB entries";
+ description = lib.mdDoc "Additional DB entries";
type = types.listOf types.str;
default = [ ];
};
extraArgs = mkOption {
- description = "Additional arguments passed to the daemon.";
+ description = lib.mdDoc "Additional arguments passed to the daemon.";
type = types.listOf types.str;
default = [ ];
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sensor/iio.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sensor/iio.nix
index 8b3ba87a7d9..6f7b1dc1f7f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sensor/iio.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/sensor/iio.nix
@@ -8,7 +8,7 @@ with lib;
options = {
hardware.sensor.iio = {
enable = mkOption {
- description = ''
+ description = lib.mdDoc ''
Enable this option to support IIO sensors with iio-sensor-proxy.
IIO sensors are used for orientation and ambient light
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/steam-hardware.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/steam-hardware.nix
index 6218c9ffbb9..07edf687039 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/steam-hardware.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/steam-hardware.nix
@@ -13,7 +13,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable udev rules for Steam hardware such as the Steam Controller, other supported controllers and the HTC Vive";
+ description = lib.mdDoc "Enable udev rules for Steam hardware such as the Steam Controller, other supported controllers and the HTC Vive";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/system-76.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/system-76.nix
index ca40ee0ebb3..21cab4a3787 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/system-76.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/system-76.nix
@@ -63,7 +63,7 @@ in {
default = cfg.enableAll;
defaultText = literalExpression "config.${opt.enableAll}";
example = true;
- description = "Whether to enable the system76 firmware daemon";
+ description = lib.mdDoc "Whether to enable the system76 firmware daemon";
type = types.bool;
};
@@ -71,7 +71,7 @@ in {
default = cfg.enableAll;
defaultText = literalExpression "config.${opt.enableAll}";
example = true;
- description = "Whether to make the system76 out-of-tree kernel modules available";
+ description = lib.mdDoc "Whether to make the system76 out-of-tree kernel modules available";
type = types.bool;
};
@@ -79,7 +79,7 @@ in {
default = cfg.enableAll;
defaultText = literalExpression "config.${opt.enableAll}";
example = true;
- description = "Whether to enable the system76 power daemon";
+ description = lib.mdDoc "Whether to enable the system76 power daemon";
type = types.bool;
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ubertooth.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ubertooth.nix
index 637fddfb37d..e76fa45fea5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ubertooth.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/ubertooth.nix
@@ -16,7 +16,7 @@ in {
type = types.str;
default = "ubertooth";
example = "wheel";
- description = "Group for Ubertooth's udev rules.";
+ description = lib.mdDoc "Group for Ubertooth's udev rules.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/usb-wwan.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/usb-wwan.nix
index 679a6c6497c..69673872cf9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/usb-wwan.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/usb-wwan.nix
@@ -11,7 +11,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable this option to support USB WWAN adapters.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/bumblebee.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/bumblebee.nix
index b6af4f80445..75f71d499e6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/bumblebee.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/bumblebee.nix
@@ -29,7 +29,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable the bumblebee daemon to manage Optimus hybrid video cards.
This should power off secondary GPU until its use is requested
by running an application with optirun.
@@ -40,13 +40,13 @@ in
default = "wheel";
example = "video";
type = types.str;
- description = "Group for bumblebee socket";
+ description = lib.mdDoc "Group for bumblebee socket";
};
connectDisplay = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Set to true if you intend to connect your discrete card to a
monitor. This option will set up your Nvidia card for EDID
discovery and to turn on the monitor signal.
@@ -58,7 +58,7 @@ in
driver = mkOption {
default = "nvidia";
type = types.enum [ "nvidia" "nouveau" ];
- description = ''
+ description = lib.mdDoc ''
Set driver used by bumblebeed. Supported are nouveau and nvidia.
'';
};
@@ -66,7 +66,7 @@ in
pmMethod = mkOption {
default = "auto";
type = types.enum [ "auto" "bbswitch" "switcheroo" "none" ];
- description = ''
+ description = lib.mdDoc ''
Set preferred power management method for unused card.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/nvidia.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/nvidia.nix
index b4717719661..8c6c97f9b21 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/nvidia.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/nvidia.nix
@@ -24,7 +24,7 @@ let
primeEnabled = syncCfg.enable || offloadCfg.enable;
nvidiaPersistencedEnabled = cfg.nvidiaPersistenced;
nvidiaSettings = cfg.nvidiaSettings;
- busIDType = types.strMatching "([[:print:]]+\:[0-9]{1,3}\:[0-9]{1,2}\:[0-9])?";
+ busIDType = types.strMatching "([[:print:]]+[\:\@][0-9]{1,3}\:[0-9]{1,2}\:[0-9])?";
in
{
@@ -40,7 +40,7 @@ in
hardware.nvidia.powerManagement.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Experimental power management through systemd. For more information, see
the NVIDIA docs, on Chapter 21. Configuring Power Management Support.
'';
@@ -49,7 +49,7 @@ in
hardware.nvidia.powerManagement.finegrained = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Experimental power management of PRIME offload. For more information, see
the NVIDIA docs, chapter 22. PCI-Express runtime power management.
'';
@@ -58,11 +58,11 @@ in
hardware.nvidia.modesetting.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable kernel modesetting when using the NVIDIA proprietary driver.
Enabling this fixes screen tearing when using Optimus via PRIME (see
- . This is not enabled
+ {option}`hardware.nvidia.prime.sync.enable`. This is not enabled
by default because it is not officially supported by NVIDIA and would not
work with SLI.
'';
@@ -72,7 +72,7 @@ in
type = busIDType;
default = "";
example = "PCI:1:0:0";
- description = ''
+ description = lib.mdDoc ''
Bus ID of the NVIDIA GPU. You can find it using lspci; for example if lspci
shows the NVIDIA GPU at "01:00.0", set this option to "PCI:1:0:0".
'';
@@ -82,7 +82,7 @@ in
type = busIDType;
default = "";
example = "PCI:0:2:0";
- description = ''
+ description = lib.mdDoc ''
Bus ID of the Intel GPU. You can find it using lspci; for example if lspci
shows the Intel GPU at "00:02.0", set this option to "PCI:0:2:0".
'';
@@ -92,7 +92,7 @@ in
type = busIDType;
default = "";
example = "PCI:4:0:0";
- description = ''
+ description = lib.mdDoc ''
Bus ID of the AMD APU. You can find it using lspci; for example if lspci
shows the AMD APU at "04:00.0", set this option to "PCI:4:0:0".
'';
@@ -101,26 +101,26 @@ in
hardware.nvidia.prime.sync.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable NVIDIA Optimus support using the NVIDIA proprietary driver via PRIME.
If enabled, the NVIDIA GPU will be always on and used for all rendering,
while enabling output to displays attached only to the integrated Intel GPU
without a multiplexer.
Note that this option only has any effect if the "nvidia" driver is specified
- in , and it should preferably
+ in {option}`services.xserver.videoDrivers`, and it should preferably
be the only driver there.
If this is enabled, then the bus IDs of the NVIDIA and Intel GPUs have to be
- specified ( and
- ).
+ specified ({option}`hardware.nvidia.prime.nvidiaBusId` and
+ {option}`hardware.nvidia.prime.intelBusId`).
If you enable this, you may want to also enable kernel modesetting for the
- NVIDIA driver () in order
+ NVIDIA driver ({option}`hardware.nvidia.modesetting.enable`) in order
to prevent tearing.
Note that this configuration will only be successful when a display manager
- for which the
+ for which the {option}`services.xserver.displayManager.setupCommands`
option is supported is used.
'';
};
@@ -128,7 +128,7 @@ in
hardware.nvidia.prime.sync.allowExternalGpu = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Configure X to allow external NVIDIA GPUs when using optimus.
'';
};
@@ -136,19 +136,19 @@ in
hardware.nvidia.prime.offload.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable render offload support using the NVIDIA proprietary driver via PRIME.
If this is enabled, then the bus IDs of the NVIDIA and Intel GPUs have to be
- specified ( and
- ).
+ specified ({option}`hardware.nvidia.prime.nvidiaBusId` and
+ {option}`hardware.nvidia.prime.intelBusId`).
'';
};
hardware.nvidia.nvidiaSettings = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to add nvidia-settings, NVIDIA's GUI configuration tool, to
systemPackages.
'';
@@ -157,7 +157,7 @@ in
hardware.nvidia.nvidiaPersistenced = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Update for NVIDA GPU headless mode, i.e. nvidia-persistenced. It ensures all
GPUs stay awake even during headless mode.
'';
@@ -166,7 +166,7 @@ in
hardware.nvidia.forceFullCompositionPipeline = lib.mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to force-enable the full composition pipeline.
This sometimes fixes screen tearing issues.
This has been reported to reduce the performance of some OpenGL applications and may produce issues in WebGL.
@@ -178,7 +178,7 @@ in
type = types.package;
default = config.boot.kernelPackages.nvidiaPackages.stable;
defaultText = literalExpression "config.boot.kernelPackages.nvidiaPackages.stable";
- description = ''
+ description = lib.mdDoc ''
The NVIDIA X11 derivation to use.
'';
example = literalExpression "config.boot.kernelPackages.nvidiaPackages.legacy_340";
@@ -187,7 +187,7 @@ in
hardware.nvidia.open = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use the open source kernel module
'';
};
@@ -392,10 +392,9 @@ in
services.udev.extraRules =
''
# Create /dev/nvidia-uvm when the nvidia-uvm module is loaded.
- KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidiactl c 195 255'"
- KERNEL=="nvidia_modeset", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-modeset c 195 254'"
- KERNEL=="card*", SUBSYSTEM=="drm", DRIVERS=="nvidia", PROGRAM="${pkgs.gnugrep}/bin/grep 'Device Minor:' /proc/driver/nvidia/gpus/%b/information", \
- RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia%c{3} c 195 %c{3}"
+ KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidiactl c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) 255'"
+ KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'for i in $$(cat /proc/driver/nvidia/gpus/*/information | grep Minor | cut -d \ -f 4); do mknod -m 666 /dev/nvidia$${i} c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) $${i}; done'"
+ KERNEL=="nvidia_modeset", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-modeset c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) 254'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm-tools c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 1'"
'' + optionalString cfg.powerManagement.finegrained (
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/uvcvideo/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/uvcvideo/default.nix
index 338062cf69b..bb59e2f2ed2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/uvcvideo/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/uvcvideo/default.nix
@@ -22,12 +22,12 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to enable uvcvideo dynamic controls.
+ description = lib.mdDoc ''
+ Whether to enable {command}`uvcvideo` dynamic controls.
- Note that enabling this brings the uvcdynctrl tool
+ Note that enabling this brings the {command}`uvcdynctrl` tool
into your environment and register all dynamic controls from
- specified packages to the uvcvideo driver.
+ specified {command}`packages` to the {command}`uvcvideo` driver.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/webcam/facetimehd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/webcam/facetimehd.nix
index c48eac5e9c1..8940674ce53 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/webcam/facetimehd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/hardware/video/webcam/facetimehd.nix
@@ -18,10 +18,10 @@ in
default = false;
example = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to include sensor calibration files for facetimehd.
This makes colors look much better but is experimental, see
-
+
for details.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/fcitx.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/fcitx.nix
index 7738581b893..043ec3d55c1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/fcitx.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/fcitx.nix
@@ -22,9 +22,9 @@ in
let
enginesDrv = filterAttrs (const isDerivation) pkgs.fcitx-engines;
engines = concatStringsSep ", "
- (map (name: "${name}") (attrNames enginesDrv));
+ (map (name: "`${name}`") (attrNames enginesDrv));
in
- "Enabled Fcitx engines. Available engines are: ${engines}.";
+ lib.mdDoc "Enabled Fcitx engines. Available engines are: ${engines}.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/fcitx5.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/fcitx5.nix
index 9ef0285f7b9..7cdef9ae932 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/fcitx5.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/fcitx5.nix
@@ -15,7 +15,7 @@ in {
type = with types; listOf package;
default = [];
example = literalExpression "with pkgs; [ fcitx5-rime ]";
- description = ''
+ description = lib.mdDoc ''
Enabled Fcitx5 addons.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/ibus.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/ibus.nix
index 907f6451fce..520db128acd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/ibus.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/ibus.nix
@@ -43,15 +43,15 @@ in
let
enginesDrv = filterAttrs (const isDerivation) pkgs.ibus-engines;
engines = concatStringsSep ", "
- (map (name: "${name}") (attrNames enginesDrv));
+ (map (name: "`${name}`") (attrNames enginesDrv));
in
- "Enabled IBus engines. Available engines are: ${engines}.";
+ lib.mdDoc "Enabled IBus engines. Available engines are: ${engines}.";
};
panel = mkOption {
type = with types; nullOr path;
default = null;
example = literalExpression ''"''${pkgs.plasma5Packages.plasma-desktop}/lib/libexec/kimpanel-ibus-panel"'';
- description = "Replace the IBus panel with another panel.";
+ description = lib.mdDoc "Replace the IBus panel with another panel.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/kime.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/kime.nix
index 729a665614a..29224a6bf75 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/kime.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/kime.nix
@@ -27,8 +27,8 @@ in
};
}
'';
- description = ''
- kime configuration. Refer to for details on supported values.
+ description = lib.mdDoc ''
+ kime configuration. Refer to for details on supported values.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/uim.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/uim.nix
index 459294657e0..9491ab2640f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/uim.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/i18n/input-method/uim.nix
@@ -13,7 +13,7 @@ in
type = types.enum [ "gtk" "gtk3" "gtk-systray" "gtk3-systray" "qt4" ];
default = "gtk";
example = "gtk-systray";
- description = ''
+ description = lib.mdDoc ''
selected UIM toolbar.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/iso-image.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/iso-image.nix
index d1ccc6c2072..9309fe70a86 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/iso-image.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/iso-image.nix
@@ -476,9 +476,9 @@ in
isoImage.squashfsCompression = mkOption {
default = with pkgs.stdenv.targetPlatform; "xz -Xdict-size 100% "
- + lib.optionalString (isx86_32 || isx86_64) "-Xbcj x86"
+ + lib.optionalString isx86 "-Xbcj x86"
# Untested but should also reduce size for these platforms
- + lib.optionalString (isAarch32 || isAarch64) "-Xbcj arm"
+ + lib.optionalString isAarch "-Xbcj arm"
+ lib.optionalString (isPower && is32bit && isBigEndian) "-Xbcj powerpc"
+ lib.optionalString (isSparc) "-Xbcj sparc";
description = ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix
deleted file mode 100644
index 054c8c74a76..00000000000
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix
+++ /dev/null
@@ -1,160 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
- # A dummy /etc/nixos/configuration.nix in the booted CD that
- # rebuilds the CD's configuration (and allows the configuration to
- # be modified, of course, providing a true live CD). Problem is
- # that we don't really know how the CD was built - the Nix
- # expression language doesn't allow us to query the expression being
- # evaluated. So we'll just hope for the best.
- dummyConfiguration = pkgs.writeText "configuration.nix"
- ''
- { config, pkgs, ... }:
-
- { # Add your own options below, e.g.:
- # services.openssh.enable = true;
- nixpkgs.config.platform = pkgs.platforms.fuloong2f_n32;
- }
- '';
-
-
- pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l;
-
- # A clue for the kernel loading
- kernelParams = pkgs.writeText "kernel-params.txt" ''
- Kernel Parameters:
- init=/boot/init ${toString config.boot.kernelParams}
- '';
-
- # System wide nixpkgs config
- nixpkgsUserConfig = pkgs.writeText "config.nix" ''
- pkgs:
- {
- platform = pkgs.platforms.fuloong2f_n32;
- }
- '';
-
-in
-
-{
- imports = [ ./system-tarball.nix ];
-
- # Disable some other stuff we don't need.
- security.sudo.enable = false;
-
- # Include only the en_US locale. This saves 75 MiB or so compared to
- # the full glibcLocales package.
- i18n.supportedLocales = ["en_US.UTF-8/UTF-8" "en_US/ISO-8859-1"];
-
- # Include some utilities that are useful for installing or repairing
- # the system.
- environment.systemPackages =
- [ pkgs.w3m # needed for the manual anyway
- pkgs.testdisk # useful for repairing boot problems
- pkgs.ms-sys # for writing Microsoft boot sectors / MBRs
- pkgs.parted
- pkgs.ddrescue
- pkgs.ccrypt
- pkgs.cryptsetup # needed for dm-crypt volumes
-
- # Some networking tools.
- pkgs.sshfs-fuse
- pkgs.socat
- pkgs.screen
- pkgs.wpa_supplicant # !!! should use the wpa module
-
- # Hardware-related tools.
- pkgs.sdparm
- pkgs.hdparm
- pkgs.dmraid
-
- # Tools to create / manipulate filesystems.
- pkgs.ntfsprogs # for resizing NTFS partitions
- pkgs.btrfs-progs
- pkgs.jfsutils
-
- # Some compression/archiver tools.
- pkgs.unzip
- pkgs.zip
- pkgs.xz
- pkgs.dar # disk archiver
-
- # Some editors.
- pkgs.nvi
- pkgs.bvi # binary editor
- pkgs.joe
- ];
-
- # The initrd has to contain any module that might be necessary for
- # mounting the CD/DVD.
- boot.initrd.availableKernelModules =
- [ "vfat" "reiserfs" ];
-
- boot.kernelPackages = pkgs.linuxKernel.packages.linux_3_10;
- boot.kernelParams = [ "console=tty1" ];
-
- boot.postBootCommands =
- ''
- mkdir -p /mnt
-
- cp ${dummyConfiguration} /etc/nixos/configuration.nix
- '';
-
- # Some more help text.
- services.getty.helpLine =
- ''
-
- Log in as "root" with an empty password. ${
- if config.services.xserver.enable then
- "Type `start xserver' to start\nthe graphical user interface."
- else ""
- }
- '';
-
- # Include the firmware for various wireless cards.
- networking.enableRalinkFirmware = true;
- networking.enableIntel2200BGFirmware = true;
-
- # To speed up further installation of packages, include the complete stdenv
- # in the Nix store of the tarball.
- tarball.storeContents = pkgs2storeContents [ pkgs.stdenv ]
- ++ [
- {
- object = config.system.build.bootStage2;
- symlink = "/boot/init";
- }
- {
- object = config.system.build.toplevel;
- symlink = "/boot/system";
- }
- ];
-
- tarball.contents = [
- { source = kernelParams;
- target = "/kernelparams.txt";
- }
- { source = config.boot.kernelPackages.kernel + "/" + config.system.boot.loader.kernelFile;
- target = "/boot/" + config.system.boot.loader.kernelFile;
- }
- { source = nixpkgsUserConfig;
- target = "/root/.nixpkgs/config.nix";
- }
- ];
-
- # Allow sshd to be started manually through "start sshd". It should
- # not be started by default on the installation CD because the
- # default root password is empty.
- services.openssh.enable = true;
- systemd.services.openssh.wantedBy = lib.mkOverride 50 [];
-
- boot.loader.grub.enable = false;
- boot.loader.generationsDir.enable = false;
- system.boot.loader.kernelFile = "vmlinux";
-
- nixpkgs.config = {
- platform = pkgs.platforms.fuloong2f_n32;
- };
-}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-pc-readme.txt b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-pc-readme.txt
deleted file mode 100644
index 887bf60d0fb..00000000000
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-pc-readme.txt
+++ /dev/null
@@ -1,89 +0,0 @@
-Let all the files in the system tarball sit in a directory served by NFS (the
-NFS root) like this in exportfs:
- /home/pcroot 192.168.1.0/24(rw,no_root_squash,no_all_squash)
-
-Run "exportfs -a" after editing /etc/exportfs, for the nfs server to be aware
-of the changes.
-
-Use a tftp server serving the root of boot/ (from the system tarball).
-
-In order to have PXE boot, use the boot/dhcpd.conf-example file for your dhcpd
-server, as it will point your PXE clients to pxelinux.0 from the tftp server.
-Adapt the configuration to your network.
-
-Adapt the pxelinux configuration (boot/pxelinux.cfg/default) to set the path to
-your nfrroot. If you use ip=dhcp in the kernel, the nfs server ip will be taken
-from dhcp and so you don't have to specify it.
-
-The linux in bzImage includes network drivers for some usual cards.
-
-
-QEMU Testing
----------------
-
-You can test qemu pxe boot without having a DHCP server adapted, but having
-nfsroot, like this:
- qemu-system-x86_64 -tftp /home/pcroot/boot -net nic -net user,bootfile=pxelinux.0 -boot n
-
-I don't know how to use NFS through the qemu '-net user' though.
-
-
-QEMU Testing with NFS root and bridged network
--------------------------------------------------
-
-This allows testing with qemu as any other host in your LAN.
-
-Testing with the real dhcpd server requires setting up a bridge and having a
-tap device.
- tunctl -t tap0
- brctl addbr br0
- brctl addif br0 eth0
- brctl addif tap0 eth0
- ifconfig eth0 0.0.0.0 up
- ifconfig tap0 0.0.0.0 up
- ifconfig br0 up # With your ip configuration
-
-Then you can run qemu:
- qemu-system-x86_64 -boot n -net tap,ifname=tap0,script=no -net nic,model=e1000
-
-
-Using the system-tarball-pc in a chroot
---------------------------------------------------
-
-Installation:
- mkdir nixos-chroot && cd nixos-chroot
- tar xf your-system-tarball.tar.xz
- mkdir sys dev proc tmp root var run
- mount --bind /sys sys
- mount --bind /dev dev
- mount --bind /proc proc
-
-Activate the system: look for a directory in nix/store similar to:
- "/nix/store/y0d1lcj9fppli0hl3x0m0ba5g1ndjv2j-nixos-feb97bx-53f008"
-Having found it, activate that nixos system *twice*:
- chroot . /nix/store/SOMETHING-nixos-SOMETHING/activate
- chroot . /nix/store/SOMETHING-nixos-SOMETHING/activate
-
-This runs a 'hostname' command. Restore your old hostname with:
- hostname OLDHOSTNAME
-
-Copy your system resolv.conf to the /etc/resolv.conf inside the chroot:
- cp /etc/resolv.conf etc
-
-Then you can get an interactive shell in the nixos chroot. '*' means
-to run inside the chroot interactive shell
- chroot . /bin/sh
-* source /etc/profile
-
-Populate the nix database: that should be done in the init script if you
-had booted this nixos. Run:
-* `grep local-cmds run/current-system/init`
-
-Then you can proceed normally subscribing to a nixos channel:
- nix-channel --add https://nixos.org/channels/nixos-unstable
- nix-channel --update
-
-Testing:
- nix-env -i hello
- which hello
- hello
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-pc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-pc.nix
deleted file mode 100644
index 674fb6c8a33..00000000000
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-pc.nix
+++ /dev/null
@@ -1,163 +0,0 @@
-# This module contains the basic configuration for building a NixOS
-# tarball, that can directly boot, maybe using PXE or unpacking on a fs.
-
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
- pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l;
-
- # For PXE kernel loading
- pxeconfig = pkgs.writeText "pxeconfig-default" ''
- default menu.c32
- prompt 0
-
- label bootlocal
- menu default
- localboot 0
- timeout 80
- TOTALTIMEOUT 9000
-
- label nixos
- MENU LABEL ^NixOS using nfsroot
- KERNEL bzImage
- append ip=dhcp nfsroot=/home/pcroot init=${config.system.build.toplevel}/init rw
-
- # I don't know how to make this boot with nfsroot (using the initrd)
- label nixos_initrd
- MENU LABEL NixOS booting the poor ^initrd.
- KERNEL bzImage
- append initrd=initrd ip=dhcp nfsroot=/home/pcroot init=${config.system.build.toplevel}/init rw
-
- label memtest
- MENU LABEL ^${pkgs.memtest86.name}
- KERNEL memtest
- '';
-
- dhcpdExampleConfig = pkgs.writeText "dhcpd.conf-example" ''
- # Example configuration for booting PXE.
- allow booting;
- allow bootp;
-
- # Adapt this to your network configuration.
- option domain-name "local";
- option subnet-mask 255.255.255.0;
- option broadcast-address 192.168.1.255;
- option domain-name-servers 192.168.1.1;
- option routers 192.168.1.1;
-
- # PXE-specific configuration directives...
- # Some BIOS don't accept slashes for paths inside the tftp servers,
- # and will report Access Violation if they see slashes.
- filename "pxelinux.0";
- # For the TFTP and NFS root server. Set the IP of your server.
- next-server 192.168.1.34;
-
- subnet 192.168.1.0 netmask 255.255.255.0 {
- range 192.168.1.50 192.168.1.55;
- }
- '';
-
- readme = ./system-tarball-pc-readme.txt;
-
-in
-
-{
- imports =
- [ ./system-tarball.nix
-
- # Profiles of this basic installation.
- ../../profiles/all-hardware.nix
- ../../profiles/base.nix
- ../../profiles/installation-device.nix
- ];
-
- # To speed up further installation of packages, include the complete stdenv
- # in the Nix store of the tarball.
- tarball.storeContents = pkgs2storeContents [ pkgs.stdenv ];
-
- tarball.contents =
- [ { source = config.boot.kernelPackages.kernel + "/" + config.system.boot.loader.kernelFile;
- target = "/boot/" + config.system.boot.loader.kernelFile;
- }
- { source = "${pkgs.syslinux}/share/syslinux/pxelinux.0";
- target = "/boot/pxelinux.0";
- }
- { source = "${pkgs.syslinux}/share/syslinux/menu.c32";
- target = "/boot/menu.c32";
- }
- { source = pxeconfig;
- target = "/boot/pxelinux.cfg/default";
- }
- { source = readme;
- target = "/readme.txt";
- }
- { source = dhcpdExampleConfig;
- target = "/boot/dhcpd.conf-example";
- }
- { source = "${pkgs.memtest86}/memtest.bin";
- # We can't leave '.bin', because pxelinux interprets this specially,
- # and it would not load the image fine.
- # http://forum.canardpc.com/threads/46464-0104-when-launched-via-pxe
- target = "/boot/memtest";
- }
- ];
-
- # Allow sshd to be started manually through "start sshd". It should
- # not be started by default on the installation CD because the
- # default root password is empty.
- services.openssh.enable = true;
- systemd.services.openssh.wantedBy = lib.mkOverride 50 [];
-
- # To be able to use the systemTarball to catch troubles.
- boot.crashDump = {
- enable = true;
- kernelPackages = pkgs.linuxKernel.packages.linux_3_4;
- };
-
- # No grub for the tarball.
- boot.loader.grub.enable = false;
-
- /* fake entry, just to have a happy stage-1. Users
- may boot without having stage-1 though */
- fileSystems.fake =
- { mountPoint = "/";
- device = "/dev/something";
- };
-
- nixpkgs.config = {
- packageOverrides = p: {
- linux_3_4 = p.linux_3_4.override {
- extraConfig = ''
- # Enable drivers in kernel for most NICs.
- E1000 y
- # E1000E y
- # ATH5K y
- 8139TOO y
- NE2K_PCI y
- ATL1 y
- ATL1E y
- ATL1C y
- VORTEX y
- VIA_RHINE y
- R8169 y
-
- # Enable nfs root boot
- UNIX y # http://www.linux-mips.org/archives/linux-mips/2006-11/msg00113.html
- IP_PNP y
- IP_PNP_DHCP y
- FSCACHE y
- NFS_FS y
- NFS_FSCACHE y
- ROOT_NFS y
-
- # Enable devtmpfs
- DEVTMPFS y
- DEVTMPFS_MOUNT y
- '';
- };
- };
- };
-}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix
deleted file mode 100644
index 329bd329dc1..00000000000
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix
+++ /dev/null
@@ -1,172 +0,0 @@
-# This module contains the basic configuration for building a NixOS
-# tarball for the sheevaplug.
-
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
- # A dummy /etc/nixos/configuration.nix in the booted CD that
- # rebuilds the CD's configuration (and allows the configuration to
- # be modified, of course, providing a true live CD). Problem is
- # that we don't really know how the CD was built - the Nix
- # expression language doesn't allow us to query the expression being
- # evaluated. So we'll just hope for the best.
- dummyConfiguration = pkgs.writeText "configuration.nix"
- ''
- { config, pkgs, ... }:
-
- {
- # Add your own options below and run "nixos-rebuild switch".
- # E.g.,
- # services.openssh.enable = true;
- }
- '';
-
-
- pkgs2storeContents = l : map (x: { object = x; symlink = "none"; }) l;
-
- # A clue for the kernel loading
- kernelParams = pkgs.writeText "kernel-params.txt" ''
- Kernel Parameters:
- init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams}
- '';
-
-
-in
-
-{
- imports = [ ./system-tarball.nix ];
-
- # Disable some other stuff we don't need.
- security.sudo.enable = false;
-
- # Include only the en_US locale. This saves 75 MiB or so compared to
- # the full glibcLocales package.
- i18n.supportedLocales = ["en_US.UTF-8/UTF-8" "en_US/ISO-8859-1"];
-
- # Include some utilities that are useful for installing or repairing
- # the system.
- environment.systemPackages =
- [ pkgs.w3m # needed for the manual anyway
- pkgs.ddrescue
- pkgs.ccrypt
- pkgs.cryptsetup # needed for dm-crypt volumes
-
- # Some networking tools.
- pkgs.sshfs-fuse
- pkgs.socat
- pkgs.screen
- pkgs.wpa_supplicant # !!! should use the wpa module
-
- # Hardware-related tools.
- pkgs.sdparm
- pkgs.hdparm
- pkgs.dmraid
-
- # Tools to create / manipulate filesystems.
- pkgs.btrfs-progs
-
- # Some compression/archiver tools.
- pkgs.unzip
- pkgs.zip
- pkgs.xz
- pkgs.dar # disk archiver
-
- # Some editors.
- pkgs.nvi
- pkgs.bvi # binary editor
- pkgs.joe
- ];
-
- boot.loader.grub.enable = false;
- boot.loader.generationsDir.enable = false;
- system.boot.loader.kernelFile = "uImage";
-
- boot.initrd.availableKernelModules =
- [ "mvsdio" "reiserfs" "ext3" "ums-cypress" "rtc_mv" "ext4" ];
-
- boot.postBootCommands = lib.mkIf (!boot.initrd.systemd.enable)
- ''
- mkdir -p /mnt
-
- cp ${dummyConfiguration} /etc/nixos/configuration.nix
- '';
-
- boot.initrd.extraUtilsCommands = lib.mkIf (!boot.initrd.systemd.enable)
- ''
- copy_bin_and_libs ${pkgs.util-linux}/sbin/hwclock
- '';
-
- boot.initrd.postDeviceCommands = lib.mkIf (!boot.initrd.systemd.enable)
- ''
- hwclock -s
- '';
-
- boot.kernelParams =
- [
- "selinux=0"
- "console=tty1"
- # "console=ttyS0,115200n8" # serial console
- ];
-
- boot.kernelPackages = pkgs.linuxKernel.packages.linux_3_4;
-
- boot.supportedFilesystems = [ "reiserfs" ];
-
- /* fake entry, just to have a happy stage-1. Users
- may boot without having stage-1 though */
- fileSystems.fake =
- { mountPoint = "/";
- device = "/dev/something";
- };
-
- services.getty = {
- # Some more help text.
- helpLine = ''
- Log in as "root" with an empty password. ${
- if config.services.xserver.enable then
- "Type `start xserver' to start\nthe graphical user interface."
- else ""
- }
- '';
- };
-
- # Setting vesa, we don't get the nvidia driver, which can't work in arm.
- services.xserver.videoDrivers = [ "vesa" ];
-
- documentation.nixos.enable = false;
-
- # Include the firmware for various wireless cards.
- networking.enableRalinkFirmware = true;
- networking.enableIntel2200BGFirmware = true;
-
- # To speed up further installation of packages, include the complete stdenv
- # in the Nix store of the tarball.
- tarball.storeContents = pkgs2storeContents [ pkgs.stdenv ];
- tarball.contents = [
- { source = kernelParams;
- target = "/kernelparams.txt";
- }
- { source = config.boot.kernelPackages.kernel + "/" + config.system.boot.loader.kernelFile;
- target = "/boot/" + config.system.boot.loader.kernelFile;
- }
- { source = pkgs.ubootSheevaplug;
- target = "/boot/uboot";
- }
- ];
-
- # Allow sshd to be started manually through "start sshd". It should
- # not be started by default on the installation CD because the
- # default root password is empty.
- services.openssh.enable = true;
- systemd.services.openssh.wantedBy = lib.mkOverride 50 [];
-
- # cpufrequtils fails to build on non-pc
- powerManagement.enable = false;
-
- nixpkgs.config = {
- platform = pkgs.platforms.sheevaplug;
- };
-}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball.nix
deleted file mode 100644
index 362c555cc53..00000000000
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/cd-dvd/system-tarball.nix
+++ /dev/null
@@ -1,93 +0,0 @@
-# This module creates a bootable ISO image containing the given NixOS
-# configuration. The derivation for the ISO image will be placed in
-# config.system.build.tarball.
-
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
- versionFile = pkgs.writeText "nixos-label" config.system.nixos.label;
-
-in
-
-{
- options = {
- tarball.contents = mkOption {
- example = literalExpression ''
- [ { source = pkgs.memtest86 + "/memtest.bin";
- target = "boot/memtest.bin";
- }
- ]
- '';
- description = ''
- This option lists files to be copied to fixed locations in the
- generated ISO image.
- '';
- };
-
- tarball.storeContents = mkOption {
- example = literalExpression "[ pkgs.stdenv ]";
- description = ''
- This option lists additional derivations to be included in the
- Nix store in the generated ISO image.
- '';
- };
-
- };
-
- config = {
-
- # In stage 1 of the boot, mount the CD/DVD as the root FS by label
- # so that we don't need to know its device.
- fileSystems = { };
-
- # boot.initrd.availableKernelModules = [ "mvsdio" "reiserfs" "ext3" "ext4" ];
-
- # boot.initrd.kernelModules = [ "rtc_mv" ];
-
- # Closures to be copied to the Nix store on the CD, namely the init
- # script and the top-level system configuration directory.
- tarball.storeContents =
- [ { object = config.system.build.toplevel;
- symlink = "/run/current-system";
- }
- ];
-
- # Individual files to be included on the CD, outside of the Nix
- # store on the CD.
- tarball.contents =
- [ { source = config.system.build.initialRamdisk + "/" + config.system.boot.loader.initrdFile;
- target = "/boot/" + config.system.boot.loader.initrdFile;
- }
- { source = versionFile;
- target = "/nixos-version.txt";
- }
- ];
-
- # Create the tarball
- system.build.tarball = import ../../../lib/make-system-tarball.nix {
- inherit (pkgs) stdenv closureInfo pixz;
-
- inherit (config.tarball) contents storeContents;
- };
-
- boot.postBootCommands =
- ''
- # After booting, register the contents of the Nix store on the
- # CD in the Nix database in the tmpfs.
- if [ -f /nix-path-registration ]; then
- ${config.nix.package.out}/bin/nix-store --load-db < /nix-path-registration &&
- rm /nix-path-registration
- fi
-
- # nixos-rebuild also requires a "system" profile and an
- # /etc/NIXOS tag.
- touch /etc/NIXOS
- ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
- '';
-
- };
-
-}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/netboot/netboot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/netboot/netboot.nix
index 3127bdc436f..fed6a7c3728 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/netboot/netboot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/netboot/netboot.nix
@@ -81,7 +81,7 @@ with lib;
# Create the initrd
- system.build.netbootRamdisk = pkgs.makeInitrd {
+ system.build.netbootRamdisk = pkgs.makeInitrdNG {
inherit (config.boot.initrd) compressor;
prepend = [ "${config.system.build.initialRamdisk}/initrd" ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/nix-fallback-paths.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/nix-fallback-paths.nix
index bd09724ebfa..0035ceca6fc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/nix-fallback-paths.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/nix-fallback-paths.nix
@@ -1,7 +1,7 @@
{
- x86_64-linux = "/nix/store/6g4fla3vkcxihph282a0v3cd10709y7c-nix-2.9.1";
- i686-linux = "/nix/store/j143221z44469zx21f5m9a47x7y1jpr5-nix-2.9.1";
- aarch64-linux = "/nix/store/c4z3vy1sgm49la8bvmdrrpssgk4iw2nk-nix-2.9.1";
- x86_64-darwin = "/nix/store/cqdwb7khf6zg94bz7lnvfjqx6z775qaw-nix-2.9.1";
- aarch64-darwin = "/nix/store/1brkxcs287n1px2i4fq39l7h51hjv0f8-nix-2.9.1";
+ x86_64-linux = "/nix/store/3af6g226v4hsv6x7xzh23d6wqyq0nzjp-nix-2.10.3";
+ i686-linux = "/nix/store/43xxh2jip6rpdhylc5z9a5fxx54dw206-nix-2.10.3";
+ aarch64-linux = "/nix/store/6qw3r57nra08ars8j8zyj3fl8lz4cvnd-nix-2.10.3";
+ x86_64-darwin = "/nix/store/3b7qrm0qjw57fmznrsvm0ai568i89hc2-nix-2.10.3";
+ aarch64-darwin = "/nix/store/gp7k17iy1n7hgf97qwnxw28c6v9nhb1i-nix-2.10.3";
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/nixos-generate-config.pl b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/nixos-generate-config.pl
index 1935d825260..212b2b3cd23 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/nixos-generate-config.pl
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/nixos-generate-config.pl
@@ -85,7 +85,7 @@ sub debug {
# nixpkgs.system
-my ($status, @systemLines) = runCommand("nix-instantiate --impure --eval --expr builtins.currentSystem");
+my ($status, @systemLines) = runCommand("@nixInstantiate@ --impure --eval --expr builtins.currentSystem");
if ($status != 0 || join("", @systemLines) =~ /error/) {
die "Failed to retrieve current system type from nix.\n";
}
@@ -300,6 +300,12 @@ if ($virt eq "oracle") {
push @attrs, "virtualisation.virtualbox.guest.enable = true;"
}
+# Check if we're a Parallels guest. If so, enable the guest additions.
+# It is blocked by https://github.com/systemd/systemd/pull/23859
+if ($virt eq "parallels") {
+ push @attrs, "hardware.parallels.enable = true;";
+ push @attrs, "nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ \"prl-tools\" ];";
+}
# Likewise for QEMU.
if ($virt eq "qemu" || $virt eq "kvm" || $virt eq "bochs") {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/tools.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/tools.nix
index 04be272742c..4490ad84e14 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/tools.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/installer/tools/tools.nix
@@ -34,6 +34,7 @@ let
name = "nixos-generate-config";
src = ./nixos-generate-config.pl;
perl = "${pkgs.perl.withPackages (p: [ p.FileSlurp ])}/bin/perl";
+ nixInstantiate = "${pkgs.nix}/bin/nix-instantiate";
detectvirt = "${config.systemd.package}/bin/systemd-detect-virt";
btrfs = "${pkgs.btrfs-progs}/bin/btrfs";
inherit (config.system.nixos-generate-config) configuration desktopConfiguration;
@@ -74,15 +75,15 @@ in
configuration = mkOption {
internal = true;
type = types.str;
- description = ''
- The NixOS module that nixos-generate-config
- saves to /etc/nixos/configuration.nix.
+ description = lib.mdDoc ''
+ The NixOS module that `nixos-generate-config`
+ saves to `/etc/nixos/configuration.nix`.
This is an internal option. No backward compatibility is guaranteed.
Use at your own risk!
Note that this string gets spliced into a Perl script. The perl
- variable $bootLoaderConfig can be used to
+ variable `$bootLoaderConfig` can be used to
splice in the boot loader configuration.
'';
};
@@ -91,15 +92,15 @@ in
internal = true;
type = types.listOf types.lines;
default = [];
- description = ''
- Text to preseed the desktop configuration that nixos-generate-config
- saves to /etc/nixos/configuration.nix.
+ description = lib.mdDoc ''
+ Text to preseed the desktop configuration that `nixos-generate-config`
+ saves to `/etc/nixos/configuration.nix`.
This is an internal option. No backward compatibility is guaranteed.
Use at your own risk!
Note that this string gets spliced into a Perl script. The perl
- variable $bootLoaderConfig can be used to
+ variable `$bootLoaderConfig` can be used to
splice in the boot loader configuration.
'';
};
@@ -109,7 +110,7 @@ in
internal = true;
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Disable nixos-rebuild, nixos-generate-config, nixos-installer
and other NixOS tools. This is useful to shrink embedded,
read-only systems which are not expected to be rebuild or
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/crashdump.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/crashdump.nix
index b0f75d9caaa..4ae18984ee5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/crashdump.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/crashdump.nix
@@ -16,7 +16,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, NixOS will set up a kernel that will
boot on crash, and leave the user in systemd rescue
to be able to save the crashed kernel dump at
@@ -27,7 +27,7 @@ in
reservedMemory = mkOption {
default = "128M";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The amount of memory reserved for the crashdump kernel.
If you choose a too high value, dmesg will mention
"crashkernel reservation failed".
@@ -36,7 +36,7 @@ in
kernelParams = mkOption {
type = types.listOf types.str;
default = [ "1" "boot.shell_on_fail" ];
- description = ''
+ description = lib.mdDoc ''
Parameters that will be passed to the kernel kexec-ed on crash.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/ids.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/ids.nix
index 60794cef362..e3d7866cabb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/ids.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/ids.nix
@@ -667,6 +667,27 @@ in
# uid. Users and groups with the same name should have equal
# uids and gids. Also, don't use gids above 399!
+ # For exceptional cases where you really need a gid above 399, leave a
+ # comment stating why.
+ #
+ # Also, avoid the following GID ranges:
+ #
+ # 1000 - 29999: user accounts (see ../config/update-users-groups.pl)
+ # 30000 - 31000: nixbld users (the upper limit is arbitrarily chosen)
+ # 61184 - 65519: systemd DynamicUser (see systemd.exec(5))
+ # 65535: the error return sentinel value when uid_t was 16 bits
+ #
+ # 100000 - 6653600: subgid allocated for user namespaces
+ # (see ../config/update-users-groups.pl)
+ # 4294967294: unauthenticated user in some NFS implementations
+ # 4294967295: error return sentinel value
+ #
+ # References:
+ # https://www.debian.org/doc/debian-policy/ch-opersys.html#uid-and-gid-classes
+
+ onepassword = 31001; # 1Password requires that its GID be larger than 1000
+ onepassword-cli = 31002; # 1Password requires that its GID be larger than 1000
+
users = 100;
nixbld = 30000;
nogroup = 65534;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/label.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/label.nix
index 02b91555b3c..b97cbaa2630 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/label.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/label.nix
@@ -11,7 +11,7 @@ in
options.system = {
nixos.label = mkOption {
- type = types.str;
+ type = types.strMatching "[a-zA-Z0-9:_\\.-]*";
description = ''
NixOS version name to be used in the names of generated
outputs and boot labels.
@@ -19,6 +19,9 @@ in
If you ever wanted to influence the labels in your GRUB menu,
this is the option for you.
+ It can only contain letters, numbers and the following symbols:
+ :, _, . and -.
+
The default is separated by
"-" + "-" + NIXOS_LABEL_VERSION environment
variable (defaults to the value of
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/lib.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/lib.nix
index 121f396701e..f97e9209e2f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/lib.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/lib.nix
@@ -7,7 +7,7 @@
type = lib.types.attrsOf lib.types.attrs;
- description = ''
+ description = lib.mdDoc ''
This option allows modules to define helper functions, constants, etc.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/locate.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/locate.nix
index 50495eebe4c..bba35b752c9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/locate.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/locate.nix
@@ -19,9 +19,9 @@ in
enable = mkOption {
type = bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, NixOS will periodically update the database of
- files used by the locate command.
+ files used by the {command}`locate` command.
'';
};
@@ -30,7 +30,7 @@ in
default = pkgs.findutils.locate;
defaultText = literalExpression "pkgs.findutils";
example = literalExpression "pkgs.mlocate";
- description = ''
+ description = lib.mdDoc ''
The locate implementation to use
'';
};
@@ -55,15 +55,15 @@ in
extraFlags = mkOption {
type = listOf str;
default = [ ];
- description = ''
- Extra flags to pass to updatedb.
+ description = lib.mdDoc ''
+ Extra flags to pass to {command}`updatedb`.
'';
};
output = mkOption {
type = path;
default = "/var/cache/locatedb";
- description = ''
+ description = lib.mdDoc ''
The database file to build.
'';
};
@@ -71,9 +71,9 @@ in
localuser = mkOption {
type = nullOr str;
default = "nobody";
- description = ''
+ description = lib.mdDoc ''
The user to search non-network directories as, using
- su.
+ {command}`su`.
'';
};
@@ -159,7 +159,7 @@ in
"vboxsf"
"vperfctrfs"
];
- description = ''
+ description = lib.mdDoc ''
Which filesystem types to exclude from indexing
'';
};
@@ -176,7 +176,7 @@ in
"/nix/store"
"/nix/var/log/nix"
];
- description = ''
+ description = lib.mdDoc ''
Which paths to exclude from indexing
'';
};
@@ -188,7 +188,7 @@ in
[ ".bzr" ".cache" ".git" ".hg" ".svn" ], if
supported by the locate implementation (i.e. mlocate or plocate).
'';
- description = ''
+ description = lib.mdDoc ''
Directory components which should exclude paths containing them from indexing
'';
};
@@ -196,7 +196,7 @@ in
pruneBindMounts = mkOption {
type = bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether not to index bind mounts
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/man-db.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/man-db.nix
index 7aeb02d883a..d267ad12564 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/man-db.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/man-db.nix
@@ -36,8 +36,8 @@ in
type = lib.types.package;
default = pkgs.man-db;
defaultText = lib.literalExpression "pkgs.man-db";
- description = ''
- The man-db derivation to use. Useful to override
+ description = lib.mdDoc ''
+ The `man-db` derivation to use. Useful to override
configuration options used for the package.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/mandoc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/mandoc.nix
index 838f2087656..d67c42bff6a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/mandoc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/mandoc.nix
@@ -16,9 +16,9 @@ in {
type = with lib.types; listOf str;
default = [ "share/man" ];
example = lib.literalExpression "[ \"share/man\" \"share/man/fr\" ]";
- description = ''
+ description = lib.mdDoc ''
Change the manpath, i. e. the directories where
- man1
+ {manpage}`man(1)`
looks for section-specific directories of man pages.
You only need to change this setting if you want extra man pages
(e. g. in non-english languages). All values must be strings that
@@ -31,8 +31,8 @@ in {
type = lib.types.package;
default = pkgs.mandoc;
defaultText = lib.literalExpression "pkgs.mandoc";
- description = ''
- The mandoc derivation to use. Useful to override
+ description = lib.mdDoc ''
+ The `mandoc` derivation to use. Useful to override
configuration options used for the package.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/nixpkgs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/nixpkgs.nix
index ad017aff816..e991ff42028 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/nixpkgs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/nixpkgs.nix
@@ -244,6 +244,14 @@ in
defaultText = literalExpression
''(import "''${nixos}/../lib").lib.systems.examples.aarch64-multiplatform'';
description = ''
+ Systems with a recently generated hardware-configuration.nix
+ do not need to specify this option, unless cross-compiling, in which case
+ you should set only .
+
+ If this is somehow not feasible, you may fall back to removing the
+ line from the generated config and
+ use the old options.
+
Specifies the platform on which NixOS should be built. When
nixpkgs.crossSystem is unset, it also specifies
the platform for which NixOS should be
@@ -265,6 +273,10 @@ in
default = null;
example = { system = "aarch64-linux"; config = "aarch64-unknown-linux-gnu"; };
description = ''
+ Systems with a recently generated hardware-configuration.nix
+ may instead specify only ,
+ or fall back to removing the line from the generated config.
+
Specifies the platform for which NixOS should be
built. Specify this only if it is different from
nixpkgs.localSystem, the platform
@@ -280,7 +292,29 @@ in
system = mkOption {
type = types.str;
example = "i686-linux";
+ default =
+ if opt.hostPlatform.isDefined
+ then
+ throw ''
+ Neither ${opt.system} nor any other option in nixpkgs.* is meant
+ to be read by modules and configurations.
+ Use pkgs.stdenv.hostPlatform instead.
+ ''
+ else
+ throw ''
+ Neither ${opt.hostPlatform} nor or the legacy option ${opt.system} has been set.
+ You can set ${opt.hostPlatform} in hardware-configuration.nix by re-running
+ a recent version of nixos-generate-config.
+ The option ${opt.system} is still fully supported for NixOS 22.05 interoperability,
+ but will be deprecated in the future, so we recommend to set ${opt.hostPlatform}.
+ '';
+ defaultText = lib.literalMD ''
+ Traditionally `builtins.currentSystem`, but unset when invoking NixOS through `lib.nixosSystem`.
+ '';
description = ''
+ This option does not need to be specified for NixOS configurations
+ with a recently generated hardware-configuration.nix.
+
Specifies the Nix platform type on which NixOS should be built.
It is better to specify nixpkgs.localSystem instead.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/version.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/version.nix
index da458a57484..bdc3e5623be 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/version.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/misc/version.nix
@@ -49,42 +49,42 @@ in
nixos.version = mkOption {
internal = true;
type = types.str;
- description = "The full NixOS version (e.g. 16.03.1160.f2d4ee1).";
+ description = lib.mdDoc "The full NixOS version (e.g. `16.03.1160.f2d4ee1`).";
};
nixos.release = mkOption {
readOnly = true;
type = types.str;
default = trivial.release;
- description = "The NixOS release (e.g. 16.03).";
+ description = lib.mdDoc "The NixOS release (e.g. `16.03`).";
};
nixos.versionSuffix = mkOption {
internal = true;
type = types.str;
default = trivial.versionSuffix;
- description = "The NixOS version suffix (e.g. 1160.f2d4ee1).";
+ description = lib.mdDoc "The NixOS version suffix (e.g. `1160.f2d4ee1`).";
};
nixos.revision = mkOption {
internal = true;
type = types.nullOr types.str;
default = trivial.revisionWithDefault null;
- description = "The Git revision from which this NixOS configuration was built.";
+ description = lib.mdDoc "The Git revision from which this NixOS configuration was built.";
};
nixos.codeName = mkOption {
readOnly = true;
type = types.str;
default = trivial.codeName;
- description = "The NixOS release code name (e.g. Emu).";
+ description = lib.mdDoc "The NixOS release code name (e.g. `Emu`).";
};
stateVersion = mkOption {
type = types.str;
default = cfg.release;
defaultText = literalExpression "config.${opt.release}";
- description = ''
+ description = lib.mdDoc ''
Every once in a while, a new NixOS release may change
configuration defaults in a way incompatible with stateful
data. For instance, if the default version of PostgreSQL
@@ -108,13 +108,13 @@ in
internal = true;
type = types.str;
default = "https://nixos.org/channels/nixos-unstable";
- description = "Default NixOS channel to which the root user is subscribed.";
+ description = lib.mdDoc "Default NixOS channel to which the root user is subscribed.";
};
configurationRevision = mkOption {
type = types.nullOr types.str;
default = null;
- description = "The Git revision of the top-level flake from which this configuration was built.";
+ description = lib.mdDoc "The Git revision of the top-level flake from which this configuration was built.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/module-list.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/module-list.nix
index 759c31ef28b..616f357663c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/module-list.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/module-list.nix
@@ -10,6 +10,7 @@
./config/xdg/mime.nix
./config/xdg/portal.nix
./config/xdg/portals/wlr.nix
+ ./config/xdg/portals/lxqt.nix
./config/appstream.nix
./config/console.nix
./config/xdg/sounds.nix
@@ -214,6 +215,7 @@
./programs/systemtap.nix
./programs/starship.nix
./programs/steam.nix
+ ./programs/streamdeck-ui.nix
./programs/sway.nix
./programs/system-config-printer.nix
./programs/thefuck.nix
@@ -230,6 +232,7 @@
./programs/weylus.nix
./programs/wireshark.nix
./programs/wshowkeys.nix
+ ./programs/xfconf.nix
./programs/xfs_quota.nix
./programs/xonsh.nix
./programs/xss-lock.nix
@@ -444,6 +447,7 @@
./services/hardware/interception-tools.nix
./services/hardware/irqbalance.nix
./services/hardware/joycond.nix
+ ./services/hardware/kanata.nix
./services/hardware/lcd.nix
./services/hardware/lirc.nix
./services/hardware/nvidia-optimus.nix
@@ -471,7 +475,6 @@
./services/hardware/thermald.nix
./services/hardware/undervolt.nix
./services/hardware/vdr.nix
- ./services/hardware/xow.nix
./services/home-automation/home-assistant.nix
./services/home-automation/zigbee2mqtt.nix
./services/logging/SystemdJournal2Gelf.nix
@@ -614,6 +617,7 @@
./services/misc/plex.nix
./services/misc/plikd.nix
./services/misc/podgrab.nix
+ ./services/misc/polaris.nix
./services/misc/prowlarr.nix
./services/misc/tautulli.nix
./services/misc/pinnwand.nix
@@ -826,6 +830,7 @@
./services/networking/libreswan.nix
./services/networking/lldpd.nix
./services/networking/logmein-hamachi.nix
+ ./services/networking/lokinet.nix
./services/networking/lxd-image-server.nix
./services/networking/magic-wormhole-mailbox-server.nix
./services/networking/matterbridge.nix
@@ -998,6 +1003,7 @@
./services/security/oauth2_proxy.nix
./services/security/oauth2_proxy_nginx.nix
./services/security/opensnitch.nix
+ ./services/security/pass-secret-service.nix
./services/security/privacyidea.nix
./services/security/physlock.nix
./services/security/shibboleth-sp.nix
@@ -1030,6 +1036,7 @@
./services/torrent/peerflix.nix
./services/torrent/rtorrent.nix
./services/torrent/transmission.nix
+ ./services/tracing/tempo.nix
./services/ttys/getty.nix
./services/ttys/gpm.nix
./services/ttys/kmscon.nix
@@ -1045,7 +1052,6 @@
./services/web-apps/code-server.nix
./services/web-apps/baget.nix
./services/web-apps/convos.nix
- ./services/web-apps/cryptpad.nix
./services/web-apps/dex.nix
./services/web-apps/discourse.nix
./services/web-apps/documize.nix
@@ -1057,6 +1063,7 @@
./services/web-apps/gerrit.nix
./services/web-apps/gotify-server.nix
./services/web-apps/grocy.nix
+ ./services/web-apps/healthchecks.nix
./services/web-apps/hedgedoc.nix
./services/web-apps/hledger-web.nix
./services/web-apps/icingaweb2/icingaweb2.nix
@@ -1080,6 +1087,8 @@
./services/web-apps/nexus.nix
./services/web-apps/nifi.nix
./services/web-apps/node-red.nix
+ ./services/web-apps/phylactery.nix
+ ./services/web-apps/onlyoffice.nix
./services/web-apps/pict-rs.nix
./services/web-apps/peertube.nix
./services/web-apps/plantuml-server.nix
@@ -1271,7 +1280,6 @@
./virtualisation/parallels-guest.nix
./virtualisation/podman/default.nix
./virtualisation/qemu-guest-agent.nix
- ./virtualisation/railcar.nix
./virtualisation/spice-usb-redirection.nix
./virtualisation/virtualbox-guest.nix
./virtualisation/virtualbox-host.nix
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/profiles/all-hardware.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/profiles/all-hardware.nix
index 8347453d403..af1e3d32a0a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/profiles/all-hardware.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/profiles/all-hardware.nix
@@ -57,7 +57,7 @@ in
# Hyper-V support.
"hv_storvsc"
- ] ++ lib.optionals (pkgs.stdenv.isAarch32 || pkgs.stdenv.isAarch64) [
+ ] ++ lib.optionals pkgs.stdenv.hostPlatform.isAarch [
# Most of the following falls into two categories:
# - early KMS / early display
# - early storage (e.g. USB) support
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/_1password-gui.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/_1password-gui.nix
index 42f6a0b5225..20bd846d516 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/_1password-gui.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/_1password-gui.nix
@@ -8,24 +8,21 @@ let
in
{
+ imports = [
+ (mkRemovedOptionModule [ "programs" "_1password-gui" "gid" ] ''
+ A preallocated GID will be used instead.
+ '')
+ ];
+
options = {
programs._1password-gui = {
enable = mkEnableOption "the 1Password GUI application";
- gid = mkOption {
- type = types.addCheck types.int (x: x >= 1000);
- example = literalExpression "5000";
- description = ''
- The gid to assign to the onepassword group, which is needed for browser integration.
- It must be 1000 or greater.
- '';
- };
-
polkitPolicyOwners = mkOption {
type = types.listOf types.str;
default = [ ];
example = literalExpression ''["user1" "user2" "user3"]'';
- description = ''
+ description = lib.mdDoc ''
A list of users who should be able to integrate 1Password with polkit-based authentication mechanisms.
'';
};
@@ -44,7 +41,7 @@ in
in
mkIf cfg.enable {
environment.systemPackages = [ package ];
- users.groups.onepassword.gid = cfg.gid;
+ users.groups.onepassword.gid = config.ids.gids.onepassword;
security.wrappers = {
"1Password-BrowserSupport" = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/_1password.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/_1password.nix
index 547c12867a9..b87e9b776e8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/_1password.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/_1password.nix
@@ -8,19 +8,16 @@ let
in
{
+ imports = [
+ (mkRemovedOptionModule [ "programs" "_1password" "gid" ] ''
+ A preallocated GID will be used instead.
+ '')
+ ];
+
options = {
programs._1password = {
enable = mkEnableOption "the 1Password CLI tool";
- gid = mkOption {
- type = types.addCheck types.int (x: x >= 1000);
- example = literalExpression "5001";
- description = ''
- The gid to assign to the onepassword-cli group, which is needed for integration with the 1Password GUI.
- It must be 1000 or greater.
- '';
- };
-
package = mkPackageOption pkgs "1Password CLI" {
default = [ "_1password" ];
};
@@ -29,7 +26,7 @@ in
config = mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
- users.groups.onepassword-cli.gid = cfg.gid;
+ users.groups.onepassword-cli.gid = config.ids.gids.onepassword-cli;
security.wrappers = {
"op" = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/atop.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/atop.nix
index a31078a891a..a0763d2dcf6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/atop.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/atop.nix
@@ -20,7 +20,7 @@ in
type = types.package;
default = pkgs.atop;
defaultText = literalExpression "pkgs.atop";
- description = ''
+ description = lib.mdDoc ''
Which package to use for Atop.
'';
};
@@ -29,7 +29,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to install and enable the netatop kernel module.
Note: this sets the kernel taint flag "O" for loading out-of-tree modules.
'';
@@ -38,7 +38,7 @@ in
type = types.package;
default = config.boot.kernelPackages.netatop;
defaultText = literalExpression "config.boot.kernelPackages.netatop";
- description = ''
+ description = lib.mdDoc ''
Which package to use for netatop.
'';
};
@@ -47,7 +47,7 @@ in
atopgpu.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to install and enable the atopgpud daemon to get information about
NVIDIA gpus.
'';
@@ -56,7 +56,7 @@ in
setuidWrapper.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to install a setuid wrapper for Atop. This is required to use some of
the features as non-root user (e.g.: ipc information, netatop, atopgpu).
Atop tries to drop the root privileges shortly after starting.
@@ -66,7 +66,7 @@ in
atopService.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the atop service responsible for storing statistics for
long-term analysis.
'';
@@ -74,7 +74,7 @@ in
atopRotateTimer.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the atop-rotate timer, which restarts the atop service
daily to make sure the data files are rotate.
'';
@@ -82,7 +82,7 @@ in
atopacctService.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the atopacct service which manages process accounting.
This allows Atop to gather data about processes that disappeared in between
two refresh intervals.
@@ -95,8 +95,8 @@ in
flags = "a1f";
interval = 5;
};
- description = ''
- Parameters to be written to /etc/atoprc.
+ description = lib.mdDoc ''
+ Parameters to be written to {file}`/etc/atoprc`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/autojump.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/autojump.nix
index ecfc2f65807..dde6870d989 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/autojump.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/autojump.nix
@@ -13,7 +13,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable autojump.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bandwhich.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bandwhich.nix
index 610d602ad2c..8d1612217ad 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bandwhich.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bandwhich.nix
@@ -11,7 +11,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to add bandwhich to the global environment and configure a
setcap wrapper for it.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bash/bash.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bash/bash.nix
index 7281126979e..249e99ddc47 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bash/bash.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bash/bash.nix
@@ -30,10 +30,10 @@ in
/*
enable = mkOption {
default = true;
- description = ''
+ description = lib.mdDoc ''
Whenever to configure Bash as an interactive shell.
Note that this tries to make Bash the default
- ,
+ {option}`users.defaultUserShell`,
which in turn means that you might need to explicitly
set this variable if you have another shell configured
with NixOS.
@@ -44,16 +44,16 @@ in
shellAliases = mkOption {
default = {};
- description = ''
- Set of aliases for bash shell, which overrides .
- See for an option format description.
+ description = lib.mdDoc ''
+ Set of aliases for bash shell, which overrides {option}`environment.shellAliases`.
+ See {option}`environment.shellAliases` for an option format description.
'';
type = with types; attrsOf (nullOr (either str path));
};
shellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during bash shell initialisation.
'';
type = types.lines;
@@ -61,7 +61,7 @@ in
loginShellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during login bash shell initialisation.
'';
type = types.lines;
@@ -69,7 +69,7 @@ in
interactiveShellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during interactive bash shell initialisation.
'';
type = types.lines;
@@ -92,7 +92,7 @@ in
fi
fi
'';
- description = ''
+ description = lib.mdDoc ''
Shell script code used to initialise the bash prompt.
'';
type = types.lines;
@@ -100,7 +100,7 @@ in
promptPluginInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code used to initialise bash prompt plugins.
'';
type = types.lines;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bash/undistract-me.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bash/undistract-me.nix
index 0e6465e048a..8d1b1740f64 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bash/undistract-me.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/bash/undistract-me.nix
@@ -14,7 +14,7 @@ in
timeout = mkOption {
default = 10;
- description = ''
+ description = lib.mdDoc ''
Number of seconds it would take for a command to be considered long-running.
'';
type = types.int;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/captive-browser.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/captive-browser.nix
index 1e5c6ff9b24..7ebce17bebf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/captive-browser.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/captive-browser.nix
@@ -40,12 +40,12 @@ in
type = types.package;
default = pkgs.captive-browser;
defaultText = literalExpression "pkgs.captive-browser";
- description = "Which package to use for captive-browser";
+ description = lib.mdDoc "Which package to use for captive-browser";
};
interface = mkOption {
type = types.str;
- description = "your public network interface (wlp3s0, wlan0, eth0, ...)";
+ description = lib.mdDoc "your public network interface (wlp3s0, wlan0, eth0, ...)";
};
# the options below are the same as in "captive-browser.toml"
@@ -53,7 +53,7 @@ in
type = types.str;
default = browserDefault pkgs.chromium;
defaultText = literalExpression (browserDefault "\${pkgs.chromium}");
- description = ''
+ description = lib.mdDoc ''
The shell (/bin/sh) command executed once the proxy starts.
When browser exits, the proxy exits. An extra env var PROXY is available.
@@ -69,7 +69,7 @@ in
dhcp-dns = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The shell (/bin/sh) command executed to obtain the DHCP
DNS server address. The first match of an IPv4 regex is used.
IPv4 only, because let's be real, it's a captive portal.
@@ -79,7 +79,7 @@ in
socks5-addr = mkOption {
type = types.str;
default = "localhost:1666";
- description = "the listen address for the SOCKS5 proxy server";
+ description = lib.mdDoc "the listen address for the SOCKS5 proxy server";
};
bindInterface = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/ccache.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/ccache.nix
index 0f7fd0a3683..a554109533b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/ccache.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/ccache.nix
@@ -9,13 +9,13 @@ in {
enable = mkEnableOption "CCache";
cacheDir = mkOption {
type = types.path;
- description = "CCache directory";
+ description = lib.mdDoc "CCache directory";
default = "/var/cache/ccache";
};
# target configuration
packageNames = mkOption {
type = types.listOf types.str;
- description = "Nix top-level packages to be compiled using CCache";
+ description = lib.mdDoc "Nix top-level packages to be compiled using CCache";
default = [];
example = [ "wxGTK30" "ffmpeg" "libav_all" ];
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/cdemu.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/cdemu.nix
index 142e2934240..d43f009f2f9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/cdemu.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/cdemu.nix
@@ -10,29 +10,29 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- cdemu for members of
- .
+ description = lib.mdDoc ''
+ {command}`cdemu` for members of
+ {option}`programs.cdemu.group`.
'';
};
group = mkOption {
type = types.str;
default = "cdrom";
- description = ''
- Group that users must be in to use cdemu.
+ description = lib.mdDoc ''
+ Group that users must be in to use {command}`cdemu`.
'';
};
gui = mkOption {
type = types.bool;
default = true;
- description = ''
- Whether to install the cdemu GUI (gCDEmu).
+ description = lib.mdDoc ''
+ Whether to install the {command}`cdemu` GUI (gCDEmu).
'';
};
image-analyzer = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to install the image analyzer.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/chromium.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/chromium.nix
index 4b8bec33eb8..98eb071e614 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/chromium.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/chromium.nix
@@ -23,14 +23,14 @@ in
extensions = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of chromium extensions to install.
For list of plugins ids see id in url of extensions on
- chrome web store
+ [chrome web store](https://chrome.google.com/webstore/category/extensions)
page. To install a chromium extension not included in the chrome web
store, append to the extension id a semicolon ";" followed by a URL
pointing to an Update Manifest XML file. See
- ExtensionInstallForcelist
+ [ExtensionInstallForcelist](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=ExtensionInstallForcelist)
for additional details.
'';
default = [];
@@ -46,21 +46,21 @@ in
homepageLocation = mkOption {
type = types.nullOr types.str;
- description = "Chromium default homepage";
+ description = lib.mdDoc "Chromium default homepage";
default = null;
example = "https://nixos.org";
};
defaultSearchProviderEnabled = mkOption {
type = types.nullOr types.bool;
- description = "Enable the default search provider.";
+ description = lib.mdDoc "Enable the default search provider.";
default = null;
example = true;
};
defaultSearchProviderSearchURL = mkOption {
type = types.nullOr types.str;
- description = "Chromium default search provider url.";
+ description = lib.mdDoc "Chromium default search provider url.";
default = null;
example =
"https://encrypted.google.com/search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}";
@@ -68,7 +68,7 @@ in
defaultSearchProviderSuggestURL = mkOption {
type = types.nullOr types.str;
- description = "Chromium default search provider url for suggestions.";
+ description = lib.mdDoc "Chromium default search provider url for suggestions.";
default = null;
example =
"https://encrypted.google.com/complete/search?output=chrome&q={searchTerms}";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/command-not-found/command-not-found.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/command-not-found/command-not-found.nix
index 4d2a89b5158..b5c7626bd20 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/command-not-found/command-not-found.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/command-not-found/command-not-found.nix
@@ -26,7 +26,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether interactive shells should show which Nix package (if
any) provides a missing command.
'';
@@ -34,7 +34,7 @@ in
dbPath = mkOption {
default = "/nix/var/nix/profiles/per-user/root/channels/nixos/programs.sqlite" ;
- description = ''
+ description = lib.mdDoc ''
Absolute path to programs.sqlite.
By default this file will be provided by your channel
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/criu.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/criu.nix
index 1714e1331a4..9f03b0c6431 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/criu.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/criu.nix
@@ -10,8 +10,8 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Install criu along with necessary kernel options.
+ description = lib.mdDoc ''
+ Install {command}`criu` along with necessary kernel options.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/dconf.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/dconf.nix
index 265c41cbbbc..b5ef42a3b72 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/dconf.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/dconf.nix
@@ -33,14 +33,14 @@ in
profiles = mkOption {
type = types.attrsOf types.path;
default = {};
- description = "Set of dconf profile files, installed at /etc/dconf/profiles/name.";
+ description = lib.mdDoc "Set of dconf profile files, installed at {file}`/etc/dconf/profiles/«name»`.";
internal = true;
};
packages = mkOption {
type = types.listOf types.package;
default = [];
- description = "A list of packages which provide dconf profiles and databases in /etc/dconf.";
+ description = lib.mdDoc "A list of packages which provide dconf profiles and databases in {file}`/etc/dconf`.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/digitalbitbox/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/digitalbitbox/default.nix
index cabdf260cda..101ee8ddbaf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/digitalbitbox/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/digitalbitbox/default.nix
@@ -11,7 +11,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Installs the Digital Bitbox application and enables the complementary hardware module.
'';
};
@@ -20,7 +20,7 @@ in
type = types.package;
default = pkgs.digitalbitbox;
defaultText = literalExpression "pkgs.digitalbitbox";
- description = "The Digital Bitbox package to use. This can be used to install a package with udev rules that differ from the defaults.";
+ description = lib.mdDoc "The Digital Bitbox package to use. This can be used to install a package with udev rules that differ from the defaults.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/dmrconfig.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/dmrconfig.nix
index d2a5117c48e..20a0dc9556d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/dmrconfig.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/dmrconfig.nix
@@ -6,7 +6,7 @@ let
cfg = config.programs.dmrconfig;
in {
- meta.maintainers = [ maintainers.etu ];
+ meta.maintainers = with maintainers; [ ];
###### interface
options = {
@@ -14,7 +14,7 @@ in {
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to configure system to enable use of dmrconfig. This
enables the required udev rules and installs the program.
'';
@@ -25,7 +25,7 @@ in {
default = pkgs.dmrconfig;
type = types.package;
defaultText = literalExpression "pkgs.dmrconfig";
- description = "dmrconfig derivation to use";
+ description = lib.mdDoc "dmrconfig derivation to use";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/evince.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/evince.nix
index c033230afb1..bbc54241d52 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/evince.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/evince.nix
@@ -28,7 +28,7 @@ in {
type = types.package;
default = pkgs.evince;
defaultText = literalExpression "pkgs.evince";
- description = "Evince derivation to use.";
+ description = lib.mdDoc "Evince derivation to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/feedbackd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/feedbackd.nix
index 4194080c8a7..7e6cf829467 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/feedbackd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/feedbackd.nix
@@ -13,7 +13,7 @@ in {
Your user needs to be in the `feedbackd` group to trigger effects.
'';
package = mkOption {
- description = ''
+ description = lib.mdDoc ''
Which feedbackd package to use.
'';
type = types.package;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/file-roller.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/file-roller.nix
index 3c47d598165..ca2651becfe 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/file-roller.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/file-roller.nix
@@ -27,7 +27,7 @@ in {
type = types.package;
default = pkgs.gnome.file-roller;
defaultText = literalExpression "pkgs.gnome.file-roller";
- description = "File Roller derivation to use.";
+ description = lib.mdDoc "File Roller derivation to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/fish.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/fish.nix
index 8dd7101947f..357105c3e79 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/fish.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/fish.nix
@@ -49,7 +49,7 @@ in
enable = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to configure fish as an interactive shell.
'';
type = types.bool;
@@ -58,16 +58,16 @@ in
useBabelfish = mkOption {
type = types.bool;
default = false;
- description = ''
- If enabled, the configured environment will be translated to native fish using babelfish.
- Otherwise, foreign-env will be used.
+ description = lib.mdDoc ''
+ If enabled, the configured environment will be translated to native fish using [babelfish](https://github.com/bouk/babelfish).
+ Otherwise, [foreign-env](https://github.com/oh-my-fish/plugin-foreign-env) will be used.
'';
};
vendor.config.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether fish should source configuration snippets provided by other packages.
'';
};
@@ -75,7 +75,7 @@ in
vendor.completions.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether fish should use completion files provided by other packages.
'';
};
@@ -83,7 +83,7 @@ in
vendor.functions.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether fish should autoload fish functions provided by other packages.
'';
};
@@ -94,7 +94,7 @@ in
gco = "git checkout";
npu = "nix-prefetch-url";
};
- description = ''
+ description = lib.mdDoc ''
Set of fish abbreviations.
'';
type = with types; attrsOf str;
@@ -102,16 +102,16 @@ in
shellAliases = mkOption {
default = {};
- description = ''
- Set of aliases for fish shell, which overrides .
- See for an option format description.
+ description = lib.mdDoc ''
+ Set of aliases for fish shell, which overrides {option}`environment.shellAliases`.
+ See {option}`environment.shellAliases` for an option format description.
'';
type = with types; attrsOf (nullOr (either str path));
};
shellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during fish shell initialisation.
'';
type = types.lines;
@@ -119,7 +119,7 @@ in
loginShellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during fish login shell initialisation.
'';
type = types.lines;
@@ -127,7 +127,7 @@ in
interactiveShellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during interactive fish shell initialisation.
'';
type = types.lines;
@@ -135,7 +135,7 @@ in
promptInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code used to initialise fish prompt.
'';
type = types.lines;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/flashrom.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/flashrom.nix
index f026c2e31cd..5f0de5a4023 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/flashrom.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/flashrom.nix
@@ -10,7 +10,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Installs flashrom and configures udev rules for programmers
used by flashrom. Grants access to users in the "flashrom"
group.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/flexoptix-app.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/flexoptix-app.nix
index 5e169be2d89..e87d1076508 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/flexoptix-app.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/flexoptix-app.nix
@@ -10,7 +10,7 @@ in {
enable = mkEnableOption "FLEXOPTIX app + udev rules";
package = mkOption {
- description = "FLEXOPTIX app package to use";
+ description = lib.mdDoc "FLEXOPTIX app package to use";
type = types.package;
default = pkgs.flexoptix-app;
defaultText = literalExpression "pkgs.flexoptix-app";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/freetds.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/freetds.nix
index d95c44d756a..98274fa9b56 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/freetds.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/freetds.nix
@@ -26,7 +26,7 @@ in
}
'';
description =
- ''
+ lib.mdDoc ''
Configure freetds database entries. Each attribute denotes
a section within freetds.conf, and the value (a string) is the config
content for that section. When at least one entry is configured
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/fuse.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/fuse.nix
index c15896efbb5..b82d37a051e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/fuse.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/fuse.nix
@@ -13,7 +13,7 @@ in {
# negative numbers obviously make no sense:
type = types.ints.between 0 32767; # 2^15 - 1
default = 1000;
- description = ''
+ description = lib.mdDoc ''
Set the maximum number of FUSE mounts allowed to non-root users.
'';
};
@@ -21,7 +21,7 @@ in {
userAllowOther = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow non-root users to specify the allow_other or allow_root mount
options, see mount.fuse3(8).
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gamemode.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gamemode.nix
index a377a1619aa..84e20934edb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gamemode.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gamemode.nix
@@ -19,7 +19,7 @@ in
settings = mkOption {
type = settingsFormat.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
System-wide configuration for GameMode (/etc/gamemode.ini).
See gamemoded(8) man page for available settings.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/git.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/git.nix
index 06ce374b199..c4cf3cc561a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/git.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/git.nix
@@ -16,7 +16,7 @@ in
default = pkgs.git;
defaultText = literalExpression "pkgs.git";
example = literalExpression "pkgs.gitFull";
- description = "The git package to use";
+ description = lib.mdDoc "The git package to use";
};
config = mkOption {
@@ -26,7 +26,7 @@ in
init.defaultBranch = "main";
url."https://github.com/".insteadOf = [ "gh:" "github:" ];
};
- description = ''
+ description = lib.mdDoc ''
Configuration to write to /etc/gitconfig. See the CONFIGURATION FILE
section of git-config(1) for more information.
'';
@@ -39,7 +39,7 @@ in
type = types.package;
default = pkgs.git-lfs;
defaultText = literalExpression "pkgs.git-lfs";
- description = "The git-lfs package to use";
+ description = lib.mdDoc "The git-lfs package to use";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnome-disks.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnome-disks.nix
index 4b128b47126..dcb20bd6037 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnome-disks.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnome-disks.nix
@@ -26,7 +26,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable GNOME Disks daemon, a program designed to
be a UDisks2 graphical front-end.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnome-documents.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnome-documents.nix
index 43ad3163efd..2831ac9aff2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnome-documents.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnome-documents.nix
@@ -26,7 +26,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable GNOME Documents, a document
manager application for GNOME.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnupg.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnupg.nix
index 7d8ab7dda96..ad27766b72e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnupg.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gnupg.nix
@@ -28,7 +28,7 @@ in
type = types.package;
default = pkgs.gnupg;
defaultText = literalExpression "pkgs.gnupg";
- description = ''
+ description = lib.mdDoc ''
The gpg package that should be used.
'';
};
@@ -36,7 +36,7 @@ in
agent.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables GnuPG agent with socket-activation for every user session.
'';
};
@@ -44,7 +44,7 @@ in
agent.enableSSHSupport = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable SSH agent support in GnuPG agent. Also sets SSH_AUTH_SOCK
environment variable correctly. This will disable socket-activation
and thus always start a GnuPG agent per user session.
@@ -54,7 +54,7 @@ in
agent.enableExtraSocket = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable extra socket for GnuPG agent.
'';
};
@@ -62,7 +62,7 @@ in
agent.enableBrowserSocket = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable browser socket for GnuPG agent.
'';
};
@@ -72,7 +72,7 @@ in
example = "gnome3";
default = defaultPinentryFlavor;
defaultText = literalDocBook ''matching the configured desktop environment'';
- description = ''
+ description = lib.mdDoc ''
Which pinentry interface to use. If not null, the path to the
pinentry binary will be passed to gpg-agent via commandline and
thus overrides the pinentry option in gpg-agent.conf in the user's
@@ -86,7 +86,7 @@ in
dirmngr.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables GnuPG network certificate management daemon with socket-activation for every user session.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gpaste.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gpaste.nix
index cff2fb8d003..074b4d59a36 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gpaste.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/gpaste.nix
@@ -18,7 +18,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable GPaste, a clipboard manager.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/htop.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/htop.nix
index 5c197838e47..94f6e3c0efa 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/htop.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/htop.nix
@@ -21,7 +21,7 @@ in
type = types.package;
default = pkgs.htop;
defaultText = "pkgs.htop";
- description = ''
+ description = lib.mdDoc ''
The htop package that should be used.
'';
};
@@ -35,7 +35,7 @@ in
hide_kernel_threads = true;
hide_userland_threads = true;
};
- description = ''
+ description = lib.mdDoc ''
Extra global default configuration for htop
which is read on first startup only.
Htop subsequently uses ~/.config/htop/htoprc
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/java.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/java.nix
index 4e4e0629e5d..5994f53f76b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/java.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/java.nix
@@ -35,7 +35,7 @@ in
package = mkOption {
default = pkgs.jdk;
defaultText = literalExpression "pkgs.jdk";
- description = ''
+ description = lib.mdDoc ''
Java package to install. Typical values are pkgs.jdk or pkgs.jre.
'';
type = types.package;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/k40-whisperer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/k40-whisperer.nix
index 3163e45f57e..305c828f0a8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/k40-whisperer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/k40-whisperer.nix
@@ -14,7 +14,7 @@ in
group = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Group assigned to the device when connected.
'';
default = "k40";
@@ -25,7 +25,7 @@ in
default = pkgs.k40-whisperer;
defaultText = literalExpression "pkgs.k40-whisperer";
example = literalExpression "pkgs.k40-whisperer";
- description = ''
+ description = lib.mdDoc ''
K40 Whisperer package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/kdeconnect.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/kdeconnect.nix
index 10d6e18a3d1..aa4302404ad 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/kdeconnect.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/kdeconnect.nix
@@ -16,7 +16,7 @@ with lib;
defaultText = literalExpression "pkgs.plasma5Packages.kdeconnect-kde";
type = types.package;
example = literalExpression "pkgs.gnomeExtensions.gsconnect";
- description = ''
+ description = lib.mdDoc ''
The package providing the implementation for kdeconnect.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/less.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/less.nix
index 794146b19fa..9f2d5d91581 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/less.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/less.nix
@@ -41,12 +41,12 @@ in
type = types.nullOr types.path;
default = null;
example = literalExpression ''"''${pkgs.my-configs}/lesskey"'';
- description = ''
+ description = lib.mdDoc ''
Path to lesskey configuration file.
- takes precedence over ,
- , , and
- .
+ {option}`configFile` takes precedence over {option}`commands`,
+ {option}`clearDefaultCommands`, {option}`lineEditingKeys`, and
+ {option}`envVariables`.
'';
};
@@ -57,13 +57,13 @@ in
h = "noaction 5\\e(";
l = "noaction 5\\e)";
};
- description = "Defines new command keys.";
+ description = lib.mdDoc "Defines new command keys.";
};
clearDefaultCommands = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Clear all default commands.
You should remember to set the quit key.
Otherwise you will not be able to leave less without killing it.
@@ -76,7 +76,7 @@ in
example = {
e = "abort";
};
- description = "Defines new line-editing keys.";
+ description = lib.mdDoc "Defines new line-editing keys.";
};
envVariables = mkOption {
@@ -87,14 +87,14 @@ in
example = {
LESS = "--quit-if-one-screen";
};
- description = "Defines environment variables.";
+ description = lib.mdDoc "Defines environment variables.";
};
lessopen = mkOption {
type = types.nullOr types.str;
default = "|${pkgs.lesspipe}/bin/lesspipe.sh %s";
defaultText = literalExpression ''"|''${pkgs.lesspipe}/bin/lesspipe.sh %s"'';
- description = ''
+ description = lib.mdDoc ''
Before less opens a file, it first gives your input preprocessor a chance to modify the way the contents of the file are displayed.
'';
};
@@ -102,7 +102,7 @@ in
lessclose = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
When less closes a file opened in such a way, it will call another program, called the input postprocessor, which may perform any desired clean-up action (such as deleting the replacement file created by LESSOPEN).
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/light.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/light.nix
index 9f2a03e7e76..57cc925be46 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/light.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/light.nix
@@ -12,7 +12,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to install Light backlight control command
and udev rules granting access to members of the "video" group.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/mosh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/mosh.nix
index e08099e21a0..31aadb6aba6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/mosh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/mosh.nix
@@ -10,7 +10,7 @@ in
{
options.programs.mosh = {
enable = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to enable mosh. Note, this will open ports in your firewall!
'';
default = false;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/msmtp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/msmtp.nix
index 9c067bdc969..fbdab2cac55 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/msmtp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/msmtp.nix
@@ -15,7 +15,7 @@ in {
setSendmail = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to set the system sendmail to msmtp's.
'';
};
@@ -28,7 +28,7 @@ in {
port = 587;
tls = true;
};
- description = ''
+ description = lib.mdDoc ''
Default values applied to all accounts.
See msmtp(1) for the available options.
'';
@@ -62,7 +62,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra lines to add to the msmtp configuration verbatim.
See msmtp(1) for the syntax and available options.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/mtr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/mtr.nix
index 3cffe0fd8b2..173f2472941 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/mtr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/mtr.nix
@@ -11,7 +11,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to add mtr to the global environment and configure a
setcap wrapper for it.
'';
@@ -21,7 +21,7 @@ in {
type = types.package;
default = pkgs.mtr;
defaultText = literalExpression "pkgs.mtr";
- description = ''
+ description = lib.mdDoc ''
The package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nano.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nano.nix
index 5837dd46d7c..16bab620d6e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nano.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nano.nix
@@ -14,9 +14,9 @@ in
nanorc = lib.mkOption {
type = lib.types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
The system-wide nano configuration.
- See nanorc5.
+ See {manpage}`nanorc(5)`.
'';
example = ''
set nowrap
@@ -27,7 +27,7 @@ in
syntaxHighlight = lib.mkOption {
type = lib.types.bool;
default = true;
- description = "Whether to enable syntax highlight for various languages.";
+ description = lib.mdDoc "Whether to enable syntax highlight for various languages.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/neovim.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/neovim.nix
index 4649662542d..b1dbcd18130 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/neovim.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/neovim.nix
@@ -16,7 +16,7 @@ in {
defaultEditor = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
When enabled, installs neovim and configures neovim to be the default editor
using the EDITOR environment variable.
'';
@@ -25,35 +25,35 @@ in {
viAlias = mkOption {
type = types.bool;
default = false;
- description = ''
- Symlink vi to nvim binary.
+ description = lib.mdDoc ''
+ Symlink {command}`vi` to {command}`nvim` binary.
'';
};
vimAlias = mkOption {
type = types.bool;
default = false;
- description = ''
- Symlink vim to nvim binary.
+ description = lib.mdDoc ''
+ Symlink {command}`vim` to {command}`nvim` binary.
'';
};
withRuby = mkOption {
type = types.bool;
default = true;
- description = "Enable Ruby provider.";
+ description = lib.mdDoc "Enable Ruby provider.";
};
withPython3 = mkOption {
type = types.bool;
default = true;
- description = "Enable Python 3 provider.";
+ description = lib.mdDoc "Enable Python 3 provider.";
};
withNodeJs = mkOption {
type = types.bool;
default = false;
- description = "Enable Node provider.";
+ description = lib.mdDoc "Enable Node provider.";
};
configure = mkOption {
@@ -82,7 +82,7 @@ in {
type = types.package;
default = pkgs.neovim-unwrapped;
defaultText = literalExpression "pkgs.neovim-unwrapped";
- description = "The package to use for the neovim binary.";
+ description = lib.mdDoc "The package to use for the neovim binary.";
};
finalPackage = mkOption {
@@ -97,8 +97,8 @@ in {
example = literalExpression ''
{ "ftplugin/c.vim".text = "setlocal omnifunc=v:lua.vim.lsp.omnifunc"; }
'';
- description = ''
- Set of files that have to be linked in runtime.
+ description = lib.mdDoc ''
+ Set of files that have to be linked in {file}`runtime`.
'';
type = with types; attrsOf (submodule (
@@ -108,7 +108,7 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether this /etc file should be generated. This
option allows specific /etc files to be disabled.
'';
@@ -116,7 +116,7 @@ in {
target = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of symlink. Defaults to the attribute
name.
'';
@@ -125,12 +125,12 @@ in {
text = mkOption {
default = null;
type = types.nullOr types.lines;
- description = "Text of the file.";
+ description = lib.mdDoc "Text of the file.";
};
source = mkOption {
type = types.path;
- description = "Path of the source file.";
+ description = lib.mdDoc "Path of the source file.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nethoscope.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nethoscope.nix
index 495548e9c65..d8ece61c90a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nethoscope.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nethoscope.nix
@@ -12,7 +12,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to add nethoscope to the global environment and configure a
setcap wrapper for it.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nm-applet.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nm-applet.nix
index 5bcee30125b..ef24030c9db 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nm-applet.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nm-applet.nix
@@ -11,7 +11,7 @@
indicator = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to use indicator instead of status icon.
It is needed for Appindicator environments, like Enlightenment.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nncp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nncp.nix
index 29a703eadf1..f40e888dad8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nncp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/nncp.nix
@@ -16,7 +16,7 @@ in {
group = mkOption {
type = types.str;
default = "uucp";
- description = ''
+ description = lib.mdDoc ''
The group under which NNCP files shall be owned.
Any member of this group may access the secret keys
of this NNCP node.
@@ -27,7 +27,7 @@ in {
type = types.package;
default = pkgs.nncp;
defaultText = literalExpression "pkgs.nncp";
- description = "The NNCP package to use system-wide.";
+ description = lib.mdDoc "The NNCP package to use system-wide.";
};
secrets = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/noisetorch.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/noisetorch.nix
index f76555289f1..c69b2581296 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/noisetorch.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/noisetorch.nix
@@ -11,7 +11,7 @@ in {
type = types.package;
default = pkgs.noisetorch;
defaultText = literalExpression "pkgs.noisetorch";
- description = ''
+ description = lib.mdDoc ''
The noisetorch package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/npm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/npm.nix
index d79c6c73400..70943804834 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/npm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/npm.nix
@@ -15,7 +15,7 @@ in
package = mkOption {
type = types.package;
- description = "The npm package version / flavor to use";
+ description = lib.mdDoc "The npm package version / flavor to use";
default = pkgs.nodePackages.npm;
defaultText = literalExpression "pkgs.nodePackages.npm";
example = literalExpression "pkgs.nodePackages_13_x.npm";
@@ -23,9 +23,9 @@ in
npmrc = mkOption {
type = lib.types.lines;
- description = ''
+ description = lib.mdDoc ''
The system-wide npm configuration.
- See .
+ See .
'';
default = ''
prefix = ''${HOME}/.npm
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/plotinus.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/plotinus.nix
index 2c90a41ba02..a011bb862ae 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/plotinus.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/plotinus.nix
@@ -17,7 +17,7 @@ in
programs.plotinus = {
enable = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Plotinus GTK 3 plugin. Plotinus provides a
popup (triggered by Ctrl-Shift-P) to search the menus of a
compatible application.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/proxychains.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/proxychains.nix
index 3f44e23a93e..5d932b2d842 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/proxychains.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/proxychains.nix
@@ -26,17 +26,17 @@ let
type = mkOption {
type = types.enum [ "http" "socks4" "socks5" ];
- description = "Proxy type.";
+ description = lib.mdDoc "Proxy type.";
};
host = mkOption {
type = types.str;
- description = "Proxy host or IP address.";
+ description = lib.mdDoc "Proxy host or IP address.";
};
port = mkOption {
type = types.port;
- description = "Proxy port";
+ description = lib.mdDoc "Proxy port";
};
};
};
@@ -55,26 +55,26 @@ in {
type = mkOption {
type = types.enum [ "dynamic" "strict" "random" ];
default = "strict";
- description = ''
- dynamic - Each connection will be done via chained proxies
+ description = lib.mdDoc ''
+ `dynamic` - Each connection will be done via chained proxies
all proxies chained in the order as they appear in the list
at least one proxy must be online to play in chain
(dead proxies are skipped)
- otherwise EINTR is returned to the app.
+ otherwise `EINTR` is returned to the app.
- strict - Each connection will be done via chained proxies
+ `strict` - Each connection will be done via chained proxies
all proxies chained in the order as they appear in the list
all proxies must be online to play in chain
- otherwise EINTR is returned to the app.
+ otherwise `EINTR` is returned to the app.
- random - Each connection will be done via random proxy
- (or proxy chain, see ) from the list.
+ `random` - Each connection will be done via random proxy
+ (or proxy chain, see {option}`programs.proxychains.chain.length`) from the list.
'';
};
length = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Chain length for random chain.
'';
};
@@ -83,7 +83,7 @@ in {
proxyDNS = mkOption {
type = types.bool;
default = true;
- description = "Proxy DNS requests - no leak for DNS data.";
+ description = lib.mdDoc "Proxy DNS requests - no leak for DNS data.";
};
quietMode = mkEnableOption "Quiet mode (no output from the library).";
@@ -91,7 +91,7 @@ in {
remoteDNSSubnet = mkOption {
type = types.enum [ 10 127 224 ];
default = 224;
- description = ''
+ description = lib.mdDoc ''
Set the class A subnet number to use for the internal remote DNS mapping, uses the reserved 224.x.x.x range by default.
'';
};
@@ -99,24 +99,24 @@ in {
tcpReadTimeOut = mkOption {
type = types.int;
default = 15000;
- description = "Connection read time-out in milliseconds.";
+ description = lib.mdDoc "Connection read time-out in milliseconds.";
};
tcpConnectTimeOut = mkOption {
type = types.int;
default = 8000;
- description = "Connection time-out in milliseconds.";
+ description = lib.mdDoc "Connection time-out in milliseconds.";
};
localnet = mkOption {
type = types.str;
default = "127.0.0.0/255.0.0.0";
- description = "By default enable localnet for loopback address ranges.";
+ description = lib.mdDoc "By default enable localnet for loopback address ranges.";
};
proxies = mkOption {
type = types.attrsOf (types.submodule proxyOptions);
- description = ''
+ description = lib.mdDoc ''
Proxies to be used by proxychains.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/qt5ct.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/qt5ct.nix
index 88e861bf403..3ff47b35591 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/qt5ct.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/qt5ct.nix
@@ -1,31 +1,9 @@
-{ config, lib, pkgs, ... }:
+{ lib, ... }:
with lib;
{
- meta.maintainers = [ maintainers.romildo ];
-
- ###### interface
- options = {
- programs.qt5ct = {
- enable = mkOption {
- default = false;
- type = types.bool;
- description = ''
- Whether to enable the Qt5 Configuration Tool (qt5ct), a
- program that allows users to configure Qt5 settings (theme,
- font, icons, etc.) under desktop environments or window
- manager without Qt integration.
-
- Official home page: https://sourceforge.net/projects/qt5ct/
- '';
- };
- };
- };
-
- ###### implementation
- config = mkIf config.programs.qt5ct.enable {
- environment.variables.QT_QPA_PLATFORMTHEME = "qt5ct";
- environment.systemPackages = with pkgs; [ libsForQt5.qt5ct ];
- };
+ imports = [
+ (mkRemovedOptionModule [ "programs" "qt5ct" "enable" ] "Use qt5.platformTheme = \"qt5ct\" instead.")
+ ];
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/screen.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/screen.nix
index 728a0eb8cea..68de9e52d7b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/screen.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/screen.nix
@@ -13,7 +13,7 @@ in
screenrc = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
The contents of /etc/screenrc file.
'';
type = types.lines;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/shadow.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/shadow.nix
index 963cd8853db..fab809f279a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/shadow.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/shadow.nix
@@ -59,7 +59,7 @@ in
options = {
users.defaultUserShell = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
This option defines the default shell assigned to user
accounts. This can be either a full system path or a shell package.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/slock.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/slock.nix
index ce80fcc5d4a..3db9866d9f1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/slock.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/slock.nix
@@ -12,7 +12,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to install slock screen locker with setuid wrapper.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/spacefm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/spacefm.nix
index f71abcaa332..b4ba9dcdea5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/spacefm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/spacefm.nix
@@ -17,8 +17,8 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to install SpaceFM and create /etc/spacefm/spacefm.conf.
+ description = lib.mdDoc ''
+ Whether to install SpaceFM and create {file}`/etc/spacefm/spacefm.conf`.
'';
};
@@ -34,10 +34,10 @@ in
terminal_su = "''${pkgs.sudo}/bin/sudo";
}
'';
- description = ''
+ description = lib.mdDoc ''
The system-wide spacefm configuration.
- Parameters to be written to /etc/spacefm/spacefm.conf.
- Refer to the relevant entry in the SpaceFM manual.
+ Parameters to be written to {file}`/etc/spacefm/spacefm.conf`.
+ Refer to the [relevant entry](https://ignorantguru.github.io/spacefm/spacefm-manual-en.html#programfiles-etc) in the SpaceFM manual.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/ssh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/ssh.nix
index 75685de4f04..e0da6ef3b3a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/ssh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/ssh.nix
@@ -40,20 +40,20 @@ in
type = types.bool;
default = config.services.xserver.enable;
defaultText = literalExpression "config.services.xserver.enable";
- description = "Whether to configure SSH_ASKPASS in the environment.";
+ description = lib.mdDoc "Whether to configure SSH_ASKPASS in the environment.";
};
askPassword = mkOption {
type = types.str;
default = "${pkgs.x11_ssh_askpass}/libexec/x11-ssh-askpass";
defaultText = literalExpression ''"''${pkgs.x11_ssh_askpass}/libexec/x11-ssh-askpass"'';
- description = "Program used by SSH to ask for passwords.";
+ description = lib.mdDoc "Program used by SSH to ask for passwords.";
};
forwardX11 = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to request X11 forwarding on outgoing connections by default.
This is useful for running graphical programs on the remote machine and have them display to your local X11 server.
Historically, this value has depended on the value used by the local sshd daemon, but there really isn't a relation between the two.
@@ -66,8 +66,8 @@ in
setXAuthLocation = mkOption {
type = types.bool;
- description = ''
- Whether to set the path to xauth for X11-forwarded connections.
+ description = lib.mdDoc ''
+ Whether to set the path to {command}`xauth` for X11-forwarded connections.
This causes a dependency on X11 packages.
'';
};
@@ -76,7 +76,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "ssh-ed25519" "ssh-rsa" ];
- description = ''
+ description = lib.mdDoc ''
Specifies the key types that will be used for public key authentication.
'';
};
@@ -85,7 +85,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "ssh-ed25519" "ssh-rsa" ];
- description = ''
+ description = lib.mdDoc ''
Specifies the host key algorithms that the client wants to use in order of preference.
'';
};
@@ -104,11 +104,11 @@ in
startAgent = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to start the OpenSSH agent when you log in. The OpenSSH agent
remembers private keys for you so that you don't have to type in
passphrases every time you make an SSH connection. Use
- ssh-add to add a key to the agent.
+ {command}`ssh-add` to add a key to the agent.
'';
};
@@ -116,7 +116,7 @@ in
type = types.nullOr types.str;
default = null;
example = "1h";
- description = ''
+ description = lib.mdDoc ''
How long to keep the private keys in memory. Use null to keep them forever.
'';
};
@@ -125,7 +125,7 @@ in
type = types.nullOr types.str;
default = null;
example = literalExpression ''"''${pkgs.opensc}/lib/opensc-pkcs11.so"'';
- description = ''
+ description = lib.mdDoc ''
A pattern-list of acceptable paths for PKCS#11 shared libraries
that may be used with the -s option to ssh-add.
'';
@@ -135,7 +135,7 @@ in
type = types.package;
default = pkgs.openssh;
defaultText = literalExpression "pkgs.openssh";
- description = ''
+ description = lib.mdDoc ''
The package used for the openssh client and daemon.
'';
};
@@ -147,7 +147,7 @@ in
certAuthority = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
This public key is an SSH certificate authority, rather than an
individual host's key.
'';
@@ -156,32 +156,32 @@ in
type = types.listOf types.str;
default = [ name ] ++ config.extraHostNames;
defaultText = literalExpression "[ ${name} ] ++ config.${options.extraHostNames}";
- description = ''
+ description = lib.mdDoc ''
A list of host names and/or IP numbers used for accessing
the host's ssh service. This list includes the name of the
- containing knownHosts attribute by default
+ containing `knownHosts` attribute by default
for convenience. If you wish to configure multiple host keys
- for the same host use multiple knownHosts
+ for the same host use multiple `knownHosts`
entries with different attribute names and the same
- hostNames list.
+ `hostNames` list.
'';
};
extraHostNames = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of additional host names and/or IP numbers used for
accessing the host's ssh service. This list is ignored if
- hostNames is set explicitly.
+ `hostNames` is set explicitly.
'';
};
publicKey = mkOption {
default = null;
type = types.nullOr types.str;
example = "ecdsa-sha2-nistp521 AAAAE2VjZHN...UEPg==";
- description = ''
+ description = lib.mdDoc ''
The public key data for the host. You can fetch a public key
- from a running SSH server with the ssh-keyscan
+ from a running SSH server with the {command}`ssh-keyscan`
command. The public key should not include any host names, only
the key type and the key itself.
'';
@@ -189,25 +189,25 @@ in
publicKeyFile = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
The path to the public key file for the host. The public
key file is read at build time and saved in the Nix store.
You can fetch a public key file from a running SSH server
- with the ssh-keyscan command. The content
+ with the {command}`ssh-keyscan` command. The content
of the file should follow the same format as described for
- the publicKey option. Only a single key
+ the `publicKey` option. Only a single key
is supported. If a host has multiple keys, use
- instead.
+ {option}`programs.ssh.knownHostsFiles` instead.
'';
};
};
}));
- description = ''
+ description = lib.mdDoc ''
The set of system-wide known SSH hosts. To make simple setups more
convenient the name of an attribute in this set is used as a host name
for the entry. This behaviour can be disabled by setting
- hostNames explicitly. You can use
- extraHostNames to add additional host names without
+ `hostNames` explicitly. You can use
+ `extraHostNames` to add additional host names without
disabling this default.
'';
example = literalExpression ''
@@ -228,11 +228,11 @@ in
knownHostsFiles = mkOption {
default = [];
type = with types; listOf path;
- description = ''
+ description = lib.mdDoc ''
Files containing SSH host keys to set as global known hosts.
- /etc/ssh/ssh_known_hosts (which is
- generated by ) and
- /etc/ssh/ssh_known_hosts2 are always
+ `/etc/ssh/ssh_known_hosts` (which is
+ generated by {option}`programs.ssh.knownHosts`) and
+ `/etc/ssh/ssh_known_hosts2` are always
included.
'';
example = literalExpression ''
@@ -251,7 +251,7 @@ in
type = types.nullOr (types.listOf types.str);
default = null;
example = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ];
- description = ''
+ description = lib.mdDoc ''
Specifies the available KEX (Key Exchange) algorithms.
'';
};
@@ -260,7 +260,7 @@ in
type = types.nullOr (types.listOf types.str);
default = null;
example = [ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" ];
- description = ''
+ description = lib.mdDoc ''
Specifies the ciphers allowed and their order of preference.
'';
};
@@ -269,7 +269,7 @@ in
type = types.nullOr (types.listOf types.str);
default = null;
example = [ "hmac-sha2-512-etm@openssh.com" "hmac-sha1" ];
- description = ''
+ description = lib.mdDoc ''
Specifies the MAC (message authentication code) algorithms in order of preference. The MAC algorithm is used
for data integrity protection.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/starship.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/starship.nix
index 83d2272003c..ade80b9999e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/starship.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/starship.nix
@@ -16,8 +16,8 @@ in {
settings = mkOption {
inherit (settingsFormat) type;
default = { };
- description = ''
- Configuration included in starship.toml.
+ description = lib.mdDoc ''
+ Configuration included in `starship.toml`.
See https://starship.rs/config/#prompt for documentation.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/steam.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/steam.nix
index ff4deba2bf0..d80718e792a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/steam.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/steam.nix
@@ -18,7 +18,7 @@ in {
remotePlay.openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for Steam Remote Play.
'';
};
@@ -26,7 +26,7 @@ in {
dedicatedServer.openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for Source Dedicated Server.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/streamdeck-ui.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/streamdeck-ui.nix
new file mode 100644
index 00000000000..04aa0a80e88
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/streamdeck-ui.nix
@@ -0,0 +1,28 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+ cfg = config.programs.streamdeck-ui;
+in {
+ options.programs.streamdeck-ui = {
+ enable = mkEnableOption "streamdeck-ui";
+
+ autoStart = mkOption {
+ default = true;
+ type = types.bool;
+ description = lib.mdDoc "Whether streamdeck-ui should be started automatically.";
+ };
+ };
+
+ config = mkIf cfg.enable {
+ environment.systemPackages = with pkgs; [
+ streamdeck-ui
+ (mkIf cfg.autoStart (makeAutostartItem { name = "streamdeck-ui"; package = streamdeck-ui; }))
+ ];
+
+ services.udev.packages = with pkgs; [ streamdeck-ui ];
+ };
+
+ meta.maintainers = with maintainers; [ majiir ];
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/sway.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/sway.nix
index 01b04728134..decae1b4d2d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/sway.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/sway.nix
@@ -12,7 +12,7 @@ let
type = types.bool;
inherit default;
example = !default;
- description = "Whether to make use of the ${description}";
+ description = lib.mdDoc "Whether to make use of the ${description}";
};
in {
base = mkWrapperFeature true ''
@@ -46,7 +46,7 @@ in {
type = wrapperOptions;
default = { };
example = { gtk = true; };
- description = ''
+ description = lib.mdDoc ''
Attribute set of features to enable in the wrapper.
'';
};
@@ -64,10 +64,10 @@ in {
# use this if they aren't displayed properly:
export _JAVA_AWT_WM_NONREPARENTING=1
'';
- description = ''
+ description = lib.mdDoc ''
Shell commands executed just before Sway is started. See
-
- and
+
+ and
for some useful environment variables.
'';
};
@@ -81,7 +81,7 @@ in {
"--unsupported-gpu"
"--my-next-gpu-wont-be-nvidia"
];
- description = ''
+ description = lib.mdDoc ''
Command line arguments passed to launch Sway. Please DO NOT report
issues if you use an unsupported GPU (proprietary drivers).
'';
@@ -101,10 +101,10 @@ in {
termite rofi light
]
'';
- description = ''
+ description = lib.mdDoc ''
Extra packages to be installed system wide. See
- and
-
+ and
+
for a list of useful software.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/systemtap.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/systemtap.nix
index 360e106678e..cbb9ec164c6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/systemtap.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/systemtap.nix
@@ -10,8 +10,8 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Install systemtap along with necessary kernel options.
+ description = lib.mdDoc ''
+ Install {command}`systemtap` along with necessary kernel options.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/thunar.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/thunar.nix
index 343f8469867..a67d8ae064d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/thunar.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/thunar.nix
@@ -16,7 +16,7 @@ in {
plugins = mkOption {
default = [];
type = types.listOf types.package;
- description = "List of thunar plugins to install.";
+ description = lib.mdDoc "List of thunar plugins to install.";
example = literalExpression "with pkgs.xfce; [ thunar-archive-plugin thunar-volman ]";
};
@@ -33,12 +33,13 @@ in {
services.dbus.packages = [
package
- pkgs.xfce.xfconf
];
systemd.packages = [
package
];
+
+ programs.xfconf.enable = true;
}
);
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/tmux.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/tmux.nix
index 74b3fbd9ac0..cf7ea4cfcf7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/tmux.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/tmux.nix
@@ -70,14 +70,14 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whenever to configure tmux system-wide.";
+ description = lib.mdDoc "Whenever to configure {command}`tmux` system-wide.";
relatedPackages = [ "tmux" ];
};
aggressiveResize = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Resize the window to the size of the smallest session for which it is the current window.
'';
};
@@ -86,31 +86,31 @@ in {
default = 0;
example = 1;
type = types.int;
- description = "Base index for windows and panes.";
+ description = lib.mdDoc "Base index for windows and panes.";
};
clock24 = mkOption {
default = false;
type = types.bool;
- description = "Use 24 hour clock.";
+ description = lib.mdDoc "Use 24 hour clock.";
};
customPaneNavigationAndResize = mkOption {
default = false;
type = types.bool;
- description = "Override the hjkl and HJKL bindings for pane navigation and resizing in VI mode.";
+ description = lib.mdDoc "Override the hjkl and HJKL bindings for pane navigation and resizing in VI mode.";
};
escapeTime = mkOption {
default = 500;
example = 0;
type = types.int;
- description = "Time in milliseconds for which tmux waits after an escape is input.";
+ description = lib.mdDoc "Time in milliseconds for which tmux waits after an escape is input.";
};
extraConfig = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Additional contents of /etc/tmux.conf
'';
type = types.lines;
@@ -120,53 +120,53 @@ in {
default = 2000;
example = 5000;
type = types.int;
- description = "Maximum number of lines held in window history.";
+ description = lib.mdDoc "Maximum number of lines held in window history.";
};
keyMode = mkOption {
default = defaultKeyMode;
example = "vi";
type = types.enum [ "emacs" "vi" ];
- description = "VI or Emacs style shortcuts.";
+ description = lib.mdDoc "VI or Emacs style shortcuts.";
};
newSession = mkOption {
default = false;
type = types.bool;
- description = "Automatically spawn a session if trying to attach and none are running.";
+ description = lib.mdDoc "Automatically spawn a session if trying to attach and none are running.";
};
reverseSplit = mkOption {
default = false;
type = types.bool;
- description = "Reverse the window split shortcuts.";
+ description = lib.mdDoc "Reverse the window split shortcuts.";
};
resizeAmount = mkOption {
default = defaultResize;
example = 10;
type = types.int;
- description = "Number of lines/columns when resizing.";
+ description = lib.mdDoc "Number of lines/columns when resizing.";
};
shortcut = mkOption {
default = defaultShortcut;
example = "a";
type = types.str;
- description = "Ctrl following by this key is used as the main shortcut.";
+ description = lib.mdDoc "Ctrl following by this key is used as the main shortcut.";
};
terminal = mkOption {
default = defaultTerminal;
example = "screen-256color";
type = types.str;
- description = "Set the $TERM variable.";
+ description = lib.mdDoc "Set the $TERM variable.";
};
secureSocket = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Store tmux socket under /run, which is more secure than /tmp, but as a
downside it doesn't survive user logout.
'';
@@ -175,7 +175,7 @@ in {
plugins = mkOption {
default = [];
type = types.listOf types.package;
- description = "List of plugins to install.";
+ description = lib.mdDoc "List of plugins to install.";
example = lib.literalExpression "[ pkgs.tmuxPlugins.nord ]";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/traceroute.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/traceroute.nix
index 6e04057ac50..df5f10b87d5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/traceroute.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/traceroute.nix
@@ -10,7 +10,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to configure a setcap wrapper for traceroute.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/tsm-client.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/tsm-client.nix
index 28db9625387..0a3af3744a7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/tsm-client.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/tsm-client.nix
@@ -26,43 +26,43 @@ let
options.name = mkOption {
type = servernameType;
example = "mainTsmServer";
- description = ''
+ description = lib.mdDoc ''
Local name of the IBM TSM server,
must be uncapitalized and no longer than 64 chars.
The value will be used for the
- server
- directive in dsm.sys.
+ `server`
+ directive in {file}`dsm.sys`.
'';
};
options.server = mkOption {
type = nonEmptyStr;
example = "tsmserver.company.com";
- description = ''
+ description = lib.mdDoc ''
Host/domain name or IP address of the IBM TSM server.
The value will be used for the
- tcpserveraddress
- directive in dsm.sys.
+ `tcpserveraddress`
+ directive in {file}`dsm.sys`.
'';
};
options.port = mkOption {
type = addCheck port (p: p<=32767);
default = 1500; # official default
- description = ''
+ description = lib.mdDoc ''
TCP port of the IBM TSM server.
The value will be used for the
- tcpport
- directive in dsm.sys.
+ `tcpport`
+ directive in {file}`dsm.sys`.
TSM does not support ports above 32767.
'';
};
options.node = mkOption {
type = nonEmptyStr;
example = "MY-TSM-NODE";
- description = ''
+ description = lib.mdDoc ''
Target node name on the IBM TSM server.
The value will be used for the
- nodename
- directive in dsm.sys.
+ `nodename`
+ directive in {file}`dsm.sys`.
'';
};
options.genPasswd = mkEnableOption ''
@@ -80,12 +80,12 @@ let
options.passwdDir = mkOption {
type = path;
example = "/home/alice/tsm-password";
- description = ''
+ description = lib.mdDoc ''
Directory that holds the TSM
node's password information.
The value will be used for the
- passworddir
- directive in dsm.sys.
+ `passworddir`
+ directive in {file}`dsm.sys`.
'';
};
options.includeExclude = mkOption {
@@ -114,9 +114,9 @@ let
default = {};
example.compression = "yes";
example.passwordaccess = null;
- description = ''
+ description = lib.mdDoc ''
Additional key-value pairs for the server stanza.
- Values must be strings, or null
+ Values must be strings, or `null`
for the key not to be used in the stanza
(e.g. to overrule values generated by other options).
'';
@@ -125,13 +125,13 @@ let
type = lines;
example = literalExpression
''lib.modules.mkAfter "compression no"'';
- description = ''
+ description = lib.mdDoc ''
Additional text lines for the server stanza.
This option can be used if certion configuration keys
must be used multiple times or ordered in a certain way
- as the option can't
+ as the {option}`extraConfig` option can't
control the order of lines in the resulting stanza.
- Note that the server
+ Note that the `server`
line at the beginning of the stanza is
not part of this option's value.
'';
@@ -185,7 +185,7 @@ let
node = "MY-TSM-NODE";
extraConfig.compression = "yes";
};
- description = ''
+ description = lib.mdDoc ''
Server definitions ("stanzas")
for the client system-options file.
'';
@@ -194,20 +194,20 @@ let
type = nullOr servernameType;
default = null;
example = "mainTsmServer";
- description = ''
+ description = lib.mdDoc ''
If multiple server stanzas are declared with
- ,
+ {option}`programs.tsmClient.servers`,
this option may be used to name a default
server stanza that IBM TSM uses in the absence of
- a user-defined dsm.opt file.
+ a user-defined {file}`dsm.opt` file.
This option translates to a
- defaultserver configuration line.
+ `defaultserver` configuration line.
'';
};
dsmSysText = mkOption {
type = lines;
readOnly = true;
- description = ''
+ description = lib.mdDoc ''
This configuration key contains the effective text
of the client system-options file "dsm.sys".
It should not be changed, but may be
@@ -220,17 +220,17 @@ let
default = pkgs.tsm-client;
defaultText = literalExpression "pkgs.tsm-client";
example = literalExpression "pkgs.tsm-client-withGui";
- description = ''
+ description = lib.mdDoc ''
The TSM client derivation to be
added to the system environment.
- It will called with .override
+ It will called with `.override`
to add paths to the client system-options file.
'';
};
wrappedPackage = mkOption {
type = package;
readOnly = true;
- description = ''
+ description = lib.mdDoc ''
The TSM client derivation, wrapped with the path
to the client system-options file "dsm.sys".
This option is to provide the effective derivation
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/vim.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/vim.nix
index 1695bc99473..15983e371f0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/vim.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/vim.nix
@@ -9,7 +9,7 @@ in {
defaultEditor = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
When enabled, installs vim and configures vim to be the default editor
using the EDITOR environment variable.
'';
@@ -20,7 +20,7 @@ in {
default = pkgs.vim;
defaultText = literalExpression "pkgs.vim";
example = literalExpression "pkgs.vimHugeX";
- description = ''
+ description = lib.mdDoc ''
vim package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/wavemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/wavemon.nix
index e5ccacba75d..4dbf2748913 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/wavemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/wavemon.nix
@@ -10,7 +10,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to add wavemon to the global environment and configure a
setcap wrapper for it.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/weylus.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/weylus.nix
index ea92c77e7c3..0a506bfa278 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/weylus.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/weylus.nix
@@ -12,7 +12,7 @@ in
openFirewall = mkOption {
type = bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports needed for the functionality of the program.
'';
};
@@ -20,7 +20,7 @@ in
users = mkOption {
type = listOf str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
To enable stylus and multi-touch support, the user you're going to use must be added to this list.
These users can synthesize input events system-wide, even when another user is logged in - untrusted users should not be added.
'';
@@ -30,7 +30,7 @@ in
type = package;
default = pkgs.weylus;
defaultText = "pkgs.weylus";
- description = "Weylus package to install.";
+ description = lib.mdDoc "Weylus package to install.";
};
};
config = mkIf cfg.enable {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/wireshark.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/wireshark.nix
index f7b0727cb2b..088c2bb7958 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/wireshark.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/wireshark.nix
@@ -11,7 +11,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to add Wireshark to the global environment and configure a
setcap wrapper for 'dumpcap' for users in the 'wireshark' group.
'';
@@ -20,7 +20,7 @@ in {
type = types.package;
default = pkgs.wireshark-cli;
defaultText = literalExpression "pkgs.wireshark-cli";
- description = ''
+ description = lib.mdDoc ''
Which Wireshark package to install in the global environment.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xfconf.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xfconf.nix
new file mode 100644
index 00000000000..8e854b40e51
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xfconf.nix
@@ -0,0 +1,27 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let cfg = config.programs.xfconf;
+
+in {
+ meta = {
+ maintainers = teams.xfce.members;
+ };
+
+ options = {
+ programs.xfconf = {
+ enable = mkEnableOption "Xfconf, the Xfce configuration storage system";
+ };
+ };
+
+ config = mkIf cfg.enable {
+ environment.systemPackages = [
+ pkgs.xfce.xfconf
+ ];
+
+ services.dbus.packages = [
+ pkgs.xfce.xfconf
+ ];
+ };
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xfs_quota.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xfs_quota.nix
index c03e59a5b4a..a1e9ff941c6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xfs_quota.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xfs_quota.nix
@@ -28,37 +28,37 @@ in
options = {
id = mkOption {
type = types.int;
- description = "Project ID.";
+ description = lib.mdDoc "Project ID.";
};
fileSystem = mkOption {
type = types.str;
- description = "XFS filesystem hosting the xfs_quota project.";
+ description = lib.mdDoc "XFS filesystem hosting the xfs_quota project.";
default = "/";
};
path = mkOption {
type = types.str;
- description = "Project directory.";
+ description = lib.mdDoc "Project directory.";
};
sizeSoftLimit = mkOption {
type = types.nullOr types.str;
default = null;
example = "30g";
- description = "Soft limit of the project size";
+ description = lib.mdDoc "Soft limit of the project size";
};
sizeHardLimit = mkOption {
type = types.nullOr types.str;
default = null;
example = "50g";
- description = "Hard limit of the project size.";
+ description = lib.mdDoc "Hard limit of the project size.";
};
};
});
- description = "Setup of xfs_quota projects. Make sure the filesystem is mounted with the pquota option.";
+ description = lib.mdDoc "Setup of xfs_quota projects. Make sure the filesystem is mounted with the pquota option.";
example = {
projname = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xonsh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xonsh.nix
index 6e40db51cdb..3223761f934 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xonsh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xonsh.nix
@@ -18,7 +18,7 @@ in
enable = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to configure xonsh as an interactive shell.
'';
type = types.bool;
@@ -29,14 +29,14 @@ in
default = pkgs.xonsh;
defaultText = literalExpression "pkgs.xonsh";
example = literalExpression "pkgs.xonsh.override { configFile = \"/path/to/xonshrc\"; }";
- description = ''
+ description = lib.mdDoc ''
xonsh package to use.
'';
};
config = mkOption {
default = "";
- description = "Control file to customize your shell behavior.";
+ description = lib.mdDoc "Control file to customize your shell behavior.";
type = types.lines;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xss-lock.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xss-lock.nix
index aba76133e5e..c14c09721d6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xss-lock.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xss-lock.nix
@@ -14,16 +14,16 @@ in
defaultText = literalExpression ''"''${pkgs.i3lock}/bin/i3lock"'';
example = literalExpression ''"''${pkgs.i3lock-fancy}/bin/i3lock-fancy"'';
type = types.separatedString " ";
- description = "Locker to be used with xsslock";
+ description = lib.mdDoc "Locker to be used with xsslock";
};
extraOptions = mkOption {
default = [ ];
example = [ "--ignore-sleep" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Additional command-line arguments to pass to
- xss-lock.
+ {command}`xss-lock`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xwayland.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xwayland.nix
index 3a8080fa4c4..9296116dca8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xwayland.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/xwayland.nix
@@ -19,7 +19,7 @@ in
defaultText = literalExpression ''
optionalString config.fonts.fontDir.enable "/run/current-system/sw/share/X11/fonts"
'';
- description = ''
+ description = lib.mdDoc ''
Default font path. Setting this option causes Xwayland to be rebuilt.
'';
};
@@ -34,7 +34,7 @@ in
inherit (config.programs.xwayland) defaultFontPath;
})
'';
- description = "The Xwayland package to use.";
+ description = lib.mdDoc "The Xwayland package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/yabar.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/yabar.nix
index a8fac41e899..0ec668ada8e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/yabar.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/yabar.nix
@@ -79,7 +79,7 @@ in
example = "Droid Sans, FontAwesome Bold 9";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The font that will be used to draw the status bar.
'';
};
@@ -89,7 +89,7 @@ in
example = "bottom";
type = types.enum [ "top" "bottom" ];
- description = ''
+ description = lib.mdDoc ''
The position where the bar will be rendered.
'';
};
@@ -98,7 +98,7 @@ in
default = {};
type = types.attrsOf types.str;
- description = ''
+ description = lib.mdDoc ''
An attribute set which contains further attributes of a bar.
'';
};
@@ -109,7 +109,7 @@ in
options.exec = mkOption {
example = "YABAR_DATE";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The type of the indicator to be executed.
'';
};
@@ -119,7 +119,7 @@ in
example = "right";
type = types.enum [ "left" "center" "right" ];
- description = ''
+ description = lib.mdDoc ''
Whether to align the indicator at the left or right of the bar.
'';
};
@@ -128,20 +128,20 @@ in
default = {};
type = types.attrsOf (types.either types.str types.int);
- description = ''
+ description = lib.mdDoc ''
An attribute set which contains further attributes of a indicator.
'';
};
});
- description = ''
+ description = lib.mdDoc ''
Indicators that should be rendered by yabar.
'';
};
};
});
- description = ''
+ description = lib.mdDoc ''
List of bars that should be rendered by yabar.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/oh-my-zsh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/oh-my-zsh.nix
index 9d7622bd328..b253b803edc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/oh-my-zsh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/oh-my-zsh.nix
@@ -41,7 +41,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable oh-my-zsh.
'';
};
@@ -59,7 +59,7 @@ in
plugins = mkOption {
default = [];
type = types.listOf(types.str);
- description = ''
+ description = lib.mdDoc ''
List of oh-my-zsh plugins
'';
};
@@ -84,7 +84,7 @@ in
theme = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the theme to be used by oh-my-zsh.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh-autosuggestions.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh-autosuggestions.nix
index 2e53e907d54..b6c36a082e7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh-autosuggestions.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh-autosuggestions.nix
@@ -17,7 +17,7 @@ in
highlightStyle = mkOption {
type = types.str;
default = "fg=8"; # https://github.com/zsh-users/zsh-autosuggestions/tree/v0.4.3#suggestion-highlight-style
- description = "Highlight style for suggestions ({fore,back}ground color)";
+ description = lib.mdDoc "Highlight style for suggestions ({fore,back}ground color)";
example = "fg=cyan";
};
@@ -40,14 +40,14 @@ in
async = mkOption {
type = types.bool;
default = true;
- description = "Whether to fetch suggestions asynchronously";
+ description = lib.mdDoc "Whether to fetch suggestions asynchronously";
example = false;
};
extraConfig = mkOption {
type = with types; attrsOf str;
default = {};
- description = "Attribute set with additional configuration values";
+ description = lib.mdDoc "Attribute set with additional configuration values";
example = literalExpression ''
{
"ZSH_AUTOSUGGEST_BUFFER_MAX_SIZE" = "20";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh-syntax-highlighting.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh-syntax-highlighting.nix
index 1eb53ccae52..37e1c2ebc38 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh-syntax-highlighting.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh-syntax-highlighting.nix
@@ -30,7 +30,7 @@ in
"line"
]));
- description = ''
+ description = lib.mdDoc ''
Specifies the highlighters to be used by zsh-syntax-highlighting.
The following defined options can be found here:
@@ -48,7 +48,7 @@ in
}
'';
- description = ''
+ description = lib.mdDoc ''
Specifies custom patterns to be highlighted by zsh-syntax-highlighting.
Please refer to the docs for more information about the usage:
@@ -65,7 +65,7 @@ in
}
'';
- description = ''
+ description = lib.mdDoc ''
Specifies custom styles to be highlighted by zsh-syntax-highlighting.
Please refer to the docs for more information about the usage:
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh.nix
index 5fe98b6801b..0c59d20fee4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/programs/zsh/zsh.nix
@@ -44,27 +44,27 @@ in
enable = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to configure zsh as an interactive shell. To enable zsh for
- a particular user, use the
+ a particular user, use the {option}`users.users..shell`
option for that user. To enable zsh system-wide use the
- option.
+ {option}`users.defaultUserShell` option.
'';
type = types.bool;
};
shellAliases = mkOption {
default = { };
- description = ''
- Set of aliases for zsh shell, which overrides .
- See for an option format description.
+ description = lib.mdDoc ''
+ Set of aliases for zsh shell, which overrides {option}`environment.shellAliases`.
+ See {option}`environment.shellAliases` for an option format description.
'';
type = with types; attrsOf (nullOr (either str path));
};
shellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during zsh shell initialisation.
'';
type = types.lines;
@@ -72,7 +72,7 @@ in
loginShellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during zsh login shell initialisation.
'';
type = types.lines;
@@ -80,7 +80,7 @@ in
interactiveShellInit = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell script code called during interactive zsh shell initialisation.
'';
type = types.lines;
@@ -94,7 +94,7 @@ in
# a lot of different prompt variables.
autoload -U promptinit && promptinit && prompt suse && setopt prompt_sp
'';
- description = ''
+ description = lib.mdDoc ''
Shell script code used to initialise the zsh prompt.
'';
type = types.lines;
@@ -102,7 +102,7 @@ in
histSize = mkOption {
default = 2000;
- description = ''
+ description = lib.mdDoc ''
Change history size.
'';
type = types.int;
@@ -110,7 +110,7 @@ in
histFile = mkOption {
default = "$HOME/.zsh_history";
- description = ''
+ description = lib.mdDoc ''
Change history file.
'';
type = types.str;
@@ -124,15 +124,15 @@ in
"HIST_FCNTL_LOCK"
];
example = [ "EXTENDED_HISTORY" "RM_STAR_WAIT" ];
- description = ''
+ description = lib.mdDoc ''
Configure zsh options. See
- zshoptions1.
+ {manpage}`zshoptions(1)`.
'';
};
enableCompletion = mkOption {
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable zsh completion for all interactive zsh shells.
'';
type = types.bool;
@@ -140,7 +140,7 @@ in
enableBashCompletion = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable compatibility with bash's programmable completion system.
'';
type = types.bool;
@@ -149,11 +149,11 @@ in
enableGlobalCompInit = mkOption {
default = cfg.enableCompletion;
defaultText = literalExpression "config.${opt.enableCompletion}";
- description = ''
+ description = lib.mdDoc ''
Enable execution of compinit call for all interactive zsh shells.
This option can be disabled if the user wants to extend its
- fpath and a custom compinit
+ `fpath` and a custom `compinit`
call in the local config is required.
'';
type = types.bool;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/rename.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/rename.nix
index 7a6a6b5ed30..f86aa2fa5c1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/rename.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/rename.nix
@@ -30,6 +30,10 @@ with lib;
udev rules from libu2f-host to the system. Udev gained native support
to handle FIDO security tokens, so this isn't necessary anymore.
'')
+ (mkRemovedOptionModule [ "hardware" "xow" ] ''
+ The xow package was removed from nixpkgs. Upstream has deprecated
+ the project and users are urged to switch to xone.
+ '')
(mkRemovedOptionModule [ "networking" "vpnc" ] "Use environment.etc.\"vpnc/service.conf\" instead.")
(mkRemovedOptionModule [ "networking" "wicd" ] "The corresponding package was removed from nixpkgs.")
(mkRemovedOptionModule [ "programs" "tilp2" ] "The corresponding package was removed from nixpkgs.")
@@ -68,6 +72,7 @@ with lib;
prey-bash-client is deprecated upstream
'')
(mkRemovedOptionModule [ "services" "quagga" ] "the corresponding package has been removed from nixpkgs")
+ (mkRemovedOptionModule [ "services" "railcar" ] "the corresponding package has been removed from nixpkgs")
(mkRemovedOptionModule [ "services" "seeks" ] "")
(mkRemovedOptionModule [ "services" "ssmtp" ] ''
The ssmtp package and the corresponding module have been removed due to
@@ -98,6 +103,7 @@ with lib;
(mkRemovedOptionModule [ "services" "virtuoso" ] "The corresponding package was removed from nixpkgs.")
(mkRemovedOptionModule [ "services" "openfire" ] "The corresponding package was removed from nixpkgs.")
(mkRemovedOptionModule [ "services" "riak" ] "The corresponding package was removed from nixpkgs.")
+ (mkRemovedOptionModule [ "services" "cryptpad" ] "The corresponding package was removed from nixpkgs.")
# Do NOT add any option renames here, see top of the file
];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/acme/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/acme/default.nix
index d827c448055..54b44dcab62 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/acme/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/acme/default.nix
@@ -445,7 +445,7 @@ let
validMinDays = mkOption {
type = types.int;
inherit (defaultAndText "validMinDays" 30) default defaultText;
- description = "Minimum remaining validity before renewal in days.";
+ description = lib.mdDoc "Minimum remaining validity before renewal in days.";
};
renewInterval = mkOption {
@@ -466,11 +466,11 @@ let
type = types.nullOr types.str;
inherit (defaultAndText "webroot" null) default defaultText;
example = "/var/lib/acme/acme-challenge";
- description = ''
+ description = lib.mdDoc ''
Where the webroot of the HTTP vhost is located.
- .well-known/acme-challenge/ directory
+ {file}`.well-known/acme-challenge/` directory
will be created below the webroot if it doesn't exist.
- http://example.org/.well-known/acme-challenge/ must also
+ `http://example.org/.well-known/acme-challenge/` must also
be available (notice unencrypted HTTP).
'';
};
@@ -478,17 +478,17 @@ let
server = mkOption {
type = types.nullOr types.str;
inherit (defaultAndText "server" null) default defaultText;
- description = ''
+ description = lib.mdDoc ''
ACME Directory Resource URI. Defaults to Let's Encrypt's
production endpoint,
- , if unset.
+ , if unset.
'';
};
email = mkOption {
type = types.str;
inherit (defaultAndText "email" null) default defaultText;
- description = ''
+ description = lib.mdDoc ''
Email address for account creation and correspondence from the CA.
It is recommended to use the same email for all certs to avoid account
creation limits.
@@ -498,7 +498,7 @@ let
group = mkOption {
type = types.str;
inherit (defaultAndText "group" "acme") default defaultText;
- description = "Group running the ACME client.";
+ description = lib.mdDoc "Group running the ACME client.";
};
reloadServices = mkOption {
@@ -514,7 +514,7 @@ let
type = types.lines;
inherit (defaultAndText "postRun" "") default defaultText;
example = "cp full.pem backup.pem";
- description = ''
+ description = lib.mdDoc ''
Commands to run after new certificates go live. Note that
these commands run as the root user.
@@ -525,10 +525,10 @@ let
keyType = mkOption {
type = types.str;
inherit (defaultAndText "keyType" "ec256") default defaultText;
- description = ''
+ description = lib.mdDoc ''
Key type to use for private keys.
For an up to date list of supported values check the --key-type option
- at .
+ at .
'';
};
@@ -536,9 +536,9 @@ let
type = types.nullOr types.str;
inherit (defaultAndText "dnsProvider" null) default defaultText;
example = "route53";
- description = ''
+ description = lib.mdDoc ''
DNS Challenge provider. For a list of supported providers, see the "code"
- field of the DNS providers listed at .
+ field of the DNS providers listed at .
'';
};
@@ -546,7 +546,7 @@ let
type = types.nullOr types.str;
inherit (defaultAndText "dnsResolver" null) default defaultText;
example = "1.1.1.1:53";
- description = ''
+ description = lib.mdDoc ''
Set the resolver to use for performing recursive DNS queries. Supported:
host:port. The default is to use the system resolvers, or Google's DNS
resolvers if the system's cannot be determined.
@@ -556,11 +556,11 @@ let
credentialsFile = mkOption {
type = types.path;
inherit (defaultAndText "credentialsFile" null) default defaultText;
- description = ''
+ description = lib.mdDoc ''
Path to an EnvironmentFile for the cert's service containing any required and
optional environment variables for your selected dnsProvider.
To find out what values you need to set, consult the documentation at
- for the corresponding dnsProvider.
+ for the corresponding dnsProvider.
'';
example = "/var/src/secrets/example.org-route53-api-token";
};
@@ -568,7 +568,7 @@ let
dnsPropagationCheck = mkOption {
type = types.bool;
inherit (defaultAndText "dnsPropagationCheck" true) default defaultText;
- description = ''
+ description = lib.mdDoc ''
Toggles lego DNS propagation check, which is used alongside DNS-01
challenge to ensure the DNS entries required are available.
'';
@@ -590,7 +590,7 @@ let
extraLegoFlags = mkOption {
type = types.listOf types.str;
inherit (defaultAndText "extraLegoFlags" []) default defaultText;
- description = ''
+ description = lib.mdDoc ''
Additional global flags to pass to all lego commands.
'';
};
@@ -598,7 +598,7 @@ let
extraLegoRenewFlags = mkOption {
type = types.listOf types.str;
inherit (defaultAndText "extraLegoRenewFlags" []) default defaultText;
- description = ''
+ description = lib.mdDoc ''
Additional flags to pass to lego renew.
'';
};
@@ -606,7 +606,7 @@ let
extraLegoRunFlags = mkOption {
type = types.listOf types.str;
inherit (defaultAndText "extraLegoRunFlags" []) default defaultText;
- description = ''
+ description = lib.mdDoc ''
Additional flags to pass to lego run.
'';
};
@@ -637,13 +637,13 @@ let
type = types.str;
readOnly = true;
default = "/var/lib/acme/${name}";
- description = "Directory where certificate and other state is stored.";
+ description = lib.mdDoc "Directory where certificate and other state is stored.";
};
domain = mkOption {
type = types.str;
default = name;
- description = "Domain to fetch certificate for (defaults to the entry name).";
+ description = lib.mdDoc "Domain to fetch certificate for (defaults to the entry name).";
};
extraDomainNames = mkOption {
@@ -655,7 +655,7 @@ let
"mydomain.org"
]
'';
- description = ''
+ description = lib.mdDoc ''
A list of extra domain names, which are included in the one certificate to be issued.
'';
};
@@ -667,7 +667,7 @@ let
type = types.nullOr types.str;
default = null;
example = ":1360";
- description = ''
+ description = lib.mdDoc ''
Interface and port to listen on to solve HTTP challenges
in the form [INTERFACE]:PORT.
If you use a port other than 80, you must proxy port 80 to this port.
@@ -690,7 +690,7 @@ in {
preliminarySelfsigned = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether a preliminary self-signed certificate should be generated before
doing ACME requests. This can be useful when certificates are required in
a webserver, but ACME needs the webserver to make its requests.
@@ -703,16 +703,16 @@ in {
acceptTerms = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Accept the CA's terms of service. The default provider is Let's Encrypt,
- you can find their ToS at .
+ you can find their ToS at .
'';
};
useRoot = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use the root user when generating certs. This is not recommended
for security + compatiblity reasons. If a service requires root owned certificates
consider following the guide on "Using ACME with services demanding root
@@ -723,7 +723,7 @@ in {
defaults = mkOption {
type = types.submodule (inheritableModule true);
- description = ''
+ description = lib.mdDoc ''
Default values inheritable by all configured certs. You can
use this to define options shared by all your certs. These defaults
can also be ignored on a per-cert basis using the
@@ -734,9 +734,9 @@ in {
certs = mkOption {
default = { };
type = with types; attrsOf (submodule [ (inheritableModule false) certOpts ]);
- description = ''
+ description = lib.mdDoc ''
Attribute set of certificates to get signed and renewed. Creates
- acme-''${cert}.{service,timer} systemd units for
+ `acme-''${cert}.{service,timer}` systemd units for
each certificate defined here. Other services can add dependencies
to those units if they rely on the certificates being present,
or trigger restarts of the service if certificates get renewed.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/audit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/audit.nix
index 2b22bdd9f0a..06b4766c8f5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/audit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/audit.nix
@@ -56,7 +56,7 @@ in {
enable = mkOption {
type = types.enum [ false true "lock" ];
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Linux audit system. The special `lock' value can be used to
enable auditing and prevent disabling it until a restart. Be careful about locking
this, as it will prevent you from changing your audit configuration until you
@@ -67,13 +67,13 @@ in {
failureMode = mkOption {
type = types.enum [ "silent" "printk" "panic" ];
default = "printk";
- description = "How to handle critical errors in the auditing system";
+ description = lib.mdDoc "How to handle critical errors in the auditing system";
};
backlogLimit = mkOption {
type = types.int;
default = 64; # Apparently the kernel default
- description = ''
+ description = lib.mdDoc ''
The maximum number of outstanding audit buffers allowed; exceeding this is
considered a failure and handled in a manner specified by failureMode.
'';
@@ -82,7 +82,7 @@ in {
rateLimit = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
The maximum messages per second permitted before triggering a failure as
specified by failureMode. Setting it to zero disables the limit.
'';
@@ -92,7 +92,7 @@ in {
type = types.listOf types.str; # (types.either types.str (types.submodule rule));
default = [];
example = [ "-a exit,always -F arch=b64 -S execve" ];
- description = ''
+ description = lib.mdDoc ''
The ordered audit rules, with each string appearing as one line of the audit.rules file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/ca.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/ca.nix
index f71d9d90ec5..c704e2c1f51 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/ca.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/ca.nix
@@ -23,12 +23,12 @@ in
type = types.listOf types.path;
default = [];
example = literalExpression ''[ "''${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]'';
- description = ''
+ description = lib.mdDoc ''
A list of files containing trusted root certificates in PEM
format. These are concatenated to form
- /etc/ssl/certs/ca-certificates.crt, which is
+ {file}`/etc/ssl/certs/ca-certificates.crt`, which is
used by many programs that use OpenSSL, such as
- curl and git.
+ {command}`curl` and {command}`git`.
'';
};
@@ -47,7 +47,7 @@ in
'''
]
'';
- description = ''
+ description = lib.mdDoc ''
A list of trusted root certificates in PEM format.
'';
};
@@ -60,10 +60,10 @@ in
"CA WoSign ECC Root"
"Certification Authority of WoSign G2"
];
- description = ''
+ description = lib.mdDoc ''
A list of blacklisted CA certificate names that won't be imported from
the Mozilla Trust Store into
- /etc/ssl/certs/ca-certificates.crt. Use the
+ {file}`/etc/ssl/certs/ca-certificates.crt`. Use the
names from that file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/chromium-suid-sandbox.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/chromium-suid-sandbox.nix
index bb99c053f71..cab4b9f8d3a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/chromium-suid-sandbox.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/chromium-suid-sandbox.nix
@@ -14,7 +14,7 @@ in
options.security.chromiumSuidSandbox.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to install the Chromium SUID sandbox which is an executable that
Chromium may use in order to achieve sandboxing.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/dhparams.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/dhparams.nix
index cfa9003f12f..720936e68d7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/dhparams.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/dhparams.nix
@@ -15,7 +15,7 @@ let
type = bitType;
default = cfg.defaultBitSize;
defaultText = literalExpression "config.${opt.defaultBitSize}";
- description = ''
+ description = lib.mdDoc ''
The bit size for the prime that is used during a Diffie-Hellman
key exchange.
'';
@@ -24,11 +24,11 @@ let
options.path = mkOption {
type = types.path;
readOnly = true;
- description = ''
+ description = lib.mdDoc ''
The resulting path of the generated Diffie-Hellman parameters
file for other services to reference. This could be either a
store path or a file inside the directory specified by
- .
+ {option}`security.dhparams.path`.
'';
};
@@ -45,7 +45,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to generate new DH params and clean up old DH params.
'';
};
@@ -101,21 +101,21 @@ in {
defaultBitSize = mkOption {
type = bitType;
default = 2048;
- description = ''
+ description = lib.mdDoc ''
This allows to override the default bit size for all of the
Diffie-Hellman parameters set in
- .
+ {option}`security.dhparams.params`.
'';
};
path = mkOption {
type = types.str;
default = "/var/lib/dhparams";
- description = ''
+ description = lib.mdDoc ''
Path to the directory in which Diffie-Hellman parameters will be
stored. This only is relevant if
- is
- true.
+ {option}`security.dhparams.stateful` is
+ `true`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/doas.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/doas.nix
index 2a814f17e45..d4b51b406e2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/doas.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/doas.nix
@@ -53,8 +53,8 @@ in
enable = mkOption {
type = with types; bool;
default = false;
- description = ''
- Whether to enable the doas command, which allows
+ description = lib.mdDoc ''
+ Whether to enable the {command}`doas` command, which allows
non-root users to execute commands as root.
'';
};
@@ -171,13 +171,13 @@ in
users = mkOption {
type = with types; listOf (either str int);
default = [];
- description = "The usernames / UIDs this rule should apply for.";
+ description = lib.mdDoc "The usernames / UIDs this rule should apply for.";
};
groups = mkOption {
type = with types; listOf (either str int);
default = [];
- description = "The groups / GIDs this rule should apply for.";
+ description = lib.mdDoc "The groups / GIDs this rule should apply for.";
};
runAs = mkOption {
@@ -223,8 +223,8 @@ in
extraConfig = mkOption {
type = with types; lines;
default = "";
- description = ''
- Extra configuration text appended to doas.conf.
+ description = lib.mdDoc ''
+ Extra configuration text appended to {file}`doas.conf`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/duosec.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/duosec.nix
index bbe246fe229..02b11766b3c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/duosec.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/duosec.nix
@@ -36,24 +36,24 @@ in
ssh.enable = mkOption {
type = types.bool;
default = false;
- description = "If enabled, protect SSH logins with Duo Security.";
+ description = lib.mdDoc "If enabled, protect SSH logins with Duo Security.";
};
pam.enable = mkOption {
type = types.bool;
default = false;
- description = "If enabled, protect logins with Duo Security using PAM support.";
+ description = lib.mdDoc "If enabled, protect logins with Duo Security using PAM support.";
};
integrationKey = mkOption {
type = types.str;
- description = "Integration key.";
+ description = lib.mdDoc "Integration key.";
};
secretKeyFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing your secret key. The security of your Duo application is tied to the security of your secret key.
'';
example = "/run/keys/duo-skey";
@@ -61,25 +61,25 @@ in
host = mkOption {
type = types.str;
- description = "Duo API hostname.";
+ description = lib.mdDoc "Duo API hostname.";
};
groups = mkOption {
type = types.str;
default = "";
example = "users,!wheel,!*admin guests";
- description = ''
+ description = lib.mdDoc ''
If specified, Duo authentication is required only for users
whose primary group or supplementary group list matches one
of the space-separated pattern lists. Refer to
- for details.
+ for details.
'';
};
failmode = mkOption {
type = types.enum [ "safe" "secure" ];
default = "safe";
- description = ''
+ description = lib.mdDoc ''
On service or configuration errors that prevent Duo
authentication, fail "safe" (allow access) or "secure" (deny
access). The default is "safe".
@@ -89,7 +89,7 @@ in
pushinfo = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Include information such as the command to be executed in
the Duo Push message.
'';
@@ -98,22 +98,22 @@ in
autopush = mkOption {
type = types.bool;
default = false;
- description = ''
- If true, Duo Unix will automatically send
+ description = lib.mdDoc ''
+ If `true`, Duo Unix will automatically send
a push login request to the user’s phone, falling back on a
phone call if push is unavailable. If
- false, the user will be prompted to
+ `false`, the user will be prompted to
choose an authentication method. When configured with
- autopush = yes, we recommend setting
- prompts = 1.
+ `autopush = yes`, we recommend setting
+ `prompts = 1`.
'';
};
motd = mkOption {
type = types.bool;
default = false;
- description = ''
- Print the contents of /etc/motd to screen
+ description = lib.mdDoc ''
+ Print the contents of `/etc/motd` to screen
after a successful login.
'';
};
@@ -121,30 +121,30 @@ in
prompts = mkOption {
type = types.enum [ 1 2 3 ];
default = 3;
- description = ''
+ description = lib.mdDoc ''
If a user fails to authenticate with a second factor, Duo
Unix will prompt the user to authenticate again. This option
sets the maximum number of prompts that Duo Unix will
display before denying access. Must be 1, 2, or 3. Default
is 3.
- For example, when prompts = 1, the user
+ For example, when `prompts = 1`, the user
will have to successfully authenticate on the first prompt,
- whereas if prompts = 2, if the user
+ whereas if `prompts = 2`, if the user
enters incorrect information at the initial prompt, he/she
will be prompted to authenticate again.
- When configured with autopush = true, we
- recommend setting prompts = 1.
+ When configured with `autopush = true`, we
+ recommend setting `prompts = 1`.
'';
};
acceptEnvFactor = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Look for factor selection or passcode in the
- $DUO_PASSCODE environment variable before
+ `$DUO_PASSCODE` environment variable before
prompting the user for input.
When $DUO_PASSCODE is non-empty, it will override
@@ -157,11 +157,11 @@ in
fallbackLocalIP = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Duo Unix reports the IP address of the authorizing user, for
the purposes of authorization and whitelisting. If Duo Unix
cannot detect the IP address of the client, setting
- fallbackLocalIP = yes will cause Duo Unix
+ `fallbackLocalIP = yes` will cause Duo Unix
to send the IP address of the server it is running on.
If you are using IP whitelisting, enabling this option could
@@ -173,7 +173,7 @@ in
allowTcpForwarding = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
By default, when SSH forwarding, enabling Duo Security will
disable TCP forwarding. By enabling this, you potentially
undermine some of the SSH based login security. Note this is
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/google_oslogin.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/google_oslogin.nix
index cf416035ef6..f75b4df1851 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/google_oslogin.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/google_oslogin.nix
@@ -16,7 +16,7 @@ in
security.googleOsLogin.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Google OS Login.
The OS Login package enables the following components:
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/lock-kernel-modules.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/lock-kernel-modules.nix
index 065587bc286..674ba857818 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/lock-kernel-modules.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/lock-kernel-modules.nix
@@ -11,11 +11,11 @@ with lib;
security.lockKernelModules = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Disable kernel module loading once the system is fully initialised.
Module loading is disabled until the next reboot. Problems caused
by delayed module loading can be fixed by adding the module(s) in
- question to .
+ question to {option}`boot.kernelModules`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/misc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/misc.nix
index c20e067b8cc..3c83ff8d773 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/misc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/misc.nix
@@ -15,7 +15,7 @@ with lib;
security.allowUserNamespaces = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to allow creation of user namespaces.
The motivation for disabling user namespaces is the potential
@@ -34,7 +34,7 @@ with lib;
security.unprivilegedUsernsClone = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
When disabled, unprivileged users will not be able to create new namespaces.
By default unprivileged user namespaces are disabled.
This option only works in a hardened profile.
@@ -44,7 +44,7 @@ with lib;
security.protectKernelImage = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to prevent replacing the running kernel image.
'';
};
@@ -71,7 +71,7 @@ with lib;
security.forcePageTableIsolation = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to force-enable the Page Table Isolation (PTI) Linux kernel
feature even on CPU models that claim to be safe from Meltdown.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/oath.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/oath.nix
index 93bdc851117..33428665384 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/oath.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/oath.nix
@@ -11,7 +11,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the OATH (one-time password) PAM module.
'';
};
@@ -19,7 +19,7 @@ with lib;
digits = mkOption {
type = types.enum [ 6 7 8 ];
default = 6;
- description = ''
+ description = lib.mdDoc ''
Specify the length of the one-time password in number of
digits.
'';
@@ -28,7 +28,7 @@ with lib;
window = mkOption {
type = types.int;
default = 5;
- description = ''
+ description = lib.mdDoc ''
Specify the number of one-time passwords to check in order
to accommodate for situations where the system and the
client are slightly out of sync (iteration for HOTP or time
@@ -39,7 +39,7 @@ with lib;
usersFile = mkOption {
type = types.path;
default = "/etc/users.oath";
- description = ''
+ description = lib.mdDoc ''
Set the path to file where the user's credentials are
stored. This file must not be world readable!
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/pam.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/pam.nix
index 23d1344a57a..7903d333411 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/pam.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/pam.nix
@@ -15,24 +15,24 @@ let
name = mkOption {
example = "sshd";
type = types.str;
- description = "Name of the PAM service.";
+ description = lib.mdDoc "Name of the PAM service.";
};
unixAuth = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether users can log in with passwords defined in
- /etc/shadow.
+ {file}`/etc/shadow`.
'';
};
rootOK = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, root doesn't need to authenticate (e.g. for the
- useradd service).
+ {command}`useradd` service).
'';
};
@@ -40,10 +40,10 @@ let
default = config.security.pam.p11.enable;
defaultText = literalExpression "config.security.pam.p11.enable";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, keys listed in
- ~/.ssh/authorized_keys and
- ~/.eid/authorized_certificates
+ {file}`~/.ssh/authorized_keys` and
+ {file}`~/.eid/authorized_certificates`
can be used to log in with the associated PKCS#11 tokens.
'';
};
@@ -52,24 +52,24 @@ let
default = config.security.pam.u2f.enable;
defaultText = literalExpression "config.security.pam.u2f.enable";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, users listed in
- $XDG_CONFIG_HOME/Yubico/u2f_keys (or
- $HOME/.config/Yubico/u2f_keys if XDG variable is
+ {file}`$XDG_CONFIG_HOME/Yubico/u2f_keys` (or
+ {file}`$HOME/.config/Yubico/u2f_keys` if XDG variable is
not set) are able to log in with the associated U2F key. Path can be
- changed using option.
+ changed using {option}`security.pam.u2f.authFile` option.
'';
};
usshAuth = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, users with an SSH certificate containing an authorized principal
in their SSH agent are able to log in. Specific options are controlled
- using the options.
+ using the {option}`security.pam.ussh` options.
- Note that the must also be
+ Note that the {option}`security.pam.ussh.enable` must also be
set for this option to take effect.
'';
};
@@ -78,9 +78,9 @@ let
default = config.security.pam.yubico.enable;
defaultText = literalExpression "config.security.pam.yubico.enable";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, users listed in
- ~/.yubico/authorized_yubikeys
+ {file}`~/.yubico/authorized_yubikeys`
are able to log in with the associated Yubikey tokens.
'';
};
@@ -89,9 +89,9 @@ let
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, users with enabled Google Authenticator (created
- ~/.google_authenticator) will be required
+ {file}`~/.google_authenticator`) will be required
to provide Google Authenticator token to log in.
'';
};
@@ -101,9 +101,9 @@ let
default = config.security.pam.usb.enable;
defaultText = literalExpression "config.security.pam.usb.enable";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, users listed in
- /etc/pamusb.conf are able to log in
+ {file}`/etc/pamusb.conf` are able to log in
with the associated USB key.
'';
};
@@ -112,21 +112,21 @@ let
default = config.security.pam.enableOTPW;
defaultText = literalExpression "config.security.pam.enableOTPW";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, the OTPW system will be used (if
- ~/.otpw exists).
+ {file}`~/.otpw` exists).
'';
};
googleOsLoginAccountVerification = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, will use the Google OS Login PAM modules
- (pam_oslogin_login,
- pam_oslogin_admin) to verify possible OS Login
+ (`pam_oslogin_login`,
+ `pam_oslogin_admin`) to verify possible OS Login
users and set sudoers configuration accordingly.
- This only makes sense to enable for the sshd PAM
+ This only makes sense to enable for the `sshd` PAM
service.
'';
};
@@ -134,10 +134,10 @@ let
googleOsLoginAuthentication = mkOption {
default = false;
type = types.bool;
- description = ''
- If set, will use the pam_oslogin_login's user
+ description = lib.mdDoc ''
+ If set, will use the `pam_oslogin_login`'s user
authentication methods to authenticate users using 2FA.
- This only makes sense to enable for the sshd PAM
+ This only makes sense to enable for the `sshd` PAM
service.
'';
};
@@ -146,7 +146,7 @@ let
default = config.services.fprintd.enable;
defaultText = literalExpression "config.services.fprintd.enable";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, fingerprint reader will be used (if exists and
your fingerprints are enrolled).
'';
@@ -156,7 +156,7 @@ let
default = config.security.pam.oath.enable;
defaultText = literalExpression "config.security.pam.oath.enable";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, the OATH Toolkit will be used.
'';
};
@@ -164,11 +164,11 @@ let
sshAgentAuth = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, the calling user's SSH agent is used to authenticate
against the keys in the calling user's
- ~/.ssh/authorized_keys. This is useful
- for sudo on password-less remote systems.
+ {file}`~/.ssh/authorized_keys`. This is useful
+ for {command}`sudo` on password-less remote systems.
'';
};
@@ -176,10 +176,10 @@ let
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, use the Duo Security pam module
- pam_duo for authentication. Requires
- configuration of options.
+ `pam_duo` for authentication. Requires
+ configuration of {option}`security.duosec` options.
'';
};
};
@@ -187,7 +187,7 @@ let
startSession = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, the service will register a new session with
systemd's login manager. For local sessions, this will give
the user access to audio devices, CD-ROM drives. In the
@@ -199,21 +199,21 @@ let
setEnvironment = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the service should set the environment variables
- listed in
- using pam_env.so.
+ listed in {option}`environment.sessionVariables`
+ using `pam_env.so`.
'';
};
setLoginUid = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Set the login uid of the process
- (/proc/self/loginuid) for auditing
+ ({file}`/proc/self/loginuid`) for auditing
purposes. The login uid is only set by ‘entry points’ like
- login and sshd, not by
- commands like sudo.
+ {command}`login` and {command}`sshd`, not by
+ commands like {command}`sudo`.
'';
};
@@ -221,7 +221,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable or disable TTY auditing for specified users
'';
};
@@ -229,7 +229,7 @@ let
enablePattern = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
For each user matching one of comma-separated
glob patterns, enable TTY auditing
'';
@@ -238,7 +238,7 @@ let
disablePattern = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
For each user matching one of comma-separated
glob patterns, disable TTY auditing
'';
@@ -247,7 +247,7 @@ let
openOnly = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Set the TTY audit flag when opening the session,
but do not restore it when closing the session.
Using this option is necessary for some services
@@ -260,10 +260,10 @@ let
forwardXAuth = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether X authentication keys should be passed from the
calling user to the target user (e.g. for
- su)
+ {command}`su`)
'';
};
@@ -271,7 +271,7 @@ let
default = config.security.pam.mount.enable;
defaultText = literalExpression "config.security.pam.mount.enable";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable PAM mount (pam_mount) system to mount fileystems on user login.
'';
};
@@ -279,13 +279,13 @@ let
allowNullPassword = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to allow logging into accounts that have no password
set (i.e., have an empty password field in
- /etc/passwd or
- /etc/group). This does not enable
+ {file}`/etc/passwd` or
+ {file}`/etc/group`). This does not enable
logging into disabled accounts (i.e., that have the password
- field set to !). Note that regardless of
+ field set to `!`). Note that regardless of
what the pam_unix documentation says, accounts with hashed
empty passwords are always allowed to log in.
'';
@@ -294,7 +294,7 @@ let
nodelay = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Wheather the delay after typing a wrong password should be disabled.
'';
};
@@ -302,7 +302,7 @@ let
requireWheel = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to permit root access only to members of group wheel.
'';
};
@@ -322,15 +322,15 @@ let
showMotd = mkOption {
default = false;
type = types.bool;
- description = "Whether to show the message of the day.";
+ description = lib.mdDoc "Whether to show the message of the day.";
};
makeHomeDir = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to try to create home directories for users
- with $HOMEs pointing to nonexistent
+ with `$HOME`s pointing to nonexistent
locations on session login.
'';
};
@@ -338,19 +338,19 @@ let
updateWtmp = mkOption {
default = false;
type = types.bool;
- description = "Whether to update /var/log/wtmp.";
+ description = lib.mdDoc "Whether to update {file}`/var/log/wtmp`.";
};
logFailures = mkOption {
default = false;
type = types.bool;
- description = "Whether to log authentication failures in /var/log/faillog.";
+ description = lib.mdDoc "Whether to log authentication failures in {file}`/var/log/faillog`.";
};
enableAppArmor = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable support for attaching AppArmor profiles at the
user/group level, e.g., as part of a role based access
control scheme.
@@ -360,7 +360,7 @@ let
enableKwallet = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If enabled, pam_wallet will attempt to automatically unlock the
user's default KDE wallet upon login. If the user has no wallet named
"kdewallet", or the login password does not match their wallet
@@ -370,13 +370,13 @@ let
sssdStrictAccess = mkOption {
default = false;
type = types.bool;
- description = "enforce sssd access control";
+ description = lib.mdDoc "enforce sssd access control";
};
enableGnomeKeyring = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If enabled, pam_gnome_keyring will attempt to automatically unlock the
user's default Gnome keyring upon login. If the user login password does
not match their keyring password, Gnome Keyring will prompt separately
@@ -388,24 +388,24 @@ let
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, pam_gnupg will attempt to automatically unlock the
user's GPG keys with the login password via
- gpg-agent. The keygrips of all keys to be
- unlocked should be written to ~/.pam-gnupg,
- and can be queried with gpg -K --with-keygrip.
+ {command}`gpg-agent`. The keygrips of all keys to be
+ unlocked should be written to {file}`~/.pam-gnupg`,
+ and can be queried with {command}`gpg -K --with-keygrip`.
Presetting passphrases must be enabled by adding
- allow-preset-passphrase in
- ~/.gnupg/gpg-agent.conf.
+ `allow-preset-passphrase` in
+ {file}`~/.gnupg/gpg-agent.conf`.
'';
};
noAutostart = mkOption {
type = types.bool;
default = false;
- description = ''
- Don't start gpg-agent if it is not running.
- Useful in conjunction with starting gpg-agent as
+ description = lib.mdDoc ''
+ Don't start {command}`gpg-agent` if it is not running.
+ Useful in conjunction with starting {command}`gpg-agent` as
a systemd user service.
'';
};
@@ -413,16 +413,16 @@ let
storeOnly = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Don't send the password immediately after login, but store for PAM
- session.
+ `session`.
'';
};
};
text = mkOption {
type = types.nullOr types.lines;
- description = "Contents of the PAM service file.";
+ description = lib.mdDoc "Contents of the PAM service file.";
};
};
@@ -453,7 +453,7 @@ let
optionalString (config.services.sssd.enable && cfg.sssdStrictAccess) ''
account [default=bad success=ok user_unknown=ignore] ${pkgs.sssd}/lib/security/pam_sss.so
'' +
- optionalString config.krb5.enable ''
+ optionalString config.security.pam.krb5.enable ''
account sufficient ${pam_krb5}/lib/security/pam_krb5.so
'' +
optionalString cfg.googleOsLoginAccountVerification ''
@@ -482,9 +482,10 @@ let
(let p11 = config.security.pam.p11; in optionalString cfg.p11Auth ''
auth ${p11.control} ${pkgs.pam_p11}/lib/security/pam_p11.so ${pkgs.opensc}/lib/opensc-pkcs11.so
'') +
- (let u2f = config.security.pam.u2f; in optionalString cfg.u2fAuth ''
- auth ${u2f.control} ${pkgs.pam_u2f}/lib/security/pam_u2f.so ${optionalString u2f.debug "debug"} ${optionalString (u2f.authFile != null) "authfile=${u2f.authFile}"} ${optionalString u2f.interactive "interactive"} ${optionalString u2f.cue "cue"} ${optionalString (u2f.appId != null) "appid=${u2f.appId}"}
- '') +
+ (let u2f = config.security.pam.u2f; in optionalString cfg.u2fAuth (''
+ auth ${u2f.control} ${pkgs.pam_u2f}/lib/security/pam_u2f.so ${optionalString u2f.debug "debug"} ${optionalString (u2f.authFile != null) "authfile=${u2f.authFile}"} ''
+ + ''${optionalString u2f.interactive "interactive"} ${optionalString u2f.cue "cue"} ${optionalString (u2f.appId != null) "appid=${u2f.appId}"} ${optionalString (u2f.origin != null) "origin=${u2f.origin}"}
+ '')) +
optionalString cfg.usbAuth ''
auth sufficient ${pkgs.pam_usb}/lib/security/pam_usb.so
'' +
@@ -552,7 +553,7 @@ let
optionalString config.services.sssd.enable ''
auth sufficient ${pkgs.sssd}/lib/security/pam_sss.so use_first_pass
'' +
- optionalString config.krb5.enable ''
+ optionalString config.security.pam.krb5.enable ''
auth [default=ignore success=1 service_err=reset] ${pam_krb5}/lib/security/pam_krb5.so use_first_pass
auth [default=die success=done] ${pam_ccreds}/lib/security/pam_ccreds.so action=validate use_first_pass
auth sufficient ${pam_ccreds}/lib/security/pam_ccreds.so action=store use_first_pass
@@ -575,7 +576,7 @@ let
optionalString config.services.sssd.enable ''
password sufficient ${pkgs.sssd}/lib/security/pam_sss.so use_authtok
'' +
- optionalString config.krb5.enable ''
+ optionalString config.security.pam.krb5.enable ''
password sufficient ${pam_krb5}/lib/security/pam_krb5.so use_first_pass
'' +
optionalString cfg.enableGnomeKeyring ''
@@ -610,7 +611,6 @@ let
session optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so
'' +
optionalString cfg.pamMount ''
- session [success=1 default=ignore] ${pkgs.pam}/lib/security/pam_succeed_if.so service = systemd-user quiet
session optional ${pkgs.pam_mount}/lib/security/pam_mount.so disable_interactive
'' +
optionalString use_ldap ''
@@ -619,7 +619,7 @@ let
optionalString config.services.sssd.enable ''
session optional ${pkgs.sssd}/lib/security/pam_sss.so
'' +
- optionalString config.krb5.enable ''
+ optionalString config.security.pam.krb5.enable ''
session optional ${pam_krb5}/lib/security/pam_krb5.so
'' +
optionalString cfg.otpwAuth ''
@@ -673,19 +673,19 @@ let
limitsType = with lib.types; listOf (submodule ({ ... }: {
options = {
domain = mkOption {
- description = "Username, groupname, or wildcard this limit applies to";
+ description = lib.mdDoc "Username, groupname, or wildcard this limit applies to";
example = "@wheel";
type = str;
};
type = mkOption {
- description = "Type of this limit";
+ description = lib.mdDoc "Type of this limit";
type = enum [ "-" "hard" "soft" ];
default = "-";
};
item = mkOption {
- description = "Item this limit applies to";
+ description = lib.mdDoc "Item this limit applies to";
type = enum [
"core"
"data"
@@ -709,7 +709,7 @@ let
};
value = mkOption {
- description = "Value of this limit";
+ description = lib.mdDoc "Value of this limit";
type = oneOf [ str int ];
};
};
@@ -769,10 +769,10 @@ in
default = {};
type = with types; attrsOf (submodule pamOpts);
description =
- ''
+ lib.mdDoc ''
This option defines the PAM services. A service typically
corresponds to a program that uses PAM,
- e.g. login or passwd.
+ e.g. {command}`login` or {command}`passwd`.
Each attribute of this set defines a PAM service, with the attribute name
defining the name of the service.
'';
@@ -782,9 +782,9 @@ in
type = types.str;
default = "/var/empty";
example = "/etc/skel";
- description = ''
+ description = lib.mdDoc ''
Path to skeleton directory whose contents are copied to home
- directories newly created by pam_mkhomedir.
+ directories newly created by `pam_mkhomedir`.
'';
};
@@ -792,9 +792,9 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Enable sudo logins if the user's SSH agent provides a key
- present in ~/.ssh/authorized_keys.
+ present in {file}`~/.ssh/authorized_keys`.
This allows machines to exclusively use SSH keys instead of
passwords.
'';
@@ -802,6 +802,26 @@ in
security.pam.enableOTPW = mkEnableOption "the OTPW (one-time password) PAM module";
+ security.pam.krb5 = {
+ enable = mkOption {
+ default = config.krb5.enable;
+ defaultText = literalExpression "config.krb5.enable";
+ type = types.bool;
+ description = ''
+ Enables Kerberos PAM modules (pam-krb5,
+ pam-ccreds).
+
+ If set, users can authenticate with their Kerberos password.
+ This requires a valid Kerberos configuration
+ (config.krb5.enable should be set to
+ true).
+
+ Note that the Kerberos PAM modules are not necessary when using SSS
+ to handle Kerberos authentication.
+ '';
+ };
+ };
+
security.pam.p11 = {
enable = mkOption {
default = false;
@@ -895,6 +915,24 @@ in
'';
};
+ origin = mkOption {
+ default = null;
+ type = with types; nullOr str;
+ description = ''
+ By default pam-u2f module sets the origin
+ to pam://$HOSTNAME.
+ Setting origin to an host independent value will allow you to
+ reuse credentials across machines
+
+ When using pamu2fcfg, you can specify your
+ application ID with the -o flag.
+
+ More information can be found
+ here
+ '';
+ };
+
control = mkOption {
default = "sufficient";
type = types.enum [ "required" "requisite" "sufficient" "optional" ];
@@ -915,7 +953,7 @@ in
debug = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Debug output to stderr.
'';
};
@@ -923,7 +961,7 @@ in
interactive = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Set to prompt a message and wait before testing the presence of a U2F device.
Recommended if your device doesn’t have a tactile trigger.
'';
@@ -932,12 +970,12 @@ in
cue = mkOption {
default = false;
type = types.bool;
- description = ''
- By default pam-u2f module does not inform user
+ description = lib.mdDoc ''
+ By default `pam-u2f` module does not inform user
that he needs to use the u2f device, it just waits without a prompt.
- If you set this option to true,
- cue option is added to pam-u2f
+ If you set this option to `true`,
+ `cue` option is added to `pam-u2f`
module and reminder message will be displayed.
'';
};
@@ -965,11 +1003,11 @@ in
caFile = mkOption {
default = null;
type = with types; nullOr path;
- description = ''
- By default pam-ussh reads the trusted user CA keys
- from /etc/ssh/trusted_user_ca.
+ description = lib.mdDoc ''
+ By default `pam-ussh` reads the trusted user CA keys
+ from {file}`/etc/ssh/trusted_user_ca`.
- This should be set the same as your TrustedUserCAKeys
+ This should be set the same as your `TrustedUserCAKeys`
option for sshd.
'';
};
@@ -977,38 +1015,38 @@ in
authorizedPrincipals = mkOption {
default = null;
type = with types; nullOr commas;
- description = ''
+ description = lib.mdDoc ''
Comma-separated list of authorized principals to permit; if the user
presents a certificate with one of these principals, then they will be
authorized.
- Note that pam-ussh also requires that the certificate
+ Note that `pam-ussh` also requires that the certificate
contain a principal matching the user's username. The principals from
this list are in addition to those principals.
- Mutually exclusive with authorizedPrincipalsFile.
+ Mutually exclusive with `authorizedPrincipalsFile`.
'';
};
authorizedPrincipalsFile = mkOption {
default = null;
type = with types; nullOr path;
- description = ''
+ description = lib.mdDoc ''
Path to a list of principals; if the user presents a certificate with
one of these principals, then they will be authorized.
- Note that pam-ussh also requires that the certificate
+ Note that `pam-ussh` also requires that the certificate
contain a principal matching the user's username. The principals from
this file are in addition to those principals.
- Mutually exclusive with authorizedPrincipals.
+ Mutually exclusive with `authorizedPrincipals`.
'';
};
group = mkOption {
default = null;
type = with types; nullOr str;
- description = ''
+ description = lib.mdDoc ''
If set, then the authenticating user must be a member of this group
to use this module.
'';
@@ -1069,13 +1107,13 @@ in
id = mkOption {
example = "42";
type = types.str;
- description = "client id";
+ description = lib.mdDoc "client id";
};
debug = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Debug output to stderr.
'';
};
@@ -1114,7 +1152,7 @@ in
default = null;
example = "Today is Sweetmorn, the 4th day of The Aftermath in the YOLD 3178.";
type = types.nullOr types.lines;
- description = "Message of the day shown to users when they log in.";
+ description = lib.mdDoc "Message of the day shown to users when they log in.";
};
};
@@ -1129,7 +1167,7 @@ in
[ pkgs.pam ]
++ optional config.users.ldap.enable pam_ldap
++ optional config.services.sssd.enable pkgs.sssd
- ++ optionals config.krb5.enable [pam_krb5 pam_ccreds]
+ ++ optionals config.security.pam.krb5.enable [pam_krb5 pam_ccreds]
++ optionals config.security.pam.enableOTPW [ pkgs.otpw ]
++ optionals config.security.pam.oath.enable [ pkgs.oath-toolkit ]
++ optionals config.security.pam.p11.enable [ pkgs.pam_p11 ]
@@ -1193,7 +1231,7 @@ in
optionalString config.services.sssd.enable ''
mr ${pkgs.sssd}/lib/security/pam_sss.so,
'' +
- optionalString config.krb5.enable ''
+ optionalString config.security.pam.krb5.enable ''
mr ${pam_krb5}/lib/security/pam_krb5.so,
mr ${pam_ccreds}/lib/security/pam_ccreds.so,
'' +
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/pam_mount.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/pam_mount.nix
index 1d0efee8ca8..e159a73b66a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/pam_mount.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/pam_mount.nix
@@ -23,7 +23,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable PAM mount system to mount fileystems on user login.
'';
};
@@ -42,7 +42,7 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.bindfs ]";
- description = ''
+ description = lib.mdDoc ''
Additional programs to include in the search path of pam_mount.
Useful for example if you want to use some FUSE filesystems like bindfs.
'';
@@ -54,7 +54,7 @@ in
example = literalExpression ''
[ "nodev" "nosuid" "force-user=%(USER)" "gid=%(USERGID)" "perms=0700" "chmod-deny" "chown-deny" "chgrp-deny" ]
'';
- description = ''
+ description = lib.mdDoc ''
Global mount options that apply to every FUSE volume.
You can define volume-specific options in the volume definitions.
'';
@@ -86,7 +86,7 @@ in
logoutHup = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Kill remaining processes after logout by sending a SIGHUP.
'';
};
@@ -94,7 +94,7 @@ in
logoutTerm = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Kill remaining processes after logout by sending a SIGTERM.
'';
};
@@ -102,7 +102,7 @@ in
logoutKill = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Kill remaining processes after logout by sending a SIGKILL.
'';
};
@@ -110,7 +110,7 @@ in
createMountPoints = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Create mountpoints for volumes if they do not exist.
'';
};
@@ -118,7 +118,7 @@ in
removeCreatedMountPoints = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Remove mountpoints created by pam_mount after logout. This
only affects mountpoints that have been created by pam_mount
in the same session.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/polkit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/polkit.nix
index 1ba149745c6..0a2d81445ba 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/polkit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/polkit.nix
@@ -29,7 +29,7 @@ in
if (subject.local) return "yes";
});
'';
- description =
+ description = lib.mdDoc
''
Any polkit rules to be added to config (in JavaScript ;-). See:
http://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html#polkit-rules
@@ -40,12 +40,12 @@ in
type = types.listOf types.str;
default = [ "unix-group:wheel" ];
example = [ "unix-user:alice" "unix-group:admin" ];
- description =
+ description = lib.mdDoc
''
Specifies which users are considered “administrators”, for those
actions that require the user to authenticate as an
- administrator (i.e. have an auth_admin
- value). By default, this is all users in the wheel group.
+ administrator (i.e. have an `auth_admin`
+ value). By default, this is all users in the `wheel` group.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/rtkit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/rtkit.nix
index ad8746808e8..0f58b4dce84 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/rtkit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/rtkit.nix
@@ -12,7 +12,7 @@ with lib;
security.rtkit.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the RealtimeKit system service, which hands
out realtime scheduling priority to user processes on
demand. For example, the PulseAudio server uses this to
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/sudo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/sudo.nix
index 4bf239fca8f..2e30a8915d8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/sudo.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/sudo.nix
@@ -36,8 +36,8 @@ in
type = types.bool;
default = true;
description =
- ''
- Whether to enable the sudo command, which
+ lib.mdDoc ''
+ Whether to enable the {command}`sudo` command, which
allows non-root users to execute commands as root.
'';
};
@@ -77,15 +77,15 @@ in
# Note: if syntax errors are detected in this file, the NixOS
# configuration will fail to build.
description =
- ''
+ lib.mdDoc ''
This string contains the contents of the
- sudoers file.
+ {file}`sudoers` file.
'';
};
security.sudo.extraRules = mkOption {
- description = ''
- Define specific rules to be in the sudoers file.
+ description = lib.mdDoc ''
+ Define specific rules to be in the {file}`sudoers` file.
More specific rules should come after more general ones in order to
yield the expected behavior. You can use mkBefore/mkAfter to ensure
this is the case when configuration options are merged.
@@ -114,7 +114,7 @@ in
options = {
users = mkOption {
type = with types; listOf (either str int);
- description = ''
+ description = lib.mdDoc ''
The usernames / UIDs this rule should apply for.
'';
default = [];
@@ -122,7 +122,7 @@ in
groups = mkOption {
type = with types; listOf (either str int);
- description = ''
+ description = lib.mdDoc ''
The groups / GIDs this rule should apply for.
'';
default = [];
@@ -131,7 +131,7 @@ in
host = mkOption {
type = types.str;
default = "ALL";
- description = ''
+ description = lib.mdDoc ''
For what host this rule should apply.
'';
};
@@ -149,7 +149,7 @@ in
};
commands = mkOption {
- description = ''
+ description = lib.mdDoc ''
The commands for which the rule should apply.
'';
type = with types; listOf (either str (submodule {
@@ -182,8 +182,8 @@ in
security.sudo.extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
- Extra configuration text appended to sudoers.
+ description = lib.mdDoc ''
+ Extra configuration text appended to {file}`sudoers`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/tpm2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/tpm2.nix
index be85fd246e3..375f4af1a64 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/tpm2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/tpm2.nix
@@ -20,7 +20,7 @@ in {
enable = lib.mkEnableOption "Trusted Platform Module 2 support";
tssUser = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Name of the tpm device-owner and service user, set if applyUdevRules is
set.
'';
@@ -30,7 +30,7 @@ in {
};
tssGroup = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Group of the tpm kernel resource manager (tpmrm) device-group, set if
applyUdevRules is set.
'';
@@ -39,7 +39,7 @@ in {
};
applyUdevRules = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to make the /dev/tpm[0-9] devices accessible by the tssUser, or
the /dev/tpmrm[0-9] by tssGroup respectively
'';
@@ -53,7 +53,7 @@ in {
'';
package = lib.mkOption {
- description = "tpm2-abrmd package to use";
+ description = lib.mdDoc "tpm2-abrmd package to use";
type = lib.types.package;
default = pkgs.tpm2-abrmd;
defaultText = lib.literalExpression "pkgs.tpm2-abrmd";
@@ -67,7 +67,7 @@ in {
'';
package = lib.mkOption {
- description = "tpm2-pkcs11 package to use";
+ description = lib.mdDoc "tpm2-pkcs11 package to use";
type = lib.types.package;
default = pkgs.tpm2-pkcs11;
defaultText = lib.literalExpression "pkgs.tpm2-pkcs11";
@@ -97,7 +97,7 @@ in {
};
interface = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
The name of the TPM command transmission interface (TCTI) library to
use.
'';
@@ -106,24 +106,24 @@ in {
};
deviceConf = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Configuration part of the device TCTI, e.g. the path to the TPM device.
Applies if interface is set to "device".
The format is specified in the
-
- tpm2-tools repository.
+ [
+ tpm2-tools repository](https://github.com/tpm2-software/tpm2-tools/blob/master/man/common/tcti.md#tcti-options).
'';
type = lib.types.str;
default = "/dev/tpmrm0";
};
tabrmdConf = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Configuration part of the tabrmd TCTI, like the D-Bus bus name.
Applies if interface is set to "tabrmd".
The format is specified in the
-
- tpm2-tools repository.
+ [
+ tpm2-tools repository](https://github.com/tpm2-software/tpm2-tools/blob/master/man/common/tcti.md#tcti-options).
'';
type = lib.types.str;
default = "bus_name=com.intel.tss2.Tabrmd";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/wrappers/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/wrappers/default.nix
index 169ef744262..cdf99e697f6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/security/wrappers/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/security/wrappers/default.nix
@@ -22,30 +22,30 @@ let
wrapperType = lib.types.submodule ({ name, config, ... }: {
options.source = lib.mkOption
{ type = lib.types.path;
- description = "The absolute path to the program to be wrapped.";
+ description = lib.mdDoc "The absolute path to the program to be wrapped.";
};
options.program = lib.mkOption
{ type = with lib.types; nullOr str;
default = name;
- description = ''
+ description = lib.mdDoc ''
The name of the wrapper program. Defaults to the attribute name.
'';
};
options.owner = lib.mkOption
{ type = lib.types.str;
- description = "The owner of the wrapper program.";
+ description = lib.mdDoc "The owner of the wrapper program.";
};
options.group = lib.mkOption
{ type = lib.types.str;
- description = "The group of the wrapper program.";
+ description = lib.mdDoc "The group of the wrapper program.";
};
options.permissions = lib.mkOption
{ type = fileModeType;
default = "u+rx,g+x,o+x";
example = "a+rx";
- description = ''
+ description = lib.mdDoc ''
The permissions of the wrapper program. The format is that of a
- symbolic or numeric file mode understood by chmod.
+ symbolic or numeric file mode understood by {command}`chmod`.
'';
};
options.capabilities = lib.mkOption
@@ -73,12 +73,12 @@ let
options.setuid = lib.mkOption
{ type = lib.types.bool;
default = false;
- description = "Whether to add the setuid bit the wrapper program.";
+ description = lib.mdDoc "Whether to add the setuid bit the wrapper program.";
};
options.setgid = lib.mkOption
{ type = lib.types.bool;
default = false;
- description = "Whether to add the setgid bit the wrapper program.";
+ description = lib.mdDoc "Whether to add the setgid bit the wrapper program.";
};
});
@@ -179,12 +179,12 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
This option effectively allows adding setuid/setgid bits, capabilities,
changing file ownership and permissions of a program without directly
modifying it. This works by creating a wrapper program under the
- directory, which is then added to
- the shell PATH.
+ {option}`security.wrapperDir` directory, which is then added to
+ the shell `PATH`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/meshcentral.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/meshcentral.nix
index 92762d2037c..e1df39716d4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/meshcentral.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/meshcentral.nix
@@ -7,7 +7,7 @@ in with lib; {
options.services.meshcentral = with types; {
enable = mkEnableOption "MeshCentral computer management server";
package = mkOption {
- description = "MeshCentral package to use. Replacing this may be necessary to add dependencies for extra functionality.";
+ description = lib.mdDoc "MeshCentral package to use. Replacing this may be necessary to add dependencies for extra functionality.";
type = types.package;
default = pkgs.meshcentral;
defaultText = literalExpression "pkgs.meshcentral";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/oxidized.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/oxidized.nix
index 49ea3ced76a..f0d46f787b7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/oxidized.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/oxidized.nix
@@ -12,7 +12,7 @@ in
user = mkOption {
type = types.str;
default = "oxidized";
- description = ''
+ description = lib.mdDoc ''
User under which the oxidized service runs.
'';
};
@@ -20,7 +20,7 @@ in
group = mkOption {
type = types.str;
default = "oxidized";
- description = ''
+ description = lib.mdDoc ''
Group under which the oxidized service runs.
'';
};
@@ -28,7 +28,7 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/oxidized";
- description = "State directory for the oxidized service.";
+ description = lib.mdDoc "State directory for the oxidized service.";
};
configFile = mkOption {
@@ -62,7 +62,7 @@ in
# ... additional config
''';
'';
- description = ''
+ description = lib.mdDoc ''
Path to the oxidized configuration file.
'';
};
@@ -76,7 +76,7 @@ in
# ... additional hosts
'''
'';
- description = ''
+ description = lib.mdDoc ''
Path to the file/database which contains the targets for oxidized.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/pgadmin.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/pgadmin.nix
index 80b68145410..aff25bcb68b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/pgadmin.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/pgadmin.nix
@@ -31,18 +31,18 @@ in
enable = mkEnableOption "PostgreSQL Admin 4";
port = mkOption {
- description = "Port for pgadmin4 to run on";
+ description = lib.mdDoc "Port for pgadmin4 to run on";
type = types.port;
default = 5050;
};
initialEmail = mkOption {
- description = "Initial email for the pgAdmin account.";
+ description = lib.mdDoc "Initial email for the pgAdmin account.";
type = types.str;
};
initialPasswordFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Initial password file for the pgAdmin account.
NOTE: Should be string not a store path, to prevent the password from being world readable.
'';
@@ -52,9 +52,9 @@ in
openFirewall = mkEnableOption "firewall passthrough for pgadmin4";
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Settings for pgadmin4.
- Documentation.
+ [Documentation](https://www.pgadmin.org/docs/pgadmin4/development/config_py.html).
'';
type = pyType;
default= {};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/salt/master.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/salt/master.nix
index a3069c81c19..3c246a94239 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/salt/master.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/salt/master.nix
@@ -24,7 +24,7 @@ in
configuration = mkOption {
type = types.attrs;
default = {};
- description = "Salt master configuration as Nix attribute set.";
+ description = lib.mdDoc "Salt master configuration as Nix attribute set.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/salt/minion.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/salt/minion.nix
index ac124c570d8..165ec8ef96b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/salt/minion.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/admin/salt/minion.nix
@@ -25,9 +25,9 @@ in
configuration = mkOption {
type = types.attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
Salt minion configuration as Nix attribute set.
- See
+ See
for details.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/amqp/activemq/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/amqp/activemq/default.nix
index 47669b05aa9..bd37fe3b557 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/amqp/activemq/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/amqp/activemq/default.nix
@@ -27,7 +27,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the Apache ActiveMQ message broker service.
'';
};
@@ -35,7 +35,7 @@ in {
default = "${activemq}/conf";
defaultText = literalExpression ''"''${pkgs.activemq}/conf"'';
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The base directory for ActiveMQ's configuration.
By default, this directory is searched for a file named activemq.xml,
which should contain the configuration for the broker service.
@@ -44,21 +44,21 @@ in {
configurationURI = mkOption {
type = types.str;
default = "xbean:activemq.xml";
- description = ''
+ description = lib.mdDoc ''
The URI that is passed along to the BrokerFactory to
set up the configuration of the ActiveMQ broker service.
You should not need to change this. For custom configuration,
- set the configurationDir instead, and create
+ set the `configurationDir` instead, and create
an activemq.xml configuration file in it.
'';
};
baseDir = mkOption {
type = types.str;
default = "/var/activemq";
- description = ''
+ description = lib.mdDoc ''
The base directory where ActiveMQ stores its persistent data and logs.
This will be overridden if you set "activemq.base" and "activemq.data"
- in the javaProperties option. You can also override
+ in the `javaProperties` option. You can also override
this in activemq.xml.
'';
};
@@ -76,7 +76,7 @@ in {
"activemq.conf" = "${cfg.configurationDir}";
"activemq.home" = "${activemq}";
} // attrs;
- description = ''
+ description = lib.mdDoc ''
Specifies Java properties that are sent to the ActiveMQ
broker service with the "-D" option. You can set properties
here to change the behaviour and configuration of the broker.
@@ -88,7 +88,7 @@ in {
type = types.separatedString " ";
default = "";
example = "-Xmx2G -Xms2G -XX:MaxPermSize=512M";
- description = ''
+ description = lib.mdDoc ''
Add extra options here that you want to be sent to the
Java runtime when the broker service is started.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/amqp/rabbitmq.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/amqp/rabbitmq.nix
index 3255942fe43..9d3243722d6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/amqp/rabbitmq.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/amqp/rabbitmq.nix
@@ -20,7 +20,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the RabbitMQ server, an Advanced Message
Queuing Protocol (AMQP) broker.
'';
@@ -30,7 +30,7 @@ in
default = pkgs.rabbitmq-server;
type = types.package;
defaultText = literalExpression "pkgs.rabbitmq-server";
- description = ''
+ description = lib.mdDoc ''
Which rabbitmq package to use.
'';
};
@@ -38,12 +38,12 @@ in
listenAddress = mkOption {
default = "127.0.0.1";
example = "";
- description = ''
+ description = lib.mdDoc ''
IP address on which RabbitMQ will listen for AMQP
connections. Set to the empty string to listen on all
interfaces. Note that RabbitMQ creates a user named
- guest with password
- guest by default, so you should delete
+ `guest` with password
+ `guest` by default, so you should delete
this user if you intend to allow external access.
Together with 'port' setting it's mostly an alias for
@@ -55,7 +55,7 @@ in
port = mkOption {
default = 5672;
- description = ''
+ description = lib.mdDoc ''
Port on which RabbitMQ will listen for AMQP connections.
'';
type = types.port;
@@ -64,7 +64,7 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/rabbitmq";
- description = ''
+ description = lib.mdDoc ''
Data directory for rabbitmq.
'';
};
@@ -72,7 +72,7 @@ in
cookie = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Erlang cookie is a string of arbitrary length which must
be the same for several nodes to be allowed to communicate.
Leave empty to generate automatically.
@@ -88,15 +88,15 @@ in
"auth_backends.1.authz" = "rabbit_auth_backend_internal";
}
'';
- description = ''
+ description = lib.mdDoc ''
Configuration options in RabbitMQ's new config file format,
which is a simple key-value format that can not express nested
- data structures. This is known as the rabbitmq.conf file,
+ data structures. This is known as the `rabbitmq.conf` file,
although outside NixOS that filename may have Erlang syntax, particularly
prior to RabbitMQ 3.7.0.
If you do need to express nested data structures, you can use
- config option. Configuration from config
+ `config` option. Configuration from `config`
will be merged into these options by RabbitMQ at runtime to
form the final configuration.
@@ -108,14 +108,14 @@ in
config = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Verbatim advanced configuration file contents using the Erlang syntax.
- This is also known as the advanced.config file or the old config format.
+ This is also known as the `advanced.config` file or the old config format.
- configItems is preferred whenever possible. However, nested
- data structures can only be expressed properly using the config option.
+ `configItems` is preferred whenever possible. However, nested
+ data structures can only be expressed properly using the `config` option.
- The contents of this option will be merged into the configItems
+ The contents of this option will be merged into the `configItems`
by RabbitMQ at runtime to form the final configuration.
See the second table on https://www.rabbitmq.com/configure.html#config-items
@@ -126,13 +126,13 @@ in
plugins = mkOption {
default = [ ];
type = types.listOf types.str;
- description = "The names of plugins to enable";
+ description = lib.mdDoc "The names of plugins to enable";
};
pluginDirs = mkOption {
default = [ ];
type = types.listOf types.path;
- description = "The list of directories containing external plugins";
+ description = lib.mdDoc "The list of directories containing external plugins";
};
managementPlugin = {
@@ -140,7 +140,7 @@ in
port = mkOption {
default = 15672;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
On which port to run the management plugin
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/alsa.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/alsa.nix
index 0d743ed31da..155780199fd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/alsa.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/alsa.nix
@@ -25,7 +25,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable ALSA sound.
'';
};
@@ -33,7 +33,7 @@ in
enableOSSEmulation = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable ALSA OSS emulation (with certain cards sound mixing may not work!).
'';
};
@@ -44,7 +44,7 @@ in
example = ''
defaults.pcm.!card 3
'';
- description = ''
+ description = lib.mdDoc ''
Set addition configuration for system-wide alsa.
'';
};
@@ -54,7 +54,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable volume and capture control with keyboard media keys.
You want to leave this disabled if you run a desktop environment
@@ -62,7 +62,7 @@ in
You might want to enable this if you run a minimalistic desktop
environment or work from bare linux ttys/framebuffers.
- Enabling this will turn on .
+ Enabling this will turn on {option}`services.actkbd`.
'';
};
@@ -70,7 +70,7 @@ in
type = types.str;
default = "1";
example = "1%";
- description = ''
+ description = lib.mdDoc ''
The value by which to increment/decrement volume on media keys.
See amixer(1) for allowed values.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/botamusique.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/botamusique.nix
index f4fa0ead4f0..edb59a49fd1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/botamusique.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/botamusique.nix
@@ -18,7 +18,7 @@ in
type = types.package;
default = pkgs.botamusique;
defaultText = literalExpression "pkgs.botamusique";
- description = "The botamusique package to use.";
+ description = lib.mdDoc "The botamusique package to use.";
};
settings = mkOption {
@@ -29,32 +29,32 @@ in
type = types.str;
default = "localhost";
example = "mumble.example.com";
- description = "Hostname of the mumble server to connect to.";
+ description = lib.mdDoc "Hostname of the mumble server to connect to.";
};
server.port = mkOption {
type = types.port;
default = 64738;
- description = "Port of the mumble server to connect to.";
+ description = lib.mdDoc "Port of the mumble server to connect to.";
};
bot.username = mkOption {
type = types.str;
default = "botamusique";
- description = "Name the bot should appear with.";
+ description = lib.mdDoc "Name the bot should appear with.";
};
bot.comment = mkOption {
type = types.str;
default = "Hi, I'm here to play radio, local music or youtube/soundcloud music. Have fun!";
- description = "Comment displayed for the bot.";
+ description = lib.mdDoc "Comment displayed for the bot.";
};
};
};
default = {};
- description = ''
- Your configuration.ini as a Nix attribute set. Look up
- possible options in the configuration.example.ini.
+ description = lib.mdDoc ''
+ Your {file}`configuration.ini` as a Nix attribute set. Look up
+ possible options in the [configuration.example.ini](https://github.com/azlux/botamusique/blob/master/configuration.example.ini).
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/hqplayerd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/hqplayerd.nix
index 416d12ce217..4045a34b40d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/hqplayerd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/hqplayerd.nix
@@ -18,7 +18,7 @@ in
username = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Username used for HQPlayer's WebUI.
Without this you will need to manually create the credentials after
@@ -29,7 +29,7 @@ in
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Password used for HQPlayer's WebUI.
Without this you will need to manually create the credentials after
@@ -41,7 +41,7 @@ in
licenseFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the HQPlayer license key file.
Without this, the service will run in trial mode and restart every 30
@@ -52,7 +52,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Opens ports needed for the WebUI and controller API.
'';
};
@@ -60,7 +60,7 @@ in
config = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
HQplayer daemon configuration, written to /etc/hqplayer/hqplayerd.xml.
Refer to share/doc/hqplayerd/readme.txt in the hqplayerd derivation for possible values.
@@ -133,7 +133,7 @@ in
users.users = {
hqplayer = {
description = "hqplayer daemon user";
- extraGroups = [ "audio" ];
+ extraGroups = [ "audio" "video" ];
group = "hqplayer";
uid = config.ids.uids.hqplayer;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/icecast.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/icecast.nix
index 5ee5bd745f9..0a81d71b569 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/icecast.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/icecast.nix
@@ -48,7 +48,7 @@ in {
hostname = mkOption {
type = types.nullOr types.str;
- description = "DNS name or IP address that will be used for the stream directory lookups or possibily the playlist generation if a Host header is not provided.";
+ description = lib.mdDoc "DNS name or IP address that will be used for the stream directory lookups or possibily the playlist generation if a Host header is not provided.";
default = config.networking.domain;
defaultText = literalExpression "config.networking.domain";
};
@@ -56,51 +56,51 @@ in {
admin = {
user = mkOption {
type = types.str;
- description = "Username used for all administration functions.";
+ description = lib.mdDoc "Username used for all administration functions.";
default = "admin";
};
password = mkOption {
type = types.str;
- description = "Password used for all administration functions.";
+ description = lib.mdDoc "Password used for all administration functions.";
};
};
logDir = mkOption {
type = types.path;
- description = "Base directory used for logging.";
+ description = lib.mdDoc "Base directory used for logging.";
default = "/var/log/icecast";
};
listen = {
port = mkOption {
type = types.int;
- description = "TCP port that will be used to accept client connections.";
+ description = lib.mdDoc "TCP port that will be used to accept client connections.";
default = 8000;
};
address = mkOption {
type = types.str;
- description = "Address Icecast will listen on.";
+ description = lib.mdDoc "Address Icecast will listen on.";
default = "::";
};
};
user = mkOption {
type = types.str;
- description = "User privileges for the server.";
+ description = lib.mdDoc "User privileges for the server.";
default = "nobody";
};
group = mkOption {
type = types.str;
- description = "Group privileges for the server.";
+ description = lib.mdDoc "Group privileges for the server.";
default = "nogroup";
};
extraConf = mkOption {
type = types.lines;
- description = "icecast.xml content.";
+ description = lib.mdDoc "icecast.xml content.";
default = "";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/jack.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/jack.nix
index 84fc9957b87..ae566bba84e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/jack.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/jack.nix
@@ -40,14 +40,14 @@ in {
example = literalExpression ''
[ "-dalsa" "--device" "hw:1" ];
'';
- description = ''
+ description = lib.mdDoc ''
Specifies startup command line arguments to pass to JACK server.
'';
};
session = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Commands to run after JACK is started.
'';
};
@@ -58,7 +58,7 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Route audio to/from generic ALSA-using applications using ALSA JACK PCM plugin.
'';
};
@@ -66,7 +66,7 @@ in {
support32Bit = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to support sound for 32-bit ALSA applications on 64-bit system.
'';
};
@@ -76,7 +76,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Create ALSA loopback device, instead of using PCM plugin. Has broader
application support (things like Steam will work), but may need fine-tuning
for concrete hardware.
@@ -86,14 +86,14 @@ in {
index = mkOption {
type = types.int;
default = 10;
- description = ''
+ description = lib.mdDoc ''
Index of an ALSA loopback device.
'';
};
config = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
ALSA config for loopback device.
'';
};
@@ -105,7 +105,7 @@ in {
period_size 2048
periods 2
'';
- description = ''
+ description = lib.mdDoc ''
For music production software that still doesn't support JACK natively you
would like to put buffer/period adjustments here
to decrease dmix device latency.
@@ -114,7 +114,7 @@ in {
session = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Additional commands to run to setup loopback device.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/jmusicbot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/jmusicbot.nix
index e0f8d461af0..7e23ffe6bf2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/jmusicbot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/jmusicbot.nix
@@ -13,12 +13,12 @@ in
type = types.package;
default = pkgs.jmusicbot;
defaultText = literalExpression "pkgs.jmusicbot";
- description = "JMusicBot package to use";
+ description = lib.mdDoc "JMusicBot package to use";
};
stateDir = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The directory where config.txt and serversettings.json is saved.
If left as the default value this directory will automatically be created before JMusicBot starts, otherwise the sysadmin is responsible for ensuring the directory exists with appropriate ownership and permissions.
Untouched by the value of this option config.txt needs to be placed manually into this directory.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/liquidsoap.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/liquidsoap.nix
index ffeefc0f988..c313104c460 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/liquidsoap.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/liquidsoap.nix
@@ -31,7 +31,7 @@ in
services.liquidsoap.streams = mkOption {
description =
- ''
+ lib.mdDoc ''
Set of Liquidsoap streams to start,
one systemd service per stream.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mopidy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mopidy.nix
index 9937feadaeb..9c8e9b693c3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mopidy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mopidy.nix
@@ -31,7 +31,7 @@ in {
dataDir = mkOption {
default = "/var/lib/mopidy";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The directory where Mopidy stores its state.
'';
};
@@ -40,7 +40,7 @@ in {
default = [];
type = types.listOf types.package;
example = literalExpression "[ pkgs.mopidy-spotify ]";
- description = ''
+ description = lib.mdDoc ''
Mopidy extensions that should be loaded by the service.
'';
};
@@ -48,7 +48,7 @@ in {
configuration = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
The configuration that Mopidy should use.
'';
};
@@ -56,7 +56,7 @@ in {
extraConfigFiles = mkOption {
default = [];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Extra config file read by Mopidy when the service starts.
Later files in the list overrides earlier configuration.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mpd.nix
index 11733d99fca..bbfccec98c4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mpd.nix
@@ -56,7 +56,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable MPD, the music player daemon.
'';
};
@@ -64,8 +64,8 @@ in {
startWhenNeeded = mkOption {
type = types.bool;
default = false;
- description = ''
- If set, mpd is socket-activated; that
+ description = lib.mdDoc ''
+ If set, {command}`mpd` is socket-activated; that
is, instead of having it permanently running as a daemon,
systemd will start it on the first incoming connection.
'';
@@ -75,7 +75,7 @@ in {
type = with types; either path (strMatching "(http|https|nfs|smb)://.+");
default = "${cfg.dataDir}/music";
defaultText = literalExpression ''"''${dataDir}/music"'';
- description = ''
+ description = lib.mdDoc ''
The directory or NFS/SMB network share where MPD reads music from. If left
as the default value this directory will automatically be created before
the MPD server starts, otherwise the sysadmin is responsible for ensuring
@@ -87,7 +87,7 @@ in {
type = types.path;
default = "${cfg.dataDir}/playlists";
defaultText = literalExpression ''"''${dataDir}/playlists"'';
- description = ''
+ description = lib.mdDoc ''
The directory where MPD stores playlists. If left as the default value
this directory will automatically be created before the MPD server starts,
otherwise the sysadmin is responsible for ensuring the directory exists
@@ -98,18 +98,18 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra directives added to to the end of MPD's configuration file,
mpd.conf. Basic configuration like file location and uid/gid
is added automatically to the beginning of the file. For available
- options see man 5 mpd.conf'.
+ options see `man 5 mpd.conf`'.
'';
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/${name}";
- description = ''
+ description = lib.mdDoc ''
The directory where MPD stores its state, tag cache, playlists etc. If
left as the default value this directory will automatically be created
before the MPD server starts, otherwise the sysadmin is responsible for
@@ -120,13 +120,13 @@ in {
user = mkOption {
type = types.str;
default = name;
- description = "User account under which MPD runs.";
+ description = lib.mdDoc "User account under which MPD runs.";
};
group = mkOption {
type = types.str;
default = name;
- description = "Group account under which MPD runs.";
+ description = lib.mdDoc "Group account under which MPD runs.";
};
network = {
@@ -135,16 +135,16 @@ in {
type = types.str;
default = "127.0.0.1";
example = "any";
- description = ''
+ description = lib.mdDoc ''
The address for the daemon to listen on.
- Use any to listen on all addresses.
+ Use `any` to listen on all addresses.
'';
};
port = mkOption {
type = types.int;
default = 6600;
- description = ''
+ description = lib.mdDoc ''
This setting is the TCP port that is desired for the daemon to get assigned
to.
'';
@@ -156,8 +156,8 @@ in {
type = types.nullOr types.str;
default = "${cfg.dataDir}/tag_cache";
defaultText = literalExpression ''"''${dataDir}/tag_cache"'';
- description = ''
- The path to MPD's database. If set to null the
+ description = lib.mdDoc ''
+ The path to MPD's database. If set to `null` the
parameter is omitted from the configuration.
'';
};
@@ -167,7 +167,7 @@ in {
options = {
passwordFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to file containing the password.
'';
};
@@ -176,14 +176,14 @@ in {
in mkOption {
type = types.listOf (types.enum perms);
default = [ "read" ];
- description = ''
+ description = lib.mdDoc ''
List of permissions that are granted with this password.
Permissions can be "${concatStringsSep "\", \"" perms}".
'';
};
};
});
- description = ''
+ description = lib.mdDoc ''
Credentials and permissions for accessing the mpd server.
'';
default = [];
@@ -196,7 +196,7 @@ in {
fluidsynth = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If set, add fluidsynth soundfont and configure the plugin.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mpdscribble.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mpdscribble.nix
index 333ffb70941..d829bc7ae0d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mpdscribble.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/mpdscribble.nix
@@ -82,7 +82,7 @@ in {
proxy = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
HTTP proxy URL.
'';
};
@@ -90,7 +90,7 @@ in {
verbose = mkOption {
default = 1;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Log level for the mpdscribble daemon.
'';
};
@@ -99,7 +99,7 @@ in {
default = 600;
example = 60;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
How often should mpdscribble save the journal file? [seconds]
'';
};
@@ -115,7 +115,7 @@ in {
else "localhost"
'';
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Host for the mpdscribble daemon to search for a mpd daemon on.
'';
};
@@ -133,9 +133,9 @@ in {
otherwise null.
'';
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
File containing the password for the mpd daemon.
- If there is a local mpd configured using
+ If there is a local mpd configured using {option}`services.mpd.credentials`
the default is automatically set to a matching passwordFile of the local mpd.
'';
};
@@ -144,7 +144,7 @@ in {
default = mpdCfg.network.port;
defaultText = literalExpression "config.${mpdOpt.network.port}";
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Port for the mpdscribble daemon to search for a mpd daemon on.
'';
};
@@ -157,18 +157,18 @@ in {
type = types.str;
default = endpointUrls.${name} or "";
description =
- "The url endpoint where the scrobble API is listening.";
+ lib.mdDoc "The url endpoint where the scrobble API is listening.";
};
username = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Username for the scrobble service.
'';
};
passwordFile = mkOption {
type = types.nullOr types.str;
description =
- "File containing the password, either as MD5SUM or cleartext.";
+ lib.mdDoc "File containing the password, either as MD5SUM or cleartext.";
};
};
};
@@ -180,7 +180,7 @@ in {
passwordFile = "/run/secrets/lastfm_password";
};
};
- description = ''
+ description = lib.mdDoc ''
Endpoints to scrobble to.
If the endpoint is one of "${
concatStringsSep "\", \"" (attrNames endpointUrls)
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/navidrome.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/navidrome.nix
index 319212c0207..a7c8953f510 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/navidrome.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/navidrome.nix
@@ -21,8 +21,8 @@ in {
example = {
MusicFolder = "/mnt/music";
};
- description = ''
- Configuration for Navidrome, see for supported values.
+ description = lib.mdDoc ''
+ Configuration for Navidrome, see for supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/roon-bridge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/roon-bridge.nix
index e08f8a4f9e7..9a9a6479efc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/roon-bridge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/roon-bridge.nix
@@ -12,21 +12,21 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the bridge.
'';
};
user = mkOption {
type = types.str;
default = "roon-bridge";
- description = ''
+ description = lib.mdDoc ''
User to run the Roon bridge as.
'';
};
group = mkOption {
type = types.str;
default = "roon-bridge";
- description = ''
+ description = lib.mdDoc ''
Group to run the Roon Bridge as.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/roon-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/roon-server.nix
index de1f61c8e73..535950f7565 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/roon-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/roon-server.nix
@@ -12,21 +12,21 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the server.
'';
};
user = mkOption {
type = types.str;
default = "roon-server";
- description = ''
+ description = lib.mdDoc ''
User to run the Roon Server as.
'';
};
group = mkOption {
type = types.str;
default = "roon-server";
- description = ''
+ description = lib.mdDoc ''
Group to run the Roon Server as.
'';
};
@@ -53,10 +53,12 @@ in {
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPortRanges = [
{ from = 9100; to = 9200; }
- { from = 9330; to = 9332; }
+ { from = 9330; to = 9339; }
+ { from = 30000; to = 30010; }
];
allowedUDPPorts = [ 9003 ];
extraCommands = ''
+ ## IGMP / Broadcast ##
iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -s 240.0.0.0/5 -j ACCEPT
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/slimserver.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/slimserver.nix
index ecd26528499..9fbc68b7136 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/slimserver.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/slimserver.nix
@@ -14,7 +14,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable slimserver.
'';
};
@@ -23,13 +23,13 @@ in {
type = types.package;
default = pkgs.slimserver;
defaultText = literalExpression "pkgs.slimserver";
- description = "Slimserver package to use.";
+ description = lib.mdDoc "Slimserver package to use.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/slimserver";
- description = ''
+ description = lib.mdDoc ''
The directory where slimserver stores its state, tag cache,
playlists etc.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/snapserver.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/snapserver.nix
index 91d97a0b551..fdc1f605bb3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/snapserver.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/snapserver.nix
@@ -12,7 +12,7 @@ let
sampleFormat = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Default sample format.
'';
example = "48000:16:2";
@@ -21,7 +21,7 @@ let
codec = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Default audio compression method.
'';
example = "flac";
@@ -77,7 +77,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable snapserver.
'';
};
@@ -86,7 +86,7 @@ in {
type = types.str;
default = "::";
example = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
The address where snapclients can connect.
'';
};
@@ -94,7 +94,7 @@ in {
port = mkOption {
type = types.port;
default = 1704;
- description = ''
+ description = lib.mdDoc ''
The port that snapclients can connect to.
'';
};
@@ -104,7 +104,7 @@ in {
# Make the behavior consistent with other services. Set the default to
# false and remove the accompanying warning after NixOS 22.05 is released.
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically open the specified ports in the firewall.
'';
};
@@ -115,7 +115,7 @@ in {
streamBuffer = mkOption {
type = with types; nullOr int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Stream read (input) buffer in ms.
'';
example = 20;
@@ -124,7 +124,7 @@ in {
buffer = mkOption {
type = with types; nullOr int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Network buffer in ms.
'';
example = 1000;
@@ -133,7 +133,7 @@ in {
sendToMuted = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Send audio to muted clients.
'';
};
@@ -141,7 +141,7 @@ in {
tcp.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the JSON-RPC via TCP.
'';
};
@@ -150,7 +150,7 @@ in {
type = types.str;
default = "::";
example = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
The address where the TCP JSON-RPC listens on.
'';
};
@@ -158,7 +158,7 @@ in {
tcp.port = mkOption {
type = types.port;
default = 1705;
- description = ''
+ description = lib.mdDoc ''
The port where the TCP JSON-RPC listens on.
'';
};
@@ -166,7 +166,7 @@ in {
http.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the JSON-RPC via HTTP.
'';
};
@@ -175,7 +175,7 @@ in {
type = types.str;
default = "::";
example = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
The address where the HTTP JSON-RPC listens on.
'';
};
@@ -183,7 +183,7 @@ in {
http.port = mkOption {
type = types.port;
default = 1780;
- description = ''
+ description = lib.mdDoc ''
The port where the HTTP JSON-RPC listens on.
'';
};
@@ -191,7 +191,7 @@ in {
http.docRoot = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to serve from the HTTP servers root.
'';
};
@@ -201,12 +201,12 @@ in {
options = {
location = mkOption {
type = types.oneOf [ types.path types.str ];
- description = ''
- For type pipe or file, the path to the pipe or file.
- For type librespot, airplay or process, the path to the corresponding binary.
- For type tcp, the host:port address to connect to or listen on.
- For type meta, a list of stream names in the form /one/two/.... Don't forget the leading slash.
- For type alsa, use an empty string.
+ description = lib.mdDoc ''
+ For type `pipe` or `file`, the path to the pipe or file.
+ For type `librespot`, `airplay` or `process`, the path to the corresponding binary.
+ For type `tcp`, the `host:port` address to connect to or listen on.
+ For type `meta`, a list of stream names in the form `/one/two/...`. Don't forget the leading slash.
+ For type `alsa`, use an empty string.
'';
example = literalExpression ''
"/path/to/pipe"
@@ -218,14 +218,14 @@ in {
type = mkOption {
type = types.enum [ "pipe" "librespot" "airplay" "file" "process" "tcp" "alsa" "spotify" "meta" ];
default = "pipe";
- description = ''
+ description = lib.mdDoc ''
The type of input stream.
'';
};
query = mkOption {
type = attrsOf str;
default = {};
- description = ''
+ description = lib.mdDoc ''
Key-value pairs that convey additional parameters about a stream.
'';
example = literalExpression ''
@@ -253,7 +253,7 @@ in {
};
});
default = { default = {}; };
- description = ''
+ description = lib.mdDoc ''
The definition for an input source.
'';
example = literalExpression ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/spotifyd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/spotifyd.nix
index 22848ed9800..87ee083e74b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/spotifyd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/spotifyd.nix
@@ -22,9 +22,9 @@ in
config = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
(Deprecated) Configuration for Spotifyd. For syntax and directives, see
- .
+ .
'';
};
@@ -32,9 +32,9 @@ in
default = {};
type = toml.type;
example = { global.bitrate = 320; };
- description = ''
+ description = lib.mdDoc ''
Configuration for Spotifyd. For syntax and directives, see
- .
+ .
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/squeezelite.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/squeezelite.nix
index 36295e21c60..767eeda177f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/squeezelite.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/squeezelite.nix
@@ -21,7 +21,7 @@ in
extraArguments = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Additional command line arguments to pass to Squeezelite.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/ympd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/ympd.nix
index 84b72d14251..98522f25423 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/ympd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/audio/ympd.nix
@@ -17,7 +17,7 @@ in {
webPort = mkOption {
type = types.either types.str types.port; # string for backwards compat
default = "8080";
- description = "The port where ympd's web interface will be available.";
+ description = lib.mdDoc "The port where ympd's web interface will be available.";
example = "ssl://8080:/path/to/ssl-private-key.pem";
};
@@ -25,14 +25,14 @@ in {
host = mkOption {
type = types.str;
default = "localhost";
- description = "The host where MPD is listening.";
+ description = lib.mdDoc "The host where MPD is listening.";
};
port = mkOption {
type = types.int;
default = config.services.mpd.network.port;
defaultText = literalExpression "config.services.mpd.network.port";
- description = "The port where MPD is listening.";
+ description = lib.mdDoc "The port where MPD is listening.";
example = 6600;
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/automysqlbackup.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/automysqlbackup.nix
index cf0cb4da32c..194b49da539 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/automysqlbackup.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/automysqlbackup.nix
@@ -35,7 +35,7 @@ in
calendar = mkOption {
type = types.str;
default = "01:15:00";
- description = ''
+ description = lib.mdDoc ''
Configured when to run the backup service systemd unit (DayOfWeek Year-Month-Day Hour:Minute:Second).
'';
};
@@ -43,9 +43,9 @@ in
config = mkOption {
type = with types; attrsOf (oneOf [ str int bool (listOf str) ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
automysqlbackup configuration. Refer to
- ''${pkgs.automysqlbackup}/etc/automysqlbackup.conf
+ {file}`''${pkgs.automysqlbackup}/etc/automysqlbackup.conf`
for details on supported values.
'';
example = literalExpression ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/bacula.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/bacula.nix
index 59890204234..cb8a6eb4390 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/bacula.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/bacula.nix
@@ -114,7 +114,7 @@ let
password = mkOption {
type = types.str;
# TODO: required?
- description = ''
+ description = lib.mdDoc ''
Specifies the password that must be supplied for the default Bacula
Console to be authorized. The same password must appear in the
Director resource of the Console configuration file. For added
@@ -135,10 +135,10 @@ let
type = types.enum [ "no" "yes" ];
default = "no";
example = "yes";
- description = ''
- If Monitor is set to no, this director will have
+ description = lib.mdDoc ''
+ If Monitor is set to `no`, this director will have
full access to this Storage daemon. If Monitor is set to
- yes, this director will only be able to fetch the
+ `yes`, this director will only be able to fetch the
current status of this Storage daemon.
Please note that if this director is being used by a Monitor, we
@@ -154,15 +154,15 @@ let
options = {
changerDevice = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The specified name-string must be the generic SCSI device name of the
autochanger that corresponds to the normal read/write Archive Device
specified in the Device resource. This generic SCSI device name
should be specified if you have an autochanger or if you have a
standard tape drive and want to use the Alert Command (see below).
For example, on Linux systems, for an Archive Device name of
- /dev/nst0, you would specify
- /dev/sg0 for the Changer Device name. Depending
+ `/dev/nst0`, you would specify
+ `/dev/sg0` for the Changer Device name. Depending
on your exact configuration, and the number of autochangers or the
type of autochanger, what you specify here can vary. This directive
is optional. See the Using AutochangersAutochangersChapter chapter of
@@ -173,7 +173,7 @@ let
changerCommand = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The name-string specifies an external program to be called that will
automatically change volumes as required by Bacula. Normally, this
directive will be specified only in the AutoChanger resource, which
@@ -181,7 +181,7 @@ let
different Changer Command in each Device resource. Most frequently,
you will specify the Bacula supplied mtx-changer script as follows:
- "/path/mtx-changer %c %o %S %a %d"
+ `"/path/mtx-changer %c %o %S %a %d"`
and you will install the mtx on your system (found in the depkgs
release). An example of this command is in the default bacula-sd.conf
@@ -202,7 +202,7 @@ let
extraAutochangerConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be passed in Autochanger directive.
'';
example = ''
@@ -219,13 +219,13 @@ let
archiveDevice = mkOption {
# TODO: required?
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The specified name-string gives the system file name of the storage
device managed by this storage daemon. This will usually be the
device file name of a removable storage device (tape drive), for
- example /dev/nst0 or
- /dev/rmt/0mbn. For a DVD-writer, it will be for
- example /dev/hdc. It may also be a directory name
+ example `/dev/nst0` or
+ `/dev/rmt/0mbn`. For a DVD-writer, it will be for
+ example `/dev/hdc`. It may also be a directory name
if you are archiving to disk storage. In this case, you must supply
the full absolute path to the directory. When specifying a tape
device, it is preferable that the "non-rewind" variant of the device
@@ -236,9 +236,9 @@ let
mediaType = mkOption {
# TODO: required?
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The specified name-string names the type of media supported by this
- device, for example, DLT7000. Media type names are
+ device, for example, `DLT7000`. Media type names are
arbitrary in that you set them to anything you want, but they must be
known to the volume database to keep track of which storage daemons
can read which volumes. In general, each different storage type
@@ -255,9 +255,9 @@ let
Storage daemon, but it is with multiple Storage daemons, especially
if they have incompatible media.
- For example, if you specify a Media Type of DDS-4
+ For example, if you specify a Media Type of `DDS-4`
then during the restore, Bacula will be able to choose any Storage
- Daemon that handles DDS-4. If you have an
+ Daemon that handles `DDS-4`. If you have an
autochanger, you might want to name the Media Type in a way that is
unique to the autochanger, unless you wish to possibly use the
Volumes in other drives. You should also ensure to have unique Media
@@ -274,7 +274,7 @@ let
extraDeviceConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be passed in Device directive.
'';
example = ''
@@ -295,7 +295,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Bacula File Daemon.
'';
};
@@ -304,7 +304,7 @@ in {
default = "${config.networking.hostName}-fd";
defaultText = literalExpression ''"''${config.networking.hostName}-fd"'';
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The client name that must be used by the Director when connecting.
Generally, it is a good idea to use a name related to the machine so
that error messages can be easily identified if you have multiple
@@ -315,7 +315,7 @@ in {
port = mkOption {
default = 9102;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
This specifies the port number on which the Client listens for
Director connections. It must agree with the FDPort specified in
the Client resource of the Director's configuration file.
@@ -324,7 +324,7 @@ in {
director = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
This option defines director resources in Bacula File Daemon.
'';
type = with types; attrsOf (submodule directorOptions);
@@ -333,7 +333,7 @@ in {
extraClientConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be passed in Client directive.
'';
example = ''
@@ -345,7 +345,7 @@ in {
extraMessagesConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be passed in Messages directive.
'';
example = ''
@@ -358,7 +358,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Bacula Storage Daemon.
'';
};
@@ -367,7 +367,7 @@ in {
default = "${config.networking.hostName}-sd";
defaultText = literalExpression ''"''${config.networking.hostName}-sd"'';
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the Name of the Storage daemon.
'';
};
@@ -375,7 +375,7 @@ in {
port = mkOption {
default = 9103;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Specifies port number on which the Storage daemon listens for
Director connections.
'';
@@ -383,7 +383,7 @@ in {
director = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
This option defines Director resources in Bacula Storage Daemon.
'';
type = with types; attrsOf (submodule directorOptions);
@@ -391,7 +391,7 @@ in {
device = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
This option defines Device resources in Bacula Storage Daemon.
'';
type = with types; attrsOf (submodule deviceOptions);
@@ -399,7 +399,7 @@ in {
autochanger = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
This option defines Autochanger resources in Bacula Storage Daemon.
'';
type = with types; attrsOf (submodule autochangerOptions);
@@ -408,7 +408,7 @@ in {
extraStorageConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be passed in Storage directive.
'';
example = ''
@@ -420,7 +420,7 @@ in {
extraMessagesConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be passed in Messages directive.
'';
example = ''
@@ -434,7 +434,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Bacula Director Daemon.
'';
};
@@ -443,7 +443,7 @@ in {
default = "${config.networking.hostName}-dir";
defaultText = literalExpression ''"''${config.networking.hostName}-dir"'';
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The director name used by the system administrator. This directive is
required.
'';
@@ -452,7 +452,7 @@ in {
port = mkOption {
default = 9101;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Specify the port (a positive integer) on which the Director daemon
will listen for Bacula Console connections. This same port number
must be specified in the Director resource of the Console
@@ -465,7 +465,7 @@ in {
password = mkOption {
# TODO: required?
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the password that must be supplied for a Director.
'';
};
@@ -473,7 +473,7 @@ in {
extraMessagesConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be passed in Messages directive.
'';
example = ''
@@ -484,7 +484,7 @@ in {
extraDirectorConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be passed in Director directive.
'';
example = ''
@@ -496,7 +496,7 @@ in {
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration for Bacula Director Daemon.
'';
example = ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/borgbackup.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/borgbackup.nix
index 4c9ddfe4674..147b827497c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/borgbackup.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/borgbackup.nix
@@ -219,7 +219,7 @@ in {
###### interface
options.services.borgbackup.jobs = mkOption {
- description = ''
+ description = lib.mdDoc ''
Deduplicating backups using BorgBackup.
Adding a job will cause a borg-job-NAME wrapper to be added
to your system path, so that you can perform maintenance easily.
@@ -265,9 +265,9 @@ in {
paths = mkOption {
type = with types; nullOr (coercedTo str lib.singleton (listOf str));
default = null;
- description = ''
+ description = lib.mdDoc ''
Path(s) to back up.
- Mutually exclusive with .
+ Mutually exclusive with {option}`dumpCommand`.
'';
example = "/home/user";
};
@@ -275,42 +275,42 @@ in {
dumpCommand = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Backup the stdout of this program instead of filesystem paths.
- Mutually exclusive with .
+ Mutually exclusive with {option}`paths`.
'';
example = "/path/to/createZFSsend.sh";
};
repo = mkOption {
type = types.str;
- description = "Remote or local repository to back up to.";
+ description = lib.mdDoc "Remote or local repository to back up to.";
example = "user@machine:/path/to/repo";
};
removableDevice = mkOption {
type = types.bool;
default = false;
- description = "Whether the repo (which must be local) is a removable device.";
+ description = lib.mdDoc "Whether the repo (which must be local) is a removable device.";
};
archiveBaseName = mkOption {
type = types.nullOr (types.strMatching "[^/{}]+");
default = "${globalConfig.networking.hostName}-${name}";
defaultText = literalExpression ''"''${config.networking.hostName}-"'';
- description = ''
+ description = lib.mdDoc ''
How to name the created archives. A timestamp, whose format is
- determined by , will be appended. The full
- name can be modified at runtime ($archiveName).
- Placeholders like {hostname} must not be used.
- Use null for no base name.
+ determined by {option}`dateFormat`, will be appended. The full
+ name can be modified at runtime (`$archiveName`).
+ Placeholders like `{hostname}` must not be used.
+ Use `null` for no base name.
'';
};
dateFormat = mkOption {
type = types.str;
- description = ''
- Arguments passed to date
+ description = lib.mdDoc ''
+ Arguments passed to {command}`date`
to create a timestamp suffix for the archive name.
'';
default = "+%Y-%m-%dT%H:%M:%S";
@@ -347,19 +347,19 @@ in {
user = mkOption {
type = types.str;
- description = ''
- The user borg is run as.
+ description = lib.mdDoc ''
+ The user {command}`borg` is run as.
User or group need read permission
- for the specified .
+ for the specified {option}`paths`.
'';
default = "root";
};
group = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The group borg is run as. User or group needs read permission
- for the specified .
+ for the specified {option}`paths`.
'';
default = "root";
};
@@ -371,20 +371,20 @@ in {
"authenticated" "authenticated-blake2"
"none"
];
- description = ''
+ description = lib.mdDoc ''
Encryption mode to use. Setting a mode
- other than "none" requires
- you to specify a
- or a .
+ other than `"none"` requires
+ you to specify a {option}`passCommand`
+ or a {option}`passphrase`.
'';
example = "repokey-blake2";
};
encryption.passCommand = mkOption {
type = with types; nullOr str;
- description = ''
+ description = lib.mdDoc ''
A command which prints the passphrase to stdout.
- Mutually exclusive with .
+ Mutually exclusive with {option}`passphrase`.
'';
default = null;
example = "cat /path/to/passphrase_file";
@@ -392,11 +392,11 @@ in {
encryption.passphrase = mkOption {
type = with types; nullOr str;
- description = ''
+ description = lib.mdDoc ''
The passphrase the backups are encrypted with.
- Mutually exclusive with .
+ Mutually exclusive with {option}`passCommand`.
If you do not want the passphrase to be stored in the
- world-readable Nix store, use .
+ world-readable Nix store, use {option}`passCommand`.
'';
default = null;
};
@@ -406,9 +406,9 @@ in {
# compression mode must be given,
# compression level is optional
type = types.strMatching "none|(auto,)?(lz4|zstd|zlib|lzma)(,[[:digit:]]{1,2})?";
- description = ''
+ description = lib.mdDoc ''
Compression method to use. Refer to
- borg help compression
+ {command}`borg help compression`
for all available options.
'';
default = "lz4";
@@ -417,9 +417,9 @@ in {
exclude = mkOption {
type = with types; listOf str;
- description = ''
+ description = lib.mdDoc ''
Exclude paths matching any of the given patterns. See
- borg help patterns for pattern syntax.
+ {command}`borg help patterns` for pattern syntax.
'';
default = [ ];
example = [
@@ -430,9 +430,9 @@ in {
readWritePaths = mkOption {
type = with types; listOf path;
- description = ''
+ description = lib.mdDoc ''
By default, borg cannot write anywhere on the system but
- $HOME/.config/borg and $HOME/.cache/borg.
+ `$HOME/.config/borg` and `$HOME/.cache/borg`.
If, for example, your preHook script needs to dump files
somewhere, put those directories here.
'';
@@ -444,8 +444,8 @@ in {
privateTmp = mkOption {
type = types.bool;
- description = ''
- Set the PrivateTmp option for
+ description = lib.mdDoc ''
+ Set the `PrivateTmp` option for
the systemd-service. Set to false if you need sockets
or other files from global /tmp.
'';
@@ -454,10 +454,10 @@ in {
doInit = mkOption {
type = types.bool;
- description = ''
- Run borg init if the
- specified does not exist.
- You should set this to false
+ description = lib.mdDoc ''
+ Run {command}`borg init` if the
+ specified {option}`repo` does not exist.
+ You should set this to `false`
if the repository is located on an external drive
that might not always be mounted.
'';
@@ -466,10 +466,10 @@ in {
appendFailedSuffix = mkOption {
type = types.bool;
- description = ''
- Append a .failed suffix
+ description = lib.mdDoc ''
+ Append a `.failed` suffix
to the archive name, which is only removed if
- borg create has a zero exit status.
+ {command}`borg create` has a zero exit status.
'';
default = true;
};
@@ -479,9 +479,9 @@ in {
# means there is no limit of yearly archives to keep
# The regex is for use with e.g. --keep-within 1y
type = with types; attrsOf (either int (strMatching "[[:digit:]]+[Hdwmy]"));
- description = ''
+ description = lib.mdDoc ''
Prune a repository by deleting all archives not matching any of the
- specified retention options. See borg help prune
+ specified retention options. See {command}`borg help prune`
for the available options.
'';
default = { };
@@ -497,10 +497,10 @@ in {
prune.prefix = mkOption {
type = types.nullOr (types.str);
- description = ''
+ description = lib.mdDoc ''
Only consider archive names starting with this prefix for pruning.
By default, only archives created by this job are considered.
- Use "" or null to consider all archives.
+ Use `""` or `null` to consider all archives.
'';
default = config.archiveBaseName;
defaultText = literalExpression "archiveBaseName";
@@ -508,7 +508,7 @@ in {
environment = mkOption {
type = with types; attrsOf str;
- description = ''
+ description = lib.mdDoc ''
Environment variables passed to the backup script.
You can for example specify which SSH key to use.
'';
@@ -518,7 +518,7 @@ in {
preHook = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to run before the backup.
This can for example be used to mount file systems.
'';
@@ -531,43 +531,43 @@ in {
postInit = mkOption {
type = types.lines;
- description = ''
- Shell commands to run after borg init.
+ description = lib.mdDoc ''
+ Shell commands to run after {command}`borg init`.
'';
default = "";
};
postCreate = mkOption {
type = types.lines;
- description = ''
- Shell commands to run after borg create. The name
- of the created archive is stored in $archiveName.
+ description = lib.mdDoc ''
+ Shell commands to run after {command}`borg create`. The name
+ of the created archive is stored in `$archiveName`.
'';
default = "";
};
postPrune = mkOption {
type = types.lines;
- description = ''
- Shell commands to run after borg prune.
+ description = lib.mdDoc ''
+ Shell commands to run after {command}`borg prune`.
'';
default = "";
};
postHook = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to run just before exit. They are executed
even if a previous command exits with a non-zero exit code.
- The latter is available as $exitStatus.
+ The latter is available as `$exitStatus`.
'';
default = "";
};
extraArgs = mkOption {
type = types.str;
- description = ''
- Additional arguments for all borg calls the
+ description = lib.mdDoc ''
+ Additional arguments for all {command}`borg` calls the
service has. Handle with care.
'';
default = "";
@@ -576,9 +576,9 @@ in {
extraInitArgs = mkOption {
type = types.str;
- description = ''
- Additional arguments for borg init.
- Can also be set at runtime using $extraInitArgs.
+ description = lib.mdDoc ''
+ Additional arguments for {command}`borg init`.
+ Can also be set at runtime using `$extraInitArgs`.
'';
default = "";
example = "--append-only";
@@ -586,9 +586,9 @@ in {
extraCreateArgs = mkOption {
type = types.str;
- description = ''
- Additional arguments for borg create.
- Can also be set at runtime using $extraCreateArgs.
+ description = lib.mdDoc ''
+ Additional arguments for {command}`borg create`.
+ Can also be set at runtime using `$extraCreateArgs`.
'';
default = "";
example = "--stats --checkpoint-interval 600";
@@ -596,9 +596,9 @@ in {
extraPruneArgs = mkOption {
type = types.str;
- description = ''
- Additional arguments for borg prune.
- Can also be set at runtime using $extraPruneArgs.
+ description = lib.mdDoc ''
+ Additional arguments for {command}`borg prune`.
+ Can also be set at runtime using `$extraPruneArgs`.
'';
default = "";
example = "--save-space";
@@ -610,12 +610,12 @@ in {
};
options.services.borgbackup.repos = mkOption {
- description = ''
+ description = lib.mdDoc ''
Serve BorgBackup repositories to given public SSH keys,
restricting their access to the repository only.
See also the chapter about BorgBackup in the NixOS manual.
Also, clients do not need to specify the absolute path when accessing the repository,
- i.e. user@machine:. is enough. (Note colon and dot.)
+ i.e. `user@machine:.` is enough. (Note colon and dot.)
'';
default = { };
type = types.attrsOf (types.submodule (
@@ -623,7 +623,7 @@ in {
options = {
path = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Where to store the backups. Note that the directory
is created automatically, with correct permissions.
'';
@@ -632,30 +632,30 @@ in {
user = mkOption {
type = types.str;
- description = ''
- The user borg serve is run as.
+ description = lib.mdDoc ''
+ The user {command}`borg serve` is run as.
User or group needs write permission
- for the specified .
+ for the specified {option}`path`.
'';
default = "borg";
};
group = mkOption {
type = types.str;
- description = ''
- The group borg serve is run as.
+ description = lib.mdDoc ''
+ The group {command}`borg serve` is run as.
User or group needs write permission
- for the specified .
+ for the specified {option}`path`.
'';
default = "borg";
};
authorizedKeys = mkOption {
type = with types; listOf str;
- description = ''
+ description = lib.mdDoc ''
Public SSH keys that are given full write access to this repository.
You should use a different SSH key for each repository you write to, because
- the specified keys are restricted to running borg serve
+ the specified keys are restricted to running {command}`borg serve`
and can only access this single repository.
'';
default = [ ];
@@ -663,7 +663,7 @@ in {
authorizedKeysAppendOnly = mkOption {
type = with types; listOf str;
- description = ''
+ description = lib.mdDoc ''
Public SSH keys that can only be used to append new data (archives) to the repository.
Note that archives can still be marked as deleted and are subsequently removed from disk
upon accessing the repo with full write access, e.g. when pruning.
@@ -673,11 +673,11 @@ in {
allowSubRepos = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Allow clients to create repositories in subdirectories of the
- specified . These can be accessed using
- user@machine:path/to/subrepo. Note that a
- applies to repositories independently.
+ specified {option}`path`. These can be accessed using
+ `user@machine:path/to/subrepo`. Note that a
+ {option}`quota` applies to repositories independently.
Therefore, if this is enabled, clients can create multiple
repositories and upload an arbitrary amount of data.
'';
@@ -687,9 +687,9 @@ in {
quota = mkOption {
# See the definition of parse_file_size() in src/borg/helpers/parseformat.py
type = with types; nullOr (strMatching "[[:digit:].]+[KMGTP]?");
- description = ''
+ description = lib.mdDoc ''
Storage quota for the repository. This quota is ensured for all
- sub-repositories if is enabled
+ sub-repositories if {option}`allowSubRepos` is enabled
but not for the overall storage space used.
'';
default = null;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/borgmatic.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/borgmatic.nix
index 9414d78aa75..7236a1f1941 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/borgmatic.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/borgmatic.nix
@@ -11,7 +11,7 @@ in {
enable = mkEnableOption "borgmatic";
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
See https://torsion.org/borgmatic/docs/reference/configuration/
'';
type = types.submodule {
@@ -19,7 +19,7 @@ in {
options.location = {
source_directories = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of source directories to backup (required). Globs and
tildes are expanded.
'';
@@ -27,7 +27,7 @@ in {
};
repositories = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Paths to local or remote repositories (required). Tildes are
expanded. Multiple repositories are backed up to in
sequence. Borg placeholders can be used. See the output of
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/btrbk.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/btrbk.nix
index e17761ffc3c..f1d58f597c2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/btrbk.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/btrbk.nix
@@ -74,23 +74,23 @@ in
options = {
services.btrbk = {
extraPackages = mkOption {
- description = "Extra packages for btrbk, like compression utilities for stream_compress";
+ description = lib.mdDoc "Extra packages for btrbk, like compression utilities for `stream_compress`";
type = types.listOf types.package;
default = [ ];
example = literalExpression "[ pkgs.xz ]";
};
niceness = mkOption {
- description = "Niceness for local instances of btrbk. Also applies to remote ones connecting via ssh when positive.";
+ description = lib.mdDoc "Niceness for local instances of btrbk. Also applies to remote ones connecting via ssh when positive.";
type = types.ints.between (-20) 19;
default = 10;
};
ioSchedulingClass = mkOption {
- description = "IO scheduling class for btrbk (see ionice(1) for a quick description). Applies to local instances, and remote ones connecting by ssh if set to idle.";
+ description = lib.mdDoc "IO scheduling class for btrbk (see ionice(1) for a quick description). Applies to local instances, and remote ones connecting by ssh if set to idle.";
type = types.enum [ "idle" "best-effort" "realtime" ];
default = "best-effort";
};
instances = mkOption {
- description = "Set of btrbk instances. The instance named btrbk is the default one.";
+ description = lib.mdDoc "Set of btrbk instances. The instance named `btrbk` is the default one.";
type = with types;
attrsOf (
submodule {
@@ -98,7 +98,7 @@ in
onCalendar = mkOption {
type = types.nullOr types.str;
default = "daily";
- description = ''
+ description = lib.mdDoc ''
How often this btrbk instance is started. See systemd.time(7) for more information about the format.
Setting it to null disables the timer, thus this instance can only be started manually.
'';
@@ -119,7 +119,7 @@ in
};
};
};
- description = "configuration options for btrbk. Nested attrsets translate to subsections.";
+ description = lib.mdDoc "configuration options for btrbk. Nested attrsets translate to subsections.";
};
};
}
@@ -127,18 +127,18 @@ in
default = { };
};
sshAccess = mkOption {
- description = "SSH keys that should be able to make or push snapshots on this system remotely with btrbk";
+ description = lib.mdDoc "SSH keys that should be able to make or push snapshots on this system remotely with btrbk";
type = with types; listOf (
submodule {
options = {
key = mkOption {
type = str;
- description = "SSH public key allowed to login as user btrbk to run remote backups.";
+ description = lib.mdDoc "SSH public key allowed to login as user `btrbk` to run remote backups.";
};
roles = mkOption {
type = listOf (enum [ "info" "source" "target" "delete" "snapshot" "send" "receive" ]);
example = [ "source" "info" "send" ];
- description = "What actions can be performed with this SSH key. See ssh_filter_btrbk(1) for details";
+ description = lib.mdDoc "What actions can be performed with this SSH key. See ssh_filter_btrbk(1) for details";
};
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/duplicati.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/duplicati.nix
index 97864c44691..8da29a04c82 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/duplicati.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/duplicati.nix
@@ -13,7 +13,7 @@ in
port = mkOption {
default = 8200;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Port serving the web interface
'';
};
@@ -35,7 +35,7 @@ in
interface = mkOption {
default = "127.0.0.1";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Listening interface for the web UI
Set it to "any" to listen on all available interfaces
'';
@@ -44,7 +44,7 @@ in
user = mkOption {
default = "duplicati";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Duplicati runs as it's own user. It will only be able to backup world-readable files.
Run as root with special care.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/duplicity.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/duplicity.nix
index 6949fa8b995..8c410595556 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/duplicity.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/duplicity.nix
@@ -18,7 +18,7 @@ in
root = mkOption {
type = types.path;
default = "/";
- description = ''
+ description = lib.mdDoc ''
Root directory to backup.
'';
};
@@ -96,10 +96,10 @@ in
type = types.str;
default = "never";
example = "1M";
- description = ''
- If "never" (the default) always do incremental
+ description = lib.mdDoc ''
+ If `"never"` (the default) always do incremental
backups (the first backup will be a full backup, of course). If
- "always" always do full backups. Otherwise, this
+ `"always"` always do full backups. Otherwise, this
must be a string representing a duration. Full backups will be made
when the latest full backup is older than this duration. If this is not
the case, an incremental backup is performed.
@@ -111,7 +111,7 @@ in
type = types.nullOr types.str;
default = null;
example = "6M";
- description = ''
+ description = lib.mdDoc ''
If non-null, delete all backup sets older than the given time. Old backup sets
will not be deleted if backup sets newer than time depend on them.
'';
@@ -120,7 +120,7 @@ in
type = types.nullOr types.int;
default = null;
example = 2;
- description = ''
+ description = lib.mdDoc ''
If non-null, delete all backups sets that are older than the count:th last full
backup (in other words, keep the last count full backups and
associated incremental sets).
@@ -130,7 +130,7 @@ in
type = types.nullOr types.int;
default = null;
example = 1;
- description = ''
+ description = lib.mdDoc ''
If non-null, delete incremental sets of all backups sets that are
older than the count:th last full backup (in other words, keep only
old full backups and not their increments).
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/mysql-backup.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/mysql-backup.nix
index c40a0b5abc4..41adb63e7fa 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/mysql-backup.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/mysql-backup.nix
@@ -42,7 +42,7 @@ in
calendar = mkOption {
type = types.str;
default = "01:15:00";
- description = ''
+ description = lib.mdDoc ''
Configured when to run the backup service systemd unit (DayOfWeek Year-Month-Day Hour:Minute:Second).
'';
};
@@ -50,7 +50,7 @@ in
user = mkOption {
type = types.str;
default = defaultUser;
- description = ''
+ description = lib.mdDoc ''
User to be used to perform backup.
'';
};
@@ -58,7 +58,7 @@ in
databases = mkOption {
default = [];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of database names to dump.
'';
};
@@ -66,7 +66,7 @@ in
location = mkOption {
type = types.path;
default = "/var/backup/mysql";
- description = ''
+ description = lib.mdDoc ''
Location to put the gzipped MySQL database dumps.
'';
};
@@ -74,7 +74,7 @@ in
singleTransaction = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to create database dump in a single transaction
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/postgresql-backup.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/postgresql-backup.nix
index 562458eb457..744ccb98e2c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/postgresql-backup.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/postgresql-backup.nix
@@ -17,8 +17,8 @@ let
compressCmd = getAttr cfg.compression {
"none" = "cat";
- "gzip" = "${pkgs.gzip}/bin/gzip -c";
- "zstd" = "${pkgs.zstd}/bin/zstd -c";
+ "gzip" = "${pkgs.gzip}/bin/gzip -c -${toString cfg.compressionLevel}";
+ "zstd" = "${pkgs.zstd}/bin/zstd -c -${toString cfg.compressionLevel}";
};
mkSqlPath = prefix: suffix: "${cfg.location}/${db}${prefix}.sql${suffix}";
@@ -76,8 +76,8 @@ in {
startAt = mkOption {
default = "*-*-* 01:15:00";
type = with types; either (listOf str) str;
- description = ''
- This option defines (see systemd.time for format) when the
+ description = lib.mdDoc ''
+ This option defines (see `systemd.time` for format) when the
databases should be dumped.
The default is to update at 01:15 (at night) every day.
'';
@@ -87,10 +87,10 @@ in {
default = cfg.databases == [];
defaultText = literalExpression "services.postgresqlBackup.databases == []";
type = lib.types.bool;
- description = ''
+ description = lib.mdDoc ''
Backup all databases using pg_dumpall.
This option is mutual exclusive to
- services.postgresqlBackup.databases.
+ `services.postgresqlBackup.databases`.
The resulting backup dump will have the name all.sql.gz.
This option is the default if no databases are specified.
'';
@@ -99,7 +99,7 @@ in {
databases = mkOption {
default = [];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of database names to dump.
'';
};
@@ -107,7 +107,7 @@ in {
location = mkOption {
default = "/var/backup/postgresql";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path of directory where the PostgreSQL database dumps will be placed.
'';
};
@@ -115,9 +115,9 @@ in {
pgdumpOptions = mkOption {
type = types.separatedString " ";
default = "-C";
- description = ''
+ description = lib.mdDoc ''
Command line options for pg_dump. This options is not used
- if config.services.postgresqlBackup.backupAll is enabled.
+ if `config.services.postgresqlBackup.backupAll` is enabled.
Note that config.services.postgresqlBackup.backupAll is also active,
when no databases where specified.
'';
@@ -126,20 +126,37 @@ in {
compression = mkOption {
type = types.enum ["none" "gzip" "zstd"];
default = "gzip";
- description = ''
+ description = lib.mdDoc ''
The type of compression to use on the generated database dump.
'';
};
+
+ compressionLevel = mkOption {
+ type = types.ints.between 1 19;
+ default = 6;
+ description = lib.mdDoc ''
+ The compression level used when compression is enabled.
+ gzip accepts levels 1 to 9. zstd accepts levels 1 to 19.
+ '';
+ };
};
};
config = mkMerge [
{
- assertions = [{
- assertion = cfg.backupAll -> cfg.databases == [];
- message = "config.services.postgresqlBackup.backupAll cannot be used together with config.services.postgresqlBackup.databases";
- }];
+ assertions = [
+ {
+ assertion = cfg.backupAll -> cfg.databases == [];
+ message = "config.services.postgresqlBackup.backupAll cannot be used together with config.services.postgresqlBackup.databases";
+ }
+ {
+ assertion = cfg.compression == "none" ||
+ (cfg.compression == "gzip" && cfg.compressionLevel >= 1 && cfg.compressionLevel <= 9) ||
+ (cfg.compression == "zstd" && cfg.compressionLevel >= 1 && cfg.compressionLevel <= 19);
+ message = "config.services.postgresqlBackup.compressionLevel must be set between 1 and 9 for gzip and 1 and 19 for zstd";
+ }
+ ];
}
(mkIf cfg.enable {
systemd.tmpfiles.rules = [
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/postgresql-wal-receiver.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/postgresql-wal-receiver.nix
index 32643adfdae..01fd57f5c50 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/postgresql-wal-receiver.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/postgresql-wal-receiver.nix
@@ -8,7 +8,7 @@ let
postgresqlPackage = mkOption {
type = types.package;
example = literalExpression "pkgs.postgresql_11";
- description = ''
+ description = lib.mdDoc ''
PostgreSQL package to use.
'';
};
@@ -16,7 +16,7 @@ let
directory = mkOption {
type = types.path;
example = literalExpression "/mnt/pg_wal/main/";
- description = ''
+ description = lib.mdDoc ''
Directory to write the output to.
'';
};
@@ -24,7 +24,7 @@ let
statusInterval = mkOption {
type = types.int;
default = 10;
- description = ''
+ description = lib.mdDoc ''
Specifies the number of seconds between status packets sent back to the server.
This allows for easier monitoring of the progress from server.
A value of zero disables the periodic status updates completely,
@@ -36,27 +36,27 @@ let
type = types.str;
default = "";
example = "some_slot_name";
- description = ''
- Require pg_receivewal to use an existing replication slot (see
- Section 26.2.6 of the PostgreSQL manual).
- When this option is used, pg_receivewal will report a flush position to the server,
+ description = lib.mdDoc ''
+ Require {command}`pg_receivewal` to use an existing replication slot (see
+ [Section 26.2.6 of the PostgreSQL manual](https://www.postgresql.org/docs/current/warm-standby.html#STREAMING-REPLICATION-SLOTS)).
+ When this option is used, {command}`pg_receivewal` will report a flush position to the server,
indicating when each segment has been synchronized to disk so that the server can remove that segment if it is not otherwise needed.
- When the replication client of pg_receivewal is configured on the server as a synchronous standby,
+ When the replication client of {command}`pg_receivewal` is configured on the server as a synchronous standby,
then using a replication slot will report the flush position to the server, but only when a WAL file is closed.
Therefore, that configuration will cause transactions on the primary to wait for a long time and effectively not work satisfactorily.
- The option must be specified in addition to make this work correctly.
+ The option {option}`synchronous` must be specified in addition to make this work correctly.
'';
};
synchronous = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Flush the WAL data to disk immediately after it has been received.
- Also send a status packet back to the server immediately after flushing, regardless of .
+ Also send a status packet back to the server immediately after flushing, regardless of {option}`statusInterval`.
- This option should be specified if the replication client of pg_receivewal is configured on the server as a synchronous standby,
+ This option should be specified if the replication client of {command}`pg_receivewal` is configured on the server as a synchronous standby,
to ensure that timely feedback is sent to the server.
'';
};
@@ -64,10 +64,10 @@ let
compress = mkOption {
type = types.ints.between 0 9;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Enables gzip compression of write-ahead logs, and specifies the compression level
- (0 through 9, 0 being no compression and 9 being best compression).
- The suffix .gz will automatically be added to all filenames.
+ (`0` through `9`, `0` being no compression and `9` being best compression).
+ The suffix `.gz` will automatically be added to all filenames.
This option requires PostgreSQL >= 10.
'';
@@ -76,11 +76,11 @@ let
connection = mkOption {
type = types.str;
example = "postgresql://user@somehost";
- description = ''
+ description = lib.mdDoc ''
Specifies parameters used to connect to the server, as a connection string.
- See Section 34.1.1 of the PostgreSQL manual for more information.
+ See [Section 34.1.1 of the PostgreSQL manual](https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING) for more information.
- Because pg_receivewal doesn't connect to any particular database in the cluster,
+ Because {command}`pg_receivewal` doesn't connect to any particular database in the cluster,
database name in the connection string will be ignored.
'';
};
@@ -93,8 +93,8 @@ let
"--no-sync"
]
'';
- description = ''
- A list of extra arguments to pass to the pg_receivewal command.
+ description = lib.mdDoc ''
+ A list of extra arguments to pass to the {command}`pg_receivewal` command.
'';
};
@@ -107,9 +107,9 @@ let
PGSSLMODE = "require";
}
'';
- description = ''
+ description = lib.mdDoc ''
Environment variables passed to the service.
- Usable parameters are listed in Section 34.14 of the PostgreSQL manual.
+ Usable parameters are listed in [Section 34.14 of the PostgreSQL manual](https://www.postgresql.org/docs/current/libpq-envars.html).
'';
};
};
@@ -131,10 +131,10 @@ in {
};
}
'';
- description = ''
+ description = lib.mdDoc ''
PostgreSQL WAL receivers.
- Stream write-ahead logs from a PostgreSQL server using pg_receivewal (formerly pg_receivexlog).
- See the man page for more information.
+ Stream write-ahead logs from a PostgreSQL server using {command}`pg_receivewal` (formerly {command}`pg_receivexlog`).
+ See [the man page](https://www.postgresql.org/docs/current/app-pgreceivewal.html) for more information.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/restic-rest-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/restic-rest-server.nix
index 4717119f178..1d3892c158e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/restic-rest-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/restic-rest-server.nix
@@ -15,19 +15,19 @@ in
default = ":8000";
example = "127.0.0.1:8080";
type = types.str;
- description = "Listen on a specific IP address and port.";
+ description = lib.mdDoc "Listen on a specific IP address and port.";
};
dataDir = mkOption {
default = "/var/lib/restic";
type = types.path;
- description = "The directory for storing the restic repository.";
+ description = lib.mdDoc "The directory for storing the restic repository.";
};
appendOnly = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable append only mode.
This mode allows creation of new backups but prevents deletion and modification of existing backups.
This can be useful when backing up systems that have a potential of being hacked.
@@ -37,7 +37,7 @@ in
privateRepos = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable private repos.
Grants access only when a subdirectory with the same name as the user is specified in the repository URL.
'';
@@ -46,13 +46,13 @@ in
prometheus = mkOption {
default = false;
type = types.bool;
- description = "Enable Prometheus metrics at /metrics.";
+ description = lib.mdDoc "Enable Prometheus metrics at /metrics.";
};
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra commandline options to pass to Restic REST server.
'';
};
@@ -61,7 +61,7 @@ in
default = pkgs.restic-rest-server;
defaultText = literalExpression "pkgs.restic-rest-server";
type = types.package;
- description = "Restic REST server package to use.";
+ description = lib.mdDoc "Restic REST server package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/restic.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/restic.nix
index 333fdd494e3..76d7f093f21 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/restic.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/restic.nix
@@ -8,14 +8,14 @@ let
in
{
options.services.restic.backups = mkOption {
- description = ''
+ description = lib.mdDoc ''
Periodic backups to create with Restic.
'';
type = types.attrsOf (types.submodule ({ config, name, ... }: {
options = {
passwordFile = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Read the repository password from a file.
'';
example = "/etc/nixos/restic-password";
@@ -26,7 +26,7 @@ in
# added on 2021-08-28, s3CredentialsFile should
# be removed in the future (+ remember the warning)
default = config.s3CredentialsFile;
- description = ''
+ description = lib.mdDoc ''
file containing the credentials to access the repository, in the
format of an EnvironmentFile as described by systemd.exec(5)
'';
@@ -35,7 +35,7 @@ in
s3CredentialsFile = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
file containing the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
for an S3-hosted repository, in the format of an EnvironmentFile
as described by systemd.exec(5)
@@ -45,13 +45,13 @@ in
rcloneOptions = mkOption {
type = with types; nullOr (attrsOf (oneOf [ str bool ]));
default = null;
- description = ''
+ description = lib.mdDoc ''
Options to pass to rclone to control its behavior.
- See for
+ See for
available options. When specifying option names, strip the
- leading --. To set a flag such as
- --drive-use-trash, which does not take a value,
- set the value to the Boolean true.
+ leading `--`. To set a flag such as
+ `--drive-use-trash`, which does not take a value,
+ set the value to the Boolean `true`.
'';
example = {
bwlimit = "10M";
@@ -62,16 +62,16 @@ in
rcloneConfig = mkOption {
type = with types; nullOr (attrsOf (oneOf [ str bool ]));
default = null;
- description = ''
+ description = lib.mdDoc ''
Configuration for the rclone remote being used for backup.
See the remote's specific options under rclone's docs at
- . When specifying
+ . When specifying
option names, use the "config" name specified in the docs.
- For example, to set --b2-hard-delete for a B2
- remote, use hard_delete = true in the
+ For example, to set `--b2-hard-delete` for a B2
+ remote, use `hard_delete = true` in the
attribute set.
Warning: Secrets set in here will be world-readable in the Nix
- store! Consider using the rcloneConfigFile
+ store! Consider using the `rcloneConfigFile`
option instead to specify secret values separately. Note that
options set here will override those set in the config file.
'';
@@ -86,11 +86,11 @@ in
rcloneConfigFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the file containing rclone configuration. This file
must contain configuration for the remote specified in this backup
set and also must be readable by root. Options set in
- rcloneConfig will override those set in this
+ `rcloneConfig` will override those set in this
file.
'';
};
@@ -98,7 +98,7 @@ in
repository = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
repository to backup to.
'';
example = "sftp:backup@192.168.1.100:/backups/${name}";
@@ -107,7 +107,7 @@ in
repositoryFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the file containing the repository location to backup to.
'';
};
@@ -115,7 +115,7 @@ in
paths = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = ''
+ description = lib.mdDoc ''
Which paths to backup. If null or an empty array, no
backup command will be run. This can be used to create a
prune-only job.
@@ -131,7 +131,7 @@ in
default = {
OnCalendar = "daily";
};
- description = ''
+ description = lib.mdDoc ''
When to run the backup. See man systemd.timer for details.
'';
example = {
@@ -143,7 +143,7 @@ in
user = mkOption {
type = types.str;
default = "root";
- description = ''
+ description = lib.mdDoc ''
As which user the backup should run.
'';
example = "postgresql";
@@ -152,7 +152,7 @@ in
extraBackupArgs = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Extra arguments passed to restic backup.
'';
example = [
@@ -163,7 +163,7 @@ in
extraOptions = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Extra extended options to be passed to the restic --option flag.
'';
example = [
@@ -174,7 +174,7 @@ in
initialize = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Create the repository if it doesn't exist.
'';
};
@@ -199,7 +199,7 @@ in
dynamicFilesFrom = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
A script that produces a list of files to back up. The
results of this command are given to the '--files-from'
option.
@@ -210,7 +210,7 @@ in
backupPrepareCommand = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
A script that must run before starting the backup process.
'';
};
@@ -218,10 +218,19 @@ in
backupCleanupCommand = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
A script that must run after finishing the backup process.
'';
};
+
+ package = mkOption {
+ type = types.package;
+ default = pkgs.restic;
+ defaultText = literalExpression "pkgs.restic";
+ description = ''
+ Restic package to use.
+ '';
+ };
};
}));
default = { };
@@ -254,7 +263,7 @@ in
(name: backup:
let
extraOptions = concatMapStrings (arg: " -o ${arg}") backup.extraOptions;
- resticCmd = "${pkgs.restic}/bin/restic${extraOptions}";
+ resticCmd = "${backup.package}/bin/restic${extraOptions}";
filesFromTmpFile = "/run/restic-backups-${name}/includes";
backupPaths =
if (backup.dynamicFilesFrom == null)
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/rsnapshot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/rsnapshot.nix
index 6635a51ec2c..b18c02d7d11 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/rsnapshot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/rsnapshot.nix
@@ -24,7 +24,7 @@ in
services.rsnapshot = {
enable = mkEnableOption "rsnapshot backups";
enableManualRsnapshot = mkOption {
- description = "Whether to enable manual usage of the rsnapshot command with this module.";
+ description = lib.mdDoc "Whether to enable manual usage of the rsnapshot command with this module.";
default = true;
type = types.bool;
};
@@ -37,7 +37,7 @@ in
backup /home/ localhost/
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
rsnapshot configuration option in addition to the defaults from
rsnapshot and this module.
@@ -53,7 +53,7 @@ in
default = {};
example = { hourly = "0 * * * *"; daily = "50 21 * * *"; };
type = types.attrsOf types.str;
- description = ''
+ description = lib.mdDoc ''
Periodicity at which intervals should be run by cron.
Note that the intervals also have to exist in configuration
as retain options.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/sanoid.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/sanoid.nix
index 5eb031b2e9f..847b8507f70 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/sanoid.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/sanoid.nix
@@ -12,37 +12,37 @@ let
commonOptions = {
hourly = mkOption {
- description = "Number of hourly snapshots.";
+ description = lib.mdDoc "Number of hourly snapshots.";
type = with types; nullOr ints.unsigned;
default = null;
};
daily = mkOption {
- description = "Number of daily snapshots.";
+ description = lib.mdDoc "Number of daily snapshots.";
type = with types; nullOr ints.unsigned;
default = null;
};
monthly = mkOption {
- description = "Number of monthly snapshots.";
+ description = lib.mdDoc "Number of monthly snapshots.";
type = with types; nullOr ints.unsigned;
default = null;
};
yearly = mkOption {
- description = "Number of yearly snapshots.";
+ description = lib.mdDoc "Number of yearly snapshots.";
type = with types; nullOr ints.unsigned;
default = null;
};
autoprune = mkOption {
- description = "Whether to automatically prune old snapshots.";
+ description = lib.mdDoc "Whether to automatically prune old snapshots.";
type = with types; nullOr bool;
default = null;
};
autosnap = mkOption {
- description = "Whether to automatically take snapshots.";
+ description = lib.mdDoc "Whether to automatically take snapshots.";
type = with types; nullOr bool;
default = null;
};
@@ -50,7 +50,7 @@ let
datasetOptions = rec {
use_template = mkOption {
- description = "Names of the templates to use for this dataset.";
+ description = lib.mdDoc "Names of the templates to use for this dataset.";
type = types.listOf (types.str // {
check = (types.enum (attrNames cfg.templates)).check;
description = "configured template name";
@@ -60,9 +60,9 @@ let
useTemplate = use_template;
recursive = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to recursively snapshot dataset children.
- You can also set this to "zfs" to handle datasets
+ You can also set this to `"zfs"` to handle datasets
recursively in an atomic way without the possibility to
override settings for child datasets.
'';
@@ -71,7 +71,7 @@ let
};
process_children_only = mkOption {
- description = "Whether to only snapshot child datasets if recursing.";
+ description = lib.mdDoc "Whether to only snapshot child datasets if recursing.";
type = types.bool;
default = false;
};
@@ -135,7 +135,7 @@ in
config.process_children_only = mkAliasDefinitions (mkDefault options.processChildrenOnly or { });
}));
default = { };
- description = "Datasets to snapshot.";
+ description = lib.mdDoc "Datasets to snapshot.";
};
templates = mkOption {
@@ -144,14 +144,14 @@ in
options = commonOptions;
});
default = { };
- description = "Templates for datasets.";
+ description = lib.mdDoc "Templates for datasets.";
};
settings = mkOption {
type = types.attrsOf datasetSettingsType;
- description = ''
+ description = lib.mdDoc ''
Free-form settings written directly to the config file. See
-
+
for allowed values.
'';
};
@@ -160,9 +160,9 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "--verbose" "--readonly" "--debug" ];
- description = ''
+ description = lib.mdDoc ''
Extra arguments to pass to sanoid. See
-
+
for allowed options.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/syncoid.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/syncoid.nix
index 4df10f5ee02..e53528fb66f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/syncoid.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/syncoid.nix
@@ -102,7 +102,7 @@ in
type = types.str;
default = "syncoid";
example = "backup";
- description = ''
+ description = lib.mdDoc ''
The user for the service. ZFS privilege delegation will be
automatically configured for any local pools used by syncoid if this
option is set to a user other than root. The user will be given the
@@ -116,7 +116,7 @@ in
type = types.str;
default = "syncoid";
example = "backup";
- description = "The group for the service.";
+ description = lib.mdDoc "The group for the service.";
};
sshKey = mkOption {
@@ -124,7 +124,7 @@ in
# Prevent key from being copied to store
apply = mapNullable toString;
default = null;
- description = ''
+ description = lib.mdDoc ''
SSH private key file to use to login to the remote system. Can be
overridden in individual commands.
'';
@@ -134,10 +134,10 @@ in
type = types.listOf types.str;
# Permissions snapshot and destroy are in case --no-sync-snap is not used
default = [ "bookmark" "hold" "send" "snapshot" "destroy" ];
- description = ''
- Permissions granted for the user
+ description = lib.mdDoc ''
+ Permissions granted for the {option}`services.syncoid.user` user
for local source datasets. See
-
+
for available permissions.
'';
};
@@ -146,13 +146,13 @@ in
type = types.listOf types.str;
default = [ "change-key" "compression" "create" "mount" "mountpoint" "receive" "rollback" ];
example = [ "create" "mount" "receive" "rollback" ];
- description = ''
- Permissions granted for the user
+ description = lib.mdDoc ''
+ Permissions granted for the {option}`services.syncoid.user` user
for local target datasets. See
-
+
for available permissions.
- Make sure to include the change-key permission if you send raw encrypted datasets,
- the compression permission if you send raw compressed datasets, and so on.
+ Make sure to include the `change-key` permission if you send raw encrypted datasets,
+ the `compression` permission if you send raw compressed datasets, and so on.
For remote target datasets you'll have to set your remote user permissions by yourself.
'';
};
@@ -161,10 +161,10 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "--no-sync-snap" ];
- description = ''
+ description = lib.mdDoc ''
Arguments to add to every syncoid command, unless disabled for that
command. See
-
+
for available options.
'';
};
@@ -172,7 +172,7 @@ in
service = mkOption {
type = types.attrs;
default = { };
- description = ''
+ description = lib.mdDoc ''
Systemd configuration common to all syncoid services.
'';
};
@@ -183,7 +183,7 @@ in
source = mkOption {
type = types.str;
example = "pool/dataset";
- description = ''
+ description = lib.mdDoc ''
Source ZFS dataset. Can be either local or remote. Defaults to
the attribute name.
'';
@@ -205,32 +205,32 @@ in
type = types.nullOr types.path;
# Prevent key from being copied to store
apply = mapNullable toString;
- description = ''
+ description = lib.mdDoc ''
SSH private key file to use to login to the remote system.
- Defaults to option.
+ Defaults to {option}`services.syncoid.sshKey` option.
'';
};
localSourceAllow = mkOption {
type = types.listOf types.str;
- description = ''
- Permissions granted for the user
+ description = lib.mdDoc ''
+ Permissions granted for the {option}`services.syncoid.user` user
for local source datasets. See
-
+
for available permissions.
- Defaults to option.
+ Defaults to {option}`services.syncoid.localSourceAllow` option.
'';
};
localTargetAllow = mkOption {
type = types.listOf types.str;
- description = ''
- Permissions granted for the user
+ description = lib.mdDoc ''
+ Permissions granted for the {option}`services.syncoid.user` user
for local target datasets. See
-
+
for available permissions.
- Make sure to include the change-key permission if you send raw encrypted datasets,
- the compression permission if you send raw compressed datasets, and so on.
+ Make sure to include the `change-key` permission if you send raw encrypted datasets,
+ the `compression` permission if you send raw compressed datasets, and so on.
For remote target datasets you'll have to set your remote user permissions by yourself.
'';
};
@@ -239,7 +239,7 @@ in
type = types.separatedString " ";
default = "";
example = "Lc e";
- description = ''
+ description = lib.mdDoc ''
Advanced options to pass to zfs send. Options are specified
without their leading dashes and separated by spaces.
'';
@@ -249,7 +249,7 @@ in
type = types.separatedString " ";
default = "";
example = "ux recordsize o compression=lz4";
- description = ''
+ description = lib.mdDoc ''
Advanced options to pass to zfs recv. Options are specified
without their leading dashes and separated by spaces.
'';
@@ -258,7 +258,7 @@ in
useCommonArgs = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to add the configured common arguments to this command.
'';
};
@@ -266,7 +266,7 @@ in
service = mkOption {
type = types.attrs;
default = { };
- description = ''
+ description = lib.mdDoc ''
Systemd configuration specific to this syncoid service.
'';
};
@@ -275,7 +275,7 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "--sshport 2222" ];
- description = "Extra syncoid arguments for this command.";
+ description = lib.mdDoc "Extra syncoid arguments for this command.";
};
};
config = {
@@ -291,7 +291,7 @@ in
"pool/test".target = "root@target:pool/test";
}
'';
- description = "Syncoid commands to run.";
+ description = lib.mdDoc "Syncoid commands to run.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/tarsnap.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/tarsnap.nix
index 9b5fd90012e..965166479be 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/tarsnap.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/tarsnap.nix
@@ -35,10 +35,10 @@ in
keyfile = mkOption {
type = types.str;
default = "/root/tarsnap.key";
- description = ''
+ description = lib.mdDoc ''
The keyfile which associates this machine with your tarsnap
account.
- Create the keyfile with tarsnap-keygen.
+ Create the keyfile with {command}`tarsnap-keygen`.
Note that each individual archive (specified below) may also have its
own individual keyfile specified. Tarsnap does not allow multiple
@@ -47,11 +47,11 @@ in
archives specified, you should either spread out your backups to be
far apart, or specify a separate key for each archive. By default
every archive defaults to using
- "/root/tarsnap.key".
+ `"/root/tarsnap.key"`.
It's recommended for backups that you generate a key for every archive
- using tarsnap-keygen(1), and then generate a
- write-only tarsnap key using tarsnap-keymgmt(1),
+ using `tarsnap-keygen(1)`, and then generate a
+ write-only tarsnap key using `tarsnap-keymgmt(1)`,
and keep your master key(s) for a particular machine off-site.
The keyfile name should be given as a string and not a path, to
@@ -67,18 +67,18 @@ in
type = types.str;
default = gcfg.keyfile;
defaultText = literalExpression "config.${opt.keyfile}";
- description = ''
+ description = lib.mdDoc ''
Set a specific keyfile for this archive. This defaults to
- "/root/tarsnap.key" if left unspecified.
+ `"/root/tarsnap.key"` if left unspecified.
Use this option if you want to run multiple backups
concurrently - each archive must have a unique key. You can
generate a write-only key derived from your master key (which
- is recommended) using tarsnap-keymgmt(1).
+ is recommended) using `tarsnap-keymgmt(1)`.
Note: every archive must have an individual master key. You
must generate multiple keys with
- tarsnap-keygen(1), and then generate write
+ `tarsnap-keygen(1)`, and then generate write
only keys from those.
The keyfile name should be given as a string and not a path, to
@@ -92,47 +92,47 @@ in
defaultText = literalExpression ''
"/var/cache/tarsnap/''${utils.escapeSystemdPath config.${options.keyfile}}"
'';
- description = ''
+ description = lib.mdDoc ''
The cache allows tarsnap to identify previously stored data
blocks, reducing archival time and bandwidth usage.
Should the cache become desynchronized or corrupted, tarsnap
will refuse to run until you manually rebuild the cache with
- tarsnap --fsck.
+ {command}`tarsnap --fsck`.
- Set to null to disable caching.
+ Set to `null` to disable caching.
'';
};
nodump = mkOption {
type = types.bool;
default = true;
- description = ''
- Exclude files with the nodump flag.
+ description = lib.mdDoc ''
+ Exclude files with the `nodump` flag.
'';
};
printStats = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Print global archive statistics upon completion.
The output is available via
- systemctl status tarsnap-archive-name.
+ {command}`systemctl status tarsnap-archive-name`.
'';
};
checkpointBytes = mkOption {
type = types.nullOr types.str;
default = "1GB";
- description = ''
- Create a checkpoint every checkpointBytes
+ description = lib.mdDoc ''
+ Create a checkpoint every `checkpointBytes`
of uploaded data (optionally specified using an SI prefix).
1GB is the minimum value. A higher value is recommended,
as checkpointing is expensive.
- Set to null to disable checkpointing.
+ Set to `null` to disable checkpointing.
'';
};
@@ -152,7 +152,7 @@ in
aggressiveNetworking = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Upload data over multiple TCP connections, potentially
increasing tarsnap's bandwidth utilisation at the cost
of slowing down all other network traffic. Not
@@ -164,13 +164,13 @@ in
directories = mkOption {
type = types.listOf types.path;
default = [];
- description = "List of filesystem paths to archive.";
+ description = lib.mdDoc "List of filesystem paths to archive.";
};
excludes = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Exclude files and directories matching these patterns.
'';
};
@@ -178,7 +178,7 @@ in
includes = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Include only files and directories matching these
patterns (the empty list includes everything).
@@ -189,7 +189,7 @@ in
lowmem = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Reduce memory consumption by not caching small files.
Possibly beneficial if the average file size is smaller
than 1 MB and the number of files is lower than the
@@ -200,9 +200,9 @@ in
verylowmem = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Reduce memory consumption by a factor of 2 beyond what
- lowmem does, at the cost of significantly
+ `lowmem` does, at the cost of significantly
slowing down the archiving process.
'';
};
@@ -210,7 +210,7 @@ in
maxbw = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Abort archival if upstream bandwidth usage in bytes
exceeds this threshold.
'';
@@ -220,7 +220,7 @@ in
type = types.nullOr types.int;
default = null;
example = literalExpression "25 * 1000";
- description = ''
+ description = lib.mdDoc ''
Upload bandwidth rate limit in bytes.
'';
};
@@ -229,7 +229,7 @@ in
type = types.nullOr types.int;
default = null;
example = literalExpression "50 * 1000";
- description = ''
+ description = lib.mdDoc ''
Download bandwidth rate limit in bytes.
'';
};
@@ -237,21 +237,21 @@ in
verbose = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to produce verbose logging output.
'';
};
explicitSymlinks = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to follow symlinks specified as archives.
'';
};
followSymlinks = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to follow all symlinks in archive trees.
'';
};
@@ -274,17 +274,17 @@ in
}
'';
- description = ''
+ description = lib.mdDoc ''
Tarsnap archive configurations. Each attribute names an archive
to be created at a given time interval, according to the options
associated with it. When uploading to the tarsnap server,
archive names are suffixed by a 1 second resolution timestamp,
- with the format %Y%m%d%H%M%S.
+ with the format `%Y%m%d%H%M%S`.
For each member of the set is created a timer which triggers the
- instanced tarsnap-archive-name service unit. You may use
- systemctl start tarsnap-archive-name to
- manually trigger creation of archive-name at
+ instanced `tarsnap-archive-name` service unit. You may use
+ {command}`systemctl start tarsnap-archive-name` to
+ manually trigger creation of `archive-name` at
any time.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/tsm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/tsm.nix
index 4e690ac6ecd..bd6f3d71fe6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/tsm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/tsm.nix
@@ -18,38 +18,38 @@ let
type = nonEmptyStr;
default = "backup";
example = "incr";
- description = ''
+ description = lib.mdDoc ''
The actual command passed to the
- dsmc executable to start the backup.
+ `dsmc` executable to start the backup.
'';
};
servername = mkOption {
type = nonEmptyStr;
example = "mainTsmServer";
- description = ''
+ description = lib.mdDoc ''
Create a systemd system service
- tsm-backup.service that starts
+ `tsm-backup.service` that starts
a backup based on the given servername's stanza.
Note that this server's
- will default to
- /var/lib/tsm-backup/password
+ {option}`passwdDir` will default to
+ {file}`/var/lib/tsm-backup/password`
(but may be overridden);
also, the service will use
- /var/lib/tsm-backup as
- HOME when calling
- dsmc.
+ {file}`/var/lib/tsm-backup` as
+ `HOME` when calling
+ `dsmc`.
'';
};
autoTime = mkOption {
type = nullOr nonEmptyStr;
default = null;
example = "12:00";
- description = ''
+ description = lib.mdDoc ''
The backup service will be invoked
automatically at the given date/time,
which must be in the format described in
- systemd.time5.
- The default null
+ {manpage}`systemd.time(5)`.
+ The default `null`
disables automatic backups.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/zfs-replication.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/zfs-replication.nix
index 6d75774c78f..1a089bb3486 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/zfs-replication.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/zfs-replication.nix
@@ -12,43 +12,43 @@ in {
enable = mkEnableOption "ZFS snapshot replication.";
followDelete = mkOption {
- description = "Remove remote snapshots that don't have a local correspondant.";
+ description = lib.mdDoc "Remove remote snapshots that don't have a local correspondant.";
default = true;
type = types.bool;
};
host = mkOption {
- description = "Remote host where snapshots should be sent. lz4 is expected to be installed on this host.";
+ description = lib.mdDoc "Remote host where snapshots should be sent. `lz4` is expected to be installed on this host.";
example = "example.com";
type = types.str;
};
identityFilePath = mkOption {
- description = "Path to SSH key used to login to host.";
+ description = lib.mdDoc "Path to SSH key used to login to host.";
example = "/home/username/.ssh/id_rsa";
type = types.path;
};
localFilesystem = mkOption {
- description = "Local ZFS fileystem from which snapshots should be sent. Defaults to the attribute name.";
+ description = lib.mdDoc "Local ZFS fileystem from which snapshots should be sent. Defaults to the attribute name.";
example = "pool/file/path";
type = types.str;
};
remoteFilesystem = mkOption {
- description = "Remote ZFS filesystem where snapshots should be sent.";
+ description = lib.mdDoc "Remote ZFS filesystem where snapshots should be sent.";
example = "pool/file/path";
type = types.str;
};
recursive = mkOption {
- description = "Recursively discover snapshots to send.";
+ description = lib.mdDoc "Recursively discover snapshots to send.";
default = true;
type = types.bool;
};
username = mkOption {
- description = "Username used by SSH to login to remote host.";
+ description = lib.mdDoc "Username used by SSH to login to remote host.";
example = "username";
type = types.str;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/znapzend.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/znapzend.nix
index 09e60177c39..ecd90ba5b30 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/znapzend.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/znapzend.nix
@@ -52,7 +52,7 @@ let
label = mkOption {
type = str;
- description = "Label for this destination. Defaults to the attribute name.";
+ description = lib.mdDoc "Label for this destination. Defaults to the attribute name.";
};
plan = mkOption {
@@ -63,15 +63,15 @@ let
dataset = mkOption {
type = str;
- description = "Dataset name to send snapshots to.";
+ description = lib.mdDoc "Dataset name to send snapshots to.";
example = "tank/main";
};
host = mkOption {
type = nullOr str;
- description = ''
+ description = lib.mdDoc ''
Host to use for the destination dataset. Can be prefixed with
- user@ to specify the ssh user.
+ `user@` to specify the ssh user.
'';
default = null;
example = "john@example.com";
@@ -79,11 +79,11 @@ let
presend = mkOption {
type = nullOr str;
- description = ''
+ description = lib.mdDoc ''
Command to run before sending the snapshot to the destination.
- Intended to run a remote script via ssh on the
+ Intended to run a remote script via {command}`ssh` on the
destination, e.g. to bring up a backup disk or server or to put a
- zpool online/offline. See also .
+ zpool online/offline. See also {option}`postsend`.
'';
default = null;
example = "ssh root@bserv zpool import -Nf tank";
@@ -91,11 +91,11 @@ let
postsend = mkOption {
type = nullOr str;
- description = ''
+ description = lib.mdDoc ''
Command to run after sending the snapshot to the destination.
- Intended to run a remote script via ssh on the
+ Intended to run a remote script via {command}`ssh` on the
destination, e.g. to bring up a backup disk or server or to put a
- zpool online/offline. See also .
+ zpool online/offline. See also {option}`presend`.
'';
default = null;
example = "ssh root@bserv zpool export tank";
@@ -115,32 +115,32 @@ let
enable = mkOption {
type = bool;
- description = "Whether to enable this source.";
+ description = lib.mdDoc "Whether to enable this source.";
default = true;
};
recursive = mkOption {
type = bool;
- description = "Whether to do recursive snapshots.";
+ description = lib.mdDoc "Whether to do recursive snapshots.";
default = false;
};
mbuffer = {
enable = mkOption {
type = bool;
- description = "Whether to use mbuffer.";
+ description = lib.mdDoc "Whether to use {command}`mbuffer`.";
default = false;
};
port = mkOption {
type = nullOr ints.u16;
- description = ''
- Port to use for mbuffer.
+ description = lib.mdDoc ''
+ Port to use for {command}`mbuffer`.
- If this is null, it will run mbuffer through
+ If this is null, it will run {command}`mbuffer` through
ssh.
- If this is not null, it will run mbuffer
+ If this is not null, it will run {command}`mbuffer`
directly through TCP, which is not encrypted but faster. In that
case the given port needs to be open on the destination host.
'';
@@ -149,8 +149,8 @@ let
size = mkOption {
type = mbufferSizeType;
- description = ''
- The size for mbuffer.
+ description = lib.mdDoc ''
+ The size for {command}`mbuffer`.
Supports the units b, k, M, G.
'';
default = "1G";
@@ -160,10 +160,10 @@ let
presnap = mkOption {
type = nullOr str;
- description = ''
+ description = lib.mdDoc ''
Command to run before snapshots are taken on the source dataset,
e.g. for database locking/flushing. See also
- .
+ {option}`postsnap`.
'';
default = null;
example = literalExpression ''
@@ -173,9 +173,9 @@ let
postsnap = mkOption {
type = nullOr str;
- description = ''
+ description = lib.mdDoc ''
Command to run after snapshots are taken on the source dataset,
- e.g. for database unlocking. See also .
+ e.g. for database unlocking. See also {option}`presnap`.
'';
default = null;
example = literalExpression ''
@@ -185,13 +185,13 @@ let
timestampFormat = mkOption {
type = timestampType;
- description = ''
+ description = lib.mdDoc ''
The timestamp format to use for constructing snapshot names.
- The syntax is strftime-like. The string must
- consist of the mandatory %Y %m %d %H %M %S.
- Optionally - _ . : characters as well as any
+ The syntax is `strftime`-like. The string must
+ consist of the mandatory `%Y %m %d %H %M %S`.
+ Optionally `- _ . :` characters as well as any
alphanumeric character are allowed. If suffixed by a
- Z, times will be in UTC.
+ `Z`, times will be in UTC.
'';
default = "%Y-%m-%d-%H%M%S";
example = "znapzend-%m.%d.%Y-%H%M%SZ";
@@ -199,7 +199,7 @@ let
sendDelay = mkOption {
type = int;
- description = ''
+ description = lib.mdDoc ''
Specify delay (in seconds) before sending snaps to the destination.
May be useful if you want to control sending time.
'';
@@ -215,13 +215,13 @@ let
dataset = mkOption {
type = str;
- description = "The dataset to use for this source.";
+ description = lib.mdDoc "The dataset to use for this source.";
example = "tank/home";
};
destinations = mkOption {
type = attrsOf (destType config);
- description = "Additional destinations.";
+ description = lib.mdDoc "Additional destinations.";
default = {};
example = literalExpression ''
{
@@ -300,7 +300,7 @@ in
default = "debug";
example = "warning";
type = enum ["debug" "info" "warning" "err" "alert"];
- description = ''
+ description = lib.mdDoc ''
The log level when logging to file. Any of debug, info, warning, err,
alert. Default in daemonized form is debug.
'';
@@ -318,18 +318,18 @@ in
noDestroy = mkOption {
type = bool;
default = false;
- description = "Does all changes to the filesystem except destroy.";
+ description = lib.mdDoc "Does all changes to the filesystem except destroy.";
};
autoCreation = mkOption {
type = bool;
default = false;
- description = "Automatically create the destination dataset if it does not exist.";
+ description = lib.mdDoc "Automatically create the destination dataset if it does not exist.";
};
zetup = mkOption {
type = attrsOf srcType;
- description = "Znapzend configuration.";
+ description = lib.mdDoc "Znapzend configuration.";
default = {};
example = literalExpression ''
{
@@ -350,7 +350,7 @@ in
pure = mkOption {
type = bool;
- description = ''
+ description = lib.mdDoc ''
Do not persist any stateful znapzend setups. If this option is
enabled, your previously set znapzend setups will be cleared and only
the ones defined with this module will be applied.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/zrepl.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/zrepl.nix
index 73f5e4d9f6d..e3a90091264 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/zrepl.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/backup/zrepl.nix
@@ -13,6 +13,13 @@ in
services.zrepl = {
enable = mkEnableOption "zrepl";
+ package = mkOption {
+ type = types.package;
+ default = pkgs.zrepl;
+ defaultText = literalExpression "pkgs.zrepl";
+ description = lib.mdDoc "Which package to use for zrepl";
+ };
+
settings = mkOption {
default = { };
description = ''
@@ -30,14 +37,14 @@ in
### Implementation ###
config = mkIf cfg.enable {
- environment.systemPackages = [ pkgs.zrepl ];
+ environment.systemPackages = [ cfg.package ];
# zrepl looks for its config in this location by default. This
# allows the use of e.g. `zrepl signal wakeup ` without having
# to specify the storepath of the config.
environment.etc."zrepl/zrepl.yml".source = configFile;
- systemd.packages = [ pkgs.zrepl ];
+ systemd.packages = [ cfg.package ];
# Note that pkgs.zrepl copies and adapts the upstream systemd unit, and
# the fields defined here only override certain fields from that unit.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/blockchain/ethereum/geth.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/blockchain/ethereum/geth.nix
index bf2cf1edd4d..4f045acd956 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/blockchain/ethereum/geth.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/blockchain/ethereum/geth.nix
@@ -14,7 +14,7 @@ let
port = mkOption {
type = types.port;
default = 30303;
- description = "Port number Go Ethereum will be listening on, both TCP and UDP.";
+ description = lib.mdDoc "Port number Go Ethereum will be listening on, both TCP and UDP.";
};
http = {
@@ -22,19 +22,19 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Listen address of Go Ethereum HTTP API.";
+ description = lib.mdDoc "Listen address of Go Ethereum HTTP API.";
};
port = mkOption {
type = types.port;
default = 8545;
- description = "Port number of Go Ethereum HTTP API.";
+ description = lib.mdDoc "Port number of Go Ethereum HTTP API.";
};
apis = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = "APIs to enable over WebSocket";
+ description = lib.mdDoc "APIs to enable over WebSocket";
example = ["net" "eth"];
};
};
@@ -44,19 +44,19 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Listen address of Go Ethereum WebSocket API.";
+ description = lib.mdDoc "Listen address of Go Ethereum WebSocket API.";
};
port = mkOption {
type = types.port;
default = 8546;
- description = "Port number of Go Ethereum WebSocket API.";
+ description = lib.mdDoc "Port number of Go Ethereum WebSocket API.";
};
apis = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = "APIs to enable over WebSocket";
+ description = lib.mdDoc "APIs to enable over WebSocket";
example = ["net" "eth"];
};
};
@@ -66,43 +66,43 @@ let
address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Listen address of Go Ethereum metrics service.";
+ description = lib.mdDoc "Listen address of Go Ethereum metrics service.";
};
port = mkOption {
type = types.port;
default = 6060;
- description = "Port number of Go Ethereum metrics service.";
+ description = lib.mdDoc "Port number of Go Ethereum metrics service.";
};
};
network = mkOption {
type = types.nullOr (types.enum [ "goerli" "rinkeby" "yolov2" "ropsten" ]);
default = null;
- description = "The network to connect to. Mainnet (null) is the default ethereum network.";
+ description = lib.mdDoc "The network to connect to. Mainnet (null) is the default ethereum network.";
};
syncmode = mkOption {
type = types.enum [ "snap" "fast" "full" "light" ];
default = "snap";
- description = "Blockchain sync mode.";
+ description = lib.mdDoc "Blockchain sync mode.";
};
gcmode = mkOption {
type = types.enum [ "full" "archive" ];
default = "full";
- description = "Blockchain garbage collection mode.";
+ description = lib.mdDoc "Blockchain garbage collection mode.";
};
maxpeers = mkOption {
type = types.int;
default = 50;
- description = "Maximum peers to connect to.";
+ description = lib.mdDoc "Maximum peers to connect to.";
};
extraArgs = mkOption {
type = types.listOf types.str;
- description = "Additional arguments passed to Go Ethereum.";
+ description = lib.mdDoc "Additional arguments passed to Go Ethereum.";
default = [];
};
@@ -110,7 +110,7 @@ let
default = pkgs.go-ethereum.geth;
defaultText = literalExpression "pkgs.go-ethereum.geth";
type = types.package;
- description = "Package to use as Go Ethereum node.";
+ description = lib.mdDoc "Package to use as Go Ethereum node.";
};
};
};
@@ -124,7 +124,7 @@ in
services.geth = mkOption {
type = types.attrsOf (types.submodule gethOpts);
default = {};
- description = "Specification of one or more geth instances.";
+ description = lib.mdDoc "Specification of one or more geth instances.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/corosync/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/corosync/default.nix
index b4144917fee..97308944541 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/corosync/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/corosync/default.nix
@@ -13,37 +13,37 @@ in
type = types.package;
default = pkgs.corosync;
defaultText = literalExpression "pkgs.corosync";
- description = "Package that should be used for corosync.";
+ description = lib.mdDoc "Package that should be used for corosync.";
};
clusterName = mkOption {
type = types.str;
default = "nixcluster";
- description = "Name of the corosync cluster.";
+ description = lib.mdDoc "Name of the corosync cluster.";
};
extraOptions = mkOption {
type = with types; listOf str;
default = [];
- description = "Additional options with which to start corosync.";
+ description = lib.mdDoc "Additional options with which to start corosync.";
};
nodelist = mkOption {
- description = "Corosync nodelist: all cluster members.";
+ description = lib.mdDoc "Corosync nodelist: all cluster members.";
default = [];
type = with types; listOf (submodule {
options = {
nodeid = mkOption {
type = int;
- description = "Node ID number";
+ description = lib.mdDoc "Node ID number";
};
name = mkOption {
type = str;
- description = "Node name";
+ description = lib.mdDoc "Node name";
};
ring_addrs = mkOption {
type = listOf str;
- description = "List of addresses, one for each ring.";
+ description = lib.mdDoc "List of addresses, one for each ring.";
};
};
});
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/hadoop/hdfs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/hadoop/hdfs.nix
index 325a002ad32..6c185b9cd24 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/hadoop/hdfs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/hadoop/hdfs.nix
@@ -11,7 +11,7 @@ let
enable = mkEnableOption serviceName;
restartIfChanged = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Automatically restart the service on config change.
This can be set to false to defer restarts on clusters running critical applications.
Please consider the security implications of inadvertently running an older version,
@@ -22,7 +22,7 @@ let
extraFlags = mkOption{
type = with types; listOf str;
default = [];
- description = "Extra command line flags to pass to ${serviceName}";
+ description = lib.mdDoc "Extra command line flags to pass to ${serviceName}";
example = [
"-Dcom.sun.management.jmxremote"
"-Dcom.sun.management.jmxremote.port=8010"
@@ -31,13 +31,13 @@ let
extraEnv = mkOption{
type = with types; attrsOf str;
default = {};
- description = "Extra environment variables for ${serviceName}";
+ description = lib.mdDoc "Extra environment variables for ${serviceName}";
};
} // (optionalAttrs firewallOption {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open firewall ports for ${serviceName}.";
+ description = lib.mdDoc "Open firewall ports for ${serviceName}.";
};
}) // (optionalAttrs (extraOpts != null) extraOpts);
@@ -83,12 +83,12 @@ in
formatOnInit = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Format HDFS namenode on first start. This is useful for quickly spinning up
ephemeral HDFS clusters with a single namenode.
For HA clusters, initialization involves multiple steps across multiple nodes.
Follow this guide to initialize an HA cluster manually:
-
+
'';
};
};
@@ -96,19 +96,19 @@ in
datanode = hadoopServiceOption { serviceName = "HDFS DataNode"; } // {
dataDirs = mkOption {
default = null;
- description = "Tier and path definitions for datanode storage.";
+ description = lib.mdDoc "Tier and path definitions for datanode storage.";
type = with types; nullOr (listOf (submodule {
options = {
type = mkOption {
type = enum [ "SSD" "DISK" "ARCHIVE" "RAM_DISK" ];
- description = ''
+ description = lib.mdDoc ''
Storage types ([SSD]/[DISK]/[ARCHIVE]/[RAM_DISK]) for HDFS storage policies.
'';
};
path = mkOption {
type = path;
example = [ "/var/lib/hadoop/hdfs/dn" ];
- description = "Determines where on the local filesystem a data node should store its blocks.";
+ description = lib.mdDoc "Determines where on the local filesystem a data node should store its blocks.";
};
};
}));
@@ -126,7 +126,7 @@ in
tempPath = mkOption {
type = types.path;
default = "/tmp/hadoop/httpfs";
- description = "HTTPFS_TEMP path used by HTTPFS";
+ description = lib.mdDoc "HTTPFS_TEMP path used by HTTPFS";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/hadoop/yarn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/hadoop/yarn.nix
index 74e16bdec68..0a03fe6dab6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/hadoop/yarn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/hadoop/yarn.nix
@@ -5,7 +5,7 @@ let
hadoopConf = "${import ./conf.nix { inherit cfg pkgs lib; }}/";
restartIfChanged = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Automatically restart the service on config change.
This can be set to false to defer restarts on clusters running critical applications.
Please consider the security implications of inadvertently running an older version,
@@ -16,7 +16,7 @@ let
extraFlags = mkOption{
type = with types; listOf str;
default = [];
- description = "Extra command line flags to pass to the service";
+ description = lib.mdDoc "Extra command line flags to pass to the service";
example = [
"-Dcom.sun.management.jmxremote"
"-Dcom.sun.management.jmxremote.port=8010"
@@ -25,7 +25,7 @@ let
extraEnv = mkOption{
type = with types; attrsOf str;
default = {};
- description = "Extra environment variables";
+ description = lib.mdDoc "Extra environment variables";
};
in
{
@@ -37,7 +37,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open firewall ports for resourcemanager
'';
};
@@ -48,22 +48,22 @@ in
resource = {
cpuVCores = mkOption {
- description = "Number of vcores that can be allocated for containers.";
+ description = lib.mdDoc "Number of vcores that can be allocated for containers.";
type = with types; nullOr ints.positive;
default = null;
};
maximumAllocationVCores = mkOption {
- description = "The maximum virtual CPU cores any container can be allocated.";
+ description = lib.mdDoc "The maximum virtual CPU cores any container can be allocated.";
type = with types; nullOr ints.positive;
default = null;
};
memoryMB = mkOption {
- description = "Amount of physical memory, in MB, that can be allocated for containers.";
+ description = lib.mdDoc "Amount of physical memory, in MB, that can be allocated for containers.";
type = with types; nullOr ints.positive;
default = null;
};
maximumAllocationMB = mkOption {
- description = "The maximum physical memory any container can be allocated.";
+ description = lib.mdDoc "The maximum physical memory any container can be allocated.";
type = with types; nullOr ints.positive;
default = null;
};
@@ -72,13 +72,13 @@ in
useCGroups = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Use cgroups to enforce resource limits on containers
'';
};
localDir = mkOption {
- description = "List of directories to store localized files in.";
+ description = lib.mdDoc "List of directories to store localized files in.";
type = with types; nullOr (listOf path);
example = [ "/var/lib/hadoop/yarn/nm" ];
default = null;
@@ -87,14 +87,14 @@ in
addBinBash = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Add /bin/bash. This is needed by the linux container executor's launch script.
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open firewall ports for nodemanager.
Because containers can listen on any ephemeral port, TCP ports 1024–65535 will be opened.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/k3s/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/k3s/default.nix
index 421aa0aac60..a1f6d4ecdfa 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/k3s/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/k3s/default.nix
@@ -19,11 +19,11 @@ in
type = types.package;
default = pkgs.k3s;
defaultText = literalExpression "pkgs.k3s";
- description = "Package that should be used for k3s";
+ description = lib.mdDoc "Package that should be used for k3s";
};
role = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether k3s should run as a server or agent.
Note that the server, by default, also runs as an agent.
'';
@@ -33,14 +33,14 @@ in
serverAddr = mkOption {
type = types.str;
- description = "The k3s server to connect to. This option only makes sense for an agent.";
+ description = lib.mdDoc "The k3s server to connect to. This option only makes sense for an agent.";
example = "https://10.0.0.10:6443";
default = "";
};
token = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The k3s token to use when connecting to the server. This option only makes sense for an agent.
WARNING: This option will expose store your token unencrypted world-readable in the nix store.
If this is undesired use the tokenFile option instead.
@@ -50,12 +50,12 @@ in
tokenFile = mkOption {
type = types.nullOr types.path;
- description = "File path containing k3s token to use when connecting to the server. This option only makes sense for an agent.";
+ description = lib.mdDoc "File path containing k3s token to use when connecting to the server. This option only makes sense for an agent.";
default = null;
};
extraFlags = mkOption {
- description = "Extra flags to pass to the k3s command.";
+ description = lib.mdDoc "Extra flags to pass to the k3s command.";
type = types.str;
default = "";
example = "--no-deploy traefik --cluster-cidr 10.24.0.0/16";
@@ -64,13 +64,13 @@ in
disableAgent = mkOption {
type = types.bool;
default = false;
- description = "Only run the server. This option only makes sense for a server.";
+ description = lib.mdDoc "Only run the server. This option only makes sense for a server.";
};
configPath = mkOption {
type = types.nullOr types.path;
default = null;
- description = "File path containing the k3s YAML config. This is useful when the config is generated (for example on boot).";
+ description = lib.mdDoc "File path containing the k3s YAML config. This is useful when the config is generated (for example on boot).";
};
};
@@ -111,7 +111,6 @@ in
[
"${cfg.package}/bin/k3s ${cfg.role}"
]
- ++ (optional (config.systemd.enableUnifiedCgroupHierarchy) "--kubelet-arg=cgroup-driver=systemd")
++ (optional cfg.disableAgent "--disable-agent")
++ (optional (cfg.serverAddr != "") "--server ${cfg.serverAddr}")
++ (optional (cfg.token != "") "--token ${cfg.token}")
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/addon-manager.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/addon-manager.nix
index b677d900ff5..99fd1e6f049 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/addon-manager.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/addon-manager.nix
@@ -21,7 +21,7 @@ in
options.services.kubernetes.addonManager = with lib.types; {
bootstrapAddons = mkOption {
- description = ''
+ description = lib.mdDoc ''
Bootstrap addons are like regular addons, but they are applied with cluster-admin rigths.
They are applied at addon-manager startup only.
'';
@@ -43,7 +43,7 @@ in
};
addons = mkOption {
- description = "Kubernetes addons (any kind of Kubernetes resource can be an addon).";
+ description = lib.mdDoc "Kubernetes addons (any kind of Kubernetes resource can be an addon).";
default = { };
type = attrsOf (either attrs (listOf attrs));
example = literalExpression ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/addons/dns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/addons/dns.nix
index 7bd4991f43f..5b1e9a68768 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/addons/dns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/addons/dns.nix
@@ -15,7 +15,7 @@ in {
enable = mkEnableOption "kubernetes dns addon";
clusterIp = mkOption {
- description = "Dns addon clusterIP";
+ description = lib.mdDoc "Dns addon clusterIP";
# this default is also what kubernetes users
default = (
@@ -31,31 +31,31 @@ in {
};
clusterDomain = mkOption {
- description = "Dns cluster domain";
+ description = lib.mdDoc "Dns cluster domain";
default = "cluster.local";
type = types.str;
};
replicas = mkOption {
- description = "Number of DNS pod replicas to deploy in the cluster.";
+ description = lib.mdDoc "Number of DNS pod replicas to deploy in the cluster.";
default = 2;
type = types.int;
};
reconcileMode = mkOption {
- description = ''
+ description = lib.mdDoc ''
Controls the addon manager reconciliation mode for the DNS addon.
Setting reconcile mode to EnsureExists makes it possible to tailor DNS behavior by editing the coredns ConfigMap.
- See: .
+ See: .
'';
default = "Reconcile";
type = types.enum [ "Reconcile" "EnsureExists" ];
};
coredns = mkOption {
- description = "Docker image to seed for the CoreDNS container.";
+ description = lib.mdDoc "Docker image to seed for the CoreDNS container.";
type = types.attrs;
default = {
imageName = "coredns/coredns";
@@ -66,10 +66,10 @@ in {
};
corefile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Custom coredns corefile configuration.
- See: .
+ See: .
'';
type = types.str;
default = ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/apiserver.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/apiserver.nix
index a192e93badc..c9ae2c14bbf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/apiserver.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/apiserver.nix
@@ -30,7 +30,7 @@ in
options.services.kubernetes.apiserver = with lib.types; {
advertiseAddress = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver IP address on which to advertise the apiserver
to members of the cluster. This address must be reachable by the rest
of the cluster.
@@ -40,40 +40,40 @@ in
};
allowPrivileged = mkOption {
- description = "Whether to allow privileged containers on Kubernetes.";
+ description = lib.mdDoc "Whether to allow privileged containers on Kubernetes.";
default = false;
type = bool;
};
authorizationMode = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver authorization mode (AlwaysAllow/AlwaysDeny/ABAC/Webhook/RBAC/Node). See
-
+
'';
default = ["RBAC" "Node"]; # Enabling RBAC by default, although kubernetes default is AllowAllow
type = listOf (enum ["AlwaysAllow" "AlwaysDeny" "ABAC" "Webhook" "RBAC" "Node"]);
};
authorizationPolicy = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver authorization policy file. See
-
+
'';
default = [];
type = listOf attrs;
};
basicAuthFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver basic authentication file. See
-
+
'';
default = null;
type = nullOr path;
};
bindAddress = mkOption {
- description = ''
+ description = lib.mdDoc ''
The IP address on which to listen for the --secure-port port.
The associated interface(s) must be reachable by the rest
of the cluster, and by CLI/web clients.
@@ -83,16 +83,16 @@ in
};
clientCaFile = mkOption {
- description = "Kubernetes apiserver CA file for client auth.";
+ description = lib.mdDoc "Kubernetes apiserver CA file for client auth.";
default = top.caFile;
defaultText = literalExpression "config.${otop.caFile}";
type = nullOr path;
};
disableAdmissionPlugins = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes admission control plugins to disable. See
-
+
'';
default = [];
type = listOf str;
@@ -101,9 +101,9 @@ in
enable = mkEnableOption "Kubernetes apiserver";
enableAdmissionPlugins = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes admission control plugins to enable. See
-
+
'';
default = [
"NamespaceLifecycle" "LimitRanger" "ServiceAccount"
@@ -120,25 +120,25 @@ in
etcd = {
servers = mkOption {
- description = "List of etcd servers.";
+ description = lib.mdDoc "List of etcd servers.";
default = ["http://127.0.0.1:2379"];
type = types.listOf types.str;
};
keyFile = mkOption {
- description = "Etcd key file.";
+ description = lib.mdDoc "Etcd key file.";
default = null;
type = types.nullOr types.path;
};
certFile = mkOption {
- description = "Etcd cert file.";
+ description = lib.mdDoc "Etcd cert file.";
default = null;
type = types.nullOr types.path;
};
caFile = mkOption {
- description = "Etcd ca file.";
+ description = lib.mdDoc "Etcd ca file.";
default = top.caFile;
defaultText = literalExpression "config.${otop.caFile}";
type = types.nullOr types.path;
@@ -146,77 +146,77 @@ in
};
extraOpts = mkOption {
- description = "Kubernetes apiserver extra command line options.";
+ description = lib.mdDoc "Kubernetes apiserver extra command line options.";
default = "";
type = separatedString " ";
};
extraSANs = mkOption {
- description = "Extra x509 Subject Alternative Names to be added to the kubernetes apiserver tls cert.";
+ description = lib.mdDoc "Extra x509 Subject Alternative Names to be added to the kubernetes apiserver tls cert.";
default = [];
type = listOf str;
};
featureGates = mkOption {
- description = "List set of feature gates";
+ description = lib.mdDoc "List set of feature gates";
default = top.featureGates;
defaultText = literalExpression "config.${otop.featureGates}";
type = listOf str;
};
insecureBindAddress = mkOption {
- description = "The IP address on which to serve the --insecure-port.";
+ description = lib.mdDoc "The IP address on which to serve the --insecure-port.";
default = "127.0.0.1";
type = str;
};
insecurePort = mkOption {
- description = "Kubernetes apiserver insecure listening port. (0 = disabled)";
+ description = lib.mdDoc "Kubernetes apiserver insecure listening port. (0 = disabled)";
default = 0;
type = int;
};
kubeletClientCaFile = mkOption {
- description = "Path to a cert file for connecting to kubelet.";
+ description = lib.mdDoc "Path to a cert file for connecting to kubelet.";
default = top.caFile;
defaultText = literalExpression "config.${otop.caFile}";
type = nullOr path;
};
kubeletClientCertFile = mkOption {
- description = "Client certificate to use for connections to kubelet.";
+ description = lib.mdDoc "Client certificate to use for connections to kubelet.";
default = null;
type = nullOr path;
};
kubeletClientKeyFile = mkOption {
- description = "Key to use for connections to kubelet.";
+ description = lib.mdDoc "Key to use for connections to kubelet.";
default = null;
type = nullOr path;
};
preferredAddressTypes = mkOption {
- description = "List of the preferred NodeAddressTypes to use for kubelet connections.";
+ description = lib.mdDoc "List of the preferred NodeAddressTypes to use for kubelet connections.";
type = nullOr str;
default = null;
};
proxyClientCertFile = mkOption {
- description = "Client certificate to use for connections to proxy.";
+ description = lib.mdDoc "Client certificate to use for connections to proxy.";
default = null;
type = nullOr path;
};
proxyClientKeyFile = mkOption {
- description = "Key to use for connections to proxy.";
+ description = lib.mdDoc "Key to use for connections to proxy.";
default = null;
type = nullOr path;
};
runtimeConfig = mkOption {
- description = ''
+ description = lib.mdDoc ''
Api runtime configuration. See
-
+
'';
default = "authentication.k8s.io/v1beta1=true";
example = "api/all=false,api/v1=true";
@@ -224,7 +224,7 @@ in
};
storageBackend = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver storage backend.
'';
default = "etcd3";
@@ -232,13 +232,13 @@ in
};
securePort = mkOption {
- description = "Kubernetes apiserver secure port.";
+ description = lib.mdDoc "Kubernetes apiserver secure port.";
default = 6443;
type = int;
};
apiAudiences = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver ServiceAccount issuer.
'';
default = "api,https://kubernetes.default.svc";
@@ -246,7 +246,7 @@ in
};
serviceAccountIssuer = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver ServiceAccount issuer.
'';
default = "https://kubernetes.default.svc";
@@ -254,7 +254,7 @@ in
};
serviceAccountSigningKeyFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Path to the file that contains the current private key of the service
account token issuer. The issuer will sign issued ID tokens with this
private key.
@@ -263,7 +263,7 @@ in
};
serviceAccountKeyFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
File containing PEM-encoded x509 RSA or ECDSA private or public keys,
used to verify ServiceAccount tokens. The specified file can contain
multiple keys, and the flag can be specified multiple times with
@@ -274,7 +274,7 @@ in
};
serviceClusterIpRange = mkOption {
- description = ''
+ description = lib.mdDoc ''
A CIDR notation IP range from which to assign service cluster IPs.
This must not overlap with any IP ranges assigned to nodes for pods.
'';
@@ -283,39 +283,39 @@ in
};
tlsCertFile = mkOption {
- description = "Kubernetes apiserver certificate file.";
+ description = lib.mdDoc "Kubernetes apiserver certificate file.";
default = null;
type = nullOr path;
};
tlsKeyFile = mkOption {
- description = "Kubernetes apiserver private key file.";
+ description = lib.mdDoc "Kubernetes apiserver private key file.";
default = null;
type = nullOr path;
};
tokenAuthFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver token authentication file. See
-
+
'';
default = null;
type = nullOr path;
};
verbosity = mkOption {
- description = ''
+ description = lib.mdDoc ''
Optional glog verbosity level for logging statements. See
-
+
'';
default = null;
type = nullOr int;
};
webhookConfig = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes apiserver Webhook config file. It uses the kubeconfig file format.
- See
+ See
'';
default = null;
type = nullOr path;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/controller-manager.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/controller-manager.nix
index 7c317e94dee..6080e6f9915 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/controller-manager.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/controller-manager.nix
@@ -17,19 +17,19 @@ in
options.services.kubernetes.controllerManager = with lib.types; {
allocateNodeCIDRs = mkOption {
- description = "Whether to automatically allocate CIDR ranges for cluster nodes.";
+ description = lib.mdDoc "Whether to automatically allocate CIDR ranges for cluster nodes.";
default = true;
type = bool;
};
bindAddress = mkOption {
- description = "Kubernetes controller manager listening address.";
+ description = lib.mdDoc "Kubernetes controller manager listening address.";
default = "127.0.0.1";
type = str;
};
clusterCidr = mkOption {
- description = "Kubernetes CIDR Range for Pods in cluster.";
+ description = lib.mdDoc "Kubernetes CIDR Range for Pods in cluster.";
default = top.clusterCidr;
defaultText = literalExpression "config.${otop.clusterCidr}";
type = str;
@@ -38,20 +38,20 @@ in
enable = mkEnableOption "Kubernetes controller manager";
extraOpts = mkOption {
- description = "Kubernetes controller manager extra command line options.";
+ description = lib.mdDoc "Kubernetes controller manager extra command line options.";
default = "";
type = separatedString " ";
};
featureGates = mkOption {
- description = "List set of feature gates";
+ description = lib.mdDoc "List set of feature gates";
default = top.featureGates;
defaultText = literalExpression "config.${otop.featureGates}";
type = listOf str;
};
insecurePort = mkOption {
- description = "Kubernetes controller manager insecure listening port.";
+ description = lib.mdDoc "Kubernetes controller manager insecure listening port.";
default = 0;
type = int;
};
@@ -59,13 +59,13 @@ in
kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes controller manager";
leaderElect = mkOption {
- description = "Whether to start leader election before executing main loop.";
+ description = lib.mdDoc "Whether to start leader election before executing main loop.";
type = bool;
default = true;
};
rootCaFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes controller manager certificate authority file included in
service account's token secret.
'';
@@ -75,13 +75,13 @@ in
};
securePort = mkOption {
- description = "Kubernetes controller manager secure listening port.";
+ description = lib.mdDoc "Kubernetes controller manager secure listening port.";
default = 10252;
type = int;
};
serviceAccountKeyFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes controller manager PEM-encoded private RSA key file used to
sign service account tokens
'';
@@ -90,21 +90,21 @@ in
};
tlsCertFile = mkOption {
- description = "Kubernetes controller-manager certificate file.";
+ description = lib.mdDoc "Kubernetes controller-manager certificate file.";
default = null;
type = nullOr path;
};
tlsKeyFile = mkOption {
- description = "Kubernetes controller-manager private key file.";
+ description = lib.mdDoc "Kubernetes controller-manager private key file.";
default = null;
type = nullOr path;
};
verbosity = mkOption {
- description = ''
+ description = lib.mdDoc ''
Optional glog verbosity level for logging statements. See
-
+
'';
default = null;
type = nullOr int;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/default.nix
index 35ec99d83c8..f5374fc7194 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/default.nix
@@ -77,25 +77,25 @@ let
mkKubeConfigOptions = prefix: {
server = mkOption {
- description = "${prefix} kube-apiserver server address.";
+ description = lib.mdDoc "${prefix} kube-apiserver server address.";
type = types.str;
};
caFile = mkOption {
- description = "${prefix} certificate authority file used to connect to kube-apiserver.";
+ description = lib.mdDoc "${prefix} certificate authority file used to connect to kube-apiserver.";
type = types.nullOr types.path;
default = cfg.caFile;
defaultText = literalExpression "config.${opt.caFile}";
};
certFile = mkOption {
- description = "${prefix} client certificate file used to connect to kube-apiserver.";
+ description = lib.mdDoc "${prefix} client certificate file used to connect to kube-apiserver.";
type = types.nullOr types.path;
default = null;
};
keyFile = mkOption {
- description = "${prefix} client key file used to connect to kube-apiserver.";
+ description = lib.mdDoc "${prefix} client key file used to connect to kube-apiserver.";
type = types.nullOr types.path;
default = null;
};
@@ -111,7 +111,7 @@ in {
options.services.kubernetes = {
roles = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kubernetes role that this machine should take.
Master role will enable etcd, apiserver, scheduler, controller manager
@@ -123,7 +123,7 @@ in {
};
package = mkOption {
- description = "Kubernetes package to use.";
+ description = lib.mdDoc "Kubernetes package to use.";
type = types.package;
default = pkgs.kubernetes;
defaultText = literalExpression "pkgs.kubernetes";
@@ -132,7 +132,7 @@ in {
kubeconfig = mkKubeConfigOptions "Default kubeconfig";
apiserverAddress = mkOption {
- description = ''
+ description = lib.mdDoc ''
Clusterwide accessible address for the kubernetes apiserver,
including protocol and optional port.
'';
@@ -141,49 +141,49 @@ in {
};
caFile = mkOption {
- description = "Default kubernetes certificate authority";
+ description = lib.mdDoc "Default kubernetes certificate authority";
type = types.nullOr types.path;
default = null;
};
dataDir = mkOption {
- description = "Kubernetes root directory for managing kubelet files.";
+ description = lib.mdDoc "Kubernetes root directory for managing kubelet files.";
default = "/var/lib/kubernetes";
type = types.path;
};
easyCerts = mkOption {
- description = "Automatically setup x509 certificates and keys for the entire cluster.";
+ description = lib.mdDoc "Automatically setup x509 certificates and keys for the entire cluster.";
default = false;
type = types.bool;
};
featureGates = mkOption {
- description = "List set of feature gates.";
+ description = lib.mdDoc "List set of feature gates.";
default = [];
type = types.listOf types.str;
};
masterAddress = mkOption {
- description = "Clusterwide available network address or hostname for the kubernetes master server.";
+ description = lib.mdDoc "Clusterwide available network address or hostname for the kubernetes master server.";
example = "master.example.com";
type = types.str;
};
path = mkOption {
- description = "Packages added to the services' PATH environment variable. Both the bin and sbin subdirectories of each package are added.";
+ description = lib.mdDoc "Packages added to the services' PATH environment variable. Both the bin and sbin subdirectories of each package are added.";
type = types.listOf types.package;
default = [];
};
clusterCidr = mkOption {
- description = "Kubernetes controller manager and proxy CIDR Range for Pods in cluster.";
+ description = lib.mdDoc "Kubernetes controller manager and proxy CIDR Range for Pods in cluster.";
default = "10.1.0.0/16";
type = types.nullOr types.str;
};
lib = mkOption {
- description = "Common functions for the kubernetes modules.";
+ description = lib.mdDoc "Common functions for the kubernetes modules.";
default = {
inherit mkCert;
inherit mkKubeConfig;
@@ -193,7 +193,7 @@ in {
};
secretsPath = mkOption {
- description = "Default location for kubernetes secrets. Not a store location.";
+ description = lib.mdDoc "Default location for kubernetes secrets. Not a store location.";
type = types.path;
default = cfg.dataDir + "/secrets";
defaultText = literalExpression ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/kubelet.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/kubelet.nix
index af3a5062feb..cbb1cffc169 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/kubelet.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/kubelet.nix
@@ -23,7 +23,11 @@ let
infraContainer = pkgs.dockerTools.buildImage {
name = "pause";
tag = "latest";
- contents = top.package.pause;
+ copyToRoot = pkgs.buildEnv {
+ name = "image-root";
+ pathsToLink = [ "/bin" ];
+ paths = [ top.package.pause ];
+ };
config.Cmd = ["/bin/pause"];
};
@@ -34,17 +38,17 @@ let
taintOptions = with lib.types; { name, ... }: {
options = {
key = mkOption {
- description = "Key of taint.";
+ description = lib.mdDoc "Key of taint.";
default = name;
defaultText = literalDocBook "Name of this submodule.";
type = str;
};
value = mkOption {
- description = "Value of taint.";
+ description = lib.mdDoc "Value of taint.";
type = str;
};
effect = mkOption {
- description = "Effect of taint.";
+ description = lib.mdDoc "Effect of taint.";
example = "NoSchedule";
type = enum ["NoSchedule" "PreferNoSchedule" "NoExecute"];
};
@@ -64,26 +68,26 @@ in
options.services.kubernetes.kubelet = with lib.types; {
address = mkOption {
- description = "Kubernetes kubelet info server listening address.";
+ description = lib.mdDoc "Kubernetes kubelet info server listening address.";
default = "0.0.0.0";
type = str;
};
clusterDns = mkOption {
- description = "Use alternative DNS.";
+ description = lib.mdDoc "Use alternative DNS.";
default = "10.1.0.1";
type = str;
};
clusterDomain = mkOption {
- description = "Use alternative domain.";
+ description = lib.mdDoc "Use alternative domain.";
default = config.services.kubernetes.addons.dns.clusterDomain;
defaultText = literalExpression "config.${options.services.kubernetes.addons.dns.clusterDomain}";
type = str;
};
clientCaFile = mkOption {
- description = "Kubernetes apiserver CA file for client authentication.";
+ description = lib.mdDoc "Kubernetes apiserver CA file for client authentication.";
default = top.caFile;
defaultText = literalExpression "config.${otop.caFile}";
type = nullOr path;
@@ -91,13 +95,13 @@ in
cni = {
packages = mkOption {
- description = "List of network plugin packages to install.";
+ description = lib.mdDoc "List of network plugin packages to install.";
type = listOf package;
default = [];
};
config = mkOption {
- description = "Kubernetes CNI configuration.";
+ description = lib.mdDoc "Kubernetes CNI configuration.";
type = listOf attrs;
default = [];
example = literalExpression ''
@@ -123,20 +127,20 @@ in
};
configDir = mkOption {
- description = "Path to Kubernetes CNI configuration directory.";
+ description = lib.mdDoc "Path to Kubernetes CNI configuration directory.";
type = nullOr path;
default = null;
};
};
containerRuntime = mkOption {
- description = "Which container runtime type to use";
+ description = lib.mdDoc "Which container runtime type to use";
type = enum ["docker" "remote"];
default = "remote";
};
containerRuntimeEndpoint = mkOption {
- description = "Endpoint at which to find the container runtime api interface/socket";
+ description = lib.mdDoc "Endpoint at which to find the container runtime api interface/socket";
type = str;
default = "unix:///run/containerd/containerd.sock";
};
@@ -144,13 +148,13 @@ in
enable = mkEnableOption "Kubernetes kubelet.";
extraOpts = mkOption {
- description = "Kubernetes kubelet extra command line options.";
+ description = lib.mdDoc "Kubernetes kubelet extra command line options.";
default = "";
type = separatedString " ";
};
featureGates = mkOption {
- description = "List set of feature gates";
+ description = lib.mdDoc "List set of feature gates";
default = top.featureGates;
defaultText = literalExpression "config.${otop.featureGates}";
type = listOf str;
@@ -158,20 +162,20 @@ in
healthz = {
bind = mkOption {
- description = "Kubernetes kubelet healthz listening address.";
+ description = lib.mdDoc "Kubernetes kubelet healthz listening address.";
default = "127.0.0.1";
type = str;
};
port = mkOption {
- description = "Kubernetes kubelet healthz port.";
+ description = lib.mdDoc "Kubernetes kubelet healthz port.";
default = 10248;
type = int;
};
};
hostname = mkOption {
- description = "Kubernetes kubelet hostname override.";
+ description = lib.mdDoc "Kubernetes kubelet hostname override.";
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
type = str;
@@ -180,69 +184,69 @@ in
kubeconfig = top.lib.mkKubeConfigOptions "Kubelet";
manifests = mkOption {
- description = "List of manifests to bootstrap with kubelet (only pods can be created as manifest entry)";
+ description = lib.mdDoc "List of manifests to bootstrap with kubelet (only pods can be created as manifest entry)";
type = attrsOf attrs;
default = {};
};
networkPlugin = mkOption {
- description = "Network plugin to use by Kubernetes.";
+ description = lib.mdDoc "Network plugin to use by Kubernetes.";
type = nullOr (enum ["cni" "kubenet"]);
default = "kubenet";
};
nodeIp = mkOption {
- description = "IP address of the node. If set, kubelet will use this IP address for the node.";
+ description = lib.mdDoc "IP address of the node. If set, kubelet will use this IP address for the node.";
default = null;
type = nullOr str;
};
registerNode = mkOption {
- description = "Whether to auto register kubelet with API server.";
+ description = lib.mdDoc "Whether to auto register kubelet with API server.";
default = true;
type = bool;
};
port = mkOption {
- description = "Kubernetes kubelet info server listening port.";
+ description = lib.mdDoc "Kubernetes kubelet info server listening port.";
default = 10250;
type = int;
};
seedDockerImages = mkOption {
- description = "List of docker images to preload on system";
+ description = lib.mdDoc "List of docker images to preload on system";
default = [];
type = listOf package;
};
taints = mkOption {
- description = "Node taints (https://kubernetes.io/docs/concepts/configuration/assign-pod-node/).";
+ description = lib.mdDoc "Node taints (https://kubernetes.io/docs/concepts/configuration/assign-pod-node/).";
default = {};
type = attrsOf (submodule [ taintOptions ]);
};
tlsCertFile = mkOption {
- description = "File containing x509 Certificate for HTTPS.";
+ description = lib.mdDoc "File containing x509 Certificate for HTTPS.";
default = null;
type = nullOr path;
};
tlsKeyFile = mkOption {
- description = "File containing x509 private key matching tlsCertFile.";
+ description = lib.mdDoc "File containing x509 private key matching tlsCertFile.";
default = null;
type = nullOr path;
};
unschedulable = mkOption {
- description = "Whether to set node taint to unschedulable=true as it is the case of node that has only master role.";
+ description = lib.mdDoc "Whether to set node taint to unschedulable=true as it is the case of node that has only master role.";
default = false;
type = bool;
};
verbosity = mkOption {
- description = ''
+ description = lib.mdDoc ''
Optional glog verbosity level for logging statements. See
-
+
'';
default = null;
type = nullOr int;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/pki.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/pki.nix
index 7d9198d20e8..7c46ac85584 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/pki.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/pki.nix
@@ -44,13 +44,13 @@ in
enable = mkEnableOption "easyCert issuer service";
certs = mkOption {
- description = "List of certificate specs to feed to cert generator.";
+ description = lib.mdDoc "List of certificate specs to feed to cert generator.";
default = {};
type = attrs;
};
genCfsslCACert = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to automatically generate cfssl CA certificate and key,
if they don't exist.
'';
@@ -59,7 +59,7 @@ in
};
genCfsslAPICerts = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to automatically generate cfssl API webserver TLS cert and key,
if they don't exist.
'';
@@ -68,7 +68,7 @@ in
};
cfsslAPIExtraSANs = mkOption {
- description = ''
+ description = lib.mdDoc ''
Extra x509 Subject Alternative Names to be added to the cfssl API webserver TLS cert.
'';
default = [];
@@ -77,7 +77,7 @@ in
};
genCfsslAPIToken = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to automatically generate cfssl API-token secret,
if they doesn't exist.
'';
@@ -86,13 +86,13 @@ in
};
pkiTrustOnBootstrap = mkOption {
- description = "Whether to always trust remote cfssl server upon initial PKI bootstrap.";
+ description = lib.mdDoc "Whether to always trust remote cfssl server upon initial PKI bootstrap.";
default = true;
type = bool;
};
caCertPathPrefix = mkOption {
- description = ''
+ description = lib.mdDoc ''
Path-prefrix for the CA-certificate to be used for cfssl signing.
Suffixes ".pem" and "-key.pem" will be automatically appended for
the public and private keys respectively.
@@ -103,7 +103,7 @@ in
};
caSpec = mkOption {
- description = "Certificate specification for the auto-generated CAcert.";
+ description = lib.mdDoc "Certificate specification for the auto-generated CAcert.";
default = {
CN = "kubernetes-cluster-ca";
O = "NixOS";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/proxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/proxy.nix
index 0fd98d1c157..51114c32499 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/proxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/proxy.nix
@@ -16,7 +16,7 @@ in
options.services.kubernetes.proxy = with lib.types; {
bindAddress = mkOption {
- description = "Kubernetes proxy listening address.";
+ description = lib.mdDoc "Kubernetes proxy listening address.";
default = "0.0.0.0";
type = str;
};
@@ -24,20 +24,20 @@ in
enable = mkEnableOption "Kubernetes proxy";
extraOpts = mkOption {
- description = "Kubernetes proxy extra command line options.";
+ description = lib.mdDoc "Kubernetes proxy extra command line options.";
default = "";
type = separatedString " ";
};
featureGates = mkOption {
- description = "List set of feature gates";
+ description = lib.mdDoc "List set of feature gates";
default = top.featureGates;
defaultText = literalExpression "config.${otop.featureGates}";
type = listOf str;
};
hostname = mkOption {
- description = "Kubernetes proxy hostname override.";
+ description = lib.mdDoc "Kubernetes proxy hostname override.";
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
type = str;
@@ -46,9 +46,9 @@ in
kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes proxy";
verbosity = mkOption {
- description = ''
+ description = lib.mdDoc ''
Optional glog verbosity level for logging statements. See
-
+
'';
default = null;
type = nullOr int;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/scheduler.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/scheduler.nix
index 2d95528a6ea..ddc67889a37 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/scheduler.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/kubernetes/scheduler.nix
@@ -12,7 +12,7 @@ in
options.services.kubernetes.scheduler = with lib.types; {
address = mkOption {
- description = "Kubernetes scheduler listening address.";
+ description = lib.mdDoc "Kubernetes scheduler listening address.";
default = "127.0.0.1";
type = str;
};
@@ -20,13 +20,13 @@ in
enable = mkEnableOption "Kubernetes scheduler";
extraOpts = mkOption {
- description = "Kubernetes scheduler extra command line options.";
+ description = lib.mdDoc "Kubernetes scheduler extra command line options.";
default = "";
type = separatedString " ";
};
featureGates = mkOption {
- description = "List set of feature gates";
+ description = lib.mdDoc "List set of feature gates";
default = top.featureGates;
defaultText = literalExpression "config.${otop.featureGates}";
type = listOf str;
@@ -35,21 +35,21 @@ in
kubeconfig = top.lib.mkKubeConfigOptions "Kubernetes scheduler";
leaderElect = mkOption {
- description = "Whether to start leader election before executing main loop.";
+ description = lib.mdDoc "Whether to start leader election before executing main loop.";
type = bool;
default = true;
};
port = mkOption {
- description = "Kubernetes scheduler listening port.";
+ description = lib.mdDoc "Kubernetes scheduler listening port.";
default = 10251;
type = int;
};
verbosity = mkOption {
- description = ''
+ description = lib.mdDoc ''
Optional glog verbosity level for logging statements. See
-
+
'';
default = null;
type = nullOr int;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/pacemaker/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/pacemaker/default.nix
index 7eeadffcc58..41d98a460f5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/pacemaker/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/pacemaker/default.nix
@@ -13,7 +13,7 @@ in
type = types.package;
default = pkgs.pacemaker;
defaultText = literalExpression "pkgs.pacemaker";
- description = "Package that should be used for pacemaker.";
+ description = lib.mdDoc "Package that should be used for pacemaker.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/spark/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/spark/default.nix
index e6b44e130a3..30d8fa0fc41 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/spark/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/cluster/spark/default.nix
@@ -10,13 +10,13 @@ with lib;
enable = mkEnableOption "Spark master service";
bind = mkOption {
type = types.str;
- description = "Address the spark master binds to.";
+ description = lib.mdDoc "Address the spark master binds to.";
default = "127.0.0.1";
example = "0.0.0.0";
};
restartIfChanged = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Automatically restart master service on config change.
This can be set to false to defer restarts on clusters running critical applications.
Please consider the security implications of inadvertently running an older version,
@@ -26,7 +26,7 @@ with lib;
};
extraEnvironment = mkOption {
type = types.attrsOf types.str;
- description = "Extra environment variables to pass to spark master. See spark-standalone documentation.";
+ description = lib.mdDoc "Extra environment variables to pass to spark master. See spark-standalone documentation.";
default = {};
example = {
SPARK_MASTER_WEBUI_PORT = 8181;
@@ -38,17 +38,17 @@ with lib;
enable = mkEnableOption "Spark worker service";
workDir = mkOption {
type = types.path;
- description = "Spark worker work dir.";
+ description = lib.mdDoc "Spark worker work dir.";
default = "/var/lib/spark";
};
master = mkOption {
type = types.str;
- description = "Address of the spark master.";
+ description = lib.mdDoc "Address of the spark master.";
default = "127.0.0.1:7077";
};
restartIfChanged = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Automatically restart worker service on config change.
This can be set to false to defer restarts on clusters running critical applications.
Please consider the security implications of inadvertently running an older version,
@@ -58,7 +58,7 @@ with lib;
};
extraEnvironment = mkOption {
type = types.attrsOf types.str;
- description = "Extra environment variables to pass to spark worker.";
+ description = lib.mdDoc "Extra environment variables to pass to spark worker.";
default = {};
example = {
SPARK_WORKER_CORES = 5;
@@ -68,18 +68,18 @@ with lib;
};
confDir = mkOption {
type = types.path;
- description = "Spark configuration directory. Spark will use the configuration files (spark-defaults.conf, spark-env.sh, log4j.properties, etc) from this directory.";
+ description = lib.mdDoc "Spark configuration directory. Spark will use the configuration files (spark-defaults.conf, spark-env.sh, log4j.properties, etc) from this directory.";
default = "${cfg.package}/lib/${cfg.package.untarDir}/conf";
defaultText = literalExpression ''"''${package}/lib/''${package.untarDir}/conf"'';
};
logDir = mkOption {
type = types.path;
- description = "Spark log directory.";
+ description = lib.mdDoc "Spark log directory.";
default = "/var/log/spark";
};
package = mkOption {
type = types.package;
- description = "Spark package.";
+ description = lib.mdDoc "Spark package.";
default = pkgs.spark;
defaultText = literalExpression "pkgs.spark";
example = literalExpression ''pkgs.spark.overrideAttrs (super: rec {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/boinc/client.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/boinc/client.nix
index 52249455fd4..ec88be95ecb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/boinc/client.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/boinc/client.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the BOINC distributed computing client. If this
option is set to true, the boinc_client daemon will be run as a
background service. The boinccmd command can be used to control the
@@ -31,7 +31,7 @@ in
type = types.package;
default = pkgs.boinc;
defaultText = literalExpression "pkgs.boinc";
- description = ''
+ description = lib.mdDoc ''
Which BOINC package to use.
'';
};
@@ -39,7 +39,7 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/boinc";
- description = ''
+ description = lib.mdDoc ''
The directory in which to store BOINC's configuration and data files.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/foldingathome/client.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/foldingathome/client.nix
index aa9d0a5218f..ad88fffe43c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/foldingathome/client.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/foldingathome/client.nix
@@ -24,7 +24,7 @@ in
type = types.package;
default = pkgs.fahclient;
defaultText = literalExpression "pkgs.fahclient";
- description = ''
+ description = lib.mdDoc ''
Which Folding@home client to use.
'';
};
@@ -32,7 +32,7 @@ in
user = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The user associated with the reported computation results. This will
be used in the ranking statistics.
'';
@@ -41,7 +41,7 @@ in
team = mkOption {
type = types.int;
default = 236565;
- description = ''
+ description = lib.mdDoc ''
The team ID associated with the reported computation results. This
will be used in the ranking statistics.
@@ -52,7 +52,7 @@ in
daemonNiceLevel = mkOption {
type = types.ints.between (-20) 19;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Daemon process priority for FAHClient.
0 is the default Unix process priority, 19 is the lowest.
'';
@@ -61,9 +61,9 @@ in
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra startup options for the FAHClient. Run
- FAHClient --help to find all the available options.
+ `FAHClient --help` to find all the available options.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/slurm/slurm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/slurm/slurm.nix
index b9792fd1334..785267d4b37 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/slurm/slurm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/slurm/slurm.nix
@@ -66,11 +66,11 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the slurm control daemon.
Note that the standard authentication method is "munge".
The "munge" service needs to be provided with a password file in order for
- slurm to work properly (see services.munge.password).
+ slurm to work properly (see `services.munge.password`).
'';
};
};
@@ -82,9 +82,9 @@ in
type = types.str;
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
- description = ''
- Hostname of the machine where slurmdbd
- is running (i.e. name returned by hostname -s).
+ description = lib.mdDoc ''
+ Hostname of the machine where `slurmdbd`
+ is running (i.e. name returned by `hostname -s`).
'';
};
@@ -92,7 +92,7 @@ in
type = types.str;
default = cfg.user;
defaultText = literalExpression "config.${opt.user}";
- description = ''
+ description = lib.mdDoc ''
Database user name.
'';
};
@@ -100,9 +100,9 @@ in
storagePassFile = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to file with database password. The content of this will be used to
- create the password for the StoragePass option.
+ create the password for the `StoragePass` option.
'';
};
@@ -124,10 +124,10 @@ in
enableStools = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to provide a slurm.conf file.
Enable this option if you do not run a slurm daemon on this host
- (i.e. server.enable and client.enable are false)
+ (i.e. `server.enable` and `client.enable` are `false`)
but you still want to run slurm commands from this host.
'';
};
@@ -137,7 +137,7 @@ in
default = pkgs.slurm.override { enableX11 = ! cfg.enableSrunX11; };
defaultText = literalExpression "pkgs.slurm";
example = literalExpression "pkgs.slurm-full";
- description = ''
+ description = lib.mdDoc ''
The package to use for slurm binaries.
'';
};
@@ -146,7 +146,7 @@ in
type = types.nullOr types.str;
default = null;
example = null;
- description = ''
+ description = lib.mdDoc ''
The short hostname of the machine where SLURM control functions are
executed (i.e. the name returned by the command "hostname -s", use "tux001"
rather than "tux001.my.com").
@@ -158,7 +158,7 @@ in
default = cfg.controlMachine;
defaultText = literalExpression "config.${opt.controlMachine}";
example = null;
- description = ''
+ description = lib.mdDoc ''
Name that ControlMachine should be referred to in establishing a
communications path.
'';
@@ -168,7 +168,7 @@ in
type = types.str;
default = "default";
example = "myCluster";
- description = ''
+ description = lib.mdDoc ''
Necessary to distinguish accounting records in a multi-cluster environment.
'';
};
@@ -177,7 +177,7 @@ in
type = types.listOf types.str;
default = [];
example = literalExpression ''[ "linux[1-32] CPUs=1 State=UNKNOWN" ];'';
- description = ''
+ description = lib.mdDoc ''
Name that SLURM uses to refer to a node (or base partition for BlueGene
systems). Typically this would be the string that "/bin/hostname -s"
returns. Note that now you have to write node's parameters after the name.
@@ -188,7 +188,7 @@ in
type = types.listOf types.str;
default = [];
example = literalExpression ''[ "debug Nodes=linux[1-32] Default=YES MaxTime=INFINITE State=UP" ];'';
- description = ''
+ description = lib.mdDoc ''
Name by which the partition may be referenced. Note that now you have
to write the partition's parameters after the name.
'';
@@ -197,17 +197,17 @@ in
enableSrunX11 = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If enabled srun will accept the option "--x11" to allow for X11 forwarding
from within an interactive session or a batch job. This activates the
slurm-spank-x11 module. Note that this option also enables
- on the client.
+ {option}`services.openssh.forwardX11` on the client.
This option requires slurm to be compiled without native X11 support.
The default behavior is to re-compile the slurm package with native X11
support disabled if this option is set to true.
- To use the native X11 support add PrologFlags=X11 in .
+ To use the native X11 support add `PrologFlags=X11` in {option}`extraConfig`.
Note that this method will only work RSA SSH host keys.
'';
};
@@ -215,7 +215,7 @@ in
procTrackType = mkOption {
type = types.str;
default = "proctrack/linuxproc";
- description = ''
+ description = lib.mdDoc ''
Plugin to be used for process tracking on a job step basis.
The slurmd daemon uses this mechanism to identify all processes
which are children of processes it spawns for a user job step.
@@ -225,7 +225,7 @@ in
stateSaveLocation = mkOption {
type = types.str;
default = "/var/spool/slurmctld";
- description = ''
+ description = lib.mdDoc ''
Directory into which the Slurm controller, slurmctld, saves its state.
'';
};
@@ -233,7 +233,7 @@ in
user = mkOption {
type = types.str;
default = defaultUser;
- description = ''
+ description = lib.mdDoc ''
Set this option when you want to run the slurmctld daemon
as something else than the default slurm user "slurm".
Note that the UID of this user needs to be the same
@@ -244,7 +244,7 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration options that will be added verbatim at
the end of the slurm configuration file.
'';
@@ -253,28 +253,28 @@ in
extraPlugstackConfig = mkOption {
default = "";
type = types.lines;
- description = ''
- Extra configuration that will be added to the end of plugstack.conf.
+ description = lib.mdDoc ''
+ Extra configuration that will be added to the end of `plugstack.conf`.
'';
};
extraCgroupConfig = mkOption {
default = "";
type = types.lines;
- description = ''
- Extra configuration for cgroup.conf. This file is
- used when procTrackType=proctrack/cgroup.
+ description = lib.mdDoc ''
+ Extra configuration for `cgroup.conf`. This file is
+ used when `procTrackType=proctrack/cgroup`.
'';
};
extraConfigPaths = mkOption {
type = with types; listOf path;
default = [];
- description = ''
+ description = lib.mdDoc ''
Slurm expects config files for plugins in the same path
- as slurm.conf. Add extra nix store
+ as `slurm.conf`. Add extra nix store
paths that should be merged into same directory as
- slurm.conf.
+ `slurm.conf`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/torque/mom.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/torque/mom.nix
index 6747bd4b0d5..bf3679847b9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/torque/mom.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/computing/torque/mom.nix
@@ -21,7 +21,7 @@ in
serverNode = mkOption {
type = types.str;
- description = "Hostname running pbs server.";
+ description = lib.mdDoc "Hostname running pbs server.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildbot/master.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildbot/master.nix
index 80c6c6abfd0..ab1a8076c93 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildbot/master.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildbot/master.nix
@@ -61,7 +61,7 @@ in {
factorySteps = mkOption {
type = types.listOf types.str;
- description = "Factory Steps";
+ description = lib.mdDoc "Factory Steps";
default = [];
example = [
"steps.Git(repourl='https://github.com/buildbot/pyflakes.git', mode='incremental')"
@@ -71,7 +71,7 @@ in {
changeSource = mkOption {
type = types.listOf types.str;
- description = "List of Change Sources.";
+ description = lib.mdDoc "List of Change Sources.";
default = [];
example = [
"changes.GitPoller('https://github.com/buildbot/pyflakes.git', workdir='gitpoller-workdir', branch='master', pollinterval=300)"
@@ -81,18 +81,18 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the Buildbot continuous integration server.";
+ description = lib.mdDoc "Whether to enable the Buildbot continuous integration server.";
};
extraConfig = mkOption {
type = types.str;
- description = "Extra configuration to append to master.cfg";
+ description = lib.mdDoc "Extra configuration to append to master.cfg";
default = "c['buildbotNetUsageData'] = None";
};
masterCfg = mkOption {
type = types.path;
- description = "Optionally pass master.cfg path. Other options in this configuration will be ignored.";
+ description = lib.mdDoc "Optionally pass master.cfg path. Other options in this configuration will be ignored.";
default = defaultMasterCfg;
defaultText = literalDocBook ''generated configuration file'';
example = "/etc/nixos/buildbot/master.cfg";
@@ -100,7 +100,7 @@ in {
schedulers = mkOption {
type = types.listOf types.str;
- description = "List of Schedulers.";
+ description = lib.mdDoc "List of Schedulers.";
default = [
"schedulers.SingleBranchScheduler(name='all', change_filter=util.ChangeFilter(branch='master'), treeStableTimer=None, builderNames=['runtests'])"
"schedulers.ForceScheduler(name='force',builderNames=['runtests'])"
@@ -109,7 +109,7 @@ in {
builders = mkOption {
type = types.listOf types.str;
- description = "List of Builders.";
+ description = lib.mdDoc "List of Builders.";
default = [
"util.BuilderConfig(name='runtests',workernames=['example-worker'],factory=factory)"
];
@@ -117,52 +117,52 @@ in {
workers = mkOption {
type = types.listOf types.str;
- description = "List of Workers.";
+ description = lib.mdDoc "List of Workers.";
default = [ "worker.Worker('example-worker', 'pass')" ];
};
reporters = mkOption {
default = [];
type = types.listOf types.str;
- description = "List of reporter objects used to present build status to various users.";
+ description = lib.mdDoc "List of reporter objects used to present build status to various users.";
};
user = mkOption {
default = "buildbot";
type = types.str;
- description = "User the buildbot server should execute under.";
+ description = lib.mdDoc "User the buildbot server should execute under.";
};
group = mkOption {
default = "buildbot";
type = types.str;
- description = "Primary group of buildbot user.";
+ description = lib.mdDoc "Primary group of buildbot user.";
};
extraGroups = mkOption {
type = types.listOf types.str;
default = [];
- description = "List of extra groups that the buildbot user should be a part of.";
+ description = lib.mdDoc "List of extra groups that the buildbot user should be a part of.";
};
home = mkOption {
default = "/home/buildbot";
type = types.path;
- description = "Buildbot home directory.";
+ description = lib.mdDoc "Buildbot home directory.";
};
buildbotDir = mkOption {
default = "${cfg.home}/master";
defaultText = literalExpression ''"''${config.${opt.home}}/master"'';
type = types.path;
- description = "Specifies the Buildbot directory.";
+ description = lib.mdDoc "Specifies the Buildbot directory.";
};
pbPort = mkOption {
default = 9989;
type = types.either types.str types.int;
example = "'tcp:9990:interface=127.0.0.1'";
- description = ''
+ description = lib.mdDoc ''
The buildmaster will listen on a TCP port of your choosing
for connections from workers.
It can also use this port for connections from remote Change Sources,
@@ -170,51 +170,51 @@ in {
This port should be visible to the outside world, and you’ll need to tell
your worker admins about your choice.
If put in (single) quotes, this can also be used as a connection string,
- as defined in the ConnectionStrings guide.
+ as defined in the [ConnectionStrings guide](https://twistedmatrix.com/documents/current/core/howto/endpoints.html).
'';
};
listenAddress = mkOption {
default = "0.0.0.0";
type = types.str;
- description = "Specifies the bind address on which the buildbot HTTP interface listens.";
+ description = lib.mdDoc "Specifies the bind address on which the buildbot HTTP interface listens.";
};
buildbotUrl = mkOption {
default = "http://localhost:8010/";
type = types.str;
- description = "Specifies the Buildbot URL.";
+ description = lib.mdDoc "Specifies the Buildbot URL.";
};
title = mkOption {
default = "Buildbot";
type = types.str;
- description = "Specifies the Buildbot Title.";
+ description = lib.mdDoc "Specifies the Buildbot Title.";
};
titleUrl = mkOption {
default = "Buildbot";
type = types.str;
- description = "Specifies the Buildbot TitleURL.";
+ description = lib.mdDoc "Specifies the Buildbot TitleURL.";
};
dbUrl = mkOption {
default = "sqlite:///state.sqlite";
type = types.str;
- description = "Specifies the database connection string.";
+ description = lib.mdDoc "Specifies the database connection string.";
};
port = mkOption {
default = 8010;
type = types.int;
- description = "Specifies port number on which the buildbot HTTP interface listens.";
+ description = lib.mdDoc "Specifies port number on which the buildbot HTTP interface listens.";
};
package = mkOption {
type = types.package;
default = pkgs.python3Packages.buildbot-full;
defaultText = literalExpression "pkgs.python3Packages.buildbot-full";
- description = "Package to use for buildbot.";
+ description = lib.mdDoc "Package to use for buildbot.";
example = literalExpression "pkgs.python3Packages.buildbot";
};
@@ -222,14 +222,14 @@ in {
default = [ pkgs.git ];
defaultText = literalExpression "[ pkgs.git ]";
type = types.listOf types.package;
- description = "Packages to add to PATH for the buildbot process.";
+ description = lib.mdDoc "Packages to add to PATH for the buildbot process.";
};
pythonPackages = mkOption {
type = types.functionTo (types.listOf types.package);
default = pythonPackages: with pythonPackages; [ ];
defaultText = literalExpression "pythonPackages: with pythonPackages; [ ]";
- description = "Packages to add the to the PYTHONPATH of the buildbot process.";
+ description = lib.mdDoc "Packages to add the to the PYTHONPATH of the buildbot process.";
example = literalExpression "pythonPackages: with pythonPackages; [ requests ]";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildbot/worker.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildbot/worker.nix
index 1d7f53bb655..245f685764d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildbot/worker.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildbot/worker.nix
@@ -49,73 +49,73 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the Buildbot Worker.";
+ description = lib.mdDoc "Whether to enable the Buildbot Worker.";
};
user = mkOption {
default = "bbworker";
type = types.str;
- description = "User the buildbot Worker should execute under.";
+ description = lib.mdDoc "User the buildbot Worker should execute under.";
};
group = mkOption {
default = "bbworker";
type = types.str;
- description = "Primary group of buildbot Worker user.";
+ description = lib.mdDoc "Primary group of buildbot Worker user.";
};
extraGroups = mkOption {
type = types.listOf types.str;
default = [];
- description = "List of extra groups that the Buildbot Worker user should be a part of.";
+ description = lib.mdDoc "List of extra groups that the Buildbot Worker user should be a part of.";
};
home = mkOption {
default = "/home/bbworker";
type = types.path;
- description = "Buildbot home directory.";
+ description = lib.mdDoc "Buildbot home directory.";
};
buildbotDir = mkOption {
default = "${cfg.home}/worker";
defaultText = literalExpression ''"''${config.${opt.home}}/worker"'';
type = types.path;
- description = "Specifies the Buildbot directory.";
+ description = lib.mdDoc "Specifies the Buildbot directory.";
};
workerUser = mkOption {
default = "example-worker";
type = types.str;
- description = "Specifies the Buildbot Worker user.";
+ description = lib.mdDoc "Specifies the Buildbot Worker user.";
};
workerPass = mkOption {
default = "pass";
type = types.str;
- description = "Specifies the Buildbot Worker password.";
+ description = lib.mdDoc "Specifies the Buildbot Worker password.";
};
workerPassFile = mkOption {
type = types.path;
- description = "File used to store the Buildbot Worker password";
+ description = lib.mdDoc "File used to store the Buildbot Worker password";
};
hostMessage = mkOption {
default = null;
type = types.nullOr types.str;
- description = "Description of this worker";
+ description = lib.mdDoc "Description of this worker";
};
adminMessage = mkOption {
default = null;
type = types.nullOr types.str;
- description = "Name of the administrator of this worker";
+ description = lib.mdDoc "Name of the administrator of this worker";
};
masterUrl = mkOption {
default = "localhost:9989";
type = types.str;
- description = "Specifies the Buildbot Worker connection string.";
+ description = lib.mdDoc "Specifies the Buildbot Worker connection string.";
};
keepalive = mkOption {
@@ -131,7 +131,7 @@ in {
type = types.package;
default = pkgs.python3Packages.buildbot-worker;
defaultText = literalExpression "pkgs.python3Packages.buildbot-worker";
- description = "Package to use for buildbot worker.";
+ description = lib.mdDoc "Package to use for buildbot worker.";
example = literalExpression "pkgs.python2Packages.buildbot-worker";
};
@@ -139,7 +139,7 @@ in {
default = with pkgs; [ git ];
defaultText = literalExpression "[ pkgs.git ]";
type = types.listOf types.package;
- description = "Packages to add to PATH for the buildbot process.";
+ description = lib.mdDoc "Packages to add to PATH for the buildbot process.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildkite-agents.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildkite-agents.nix
index 1872567c9f1..cafa40dc6e5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildkite-agents.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/buildkite-agents.nix
@@ -34,32 +34,32 @@ let
enable = mkOption {
default = true;
type = types.bool;
- description = "Whether to enable this buildkite agent";
+ description = lib.mdDoc "Whether to enable this buildkite agent";
};
package = mkOption {
default = pkgs.buildkite-agent;
defaultText = literalExpression "pkgs.buildkite-agent";
- description = "Which buildkite-agent derivation to use";
+ description = lib.mdDoc "Which buildkite-agent derivation to use";
type = types.package;
};
dataDir = mkOption {
default = "/var/lib/buildkite-agent-${name}";
- description = "The workdir for the agent";
+ description = lib.mdDoc "The workdir for the agent";
type = types.str;
};
runtimePackages = mkOption {
default = [ pkgs.bash pkgs.gnutar pkgs.gzip pkgs.git pkgs.nix ];
defaultText = literalExpression "[ pkgs.bash pkgs.gnutar pkgs.gzip pkgs.git pkgs.nix ]";
- description = "Add programs to the buildkite-agent environment";
+ description = lib.mdDoc "Add programs to the buildkite-agent environment";
type = types.listOf types.package;
};
tokenPath = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The token from your Buildkite "Agents" page.
A run-time path to the token file, which is supposed to be provisioned
@@ -70,7 +70,7 @@ let
name = mkOption {
type = types.str;
default = "%hostname-${name}-%n";
- description = ''
+ description = lib.mdDoc ''
The name of the agent as seen in the buildkite dashboard.
'';
};
@@ -79,7 +79,7 @@ let
type = types.attrsOf (types.either types.str (types.listOf types.str));
default = {};
example = { queue = "default"; docker = "true"; ruby2 ="true"; };
- description = ''
+ description = lib.mdDoc ''
Tags for the agent.
'';
};
@@ -88,7 +88,7 @@ let
type = types.lines;
default = "";
example = "debug=true";
- description = ''
+ description = lib.mdDoc ''
Extra lines to be added verbatim to the configuration file.
'';
};
@@ -100,7 +100,7 @@ let
## don't end up in the Nix store.
apply = final: if final == null then null else toString final;
- description = ''
+ description = lib.mdDoc ''
OpenSSH private key
A run-time path to the key file, which is supposed to be provisioned
@@ -169,9 +169,9 @@ let
type = types.path;
default = hooksDir config;
defaultText = literalDocBook "generated from ";
- description = ''
+ description = lib.mdDoc ''
Path to the directory storing the hooks.
- Consider using
+ Consider using {option}`services.buildkite-agents..hooks.`
instead.
'';
};
@@ -180,7 +180,7 @@ let
type = types.str;
default = "${pkgs.bash}/bin/bash -e -c";
defaultText = literalExpression ''"''${pkgs.bash}/bin/bash -e -c"'';
- description = ''
+ description = lib.mdDoc ''
Command that buildkite-agent 3 will execute when it spawns a shell.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/github-runner.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/github-runner.nix
index 30dd919b81a..2da18bbdb39 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/github-runner.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/github-runner.nix
@@ -30,17 +30,17 @@ in
url = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Repository to add the runner to.
Changing this option triggers a new runner registration.
IMPORTANT: If your token is org-wide (not per repository), you need to
provide a github org link, not a single repository, so do it like this
- https://github.com/nixos, not like this
- https://github.com/nixos/nixpkgs.
- Otherwise, you are going to get a 404 NotFound
- from POST https://api.github.com/actions/runner-registration
+ `https://github.com/nixos`, not like this
+ `https://github.com/nixos/nixpkgs`.
+ Otherwise, you are going to get a `404 NotFound`
+ from `POST https://api.github.com/actions/runner-registration`
in the configure script.
'';
example = "https://github.com/nixos/nixpkgs";
@@ -48,7 +48,7 @@ in
tokenFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The full path to a file which contains the runner registration token.
The file should contain exactly one line with the token without any newline.
The token can be used to re-register a runner of the same name but is time-limited.
@@ -61,7 +61,7 @@ in
name = mkOption {
# Same pattern as for `networking.hostName`
type = types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$";
- description = ''
+ description = lib.mdDoc ''
Name of the runner to configure. Defaults to the hostname.
Changing this option triggers a new runner registration.
@@ -73,7 +73,7 @@ in
runnerGroup = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the runner group to add this runner to (defaults to the default runner group).
Changing this option triggers a new runner registration.
@@ -83,8 +83,8 @@ in
extraLabels = mkOption {
type = types.listOf types.str;
- description = ''
- Extra labels in addition to the default (["self-hosted", "Linux", "X64"]).
+ description = lib.mdDoc ''
+ Extra labels in addition to the default (`["self-hosted", "Linux", "X64"]`).
Changing this option triggers a new runner registration.
'';
@@ -94,7 +94,7 @@ in
replace = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Replace any existing runner with the same name.
Without this flag, registering a new runner with the same name fails.
@@ -104,15 +104,15 @@ in
extraPackages = mkOption {
type = types.listOf types.package;
- description = ''
- Extra packages to add to PATH of the service to make them available to workflows.
+ description = lib.mdDoc ''
+ Extra packages to add to `PATH` of the service to make them available to workflows.
'';
default = [ ];
};
package = mkOption {
type = types.package;
- description = ''
+ description = lib.mdDoc ''
Which github-runner derivation to use.
'';
default = pkgs.github-runner;
@@ -280,7 +280,6 @@ in
CapabilityBoundingSet = "";
# ProtectClock= adds DeviceAllow=char-rtc r
DeviceAllow = "";
- LockPersonality = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateMounts = true;
@@ -300,13 +299,17 @@ in
RestrictSUIDSGID = true;
UMask = "0066";
ProtectProc = "invisible";
- ProcSubset = "pid";
SystemCallFilter = [
- "~@debug"
- "~@mount"
- "~@privileged"
+ "~@clock"
"~@cpu-emulation"
+ "~@module"
+ "~@mount"
"~@obsolete"
+ "~@raw-io"
+ "~@reboot"
+ "~capset"
+ "~setdomainname"
+ "~sethostname"
];
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" "AF_NETLINK" ];
@@ -314,6 +317,17 @@ in
PrivateNetwork = false;
# Cannot be true due to Node
MemoryDenyWriteExecute = false;
+
+ # The more restrictive "pid" option makes `nix` commands in CI emit
+ # "GC Warning: Couldn't read /proc/stat"
+ # You may want to set this to "pid" if not using `nix` commands
+ ProcSubset = "all";
+ # Coverage programs for compiled code such as `cargo-tarpaulin` disable
+ # ASLR (address space layout randomization) which requires the
+ # `personality` syscall
+ # You may want to set this to `true` if not using coverage tooling on
+ # compiled code
+ LockPersonality = false;
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gitlab-runner.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gitlab-runner.nix
index 85ac0fb2a89..03d3d2d16e3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gitlab-runner.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gitlab-runner.nix
@@ -22,6 +22,14 @@ let
export CONFIG_FILE=${configPath}
mkdir -p $(dirname ${configPath})
+ touch ${configPath}
+
+ # update global options
+ remarshal --if toml --of json ${configPath} \
+ | jq -cM 'with_entries(select([.key] | inside(["runners"])))' \
+ | jq -scM '.[0] + .[1]' - <(echo ${escapeShellArg (toJSON cfg.settings)}) \
+ | remarshal --if json --of toml \
+ | sponge ${configPath}
# remove no longer existing services
gitlab-runner verify --delete
@@ -91,22 +99,6 @@ let
--name "$NAME" && sleep 1
done
- # update global options
- remarshal --if toml --of json ${configPath} \
- | jq -cM ${escapeShellArg (concatStringsSep " | " [
- ".check_interval = ${toJSON cfg.checkInterval}"
- ".concurrent = ${toJSON cfg.concurrent}"
- ".sentry_dsn = ${toJSON cfg.sentryDSN}"
- ".listen_address = ${toJSON cfg.prometheusListenAddress}"
- ".session_server.listen_address = ${toJSON cfg.sessionServer.listenAddress}"
- ".session_server.advertise_address = ${toJSON cfg.sessionServer.advertiseAddress}"
- ".session_server.session_timeout = ${toJSON cfg.sessionServer.sessionTimeout}"
- "del(.[] | nulls)"
- "del(.session_server[] | nulls)"
- ])} \
- | remarshal --if json --of toml \
- | sponge ${configPath}
-
# make config file readable by service
chown -R --reference=$HOME $(dirname ${configPath})
'');
@@ -133,85 +125,15 @@ in
for settings not covered by this module.
'';
};
- checkInterval = mkOption {
- type = types.int;
- default = 0;
- example = literalExpression "with lib; (length (attrNames config.services.gitlab-runner.services)) * 3";
- description = ''
- Defines the interval length, in seconds, between new jobs check.
- The default value is 3;
- if set to 0 or lower, the default value will be used.
- See runner documentation for more information.
- '';
- };
- concurrent = mkOption {
- type = types.int;
- default = 1;
- example = literalExpression "config.nix.settings.max-jobs";
- description = ''
- Limits how many jobs globally can be run concurrently.
- The most upper limit of jobs using all defined runners.
- 0 does not mean unlimited.
- '';
- };
- sentryDSN = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "https://public:private@host:port/1";
- description = ''
- Data Source Name for tracking of all system level errors to Sentry.
- '';
- };
- prometheusListenAddress = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "localhost:8080";
- description = ''
- Address (<host>:<port>) on which the Prometheus metrics HTTP server
- should be listening.
- '';
- };
- sessionServer = mkOption {
+ settings = mkOption {
type = types.submodule {
- options = {
- listenAddress = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "0.0.0.0:8093";
- description = ''
- An internal URL to be used for the session server.
- '';
- };
- advertiseAddress = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "runner-host-name.tld:8093";
- description = ''
- The URL that the Runner will expose to GitLab to be used
- to access the session server.
- Fallbacks to if not defined.
- '';
- };
- sessionTimeout = mkOption {
- type = types.int;
- default = 1800;
- description = ''
- How long in seconds the session can stay active after
- the job completes (which will block the job from finishing).
- '';
- };
- };
+ freeformType = (pkgs.formats.json { }).type;
};
default = { };
- example = literalExpression ''
- {
- listenAddress = "0.0.0.0:8093";
- }
- '';
description = ''
- The session server allows the user to interact with jobs
- that the Runner is responsible for. A good example of this is the
- interactive web terminal.
+ Global gitlab-runner configuration. See
+
+ for supported values.
'';
};
gracefulTermination = mkOption {
@@ -535,8 +457,8 @@ in
config = mkIf cfg.enable {
warnings = (mapAttrsToList
(n: v: "services.gitlab-runner.services.${n}.`registrationConfigFile` points to a file in Nix Store. You should use quoted absolute path to prevent this.")
- (filterAttrs (n: v: isStorePath v.registrationConfigFile) cfg.services))
- ++ optional (cfg.configFile != null) "services.gitlab-runner.`configFile` is deprecated, please use services.gitlab-runner.`services`.";
+ (filterAttrs (n: v: isStorePath v.registrationConfigFile) cfg.services));
+
environment.systemPackages = [ cfg.package ];
systemd.services.gitlab-runner = {
description = "Gitlab Runner";
@@ -584,5 +506,14 @@ in
(mkRenamedOptionModule [ "services" "gitlab-runner" "packages" ] [ "services" "gitlab-runner" "extraPackages" ] )
(mkRemovedOptionModule [ "services" "gitlab-runner" "configOptions" ] "Use services.gitlab-runner.services option instead" )
(mkRemovedOptionModule [ "services" "gitlab-runner" "workDir" ] "You should move contents of workDir (if any) to /var/lib/gitlab-runner" )
+
+ (mkRenamedOptionModule [ "services" "gitlab-runner" "checkInterval" ] [ "services" "gitlab-runner" "settings" "check_interval" ] )
+ (mkRenamedOptionModule [ "services" "gitlab-runner" "concurrent" ] [ "services" "gitlab-runner" "settings" "concurrent" ] )
+ (mkRenamedOptionModule [ "services" "gitlab-runner" "sentryDSN" ] [ "services" "gitlab-runner" "settings" "sentry_dsn" ] )
+ (mkRenamedOptionModule [ "services" "gitlab-runner" "prometheusListenAddress" ] [ "services" "gitlab-runner" "settings" "listen_address" ] )
+
+ (mkRenamedOptionModule [ "services" "gitlab-runner" "sessionServer" "listenAddress" ] [ "services" "gitlab-runner" "settings" "session_server" "listen_address" ] )
+ (mkRenamedOptionModule [ "services" "gitlab-runner" "sessionServer" "advertiseAddress" ] [ "services" "gitlab-runner" "settings" "session_server" "advertise_address" ] )
+ (mkRenamedOptionModule [ "services" "gitlab-runner" "sessionServer" "sessionTimeout" ] [ "services" "gitlab-runner" "settings" "session_server" "session_timeout" ] )
];
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gocd-agent/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gocd-agent/default.nix
index c63998c6736..c9e22dff152 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gocd-agent/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gocd-agent/default.nix
@@ -13,7 +13,7 @@ in {
user = mkOption {
default = "gocd-agent";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User the Go.CD agent should execute under.
'';
};
@@ -21,7 +21,7 @@ in {
group = mkOption {
default = "gocd-agent";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
If the default user "gocd-agent" is configured then this is the primary
group of that user.
'';
@@ -31,7 +31,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "wheel" "docker" ];
- description = ''
+ description = lib.mdDoc ''
List of extra groups that the "gocd-agent" user should be a part of.
'';
};
@@ -40,7 +40,7 @@ in {
default = [ pkgs.stdenv pkgs.jre pkgs.git config.programs.ssh.package pkgs.nix ];
defaultText = literalExpression "[ pkgs.stdenv pkgs.jre pkgs.git config.programs.ssh.package pkgs.nix ]";
type = types.listOf types.package;
- description = ''
+ description = lib.mdDoc ''
Packages to add to PATH for the Go.CD agent process.
'';
};
@@ -53,7 +53,7 @@ in {
agent.auto.register.environments=QA,Performance
agent.auto.register.hostname=Agent01
'';
- description = ''
+ description = lib.mdDoc ''
Agent registration configuration.
'';
};
@@ -61,7 +61,7 @@ in {
goServer = mkOption {
default = "https://127.0.0.1:8154/go";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
URL of the GoCD Server to attach the Go.CD Agent to.
'';
};
@@ -69,7 +69,7 @@ in {
workDir = mkOption {
default = "/var/lib/go-agent";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the working directory in which the Go.CD agent java archive resides.
'';
};
@@ -77,7 +77,7 @@ in {
initialJavaHeapSize = mkOption {
default = "128m";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the initial java heap memory size for the Go.CD agent java process.
'';
};
@@ -85,7 +85,7 @@ in {
maxJavaHeapMemory = mkOption {
default = "256m";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the java maximum heap memory size for the Go.CD agent java process.
'';
};
@@ -108,7 +108,7 @@ in {
"-Djava.security.egd=file:/dev/./urandom"
]
'';
- description = ''
+ description = lib.mdDoc ''
Specifies startup command line arguments to pass to Go.CD agent
java process.
'';
@@ -127,7 +127,7 @@ in {
"-XX:+PrintGCDetails"
"-XX:+PrintGC"
];
- description = ''
+ description = lib.mdDoc ''
Specifies additional command line arguments to pass to Go.CD agent
java process. Example contains debug and gcLog arguments.
'';
@@ -136,10 +136,10 @@ in {
environment = mkOption {
default = { };
type = with types; attrsOf str;
- description = ''
+ description = lib.mdDoc ''
Additional environment variables to be passed to the Go.CD agent process.
As a base environment, Go.CD agent receives NIX_PATH from
- , NIX_REMOTE is set to
+ {option}`environment.sessionVariables`, NIX_REMOTE is set to
"daemon".
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gocd-server/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gocd-server/default.nix
index 3540656f934..50b5a20ad7e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gocd-server/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/gocd-server/default.nix
@@ -13,7 +13,7 @@ in {
user = mkOption {
default = "gocd-server";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User the Go.CD server should execute under.
'';
};
@@ -21,7 +21,7 @@ in {
group = mkOption {
default = "gocd-server";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
If the default user "gocd-server" is configured then this is the primary group of that user.
'';
};
@@ -30,7 +30,7 @@ in {
default = [ ];
type = types.listOf types.str;
example = [ "wheel" "docker" ];
- description = ''
+ description = lib.mdDoc ''
List of extra groups that the "gocd-server" user should be a part of.
'';
};
@@ -39,7 +39,7 @@ in {
default = "0.0.0.0";
example = "localhost";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the bind address on which the Go.CD server HTTP interface listens.
'';
};
@@ -47,7 +47,7 @@ in {
port = mkOption {
default = 8153;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Specifies port number on which the Go.CD server HTTP interface listens.
'';
};
@@ -55,7 +55,7 @@ in {
sslPort = mkOption {
default = 8154;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Specifies port number on which the Go.CD server HTTPS interface listens.
'';
};
@@ -63,7 +63,7 @@ in {
workDir = mkOption {
default = "/var/lib/go-server";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the working directory in which the Go.CD server java archive resides.
'';
};
@@ -72,7 +72,7 @@ in {
default = [ pkgs.stdenv pkgs.jre pkgs.git config.programs.ssh.package pkgs.nix ];
defaultText = literalExpression "[ pkgs.stdenv pkgs.jre pkgs.git config.programs.ssh.package pkgs.nix ]";
type = types.listOf types.package;
- description = ''
+ description = lib.mdDoc ''
Packages to add to PATH for the Go.CD server's process.
'';
};
@@ -80,7 +80,7 @@ in {
initialJavaHeapSize = mkOption {
default = "512m";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the initial java heap memory size for the Go.CD server's java process.
'';
};
@@ -88,7 +88,7 @@ in {
maxJavaHeapMemory = mkOption {
default = "1024m";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the java maximum heap memory size for the Go.CD server's java process.
'';
};
@@ -122,7 +122,7 @@ in {
]
'';
- description = ''
+ description = lib.mdDoc ''
Specifies startup command line arguments to pass to Go.CD server
java process.
'';
@@ -141,7 +141,7 @@ in {
"-XX:+PrintGCDetails"
"-XX:+PrintGC"
];
- description = ''
+ description = lib.mdDoc ''
Specifies additional command line arguments to pass to Go.CD server's
java process. Example contains debug and gcLog arguments.
'';
@@ -150,10 +150,10 @@ in {
environment = mkOption {
default = { };
type = with types; attrsOf str;
- description = ''
+ description = lib.mdDoc ''
Additional environment variables to be passed to the gocd-server process.
As a base environment, gocd-server receives NIX_PATH from
- , NIX_REMOTE is set to
+ {option}`environment.sessionVariables`, NIX_REMOTE is set to
"daemon".
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hail.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hail.nix
index 4070a3425c4..76d7356e247 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hail.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hail.nix
@@ -13,7 +13,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables the Hail Auto Update Service. Hail can automatically deploy artifacts
built by a Hydra Continous Integration server. A common use case is to provide
continous deployment for single services or a full NixOS configuration.'';
@@ -21,22 +21,22 @@ in {
profile = mkOption {
type = types.str;
default = "hail-profile";
- description = "The name of the Nix profile used by Hail.";
+ description = lib.mdDoc "The name of the Nix profile used by Hail.";
};
hydraJobUri = mkOption {
type = types.str;
- description = "The URI of the Hydra Job.";
+ description = lib.mdDoc "The URI of the Hydra Job.";
};
netrc = mkOption {
type = types.nullOr types.path;
- description = "The netrc file to use when fetching data from Hydra.";
+ description = lib.mdDoc "The netrc file to use when fetching data from Hydra.";
default = null;
};
package = mkOption {
type = types.package;
default = pkgs.haskellPackages.hail;
defaultText = literalExpression "pkgs.haskellPackages.hail";
- description = "Hail package to use.";
+ description = lib.mdDoc "Hail package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hercules-ci-agent/common.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hercules-ci-agent/common.nix
index 80c88714bfc..9e1fb030757 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hercules-ci-agent/common.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hercules-ci-agent/common.nix
@@ -28,7 +28,7 @@ let
freeformType = format.type;
options = {
apiBaseUrl = mkOption {
- description = ''
+ description = lib.mdDoc ''
API base URL that the agent will connect to.
When using Hercules CI Enterprise, set this to the URL where your
@@ -40,19 +40,19 @@ let
baseDirectory = mkOption {
type = types.path;
default = "/var/lib/hercules-ci-agent";
- description = ''
+ description = lib.mdDoc ''
State directory (secrets, work directory, etc) for agent
'';
};
concurrentTasks = mkOption {
- description = ''
+ description = lib.mdDoc ''
Number of tasks to perform simultaneously.
A task is a single derivation build, an evaluation or an effect run.
- At minimum, you need 2 concurrent tasks for x86_64-linux
+ At minimum, you need 2 concurrent tasks for `x86_64-linux`
in your cluster, to allow for import from derivation.
- concurrentTasks can be around the CPU core count or lower if memory is
+ `concurrentTasks` can be around the CPU core count or lower if memory is
the bottleneck.
The optimal value depends on the resource consumption characteristics of your workload,
@@ -66,7 +66,7 @@ let
default = "auto";
};
labels = mkOption {
- description = ''
+ description = lib.mdDoc ''
A key-value map of user data.
This data will be available to organization members in the dashboard and API.
@@ -85,7 +85,7 @@ let
'';
};
workDirectory = mkOption {
- description = ''
+ description = lib.mdDoc ''
The directory in which temporary subdirectories are created for task state. This includes sources for Nix evaluation.
'';
type = types.path;
@@ -93,10 +93,10 @@ let
defaultText = literalExpression ''baseDirectory + "/work"'';
};
staticSecretsDirectory = mkOption {
- description = ''
- This is the default directory to look for statically configured secrets like cluster-join-token.key.
+ description = lib.mdDoc ''
+ This is the default directory to look for statically configured secrets like `cluster-join-token.key`.
- See also clusterJoinTokenPath and binaryCachesPath for fine-grained configuration.
+ See also `clusterJoinTokenPath` and `binaryCachesPath` for fine-grained configuration.
'';
type = types.path;
default = config.baseDirectory + "/secrets";
@@ -190,26 +190,26 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable to run Hercules CI Agent as a system service.
- Hercules CI is a
+ [Hercules CI](https://hercules-ci.com) is a
continuous integation service that is centered around Nix.
- Support is available at help@hercules-ci.com.
+ Support is available at [help@hercules-ci.com](mailto:help@hercules-ci.com).
'';
};
checkNix = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to make sure that the system's Nix (nix-daemon) is compatible.
If you set this to false, please keep up with the change log.
'';
};
package = mkOption {
- description = ''
+ description = lib.mdDoc ''
Package containing the bin/hercules-ci-agent executable.
'';
type = types.package;
@@ -217,12 +217,12 @@ in
defaultText = literalExpression "pkgs.hercules-ci-agent";
};
settings = mkOption {
- description = ''
- These settings are written to the agent.toml file.
+ description = lib.mdDoc ''
+ These settings are written to the `agent.toml` file.
Not all settings are listed as options, can be set nonetheless.
- For the exhaustive list of settings, see .
+ For the exhaustive list of settings, see .
'';
type = types.submoduleWith { modules = [ settingsModule ]; };
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hydra/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hydra/default.nix
index 87806d48e89..f4cdf690bb3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hydra/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/hydra/default.nix
@@ -78,7 +78,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run Hydra services.
'';
};
@@ -101,12 +101,12 @@ in
type = types.package;
default = pkgs.hydra_unstable;
defaultText = literalExpression "pkgs.hydra_unstable";
- description = "The Hydra package.";
+ description = lib.mdDoc "The Hydra package.";
};
hydraURL = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The base URL for the Hydra webserver instance. Used for links in emails.
'';
};
@@ -124,7 +124,7 @@ in
port = mkOption {
type = types.int;
default = 3000;
- description = ''
+ description = lib.mdDoc ''
TCP port the web server should listen to.
'';
};
@@ -132,7 +132,7 @@ in
minimumDiskFree = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Threshold of minimum disk space (GiB) to determine if the queue runner should run or not.
'';
};
@@ -140,14 +140,14 @@ in
minimumDiskFreeEvaluator = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Threshold of minimum disk space (GiB) to determine if the evaluator should run or not.
'';
};
notificationSender = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Sender email address used for email notifications.
'';
};
@@ -156,7 +156,7 @@ in
type = types.nullOr types.str;
default = null;
example = "localhost";
- description = ''
+ description = lib.mdDoc ''
Hostname of the SMTP server to use to send email.
'';
};
@@ -164,7 +164,7 @@ in
tracker = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Piece of HTML that is included on all pages.
'';
};
@@ -172,7 +172,7 @@ in
logo = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to a file containing the logo of your Hydra instance.
'';
};
@@ -180,24 +180,24 @@ in
debugServer = mkOption {
type = types.bool;
default = false;
- description = "Whether to run the server in debug mode.";
+ description = lib.mdDoc "Whether to run the server in debug mode.";
};
extraConfig = mkOption {
type = types.lines;
- description = "Extra lines for the Hydra configuration.";
+ description = lib.mdDoc "Extra lines for the Hydra configuration.";
};
extraEnv = mkOption {
type = types.attrsOf types.str;
default = {};
- description = "Extra environment variables for Hydra.";
+ description = lib.mdDoc "Extra environment variables for Hydra.";
};
gcRootsDir = mkOption {
type = types.path;
default = "/nix/var/nix/gcroots/hydra";
- description = "Directory that holds Hydra garbage collector roots.";
+ description = lib.mdDoc "Directory that holds Hydra garbage collector roots.";
};
buildMachinesFiles = mkOption {
@@ -205,13 +205,13 @@ in
default = optional (config.nix.buildMachines != []) "/etc/nix/machines";
defaultText = literalExpression ''optional (config.nix.buildMachines != []) "/etc/nix/machines"'';
example = [ "/etc/nix/machines" "/var/lib/hydra/provisioner/machines" ];
- description = "List of files containing build machines.";
+ description = lib.mdDoc "List of files containing build machines.";
};
useSubstitutes = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use binary caches for downloading store paths. Note that
binary substitutions trigger (a potentially large number of) additional
HTTP requests that slow down the queue monitor thread significantly.
@@ -298,6 +298,7 @@ in
environment = env // {
HYDRA_DBI = "${env.HYDRA_DBI};application_name=hydra-init";
};
+ path = [ pkgs.util-linux ];
preStart = ''
mkdir -p ${baseDir}
chown hydra:hydra ${baseDir}
@@ -318,11 +319,11 @@ in
${optionalString haveLocalDB ''
if ! [ -e ${baseDir}/.db-created ]; then
- ${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} ${config.services.postgresql.package}/bin/createuser hydra
- ${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} ${config.services.postgresql.package}/bin/createdb -O hydra hydra
+ runuser -u ${config.services.postgresql.superUser} ${config.services.postgresql.package}/bin/createuser hydra
+ runuser -u ${config.services.postgresql.superUser} ${config.services.postgresql.package}/bin/createdb -O hydra hydra
touch ${baseDir}/.db-created
fi
- echo "create extension if not exists pg_trgm" | ${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} -- ${config.services.postgresql.package}/bin/psql hydra
+ echo "create extension if not exists pg_trgm" | runuser -u ${config.services.postgresql.superUser} -- ${config.services.postgresql.package}/bin/psql hydra
''}
if [ ! -e ${cfg.gcRootsDir} ]; then
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/default.nix
index d37dcb5519d..6cd5718f422 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/default.nix
@@ -9,7 +9,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the jenkins continuous integration server.
'';
};
@@ -17,7 +17,7 @@ in {
user = mkOption {
default = "jenkins";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User the jenkins server should execute under.
'';
};
@@ -25,7 +25,7 @@ in {
group = mkOption {
default = "jenkins";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
If the default user "jenkins" is configured then this is the primary
group of that user.
'';
@@ -35,7 +35,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "wheel" "dialout" ];
- description = ''
+ description = lib.mdDoc ''
List of extra groups that the "jenkins" user should be a part of.
'';
};
@@ -43,7 +43,7 @@ in {
home = mkOption {
default = "/var/lib/jenkins";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The path to use as JENKINS_HOME. If the default user "jenkins" is configured then
this is the home of the "jenkins" user.
'';
@@ -53,7 +53,7 @@ in {
default = "0.0.0.0";
example = "localhost";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the bind address on which the jenkins HTTP interface listens.
The default is the wildcard address.
'';
@@ -62,7 +62,7 @@ in {
port = mkOption {
default = 8080;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Specifies port number on which the jenkins HTTP interface listens.
The default is 8080.
'';
@@ -72,7 +72,7 @@ in {
default = "";
example = "/jenkins";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies a urlPrefix to use with jenkins.
If the example /jenkins is given, the jenkins server will be
accessible using localhost:8080/jenkins.
@@ -83,14 +83,14 @@ in {
default = pkgs.jenkins;
defaultText = literalExpression "pkgs.jenkins";
type = types.package;
- description = "Jenkins package to use.";
+ description = lib.mdDoc "Jenkins package to use.";
};
packages = mkOption {
default = [ pkgs.stdenv pkgs.git pkgs.jdk11 config.programs.ssh.package pkgs.nix ];
defaultText = literalExpression "[ pkgs.stdenv pkgs.git pkgs.jdk11 config.programs.ssh.package pkgs.nix ]";
type = types.listOf types.package;
- description = ''
+ description = lib.mdDoc ''
Packages to add to PATH for the jenkins process.
'';
};
@@ -98,12 +98,12 @@ in {
environment = mkOption {
default = { };
type = with types; attrsOf str;
- description = ''
+ description = lib.mdDoc ''
Additional environment variables to be passed to the jenkins process.
As a base environment, jenkins receives NIX_PATH from
- , NIX_REMOTE is set to
+ {option}`environment.sessionVariables`, NIX_REMOTE is set to
"daemon" and JENKINS_HOME is set to the value of
- .
+ {option}`services.jenkins.home`.
This option has precedence and can be used to override those
mentioned variables.
'';
@@ -112,13 +112,13 @@ in {
plugins = mkOption {
default = null;
type = types.nullOr (types.attrsOf types.package);
- description = ''
+ description = lib.mdDoc ''
A set of plugins to activate. Note that this will completely
remove and replace any previously installed plugins. If you
have manually-installed plugins that you want to keep while
using this module, set this option to
- null. You can generate this set with a
- tool such as jenkinsPlugins2nix.
+ `null`. You can generate this set with a
+ tool such as `jenkinsPlugins2nix`.
'';
example = literalExpression ''
import path/to/jenkinsPlugins2nix-generated-plugins.nix { inherit (pkgs) fetchurl stdenv; }
@@ -129,7 +129,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "--debug=9" ];
- description = ''
+ description = lib.mdDoc ''
Additional command line arguments to pass to Jenkins.
'';
};
@@ -138,7 +138,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "-Xmx80m" ];
- description = ''
+ description = lib.mdDoc ''
Additional command line arguments to pass to the Java run time (as opposed to Jenkins).
'';
};
@@ -146,12 +146,12 @@ in {
withCLI = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to make the CLI available.
More info about the CLI available at
-
- https://www.jenkins.io/doc/book/managing/cli .
+ [
+ https://www.jenkins.io/doc/book/managing/cli](https://www.jenkins.io/doc/book/managing/cli) .
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/job-builder.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/job-builder.nix
index 3ca1542c18f..8dc06bf2641 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/job-builder.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/job-builder.nix
@@ -12,7 +12,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether or not to enable the Jenkins Job Builder (JJB) service. It
allows defining jobs for Jenkins in a declarative manner.
@@ -24,15 +24,15 @@ in {
deleted.
Please see the Jenkins Job Builder documentation for more info:
-
- http://docs.openstack.org/infra/jenkins-job-builder/
+ [
+ http://docs.openstack.org/infra/jenkins-job-builder/](http://docs.openstack.org/infra/jenkins-job-builder/)
'';
};
accessUser = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User id in Jenkins used to reload config.
'';
};
@@ -40,10 +40,10 @@ in {
accessToken = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User token in Jenkins used to reload config.
WARNING: This token will be world readable in the Nix store. To keep
- it secret, use the option instead.
+ it secret, use the {option}`accessTokenFile` option instead.
'';
};
@@ -51,8 +51,8 @@ in {
default = "";
type = types.str;
example = "/run/keys/jenkins-job-builder-access-token";
- description = ''
- File containing the API token for the
+ description = lib.mdDoc ''
+ File containing the API token for the {option}`accessUser`
user.
'';
};
@@ -66,7 +66,7 @@ in {
builders:
- shell: echo 'Hello world!'
'';
- description = ''
+ description = lib.mdDoc ''
Job descriptions for Jenkins Job Builder in YAML format.
'';
};
@@ -86,7 +86,7 @@ in {
'''
]
'';
- description = ''
+ description = lib.mdDoc ''
Job descriptions for Jenkins Job Builder in JSON format.
'';
};
@@ -104,7 +104,7 @@ in {
}
]
'';
- description = ''
+ description = lib.mdDoc ''
Job descriptions for Jenkins Job Builder in Nix format.
This is a trivial wrapper around jsonJobs, using builtins.toJSON
@@ -156,12 +156,22 @@ in {
reloadScript = ''
echo "Asking Jenkins to reload config"
curl_opts="--silent --fail --show-error"
- access_token=${if cfg.accessTokenFile != ""
- then "$(cat '${cfg.accessTokenFile}')"
- else cfg.accessToken}
- jenkins_url="http://${cfg.accessUser}:$access_token@${jenkinsCfg.listenAddress}:${toString jenkinsCfg.port}${jenkinsCfg.prefix}"
- crumb=$(curl $curl_opts "$jenkins_url"'/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
- curl $curl_opts -X POST -H "$crumb" "$jenkins_url"/reload
+ access_token_file=${if cfg.accessTokenFile != ""
+ then cfg.accessTokenFile
+ else "$RUNTIME_DIRECTORY/jenkins_access_token.txt"}
+ if [ "${cfg.accessToken}" != "" ]; then
+ (umask 0077; printf "${cfg.accessToken}" >"$access_token_file")
+ fi
+ jenkins_url="http://${jenkinsCfg.listenAddress}:${toString jenkinsCfg.port}${jenkinsCfg.prefix}"
+ auth_file="$RUNTIME_DIRECTORY/jenkins_auth_file.txt"
+ trap 'rm -f "$auth_file"' EXIT
+ (umask 0077; printf "${cfg.accessUser}:@password_placeholder@" >"$auth_file")
+ "${pkgs.replace-secret}/bin/replace-secret" "@password_placeholder@" "$access_token_file" "$auth_file"
+
+ if ! "${pkgs.jenkins}/bin/jenkins-cli" -s "$jenkins_url" -auth "@$auth_file" reload-configuration; then
+ echo "error: failed to reload configuration"
+ exit 1
+ fi
'';
in
''
@@ -233,6 +243,7 @@ in {
done
'' + (if cfg.accessUser != "" then reloadScript else "");
serviceConfig = {
+ Type = "oneshot";
User = jenkinsCfg.user;
RuntimeDirectory = "jenkins-job-builder";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/slave.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/slave.nix
index 871b9914fb2..9b86917ab38 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/slave.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/continuous-integration/jenkins/slave.nix
@@ -14,7 +14,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If true the system will be configured to work as a jenkins slave.
If the system is also configured to work as a jenkins master then this has no effect.
In progress: Currently only assures the jenkins user is configured.
@@ -24,7 +24,7 @@ in {
user = mkOption {
default = "jenkins";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User the jenkins slave agent should execute under.
'';
};
@@ -32,7 +32,7 @@ in {
group = mkOption {
default = "jenkins";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
If the default slave agent user "jenkins" is configured then this is
the primary group of that user.
'';
@@ -41,7 +41,7 @@ in {
home = mkOption {
default = "/var/lib/jenkins";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The path to use as JENKINS_HOME. If the default user "jenkins" is configured then
this is the home of the "jenkins" user.
'';
@@ -50,7 +50,7 @@ in {
javaPackage = mkOption {
default = pkgs.jdk;
defaultText = literalExpression "pkgs.jdk";
- description = ''
+ description = lib.mdDoc ''
Java package to install.
'';
type = types.package;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/aerospike.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/aerospike.nix
index 8109762aea7..9ffedaebf66 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/aerospike.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/aerospike.nix
@@ -45,13 +45,13 @@ in
default = pkgs.aerospike;
defaultText = literalExpression "pkgs.aerospike";
type = types.package;
- description = "Which Aerospike derivation to use";
+ description = lib.mdDoc "Which Aerospike derivation to use";
};
workDir = mkOption {
type = types.str;
default = "/var/lib/aerospike";
- description = "Location where Aerospike stores its files";
+ description = lib.mdDoc "Location where Aerospike stores its files";
};
networkConfig = mkOption {
@@ -80,7 +80,7 @@ in
port 3003
}
'';
- description = "network section of configuration file";
+ description = lib.mdDoc "network section of configuration file";
};
extraConfig = mkOption {
@@ -94,7 +94,7 @@ in
storage-engine memory
}
'';
- description = "Extra configuration";
+ description = lib.mdDoc "Extra configuration";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/cassandra.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/cassandra.nix
index b457e69baba..38db1d2e9f7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/cassandra.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/cassandra.nix
@@ -422,11 +422,11 @@ in
options = {
username = mkOption {
type = types.str;
- description = "Username for JMX";
+ description = lib.mdDoc "Username for JMX";
};
password = mkOption {
type = types.str;
- description = "Password for JMX";
+ description = lib.mdDoc "Password for JMX";
};
};
});
@@ -440,7 +440,7 @@ in
else null;
defaultText = literalMD ''generated configuration file if version is at least 3.11, otherwise `null`'';
example = "/var/lib/cassandra/jmx.password";
- description = ''
+ description = lib.mdDoc ''
Specify your own jmx roles file.
Make sure the permissions forbid "others" from reading the file if
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/clickhouse.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/clickhouse.nix
index 3a161d56107..53637f4171c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/clickhouse.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/clickhouse.nix
@@ -17,7 +17,7 @@ with lib;
type = types.package;
default = pkgs.clickhouse;
defaultText = "pkgs.clickhouse";
- description = ''
+ description = lib.mdDoc ''
ClickHouse package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/cockroachdb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/cockroachdb.nix
index 9a7aebe4f6a..b8d7321d00f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/cockroachdb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/cockroachdb.nix
@@ -35,13 +35,13 @@ let
address = mkOption {
type = types.str;
default = "localhost";
- description = "Address to bind to for ${descr}";
+ description = lib.mdDoc "Address to bind to for ${descr}";
};
port = mkOption {
type = types.port;
default = defaultPort;
- description = "Port to bind to for ${descr}";
+ description = lib.mdDoc "Port to bind to for ${descr}";
};
};
in
@@ -80,50 +80,50 @@ in
join = mkOption {
type = types.nullOr types.str;
default = null;
- description = "The addresses for connecting the node to a cluster.";
+ description = lib.mdDoc "The addresses for connecting the node to a cluster.";
};
insecure = mkOption {
type = types.bool;
default = false;
- description = "Run in insecure mode.";
+ description = lib.mdDoc "Run in insecure mode.";
};
certsDir = mkOption {
type = types.nullOr types.path;
default = null;
- description = "The path to the certificate directory.";
+ description = lib.mdDoc "The path to the certificate directory.";
};
user = mkOption {
type = types.str;
default = "cockroachdb";
- description = "User account under which CockroachDB runs";
+ description = lib.mdDoc "User account under which CockroachDB runs";
};
group = mkOption {
type = types.str;
default = "cockroachdb";
- description = "User account under which CockroachDB runs";
+ description = lib.mdDoc "User account under which CockroachDB runs";
};
openPorts = mkOption {
type = types.bool;
default = false;
- description = "Open firewall ports for cluster communication by default";
+ description = lib.mdDoc "Open firewall ports for cluster communication by default";
};
cache = mkOption {
type = types.str;
default = "25%";
- description = ''
+ description = lib.mdDoc ''
The total size for caches.
This can be a percentage, expressed with a fraction sign or as a
decimal-point number, or any bytes-based unit. For example,
- "25%", "0.25" both represent
+ `"25%"`, `"0.25"` both represent
25% of the available system memory. The values
- "1000000000" and "1GB" both
+ `"1000000000"` and `"1GB"` both
represent 1 gigabyte of memory.
'';
@@ -132,15 +132,15 @@ in
maxSqlMemory = mkOption {
type = types.str;
default = "25%";
- description = ''
+ description = lib.mdDoc ''
The maximum in-memory storage capacity available to store temporary
data for SQL queries.
This can be a percentage, expressed with a fraction sign or as a
decimal-point number, or any bytes-based unit. For example,
- "25%", "0.25" both represent
+ `"25%"`, `"0.25"` both represent
25% of the available system memory. The values
- "1000000000" and "1GB" both
+ `"1000000000"` and `"1GB"` both
represent 1 gigabyte of memory.
'';
};
@@ -149,7 +149,7 @@ in
type = types.package;
default = pkgs.cockroachdb;
defaultText = literalExpression "pkgs.cockroachdb";
- description = ''
+ description = lib.mdDoc ''
The CockroachDB derivation to use for running the service.
This would primarily be useful to enable Enterprise Edition features
@@ -162,9 +162,9 @@ in
type = types.listOf types.str;
default = [];
example = [ "--advertise-addr" "[fe80::f6f2:::]" ];
- description = ''
- Extra CLI arguments passed to cockroach start.
- For the full list of supported argumemnts, check
+ description = lib.mdDoc ''
+ Extra CLI arguments passed to {command}`cockroach start`.
+ For the full list of supported argumemnts, check
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/couchdb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/couchdb.nix
index 39d1ead28fc..2a570d09a2c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/couchdb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/couchdb.nix
@@ -37,7 +37,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run CouchDB Server.
'';
};
@@ -46,7 +46,7 @@ in {
type = types.package;
default = pkgs.couchdb3;
defaultText = literalExpression "pkgs.couchdb3";
- description = ''
+ description = lib.mdDoc ''
CouchDB package to use.
'';
};
@@ -54,7 +54,7 @@ in {
adminUser = mkOption {
type = types.str;
default = "admin";
- description = ''
+ description = lib.mdDoc ''
Couchdb (i.e. fauxton) account with permission for all dbs and
tasks.
'';
@@ -63,7 +63,7 @@ in {
adminPass = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Couchdb (i.e. fauxton) account with permission for all dbs and
tasks.
'';
@@ -72,7 +72,7 @@ in {
user = mkOption {
type = types.str;
default = "couchdb";
- description = ''
+ description = lib.mdDoc ''
User account under which couchdb runs.
'';
};
@@ -80,7 +80,7 @@ in {
group = mkOption {
type = types.str;
default = "couchdb";
- description = ''
+ description = lib.mdDoc ''
Group account under which couchdb runs.
'';
};
@@ -90,7 +90,7 @@ in {
databaseDir = mkOption {
type = types.path;
default = "/var/lib/couchdb";
- description = ''
+ description = lib.mdDoc ''
Specifies location of CouchDB database files (*.couch named). This
location should be writable and readable for the user the CouchDB
service runs as (couchdb by default).
@@ -100,7 +100,7 @@ in {
uriFile = mkOption {
type = types.path;
default = "/run/couchdb/couchdb.uri";
- description = ''
+ description = lib.mdDoc ''
This file contains the full URI that can be used to access this
instance of CouchDB. It is used to help discover the port CouchDB is
running on (if it was set to 0 (e.g. automatically assigned any free
@@ -112,7 +112,7 @@ in {
viewIndexDir = mkOption {
type = types.path;
default = "/var/lib/couchdb";
- description = ''
+ description = lib.mdDoc ''
Specifies location of CouchDB view index files. This location should
be writable and readable for the user that runs the CouchDB service
(couchdb by default).
@@ -122,7 +122,7 @@ in {
bindAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Defines the IP address by which CouchDB will be accessible.
'';
};
@@ -130,7 +130,7 @@ in {
port = mkOption {
type = types.int;
default = 5984;
- description = ''
+ description = lib.mdDoc ''
Defined the port number to listen.
'';
};
@@ -138,7 +138,7 @@ in {
logFile = mkOption {
type = types.path;
default = "/var/log/couchdb.log";
- description = ''
+ description = lib.mdDoc ''
Specifies the location of file for logging output.
'';
};
@@ -146,7 +146,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration. Overrides any other cofiguration.
'';
};
@@ -155,14 +155,14 @@ in {
type = types.path;
default = "${cfg.package}/etc/vm.args";
defaultText = literalExpression ''"config.${opt.package}/etc/vm.args"'';
- description = ''
+ description = lib.mdDoc ''
vm.args configuration. Overrides Couchdb's Erlang VM parameters file.
'';
};
configFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Configuration file for persisting runtime changes. File
needs to be readable and writable from couchdb user/group.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/dgraph.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/dgraph.nix
index 5c1ae536051..a6178b3d1cc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/dgraph.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/dgraph.nix
@@ -60,7 +60,7 @@ in
settings = mkOption {
type = settingsFormat.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Contents of the dgraph config. For more details see https://dgraph.io/docs/deploy/config
'';
};
@@ -69,14 +69,14 @@ in
host = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
The host which dgraph alpha will be run on.
'';
};
port = mkOption {
type = types.port;
default = 7080;
- description = ''
+ description = lib.mdDoc ''
The port which to run dgraph alpha on.
'';
};
@@ -87,14 +87,14 @@ in
host = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
The host which dgraph zero will be run on.
'';
};
port = mkOption {
type = types.port;
default = 5080;
- description = ''
+ description = lib.mdDoc ''
The port which to run dgraph zero on.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/dragonflydb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/dragonflydb.nix
index e72afa9d908..e35de2019af 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/dragonflydb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/dragonflydb.nix
@@ -30,55 +30,55 @@ in
user = mkOption {
type = types.str;
default = "dragonfly";
- description = "The user to run DragonflyDB as";
+ description = lib.mdDoc "The user to run DragonflyDB as";
};
port = mkOption {
type = types.port;
default = 6379;
- description = "The TCP port to accept connections.";
+ description = lib.mdDoc "The TCP port to accept connections.";
};
bind = mkOption {
type = with types; nullOr str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The IP interface to bind to.
- null means "all interfaces".
+ `null` means "all interfaces".
'';
};
requirePass = mkOption {
type = with types; nullOr str;
default = null;
- description = "Password for database";
+ description = lib.mdDoc "Password for database";
example = "letmein!";
};
maxMemory = mkOption {
type = with types; nullOr ints.unsigned;
default = null;
- description = ''
+ description = lib.mdDoc ''
The maximum amount of memory to use for storage (in bytes).
- null means this will be automatically set.
+ `null` means this will be automatically set.
'';
};
memcachePort = mkOption {
type = with types; nullOr port;
default = null;
- description = ''
+ description = lib.mdDoc ''
To enable memcached compatible API on this port.
- null means disabled.
+ `null` means disabled.
'';
};
keysOutputLimit = mkOption {
type = types.ints.unsigned;
default = 8192;
- description = ''
+ description = lib.mdDoc ''
Maximum number of returned keys in keys command.
- keys is a dangerous command.
+ `keys` is a dangerous command.
We truncate its result to avoid blowup in memory when fetching too many keys.
'';
};
@@ -86,13 +86,13 @@ in
dbNum = mkOption {
type = with types; nullOr ints.unsigned;
default = null;
- description = "Maximum number of supported databases for select";
+ description = lib.mdDoc "Maximum number of supported databases for `select`";
};
cacheMode = mkOption {
type = with types; nullOr bool;
default = null;
- description = ''
+ description = lib.mdDoc ''
Once this mode is on, Dragonfly will evict items least likely to be stumbled
upon in the future but only when it is near maxmemory limit.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/firebird.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/firebird.nix
index 4e3130bea22..3a7ebd6bbd0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/firebird.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/firebird.nix
@@ -56,7 +56,7 @@ in
port = mkOption {
default = 3050;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Port Firebird uses.
'';
};
@@ -64,7 +64,7 @@ in
user = mkOption {
default = "firebird";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User account under which firebird runs.
'';
};
@@ -72,7 +72,7 @@ in
baseDir = mkOption {
default = "/var/lib/firebird";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Location containing data/ and system/ directories.
data/ stores the databases, system/ stores the password database security2.fdb.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/foundationdb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/foundationdb.nix
index e22127403e9..f71228708e4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/foundationdb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/foundationdb.nix
@@ -66,7 +66,7 @@ in
package = mkOption {
type = types.package;
- description = ''
+ description = lib.mdDoc ''
The FoundationDB package to use for this server. This must be specified by the user
in order to ensure migrations and upgrades are controlled appropriately.
'';
@@ -75,19 +75,19 @@ in
publicAddress = mkOption {
type = types.str;
default = "auto";
- description = "Publicly visible IP address of the process. Port is determined by process ID";
+ description = lib.mdDoc "Publicly visible IP address of the process. Port is determined by process ID";
};
listenAddress = mkOption {
type = types.str;
default = "public";
- description = "Publicly visible IP address of the process. Port is determined by process ID";
+ description = lib.mdDoc "Publicly visible IP address of the process. Port is determined by process ID";
};
listenPortStart = mkOption {
type = types.int;
default = 4500;
- description = ''
+ description = lib.mdDoc ''
Starting port number for database listening sockets. Every FDB process binds to a
subsequent port, to this number reflects the start of the overall range. e.g. having
8 server processes will use all ports between 4500 and 4507.
@@ -106,43 +106,43 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/foundationdb";
- description = "Data directory. All cluster data will be put under here.";
+ description = lib.mdDoc "Data directory. All cluster data will be put under here.";
};
logDir = mkOption {
type = types.path;
default = "/var/log/foundationdb";
- description = "Log directory.";
+ description = lib.mdDoc "Log directory.";
};
user = mkOption {
type = types.str;
default = "foundationdb";
- description = "User account under which FoundationDB runs.";
+ description = lib.mdDoc "User account under which FoundationDB runs.";
};
group = mkOption {
type = types.str;
default = "foundationdb";
- description = "Group account under which FoundationDB runs.";
+ description = lib.mdDoc "Group account under which FoundationDB runs.";
};
class = mkOption {
type = types.nullOr (types.enum [ "storage" "transaction" "stateless" ]);
default = null;
- description = "Process class";
+ description = lib.mdDoc "Process class";
};
restartDelay = mkOption {
type = types.int;
default = 10;
- description = "Number of seconds to wait before restarting servers.";
+ description = lib.mdDoc "Number of seconds to wait before restarting servers.";
};
logSize = mkOption {
type = types.str;
default = "10MiB";
- description = ''
+ description = lib.mdDoc ''
Roll over to a new log file after the current log file
reaches the specified size.
'';
@@ -151,7 +151,7 @@ in
maxLogSize = mkOption {
type = types.str;
default = "100MiB";
- description = ''
+ description = lib.mdDoc ''
Delete the oldest log file when the total size of all log
files exceeds the specified size. If set to 0, old log files
will not be deleted.
@@ -161,33 +161,33 @@ in
serverProcesses = mkOption {
type = types.int;
default = 1;
- description = "Number of fdbserver processes to run.";
+ description = lib.mdDoc "Number of fdbserver processes to run.";
};
backupProcesses = mkOption {
type = types.int;
default = 1;
- description = "Number of backup_agent processes to run for snapshots.";
+ description = lib.mdDoc "Number of backup_agent processes to run for snapshots.";
};
memory = mkOption {
type = types.str;
default = "8GiB";
- description = ''
+ description = lib.mdDoc ''
Maximum memory used by the process. The default value is
- 8GiB. When specified without a unit,
- MiB is assumed. This parameter does not
+ `8GiB`. When specified without a unit,
+ `MiB` is assumed. This parameter does not
change the memory allocation of the program. Rather, it sets
a hard limit beyond which the process will kill itself and
- be restarted. The default value of 8GiB
+ be restarted. The default value of `8GiB`
is double the intended memory usage in the default
configuration (providing an emergency buffer to deal with
memory leaks or similar problems). It is not recommended to
decrease the value of this parameter below its default
value. It may be increased if you wish to allocate a very
large amount of storage engine memory or cache. In
- particular, when the storageMemory
- parameter is increased, the memory
+ particular, when the `storageMemory`
+ parameter is increased, the `memory`
parameter should be increased by an equal amount.
'';
};
@@ -195,22 +195,22 @@ in
storageMemory = mkOption {
type = types.str;
default = "1GiB";
- description = ''
+ description = lib.mdDoc ''
Maximum memory used for data storage. The default value is
- 1GiB. When specified without a unit,
- MB is assumed. Clusters using the memory
+ `1GiB`. When specified without a unit,
+ `MB` is assumed. Clusters using the memory
storage engine will be restricted to using this amount of
memory per process for purposes of data storage. Memory
overhead associated with storing the data is counted against
this total. If you increase the
- storageMemory, you should also increase
- the memory parameter by the same amount.
+ `storageMemory`, you should also increase
+ the `memory` parameter by the same amount.
'';
};
tls = mkOption {
default = null;
- description = ''
+ description = lib.mdDoc ''
FoundationDB Transport Security Layer (TLS) settings.
'';
@@ -218,7 +218,7 @@ in
options = {
certificate = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Path to the TLS certificate file. This certificate will
be offered to, and may be verified by, clients.
'';
@@ -226,13 +226,13 @@ in
key = mkOption {
type = types.str;
- description = "Private key file for the certificate.";
+ description = lib.mdDoc "Private key file for the certificate.";
};
allowedPeers = mkOption {
type = types.str;
default = "Check.Valid=1,Check.Unexpired=1";
- description = ''
+ description = lib.mdDoc ''
"Peer verification string". This may be used to adjust which TLS
client certificates a server will accept, as a form of user
authorization; for example, it may only accept TLS clients who
@@ -253,7 +253,7 @@ in
dataHall = null;
};
- description = ''
+ description = lib.mdDoc ''
FoundationDB locality settings.
'';
@@ -262,7 +262,7 @@ in
machineId = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Machine identifier key. All processes on a machine should share a
unique id. By default, processes on a machine determine a unique id to share.
This does not generally need to be set.
@@ -272,7 +272,7 @@ in
zoneId = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Zone identifier key. Processes that share a zone id are
considered non-unique for the purposes of data replication.
If unset, defaults to machine id.
@@ -282,7 +282,7 @@ in
datacenterId = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Data center identifier key. All processes physically located in a
data center should share the id. If you are depending on data
center based replication this must be set on all processes.
@@ -292,7 +292,7 @@ in
dataHall = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Data hall identifier key. All processes physically located in a
data hall should share the id. If you are depending on data
hall based replication this must be set on all processes.
@@ -305,7 +305,7 @@ in
extraReadWritePaths = mkOption {
default = [ ];
type = types.listOf types.path;
- description = ''
+ description = lib.mdDoc ''
An extra set of filesystem paths that FoundationDB can read to
and write from. By default, FoundationDB runs under a heavily
namespaced systemd environment without write access to most of
@@ -319,13 +319,13 @@ in
pidfile = mkOption {
type = types.path;
default = "/run/foundationdb.pid";
- description = "Path to pidfile for fdbmonitor.";
+ description = lib.mdDoc "Path to pidfile for fdbmonitor.";
};
traceFormat = mkOption {
type = types.enum [ "xml" "json" ];
default = "xml";
- description = "Trace logging format.";
+ description = lib.mdDoc "Trace logging format.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/hbase.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/hbase.nix
index fe4f05eec64..5cc5d97e798 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/hbase.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/hbase.nix
@@ -41,7 +41,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run HBase.
'';
};
@@ -50,7 +50,7 @@ in {
type = types.package;
default = pkgs.hbase;
defaultText = literalExpression "pkgs.hbase";
- description = ''
+ description = lib.mdDoc ''
HBase package to use.
'';
};
@@ -59,7 +59,7 @@ in {
user = mkOption {
type = types.str;
default = "hbase";
- description = ''
+ description = lib.mdDoc ''
User account under which HBase runs.
'';
};
@@ -67,7 +67,7 @@ in {
group = mkOption {
type = types.str;
default = "hbase";
- description = ''
+ description = lib.mdDoc ''
Group account under which HBase runs.
'';
};
@@ -75,7 +75,7 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/lib/hbase";
- description = ''
+ description = lib.mdDoc ''
Specifies location of HBase database files. This location should be
writable and readable for the user the HBase service runs as
(hbase by default).
@@ -85,7 +85,7 @@ in {
logDir = mkOption {
type = types.path;
default = "/var/log/hbase";
- description = ''
+ description = lib.mdDoc ''
Specifies the location of HBase log files.
'';
};
@@ -102,8 +102,8 @@ in {
"hbase.zookeeper.property.dataDir" = "''${config.${opt.dataDir}}/zookeeper";
}
'';
- description = ''
- configurations in hbase-site.xml, see for details.
+ description = lib.mdDoc ''
+ configurations in hbase-site.xml, see for details.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/influxdb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/influxdb.nix
index f7383b2023a..9b3922c70af 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/influxdb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/influxdb.nix
@@ -114,38 +114,38 @@ in
enable = mkOption {
default = false;
- description = "Whether to enable the influxdb server";
+ description = lib.mdDoc "Whether to enable the influxdb server";
type = types.bool;
};
package = mkOption {
default = pkgs.influxdb;
defaultText = literalExpression "pkgs.influxdb";
- description = "Which influxdb derivation to use";
+ description = lib.mdDoc "Which influxdb derivation to use";
type = types.package;
};
user = mkOption {
default = "influxdb";
- description = "User account under which influxdb runs";
+ description = lib.mdDoc "User account under which influxdb runs";
type = types.str;
};
group = mkOption {
default = "influxdb";
- description = "Group under which influxdb runs";
+ description = lib.mdDoc "Group under which influxdb runs";
type = types.str;
};
dataDir = mkOption {
default = "/var/db/influxdb";
- description = "Data directory for influxd data files.";
+ description = lib.mdDoc "Data directory for influxd data files.";
type = types.path;
};
extraConfig = mkOption {
default = {};
- description = "Extra configuration options for influxdb";
+ description = lib.mdDoc "Extra configuration options for influxdb";
type = types.attrs;
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/influxdb2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/influxdb2.nix
index 340c515bbb4..8eeec7816c2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/influxdb2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/influxdb2.nix
@@ -15,13 +15,13 @@ in
package = mkOption {
default = pkgs.influxdb2-server;
defaultText = literalExpression "pkgs.influxdb2";
- description = "influxdb2 derivation to use.";
+ description = lib.mdDoc "influxdb2 derivation to use.";
type = types.package;
};
settings = mkOption {
default = { };
- description = ''configuration options for influxdb2, see for details.'';
+ description = lib.mdDoc ''configuration options for influxdb2, see for details.'';
type = format.type;
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/memcached.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/memcached.nix
index 1c06937e2f3..33627e8ad34 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/memcached.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/memcached.nix
@@ -22,19 +22,19 @@ in
user = mkOption {
type = types.str;
default = "memcached";
- description = "The user to run Memcached as";
+ description = lib.mdDoc "The user to run Memcached as";
};
listen = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "The IP address to bind to.";
+ description = lib.mdDoc "The IP address to bind to.";
};
port = mkOption {
type = types.port;
default = 11211;
- description = "The port to bind to.";
+ description = lib.mdDoc "The port to bind to.";
};
enableUnixSocket = mkEnableOption "unix socket at /run/memcached/memcached.sock";
@@ -42,19 +42,19 @@ in
maxMemory = mkOption {
type = types.ints.unsigned;
default = 64;
- description = "The maximum amount of memory to use for storage, in megabytes.";
+ description = lib.mdDoc "The maximum amount of memory to use for storage, in megabytes.";
};
maxConnections = mkOption {
type = types.ints.unsigned;
default = 1024;
- description = "The maximum number of simultaneous connections.";
+ description = lib.mdDoc "The maximum number of simultaneous connections.";
};
extraOptions = mkOption {
type = types.listOf types.str;
default = [];
- description = "A list of extra options that will be added as a suffix when running memcached.";
+ description = lib.mdDoc "A list of extra options that will be added as a suffix when running memcached.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/monetdb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/monetdb.nix
index 52a2ef041f8..c6836128d9a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/monetdb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/monetdb.nix
@@ -18,38 +18,38 @@ in {
type = types.package;
default = pkgs.monetdb;
defaultText = literalExpression "pkgs.monetdb";
- description = "MonetDB package to use.";
+ description = lib.mdDoc "MonetDB package to use.";
};
user = mkOption {
type = types.str;
default = "monetdb";
- description = "User account under which MonetDB runs.";
+ description = lib.mdDoc "User account under which MonetDB runs.";
};
group = mkOption {
type = types.str;
default = "monetdb";
- description = "Group under which MonetDB runs.";
+ description = lib.mdDoc "Group under which MonetDB runs.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/monetdb";
- description = "Data directory for the dbfarm.";
+ description = lib.mdDoc "Data directory for the dbfarm.";
};
port = mkOption {
type = types.ints.u16;
default = 50000;
- description = "Port to listen on.";
+ description = lib.mdDoc "Port to listen on.";
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
example = "0.0.0.0";
- description = "Address to listen on.";
+ description = lib.mdDoc "Address to listen on.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/mongodb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/mongodb.nix
index fccf85d482e..981185cc534 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/mongodb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/mongodb.nix
@@ -43,49 +43,49 @@ in
user = mkOption {
type = types.str;
default = "mongodb";
- description = "User account under which MongoDB runs";
+ description = lib.mdDoc "User account under which MongoDB runs";
};
bind_ip = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "IP to bind to";
+ description = lib.mdDoc "IP to bind to";
};
quiet = mkOption {
type = types.bool;
default = false;
- description = "quieter output";
+ description = lib.mdDoc "quieter output";
};
enableAuth = mkOption {
type = types.bool;
default = false;
- description = "Enable client authentication. Creates a default superuser with username root!";
+ description = lib.mdDoc "Enable client authentication. Creates a default superuser with username root!";
};
initialRootPassword = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Password for the root user if auth is enabled.";
+ description = lib.mdDoc "Password for the root user if auth is enabled.";
};
dbpath = mkOption {
type = types.str;
default = "/var/db/mongodb";
- description = "Location where MongoDB stores its files";
+ description = lib.mdDoc "Location where MongoDB stores its files";
};
pidFile = mkOption {
type = types.str;
default = "/run/mongodb.pid";
- description = "Location of MongoDB pid file";
+ description = lib.mdDoc "Location of MongoDB pid file";
};
replSetName = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
If this instance is part of a replica set, set its name here.
Otherwise, leave empty to run as single node.
'';
@@ -97,13 +97,13 @@ in
example = ''
storage.journal.enabled: false
'';
- description = "MongoDB extra configuration in YAML format";
+ description = lib.mdDoc "MongoDB extra configuration in YAML format";
};
initialScript = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing MongoDB statements to execute on first startup.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/mysql.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/mysql.nix
index 625b31d081c..b7a55900c12 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/mysql.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/mysql.nix
@@ -88,9 +88,9 @@ in
defaultText = ''
A configuration file automatically generated by NixOS.
'';
- description = ''
+ description = lib.mdDoc ''
Override the configuration file used by MySQL. By default,
- NixOS generates one automatically from .
+ NixOS generates one automatically from {option}`services.mysql.settings`.
'';
example = literalExpression ''
pkgs.writeText "my.cnf" '''
@@ -143,14 +143,14 @@ in
options = {
name = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The name of the database to create.
'';
};
schema = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The initial schema of the database; if null (the default),
an empty database is created.
'';
@@ -158,7 +158,7 @@ in
};
});
default = [];
- description = ''
+ description = lib.mdDoc ''
List of database names and their initial schemas that should be used to create databases on the first startup
of MySQL. The schema attribute is optional: If not specified, an empty database is created.
'';
@@ -171,13 +171,13 @@ in
initialScript = mkOption {
type = types.nullOr types.path;
default = null;
- description = "A file containing SQL statements to be executed on the first startup. Can be used for granting certain permissions on the database.";
+ description = lib.mdDoc "A file containing SQL statements to be executed on the first startup. Can be used for granting certain permissions on the database.";
};
ensureDatabases = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Ensures that the specified databases exist.
This option will never delete existing databases, especially not when the value of this
option is changed. This means that databases created once through this option or
@@ -194,7 +194,7 @@ in
options = {
name = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the user to ensure.
'';
};
@@ -223,7 +223,7 @@ in
};
});
default = [];
- description = ''
+ description = lib.mdDoc ''
Ensures that the specified users exist and have at least the ensured permissions.
The MySQL users will be identified using Unix socket authentication. This authenticates the Unix user with the
same name only, and that without the need for a password.
@@ -253,39 +253,39 @@ in
role = mkOption {
type = types.enum [ "master" "slave" "none" ];
default = "none";
- description = "Role of the MySQL server instance.";
+ description = lib.mdDoc "Role of the MySQL server instance.";
};
serverId = mkOption {
type = types.int;
default = 1;
- description = "Id of the MySQL server instance. This number must be unique for each instance.";
+ description = lib.mdDoc "Id of the MySQL server instance. This number must be unique for each instance.";
};
masterHost = mkOption {
type = types.str;
- description = "Hostname of the MySQL master server.";
+ description = lib.mdDoc "Hostname of the MySQL master server.";
};
slaveHost = mkOption {
type = types.str;
- description = "Hostname of the MySQL slave server.";
+ description = lib.mdDoc "Hostname of the MySQL slave server.";
};
masterUser = mkOption {
type = types.str;
- description = "Username of the MySQL replication user.";
+ description = lib.mdDoc "Username of the MySQL replication user.";
};
masterPassword = mkOption {
type = types.str;
- description = "Password of the MySQL replication user.";
+ description = lib.mdDoc "Password of the MySQL replication user.";
};
masterPort = mkOption {
type = types.port;
default = 3306;
- description = "Port number on which the MySQL master server runs.";
+ description = lib.mdDoc "Port number on which the MySQL master server runs.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/neo4j.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/neo4j.nix
index 8816f3b2e4b..dbbb79f01eb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/neo4j.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/neo4j.nix
@@ -123,7 +123,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Neo4j Community Edition.
'';
};
@@ -131,7 +131,7 @@ in {
allowUpgrade = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow upgrade of Neo4j database files from an older version.
'';
};
@@ -170,9 +170,9 @@ in {
extraServerConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration for Neo4j Community server. Refer to the
- complete reference
+ [complete reference](https://neo4j.com/docs/operations-manual/current/reference/configuration-settings/)
of Neo4j configuration settings.
'';
};
@@ -181,7 +181,7 @@ in {
type = types.package;
default = pkgs.neo4j;
defaultText = literalExpression "pkgs.neo4j";
- description = ''
+ description = lib.mdDoc ''
Neo4j package to use.
'';
};
@@ -189,7 +189,7 @@ in {
readOnly = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Only allow read operations from this Neo4j instance.
'';
};
@@ -197,9 +197,9 @@ in {
workerCount = mkOption {
type = types.ints.between 0 44738;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Number of Neo4j worker threads, where the default of
- 0 indicates a worker count equal to the number of
+ `0` indicates a worker count equal to the number of
available processors.
'';
};
@@ -208,9 +208,9 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable the BOLT connector for Neo4j. Setting this option to
- false will stop Neo4j from listening for incoming
+ `false` will stop Neo4j from listening for incoming
connections on the BOLT port (7687 by default).
'';
};
@@ -218,9 +218,9 @@ in {
listenAddress = mkOption {
type = types.str;
default = ":7687";
- description = ''
+ description = lib.mdDoc ''
Neo4j listen address for BOLT traffic. The listen address is
- expressed in the format <ip-address>:<port-number>.
+ expressed in the format `:`.
'';
};
@@ -247,7 +247,7 @@ in {
tlsLevel = mkOption {
type = types.enum [ "REQUIRED" "OPTIONAL" "DISABLED" ];
default = "OPTIONAL";
- description = ''
+ description = lib.mdDoc ''
SSL/TSL requirement level for BOLT traffic.
'';
};
@@ -297,11 +297,11 @@ in {
home = mkOption {
type = types.path;
default = "/var/lib/neo4j";
- description = ''
+ description = lib.mdDoc ''
Path of the Neo4j home directory. Other default directories are
subdirectories of this path. This directory will be created if
- non-existent, and its ownership will be chown to
- the Neo4j daemon user neo4j.
+ non-existent, and its ownership will be {command}`chown` to
+ the Neo4j daemon user `neo4j`.
'';
};
@@ -343,10 +343,10 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
The HTTP connector is required for Neo4j, and cannot be disabled.
- Setting this option to false will force the HTTP
- connector's to the loopback
+ Setting this option to `false` will force the HTTP
+ connector's {option}`listenAddress` to the loopback
interface to prevent connection of remote clients. To prevent all
clients from connecting, block the HTTP port (7474 by default) by
firewall.
@@ -356,9 +356,9 @@ in {
listenAddress = mkOption {
type = types.str;
default = ":7474";
- description = ''
+ description = lib.mdDoc ''
Neo4j listen address for HTTP traffic. The listen address is
- expressed in the format <ip-address>:<port-number>.
+ expressed in the format `:`.
'';
};
};
@@ -367,9 +367,9 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable the HTTPS connector for Neo4j. Setting this option to
- false will stop Neo4j from listening for incoming
+ `false` will stop Neo4j from listening for incoming
connections on the HTTPS port (7473 by default).
'';
};
@@ -377,9 +377,9 @@ in {
listenAddress = mkOption {
type = types.str;
default = ":7473";
- description = ''
+ description = lib.mdDoc ''
Neo4j listen address for HTTPS traffic. The listen address is
- expressed in the format <ip-address>:<port-number>.
+ expressed in the format `:`.
'';
};
@@ -403,9 +403,9 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable a remote shell server which Neo4j Shell clients can log in to.
- Only applicable to neo4j-shell.
+ Only applicable to {command}`neo4j-shell`.
'';
};
};
@@ -456,7 +456,7 @@ in {
ciphers = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = ''
+ description = lib.mdDoc ''
Restrict the allowed ciphers of this policy to those defined
here. The default ciphers are those of the JVM platform.
'';
@@ -465,7 +465,7 @@ in {
clientAuth = mkOption {
type = types.enum [ "NONE" "OPTIONAL" "REQUIRE" ];
default = "REQUIRE";
- description = ''
+ description = lib.mdDoc ''
The client authentication stance for this policy.
'';
};
@@ -473,9 +473,9 @@ in {
privateKey = mkOption {
type = types.str;
default = "private.key";
- description = ''
+ description = lib.mdDoc ''
The name of private PKCS #8 key file for this policy to be found
- in the , or the absolute path to
+ in the {option}`baseDirectory`, or the absolute path to
the key file. It is mandatory that a key can be found or generated.
'';
};
@@ -500,22 +500,22 @@ in {
type = types.path;
default = "${config.baseDirectory}/revoked";
defaultText = literalExpression ''"''${config.${options.baseDirectory}}/revoked"'';
- description = ''
+ description = lib.mdDoc ''
Path to directory of CRLs (Certificate Revocation Lists) in
PEM format. Must be an absolute path. The existence of this
directory is mandatory and will need to be created manually when:
setting this option to something other than its default; setting
- either this policy's or
- to something other than
+ either this policy's {option}`baseDirectory` or
+ {option}`directories.certificates` to something other than
their default. Ensure read/write permissions are given to the
- Neo4j daemon user neo4j.
+ Neo4j daemon user `neo4j`.
'';
};
tlsVersions = mkOption {
type = types.listOf types.str;
default = [ "TLSv1.2" ];
- description = ''
+ description = lib.mdDoc ''
Restrict the TLS protocol versions of this policy to those
defined here.
'';
@@ -524,7 +524,7 @@ in {
trustAll = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Makes this policy trust all remote parties. Enabling this is not
recommended and the policy's trusted directory will be ignored.
Use of this mode is discouraged. It would offer encryption but
@@ -573,12 +573,12 @@ in {
}));
default = {};
- description = ''
+ description = lib.mdDoc ''
Defines the SSL policies for use with Neo4j connectors. Each attribute
of this set defines a policy, with the attribute name defining the name
of the policy and its namespace. Refer to the operations manual section
on Neo4j's
- SSL Framework
+ [SSL Framework](https://neo4j.com/docs/operations-manual/current/security/ssl-framework/)
for further details.
'';
};
@@ -587,10 +587,10 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the Usage Data Collector which Neo4j uses to collect usage
data. Refer to the operations manual section on the
- Usage Data Collector
+ [Usage Data Collector](https://neo4j.com/docs/operations-manual/current/configuration/usage-data-collector/)
for more information.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/openldap.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/openldap.nix
index d80d1b07b97..a16a920dfdb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/openldap.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/openldap.nix
@@ -24,7 +24,7 @@ let
attrs = mkOption {
type = types.attrsOf ldapValueType;
default = {};
- description = "Attributes of the parent entry.";
+ description = lib.mdDoc "Attributes of the parent entry.";
};
children = mkOption {
# Hide the child attributes, to avoid infinite recursion in e.g. documentation
@@ -33,7 +33,7 @@ let
hiddenOptions = lib.mapAttrs (name: attr: attr // { visible = false; }) options;
in types.attrsOf (types.submodule { options = hiddenOptions; });
default = {};
- description = "Child entries of the current entry, with recursively the same structure.";
+ description = lib.mdDoc "Child entries of the current entry, with recursively the same structure.";
example = lib.literalExpression ''
{
"cn=schema" = {
@@ -52,7 +52,7 @@ let
includes = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
+ description = lib.mdDoc ''
LDIF files to include after the parent's attributes but before its children.
'';
};
@@ -128,7 +128,7 @@ in {
type = types.package;
default = pkgs.openldap;
defaultText = literalExpression "pkgs.openldap";
- description = ''
+ description = lib.mdDoc ''
OpenLDAP package to use.
This can be used to, for example, set an OpenLDAP package
@@ -140,25 +140,25 @@ in {
user = mkOption {
type = types.str;
default = "openldap";
- description = "User account under which slapd runs.";
+ description = lib.mdDoc "User account under which slapd runs.";
};
group = mkOption {
type = types.str;
default = "openldap";
- description = "Group account under which slapd runs.";
+ description = lib.mdDoc "Group account under which slapd runs.";
};
urlList = mkOption {
type = types.listOf types.str;
default = [ "ldap:///" ];
- description = "URL list slapd should listen on.";
+ description = lib.mdDoc "URL list slapd should listen on.";
example = [ "ldaps:///" ];
};
settings = mkOption {
type = ldapAttrsType;
- description = "Configuration for OpenLDAP, in OLC format";
+ description = lib.mdDoc "Configuration for OpenLDAP, in OLC format";
example = lib.literalExpression ''
{
attrs.olcLogLevel = [ "stats" ];
@@ -217,7 +217,7 @@ in {
declarativeContents = mkOption {
type = with types; attrsOf lines;
default = {};
- description = ''
+ description = lib.mdDoc ''
Declarative contents for the LDAP database, in LDIF format by suffix.
All data will be erased when starting the LDAP server. Modifications
@@ -245,7 +245,7 @@ in {
};
};
- meta.maintainers = with lib.maintainers; [ mic92 kwohlfahrt ];
+ meta.maintainers = with lib.maintainers; [ kwohlfahrt ];
config = mkIf cfg.enable {
assertions = map (opt: {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/opentsdb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/opentsdb.nix
index e873b2f7011..45c84b12a50 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/opentsdb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/opentsdb.nix
@@ -18,7 +18,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run OpenTSDB.
'';
};
@@ -27,7 +27,7 @@ in {
type = types.package;
default = pkgs.opentsdb;
defaultText = literalExpression "pkgs.opentsdb";
- description = ''
+ description = lib.mdDoc ''
OpenTSDB package to use.
'';
};
@@ -35,7 +35,7 @@ in {
user = mkOption {
type = types.str;
default = "opentsdb";
- description = ''
+ description = lib.mdDoc ''
User account under which OpenTSDB runs.
'';
};
@@ -43,7 +43,7 @@ in {
group = mkOption {
type = types.str;
default = "opentsdb";
- description = ''
+ description = lib.mdDoc ''
Group account under which OpenTSDB runs.
'';
};
@@ -51,7 +51,7 @@ in {
port = mkOption {
type = types.int;
default = 4242;
- description = ''
+ description = lib.mdDoc ''
Which port OpenTSDB listens on.
'';
};
@@ -62,7 +62,7 @@ in {
tsd.core.auto_create_metrics = true
tsd.http.request.enable_chunked = true
'';
- description = ''
+ description = lib.mdDoc ''
The contents of OpenTSDB's configuration file
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/pgmanage.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/pgmanage.nix
index f30f71866af..f50e7244ee1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/pgmanage.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/pgmanage.nix
@@ -50,7 +50,7 @@ in {
type = types.package;
default = pkgs.pgmanage;
defaultText = literalExpression "pkgs.pgmanage";
- description = ''
+ description = lib.mdDoc ''
The pgmanage package to use.
'';
};
@@ -78,7 +78,7 @@ in {
allowCustomConnections = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
This tells pgmanage whether or not to allow anyone to use a custom
connection from the login screen.
'';
@@ -87,7 +87,7 @@ in {
port = mkOption {
type = types.int;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
This tells pgmanage what port to listen on for browser requests.
'';
};
@@ -95,7 +95,7 @@ in {
localOnly = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
This tells pgmanage whether or not to set the listening socket to local
addresses only.
'';
@@ -104,7 +104,7 @@ in {
superOnly = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
This tells pgmanage whether or not to only allow super users to
login. The recommended value is true and will restrict users who are not
super users from logging in to any PostgreSQL instance through
@@ -116,7 +116,7 @@ in {
loginGroup = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
This tells pgmanage to only allow users in a certain PostgreSQL group to
login to pgmanage. Note that a connection will be made to PostgreSQL in
order to test if the user is a member of the login group.
@@ -126,7 +126,7 @@ in {
loginTimeout = mkOption {
type = types.int;
default = 3600;
- description = ''
+ description = lib.mdDoc ''
Number of seconds of inactivity before user is automatically logged
out.
'';
@@ -135,7 +135,7 @@ in {
sqlRoot = mkOption {
type = types.str;
default = "/var/lib/pgmanage";
- description = ''
+ description = lib.mdDoc ''
This tells pgmanage where to put the SQL file history. All tabs are saved
to this location so that if you get disconnected from pgmanage you
don't lose your work.
@@ -147,16 +147,16 @@ in {
options = {
cert = mkOption {
type = types.str;
- description = "TLS certificate";
+ description = lib.mdDoc "TLS certificate";
};
key = mkOption {
type = types.str;
- description = "TLS key";
+ description = lib.mdDoc "TLS key";
};
};
});
default = null;
- description = ''
+ description = lib.mdDoc ''
These options tell pgmanage where the TLS Certificate and Key files
reside. If you use these options then you'll only be able to access
pgmanage through a secure TLS connection. These options are only
@@ -165,14 +165,14 @@ in {
configuration. This allows your web server to terminate the secure
connection and pass on the request to pgmanage. You can find help to set
up this configuration in:
-
+
'';
};
logLevel = mkOption {
type = types.enum ["error" "warn" "notice" "info"];
default = "error";
- description = ''
+ description = lib.mdDoc ''
Verbosity of logs
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/postgresql.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/postgresql.nix
index 550bd36efff..e27f4518dfa 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/postgresql.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/postgresql.nix
@@ -45,7 +45,7 @@ in
package = mkOption {
type = types.package;
example = literalExpression "pkgs.postgresql_11";
- description = ''
+ description = lib.mdDoc ''
PostgreSQL package to use.
'';
};
@@ -53,7 +53,7 @@ in
port = mkOption {
type = types.int;
default = 5432;
- description = ''
+ description = lib.mdDoc ''
The port on which PostgreSQL listens.
'';
};
@@ -61,14 +61,14 @@ in
checkConfig = mkOption {
type = types.bool;
default = true;
- description = "Check the syntax of the configuration file at compile time";
+ description = lib.mdDoc "Check the syntax of the configuration file at compile time";
};
dataDir = mkOption {
type = types.path;
defaultText = literalExpression ''"/var/lib/postgresql/''${config.services.postgresql.package.psqlSchema}"'';
example = "/var/lib/postgresql/11";
- description = ''
+ description = lib.mdDoc ''
The data directory for PostgreSQL. If left as the default value
this directory will automatically be created before the PostgreSQL server starts, otherwise
the sysadmin is responsible for ensuring the directory exists with appropriate ownership
@@ -96,7 +96,7 @@ in
identMap = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Defines the mapping from system users to database users.
The general form is:
@@ -109,8 +109,8 @@ in
type = with types; listOf str;
default = [];
example = [ "--data-checksums" "--allow-group-access" ];
- description = ''
- Additional arguments passed to initdb during data dir
+ description = lib.mdDoc ''
+ Additional arguments passed to `initdb` during data dir
initialisation.
'';
};
@@ -118,7 +118,7 @@ in
initialScript = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing SQL statements to execute on first startup.
'';
};
@@ -126,7 +126,7 @@ in
ensureDatabases = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Ensures that the specified databases exist.
This option will never delete existing databases, especially not when the value of this
option is changed. This means that databases created once through this option or
@@ -143,7 +143,7 @@ in
options = {
name = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the user to ensure.
'';
};
@@ -171,7 +171,7 @@ in
};
});
default = [];
- description = ''
+ description = lib.mdDoc ''
Ensures that the specified users exist and have at least the ensured permissions.
The PostgreSQL users will be identified using peer authentication. This authenticates the Unix user with the
same name only, and that without the need for a password.
@@ -200,7 +200,7 @@ in
enableTCPIP = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether PostgreSQL should listen on all network interfaces.
If disabled, the database can only be accessed via its Unix
domain socket or via TCP connections to localhost.
@@ -211,9 +211,9 @@ in
type = types.str;
default = "[%p] ";
example = "%m [%p] ";
- description = ''
+ description = lib.mdDoc ''
A printf-style string that is output at the beginning of each log line.
- Upstream default is '%m [%p] ', i.e. it includes the timestamp. We do
+ Upstream default is `'%m [%p] '`, i.e. it includes the timestamp. We do
not include the timestamp, because journal has it anyway.
'';
};
@@ -222,9 +222,9 @@ in
type = types.listOf types.path;
default = [];
example = literalExpression "with pkgs.postgresql_11.pkgs; [ postgis pg_repack ]";
- description = ''
+ description = lib.mdDoc ''
List of PostgreSQL plugins. PostgreSQL version for each plugin should
- match version for services.postgresql.package value.
+ match version for `services.postgresql.package` value.
'';
};
@@ -255,8 +255,8 @@ in
recoveryConfig = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
- Contents of the recovery.conf file.
+ description = lib.mdDoc ''
+ Contents of the {file}`recovery.conf` file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/redis.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/redis.nix
index a1bd73c9e37..b346438cfff 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/redis.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/redis.nix
@@ -58,7 +58,7 @@ in {
type = types.package;
default = pkgs.redis;
defaultText = literalExpression "pkgs.redis";
- description = "Which Redis derivation to use.";
+ description = lib.mdDoc "Which Redis derivation to use.";
};
vmOverCommit = mkEnableOption ''
@@ -84,14 +84,14 @@ in {
defaultText = literalExpression ''
if name == "" then "redis" else "redis-''${name}"
'';
- description = "The username and groupname for redis-server.";
+ description = lib.mdDoc "The username and groupname for redis-server.";
};
port = mkOption {
type = types.port;
default = if name == "" then 6379 else 0;
defaultText = literalExpression ''if name == "" then 6379 else 0'';
- description = ''
+ description = lib.mdDoc ''
The TCP port to accept connections.
If port 0 is specified Redis will not listen on a TCP socket.
'';
@@ -100,7 +100,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open ports in the firewall for the server.
'';
};
@@ -108,9 +108,9 @@ in {
bind = mkOption {
type = with types; nullOr str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The IP interface to bind to.
- null means "all interfaces".
+ `null` means "all interfaces".
'';
example = "192.0.2.1";
};
@@ -121,13 +121,13 @@ in {
defaultText = literalExpression ''
if name == "" then "/run/redis/redis.sock" else "/run/redis-''${name}/redis.sock"
'';
- description = "The path to the socket to bind to.";
+ description = lib.mdDoc "The path to the socket to bind to.";
};
unixSocketPerm = mkOption {
type = types.int;
default = 660;
- description = "Change permissions for the socket";
+ description = lib.mdDoc "Change permissions for the socket";
example = 600;
};
@@ -135,38 +135,42 @@ in {
type = types.str;
default = "notice"; # debug, verbose, notice, warning
example = "debug";
- description = "Specify the server verbosity level, options: debug, verbose, notice, warning.";
+ description = lib.mdDoc "Specify the server verbosity level, options: debug, verbose, notice, warning.";
};
logfile = mkOption {
type = types.str;
default = "/dev/null";
- description = "Specify the log file name. Also 'stdout' can be used to force Redis to log on the standard output.";
+ description = lib.mdDoc "Specify the log file name. Also 'stdout' can be used to force Redis to log on the standard output.";
example = "/var/log/redis.log";
};
syslog = mkOption {
type = types.bool;
default = true;
- description = "Enable logging to the system logger.";
+ description = lib.mdDoc "Enable logging to the system logger.";
};
databases = mkOption {
type = types.int;
default = 16;
- description = "Set the number of databases.";
+ description = lib.mdDoc "Set the number of databases.";
};
maxclients = mkOption {
type = types.int;
default = 10000;
- description = "Set the max number of connected clients at the same time.";
+ description = lib.mdDoc "Set the max number of connected clients at the same time.";
};
save = mkOption {
type = with types; listOf (listOf int);
default = [ [900 1] [300 10] [60 10000] ];
- description = "The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes.";
+ description = mdDoc ''
+ The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes.
+
+ If set to the empty list (`[]`) then RDB persistence will be disabled (useful if you are using AOF or don't want any persistence).
+ '';
};
slaveOf = mkOption {
@@ -174,27 +178,27 @@ in {
options = {
ip = mkOption {
type = str;
- description = "IP of the Redis master";
+ description = lib.mdDoc "IP of the Redis master";
example = "192.168.1.100";
};
port = mkOption {
type = port;
- description = "port of the Redis master";
+ description = lib.mdDoc "port of the Redis master";
default = 6379;
};
};
}));
default = null;
- description = "IP and port to which this redis instance acts as a slave.";
+ description = lib.mdDoc "IP and port to which this redis instance acts as a slave.";
example = { ip = "192.168.1.100"; port = 6379; };
};
masterAuth = mkOption {
type = with types; nullOr str;
default = null;
- description = ''If the master is password protected (using the requirePass configuration)
+ description = lib.mdDoc ''If the master is password protected (using the requirePass configuration)
it is possible to tell the slave to authenticate before starting the replication synchronization
process, otherwise the master will refuse the slave request.
(STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)'';
@@ -203,7 +207,7 @@ in {
requirePass = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Password for database (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE).
Use requirePassFile to store it outside of the nix store in a dedicated file.
'';
@@ -213,42 +217,42 @@ in {
requirePassFile = mkOption {
type = with types; nullOr path;
default = null;
- description = "File with password for the database.";
+ description = lib.mdDoc "File with password for the database.";
example = "/run/keys/redis-password";
};
appendOnly = mkOption {
type = types.bool;
default = false;
- description = "By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence.";
+ description = lib.mdDoc "By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence.";
};
appendFsync = mkOption {
type = types.str;
default = "everysec"; # no, always, everysec
- description = "How often to fsync the append-only log, options: no, always, everysec.";
+ description = lib.mdDoc "How often to fsync the append-only log, options: no, always, everysec.";
};
slowLogLogSlowerThan = mkOption {
type = types.int;
default = 10000;
- description = "Log queries whose execution take longer than X in milliseconds.";
+ description = lib.mdDoc "Log queries whose execution take longer than X in milliseconds.";
example = 1000;
};
slowLogMaxLen = mkOption {
type = types.int;
default = 128;
- description = "Maximum number of items to keep in slow log.";
+ description = lib.mdDoc "Maximum number of items to keep in slow log.";
};
settings = mkOption {
# TODO: this should be converted to freeformType
type = with types; attrsOf (oneOf [ bool int str (listOf str) ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
Redis configuration. Refer to
-
+
for details on supported values.
'';
example = literalExpression ''
@@ -268,7 +272,11 @@ in {
syslog-enabled = config.syslog;
databases = config.databases;
maxclients = config.maxclients;
- save = map (d: "${toString (builtins.elemAt d 0)} ${toString (builtins.elemAt d 1)}") config.save;
+ save = if config.save == []
+ then ''""'' # Disable saving with `save = ""`
+ else map
+ (d: "${toString (builtins.elemAt d 0)} ${toString (builtins.elemAt d 1)}")
+ config.save;
dbfilename = "dump.rdb";
dir = "/var/lib/${redisName name}";
appendOnly = config.appendOnly;
@@ -286,7 +294,7 @@ in {
(mkIf (config.requirePass != null) { requirepass = config.requirePass; })
];
}));
- description = "Configuration of multiple redis-server instances.";
+ description = lib.mdDoc "Configuration of multiple `redis-server` instances.";
default = {};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/victoriametrics.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/victoriametrics.nix
index 0513dcff172..28a6ccfd5e2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/victoriametrics.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/databases/victoriametrics.nix
@@ -7,21 +7,21 @@ let cfg = config.services.victoriametrics; in
type = types.package;
default = pkgs.victoriametrics;
defaultText = literalExpression "pkgs.victoriametrics";
- description = ''
+ description = lib.mdDoc ''
The VictoriaMetrics distribution to use.
'';
};
listenAddress = mkOption {
default = ":8428";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The listen address for the http interface.
'';
};
retentionPeriod = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
Retention period in months.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/accountsservice.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/accountsservice.nix
index ae2ecb5ffeb..af62850acdc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/accountsservice.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/accountsservice.nix
@@ -19,7 +19,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable AccountsService, a DBus service for accessing
the list of user accounts and information attached to those accounts.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/cpupower-gui.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/cpupower-gui.nix
index f66afc0a3dc..47071aebce8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/cpupower-gui.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/cpupower-gui.nix
@@ -11,7 +11,7 @@ in {
type = lib.types.bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Enables dbus/systemd service needed by cpupower-gui.
These services are responsible for retrieving and modifying cpu power
saving settings.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/dleyna-renderer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/dleyna-renderer.nix
index 7f88605f627..daf65180b36 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/dleyna-renderer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/dleyna-renderer.nix
@@ -10,7 +10,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable dleyna-renderer service, a DBus service
for handling DLNA renderers.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/dleyna-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/dleyna-server.nix
index 9a131a5e700..9cbcd2a9cda 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/dleyna-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/dleyna-server.nix
@@ -10,7 +10,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable dleyna-server service, a DBus service
for handling DLNA servers.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/geoclue2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/geoclue2.nix
index 60a34dd6563..58bebd9bd46 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/geoclue2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/geoclue2.nix
@@ -16,19 +16,19 @@ let
options = {
desktopID = mkOption {
type = types.str;
- description = "Desktop ID of the application.";
+ description = lib.mdDoc "Desktop ID of the application.";
};
isAllowed = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether the application will be allowed access to location information.
'';
};
isSystem = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether the application is a system component or not.
'';
};
@@ -36,7 +36,7 @@ let
users = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of UIDs of all users for which this application is allowed location
info access, Defaults to an empty string to allow it for all users.
'';
@@ -67,7 +67,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable GeoClue 2 daemon, a DBus service
that provides location information for accessing.
'';
@@ -76,7 +76,7 @@ in
enableDemoAgent = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to use the GeoClue demo agent. This should be
overridden by desktop environments that provide their own
agent.
@@ -86,7 +86,7 @@ in
enableNmea = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to fetch location from NMEA sources on local network.
'';
};
@@ -94,7 +94,7 @@ in
enable3G = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable 3G source.
'';
};
@@ -102,7 +102,7 @@ in
enableCDMA = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable CDMA source.
'';
};
@@ -110,7 +110,7 @@ in
enableModemGPS = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Modem-GPS source.
'';
};
@@ -118,7 +118,7 @@ in
enableWifi = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable WiFi source.
'';
};
@@ -127,7 +127,7 @@ in
type = types.str;
default = "https://location.services.mozilla.com/v1/geolocate?key=geoclue";
example = "https://www.googleapis.com/geolocation/v1/geolocate?key=YOUR_KEY";
- description = ''
+ description = lib.mdDoc ''
The url to the wifi GeoLocation Service.
'';
};
@@ -135,7 +135,7 @@ in
submitData = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to submit data to a GeoLocation Service.
'';
};
@@ -143,7 +143,7 @@ in
submissionUrl = mkOption {
type = types.str;
default = "https://location.services.mozilla.com/v1/submit?key=geoclue";
- description = ''
+ description = lib.mdDoc ''
The url to submit data to a GeoLocation Service.
'';
};
@@ -151,7 +151,7 @@ in
submissionNick = mkOption {
type = types.str;
default = "geoclue";
- description = ''
+ description = lib.mdDoc ''
A nickname to submit network data with.
Must be 2-32 characters long.
'';
@@ -167,7 +167,7 @@ in
users = [ "300" ];
};
'';
- description = ''
+ description = lib.mdDoc ''
Specify extra settings per application.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/at-spi2-core.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/at-spi2-core.nix
index 1268a9d49b8..495ea5af987 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/at-spi2-core.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/at-spi2-core.nix
@@ -27,12 +27,12 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable at-spi2-core, a service for the Assistive Technologies
available on the GNOME platform.
Enable this if you get the error or warning
- The name org.a11y.Bus was not provided by any .service files.
+ `The name org.a11y.Bus was not provided by any .service files`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/evolution-data-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/evolution-data-server.nix
index bd2242d9818..65bb75c62d2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/evolution-data-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/evolution-data-server.nix
@@ -31,7 +31,7 @@ with lib;
plugins = mkOption {
type = types.listOf types.package;
default = [ ];
- description = "Plugins for Evolution Data Server.";
+ description = lib.mdDoc "Plugins for Evolution Data Server.";
};
};
programs.evolution = {
@@ -40,7 +40,7 @@ with lib;
type = types.listOf types.package;
default = [ ];
example = literalExpression "[ pkgs.evolution-ews ]";
- description = "Plugins for Evolution.";
+ description = lib.mdDoc "Plugins for Evolution.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-keyring.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-keyring.nix
index d821da164be..6c7e713b32d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-keyring.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-keyring.nix
@@ -27,7 +27,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable GNOME Keyring daemon, a service designed to
take care of the user's security credentials,
such as user names and passwords.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-online-accounts.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-online-accounts.nix
index 01f7e3695cf..ed5e000cae3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-online-accounts.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-online-accounts.nix
@@ -27,7 +27,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable GNOME Online Accounts daemon, a service that provides
a single sign-on framework for the GNOME desktop.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-online-miners.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-online-miners.nix
index 5f9039f68c4..7cf1bfa1b04 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-online-miners.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/gnome-online-miners.nix
@@ -27,7 +27,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable GNOME Online Miners, a service that
crawls through your online content.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/rygel.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/rygel.nix
index 7ea9778fc40..9c0faaa4885 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/rygel.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/rygel.nix
@@ -21,10 +21,10 @@ with lib;
services.gnome.rygel = {
enable = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Rygel UPnP Mediaserver.
- You will need to also allow UPnP connections in firewall, see the following comment.
+ You will need to also allow UPnP connections in firewall, see the following [comment](https://github.com/NixOS/nixpkgs/pull/45045#issuecomment-416030795).
'';
type = types.bool;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/sushi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/sushi.nix
index 3133a3a0d98..446851f434d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/sushi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/sushi.nix
@@ -27,7 +27,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Sushi, a quick previewer for nautilus.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/tracker-miners.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/tracker-miners.nix
index 9351007d30b..a3c58f37420 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/tracker-miners.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/tracker-miners.nix
@@ -27,7 +27,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Tracker miners, indexing services for Tracker
search engine and metadata storage system.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/tracker.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/tracker.nix
index fef399d0112..485632712f6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/tracker.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gnome/tracker.nix
@@ -30,7 +30,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Tracker services, a search engine,
search tool and metadata storage system.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gsignond.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gsignond.nix
index 465acd73fa6..cf80fd75452 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gsignond.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gsignond.nix
@@ -20,7 +20,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable gSignOn daemon, a DBus service
which performs user authentication on behalf of its clients.
'';
@@ -29,7 +29,7 @@ in
plugins = mkOption {
type = types.listOf types.package;
default = [];
- description = ''
+ description = lib.mdDoc ''
What plugins to use with the gSignOn daemon.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gvfs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gvfs.nix
index 1aa64ea37db..4aa6412aaa5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gvfs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/gvfs.nix
@@ -36,7 +36,7 @@ in
type = types.package;
default = pkgs.gnome.gvfs;
defaultText = literalExpression "pkgs.gnome.gvfs";
- description = "Which GVfs package to use.";
+ description = lib.mdDoc "Which GVfs package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/daemon/minimal.conf.json b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/daemon/minimal.conf.json
index c7f58fd5799..0f1ebe5749c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/daemon/minimal.conf.json
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/daemon/minimal.conf.json
@@ -91,6 +91,7 @@
"adapter.auto-port-config": {
"mode": "dsp",
"monitor": false,
+ "control": false,
"position": "unknown"
}
}
@@ -109,6 +110,7 @@
"adapter.auto-port-config": {
"mode": "dsp",
"monitor": false,
+ "control": false,
"position": "unknown"
}
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/pipewire.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/pipewire.nix
index dd1f5e3a018..ed64406ab6a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/pipewire.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/pipewire.nix
@@ -56,7 +56,7 @@ in {
type = types.package;
default = pkgs.pipewire;
defaultText = literalExpression "pkgs.pipewire";
- description = ''
+ description = lib.mdDoc ''
The pipewire derivation to use.
'';
};
@@ -64,7 +64,7 @@ in {
socketActivation = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Automatically run pipewire when connections are made to the pipewire socket.
'';
};
@@ -73,7 +73,7 @@ in {
client = mkOption {
type = json.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Configuration for pipewire clients. For details see
https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/${cfg.package.version}/src/daemon/client.conf.in
'';
@@ -82,7 +82,7 @@ in {
client-rt = mkOption {
type = json.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Configuration for realtime pipewire clients. For details see
https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/${cfg.package.version}/src/daemon/client-rt.conf.in
'';
@@ -91,7 +91,7 @@ in {
jack = mkOption {
type = json.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Configuration for the pipewire daemon's jack module. For details see
https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/${cfg.package.version}/src/daemon/jack.conf.in
'';
@@ -100,7 +100,7 @@ in {
pipewire = mkOption {
type = json.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Configuration for the pipewire daemon. For details see
https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/${cfg.package.version}/src/daemon/pipewire.conf.in
'';
@@ -109,7 +109,7 @@ in {
pipewire-pulse = mkOption {
type = json.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Configuration for the pipewire-pulse daemon. For details see
https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/${cfg.package.version}/src/daemon/pipewire-pulse.conf.in
'';
@@ -122,7 +122,7 @@ in {
# this is for backwards compatibility
default = cfg.alsa.enable || cfg.jack.enable || cfg.pulse.enable;
defaultText = lib.literalExpression "config.services.pipewire.alsa.enable || config.services.pipewire.jack.enable || config.services.pipewire.pulse.enable";
- description = "Whether to use PipeWire as the primary sound server";
+ description = lib.mdDoc "Whether to use PipeWire as the primary sound server";
};
};
@@ -142,7 +142,7 @@ in {
systemWide = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If true, a system-wide PipeWire service and socket is enabled
allowing all users in the "pipewire" group to use it simultaneously.
If false, then user units are used instead, restricting access to
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/wireplumber.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/wireplumber.nix
index 439a3ae68da..32490773b5e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/wireplumber.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/pipewire/wireplumber.nix
@@ -14,14 +14,14 @@ in
type = lib.types.bool;
default = config.services.pipewire.enable;
defaultText = lib.literalExpression "config.services.pipewire.enable";
- description = "Whether to enable Wireplumber, a modular session / policy manager for PipeWire";
+ description = lib.mdDoc "Whether to enable Wireplumber, a modular session / policy manager for PipeWire";
};
package = lib.mkOption {
type = lib.types.package;
default = pkgs.wireplumber;
defaultText = lib.literalExpression "pkgs.wireplumber";
- description = "The wireplumber derivation to use.";
+ description = lib.mdDoc "The wireplumber derivation to use.";
};
};
};
@@ -50,6 +50,12 @@ in
default_access.properties["enable-flatpak-portal"] = false
'';
};
+ environment.etc."wireplumber/bluetooth.lua.d/80-systemwide.lua" = lib.mkIf config.services.pipewire.systemWide {
+ text = ''
+ -- When running system-wide, logind-integration needs to be disabled.
+ bluez_monitor.properties["with-logind"] = false
+ '';
+ };
systemd.packages = [ cfg.package ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/profile-sync-daemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/profile-sync-daemon.nix
index 6206295272f..e307c673500 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/profile-sync-daemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/profile-sync-daemon.nix
@@ -9,7 +9,7 @@ in {
enable = mkOption {
type = bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Profile Sync daemon.
'';
};
@@ -17,7 +17,7 @@ in {
type = str;
default = "1h";
example = "1h 30min";
- description = ''
+ description = lib.mdDoc ''
The amount of time to wait before syncing browser profiles back to the
disk.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/telepathy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/telepathy.nix
index b5f6a5fcbcf..cdc6eb26de7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/telepathy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/desktops/telepathy.nix
@@ -19,7 +19,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Telepathy service, a communications framework
that enables real-time communication via pluggable protocol backends.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/blackfire.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/blackfire.nix
index 8564aabc6a3..6b71e59d4bd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/blackfire.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/blackfire.nix
@@ -18,7 +18,7 @@ in {
services.blackfire-agent = {
enable = lib.mkEnableOption "Blackfire profiler agent";
settings = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
See https://blackfire.io/docs/up-and-running/configuration/agent
'';
type = lib.types.submodule {
@@ -27,7 +27,7 @@ in {
options = {
server-id = lib.mkOption {
type = lib.types.str;
- description = ''
+ description = lib.mdDoc ''
Sets the server id used to authenticate with Blackfire
You can find your personal server-id at https://blackfire.io/my/settings/credentials
@@ -36,7 +36,7 @@ in {
server-token = lib.mkOption {
type = lib.types.str;
- description = ''
+ description = lib.mdDoc ''
Sets the server token used to authenticate with Blackfire
You can find your personal server-token at https://blackfire.io/my/settings/credentials
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/bloop.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/bloop.nix
index c1180a8bbdd..27da76a7443 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/bloop.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/bloop.nix
@@ -17,7 +17,7 @@ in {
"-J-XX:MaxInlineLevel=20"
"-J-XX:+UseParallelGC"
];
- description = ''
+ description = lib.mdDoc ''
Specifies additional command line argument to pass to bloop
java process.
'';
@@ -26,7 +26,7 @@ in {
install = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to install a user service for the Bloop server.
The service must be manually started for each user with
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/distccd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/distccd.nix
index 9f6d5c813c4..7a8e780c3eb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/distccd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/distccd.nix
@@ -14,7 +14,7 @@ in
type = types.listOf types.str;
default = [ "127.0.0.1" ];
example = [ "127.0.0.1" "192.168.0.0/24" "10.0.0.0/24" ];
- description = ''
+ description = lib.mdDoc ''
Client IPs which are allowed to connect to distccd in CIDR notation.
Anyone who can connect to the distccd server can run arbitrary
@@ -26,7 +26,7 @@ in
jobTimeout = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Maximum duration, in seconds, of a single compilation request.
'';
};
@@ -34,7 +34,7 @@ in
logLevel = mkOption {
type = types.nullOr (types.enum [ "critical" "error" "warning" "notice" "info" "debug" ]);
default = "warning";
- description = ''
+ description = lib.mdDoc ''
Set the minimum severity of error that will be included in the log
file. Useful if you only want to see error messages rather than an
entry for each connection.
@@ -44,7 +44,7 @@ in
maxJobs = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Maximum number of tasks distccd should execute at any time.
'';
};
@@ -53,7 +53,7 @@ in
nice = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Niceness of the compilation tasks.
'';
};
@@ -61,7 +61,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Opens the specified TCP port for distcc.
'';
};
@@ -70,7 +70,7 @@ in
type = types.package;
default = pkgs.distcc;
defaultText = literalExpression "pkgs.distcc";
- description = ''
+ description = lib.mdDoc ''
The distcc package to use.
'';
};
@@ -78,7 +78,7 @@ in
port = mkOption {
type = types.port;
default = 3632;
- description = ''
+ description = lib.mdDoc ''
The TCP port which distccd will listen on.
'';
};
@@ -88,7 +88,7 @@ in
port = mkOption {
type = types.port;
default = 3633;
- description = ''
+ description = lib.mdDoc ''
The TCP port which the distccd statistics HTTP server will listen
on.
'';
@@ -98,7 +98,7 @@ in
zeroconf = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to register via mDNS/DNS-SD
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/hoogle.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/hoogle.nix
index 7c2a1c8e162..399ffccabfc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/hoogle.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/hoogle.nix
@@ -19,7 +19,7 @@ in {
port = mkOption {
type = types.port;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
Port number Hoogle will be listening to.
'';
};
@@ -39,7 +39,7 @@ in {
};
haskellPackages = mkOption {
- description = "Which haskell package set to use.";
+ description = lib.mdDoc "Which haskell package set to use.";
type = types.attrs;
default = pkgs.haskellPackages;
defaultText = literalExpression "pkgs.haskellPackages";
@@ -47,13 +47,13 @@ in {
home = mkOption {
type = types.str;
- description = "Url for hoogle logo";
+ description = lib.mdDoc "Url for hoogle logo";
default = "https://hoogle.haskell.org";
};
host = mkOption {
type = types.str;
- description = "Set the host to bind on.";
+ description = lib.mdDoc "Set the host to bind on.";
default = "127.0.0.1";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/jupyter/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/jupyter/default.nix
index 4eacc4782a9..7c86e8b6478 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/jupyter/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/jupyter/default.nix
@@ -143,6 +143,9 @@ in {
language = "python";
logo32 = "''${env.sitePackages}/ipykernel/resources/logo-32x32.png";
logo64 = "''${env.sitePackages}/ipykernel/resources/logo-64x64.png";
+ extraPaths = {
+ "cool.txt" = pkgs.writeText "cool" "cool content";
+ };
};
}
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/jupyter/kernel-options.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/jupyter/kernel-options.nix
index 348a8b44b38..0a9eaafa318 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/jupyter/kernel-options.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/jupyter/kernel-options.nix
@@ -56,5 +56,14 @@ with lib;
Path to 64x64 logo png.
'';
};
+
+ extraPaths = mkOption {
+ type = types.attrsOf types.path;
+ default = { };
+ example = literalExpression ''"{ examples = ''${env.sitePack}/IRkernel/kernelspec/kernel.js"; }'';
+ description = ''
+ Extra paths to link in kernel directory
+ '';
+ };
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/lorri.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/lorri.nix
index bda63518bfd..a82b3f57f8e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/lorri.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/lorri.nix
@@ -18,7 +18,7 @@ in {
package = lib.mkOption {
default = pkgs.lorri;
type = lib.types.package;
- description = ''
+ description = lib.mdDoc ''
The lorri package to use.
'';
defaultText = lib.literalExpression "pkgs.lorri";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/rstudio-server/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/rstudio-server/default.nix
index cd903c7e55b..74a7cd2f4e5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/rstudio-server/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/rstudio-server/default.nix
@@ -26,7 +26,7 @@ in
serverWorkingDir = mkOption {
type = types.str;
default = "/var/lib/rstudio-server";
- description = ''
+ description = lib.mdDoc ''
Default working directory for server (server-working-dir in rserver.conf).
'';
};
@@ -34,7 +34,7 @@ in
listenAddr = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Address to listen on (www-address in rserver.conf).
'';
};
@@ -44,7 +44,7 @@ in
default = pkgs.rstudio-server;
defaultText = literalExpression "pkgs.rstudio-server";
example = literalExpression "pkgs.rstudioServerWrapper.override { packages = [ pkgs.rPackages.ggplot2 ]; }";
- description = ''
+ description = lib.mdDoc ''
Rstudio server package to use. Can be set to rstudioServerWrapper to provide packages.
'';
};
@@ -52,7 +52,7 @@ in
rserverExtraConfig = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra contents for rserver.conf.
'';
};
@@ -60,7 +60,7 @@ in
rsessionExtraConfig = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra contents for resssion.conf.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/zammad.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/zammad.nix
index d457a607187..503f54aee2c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/zammad.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/development/zammad.nix
@@ -34,13 +34,13 @@ in
type = types.package;
default = pkgs.zammad;
defaultText = literalExpression "pkgs.zammad";
- description = "Zammad package to use.";
+ description = lib.mdDoc "Zammad package to use.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/zammad";
- description = ''
+ description = lib.mdDoc ''
Path to a folder that will contain Zammad working directory.
'';
};
@@ -49,25 +49,25 @@ in
type = types.str;
default = "127.0.0.1";
example = "192.168.23.42";
- description = "Host address.";
+ description = lib.mdDoc "Host address.";
};
openPorts = mkOption {
type = types.bool;
default = false;
- description = "Whether to open firewall ports for Zammad";
+ description = lib.mdDoc "Whether to open firewall ports for Zammad";
};
port = mkOption {
type = types.port;
default = 3000;
- description = "Web service port.";
+ description = lib.mdDoc "Web service port.";
};
websocketPort = mkOption {
type = types.port;
default = 6042;
- description = "Websocket service port.";
+ description = lib.mdDoc "Websocket service port.";
};
database = {
@@ -75,7 +75,7 @@ in
type = types.enum [ "PostgreSQL" "MySQL" ];
default = "PostgreSQL";
example = "MySQL";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
@@ -90,7 +90,7 @@ in
MySQL = "localhost";
}.''${config.services.zammad.database.type};
'';
- description = ''
+ description = lib.mdDoc ''
Database host address.
'';
};
@@ -98,13 +98,13 @@ in
port = mkOption {
type = types.nullOr types.port;
default = null;
- description = "Database port. Use null for default port.";
+ description = lib.mdDoc "Database port. Use `null` for default port.";
};
name = mkOption {
type = types.str;
default = "zammad";
- description = ''
+ description = lib.mdDoc ''
Database name.
'';
};
@@ -112,22 +112,22 @@ in
user = mkOption {
type = types.nullOr types.str;
default = "zammad";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/zammad-dbpassword";
- description = ''
- A file containing the password for .
+ description = lib.mdDoc ''
+ A file containing the password for {option}`services.zammad.database.user`.
'';
};
createLocally = mkOption {
type = types.bool;
default = true;
- description = "Whether to create a local database automatically.";
+ description = lib.mdDoc "Whether to create a local database automatically.";
};
settings = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/display-managers/greetd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/display-managers/greetd.nix
index 895961707d3..a81fcbf19d1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/display-managers/greetd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/display-managers/greetd.nix
@@ -14,7 +14,7 @@ in
type = types.package;
default = pkgs.greetd.greetd;
defaultText = literalExpression "pkgs.greetd.greetd";
- description = "The greetd package that should be used.";
+ description = lib.mdDoc "The greetd package that should be used.";
};
settings = mkOption {
@@ -26,8 +26,8 @@ in
};
}
'';
- description = ''
- greetd configuration (documentation)
+ description = lib.mdDoc ''
+ greetd configuration ([documentation](https://man.sr.ht/~kennylevinsen/greetd/))
as a Nix attribute set.
'';
};
@@ -35,7 +35,7 @@ in
vt = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
The virtual console (tty) that greetd should use. This option also disables getty on that tty.
'';
};
@@ -44,7 +44,7 @@ in
type = types.bool;
default = !(cfg.settings ? initial_session);
defaultText = literalExpression "!(config.services.greetd.settings ? initial_session)";
- description = ''
+ description = lib.mdDoc ''
Wether to restart greetd when it terminates (e.g. on failure).
This is usually desirable so a user can always log in, but should be disabled when using 'settings.initial_session' (autologin),
because every greetd restart will trigger the autologin again.
@@ -54,7 +54,7 @@ in
config = mkIf cfg.enable {
services.greetd.settings.terminal.vt = mkDefault cfg.vt;
- services.greetd.settings.default_session = mkDefault "greeter";
+ services.greetd.settings.default_session.user = mkDefault "greeter";
security.pam.services.greetd = {
allowNullPassword = true;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/emacs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/emacs.nix
index e2bbd27f6e5..0d9949d2ba5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/emacs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/emacs.nix
@@ -67,7 +67,7 @@ in
type = types.package;
default = pkgs.emacs;
defaultText = literalExpression "pkgs.emacs";
- description = ''
+ description = lib.mdDoc ''
emacs derivation to use.
'';
};
@@ -75,7 +75,7 @@ in
defaultEditor = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
When enabled, configures emacsclient to be the default editor
using the EDITOR environment variable.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/haste.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/haste.nix
index 35fe26766ef..2208dccbc03 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/haste.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/haste.nix
@@ -14,9 +14,9 @@ in
openFirewall = mkEnableOption "firewall passthrough for haste-server";
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Configuration for haste-server.
- For documentation see project readme
+ For documentation see [project readme](https://github.com/toptal/haste-server#settings)
'';
type = format.type;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/infinoted.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/infinoted.nix
index 16fe52a232b..d2eb4946f2f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/infinoted.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/editors/infinoted.nix
@@ -12,7 +12,7 @@ in {
type = types.package;
default = pkgs.libinfinity;
defaultText = literalExpression "pkgs.libinfinity";
- description = ''
+ description = lib.mdDoc ''
Package providing infinoted
'';
};
@@ -20,7 +20,7 @@ in {
keyFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Private key to use for TLS
'';
};
@@ -28,7 +28,7 @@ in {
certificateFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Server certificate to use for TLS
'';
};
@@ -45,7 +45,7 @@ in {
securityPolicy = mkOption {
type = types.enum ["no-tls" "allow-tls" "require-tls"];
default = "require-tls";
- description = ''
+ description = lib.mdDoc ''
How strictly to enforce clients connection with TLS.
'';
};
@@ -53,7 +53,7 @@ in {
port = mkOption {
type = types.port;
default = 6523;
- description = ''
+ description = lib.mdDoc ''
Port to listen on
'';
};
@@ -61,7 +61,7 @@ in {
rootDirectory = mkOption {
type = types.path;
default = "/var/lib/infinoted/documents/";
- description = ''
+ description = lib.mdDoc ''
Root of the directory structure to serve
'';
};
@@ -69,7 +69,7 @@ in {
plugins = mkOption {
type = types.listOf types.str;
default = [ "note-text" "note-chat" "logging" "autosave" ];
- description = ''
+ description = lib.mdDoc ''
Plugins to enable
'';
};
@@ -77,7 +77,7 @@ in {
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File to read server-wide password from
'';
};
@@ -88,7 +88,7 @@ in {
[autosave]
interval=10
'';
- description = ''
+ description = lib.mdDoc ''
Additional configuration to append to infinoted.conf
'';
};
@@ -96,7 +96,7 @@ in {
user = mkOption {
type = types.str;
default = "infinoted";
- description = ''
+ description = lib.mdDoc ''
What to call the dedicated user under which infinoted is run
'';
};
@@ -104,7 +104,7 @@ in {
group = mkOption {
type = types.str;
default = "infinoted";
- description = ''
+ description = lib.mdDoc ''
What to call the primary group of the dedicated user under which infinoted is run
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/finance/odoo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/finance/odoo.nix
index 422ee951007..78c54a9e056 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/finance/odoo.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/finance/odoo.nix
@@ -15,27 +15,27 @@ in
type = types.package;
default = pkgs.odoo;
defaultText = literalExpression "pkgs.odoo";
- description = "Odoo package to use.";
+ description = lib.mdDoc "Odoo package to use.";
};
addons = mkOption {
type = with types; listOf package;
default = [];
example = literalExpression "[ pkgs.odoo_enterprise ]";
- description = "Odoo addons.";
+ description = lib.mdDoc "Odoo addons.";
};
settings = mkOption {
type = format.type;
default = {};
- description = ''
- Odoo configuration settings. For more details see
+ description = lib.mdDoc ''
+ Odoo configuration settings. For more details see
'';
};
domain = mkOption {
type = with types; nullOr str;
- description = "Domain to host Odoo with nginx";
+ description = lib.mdDoc "Domain to host Odoo with nginx";
default = null;
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/asf.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/asf.nix
index ed1a5544d7a..37247e195a7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/asf.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/asf.nix
@@ -32,7 +32,7 @@ in
options.services.archisteamfarm = {
enable = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If enabled, starts the ArchisSteamFarm service.
For configuring the SteamGuard token you will need to use the web-ui, which is enabled by default over on 127.0.0.1:1242.
You cannot configure ASF in any way outside of nix, since all the config files get wiped on restart and replaced with the programatically set ones by nix.
@@ -50,7 +50,7 @@ in
type = types.package;
default = pkgs.ArchiSteamFarm.ui;
description =
- "Web-UI package to use. Contents must be in lib/dist.";
+ lib.mdDoc "Web-UI package to use. Contents must be in lib/dist.";
};
};
};
@@ -61,20 +61,20 @@ in
example = {
enable = false;
};
- description = "The Web-UI hosted on 127.0.0.1:1242.";
+ description = lib.mdDoc "The Web-UI hosted on 127.0.0.1:1242.";
};
package = mkOption {
type = types.package;
default = pkgs.ArchiSteamFarm;
description =
- "Package to use. Should always be the latest version, for security reasons, since this module uses very new features and to not get out of sync with the Steam API.";
+ lib.mdDoc "Package to use. Should always be the latest version, for security reasons, since this module uses very new features and to not get out of sync with the Steam API.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/asf";
- description = ''
+ description = lib.mdDoc ''
The ASF home directory used to store all data.
If left as the default value this directory will automatically be created before the ASF server starts, otherwise the sysadmin is responsible for ensuring the directory exists with appropriate ownership and permissions.'';
};
@@ -96,14 +96,14 @@ in
ipcPasswordFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Path to a file containig the password. The file must be readable by the asf user/group.";
+ description = lib.mdDoc "Path to a file containig the password. The file must be readable by the `asf` user/group.";
};
ipcSettings = mkOption {
type = format.type;
- description = ''
+ description = lib.mdDoc ''
Settings to write to IPC.config.
- All options can be found here.
+ All options can be found [here](https://github.com/JustArchiNET/ArchiSteamFarm/wiki/IPC#custom-configuration).
'';
example = {
Kestrel = {
@@ -122,17 +122,17 @@ in
options = {
username = mkOption {
type = types.str;
- description = "Name of the user to log in. Default is attribute name.";
+ description = lib.mdDoc "Name of the user to log in. Default is attribute name.";
default = "";
};
passwordFile = mkOption {
type = types.path;
- description = "Path to a file containig the password. The file must be readable by the asf user/group.";
+ description = lib.mdDoc "Path to a file containig the password. The file must be readable by the `asf` user/group.";
};
enabled = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable the bot on startup.";
+ description = lib.mdDoc "Whether to enable the bot on startup.";
};
settings = mkOption {
type = types.attrs;
@@ -141,7 +141,7 @@ in
};
};
});
- description = ''
+ description = lib.mdDoc ''
Bots name and configuration.
'';
example = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/crossfire-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/crossfire-server.nix
index a33025e0c3e..4b9813245fb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/crossfire-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/crossfire-server.nix
@@ -10,7 +10,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, the Crossfire game server will be started at boot.
'';
};
@@ -19,7 +19,7 @@ in {
type = types.package;
default = pkgs.crossfire-server;
defaultText = literalExpression "pkgs.crossfire-server";
- description = ''
+ description = lib.mdDoc ''
The package to use for the Crossfire server (and map/arch data, if you
don't change dataDir).
'';
@@ -29,7 +29,7 @@ in {
type = types.str;
default = "${cfg.package}/share/crossfire";
defaultText = literalExpression ''"''${config.services.crossfire.package}/share/crossfire"'';
- description = ''
+ description = lib.mdDoc ''
Where to load readonly data from -- maps, archetypes, treasure tables,
and the like. If you plan to edit the data on the live server (rather
than overlaying the crossfire-maps and crossfire-arch packages and
@@ -54,7 +54,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open ports in the firewall for the server.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/deliantra-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/deliantra-server.nix
index b7011f4c354..1a061860124 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/deliantra-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/deliantra-server.nix
@@ -10,7 +10,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, the Deliantra game server will be started at boot.
'';
};
@@ -19,7 +19,7 @@ in {
type = types.package;
default = pkgs.deliantra-server;
defaultText = literalExpression "pkgs.deliantra-server";
- description = ''
+ description = lib.mdDoc ''
The package to use for the Deliantra server (and map/arch data, if you
don't change dataDir).
'';
@@ -29,7 +29,7 @@ in {
type = types.str;
default = "${pkgs.deliantra-data}";
defaultText = literalExpression ''"''${pkgs.deliantra-data}"'';
- description = ''
+ description = lib.mdDoc ''
Where to store readonly data (maps, archetypes, sprites, etc).
Note that if you plan to use the live map editor (rather than editing
the maps offline and then nixos-rebuilding), THIS MUST BE WRITEABLE --
@@ -54,14 +54,14 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open ports in the firewall for the server.
'';
};
configFiles = mkOption {
type = types.attrsOf types.str;
- description = ''
+ description = lib.mdDoc ''
Contents of the server configuration files. These will be appended to
the example configurations the server comes with and overwrite any
default settings defined therein.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/factorio.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/factorio.nix
index bb6898a08c5..893afa97722 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/factorio.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/factorio.nix
@@ -48,7 +48,7 @@ in
port = mkOption {
type = types.int;
default = 34197;
- description = ''
+ description = lib.mdDoc ''
The port to which the service should bind.
'';
};
@@ -56,7 +56,7 @@ in
bind = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
The address to which the service should bind.
'';
};
@@ -65,7 +65,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "username" ];
- description = ''
+ description = lib.mdDoc ''
List of player names which will be admin.
'';
};
@@ -73,14 +73,14 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically open the specified UDP port in the firewall.
'';
};
saveName = mkOption {
type = types.str;
default = "default";
- description = ''
+ description = lib.mdDoc ''
The name of the savegame that will be used by the server.
When not present in /var/lib/''${config.services.factorio.stateDirName}/saves,
@@ -90,7 +90,7 @@ in
loadLatestSave = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Load the latest savegame on startup. This overrides saveName, in that the latest
save will always be used even if a saved game of the given name exists. It still
controls the 'canonical' name of the savegame.
@@ -107,7 +107,7 @@ in
type = types.path;
default = configFile;
defaultText = literalExpression "configFile";
- description = ''
+ description = lib.mdDoc ''
The server's configuration file.
The default file generated by this module contains lines essential to
@@ -118,7 +118,7 @@ in
stateDirName = mkOption {
type = types.str;
default = "factorio";
- description = ''
+ description = lib.mdDoc ''
Name of the directory under /var/lib holding the server's data.
The configuration and map will be stored here.
@@ -127,7 +127,7 @@ in
mods = mkOption {
type = types.listOf types.package;
default = [];
- description = ''
+ description = lib.mdDoc ''
Mods the server should install and activate.
The derivations in this list must "build" the mod by simply copying
@@ -139,14 +139,14 @@ in
game-name = mkOption {
type = types.nullOr types.str;
default = "Factorio Game";
- description = ''
+ description = lib.mdDoc ''
Name of the game as it will appear in the game listing.
'';
};
description = mkOption {
type = types.nullOr types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Description of the game that will appear in the listing.
'';
};
@@ -154,28 +154,28 @@ in
type = types.attrs;
default = {};
example = { admins = [ "username" ];};
- description = ''
+ description = lib.mdDoc ''
Extra game configuration that will go into server-settings.json
'';
};
public = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Game will be published on the official Factorio matching server.
'';
};
lan = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Game will be broadcast on LAN.
'';
};
username = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Your factorio.com login credentials. Required for games with visibility public.
'';
};
@@ -184,35 +184,35 @@ in
default = pkgs.factorio-headless;
defaultText = literalExpression "pkgs.factorio-headless";
example = literalExpression "pkgs.factorio-headless-experimental";
- description = ''
+ description = lib.mdDoc ''
Factorio version to use. This defaults to the stable channel.
'';
};
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Your factorio.com login credentials. Required for games with visibility public.
'';
};
token = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Authentication token. May be used instead of 'password' above.
'';
};
game-password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Game password.
'';
};
requireUserVerification = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
When set to true, the server will only allow clients that have a valid factorio.com account.
'';
};
@@ -220,14 +220,14 @@ in
type = types.nullOr types.int;
default = null;
example = 10;
- description = ''
+ description = lib.mdDoc ''
Autosave interval in minutes.
'';
};
nonBlockingSaving = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Highly experimental feature, enable only at your own risk of losing your saves.
On UNIX systems, server will fork itself to create an autosave.
Autosaving on connected Windows clients will be disabled regardless of autosave_only_on_server option.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/freeciv.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/freeciv.nix
index 4923891a617..02af9fda7af 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/freeciv.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/freeciv.nix
@@ -27,7 +27,7 @@ in
services.freeciv = {
enable = mkEnableOption ''freeciv'';
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Parameters of freeciv-server.
'';
default = {};
@@ -36,7 +36,7 @@ in
options.Announce = mkOption {
type = types.enum ["IPv4" "IPv6" "none"];
default = "none";
- description = "Announce game in LAN using given protocol.";
+ description = lib.mdDoc "Announce game in LAN using given protocol.";
};
options.auth = mkEnableOption "server authentication";
options.Database = mkOption {
@@ -47,12 +47,12 @@ in
backend="sqlite"
database="/var/lib/freeciv/auth.sqlite"
'';
- description = "Enable database connection with given configuration.";
+ description = lib.mdDoc "Enable database connection with given configuration.";
};
options.debug = mkOption {
type = types.ints.between 0 3;
default = 0;
- description = "Set debug log level.";
+ description = lib.mdDoc "Set debug log level.";
};
options.exit-on-end = mkEnableOption "exit instead of restarting when a game ends.";
options.Guests = mkEnableOption "guests to login if auth is enabled";
@@ -60,12 +60,12 @@ in
options.port = mkOption {
type = types.port;
default = 5556;
- description = "Listen for clients on given port";
+ description = lib.mdDoc "Listen for clients on given port";
};
options.quitidle = mkOption {
type = types.nullOr types.int;
default = null;
- description = "Quit if no players for given time in seconds.";
+ description = lib.mdDoc "Quit if no players for given time in seconds.";
};
options.read = mkOption {
type = types.lines;
@@ -73,12 +73,12 @@ in
default = ''
/fcdb lua sqlite_createdb()
'';
- description = "Startup script.";
+ description = lib.mdDoc "Startup script.";
};
options.saves = mkOption {
type = types.nullOr types.str;
default = "/var/lib/freeciv/saves/";
- description = ''
+ description = lib.mdDoc ''
Save games to given directory,
a sub-directory named after the starting date of the service
will me inserted to preserve older saves.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/minecraft-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/minecraft-server.nix
index 8233962c1a2..77f92ab97db 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/minecraft-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/minecraft-server.nix
@@ -22,6 +22,15 @@ let
'' + concatStringsSep "\n" (mapAttrsToList
(n: v: "${n}=${cfgToString v}") cfg.serverProperties));
+ stopScript = pkgs.writeShellScript "minecraft-server-stop" ''
+ echo stop > ${config.systemd.sockets.minecraft-server.socketConfig.ListenFIFO}
+
+ # Wait for the PID of the minecraft server to disappear before
+ # returning, so systemd doesn't attempt to SIGKILL it.
+ while kill -0 "$1" 2> /dev/null; do
+ sleep 1s
+ done
+ '';
# To be able to open the firewall, we need to read out port values in the
# server properties, but fall back to the defaults when those don't exist.
@@ -45,21 +54,21 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, start a Minecraft Server. The server
data will be loaded from and saved to
- .
+ {option}`services.minecraft-server.dataDir`.
'';
};
declarative = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use a declarative Minecraft server configuration.
- Only if set to true, the options
- and
- will be
+ Only if set to `true`, the options
+ {option}`services.minecraft-server.whitelist` and
+ {option}`services.minecraft-server.serverProperties` will be
applied.
'';
};
@@ -67,18 +76,18 @@ in {
eula = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether you agree to
-
- Mojangs EULA. This option must be set to
- true to run Minecraft server.
+ [
+ Mojangs EULA](https://account.mojang.com/documents/minecraft_eula). This option must be set to
+ `true` to run Minecraft server.
'';
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/minecraft";
- description = ''
+ description = lib.mdDoc ''
Directory to store Minecraft database and other state/data files.
'';
};
@@ -86,7 +95,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open ports in the firewall for the server.
'';
};
@@ -99,14 +108,14 @@ in {
};
in types.attrsOf minecraftUUID;
default = {};
- description = ''
+ description = lib.mdDoc ''
Whitelisted players, only has an effect when
- is
- true and the whitelist is enabled
- via by
- setting white-list to true.
+ {option}`services.minecraft-server.declarative` is
+ `true` and the whitelist is enabled
+ via {option}`services.minecraft-server.serverProperties` by
+ setting `white-list` to `true`.
This is a mapping from Minecraft usernames to UUIDs.
- You can use to get a
+ You can use to get a
Minecraft UUID for a username.
'';
example = literalExpression ''
@@ -132,11 +141,11 @@ in {
"rcon.password" = "hunter2";
}
'';
- description = ''
+ description = lib.mdDoc ''
Minecraft server properties for the server.properties file. Only has
- an effect when
- is set to true. See
-
+ an effect when {option}`services.minecraft-server.declarative`
+ is set to `true`. See
+
for documentation on these values.
'';
};
@@ -146,7 +155,7 @@ in {
default = pkgs.minecraft-server;
defaultText = literalExpression "pkgs.minecraft-server";
example = literalExpression "pkgs.minecraft-server_1_12_2";
- description = "Version of minecraft-server to run.";
+ description = lib.mdDoc "Version of minecraft-server to run.";
};
jvmOpts = mkOption {
@@ -156,7 +165,7 @@ in {
example = "-Xms4092M -Xmx4092M -XX:+UseG1GC -XX:+CMSIncrementalPacing "
+ "-XX:+CMSClassUnloadingEnabled -XX:ParallelGCThreads=2 "
+ "-XX:MinHeapFreeRatio=5 -XX:MaxHeapFreeRatio=10";
- description = "JVM options for the Minecraft server.";
+ description = lib.mdDoc "JVM options for the Minecraft server.";
};
};
};
@@ -172,16 +181,35 @@ in {
};
users.groups.minecraft = {};
+ systemd.sockets.minecraft-server = {
+ bindsTo = [ "minecraft-server.service" ];
+ socketConfig = {
+ ListenFIFO = "/run/minecraft-server.stdin";
+ SocketMode = "0660";
+ SocketUser = "minecraft";
+ SocketGroup = "minecraft";
+ RemoveOnStop = true;
+ FlushPending = true;
+ };
+ };
+
systemd.services.minecraft-server = {
description = "Minecraft Server Service";
wantedBy = [ "multi-user.target" ];
- after = [ "network.target" ];
+ requires = [ "minecraft-server.socket" ];
+ after = [ "network.target" "minecraft-server.socket" ];
serviceConfig = {
ExecStart = "${cfg.package}/bin/minecraft-server ${cfg.jvmOpts}";
+ ExecStop = "${stopScript} $MAINPID";
Restart = "always";
User = "minecraft";
WorkingDirectory = cfg.dataDir;
+
+ StandardInput = "socket";
+ StandardOutput = "journal";
+ StandardError = "journal";
+
# Hardening
CapabilityBoundingSet = [ "" ];
DeviceAllow = [ "" ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/minetest-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/minetest-server.nix
index 2111c970d4f..bc6ab7462d6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/minetest-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/minetest-server.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "If enabled, starts a Minetest Server.";
+ description = lib.mdDoc "If enabled, starts a Minetest Server.";
};
gameId = mkOption {
@@ -58,7 +58,7 @@ in
logPath = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to logfile for logging.
If set to null, logging will be output to stdout which means
@@ -69,7 +69,7 @@ in
port = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Port number to bind to.
If set to null, the default 30000 will be used.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/openarena.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/openarena.nix
index 9c441e98b20..e38bc8f205a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/openarena.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/openarena.nix
@@ -13,13 +13,13 @@ in
openPorts = mkOption {
type = types.bool;
default = false;
- description = "Whether to open firewall ports for OpenArena";
+ description = lib.mdDoc "Whether to open firewall ports for OpenArena";
};
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
- description = "Extra flags to pass to oa_ded";
+ description = lib.mdDoc "Extra flags to pass to {command}`oa_ded`";
example = [
"+set dedicated 2"
"+set sv_hostname 'My NixOS OpenArena Server'"
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/quake3-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/quake3-server.nix
index 175af4a8382..69fdbc50d87 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/quake3-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/quake3-server.nix
@@ -42,7 +42,7 @@ in {
port = mkOption {
type = types.port;
default = 27960;
- description = ''
+ description = lib.mdDoc ''
UDP Port the server should listen on.
'';
};
@@ -50,7 +50,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open the firewall.
'';
};
@@ -62,7 +62,7 @@ in {
seta rconPassword "superSecret" // sets RCON password for remote console
seta sv_hostname "My Quake 3 server" // name that appears in server list
'';
- description = ''
+ description = lib.mdDoc ''
Extra configuration options. Note that options changed via RCON will not be persisted. To list all possible
options, use "cvarlist 1" via RCON.
'';
@@ -73,7 +73,7 @@ in {
default = defaultBaseq3;
defaultText = literalDocBook "Manually downloaded Quake 3 installation directory.";
example = "/var/lib/q3ds";
- description = ''
+ description = lib.mdDoc ''
Path to the baseq3 files (pak*.pk3). If this is on the nix store (type = package) all .pk3 files should be saved
in the top-level directory. If this is on another filesystem (e.g /var/lib/baseq3) the .pk3 files are searched in
$baseq3/.q3a/baseq3/
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/teeworlds.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/teeworlds.nix
index babf989c98c..6ddd0bee60c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/teeworlds.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/teeworlds.nix
@@ -25,13 +25,13 @@ in
openPorts = mkOption {
type = types.bool;
default = false;
- description = "Whether to open firewall ports for Teeworlds";
+ description = lib.mdDoc "Whether to open firewall ports for Teeworlds";
};
name = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Name of the server. Defaults to 'unnamed server'.
'';
};
@@ -40,7 +40,7 @@ in
type = types.bool;
example = true;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether the server registers as public server in the global server list. This is disabled by default because of privacy.
'';
};
@@ -48,7 +48,7 @@ in
motd = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Set the server message of the day text.
'';
};
@@ -56,7 +56,7 @@ in
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Password to connect to the server.
'';
};
@@ -64,7 +64,7 @@ in
rconPassword = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Password to access the remote console. If not set, a randomly generated one is displayed in the server log.
'';
};
@@ -72,7 +72,7 @@ in
port = mkOption {
type = types.int;
default = 8303;
- description = ''
+ description = lib.mdDoc ''
Port the server will listen on.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/terraria.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/terraria.nix
index 29f976b3c2a..cd1bb7d819d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/terraria.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/games/terraria.nix
@@ -36,16 +36,16 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- If enabled, starts a Terraria server. The server can be connected to via tmux -S ''${config.${opt.dataDir}}/terraria.sock attach
- for administration by users who are a part of the terraria group (use C-b d shortcut to detach again).
+ description = lib.mdDoc ''
+ If enabled, starts a Terraria server. The server can be connected to via `tmux -S ''${config.${opt.dataDir}}/terraria.sock attach`
+ for administration by users who are a part of the `terraria` group (use `C-b d` shortcut to detach again).
'';
};
port = mkOption {
type = types.port;
default = 7777;
- description = ''
+ description = lib.mdDoc ''
Specifies the port to listen on.
'';
};
@@ -53,7 +53,7 @@ in
maxPlayers = mkOption {
type = types.ints.u8;
default = 255;
- description = ''
+ description = lib.mdDoc ''
Sets the max number of players (between 1 and 255).
'';
};
@@ -61,15 +61,15 @@ in
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
- Sets the server password. Leave null for no password.
+ description = lib.mdDoc ''
+ Sets the server password. Leave `null` for no password.
'';
};
messageOfTheDay = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Set the server message of the day text.
'';
};
@@ -77,18 +77,18 @@ in
worldPath = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
- The path to the world file (.wld) which should be loaded.
+ description = lib.mdDoc ''
+ The path to the world file (`.wld`) which should be loaded.
If no world exists at this path, one will be created with the size
- specified by autoCreatedWorldSize.
+ specified by `autoCreatedWorldSize`.
'';
};
autoCreatedWorldSize = mkOption {
type = types.enum [ "small" "medium" "large" ];
default = "medium";
- description = ''
- Specifies the size of the auto-created world if worldPath does not
+ description = lib.mdDoc ''
+ Specifies the size of the auto-created world if `worldPath` does not
point to an existing world.
'';
};
@@ -96,7 +96,7 @@ in
banListPath = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The path to the ban list.
'';
};
@@ -104,26 +104,26 @@ in
secure = mkOption {
type = types.bool;
default = false;
- description = "Adds additional cheat protection to the server.";
+ description = lib.mdDoc "Adds additional cheat protection to the server.";
};
noUPnP = mkOption {
type = types.bool;
default = false;
- description = "Disables automatic Universal Plug and Play.";
+ description = lib.mdDoc "Disables automatic Universal Plug and Play.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Wheter to open ports in the firewall";
+ description = lib.mdDoc "Wheter to open ports in the firewall";
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/terraria";
example = "/srv/terraria";
- description = "Path to variable state data directory for terraria.";
+ description = lib.mdDoc "Path to variable state data directory for terraria.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/acpid.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/acpid.nix
index 883ef083003..fef2c14b9dc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/acpid.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/acpid.nix
@@ -53,7 +53,7 @@ in
logEvents = mkOption {
type = types.bool;
default = false;
- description = "Log all event activity.";
+ description = lib.mdDoc "Log all event activity.";
};
handlers = mkOption {
@@ -62,12 +62,12 @@ in
event = mkOption {
type = types.str;
example = literalExpression ''"button/power.*" "button/lid.*" "ac_adapter.*" "button/mute.*" "button/volumedown.*" "cd/play.*" "cd/next.*"'';
- description = "Event type.";
+ description = lib.mdDoc "Event type.";
};
action = mkOption {
type = types.lines;
- description = "Shell commands to execute when the event is triggered.";
+ description = lib.mdDoc "Shell commands to execute when the event is triggered.";
};
};
});
@@ -104,19 +104,19 @@ in
powerEventCommands = mkOption {
type = types.lines;
default = "";
- description = "Shell commands to execute on a button/power.* event.";
+ description = lib.mdDoc "Shell commands to execute on a button/power.* event.";
};
lidEventCommands = mkOption {
type = types.lines;
default = "";
- description = "Shell commands to execute on a button/lid.* event.";
+ description = lib.mdDoc "Shell commands to execute on a button/lid.* event.";
};
acEventCommands = mkOption {
type = types.lines;
default = "";
- description = "Shell commands to execute on an ac_adapter.* event.";
+ description = lib.mdDoc "Shell commands to execute on an ac_adapter.* event.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/actkbd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/actkbd.nix
index b499de97b2c..3ad2998e823 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/actkbd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/actkbd.nix
@@ -20,25 +20,25 @@ let
keys = mkOption {
type = types.listOf types.int;
- description = "List of keycodes to match.";
+ description = lib.mdDoc "List of keycodes to match.";
};
events = mkOption {
type = types.listOf (types.enum ["key" "rep" "rel"]);
default = [ "key" ];
- description = "List of events to match.";
+ description = lib.mdDoc "List of events to match.";
};
attributes = mkOption {
type = types.listOf types.str;
default = [ "exec" ];
- description = "List of attributes.";
+ description = lib.mdDoc "List of attributes.";
};
command = mkOption {
type = types.str;
default = "";
- description = "What to run.";
+ description = lib.mdDoc "What to run.";
};
};
@@ -78,19 +78,19 @@ in
[ { keys = [ 113 ]; events = [ "key" ]; command = "''${pkgs.alsa-utils}/bin/amixer -q set Master toggle"; }
]
'';
- description = ''
- Key bindings for actkbd.
+ description = lib.mdDoc ''
+ Key bindings for {command}`actkbd`.
- See actkbdREADME for documentation.
+ See {command}`actkbd` {file}`README` for documentation.
- The example shows a piece of what does when enabled.
+ The example shows a piece of what {option}`sound.mediaKeys.enable` does when enabled.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Literal contents to append to the end of actkbd configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/argonone.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/argonone.nix
index 638181b1b12..61656237d6f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/argonone.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/argonone.nix
@@ -10,7 +10,7 @@ in
type = lib.types.package;
default = pkgs.argononed;
defaultText = "pkgs.argononed";
- description = ''
+ description = lib.mdDoc ''
The package implementing the Argon One driver
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/bluetooth.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/bluetooth.nix
index 69a66723e76..a1e980dbec5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/bluetooth.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/bluetooth.nix
@@ -43,7 +43,7 @@ in
powerOnBoot = mkOption {
type = types.bool;
default = true;
- description = "Whether to power up the default Bluetooth controller on boot.";
+ description = lib.mdDoc "Whether to power up the default Bluetooth controller on boot.";
};
package = mkOption {
@@ -64,7 +64,7 @@ in
disabledPlugins = mkOption {
type = types.listOf types.str;
default = [ ];
- description = "Built-in plugins to disable";
+ description = lib.mdDoc "Built-in plugins to disable";
};
settings = mkOption {
@@ -75,7 +75,7 @@ in
ControllerMode = "bredr";
};
};
- description = "Set configuration for system-wide bluetooth (/etc/bluetooth/main.conf).";
+ description = lib.mdDoc "Set configuration for system-wide bluetooth (/etc/bluetooth/main.conf).";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/bolt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/bolt.nix
index 32b60af0603..6990a9ea63b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/bolt.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/bolt.nix
@@ -12,7 +12,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Bolt, a userspace daemon to enable
security levels for Thunderbolt 3 on GNU/Linux.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/brltty.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/brltty.nix
index 73056017532..3133804f485 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/brltty.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/brltty.nix
@@ -25,7 +25,7 @@ in {
services.brltty.enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the BRLTTY daemon.";
+ description = lib.mdDoc "Whether to enable the BRLTTY daemon.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/fancontrol.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/fancontrol.nix
index 861b70970b8..65c0c60ed3b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/fancontrol.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/fancontrol.nix
@@ -13,7 +13,7 @@ in
config = mkOption {
type = types.lines;
- description = "Required fancontrol configuration file content. See pwmconfig8 from the lm_sensors package.";
+ description = lib.mdDoc "Required fancontrol configuration file content. See {manpage}`pwmconfig(8)` from the lm_sensors package.";
example = ''
# Configuration file generated by pwmconfig
INTERVAL=10
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/freefall.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/freefall.nix
index 3f7b1592449..7b794264ff3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/freefall.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/freefall.nix
@@ -13,7 +13,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to protect HP/Dell laptop hard drives (not SSDs) in free fall.
'';
};
@@ -22,7 +22,7 @@ in {
type = types.package;
default = pkgs.freefall;
defaultText = literalExpression "pkgs.freefall";
- description = ''
+ description = lib.mdDoc ''
freefall derivation to use.
'';
};
@@ -30,7 +30,7 @@ in {
devices = mkOption {
type = types.listOf types.str;
default = [ "/dev/sda" ];
- description = ''
+ description = lib.mdDoc ''
Device paths to all internal spinning hard drives.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/fwupd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/fwupd.nix
index e0506416ffa..241c9d143d3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/fwupd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/fwupd.nix
@@ -53,7 +53,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable fwupd, a DBus service that allows
applications to update firmware.
'';
@@ -63,7 +63,7 @@ in {
type = types.listOf types.str;
default = [];
example = [ "2082b5e0-7a64-478a-b1b2-e3404fab6dad" ];
- description = ''
+ description = lib.mdDoc ''
Allow disabling specific devices by their GUID
'';
};
@@ -72,7 +72,7 @@ in {
type = types.listOf types.str;
default = [];
example = [ "udev" ];
- description = ''
+ description = lib.mdDoc ''
Allow disabling specific plugins
'';
};
@@ -81,7 +81,7 @@ in {
type = types.listOf types.path;
default = [];
example = literalExpression "[ /etc/nixos/fwupd/myfirmware.pem ]";
- description = ''
+ description = lib.mdDoc ''
Installing a public key allows firmware signed with a matching private key to be recognized as trusted, which may require less authentication to install than for untrusted files. By default trusted firmware can be upgraded (but not downgraded) without the user or administrator password. Only very few keys are installed by default.
'';
};
@@ -89,9 +89,9 @@ in {
enableTestRemote = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable test remote. This is used by
- installed tests.
+ [installed tests](https://github.com/fwupd/fwupd/blob/master/data/installed-tests/README.md).
'';
};
@@ -99,7 +99,7 @@ in {
type = types.package;
default = pkgs.fwupd;
defaultText = literalExpression "pkgs.fwupd";
- description = ''
+ description = lib.mdDoc ''
Which fwupd package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/illum.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/illum.nix
index 7f7a8500023..46172fb7b53 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/illum.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/illum.nix
@@ -13,7 +13,7 @@ in {
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable illum, a daemon for controlling screen brightness with brightness buttons.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/interception-tools.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/interception-tools.nix
index e69c05841ee..4f86bd470ea 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/interception-tools.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/interception-tools.nix
@@ -9,14 +9,14 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the interception tools service.";
+ description = lib.mdDoc "Whether to enable the interception tools service.";
};
plugins = mkOption {
type = types.listOf types.package;
default = [ pkgs.interception-tools-plugins.caps2esc ];
defaultText = literalExpression "[ pkgs.interception-tools-plugins.caps2esc ]";
- description = ''
+ description = lib.mdDoc ''
A list of interception tools plugins that will be made available to use
inside the udevmon configuration.
'';
@@ -36,7 +36,7 @@ in {
EVENTS:
EV_KEY: [KEY_X, KEY_Y]
'';
- description = ''
+ description = lib.mdDoc ''
String of udevmon YAML configuration, or path to a udevmon YAML
configuration file.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/joycond.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/joycond.nix
index d81c1bb6d63..c3a71edaa2f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/joycond.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/joycond.nix
@@ -15,7 +15,7 @@ with lib;
type = types.package;
default = pkgs.joycond;
defaultText = "pkgs.joycond";
- description = ''
+ description = lib.mdDoc ''
The joycond package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/kanata.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/kanata.nix
new file mode 100644
index 00000000000..f8250afa4a0
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/kanata.nix
@@ -0,0 +1,156 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+ cfg = config.services.kanata;
+
+ keyboard = {
+ options = {
+ device = mkOption {
+ type = types.str;
+ example = "/dev/input/by-id/usb-0000_0000-event-kbd";
+ description = "Path to the keyboard device.";
+ };
+ config = mkOption {
+ type = types.lines;
+ example = ''
+ (defsrc
+ grv 1 2 3 4 5 6 7 8 9 0 - = bspc
+ tab q w e r t y u i o p [ ] \
+ caps a s d f g h j k l ; ' ret
+ lsft z x c v b n m , . / rsft
+ lctl lmet lalt spc ralt rmet rctl)
+
+ (deflayer qwerty
+ grv 1 2 3 4 5 6 7 8 9 0 - = bspc
+ tab q w e r t y u i o p [ ] \
+ @cap a s d f g h j k l ; ' ret
+ lsft z x c v b n m , . / rsft
+ lctl lmet lalt spc ralt rmet rctl)
+
+ (defalias
+ ;; tap within 100ms for capslk, hold more than 100ms for lctl
+ cap (tap-hold 100 100 caps lctl))
+ '';
+ description = ''
+ Configuration other than defcfg.
+ See for more information.
+ '';
+ };
+ extraDefCfg = mkOption {
+ type = types.lines;
+ default = "";
+ example = "danger-enable-cmd yes";
+ description = ''
+ Configuration of defcfg other than linux-dev.
+ See for more information.
+ '';
+ };
+ };
+ };
+
+ mkName = name: "kanata-${name}";
+
+ mkConfig = name: keyboard: pkgs.writeText "${mkName name}-config.kdb" ''
+ (defcfg
+ ${keyboard.extraDefCfg}
+ linux-dev ${keyboard.device})
+
+ ${keyboard.config}
+ '';
+
+ mkService = name: keyboard: nameValuePair (mkName name) {
+ description = "kanata for ${keyboard.device}";
+
+ # Because path units are used to activate service units, which
+ # will start the old stopped services during "nixos-rebuild
+ # switch", stopIfChanged here is a workaround to make sure new
+ # services are running after "nixos-rebuild switch".
+ stopIfChanged = false;
+
+ serviceConfig = {
+ ExecStart = ''
+ ${cfg.package}/bin/kanata \
+ --cfg ${mkConfig name keyboard}
+ '';
+
+ DynamicUser = true;
+ SupplementaryGroups = with config.users.groups; [
+ input.name
+ uinput.name
+ ];
+
+ # hardening
+ DeviceAllow = [
+ "/dev/uinput w"
+ "char-input r"
+ ];
+ CapabilityBoundingSet = "";
+ DevicePolicy = "closed";
+ IPAddressDeny = "any";
+ LockPersonality = true;
+ MemoryDenyWriteExecute = true;
+ PrivateNetwork = true;
+ PrivateUsers = true;
+ ProcSubset = "pid";
+ ProtectClock = true;
+ ProtectControlGroups = true;
+ ProtectHome = true;
+ ProtectHostname = true;
+ ProtectKernelLogs = true;
+ ProtectKernelModules = true;
+ ProtectKernelTunables = true;
+ ProtectProc = "invisible";
+ RestrictAddressFamilies = "none";
+ RestrictNamespaces = true;
+ RestrictRealtime = true;
+ SystemCallArchitectures = "native";
+ SystemCallFilter = [
+ "@system-service"
+ "~@privileged"
+ "~@resources"
+ ];
+ UMask = "0077";
+ };
+ };
+
+ mkPath = name: keyboard: nameValuePair (mkName name) {
+ description = "kanata trigger for ${keyboard.device}";
+ wantedBy = [ "multi-user.target" ];
+ pathConfig = {
+ PathExists = keyboard.device;
+ };
+ };
+in
+{
+ options.services.kanata = {
+ enable = mkEnableOption "kanata";
+ package = mkOption {
+ type = types.package;
+ default = pkgs.kanata;
+ defaultText = lib.literalExpression "pkgs.kanata";
+ example = lib.literalExpression "pkgs.kanata-with-cmd";
+ description = ''
+ kanata package to use.
+ If you enable danger-enable-cmd, pkgs.kanata-with-cmd should be used.
+ '';
+ };
+ keyboards = mkOption {
+ type = types.attrsOf (types.submodule keyboard);
+ default = { };
+ description = "Keyboard configurations.";
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ hardware.uinput.enable = true;
+
+ systemd = {
+ paths = mapAttrs' mkPath cfg.keyboards;
+ services = mapAttrs' mkService cfg.keyboards;
+ };
+ };
+
+ meta.maintainers = with lib.maintainers; [ linj ];
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/lcd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/lcd.nix
index dc8595ea60c..ec4b27bd848 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/lcd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/lcd.nix
@@ -36,26 +36,26 @@ in with lib; {
serverHost = mkOption {
type = str;
default = "localhost";
- description = "Host on which LCDd is listening.";
+ description = lib.mdDoc "Host on which LCDd is listening.";
};
serverPort = mkOption {
type = int;
default = 13666;
- description = "Port on which LCDd is listening.";
+ description = lib.mdDoc "Port on which LCDd is listening.";
};
server = {
enable = mkOption {
type = bool;
default = false;
- description = "Enable the LCD panel server (LCDd)";
+ description = lib.mdDoc "Enable the LCD panel server (LCDd)";
};
openPorts = mkOption {
type = bool;
default = false;
- description = "Open the ports in the firewall";
+ description = lib.mdDoc "Open the ports in the firewall";
};
usbPermissions = mkOption {
@@ -86,25 +86,25 @@ in with lib; {
usbVid = mkOption {
type = str;
default = "";
- description = "The vendor ID of the USB device to claim.";
+ description = lib.mdDoc "The vendor ID of the USB device to claim.";
};
usbPid = mkOption {
type = str;
default = "";
- description = "The product ID of the USB device to claim.";
+ description = lib.mdDoc "The product ID of the USB device to claim.";
};
usbGroup = mkOption {
type = str;
default = "dialout";
- description = "The group to use for settings permissions. This group must exist or you will have to create it.";
+ description = lib.mdDoc "The group to use for settings permissions. This group must exist or you will have to create it.";
};
extraConfig = mkOption {
type = lines;
default = "";
- description = "Additional configuration added verbatim to the server config.";
+ description = lib.mdDoc "Additional configuration added verbatim to the server config.";
};
};
@@ -112,19 +112,19 @@ in with lib; {
enable = mkOption {
type = bool;
default = false;
- description = "Enable the LCD panel client (LCDproc)";
+ description = lib.mdDoc "Enable the LCD panel client (LCDproc)";
};
extraConfig = mkOption {
type = lines;
default = "";
- description = "Additional configuration added verbatim to the client config.";
+ description = lib.mdDoc "Additional configuration added verbatim to the client config.";
};
restartForever = mkOption {
type = bool;
default = true;
- description = "Try restarting the client forever.";
+ description = lib.mdDoc "Try restarting the client forever.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/lirc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/lirc.nix
index f970b0a095c..dfdd768c354 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/lirc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/lirc.nix
@@ -19,18 +19,18 @@ in {
[lircd]
nodaemon = False
'';
- description = "LIRC default options descriped in man:lircd(8) (lirc_options.conf)";
+ description = lib.mdDoc "LIRC default options descriped in man:lircd(8) ({file}`lirc_options.conf`)";
};
configs = mkOption {
type = types.listOf types.lines;
- description = "Configurations for lircd to load, see man:lircd.conf(5) for details (lircd.conf)";
+ description = lib.mdDoc "Configurations for lircd to load, see man:lircd.conf(5) for details ({file}`lircd.conf`)";
};
extraArguments = mkOption {
type = types.listOf types.str;
default = [];
- description = "Extra arguments to lircd.";
+ description = lib.mdDoc "Extra arguments to lircd.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/nvidia-optimus.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/nvidia-optimus.nix
index d53175052c7..5b5273ed782 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/nvidia-optimus.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/nvidia-optimus.nix
@@ -11,7 +11,7 @@ let kernel = config.boot.kernelPackages; in
hardware.nvidiaOptimus.disable = lib.mkOption {
default = false;
type = lib.types.bool;
- description = ''
+ description = lib.mdDoc ''
Completely disable the NVIDIA graphics card and use the
integrated graphics processor instead.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/pcscd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/pcscd.nix
index b1a5c680a02..c4ae6e19b79 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/pcscd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/pcscd.nix
@@ -23,7 +23,7 @@ in
default = [ pkgs.ccid ];
defaultText = literalExpression "[ pkgs.ccid ]";
example = literalExpression "[ pkgs.pcsc-cyberjack ]";
- description = "Plugin packages to be used for PCSC-Lite.";
+ description = lib.mdDoc "Plugin packages to be used for PCSC-Lite.";
};
readerConfig = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/pommed.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/pommed.nix
index bf7d6a46a29..a71004c1767 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/pommed.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/pommed.nix
@@ -13,7 +13,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use the pommed tool to handle Apple laptop
keyboard hotkeys.
'';
@@ -22,12 +22,12 @@ in {
configFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
- The path to the pommed.conf file. Leave
+ description = lib.mdDoc ''
+ The path to the {file}`pommed.conf` file. Leave
to null to use the default config file
- (/etc/pommed.conf.mactel). See the
- files /etc/pommed.conf.mactel and
- /etc/pommed.conf.pmac for examples to
+ ({file}`/etc/pommed.conf.mactel`). See the
+ files {file}`/etc/pommed.conf.mactel` and
+ {file}`/etc/pommed.conf.pmac` for examples to
build on.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/power-profiles-daemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/power-profiles-daemon.nix
index 4144bc66708..101da01b4a7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/power-profiles-daemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/power-profiles-daemon.nix
@@ -18,7 +18,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable power-profiles-daemon, a DBus daemon that allows
changing system behavior based upon user-selected power profiles.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/rasdaemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/rasdaemon.nix
index 2d4c6d2ce95..7048a56cb7f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/rasdaemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/rasdaemon.nix
@@ -15,13 +15,13 @@ in
record = mkOption {
type = types.bool;
default = true;
- description = "record events via sqlite3, required for ras-mc-ctl";
+ description = lib.mdDoc "record events via sqlite3, required for ras-mc-ctl";
};
mainboard = mkOption {
type = types.lines;
default = "";
- description = "Custom mainboard description, see ras-mc-ctl8 for more details.";
+ description = lib.mdDoc "Custom mainboard description, see {manpage}`ras-mc-ctl(8)` for more details.";
example = ''
vendor = ASRock
model = B450M Pro4
@@ -40,7 +40,7 @@ in
labels = mkOption {
type = types.lines;
default = "";
- description = "Additional memory module label descriptions to be placed in /etc/ras/dimm_labels.d/labels";
+ description = lib.mdDoc "Additional memory module label descriptions to be placed in /etc/ras/dimm_labels.d/labels";
example = ''
# vendor and model may be shown by 'ras-mc-ctl --mainboard'
vendor: ASRock
@@ -57,7 +57,7 @@ in
config = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
rasdaemon configuration, currently only used for CE PFA
for details, read rasdaemon.outPath/etc/sysconfig/rasdaemon's comments
'';
@@ -72,7 +72,7 @@ in
extraModules = mkOption {
type = types.listOf types.str;
default = [];
- description = "extra kernel modules to load";
+ description = lib.mdDoc "extra kernel modules to load";
example = [ "i7core_edac" ];
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane.nix
index caf232e234e..aaf19c1cc0a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane.nix
@@ -60,7 +60,7 @@ in
hardware.sane.snapshot = mkOption {
type = types.bool;
default = false;
- description = "Use a development snapshot of SANE scanner drivers.";
+ description = lib.mdDoc "Use a development snapshot of SANE scanner drivers.";
};
hardware.sane.extraBackends = mkOption {
@@ -80,9 +80,9 @@ in
type = types.listOf types.str;
default = [];
example = [ "v4l" ];
- description = ''
+ description = lib.mdDoc ''
Names of backends which are enabled by default but should be disabled.
- See $SANE_CONFIG_DIR/dll.conf for the list of possible names.
+ See `$SANE_CONFIG_DIR/dll.conf` for the list of possible names.
'';
};
@@ -96,7 +96,7 @@ in
type = types.lines;
default = "";
example = "192.168.0.16";
- description = ''
+ description = lib.mdDoc ''
Network hosts that should be probed for remote scanners.
'';
};
@@ -105,7 +105,7 @@ in
type = types.bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable drivers for the Fujitsu ScanSnap scanners.
The driver files are unfree and extracted from the Windows driver image.
@@ -116,22 +116,22 @@ in
type = types.package;
default = pkgs.sane-drivers.epjitsu;
defaultText = literalExpression "pkgs.sane-drivers.epjitsu";
- description = ''
+ description = lib.mdDoc ''
Epjitsu driver package to use. Useful if you want to extract the driver files yourself.
- The process is described in the /etc/sane.d/epjitsu.conf file in
- the sane-backends package.
+ The process is described in the `/etc/sane.d/epjitsu.conf` file in
+ the `sane-backends` package.
'';
};
services.saned.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable saned network daemon for remote connection to scanners.
- saned would be runned from scanner user; to allow
- access to hardware that doesn't have scanner group
+ saned would be runned from `scanner` user; to allow
+ access to hardware that doesn't have `scanner` group
you should add needed groups to this user.
'';
};
@@ -140,7 +140,7 @@ in
type = types.lines;
default = "";
example = "192.168.0.0/24";
- description = ''
+ description = lib.mdDoc ''
Extra saned configuration lines.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix
index 8f999810840..f01446c411e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane_extra_backends/brscan4.nix
@@ -15,7 +15,7 @@ let
name = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The friendly name you give to the network device. If undefined,
the name of attribute will be used.
'';
@@ -25,7 +25,7 @@ let
model = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The model of the network device.
'';
@@ -35,7 +35,7 @@ let
ip = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The ip address of the device. If undefined, you will have to
provide a nodename.
'';
@@ -46,7 +46,7 @@ let
nodename = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The node name of the device. If undefined, you will have to
provide an ip.
'';
@@ -82,7 +82,7 @@ in
office2 = { model = "MFC-7860DW"; nodename = "BRW0080927AFBCE"; };
};
type = with types; attrsOf (submodule netDeviceOpts);
- description = ''
+ description = lib.mdDoc ''
The list of network devices that will be registered against the brscan4
sane backend.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane_extra_backends/brscan5.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane_extra_backends/brscan5.nix
index 2e4ad8cc3ba..506cb8167ea 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane_extra_backends/brscan5.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/sane_extra_backends/brscan5.nix
@@ -15,7 +15,7 @@ let
name = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The friendly name you give to the network device. If undefined,
the name of attribute will be used.
'';
@@ -25,7 +25,7 @@ let
model = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The model of the network device.
'';
@@ -35,7 +35,7 @@ let
ip = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The ip address of the device. If undefined, you will have to
provide a nodename.
'';
@@ -46,7 +46,7 @@ let
nodename = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The node name of the device. If undefined, you will have to
provide an ip.
'';
@@ -77,7 +77,7 @@ in
office2 = { model = "MFC-7860DW"; nodename = "BRW0080927AFBCE"; };
};
type = with types; attrsOf (submodule netDeviceOpts);
- description = ''
+ description = lib.mdDoc ''
The list of network devices that will be registered against the brscan5
sane backend.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/tcsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/tcsd.nix
index e414b9647c9..f22924d410d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/tcsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/tcsd.nix
@@ -40,7 +40,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable tcsd, a Trusted Computing management service
that provides TCG Software Stack (TSS). The tcsd daemon is
the only portal to the Trusted Platform Module (TPM), a hardware
@@ -51,19 +51,19 @@ in
user = mkOption {
default = "tss";
type = types.str;
- description = "User account under which tcsd runs.";
+ description = lib.mdDoc "User account under which tcsd runs.";
};
group = mkOption {
default = "tss";
type = types.str;
- description = "Group account under which tcsd runs.";
+ description = lib.mdDoc "Group account under which tcsd runs.";
};
stateDir = mkOption {
default = "/var/lib/tpm";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The location of the system persistent storage file.
The system persistent storage file holds keys and data across
restarts of the TCSD and system reboots.
@@ -73,20 +73,20 @@ in
firmwarePCRs = mkOption {
default = "0,1,2,3,4,5,6,7";
type = types.str;
- description = "PCR indices used in the TPM for firmware measurements.";
+ description = lib.mdDoc "PCR indices used in the TPM for firmware measurements.";
};
kernelPCRs = mkOption {
default = "8,9,10,11,12";
type = types.str;
- description = "PCR indices used in the TPM for kernel measurements.";
+ description = lib.mdDoc "PCR indices used in the TPM for kernel measurements.";
};
platformCred = mkOption {
default = "${cfg.stateDir}/platform.cert";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/platform.cert"'';
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the platform credential for your TPM. Your TPM
manufacturer may have provided you with a set of credentials
(certificates) that should be used when creating identities
@@ -100,7 +100,7 @@ in
default = "${cfg.stateDir}/conformance.cert";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/conformance.cert"'';
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the conformance credential for your TPM.
See also the platformCred option'';
};
@@ -109,7 +109,7 @@ in
default = "${cfg.stateDir}/endorsement.cert";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/endorsement.cert"'';
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the endorsement credential for your TPM.
See also the platformCred option'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/thermald.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/thermald.nix
index fcd02ea90c6..b433f46f286 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/thermald.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/thermald.nix
@@ -14,7 +14,7 @@ in
debug = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable debug logging.
'';
};
@@ -22,14 +22,14 @@ in
configFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "the thermald manual configuration file.";
+ description = lib.mdDoc "the thermald manual configuration file.";
};
package = mkOption {
type = types.package;
default = pkgs.thermald;
defaultText = literalExpression "pkgs.thermald";
- description = "Which thermald package to use.";
+ description = lib.mdDoc "Which thermald package to use.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/thinkfan.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/thinkfan.nix
index 4ea829e496e..86dabe71a4f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/thinkfan.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/thinkfan.nix
@@ -29,16 +29,16 @@ let
options = {
type = mkOption {
type = types.enum [ "hwmon" "atasmart" "tpacpi" "nvml" ];
- description = ''
+ description = lib.mdDoc ''
The ${name} type, can be
- hwmon for standard ${name}s,
+ `hwmon` for standard ${name}s,
- atasmart to read the temperature via
+ `atasmart` to read the temperature via
S.M.A.R.T (requires smartSupport to be enabled),
- tpacpi for the legacy thinkpac_acpi driver, or
+ `tpacpi` for the legacy thinkpac_acpi driver, or
- nvml for the (proprietary) nVidia driver.
+ `nvml` for the (proprietary) nVidia driver.
'';
};
query = mkOption {
@@ -67,7 +67,7 @@ let
correction = mkOption {
type = with types; nullOr (listOf int);
default = null;
- description = ''
+ description = lib.mdDoc ''
A list of values to be added to the temperature of each sensor,
can be used to equalize small discrepancies in temperature ratings.
'';
@@ -118,7 +118,7 @@ in {
smartSupport = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to build thinkfan with S.M.A.R.T. support to read temperatures
directly from hard disks.
'';
@@ -159,7 +159,7 @@ in {
[7 60 85]
["level auto" 80 32767]
];
- description = ''
+ description = lib.mdDoc ''
[LEVEL LOW HIGH]
LEVEL is the fan level to use: it can be an integer (0-7 with thinkpad_acpi),
@@ -175,7 +175,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "-b" "0" ];
- description = ''
+ description = lib.mdDoc ''
A list of extra command line arguments to pass to thinkfan.
Check the thinkfan(1) manpage for available arguments.
'';
@@ -184,12 +184,12 @@ in {
settings = mkOption {
type = types.attrsOf settingsFormat.type;
default = { };
- description = ''
+ description = lib.mdDoc ''
Thinkfan settings. Use this option to configure thinkfan
settings not exposed in a NixOS option or to bypass one.
- Before changing this, read the thinkfan.conf(5)
+ Before changing this, read the `thinkfan.conf(5)`
manpage and take a look at the example config file at
-
+
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/throttled.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/throttled.nix
index 1905eb565c6..559b29627cb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/throttled.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/throttled.nix
@@ -12,7 +12,7 @@ in {
extraConfig = mkOption {
type = types.str;
default = "";
- description = "Alternative configuration";
+ description = lib.mdDoc "Alternative configuration";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/tlp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/tlp.nix
index eb53f565a67..d2cc7c661c6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/tlp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/tlp.nix
@@ -20,7 +20,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the TLP power management daemon.";
+ description = lib.mdDoc "Whether to enable the TLP power management daemon.";
};
settings = mkOption {type = with types; attrsOf (oneOf [bool int float str (listOf str)]);
@@ -29,7 +29,7 @@ in
SATA_LINKPWR_ON_BAT = "med_power_with_dipm";
USB_BLACKLIST_PHONE = 1;
};
- description = ''
+ description = lib.mdDoc ''
Options passed to TLP. See https://linrunner.de/tlp for all supported options..
'';
};
@@ -37,7 +37,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Verbatim additional configuration variables for TLP.
DEPRECATED: use services.tlp.settings instead.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/trezord.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/trezord.nix
index a65d4250c2e..70c1fd09860 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/trezord.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/trezord.nix
@@ -18,7 +18,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Trezor bridge daemon, for use with Trezor hardware bitcoin wallets.
'';
};
@@ -26,7 +26,7 @@ in {
emulator.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Trezor emulator support.
'';
};
@@ -34,7 +34,7 @@ in {
emulator.port = mkOption {
type = types.port;
default = 21324;
- description = ''
+ description = lib.mdDoc ''
Listening port for the Trezor emulator.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/triggerhappy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/triggerhappy.nix
index c2fa87875e1..54eac70643f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/triggerhappy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/triggerhappy.nix
@@ -22,18 +22,18 @@ let
keys = mkOption {
type = types.listOf types.str;
- description = "List of keys to match. Key names as defined in linux/input-event-codes.h";
+ description = lib.mdDoc "List of keys to match. Key names as defined in linux/input-event-codes.h";
};
event = mkOption {
type = types.enum ["press" "hold" "release"];
default = "press";
- description = "Event to match.";
+ description = lib.mdDoc "Event to match.";
};
cmd = mkOption {
type = types.str;
- description = "What to run.";
+ description = lib.mdDoc "What to run.";
};
};
@@ -52,8 +52,8 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to enable the triggerhappy hotkey daemon.
+ description = lib.mdDoc ''
+ Whether to enable the {command}`triggerhappy` hotkey daemon.
'';
};
@@ -61,8 +61,8 @@ in
type = types.str;
default = "nobody";
example = "root";
- description = ''
- User account under which triggerhappy runs.
+ description = lib.mdDoc ''
+ User account under which {command}`triggerhappy` runs.
'';
};
@@ -72,16 +72,16 @@ in
example = lib.literalExpression ''
[ { keys = ["PLAYPAUSE"]; cmd = "''${pkgs.mpc-cli}/bin/mpc -q toggle"; } ]
'';
- description = ''
- Key bindings for triggerhappy.
+ description = lib.mdDoc ''
+ Key bindings for {command}`triggerhappy`.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
- Literal contents to append to the end of triggerhappy configuration file.
+ description = lib.mdDoc ''
+ Literal contents to append to the end of {command}`triggerhappy` configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/udev.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/udev.nix
index 2e9deebbb74..514763e409a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/udev.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/udev.nix
@@ -196,7 +196,7 @@ in
boot.hardwareScan = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to try to load kernel modules for all detected hardware.
Usually this does a good job of providing you with the modules
you need, but sometimes it can crash the system or cause other
@@ -234,9 +234,9 @@ in
ENV{ID_VENDOR_ID}=="046d", ENV{ID_MODEL_ID}=="0825", ENV{PULSE_IGNORE}="1"
'';
type = types.lines;
- description = ''
- Additional udev rules. They'll be written
- into file 99-local.rules. Thus they are
+ description = lib.mdDoc ''
+ Additional {command}`udev` rules. They'll be written
+ into file {file}`99-local.rules`. Thus they are
read and applied after all other rules.
'';
};
@@ -249,9 +249,9 @@ in
KEYBOARD_KEY_700e2=leftctrl
'';
type = types.lines;
- description = ''
- Additional hwdb files. They'll be written
- into file 99-local.hwdb. Thus they are
+ description = lib.mdDoc ''
+ Additional {command}`hwdb` files. They'll be written
+ into file {file}`99-local.hwdb`. Thus they are
read after all other files.
'';
};
@@ -261,7 +261,7 @@ in
hardware.firmware = mkOption {
type = types.listOf types.package;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of packages containing firmware files. Such files
will be loaded automatically if the kernel asks for them
(i.e., when it has detected specific hardware that requires
@@ -331,10 +331,10 @@ in
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:1D:60:B9:6D:4F", KERNEL=="eth*", NAME="my_fast_network_card"
'';
type = types.lines;
- description = ''
- udev rules to include in the initrd
- only. They'll be written into file
- 99-local.rules. Thus they are read and applied
+ description = lib.mdDoc ''
+ {command}`udev` rules to include in the initrd
+ *only*. They'll be written into file
+ {file}`99-local.rules`. Thus they are read and applied
after the essential initrd rules.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/udisks2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/udisks2.nix
index ea552ce867e..f9b5afceac3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/udisks2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/udisks2.nix
@@ -22,7 +22,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Udisks, a DBus service that allows
applications to query and manipulate storage devices.
'';
@@ -51,10 +51,10 @@ in
};
};
'';
- description = ''
+ description = lib.mdDoc ''
Options passed to udisksd.
- See here and
- drive configuration in here for supported options.
+ See [here](http://manpages.ubuntu.com/manpages/latest/en/man5/udisks2.conf.5.html) and
+ drive configuration in [here](http://manpages.ubuntu.com/manpages/latest/en/man8/udisks.8.html) for supported options.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/undervolt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/undervolt.nix
index a743bbf21c8..2bf37b41126 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/undervolt.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/undervolt.nix
@@ -42,7 +42,7 @@ in
verbose = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable verbose logging.
'';
};
@@ -51,7 +51,7 @@ in
type = types.package;
default = pkgs.undervolt;
defaultText = literalExpression "pkgs.undervolt";
- description = ''
+ description = lib.mdDoc ''
undervolt derivation to use.
'';
};
@@ -59,7 +59,7 @@ in
coreOffset = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The amount of voltage in mV to offset the CPU cores by.
'';
};
@@ -67,7 +67,7 @@ in
gpuOffset = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The amount of voltage in mV to offset the GPU by.
'';
};
@@ -75,7 +75,7 @@ in
uncoreOffset = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The amount of voltage in mV to offset uncore by.
'';
};
@@ -83,7 +83,7 @@ in
analogioOffset = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The amount of voltage in mV to offset analogio by.
'';
};
@@ -91,7 +91,7 @@ in
temp = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The temperature target in Celsius degrees.
'';
};
@@ -99,7 +99,7 @@ in
tempAc = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The temperature target on AC power in Celsius degrees.
'';
};
@@ -107,7 +107,7 @@ in
tempBat = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The temperature target on battery power in Celsius degrees.
'';
};
@@ -115,7 +115,7 @@ in
p1.limit = mkOption {
type = with types; nullOr int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The P1 Power Limit in Watts.
Both limit and window must be set.
'';
@@ -123,7 +123,7 @@ in
p1.window = mkOption {
type = with types; nullOr (oneOf [ float int ]);
default = null;
- description = ''
+ description = lib.mdDoc ''
The P1 Time Window in seconds.
Both limit and window must be set.
'';
@@ -132,7 +132,7 @@ in
p2.limit = mkOption {
type = with types; nullOr int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The P2 Power Limit in Watts.
Both limit and window must be set.
'';
@@ -140,7 +140,7 @@ in
p2.window = mkOption {
type = with types; nullOr (oneOf [ float int ]);
default = null;
- description = ''
+ description = lib.mdDoc ''
The P2 Time Window in seconds.
Both limit and window must be set.
'';
@@ -149,7 +149,7 @@ in
useTimer = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to set a timer that applies the undervolt settings every 30s.
This will cause spam in the journal but might be required for some
hardware under specific conditions.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/upower.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/upower.nix
index 81bf497c993..54208158b1a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/upower.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/upower.nix
@@ -21,7 +21,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Upower, a DBus service that provides power
management support to applications.
'';
@@ -31,7 +31,7 @@ in
type = types.package;
default = pkgs.upower;
defaultText = literalExpression "pkgs.upower";
- description = ''
+ description = lib.mdDoc ''
Which upower package to use.
'';
};
@@ -59,7 +59,7 @@ in
noPollBatteries = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Don't poll the kernel for battery level changes.
Some hardware will send us battery level changes through
@@ -71,7 +71,7 @@ in
ignoreLid = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Do we ignore the lid state
Some laptops are broken. The lid state is either inverted, or stuck
@@ -85,7 +85,7 @@ in
usePercentageForPolicy = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Policy for warnings and action based on battery levels
Whether battery percentage based policy should be used. The default
@@ -99,17 +99,17 @@ in
percentageLow = mkOption {
type = types.ints.unsigned;
default = 10;
- description = ''
- When usePercentageForPolicy is
- true, the levels at which UPower will consider the
+ description = lib.mdDoc ''
+ When `usePercentageForPolicy` is
+ `true`, the levels at which UPower will consider the
battery low.
This will also be used for batteries which don't have time information
such as that of peripherals.
- If any value (of percentageLow,
- percentageCritical and
- percentageAction) is invalid, or not in descending
+ If any value (of `percentageLow`,
+ `percentageCritical` and
+ `percentageAction`) is invalid, or not in descending
order, the defaults will be used.
'';
};
@@ -117,17 +117,17 @@ in
percentageCritical = mkOption {
type = types.ints.unsigned;
default = 3;
- description = ''
- When usePercentageForPolicy is
- true, the levels at which UPower will consider the
+ description = lib.mdDoc ''
+ When `usePercentageForPolicy` is
+ `true`, the levels at which UPower will consider the
battery critical.
This will also be used for batteries which don't have time information
such as that of peripherals.
- If any value (of percentageLow,
- percentageCritical and
- percentageAction) is invalid, or not in descending
+ If any value (of `percentageLow`,
+ `percentageCritical` and
+ `percentageAction`) is invalid, or not in descending
order, the defaults will be used.
'';
};
@@ -135,17 +135,17 @@ in
percentageAction = mkOption {
type = types.ints.unsigned;
default = 2;
- description = ''
- When usePercentageForPolicy is
- true, the levels at which UPower will take action
+ description = lib.mdDoc ''
+ When `usePercentageForPolicy` is
+ `true`, the levels at which UPower will take action
for the critical battery level.
This will also be used for batteries which don't have time information
such as that of peripherals.
- If any value (of percentageLow,
- percentageCritical and
- percentageAction) is invalid, or not in descending
+ If any value (of `percentageLow`,
+ `percentageCritical` and
+ `percentageAction`) is invalid, or not in descending
order, the defaults will be used.
'';
};
@@ -153,13 +153,13 @@ in
timeLow = mkOption {
type = types.ints.unsigned;
default = 1200;
- description = ''
- When usePercentageForPolicy is
- false, the time remaining in seconds at which
+ description = lib.mdDoc ''
+ When `usePercentageForPolicy` is
+ `false`, the time remaining in seconds at which
UPower will consider the battery low.
- If any value (of timeLow,
- timeCritical and timeAction) is
+ If any value (of `timeLow`,
+ `timeCritical` and `timeAction`) is
invalid, or not in descending order, the defaults will be used.
'';
};
@@ -167,13 +167,13 @@ in
timeCritical = mkOption {
type = types.ints.unsigned;
default = 300;
- description = ''
- When usePercentageForPolicy is
- false, the time remaining in seconds at which
+ description = lib.mdDoc ''
+ When `usePercentageForPolicy` is
+ `false`, the time remaining in seconds at which
UPower will consider the battery critical.
- If any value (of timeLow,
- timeCritical and timeAction) is
+ If any value (of `timeLow`,
+ `timeCritical` and `timeAction`) is
invalid, or not in descending order, the defaults will be used.
'';
};
@@ -181,13 +181,13 @@ in
timeAction = mkOption {
type = types.ints.unsigned;
default = 120;
- description = ''
- When usePercentageForPolicy is
- false, the time remaining in seconds at which
+ description = lib.mdDoc ''
+ When `usePercentageForPolicy` is
+ `false`, the time remaining in seconds at which
UPower will take action for the critical battery level.
- If any value (of timeLow,
- timeCritical and timeAction) is
+ If any value (of `timeLow`,
+ `timeCritical` and `timeAction`) is
invalid, or not in descending order, the defaults will be used.
'';
};
@@ -195,9 +195,9 @@ in
criticalPowerAction = mkOption {
type = types.enum [ "PowerOff" "Hibernate" "HybridSleep" ];
default = "HybridSleep";
- description = ''
- The action to take when timeAction or
- percentageAction has been reached for the batteries
+ description = lib.mdDoc ''
+ The action to take when `timeAction` or
+ `percentageAction` has been reached for the batteries
(UPS or laptop batteries) supplying the computer
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/usbmuxd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/usbmuxd.nix
index 11a4b0a858f..b4c954906dd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/usbmuxd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/usbmuxd.nix
@@ -16,7 +16,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the usbmuxd ("USB multiplexing daemon") service. This daemon is
in charge of multiplexing connections over USB to an iOS device. This is
needed for transferring data from and to iOS devices (see ifuse). Also
@@ -27,7 +27,7 @@ in
user = mkOption {
type = types.str;
default = defaultUserGroup;
- description = ''
+ description = lib.mdDoc ''
The user usbmuxd should use to run after startup.
'';
};
@@ -35,7 +35,7 @@ in
group = mkOption {
type = types.str;
default = defaultUserGroup;
- description = ''
+ description = lib.mdDoc ''
The group usbmuxd should use to run after startup.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/usbrelayd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/usbrelayd.nix
index 2cee4e1ff7e..471657190bb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/usbrelayd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/usbrelayd.nix
@@ -9,7 +9,7 @@ in
broker = mkOption {
type = str;
- description = "Hostname or IP address of your MQTT Broker.";
+ description = lib.mdDoc "Hostname or IP address of your MQTT Broker.";
default = "127.0.0.1";
example = [
"mqtt"
@@ -19,7 +19,7 @@ in
clientName = mkOption {
type = str;
- description = "Name, your client connects as.";
+ description = lib.mdDoc "Name, your client connects as.";
default = "MyUSBRelay";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/vdr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/vdr.nix
index 5ec222b805c..4fc2905c096 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/vdr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/vdr.nix
@@ -19,19 +19,19 @@ in {
default = pkgs.vdr;
defaultText = literalExpression "pkgs.vdr";
example = literalExpression "pkgs.wrapVdr.override { plugins = with pkgs.vdrPlugins; [ hello ]; }";
- description = "Package to use.";
+ description = lib.mdDoc "Package to use.";
};
videoDir = mkOption {
type = types.path;
default = "/srv/vdr/video";
- description = "Recording directory";
+ description = lib.mdDoc "Recording directory";
};
extraArguments = mkOption {
type = types.listOf types.str;
default = [];
- description = "Additional command line arguments to pass to VDR.";
+ description = lib.mdDoc "Additional command line arguments to pass to VDR.";
};
enableLirc = mkEnableOption "LIRC";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/xow.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/xow.nix
deleted file mode 100644
index 311181176bd..00000000000
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/hardware/xow.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-let
- cfg = config.services.hardware.xow;
-in {
- options.services.hardware.xow = {
- enable = lib.mkEnableOption "xow as a systemd service";
- };
-
- config = lib.mkIf cfg.enable {
- hardware.uinput.enable = true;
-
- boot.extraModprobeConfig = lib.readFile "${pkgs.xow}/lib/modprobe.d/xow-blacklist.conf";
-
- systemd.packages = [ pkgs.xow ];
- systemd.services.xow.wantedBy = [ "multi-user.target" ];
-
- services.udev.packages = [ pkgs.xow ];
- };
-}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/home-automation/home-assistant.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/home-automation/home-assistant.nix
index 2aacc5e55c6..6324965c621 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/home-automation/home-assistant.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/home-automation/home-assistant.nix
@@ -82,7 +82,7 @@ in {
configDir = mkOption {
default = "/var/lib/hass";
type = types.path;
- description = "The config directory, where your configuration.yaml is located.";
+ description = lib.mdDoc "The config directory, where your {file}`configuration.yaml` is located.";
};
extraComponents = mkOption {
@@ -92,7 +92,7 @@ in {
"default_config"
"met"
"esphome"
- ] ++ optionals (pkgs.stdenv.hostPlatform.isAarch32 || pkgs.stdenv.hostPlatform.isAarch64) [
+ ] ++ optionals pkgs.stdenv.hostPlatform.isAarch [
# Use the platform as an indicator that we might be running on a RaspberryPi and include
# relevant components
"rpi_power"
@@ -107,10 +107,10 @@ in {
"wled"
]
'';
- description = ''
- List of components that have their dependencies included in the package.
+ description = lib.mdDoc ''
+ List of [components](https://www.home-assistant.io/integrations/) that have their dependencies included in the package.
- The component name can be found in the URL, for example https://www.home-assistant.io/integrations/ffmpeg/ would map to ffmpeg.
+ The component name can be found in the URL, for example `https://www.home-assistant.io/integrations/ffmpeg/` would map to `ffmpeg`.
'';
};
@@ -148,7 +148,7 @@ in {
type = types.nullOr types.str;
default = null;
example = "Home";
- description = ''
+ description = lib.mdDoc ''
Name of the location where Home Assistant is running.
'';
};
@@ -157,7 +157,7 @@ in {
type = types.nullOr (types.either types.float types.str);
default = null;
example = 52.3;
- description = ''
+ description = lib.mdDoc ''
Latitude of your location required to calculate the time the sun rises and sets.
'';
};
@@ -166,7 +166,7 @@ in {
type = types.nullOr (types.either types.float types.str);
default = null;
example = 4.9;
- description = ''
+ description = lib.mdDoc ''
Longitude of your location required to calculate the time the sun rises and sets.
'';
};
@@ -175,7 +175,7 @@ in {
type = types.nullOr (types.enum [ "metric" "imperial" ]);
default = null;
example = "metric";
- description = ''
+ description = lib.mdDoc ''
The unit system to use. This also sets temperature_unit, Celsius for Metric and Fahrenheit for Imperial.
'';
};
@@ -184,8 +184,8 @@ in {
type = types.nullOr (types.enum [ "C" "F" ]);
default = null;
example = "C";
- description = ''
- Override temperature unit set by unit_system. C for Celsius, F for Fahrenheit.
+ description = lib.mdDoc ''
+ Override temperature unit set by unit_system. `C` for Celsius, `F` for Fahrenheit.
'';
};
@@ -196,8 +196,8 @@ in {
config.time.timeZone or null
'';
example = "Europe/Amsterdam";
- description = ''
- Pick your time zone from the column TZ of Wikipedia’s list of tz database time zones.
+ description = lib.mdDoc ''
+ Pick your time zone from the column TZ of Wikipedia’s [list of tz database time zones](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones).
'';
};
};
@@ -211,7 +211,7 @@ in {
"::"
];
example = "::1";
- description = ''
+ description = lib.mdDoc ''
Only listen to incoming requests on specific IP/host. The default listed assumes support for IPv4 and IPv6.
'';
};
@@ -219,7 +219,7 @@ in {
server_port = mkOption {
default = 8123;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
The port on which to listen.
'';
};
@@ -238,8 +238,8 @@ in {
else "storage";
'';
example = "yaml";
- description = ''
- In what mode should the main Lovelace panel be, yaml or storage (UI managed).
+ description = lib.mdDoc ''
+ In what mode should the main Lovelace panel be, `yaml` or `storage` (UI managed).
'';
};
};
@@ -262,14 +262,14 @@ in {
feedreader.urls = [ "https://nixos.org/blogs.xml" ];
}
'';
- description = ''
- Your configuration.yaml as a Nix attribute set.
+ description = lib.mdDoc ''
+ Your {file}`configuration.yaml` as a Nix attribute set.
- YAML functions like secrets
+ YAML functions like [secrets](https://www.home-assistant.io/docs/configuration/secrets/)
can be passed as a string and will be unquoted automatically.
- Unless this option is explicitly set to null
- we assume your configuration.yaml is
+ Unless this option is explicitly set to `null`
+ we assume your {file}`configuration.yaml` is
managed through this module and thereby overwritten on startup.
'';
};
@@ -277,12 +277,12 @@ in {
configWritable = mkOption {
default = false;
type = types.bool;
- description = ''
- Whether to make configuration.yaml writable.
+ description = lib.mdDoc ''
+ Whether to make {file}`configuration.yaml` writable.
This will allow you to edit it from Home Assistant's web interface.
- This only has an effect if is set.
+ This only has an effect if {option}`config` is set.
However, bear in mind that it will be overwritten at every start of the service.
'';
};
@@ -304,23 +304,23 @@ in {
} ];
}
'';
- description = ''
- Your ui-lovelace.yaml as a Nix attribute set.
- Setting this option will automatically set lovelace.mode to yaml.
+ description = lib.mdDoc ''
+ Your {file}`ui-lovelace.yaml` as a Nix attribute set.
+ Setting this option will automatically set `lovelace.mode` to `yaml`.
- Beware that setting this option will delete your previous ui-lovelace.yaml
+ Beware that setting this option will delete your previous {file}`ui-lovelace.yaml`
'';
};
lovelaceConfigWritable = mkOption {
default = false;
type = types.bool;
- description = ''
- Whether to make ui-lovelace.yaml writable.
+ description = lib.mdDoc ''
+ Whether to make {file}`ui-lovelace.yaml` writable.
This will allow you to edit it from Home Assistant's web interface.
- This only has an effect if is set.
+ This only has an effect if {option}`lovelaceConfig` is set.
However, bear in mind that it will be overwritten at every start of the service.
'';
};
@@ -347,7 +347,7 @@ in {
];
}
'';
- description = ''
+ description = lib.mdDoc ''
The Home Assistant package to use.
'';
};
@@ -355,7 +355,7 @@ in {
openFirewall = mkOption {
default = false;
type = types.bool;
- description = "Whether to open the firewall for the specified port.";
+ description = lib.mdDoc "Whether to open the firewall for the specified port.";
};
};
@@ -389,10 +389,9 @@ in {
"mysql.service"
"postgresql.service"
];
- reloadTriggers = [
- configFile
- lovelaceConfigFile
- ];
+ reloadTriggers = lib.optional (cfg.config != null) configFile
+ ++ lib.optional (cfg.lovelaceConfig != null) lovelaceConfigFile;
+
preStart = let
copyConfig = if cfg.configWritable then ''
cp --no-preserve=mode ${configFile} "${cfg.configDir}/configuration.yaml"
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/home-automation/zigbee2mqtt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/home-automation/zigbee2mqtt.nix
index ff6d595e5a6..48474ab3fac 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/home-automation/zigbee2mqtt.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/home-automation/zigbee2mqtt.nix
@@ -21,7 +21,7 @@ in
enable = mkEnableOption "enable zigbee2mqtt service";
package = mkOption {
- description = "Zigbee2mqtt package to use";
+ description = lib.mdDoc "Zigbee2mqtt package to use";
default = pkgs.zigbee2mqtt;
defaultText = literalExpression ''
pkgs.zigbee2mqtt
@@ -30,7 +30,7 @@ in
};
dataDir = mkOption {
- description = "Zigbee2mqtt data directory";
+ description = lib.mdDoc "Zigbee2mqtt data directory";
default = "/var/lib/zigbee2mqtt";
type = types.path;
};
@@ -47,9 +47,9 @@ in
};
}
'';
- description = ''
- Your configuration.yaml as a Nix attribute set.
- Check the documentation
+ description = lib.mdDoc ''
+ Your {file}`configuration.yaml` as a Nix attribute set.
+ Check the [documentation](https://www.zigbee2mqtt.io/information/configuration.html)
for possible options.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/SystemdJournal2Gelf.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/SystemdJournal2Gelf.nix
index f28ecab8ac2..3d85c2b62c6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/SystemdJournal2Gelf.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/SystemdJournal2Gelf.nix
@@ -10,7 +10,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable SystemdJournal2Gelf.
'';
};
@@ -18,7 +18,7 @@ in
graylogServer = mkOption {
type = types.str;
example = "graylog2.example.com:11201";
- description = ''
+ description = lib.mdDoc ''
Host and port of your graylog2 input. This should be a GELF
UDP input.
'';
@@ -27,9 +27,9 @@ in
extraOptions = mkOption {
type = types.separatedString " ";
default = "";
- description = ''
+ description = lib.mdDoc ''
Any extra flags to pass to SystemdJournal2Gelf. Note that
- these are basically journalctl flags.
+ these are basically `journalctl` flags.
'';
};
@@ -37,7 +37,7 @@ in
type = types.package;
default = pkgs.systemd-journal2gelf;
defaultText = literalExpression "pkgs.systemd-journal2gelf";
- description = ''
+ description = lib.mdDoc ''
SystemdJournal2Gelf package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/awstats.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/awstats.nix
index df0124380ff..8dbf895a769 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/awstats.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/awstats.nix
@@ -11,14 +11,14 @@ let
type = types.enum [ "mail" "web" ];
default = "web";
example = "mail";
- description = ''
+ description = lib.mdDoc ''
The type of log being collected.
'';
};
domain = mkOption {
type = types.str;
default = name;
- description = "The domain name to collect stats for.";
+ description = lib.mdDoc "The domain name to collect stats for.";
example = "example.com";
};
@@ -52,7 +52,7 @@ let
type = types.listOf types.str;
default = [];
example = [ "www.example.org" ];
- description = ''
+ description = lib.mdDoc ''
List of aliases the site has.
'';
};
@@ -65,7 +65,7 @@ let
"ValidHTTPCodes" = "404";
}
'';
- description = "Extra configuration to be appended to awstats.\${name}.conf.";
+ description = lib.mdDoc "Extra configuration to be appended to awstats.\${name}.conf.";
};
webService = {
@@ -74,13 +74,13 @@ let
hostname = mkOption {
type = types.str;
default = config.domain;
- description = "The hostname the web service appears under.";
+ description = lib.mdDoc "The hostname the web service appears under.";
};
urlPrefix = mkOption {
type = types.str;
default = "/awstats";
- description = "The URL prefix under which the awstats pages appear.";
+ description = lib.mdDoc "The URL prefix under which the awstats pages appear.";
};
};
};
@@ -100,7 +100,7 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/awstats";
- description = "The directory where awstats data will be stored.";
+ description = lib.mdDoc "The directory where awstats data will be stored.";
};
configs = mkOption {
@@ -114,7 +114,7 @@ in
};
}
'';
- description = "Attribute set of domains to collect stats for.";
+ description = lib.mdDoc "Attribute set of domains to collect stats for.";
};
updateAt = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/filebeat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/filebeat.nix
index 223a993c505..ec8df0a7b87 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/filebeat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/filebeat.nix
@@ -25,7 +25,7 @@ in
default = pkgs.filebeat;
defaultText = literalExpression "pkgs.filebeat";
example = literalExpression "pkgs.filebeat7";
- description = ''
+ description = lib.mdDoc ''
The filebeat package to use.
'';
};
@@ -53,12 +53,12 @@ in
type = mkOption {
type = types.str;
default = name;
- description = ''
+ description = lib.mdDoc ''
The input type.
- Look for the value after type: on
+ Look for the value after `type:` on
the individual input pages linked from
- .
+ .
'';
};
};
@@ -103,12 +103,12 @@ in
module = mkOption {
type = types.str;
default = name;
- description = ''
+ description = lib.mdDoc ''
The name of the module.
- Look for the value after module: on
+ Look for the value after `module:` on
the individual input pages linked from
- .
+ .
'';
};
};
@@ -139,7 +139,7 @@ in
type = with types; listOf str;
default = [ "127.0.0.1:9200" ];
example = [ "myEShost:9200" ];
- description = ''
+ description = lib.mdDoc ''
The list of Elasticsearch nodes to connect to.
The events are distributed to these nodes in round
@@ -147,10 +147,10 @@ in
event is automatically sent to another node. Each
Elasticsearch node can be defined as a URL or
IP:PORT. For example:
- http://192.15.3.2,
- https://es.found.io:9230 or
- 192.24.3.2:9300. If no port is
- specified, 9200 is used.
+ `http://192.15.3.2`,
+ `https://es.found.io:9230` or
+ `192.24.3.2:9300`. If no port is
+ specified, `9200` is used.
'';
};
@@ -200,20 +200,20 @@ in
};
'';
- description = ''
+ description = lib.mdDoc ''
Configuration for filebeat. See
-
+
for supported values.
Options containing secret data should be set to an attribute
- set containing the attribute _secret - a
+ set containing the attribute `_secret` - a
string pointing to a file containing the value the option
should be set to. See the example to get a better picture of
this: in the resulting
- filebeat.yml file, the
- output.elasticsearch.password
+ {file}`filebeat.yml` file, the
+ `output.elasticsearch.password`
key will be set to the contents of the
- /var/keys/elasticsearch_password file.
+ {file}`/var/keys/elasticsearch_password` file.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/fluentd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/fluentd.nix
index dd19617a13f..fe9f4b07e16 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/fluentd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/fluentd.nix
@@ -15,26 +15,26 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable fluentd.";
+ description = lib.mdDoc "Whether to enable fluentd.";
};
config = mkOption {
type = types.lines;
default = "";
- description = "Fluentd config.";
+ description = lib.mdDoc "Fluentd config.";
};
package = mkOption {
type = types.path;
default = pkgs.fluentd;
defaultText = literalExpression "pkgs.fluentd";
- description = "The fluentd package to use.";
+ description = lib.mdDoc "The fluentd package to use.";
};
plugins = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of plugin paths to pass into fluentd. It will make plugins defined in ruby files
there available in your config.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/graylog.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/graylog.nix
index 28e2d18bf03..9f7160b3e87 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/graylog.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/graylog.nix
@@ -39,30 +39,30 @@ in
type = types.package;
default = pkgs.graylog;
defaultText = literalExpression "pkgs.graylog";
- description = "Graylog package to use.";
+ description = lib.mdDoc "Graylog package to use.";
};
user = mkOption {
type = types.str;
default = "graylog";
- description = "User account under which graylog runs";
+ description = lib.mdDoc "User account under which graylog runs";
};
isMaster = mkOption {
type = types.bool;
default = true;
- description = "Whether this is the master instance of your Graylog cluster";
+ description = lib.mdDoc "Whether this is the master instance of your Graylog cluster";
};
nodeIdFile = mkOption {
type = types.str;
default = "/var/lib/graylog/server/node-id";
- description = "Path of the file containing the graylog node-id";
+ description = lib.mdDoc "Path of the file containing the graylog node-id";
};
passwordSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters.
Generate one by using for example: pwgen -N 1 -s 96
'';
@@ -71,13 +71,13 @@ in
rootUsername = mkOption {
type = types.str;
default = "admin";
- description = "Name of the default administrator user";
+ description = lib.mdDoc "Name of the default administrator user";
};
rootPasswordSha2 = mkOption {
type = types.str;
example = "e3c652f0ba0b4801205814f8b6bc49672c4c74e25b497770bb89b22cdeb4e952";
- description = ''
+ description = lib.mdDoc ''
You MUST specify a hash password for the root user (which you only need to initially set up the
system and in case you lose connectivity to your authentication backend)
This password cannot be changed using the API or via the web interface. If you need to change it,
@@ -90,29 +90,29 @@ in
elasticsearchHosts = mkOption {
type = types.listOf types.str;
example = literalExpression ''[ "http://node1:9200" "http://user:password@node2:19200" ]'';
- description = "List of valid URIs of the http ports of your elastic nodes. If one or more of your elasticsearch hosts require authentication, include the credentials in each node URI that requires authentication";
+ description = lib.mdDoc "List of valid URIs of the http ports of your elastic nodes. If one or more of your elasticsearch hosts require authentication, include the credentials in each node URI that requires authentication";
};
messageJournalDir = mkOption {
type = types.str;
default = "/var/lib/graylog/data/journal";
- description = "The directory which will be used to store the message journal. The directory must be exclusively used by Graylog and must not contain any other files than the ones created by Graylog itself";
+ description = lib.mdDoc "The directory which will be used to store the message journal. The directory must be exclusively used by Graylog and must not contain any other files than the ones created by Graylog itself";
};
mongodbUri = mkOption {
type = types.str;
default = "mongodb://localhost/graylog";
- description = "MongoDB connection string. See http://docs.mongodb.org/manual/reference/connection-string/ for details";
+ description = lib.mdDoc "MongoDB connection string. See http://docs.mongodb.org/manual/reference/connection-string/ for details";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Any other configuration options you might want to add";
+ description = lib.mdDoc "Any other configuration options you might want to add";
};
plugins = mkOption {
- description = "Extra graylog plugins";
+ description = lib.mdDoc "Extra graylog plugins";
default = [ ];
type = types.listOf types.package;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/heartbeat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/heartbeat.nix
index 56fb4deabda..72fbf41739d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/heartbeat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/heartbeat.nix
@@ -20,22 +20,32 @@ in
enable = mkEnableOption "heartbeat";
+ package = mkOption {
+ type = types.package;
+ default = pkgs.heartbeat;
+ defaultText = literalExpression "pkgs.heartbeat";
+ example = literalExpression "pkgs.heartbeat7";
+ description = lib.mdDoc ''
+ The heartbeat package to use.
+ '';
+ };
+
name = mkOption {
type = types.str;
default = "heartbeat";
- description = "Name of the beat";
+ description = lib.mdDoc "Name of the beat";
};
tags = mkOption {
type = types.listOf types.str;
default = [];
- description = "Tags to place on the shipped log messages";
+ description = lib.mdDoc "Tags to place on the shipped log messages";
};
stateDir = mkOption {
type = types.str;
default = "/var/lib/heartbeat";
- description = "The state directory. heartbeat's own logs and other data are stored here.";
+ description = lib.mdDoc "The state directory. heartbeat's own logs and other data are stored here.";
};
extraConfig = mkOption {
@@ -46,7 +56,7 @@ in
urls: ["http://localhost:9200"]
schedule: '@every 10s'
'';
- description = "Any other configuration options you want to add";
+ description = lib.mdDoc "Any other configuration options you want to add";
};
};
@@ -67,7 +77,7 @@ in
serviceConfig = {
User = "nobody";
AmbientCapabilities = "cap_net_raw";
- ExecStart = "${pkgs.heartbeat}/bin/heartbeat -c \"${heartbeatYml}\" -path.data \"${cfg.stateDir}/data\" -path.logs \"${cfg.stateDir}/logs\"";
+ ExecStart = "${cfg.package}/bin/heartbeat -c \"${heartbeatYml}\" -path.data \"${cfg.stateDir}/data\" -path.logs \"${cfg.stateDir}/logs\"";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journalbeat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journalbeat.nix
index 4035ab48b4b..a38283ae1e4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journalbeat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journalbeat.nix
@@ -24,7 +24,7 @@ in
type = types.package;
default = pkgs.journalbeat;
defaultText = literalExpression "pkgs.journalbeat";
- description = ''
+ description = lib.mdDoc ''
The journalbeat package to use
'';
};
@@ -32,20 +32,20 @@ in
name = mkOption {
type = types.str;
default = "journalbeat";
- description = "Name of the beat";
+ description = lib.mdDoc "Name of the beat";
};
tags = mkOption {
type = types.listOf types.str;
default = [];
- description = "Tags to place on the shipped log messages";
+ description = lib.mdDoc "Tags to place on the shipped log messages";
};
stateDir = mkOption {
type = types.str;
default = "journalbeat";
- description = ''
- Directory below /var/lib/ to store journalbeat's
+ description = lib.mdDoc ''
+ Directory below `/var/lib/` to store journalbeat's
own logs and other data. This directory will be created automatically
using systemd's StateDirectory mechanism.
'';
@@ -54,7 +54,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Any other configuration options you want to add";
+ description = lib.mdDoc "Any other configuration options you want to add";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journaldriver.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journaldriver.nix
index 9bd581e9ec0..59eedff90d6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journaldriver.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journaldriver.nix
@@ -17,7 +17,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable journaldriver to forward journald logs to
Stackdriver Logging.
'';
@@ -26,7 +26,7 @@ in {
logLevel = mkOption {
type = types.str;
default = "info";
- description = ''
+ description = lib.mdDoc ''
Log level at which journaldriver logs its own output.
'';
};
@@ -34,7 +34,7 @@ in {
logName = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Configures the name of the target log in Stackdriver Logging.
This option can be set to, for example, the hostname of a
machine to improve the user experience in the logging
@@ -45,7 +45,7 @@ in {
googleCloudProject = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Configures the name of the Google Cloud project to which to
forward journald logs.
@@ -57,7 +57,7 @@ in {
logStream = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Configures the name of the Stackdriver Logging log stream into
which to write journald entries.
@@ -69,7 +69,7 @@ in {
applicationCredentials = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the service account private key (in JSON-format) used
to forward log entries to Stackdriver Logging on non-GCP
instances.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journalwatch.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journalwatch.nix
index fb86904d1ea..a315da3ea0e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journalwatch.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/journalwatch.nix
@@ -51,7 +51,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, periodically check the journal with journalwatch and report the results by mail.
'';
};
@@ -59,12 +59,12 @@ in {
priority = mkOption {
type = types.int;
default = 6;
- description = ''
+ description = lib.mdDoc ''
Lowest priority of message to be considered.
A value between 7 ("debug"), and 0 ("emerg"). Defaults to 6 ("info").
If you don't care about anything with "info" priority, you can reduce
this to e.g. 5 ("notice") to considerably reduce the amount of
- messages without needing many .
+ messages without needing many {option}`filterBlocks`.
'';
};
@@ -75,7 +75,7 @@ in {
type = types.str;
default = "journalwatch@${config.networking.hostName}";
defaultText = literalExpression ''"journalwatch@''${config.networking.hostName}"'';
- description = ''
+ description = lib.mdDoc ''
Mail address to send journalwatch reports from.
'';
};
@@ -83,7 +83,7 @@ in {
mailTo = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Mail address to send journalwatch reports to.
'';
};
@@ -91,7 +91,7 @@ in {
mailBinary = mkOption {
type = types.path;
default = "/run/wrappers/bin/sendmail";
- description = ''
+ description = lib.mdDoc ''
Sendmail-compatible binary to be used to send the messages.
'';
};
@@ -99,10 +99,10 @@ in {
extraConfig = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra lines to be added verbatim to the journalwatch/config configuration file.
You can add any commandline argument to the config, without the '--'.
- See journalwatch --help for all arguments and their description.
+ See `journalwatch --help` for all arguments and their description.
'';
};
@@ -112,12 +112,12 @@ in {
match = mkOption {
type = types.str;
example = "SYSLOG_IDENTIFIER = systemd";
- description = ''
- Syntax: field = value
- Specifies the log entry field this block should apply to.
- If the field of a message matches this value,
- this patternBlock's are applied.
- If value starts and ends with a slash, it is interpreted as
+ description = lib.mdDoc ''
+ Syntax: `field = value`
+ Specifies the log entry `field` this block should apply to.
+ If the `field` of a message matches this `value`,
+ this patternBlock's {option}`filters` are applied.
+ If `value` starts and ends with a slash, it is interpreted as
an extended python regular expression, if not, it's an exact match.
The journal fields are explained in systemd.journal-fields(7).
'';
@@ -129,8 +129,8 @@ in {
(Stopped|Stopping|Starting|Started) .*
(Reached target|Stopped target) .*
'';
- description = ''
- The filters to apply on all messages which satisfy .
+ description = lib.mdDoc ''
+ The filters to apply on all messages which satisfy {option}`match`.
Any of those messages that match any specified filter will be removed from journalwatch's output.
Each filter is an extended Python regular expression.
You can specify multiple filters and separate them by newlines.
@@ -175,7 +175,7 @@ in {
];
- description = ''
+ description = lib.mdDoc ''
filterBlocks can be defined to blacklist journal messages which are not errors.
Each block matches on a log entry field, and the filters in that block then are matched
against all messages with a matching log entry field.
@@ -191,7 +191,7 @@ in {
interval = mkOption {
type = types.str;
default = "hourly";
- description = ''
+ description = lib.mdDoc ''
How often to run journalwatch.
The format is described in systemd.time(7).
@@ -200,7 +200,7 @@ in {
accuracy = mkOption {
type = types.str;
default = "10min";
- description = ''
+ description = lib.mdDoc ''
The time window around the interval in which the journalwatch run will be scheduled.
The format is described in systemd.time(7).
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logcheck.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logcheck.nix
index c8738b734f9..b1279f0fe58 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logcheck.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logcheck.nix
@@ -56,7 +56,7 @@ let
levelOption = mkOption {
default = "server";
type = types.enum [ "workstation" "server" "paranoid" ];
- description = ''
+ description = lib.mdDoc ''
Set the logcheck level.
'';
};
@@ -68,7 +68,7 @@ let
regex = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Regex specifying which log lines to ignore.
'';
};
@@ -80,7 +80,7 @@ let
user = mkOption {
default = "root";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User that runs the cronjob.
'';
};
@@ -88,7 +88,7 @@ let
cmdline = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Command line for the cron job. Will be turned into a regex for the logcheck ignore rule.
'';
};
@@ -97,7 +97,7 @@ let
default = null;
type = types.nullOr (types.str);
example = "02 06 * * *";
- description = ''
+ description = lib.mdDoc ''
"min hr dom mon dow" crontab time args, to auto-create a cronjob too.
Leave at null to not do this and just add a logcheck ignore rule.
'';
@@ -112,7 +112,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable the logcheck cron job.
'';
};
@@ -120,7 +120,7 @@ in
user = mkOption {
default = "logcheck";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Username for the logcheck user.
'';
};
@@ -129,7 +129,7 @@ in
default = "*";
example = "6";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Time of day to run logcheck. A logcheck will be scheduled at xx:02 each day.
Leave default (*) to run every hour. Of course when nothing special was logged,
logcheck will be silent.
@@ -140,7 +140,7 @@ in
default = "root";
example = "you@domain.com";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Email address to send reports to.
'';
};
@@ -148,7 +148,7 @@ in
level = mkOption {
default = "server";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Set the logcheck level. Either "workstation", "server", or "paranoid".
'';
};
@@ -156,7 +156,7 @@ in
config = mkOption {
default = "FQDN=1";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Config options that you would like in logcheck.conf.
'';
};
@@ -165,7 +165,7 @@ in
default = [ "/var/log/messages" ];
type = types.listOf types.path;
example = [ "/var/log/messages" "/var/log/mail" ];
- description = ''
+ description = lib.mdDoc ''
Which log files to check.
'';
};
@@ -174,14 +174,14 @@ in
default = [];
example = [ "/etc/logcheck" ];
type = types.listOf types.path;
- description = ''
+ description = lib.mdDoc ''
Directories with extra rules.
'';
};
ignore = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
This option defines extra ignore rules.
'';
type = with types; attrsOf (submodule ignoreOptions);
@@ -189,7 +189,7 @@ in
ignoreCron = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
This option defines extra ignore rules for cronjobs.
'';
type = with types; attrsOf (submodule ignoreCronOptions);
@@ -199,7 +199,7 @@ in
default = [];
type = types.listOf types.str;
example = [ "postdrop" "mongodb" ];
- description = ''
+ description = lib.mdDoc ''
Extra groups for the logcheck user, for example to be able to use sendmail,
or to access certain log files.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logrotate.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logrotate.nix
index dfc58d7d539..a6eb08ac5ea 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logrotate.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logrotate.nix
@@ -13,7 +13,7 @@ let
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable log rotation for this path. This can be used to explicitly disable
logging that has been configured by NixOS.
'';
@@ -28,7 +28,7 @@ let
type = with types; either str (listOf str);
default = name;
defaultText = "attribute name";
- description = ''
+ description = lib.mdDoc ''
The path to log files to be rotated.
Spaces are allowed and normal shell quoting rules apply,
with ', ", and \ characters supported.
@@ -38,7 +38,7 @@ let
user = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The user account to use for rotation.
'';
};
@@ -46,7 +46,7 @@ let
group = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The group to use for rotation.
'';
};
@@ -54,7 +54,7 @@ let
frequency = mkOption {
type = types.enum [ "hourly" "daily" "weekly" "monthly" "yearly" ];
default = "daily";
- description = ''
+ description = lib.mdDoc ''
How often to rotate the logs.
'';
};
@@ -62,7 +62,7 @@ let
keep = mkOption {
type = types.int;
default = 20;
- description = ''
+ description = lib.mdDoc ''
How many rotations to keep.
'';
};
@@ -70,9 +70,9 @@ let
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra logrotate config options for this path. Refer to
- for details.
+ for details.
'';
};
@@ -167,22 +167,23 @@ let
sed -e "s/\bsu\s.*/su $user $group/" \
-e "s/\b\(create\s\+[0-9]*\s*\|createolddir\s\+[0-9]*\s\+\).*/\1$user $group/" \
-e "1imissingok" -e "s/\bnomissingok\b//" \
- $out > /tmp/logrotate.conf
+ $out > logrotate.conf
# Since this makes for very verbose builds only show real error.
# There is no way to control log level, but logrotate hardcodes
# 'error:' at common log level, so we can use grep, taking care
# to keep error codes
set -o pipefail
- if ! ${pkgs.buildPackages.logrotate}/sbin/logrotate --debug /tmp/logrotate.conf 2>&1 \
- | ( ! grep "error:" ) > /tmp/logrotate-error; then
+ if ! ${pkgs.buildPackages.logrotate}/sbin/logrotate -s logrotate.status \
+ --debug logrotate.conf 2>&1 \
+ | ( ! grep "error:" ) > logrotate-error; then
echo "Logrotate configuration check failed."
echo "The failing configuration (after adjustments to pass tests in sandbox) was:"
printf "%s\n" "-------"
- cat /tmp/logrotate.conf
+ cat logrotate.conf
printf "%s\n" "-------"
echo "The error reported by logrotate was as follow:"
printf "%s\n" "-------"
- cat /tmp/logrotate-error
+ cat logrotate-error
printf "%s\n" "-------"
echo "You can disable this check with services.logrotate.checkConfig = false,"
echo "but if you think it should work please report this failure along with"
@@ -211,11 +212,11 @@ in
settings = mkOption {
default = { };
- description = ''
+ description = lib.mdDoc ''
logrotate freeform settings: each attribute here will define its own section,
ordered by priority, which can either define files to rotate with their settings
or settings common to all further files settings.
- Refer to for details.
+ Refer to for details.
'';
type = types.attrsOf (types.submodule ({ name, ... }: {
freeformType = with types; attrsOf (nullOr (oneOf [ int bool str ]));
@@ -228,7 +229,7 @@ in
global = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether this setting is a global option or not: set to have these
settings apply to all files settings with a higher priority.
'';
@@ -239,7 +240,7 @@ in
defaultText = ''
The attrset name if not specified
'';
- description = ''
+ description = lib.mdDoc ''
Single or list of files for which rules are defined.
The files are quoted with double-quotes in logrotate configuration,
so globs and spaces are supported.
@@ -250,7 +251,7 @@ in
frequency = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
How often to rotate the logs. Defaults to previously set global setting,
which itself defauts to weekly.
'';
@@ -293,7 +294,7 @@ in
checkConfig = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the config should be checked at build time.
Some options are not checkable at build time because of the build sandbox:
@@ -303,7 +304,7 @@ in
and users are replaced by dummy users), so tests are complemented by a
logrotate-checkconf service that is enabled by default.
This extra check can be disabled by disabling it at the systemd level with the
- option.
+ {option}`services.systemd.services.logrotate-checkconf.enable` option.
Conversely there are still things that might make this check fail incorrectly
(e.g. a file path where we don't have access to intermediate directories):
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logstash.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logstash.nix
index 5d00feabe1c..e9e3ae1f14c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logstash.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/logstash.nix
@@ -51,27 +51,27 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable logstash.";
+ description = lib.mdDoc "Enable logstash.";
};
package = mkOption {
type = types.package;
default = pkgs.logstash;
defaultText = literalExpression "pkgs.logstash";
- description = "Logstash package to use.";
+ description = lib.mdDoc "Logstash package to use.";
};
plugins = mkOption {
type = types.listOf types.path;
default = [ ];
example = literalExpression "[ pkgs.logstash-contrib ]";
- description = "The paths to find other logstash plugins in.";
+ description = lib.mdDoc "The paths to find other logstash plugins in.";
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/logstash";
- description = ''
+ description = lib.mdDoc ''
A path to directory writable by logstash that it uses to store data.
Plugins will also have access to this path.
'';
@@ -80,31 +80,31 @@ in
logLevel = mkOption {
type = types.enum [ "debug" "info" "warn" "error" "fatal" ];
default = "warn";
- description = "Logging verbosity level.";
+ description = lib.mdDoc "Logging verbosity level.";
};
filterWorkers = mkOption {
type = types.int;
default = 1;
- description = "The quantity of filter workers to run.";
+ description = lib.mdDoc "The quantity of filter workers to run.";
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Address on which to start webserver.";
+ description = lib.mdDoc "Address on which to start webserver.";
};
port = mkOption {
type = types.str;
default = "9292";
- description = "Port on which to start webserver.";
+ description = lib.mdDoc "Port on which to start webserver.";
};
inputConfig = mkOption {
type = types.lines;
default = "generator { }";
- description = "Logstash input configuration.";
+ description = lib.mdDoc "Logstash input configuration.";
example = literalExpression ''
'''
# Read from journal
@@ -119,7 +119,7 @@ in
filterConfig = mkOption {
type = types.lines;
default = "";
- description = "logstash filter configuration.";
+ description = lib.mdDoc "logstash filter configuration.";
example = ''
if [type] == "syslog" {
# Keep only relevant systemd fields
@@ -137,7 +137,7 @@ in
outputConfig = mkOption {
type = types.lines;
default = "stdout { codec => rubydebug }";
- description = "Logstash output configuration.";
+ description = lib.mdDoc "Logstash output configuration.";
example = ''
redis { host => ["localhost"] data_type => "list" key => "logstash" codec => json }
elasticsearch { }
@@ -147,7 +147,7 @@ in
extraSettings = mkOption {
type = types.lines;
default = "";
- description = "Extra Logstash settings in YAML format.";
+ description = lib.mdDoc "Extra Logstash settings in YAML format.";
example = ''
pipeline:
batch:
@@ -159,7 +159,7 @@ in
extraJvmOptions = mkOption {
type = types.lines;
default = "";
- description = "Extra JVM options, one per line (jvm.options format).";
+ description = lib.mdDoc "Extra JVM options, one per line (jvm.options format).";
example = ''
-Xms2g
-Xmx2g
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/promtail.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/promtail.nix
index a34bc07b6ab..bdf98322fa4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/promtail.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/promtail.nix
@@ -17,7 +17,7 @@ in {
configuration = mkOption {
type = (pkgs.formats.json {}).type;
- description = ''
+ description = lib.mdDoc ''
Specify the configuration for Promtail in Nix.
'';
};
@@ -26,7 +26,7 @@ in {
type = listOf str;
default = [];
example = [ "--server.http-listen-port=3101" ];
- description = ''
+ description = lib.mdDoc ''
Specify a list of additional command line flags,
which get escaped and are then passed to Loki.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/rsyslogd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/rsyslogd.nix
index b924d94e0b0..21d6482d9ff 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/rsyslogd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/rsyslogd.nix
@@ -39,7 +39,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable syslogd. Note that systemd also logs
syslog messages, so you normally don't need to run syslogd.
'';
@@ -69,8 +69,8 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "-m 0" ];
- description = ''
- Additional parameters passed to rsyslogd.
+ description = lib.mdDoc ''
+ Additional parameters passed to {command}`rsyslogd`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/syslog-ng.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/syslog-ng.nix
index 1c11de51f2c..d22acbeaa70 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/syslog-ng.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/syslog-ng.nix
@@ -36,7 +36,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the syslog-ng daemon.
'';
};
@@ -44,24 +44,24 @@ in {
type = types.package;
default = pkgs.syslogng;
defaultText = literalExpression "pkgs.syslogng";
- description = ''
+ description = lib.mdDoc ''
The package providing syslog-ng binaries.
'';
};
extraModulePaths = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of paths that should be included in syslog-ng's
- --module-path option. They should usually
- end in /lib/syslog-ng
+ `--module-path` option. They should usually
+ end in `/lib/syslog-ng`
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
- Configuration added to the end of syslog-ng.conf.
+ description = lib.mdDoc ''
+ Configuration added to the end of `syslog-ng.conf`.
'';
};
configHeader = mkOption {
@@ -70,7 +70,7 @@ in {
@version: 3.6
@include "scl.conf"
'';
- description = ''
+ description = lib.mdDoc ''
The very first lines of the configuration file. Should usually contain
the syslog-ng version header.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/syslogd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/syslogd.nix
index fe0b0490811..a51bf08e5d2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/syslogd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/syslogd.nix
@@ -39,7 +39,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable syslogd. Note that systemd also logs
syslog messages, so you normally don't need to run syslogd.
'';
@@ -48,7 +48,7 @@ in
tty = mkOption {
type = types.str;
default = "tty10";
- description = ''
+ description = lib.mdDoc ''
The tty device on which syslogd will print important log
messages. Leave this option blank to disable tty logging.
'';
@@ -67,7 +67,7 @@ in
enableNetworkInput = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Accept logging through UDP. Option -r of syslogd(8).
'';
};
@@ -86,8 +86,8 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "-m 0" ];
- description = ''
- Additional parameters passed to syslogd.
+ description = lib.mdDoc ''
+ Additional parameters passed to {command}`syslogd`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/vector.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/vector.nix
index be36b2a41bb..93d8550c31b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/vector.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/logging/vector.nix
@@ -11,7 +11,7 @@ in
journaldAccess = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Vector to access journald.
'';
};
@@ -19,7 +19,7 @@ in
settings = mkOption {
type = (pkgs.formats.json { }).type;
default = { };
- description = ''
+ description = lib.mdDoc ''
Specify the configuration for Vector in Nix.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/clamsmtp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/clamsmtp.nix
index fc1267c5d28..a0de2596284 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/clamsmtp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/clamsmtp.nix
@@ -12,17 +12,17 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable clamsmtp.";
+ description = lib.mdDoc "Whether to enable clamsmtp.";
};
instances = mkOption {
- description = "Instances of clamsmtp to run.";
+ description = lib.mdDoc "Instances of clamsmtp to run.";
type = types.listOf (types.submodule { options = {
action = mkOption {
type = types.enum [ "bounce" "drop" "pass" ];
default = "drop";
description =
- ''
+ lib.mdDoc ''
Action to take when a virus is detected.
Note that viruses often spoof sender addresses, so bouncing is
@@ -35,7 +35,7 @@ in
default = "";
example = "X-Virus-Scanned: ClamAV using ClamSMTP";
description =
- ''
+ lib.mdDoc ''
A header to add to scanned messages. See clamsmtpd.conf(5) for
more details. Empty means no header.
'';
@@ -45,7 +45,7 @@ in
type = types.int;
default = 0;
description =
- ''
+ lib.mdDoc ''
Number of seconds to wait between each NOOP sent to the sending
server. 0 to disable.
@@ -58,7 +58,7 @@ in
type = types.str;
example = "127.0.0.1:10025";
description =
- ''
+ lib.mdDoc ''
Address to wait for incoming SMTP connections on. See
clamsmtpd.conf(5) for more details.
'';
@@ -68,7 +68,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to quarantine files that contain viruses by leaving them
in the temporary directory.
'';
@@ -77,13 +77,13 @@ in
maxConnections = mkOption {
type = types.int;
default = 64;
- description = "Maximum number of connections to accept at once.";
+ description = lib.mdDoc "Maximum number of connections to accept at once.";
};
outAddress = mkOption {
type = types.str;
description =
- ''
+ lib.mdDoc ''
Address of the SMTP server to send email to once it has been
scanned.
'';
@@ -93,7 +93,7 @@ in
type = types.str;
default = "/tmp";
description =
- ''
+ lib.mdDoc ''
Temporary directory that needs to be accessible to both clamd
and clamsmtpd.
'';
@@ -102,20 +102,20 @@ in
timeout = mkOption {
type = types.int;
default = 180;
- description = "Time-out for network connections.";
+ description = lib.mdDoc "Time-out for network connections.";
};
transparentProxy = mkOption {
type = types.bool;
default = false;
- description = "Enable clamsmtp's transparent proxy support.";
+ description = lib.mdDoc "Enable clamsmtp's transparent proxy support.";
};
virusAction = mkOption {
type = with types; nullOr path;
default = null;
description =
- ''
+ lib.mdDoc ''
Command to run when a virus is found. Please see VIRUS ACTION in
clamsmtpd(8) for a discussion of this option and its safe use.
'';
@@ -125,7 +125,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Send the XCLIENT command to the receiving server, for forwarding
client addresses and connection information if the receiving
server supports this feature.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/davmail.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/davmail.nix
index e9f31e6fb39..a01d8758c0e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/davmail.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/davmail.nix
@@ -29,17 +29,17 @@ in
url = mkOption {
type = types.str;
- description = "Outlook Web Access URL to access the exchange server, i.e. the base webmail URL.";
+ description = lib.mdDoc "Outlook Web Access URL to access the exchange server, i.e. the base webmail URL.";
example = "https://outlook.office365.com/EWS/Exchange.asmx";
};
config = mkOption {
type = configType;
default = {};
- description = ''
+ description = lib.mdDoc ''
Davmail configuration. Refer to
-
- and
+
+ and
for details on supported values.
'';
example = literalExpression ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dkimproxy-out.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dkimproxy-out.nix
index f4ac9e47007..aa465891db2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dkimproxy-out.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dkimproxy-out.nix
@@ -15,7 +15,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to enable dkimproxy_out.
Note that a key will be auto-generated, and can be found in
@@ -26,19 +26,19 @@ in
listen = mkOption {
type = types.str;
example = "127.0.0.1:10027";
- description = "Address:port DKIMproxy should listen on.";
+ description = lib.mdDoc "Address:port DKIMproxy should listen on.";
};
relay = mkOption {
type = types.str;
example = "127.0.0.1:10028";
- description = "Address:port DKIMproxy should forward mail to.";
+ description = lib.mdDoc "Address:port DKIMproxy should forward mail to.";
};
domains = mkOption {
type = with types; listOf str;
example = [ "example.org" "example.com" ];
- description = "List of domains DKIMproxy can sign for.";
+ description = lib.mdDoc "List of domains DKIMproxy can sign for.";
};
selector = mkOption {
@@ -59,7 +59,7 @@ in
type = types.int;
default = 2048;
description =
- ''
+ lib.mdDoc ''
Size of the RSA key to use to sign outgoing emails. Note that the
maximum mandatorily verified as per RFC6376 is 2048.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dovecot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dovecot.nix
index a8c1f176782..4caf8dbfd2b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dovecot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dovecot.nix
@@ -137,25 +137,25 @@ let
example = "Spam";
default = name;
readOnly = true;
- description = "The name of the mailbox.";
+ description = lib.mdDoc "The name of the mailbox.";
};
auto = mkOption {
type = types.enum [ "no" "create" "subscribe" ];
default = "no";
example = "subscribe";
- description = "Whether to automatically create or create and subscribe to the mailbox or not.";
+ description = lib.mdDoc "Whether to automatically create or create and subscribe to the mailbox or not.";
};
specialUse = mkOption {
type = types.nullOr (types.enum [ "All" "Archive" "Drafts" "Flagged" "Junk" "Sent" "Trash" ]);
default = null;
example = "Junk";
- description = "Null if no special use flag is set. Other than that every use flag mentioned in the RFC is valid.";
+ description = lib.mdDoc "Null if no special use flag is set. Other than that every use flag mentioned in the RFC is valid.";
};
autoexpunge = mkOption {
type = types.nullOr types.str;
default = null;
example = "60d";
- description = ''
+ description = lib.mdDoc ''
To automatically remove all email from the mailbox which is older than the
specified time.
'';
@@ -180,26 +180,26 @@ in
protocols = mkOption {
type = types.listOf types.str;
default = [];
- description = "Additional listeners to start when Dovecot is enabled.";
+ description = lib.mdDoc "Additional listeners to start when Dovecot is enabled.";
};
user = mkOption {
type = types.str;
default = "dovecot2";
- description = "Dovecot user name.";
+ description = lib.mdDoc "Dovecot user name.";
};
group = mkOption {
type = types.str;
default = "dovecot2";
- description = "Dovecot group name.";
+ description = lib.mdDoc "Dovecot group name.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
example = "mail_debug = yes";
- description = "Additional entries to put verbatim into Dovecot's config file.";
+ description = lib.mdDoc "Additional entries to put verbatim into Dovecot's config file.";
};
mailPlugins =
@@ -209,7 +209,7 @@ in
enable = mkOption {
type = types.listOf types.str;
default = [];
- description = "mail plugins to enable as a list of strings to append to the ${hint} $mail_plugins configuration variable";
+ description = lib.mdDoc "mail plugins to enable as a list of strings to append to the ${hint} `$mail_plugins` configuration variable";
};
};
};
@@ -218,20 +218,20 @@ in
type = with types; submodule {
options = {
globally = mkOption {
- description = "Additional entries to add to the mail_plugins variable for all protocols";
+ description = lib.mdDoc "Additional entries to add to the mail_plugins variable for all protocols";
type = plugins "top-level";
example = { enable = [ "virtual" ]; };
default = { enable = []; };
};
perProtocol = mkOption {
- description = "Additional entries to add to the mail_plugins variable, per protocol";
+ description = lib.mdDoc "Additional entries to add to the mail_plugins variable, per protocol";
type = attrsOf (plugins "corresponding per-protocol");
default = {};
example = { imap = [ "imap_acl" ]; };
};
};
};
- description = "Additional entries to add to the mail_plugins variable, globally and per protocol";
+ description = lib.mdDoc "Additional entries to add to the mail_plugins variable, globally and per protocol";
example = {
globally.enable = [ "acl" ];
perProtocol.imap.enable = [ "imap_acl" ];
@@ -242,7 +242,7 @@ in
configFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Config file used for the whole dovecot configuration.";
+ description = lib.mdDoc "Config file used for the whole dovecot configuration.";
apply = v: if v != null then v else pkgs.writeText "dovecot.conf" dovecotConf;
};
@@ -250,7 +250,7 @@ in
type = types.str;
default = "maildir:/var/spool/mail/%u"; /* Same as inbox, as postfix */
example = "maildir:~/mail:INBOX=/var/spool/mail/%u";
- description = ''
+ description = lib.mdDoc ''
Location that dovecot will use for mail folders. Dovecot mail_location option.
'';
};
@@ -258,13 +258,13 @@ in
mailUser = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Default user to store mail for virtual users.";
+ description = lib.mdDoc "Default user to store mail for virtual users.";
};
mailGroup = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Default group to store mail for virtual users.";
+ description = lib.mdDoc "Default group to store mail for virtual users.";
};
createMailUser = mkEnableOption ''automatically creating the user
@@ -275,7 +275,7 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.dovecot_pigeonhole ]";
- description = ''
+ description = lib.mdDoc ''
Symlinks the contents of lib/dovecot of every given package into
/etc/dovecot/modules. This will make the given modules available
if a dovecot package with the module_dir patch applied is being used.
@@ -285,19 +285,19 @@ in
sslCACert = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Path to the server's CA certificate key.";
+ description = lib.mdDoc "Path to the server's CA certificate key.";
};
sslServerCert = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Path to the server's public key.";
+ description = lib.mdDoc "Path to the server's public key.";
};
sslServerKey = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Path to the server's private key.";
+ description = lib.mdDoc "Path to the server's private key.";
};
enablePAM = mkEnableOption "creating a own Dovecot PAM service and configure PAM user logins." // { default = true; };
@@ -307,7 +307,7 @@ in
sieveScripts = mkOption {
type = types.attrsOf types.path;
default = {};
- description = "Sieve scripts to be executed. Key is a sequence, e.g. 'before2', 'after' etc.";
+ description = lib.mdDoc "Sieve scripts to be executed. Key is a sequence, e.g. 'before2', 'after' etc.";
};
showPAMFailure = mkEnableOption "showing the PAM failure message on authentication error (useful for OTPW).";
@@ -323,7 +323,7 @@ in
Spam = { specialUse = "Junk"; auto = "create"; };
}
'';
- description = "Configure mailboxes and auto create or subscribe them.";
+ description = lib.mdDoc "Configure mailboxes and auto create or subscribe them.";
};
enableQuota = mkEnableOption "the dovecot quota service.";
@@ -331,7 +331,7 @@ in
quotaPort = mkOption {
type = types.str;
default = "12340";
- description = ''
+ description = lib.mdDoc ''
The Port the dovecot quota service binds to.
If using postfix, add check_policy_service inet:localhost:12340 to your smtpd_recipient_restrictions in your postfix config.
'';
@@ -340,7 +340,7 @@ in
type = types.str;
default = "100G";
example = "10G";
- description = "Quota limit for the user in bytes. Supports suffixes b, k, M, G, T and %.";
+ description = lib.mdDoc "Quota limit for the user in bytes. Supports suffixes b, k, M, G, T and %.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dspam.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dspam.nix
index 766ebc8095a..4fccd452a4f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dspam.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/dspam.nix
@@ -38,43 +38,43 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the dspam spam filter.";
+ description = lib.mdDoc "Whether to enable the dspam spam filter.";
};
user = mkOption {
type = types.str;
default = "dspam";
- description = "User for the dspam daemon.";
+ description = lib.mdDoc "User for the dspam daemon.";
};
group = mkOption {
type = types.str;
default = "dspam";
- description = "Group for the dspam daemon.";
+ description = lib.mdDoc "Group for the dspam daemon.";
};
storageDriver = mkOption {
type = types.str;
default = "hash";
- description = "Storage driver backend to use for dspam.";
+ description = lib.mdDoc "Storage driver backend to use for dspam.";
};
domainSocket = mkOption {
type = types.nullOr types.path;
default = defaultSock;
- description = "Path to local domain socket which is used for communication with the daemon. Set to null to disable UNIX socket.";
+ description = lib.mdDoc "Path to local domain socket which is used for communication with the daemon. Set to null to disable UNIX socket.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Additional dspam configuration.";
+ description = lib.mdDoc "Additional dspam configuration.";
};
maintenanceInterval = mkOption {
type = types.nullOr types.str;
default = null;
- description = "If set, maintenance script will be run at specified (in systemd.timer format) interval";
+ description = lib.mdDoc "If set, maintenance script will be run at specified (in systemd.timer format) interval";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/exim.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/exim.nix
index 7356db2b6a6..cd0da4fc509 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/exim.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/exim.nix
@@ -17,13 +17,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the Exim mail transfer agent.";
+ description = lib.mdDoc "Whether to enable the Exim mail transfer agent.";
};
config = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Verbatim Exim configuration. This should not contain exim_user,
exim_group, exim_path, or spool_directory.
'';
@@ -32,7 +32,7 @@ in
user = mkOption {
type = types.str;
default = "exim";
- description = ''
+ description = lib.mdDoc ''
User to use when no root privileges are required.
In particular, this applies when receiving messages and when doing
remote deliveries. (Local deliveries run as various non-root users,
@@ -44,7 +44,7 @@ in
group = mkOption {
type = types.str;
default = "exim";
- description = ''
+ description = lib.mdDoc ''
Group to use when no root privileges are required.
'';
};
@@ -52,7 +52,7 @@ in
spoolDir = mkOption {
type = types.path;
default = "/var/spool/exim";
- description = ''
+ description = lib.mdDoc ''
Location of the spool directory of exim.
'';
};
@@ -61,7 +61,7 @@ in
type = types.package;
default = pkgs.exim;
defaultText = literalExpression "pkgs.exim";
- description = ''
+ description = lib.mdDoc ''
The Exim derivation to use.
This can be used to enable features such as LDAP or PAM support.
'';
@@ -70,7 +70,7 @@ in
queueRunnerInterval = mkOption {
type = types.str;
default = "5m";
- description = ''
+ description = lib.mdDoc ''
How often to spawn a new queue runner.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/maddy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/maddy.nix
index 0b06905ac6f..2f9abd3ed1f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/maddy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/maddy.nix
@@ -173,7 +173,7 @@ in {
default = "localhost";
type = with types; uniq string;
example = ''example.com'';
- description = ''
+ description = lib.mdDoc ''
Hostname to use. It should be FQDN.
'';
};
@@ -182,7 +182,7 @@ in {
default = "localhost";
type = with types; uniq string;
example = ''mail.example.com'';
- description = ''
+ description = lib.mdDoc ''
Primary MX domain to use. It should be FQDN.
'';
};
@@ -195,7 +195,7 @@ in {
"example.com"
"other.example.com"
];
- description = ''
+ description = lib.mdDoc ''
Define list of allowed domains.
'';
};
@@ -217,7 +217,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open the configured incoming and outgoing mail server ports.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailcatcher.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailcatcher.nix
index 84f06ed199d..01f3a9776bb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailcatcher.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailcatcher.nix
@@ -16,32 +16,32 @@ in
http.ip = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "The ip address of the http server.";
+ description = lib.mdDoc "The ip address of the http server.";
};
http.port = mkOption {
type = types.port;
default = 1080;
- description = "The port address of the http server.";
+ description = lib.mdDoc "The port address of the http server.";
};
http.path = mkOption {
type = with types; nullOr str;
default = null;
- description = "Prefix to all HTTP paths.";
+ description = lib.mdDoc "Prefix to all HTTP paths.";
example = "/mailcatcher";
};
smtp.ip = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "The ip address of the smtp server.";
+ description = lib.mdDoc "The ip address of the smtp server.";
};
smtp.port = mkOption {
type = types.port;
default = 1025;
- description = "The port address of the smtp server.";
+ description = lib.mdDoc "The port address of the smtp server.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailhog.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailhog.nix
index b113f4ff3de..defc58b8068 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailhog.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailhog.nix
@@ -32,31 +32,31 @@ in
storage = mkOption {
type = types.enum [ "maildir" "memory" ];
default = "memory";
- description = "Store mails on disk or in memory.";
+ description = lib.mdDoc "Store mails on disk or in memory.";
};
apiPort = mkOption {
type = types.port;
default = 8025;
- description = "Port on which the API endpoint will listen.";
+ description = lib.mdDoc "Port on which the API endpoint will listen.";
};
smtpPort = mkOption {
type = types.port;
default = 1025;
- description = "Port on which the SMTP endpoint will listen.";
+ description = lib.mdDoc "Port on which the SMTP endpoint will listen.";
};
uiPort = mkOption {
type = types.port;
default = 8025;
- description = "Port on which the HTTP UI will listen.";
+ description = lib.mdDoc "Port on which the HTTP UI will listen.";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
- description = "List of additional arguments to pass to the MailHog process.";
+ description = lib.mdDoc "List of additional arguments to pass to the MailHog process.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailman.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailman.nix
index 5b714c384de..eb24f73c1da 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailman.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mailman.nix
@@ -6,7 +6,7 @@ let
cfg = config.services.mailman;
- inherit (pkgs.mailmanPackages.buildEnvs { withHyperkitty = cfg.hyperkitty.enable; })
+ inherit (pkgs.mailmanPackages.buildEnvs { withHyperkitty = cfg.hyperkitty.enable; withLDAP = cfg.ldap.enable; })
mailmanEnv webEnv;
withPostgresql = config.services.postgresql.enable;
@@ -44,7 +44,13 @@ let
transport_file_type: hash
'';
- mailmanCfg = lib.generators.toINI {} cfg.settings;
+ mailmanCfg = lib.generators.toINI {}
+ (recursiveUpdate cfg.settings
+ ((optionalAttrs (cfg.restApiPassFile != null) {
+ webservice.admin_pass = "#NIXOS_MAILMAN_REST_API_PASS_SECRET#";
+ })));
+
+ mailmanCfgFile = pkgs.writeText "mailman-raw.cfg" mailmanCfg;
mailmanHyperkittyCfg = pkgs.writeText "mailman-hyperkitty.cfg" ''
[general]
@@ -84,14 +90,122 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable Mailman on this host. Requires an active MTA on the host (e.g. Postfix).";
+ description = lib.mdDoc "Enable Mailman on this host. Requires an active MTA on the host (e.g. Postfix).";
+ };
+
+ ldap = {
+ enable = mkEnableOption "LDAP auth";
+ serverUri = mkOption {
+ type = types.str;
+ example = "ldaps://ldap.host";
+ description = lib.mdDoc ''
+ LDAP host to connect against.
+ '';
+ };
+ bindDn = mkOption {
+ type = types.str;
+ example = "cn=root,dc=nixos,dc=org";
+ description = lib.mdDoc ''
+ Service account to bind against.
+ '';
+ };
+ bindPasswordFile = mkOption {
+ type = types.str;
+ example = "/run/secrets/ldap-bind";
+ description = ''
+ Path to the file containing the bind password of the servie account
+ defined by .
+ '';
+ };
+ superUserGroup = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "cn=admin,ou=groups,dc=nixos,dc=org";
+ description = lib.mdDoc ''
+ Group where a user must be a member of to gain superuser rights.
+ '';
+ };
+ userSearch = {
+ query = mkOption {
+ type = types.str;
+ example = "(&(objectClass=inetOrgPerson)(|(uid=%(user)s)(mail=%(user)s)))";
+ description = lib.mdDoc ''
+ Query to find a user in the LDAP database.
+ '';
+ };
+ ou = mkOption {
+ type = types.str;
+ example = "ou=users,dc=nixos,dc=org";
+ description = lib.mdDoc ''
+ Organizational unit to look up a user.
+ '';
+ };
+ };
+ groupSearch = {
+ type = mkOption {
+ type = types.enum [
+ "posixGroup" "groupOfNames" "memberDNGroup" "nestedMemberDNGroup" "nestedGroupOfNames"
+ "groupOfUniqueNames" "nestedGroupOfUniqueNames" "activeDirectoryGroup" "nestedActiveDirectoryGroup"
+ "organizationalRoleGroup" "nestedOrganizationalRoleGroup"
+ ];
+ default = "posixGroup";
+ apply = v: "${toUpper (substring 0 1 v)}${substring 1 (stringLength v) v}Type";
+ description = lib.mdDoc ''
+ Type of group to perform a group search against.
+ '';
+ };
+ query = mkOption {
+ type = types.str;
+ example = "(objectClass=groupOfNames)";
+ description = lib.mdDoc ''
+ Query to find a group associated to a user in the LDAP database.
+ '';
+ };
+ ou = mkOption {
+ type = types.str;
+ example = "ou=groups,dc=nixos,dc=org";
+ description = lib.mdDoc ''
+ Organizational unit to look up a group.
+ '';
+ };
+ };
+ attrMap = {
+ username = mkOption {
+ default = "uid";
+ type = types.str;
+ description = lib.mdDoc ''
+ LDAP-attribute that corresponds to the `username`-attribute in mailman.
+ '';
+ };
+ firstName = mkOption {
+ default = "givenName";
+ type = types.str;
+ description = lib.mdDoc ''
+ LDAP-attribute that corresponds to the `firstName`-attribute in mailman.
+ '';
+ };
+ lastName = mkOption {
+ default = "sn";
+ type = types.str;
+ description = lib.mdDoc ''
+ LDAP-attribute that corresponds to the `lastName`-attribute in mailman.
+ '';
+ };
+ email = mkOption {
+ default = "mail";
+ type = types.str;
+ description = lib.mdDoc ''
+ LDAP-attribute that corresponds to the `email`-attribute in mailman.
+ '';
+ };
+ };
};
enablePostfix = mkOption {
type = types.bool;
default = true;
example = false;
- description = ''
+ description = lib.mdDoc ''
Enable Postfix integration. Requires an active Postfix installation.
If you want to use another MTA, set this option to false and configure
@@ -104,7 +218,7 @@ in {
siteOwner = mkOption {
type = types.str;
example = "postmaster@example.org";
- description = ''
+ description = lib.mdDoc ''
Certain messages that must be delivered to a human, but which can't
be delivered to a list owner (e.g. a bounce from a list owner), will
be sent to this address. It should point to a human.
@@ -114,7 +228,7 @@ in {
webHosts = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
The list of hostnames and/or IP addresses from which the Mailman Web
UI will accept requests. By default, "localhost" and "127.0.0.1" are
enabled. All additional names under which your web server accepts
@@ -126,7 +240,7 @@ in {
webUser = mkOption {
type = types.str;
default = "mailman-web";
- description = ''
+ description = lib.mdDoc ''
User to run mailman-web as
'';
};
@@ -134,23 +248,31 @@ in {
webSettings = mkOption {
type = types.attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
Overrides for the default mailman-web Django settings.
'';
};
+ restApiPassFile = mkOption {
+ default = null;
+ type = types.nullOr types.str;
+ description = lib.mdDoc ''
+ Path to the file containing the value for `MAILMAN_REST_API_PASS`.
+ '';
+ };
+
serve = {
enable = mkEnableOption "Automatic nginx and uwsgi setup for mailman-web";
};
extraPythonPackages = mkOption {
- description = "Packages to add to the python environment used by mailman and mailman-web";
+ description = lib.mdDoc "Packages to add to the python environment used by mailman and mailman-web";
type = types.listOf types.package;
default = [];
};
settings = mkOption {
- description = "Settings for mailman.cfg";
+ description = lib.mdDoc "Settings for mailman.cfg";
type = types.attrsOf (types.attrsOf types.str);
default = {};
};
@@ -161,7 +283,7 @@ in {
baseUrl = mkOption {
type = types.str;
default = "http://localhost:18507/archives/";
- description = ''
+ description = lib.mdDoc ''
Where can Mailman connect to Hyperkitty's internal API, preferably on
localhost?
'';
@@ -255,8 +377,6 @@ in {
};
users.groups.mailman = {};
- environment.etc."mailman.cfg".text = mailmanCfg;
-
environment.etc."mailman3/settings.py".text = ''
import os
@@ -274,6 +394,39 @@ in {
with open('/var/lib/mailman-web/settings_local.json') as f:
globals().update(json.load(f))
+
+ ${optionalString (cfg.restApiPassFile != null) ''
+ with open('${cfg.restApiPassFile}') as f:
+ MAILMAN_REST_API_PASS = f.read().rstrip('\n')
+ ''}
+
+ ${optionalString (cfg.ldap.enable) ''
+ import ldap
+ from django_auth_ldap.config import LDAPSearch, ${cfg.ldap.groupSearch.type}
+ AUTH_LDAP_SERVER_URI = "${cfg.ldap.serverUri}"
+ AUTH_LDAP_BIND_DN = "${cfg.ldap.bindDn}"
+ with open("${cfg.ldap.bindPasswordFile}") as f:
+ AUTH_LDAP_BIND_PASSWORD = f.read().rstrip('\n')
+ AUTH_LDAP_USER_SEARCH = LDAPSearch("${cfg.ldap.userSearch.ou}",
+ ldap.SCOPE_SUBTREE, "${cfg.ldap.userSearch.query}")
+ AUTH_LDAP_GROUP_TYPE = ${cfg.ldap.groupSearch.type}()
+ AUTH_LDAP_GROUP_SEARCH = LDAPSearch("${cfg.ldap.groupSearch.ou}",
+ ldap.SCOPE_SUBTREE, "${cfg.ldap.groupSearch.query}")
+ AUTH_LDAP_USER_ATTR_MAP = {
+ ${concatStrings (flip mapAttrsToList cfg.ldap.attrMap (key: value: ''
+ "${key}": "${value}",
+ ''))}
+ }
+ ${optionalString (cfg.ldap.superUserGroup != null) ''
+ AUTH_LDAP_USER_FLAGS_BY_GROUP = {
+ "is_superuser": "${cfg.ldap.superUserGroup}"
+ }
+ ''}
+ AUTHENTICATION_BACKENDS = (
+ "django_auth_ldap.backend.LDAPBackend",
+ "django.contrib.auth.backends.ModelBackend"
+ )
+ ''}
'';
services.nginx = mkIf (cfg.serve.enable && cfg.webHosts != []) {
@@ -320,7 +473,7 @@ in {
after = [ "network.target" ]
++ lib.optional cfg.enablePostfix "postfix-setup.service"
++ lib.optional withPostgresql "postgresql.service";
- restartTriggers = [ config.environment.etc."mailman.cfg".source ];
+ restartTriggers = [ mailmanCfgFile ];
requires = optional withPostgresql "postgresql.service";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
@@ -344,6 +497,14 @@ in {
requires = optional withPostgresql "postgresql.service";
serviceConfig.Type = "oneshot";
script = ''
+ install -m0750 -o mailman -g mailman ${mailmanCfgFile} /etc/mailman.cfg
+ ${optionalString (cfg.restApiPassFile != null) ''
+ ${pkgs.replace-secret}/bin/replace-secret \
+ '#NIXOS_MAILMAN_REST_API_PASS_SECRET#' \
+ ${cfg.restApiPassFile} \
+ /etc/mailman.cfg
+ ''}
+
mailmanDir=/var/lib/mailman
mailmanWebDir=/var/lib/mailman-web
@@ -424,7 +585,7 @@ in {
mailman-daily = {
description = "Trigger daily Mailman events";
startAt = "daily";
- restartTriggers = [ config.environment.etc."mailman.cfg".source ];
+ restartTriggers = [ mailmanCfgFile ];
serviceConfig = {
ExecStart = "${mailmanEnv}/bin/mailman digests --send";
User = "mailman";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mlmmj.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mlmmj.nix
index fd74f2dc5f0..0a6c7eceaa6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mlmmj.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/mlmmj.nix
@@ -56,31 +56,31 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable mlmmj";
+ description = lib.mdDoc "Enable mlmmj";
};
user = mkOption {
type = types.str;
default = "mlmmj";
- description = "mailinglist local user";
+ description = lib.mdDoc "mailinglist local user";
};
group = mkOption {
type = types.str;
default = "mlmmj";
- description = "mailinglist local group";
+ description = lib.mdDoc "mailinglist local group";
};
listDomain = mkOption {
type = types.str;
default = "localhost";
- description = "Set the mailing list domain";
+ description = lib.mdDoc "Set the mailing list domain";
};
mailLists = mkOption {
type = types.listOf types.str;
default = [];
- description = "The collection of hosted maillists";
+ description = lib.mdDoc "The collection of hosted maillists";
};
maintInterval = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/nullmailer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/nullmailer.nix
index f9c34566997..59329667f7a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/nullmailer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/nullmailer.nix
@@ -10,13 +10,13 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable nullmailer daemon.";
+ description = lib.mdDoc "Whether to enable nullmailer daemon.";
};
user = mkOption {
type = types.str;
default = "nullmailer";
- description = ''
+ description = lib.mdDoc ''
User to use to run nullmailer-send.
'';
};
@@ -24,7 +24,7 @@ with lib;
group = mkOption {
type = types.str;
default = "nullmailer";
- description = ''
+ description = lib.mdDoc ''
Group to use to run nullmailer-send.
'';
};
@@ -32,7 +32,7 @@ with lib;
setSendmail = mkOption {
type = types.bool;
default = true;
- description = "Whether to set the system sendmail to nullmailer's.";
+ description = lib.mdDoc "Whether to set the system sendmail to nullmailer's.";
};
remotesFile = mkOption {
@@ -51,7 +51,7 @@ with lib;
adminaddr = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
If set, all recipients to users at either "localhost" (the literal string)
or the canonical host name (from the me control attribute) are remapped to this address.
This is provided to allow local daemons to be able to send email to
@@ -64,7 +64,7 @@ with lib;
allmailfrom = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
If set, content will override the envelope sender on all messages.
'';
};
@@ -72,7 +72,7 @@ with lib;
defaultdomain = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The content of this attribute is appended to any host name that
does not contain a period (except localhost), including defaulthost
and idhost. Defaults to the value of the me attribute, if it exists,
@@ -83,7 +83,7 @@ with lib;
defaulthost = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The content of this attribute is appended to any address that
is missing a host name. Defaults to the value of the me control
attribute, if it exists, otherwise the literal name defaulthost.
@@ -93,7 +93,7 @@ with lib;
doublebounceto = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
If the original sender was empty (the original message was a
delivery status or disposition notification), the double bounce
is sent to the address in this attribute.
@@ -103,7 +103,7 @@ with lib;
helohost = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Sets the environment variable $HELOHOST which is used by the
SMTP protocol module to set the parameter given to the HELO command.
Defaults to the value of the me configuration attribute.
@@ -113,7 +113,7 @@ with lib;
idhost = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The content of this attribute is used when building the message-id
string for the message. Defaults to the canonicalized value of defaulthost.
'';
@@ -122,7 +122,7 @@ with lib;
maxpause = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The maximum time to pause between successive queue runs, in seconds.
Defaults to 24 hours (86400).
'';
@@ -131,7 +131,7 @@ with lib;
me = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The fully-qualifiled host name of the computer running nullmailer.
Defaults to the literal name me.
'';
@@ -140,7 +140,7 @@ with lib;
pausetime = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The minimum time to pause between successive queue runs when there
are messages in the queue, in seconds. Defaults to 1 minute (60).
Each time this timeout is reached, the timeout is doubled to a
@@ -170,7 +170,7 @@ with lib;
sendtimeout = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The time to wait for a remote module listed above to complete sending
a message before killing it and trying again, in seconds.
Defaults to 1 hour (3600). If this is set to 0, nullmailer-send
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/offlineimap.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/offlineimap.nix
index 45147758119..17c09df8f92 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/offlineimap.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/offlineimap.nix
@@ -26,26 +26,26 @@ in {
type = types.package;
default = pkgs.offlineimap;
defaultText = literalExpression "pkgs.offlineimap";
- description = "Offlineimap derivation to use.";
+ description = lib.mdDoc "Offlineimap derivation to use.";
};
path = mkOption {
type = types.listOf types.path;
default = [];
example = literalExpression "[ pkgs.pass pkgs.bash pkgs.notmuch ]";
- description = "List of derivations to put in Offlineimap's path.";
+ description = lib.mdDoc "List of derivations to put in Offlineimap's path.";
};
onCalendar = mkOption {
type = types.str;
default = "*:0/3"; # every 3 minutes
- description = "How often is offlineimap started. Default is '*:0/3' meaning every 3 minutes. See systemd.time(7) for more information about the format.";
+ description = lib.mdDoc "How often is offlineimap started. Default is '*:0/3' meaning every 3 minutes. See systemd.time(7) for more information about the format.";
};
timeoutStartSec = mkOption {
type = types.str;
default = "120sec"; # Kill if still alive after 2 minutes
- description = "How long waiting for offlineimap before killing it. Default is '120sec' meaning every 2 minutes. See systemd.time(7) for more information about the format.";
+ description = lib.mdDoc "How long waiting for offlineimap before killing it. Default is '120sec' meaning every 2 minutes. See systemd.time(7) for more information about the format.";
};
};
config = mkIf (cfg.enable || cfg.install) {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/opendkim.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/opendkim.nix
index f1ffc5d3aee..a377fccc7bd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/opendkim.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/opendkim.nix
@@ -31,25 +31,25 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the OpenDKIM sender authentication system.";
+ description = lib.mdDoc "Whether to enable the OpenDKIM sender authentication system.";
};
socket = mkOption {
type = types.str;
default = defaultSock;
- description = "Socket which is used for communication with OpenDKIM.";
+ description = lib.mdDoc "Socket which is used for communication with OpenDKIM.";
};
user = mkOption {
type = types.str;
default = "opendkim";
- description = "User for the daemon.";
+ description = lib.mdDoc "User for the daemon.";
};
group = mkOption {
type = types.str;
default = "opendkim";
- description = "Group for the daemon.";
+ description = lib.mdDoc "Group for the daemon.";
};
domains = mkOption {
@@ -57,15 +57,15 @@ in {
default = "csl:${config.networking.hostName}";
defaultText = literalExpression ''"csl:''${config.networking.hostName}"'';
example = "csl:example.com,mydomain.net";
- description = ''
- Local domains set (see opendkim(8) for more information on datasets).
+ description = lib.mdDoc ''
+ Local domains set (see `opendkim(8)` for more information on datasets).
Messages from them are signed, not verified.
'';
};
keyPath = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The path that opendkim should put its generated private keys into.
The DNS settings will be found in this directory with the name selector.txt.
'';
@@ -74,13 +74,13 @@ in {
selector = mkOption {
type = types.str;
- description = "Selector to use when signing.";
+ description = lib.mdDoc "Selector to use when signing.";
};
configFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Additional opendkim configuration.";
+ description = lib.mdDoc "Additional opendkim configuration.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/opensmtpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/opensmtpd.nix
index e7632be2804..6ad3386d2d4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/opensmtpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/opensmtpd.nix
@@ -28,27 +28,27 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the OpenSMTPD server.";
+ description = lib.mdDoc "Whether to enable the OpenSMTPD server.";
};
package = mkOption {
type = types.package;
default = pkgs.opensmtpd;
defaultText = literalExpression "pkgs.opensmtpd";
- description = "The OpenSMTPD package to use.";
+ description = lib.mdDoc "The OpenSMTPD package to use.";
};
setSendmail = mkOption {
type = types.bool;
default = true;
- description = "Whether to set the system sendmail to OpenSMTPD's.";
+ description = lib.mdDoc "Whether to set the system sendmail to OpenSMTPD's.";
};
extraServerArgs = mkOption {
type = types.listOf types.str;
default = [];
example = [ "-v" "-P mta" ];
- description = ''
+ description = lib.mdDoc ''
Extra command line arguments provided when the smtpd process
is started.
'';
@@ -60,7 +60,7 @@ in {
listen on lo
accept for any deliver to lmtp localhost:24
'';
- description = ''
+ description = lib.mdDoc ''
The contents of the smtpd.conf configuration file. See the
OpenSMTPD documentation for syntax information.
'';
@@ -69,7 +69,7 @@ in {
procPackages = mkOption {
type = types.listOf types.package;
default = [];
- description = ''
+ description = lib.mdDoc ''
Packages to search for filters, tables, queues, and schedulers.
Add OpenSMTPD-extras here if you want to use the filters, etc. from
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/pfix-srsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/pfix-srsd.nix
index e3dbf2a014f..d46447a480a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/pfix-srsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/pfix-srsd.nix
@@ -12,11 +12,11 @@ with lib;
enable = mkOption {
default = false;
type = types.bool;
- description = "Whether to run the postfix sender rewriting scheme daemon.";
+ description = lib.mdDoc "Whether to run the postfix sender rewriting scheme daemon.";
};
domain = mkOption {
- description = "The domain for which to enable srs";
+ description = lib.mdDoc "The domain for which to enable srs";
type = types.str;
example = "example.com";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postfix.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postfix.nix
index de00c87b95a..2fc79949fbc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postfix.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postfix.nix
@@ -45,7 +45,7 @@ let
type = types.str;
default = name;
example = "smtp";
- description = ''
+ description = lib.mdDoc ''
The name of the service to run. Defaults to the attribute set key.
'';
};
@@ -54,16 +54,16 @@ let
type = types.enum [ "inet" "unix" "unix-dgram" "fifo" "pass" ];
default = "unix";
example = "inet";
- description = "The type of the service";
+ description = lib.mdDoc "The type of the service";
};
private = mkOption {
type = types.bool;
example = false;
- description = ''
+ description = lib.mdDoc ''
Whether the service's sockets and storage directory is restricted to
- be only available via the mail system. If null is
- given it uses the postfix default true.
+ be only available via the mail system. If `null` is
+ given it uses the postfix default `true`.
'';
};
@@ -76,19 +76,19 @@ let
chroot = mkOption {
type = types.bool;
example = true;
- description = ''
+ description = lib.mdDoc ''
Whether the service is chrooted to have only access to the
- and the closure of
- store paths specified by the option.
+ {option}`services.postfix.queueDir` and the closure of
+ store paths specified by the {option}`program` option.
'';
};
wakeup = mkOption {
type = types.int;
example = 60;
- description = ''
+ description = lib.mdDoc ''
Automatically wake up the service after the specified number of
- seconds. If 0 is given, never wake the service
+ seconds. If `0` is given, never wake the service
up.
'';
};
@@ -96,22 +96,22 @@ let
wakeupUnusedComponent = mkOption {
type = types.bool;
example = false;
- description = ''
- If set to false the component will only be woken
+ description = lib.mdDoc ''
+ If set to `false` the component will only be woken
up if it is used. This is equivalent to postfix' notion of adding a
question mark behind the wakeup time in
- master.cf
+ {file}`master.cf`
'';
};
maxproc = mkOption {
type = types.int;
example = 1;
- description = ''
+ description = lib.mdDoc ''
The maximum number of processes to spawn for this service. If the
- value is 0 it doesn't have any limit. If
- null is given it uses the postfix default of
- 100.
+ value is `0` it doesn't have any limit. If
+ `null` is given it uses the postfix default of
+ `100`.
'';
};
@@ -119,9 +119,9 @@ let
type = types.str;
default = name;
example = "smtpd";
- description = ''
+ description = lib.mdDoc ''
A program name specifying a Postfix service/daemon process.
- By default it's the attribute .
+ By default it's the attribute {option}`name`.
'';
};
@@ -129,8 +129,8 @@ let
type = types.listOf types.str;
default = [];
example = [ "-o" "smtp_helo_timeout=5" ];
- description = ''
- Arguments to pass to the . There is no shell
+ description = lib.mdDoc ''
+ Arguments to pass to the {option}`command`. There is no shell
processing involved and shell syntax is passed verbatim to the
process.
'';
@@ -221,13 +221,13 @@ let
type = types.str;
default = "/^.*/";
example = "/^X-Mailer:/";
- description = "A regexp pattern matching the header";
+ description = lib.mdDoc "A regexp pattern matching the header";
};
action = mkOption {
type = types.str;
default = "DUNNO";
example = "BCC mail@example.com";
- description = "The action to be executed when the pattern is matched";
+ description = lib.mdDoc "The action to be executed when the pattern is matched";
};
};
};
@@ -267,25 +267,25 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to run the Postfix mail server.";
+ description = lib.mdDoc "Whether to run the Postfix mail server.";
};
enableSmtp = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable smtp in master.cf.";
+ description = lib.mdDoc "Whether to enable smtp in master.cf.";
};
enableSubmission = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable smtp submission.";
+ description = lib.mdDoc "Whether to enable smtp submission.";
};
enableSubmissions = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable smtp submission via smtps.
According to RFC 8314 this should be preferred
@@ -308,7 +308,7 @@ in
smtpd_client_restrictions = "permit_sasl_authenticated,reject";
milter_macro_daemon_name = "ORIGINATING";
};
- description = "Options for the submission config in master.cf";
+ description = lib.mdDoc "Options for the submission config in master.cf";
};
submissionsOptions = mkOption {
@@ -324,7 +324,7 @@ in
smtpd_client_restrictions = "permit_sasl_authenticated,reject";
milter_macro_daemon_name = "ORIGINATING";
};
- description = ''
+ description = lib.mdDoc ''
Options for the submission config via smtps in master.cf.
smtpd_tls_security_level will be set to encrypt, if it is missing
@@ -337,19 +337,19 @@ in
setSendmail = mkOption {
type = types.bool;
default = true;
- description = "Whether to set the system sendmail to postfix's.";
+ description = lib.mdDoc "Whether to set the system sendmail to postfix's.";
};
user = mkOption {
type = types.str;
default = "postfix";
- description = "What to call the Postfix user (must be used only for postfix).";
+ description = lib.mdDoc "What to call the Postfix user (must be used only for postfix).";
};
group = mkOption {
type = types.str;
default = "postfix";
- description = "What to call the Postfix group (must be used only for postfix).";
+ description = lib.mdDoc "What to call the Postfix group (must be used only for postfix).";
};
setgidGroup = mkOption {
@@ -480,12 +480,12 @@ in
type = with types; enum [ "hash" "regexp" "pcre" ];
default = "hash";
example = "regexp";
- description = "The format the alias map should have. Use regexp if you want to use regular expressions.";
+ description = lib.mdDoc "The format the alias map should have. Use regexp if you want to use regular expressions.";
};
config = mkOption {
type = with types; attrsOf (oneOf [ bool str (listOf str) ]);
- description = ''
+ description = lib.mdDoc ''
The main.cf configuration file as key value set.
'';
example = {
@@ -506,7 +506,7 @@ in
type = types.str;
default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
defaultText = literalExpression ''"''${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"'';
- description = ''
+ description = lib.mdDoc ''
File containing trusted certification authorities (CA) to verify certificates of mailservers contacted for mail delivery. This basically sets smtp_tls_CAfile and enables opportunistic tls. Defaults to NixOS trusted certification authorities.
'';
};
@@ -514,13 +514,13 @@ in
sslCert = mkOption {
type = types.str;
default = "";
- description = "SSL certificate to use.";
+ description = lib.mdDoc "SSL certificate to use.";
};
sslKey = mkOption {
type = types.str;
default = "";
- description = "SSL key to use.";
+ description = lib.mdDoc "SSL key to use.";
};
recipientDelimiter = mkOption {
@@ -552,18 +552,18 @@ in
virtualMapType = mkOption {
type = types.enum ["hash" "regexp" "pcre"];
default = "hash";
- description = ''
- What type of virtual alias map file to use. Use "regexp" for regular expressions.
+ description = lib.mdDoc ''
+ What type of virtual alias map file to use. Use `"regexp"` for regular expressions.
'';
};
localRecipients = mkOption {
type = with types; nullOr (listOf str);
default = null;
- description = ''
+ description = lib.mdDoc ''
List of accepted local users. Specify a bare username, an
- "@domain.tld" wild-card, or a complete
- "user@domain.tld" address. If set, these names end
+ `"@domain.tld"` wild-card, or a complete
+ `"user@domain.tld"` address. If set, these names end
up in the local recipient map -- see the local(8) man-page -- and
effectively replace the system user database lookup that's otherwise
used by default.
@@ -581,13 +581,13 @@ in
dnsBlacklists = mkOption {
default = [];
type = with types; listOf str;
- description = "dns blacklist servers to use with smtpd_client_restrictions";
+ description = lib.mdDoc "dns blacklist servers to use with smtpd_client_restrictions";
};
dnsBlacklistOverrides = mkOption {
default = "";
type = types.lines;
- description = "contents of check_client_access for overriding dnsBlacklists";
+ description = lib.mdDoc "contents of check_client_access for overriding dnsBlacklists";
};
masterConfig = mkOption {
@@ -599,10 +599,10 @@ in
args = [ "-o" "smtpd_tls_security_level=encrypt" ];
};
};
- description = ''
+ description = lib.mdDoc ''
An attribute set of service options, which correspond to the service
definitions usually done within the Postfix
- master.cf file.
+ {file}`master.cf` file.
'';
};
@@ -610,46 +610,46 @@ in
type = types.lines;
default = "";
example = "submission inet n - n - - smtpd";
- description = "Extra lines to append to the generated master.cf file.";
+ description = lib.mdDoc "Extra lines to append to the generated master.cf file.";
};
enableHeaderChecks = mkOption {
type = types.bool;
default = false;
example = true;
- description = "Whether to enable postfix header checks";
+ description = lib.mdDoc "Whether to enable postfix header checks";
};
headerChecks = mkOption {
type = types.listOf (types.submodule headerCheckOptions);
default = [];
example = [ { pattern = "/^X-Spam-Flag:/"; action = "REDIRECT spam@example.com"; } ];
- description = "Postfix header checks.";
+ description = lib.mdDoc "Postfix header checks.";
};
extraHeaderChecks = mkOption {
type = types.lines;
default = "";
example = "/^X-Spam-Flag:/ REDIRECT spam@example.com";
- description = "Extra lines to /etc/postfix/header_checks file.";
+ description = lib.mdDoc "Extra lines to /etc/postfix/header_checks file.";
};
aliasFiles = mkOption {
type = types.attrsOf types.path;
default = {};
- description = "Aliases' tables to be compiled and placed into /var/lib/postfix/conf.";
+ description = lib.mdDoc "Aliases' tables to be compiled and placed into /var/lib/postfix/conf.";
};
mapFiles = mkOption {
type = types.attrsOf types.path;
default = {};
- description = "Maps to be compiled and placed into /var/lib/postfix/conf.";
+ description = lib.mdDoc "Maps to be compiled and placed into /var/lib/postfix/conf.";
};
useSrs = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable sender rewriting scheme";
+ description = lib.mdDoc "Whether to enable sender rewriting scheme";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postfixadmin.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postfixadmin.nix
index 8adae3c1a01..27b5c60ec07 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postfixadmin.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postfixadmin.nix
@@ -25,13 +25,13 @@ in
hostName = mkOption {
type = types.str;
example = "postfixadmin.example.com";
- description = "Hostname to use for the nginx vhost";
+ description = lib.mdDoc "Hostname to use for the nginx vhost";
};
adminEmail = mkOption {
type = types.str;
example = "postmaster@example.com";
- description = ''
+ description = lib.mdDoc ''
Defines the Site Admin's email address.
This will be used to send emails from to create mailboxes and
from Send Email / Broadcast message pages.
@@ -40,9 +40,9 @@ in
setupPasswordFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Password file for the admin.
- Generate with php -r "echo password_hash('some password here', PASSWORD_DEFAULT);"
+ Generate with `php -r "echo password_hash('some password here', PASSWORD_DEFAULT);"`
'';
};
@@ -50,36 +50,36 @@ in
username = mkOption {
type = types.str;
default = "postfixadmin";
- description = ''
+ description = lib.mdDoc ''
Username for the postgresql connection.
- If database.host is set to localhost, a unix user and group of the same name will be created as well.
+ If `database.host` is set to `localhost`, a unix user and group of the same name will be created as well.
'';
};
host = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Host of the postgresql server. If this is not set to
- localhost, you have to create the
+ `localhost`, you have to create the
postgresql user and database yourself, with appropriate
permissions.
'';
};
passwordFile = mkOption {
type = types.path;
- description = "Password file for the postgresql connection. Must be readable by user nginx.";
+ description = lib.mdDoc "Password file for the postgresql connection. Must be readable by user `nginx`.";
};
dbname = mkOption {
type = types.str;
default = "postfixadmin";
- description = "Name of the postgresql database";
+ description = lib.mdDoc "Name of the postgresql database";
};
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Extra configuration for the postfixadmin instance, see postfixadmin's config.inc.php for available options.";
+ description = lib.mdDoc "Extra configuration for the postfixadmin instance, see postfixadmin's config.inc.php for available options.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postgrey.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postgrey.nix
index 7c206e3725e..301bc69e1ca 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postgrey.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postgrey.nix
@@ -59,7 +59,7 @@ in {
enable = mkOption {
type = bool;
default = false;
- description = "Whether to run the Postgrey daemon";
+ description = lib.mdDoc "Whether to run the Postgrey daemon";
};
socket = mkOption {
type = socket;
@@ -71,73 +71,73 @@ in {
addr = "127.0.0.1";
port = 10030;
};
- description = "Socket to bind to";
+ description = lib.mdDoc "Socket to bind to";
};
greylistText = mkOption {
type = str;
default = "Greylisted for %%s seconds";
- description = "Response status text for greylisted messages; use %%s for seconds left until greylisting is over and %%r for mail domain of recipient";
+ description = lib.mdDoc "Response status text for greylisted messages; use %%s for seconds left until greylisting is over and %%r for mail domain of recipient";
};
greylistAction = mkOption {
type = str;
default = "DEFER_IF_PERMIT";
- description = "Response status for greylisted messages (see access(5))";
+ description = lib.mdDoc "Response status for greylisted messages (see access(5))";
};
greylistHeader = mkOption {
type = str;
default = "X-Greylist: delayed %%t seconds by postgrey-%%v at %%h; %%d";
- description = "Prepend header to greylisted mails; use %%t for seconds delayed due to greylisting, %%v for the version of postgrey, %%d for the date, and %%h for the host";
+ description = lib.mdDoc "Prepend header to greylisted mails; use %%t for seconds delayed due to greylisting, %%v for the version of postgrey, %%d for the date, and %%h for the host";
};
delay = mkOption {
type = natural;
default = 300;
- description = "Greylist for N seconds";
+ description = lib.mdDoc "Greylist for N seconds";
};
maxAge = mkOption {
type = natural;
default = 35;
- description = "Delete entries from whitelist if they haven't been seen for N days";
+ description = lib.mdDoc "Delete entries from whitelist if they haven't been seen for N days";
};
retryWindow = mkOption {
type = either str natural;
default = 2;
example = "12h";
- description = "Allow N days for the first retry. Use string with appended 'h' to specify time in hours";
+ description = lib.mdDoc "Allow N days for the first retry. Use string with appended 'h' to specify time in hours";
};
lookupBySubnet = mkOption {
type = bool;
default = true;
- description = "Strip the last N bits from IP addresses, determined by IPv4CIDR and IPv6CIDR";
+ description = lib.mdDoc "Strip the last N bits from IP addresses, determined by IPv4CIDR and IPv6CIDR";
};
IPv4CIDR = mkOption {
type = natural;
default = 24;
- description = "Strip N bits from IPv4 addresses if lookupBySubnet is true";
+ description = lib.mdDoc "Strip N bits from IPv4 addresses if lookupBySubnet is true";
};
IPv6CIDR = mkOption {
type = natural;
default = 64;
- description = "Strip N bits from IPv6 addresses if lookupBySubnet is true";
+ description = lib.mdDoc "Strip N bits from IPv6 addresses if lookupBySubnet is true";
};
privacy = mkOption {
type = bool;
default = true;
- description = "Store data using one-way hash functions (SHA1)";
+ description = lib.mdDoc "Store data using one-way hash functions (SHA1)";
};
autoWhitelist = mkOption {
type = nullOr natural';
default = 5;
- description = "Whitelist clients after successful delivery of N messages";
+ description = lib.mdDoc "Whitelist clients after successful delivery of N messages";
};
whitelistClients = mkOption {
type = listOf path;
default = [];
- description = "Client address whitelist files (see postgrey(8))";
+ description = lib.mdDoc "Client address whitelist files (see postgrey(8))";
};
whitelistRecipients = mkOption {
type = listOf path;
default = [];
- description = "Recipient address whitelist files (see postgrey(8))";
+ description = lib.mdDoc "Recipient address whitelist files (see postgrey(8))";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postsrsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postsrsd.nix
index 2ebc675ab10..41301c8697d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postsrsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/postsrsd.nix
@@ -17,24 +17,24 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the postsrsd SRS server for Postfix.";
+ description = lib.mdDoc "Whether to enable the postsrsd SRS server for Postfix.";
};
secretsFile = mkOption {
type = types.path;
default = "/var/lib/postsrsd/postsrsd.secret";
- description = "Secret keys used for signing and verification";
+ description = lib.mdDoc "Secret keys used for signing and verification";
};
domain = mkOption {
type = types.str;
- description = "Domain name for rewrite";
+ description = lib.mdDoc "Domain name for rewrite";
};
separator = mkOption {
type = types.enum ["-" "=" "+"];
default = "=";
- description = "First separator character in generated addresses";
+ description = lib.mdDoc "First separator character in generated addresses";
};
# bindAddress = mkOption { # uncomment once 1.5 is released
@@ -46,37 +46,37 @@ in {
forwardPort = mkOption {
type = types.int;
default = 10001;
- description = "Port for the forward SRS lookup";
+ description = lib.mdDoc "Port for the forward SRS lookup";
};
reversePort = mkOption {
type = types.int;
default = 10002;
- description = "Port for the reverse SRS lookup";
+ description = lib.mdDoc "Port for the reverse SRS lookup";
};
timeout = mkOption {
type = types.int;
default = 1800;
- description = "Timeout for idle client connections in seconds";
+ description = lib.mdDoc "Timeout for idle client connections in seconds";
};
excludeDomains = mkOption {
type = types.listOf types.str;
default = [];
- description = "Origin domains to exclude from rewriting in addition to primary domain";
+ description = lib.mdDoc "Origin domains to exclude from rewriting in addition to primary domain";
};
user = mkOption {
type = types.str;
default = "postsrsd";
- description = "User for the daemon";
+ description = lib.mdDoc "User for the daemon";
};
group = mkOption {
type = types.str;
default = "postsrsd";
- description = "Group for the daemon";
+ description = lib.mdDoc "Group for the daemon";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/public-inbox.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/public-inbox.nix
index 0f9bc4ef226..bb835881ba0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/public-inbox.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/public-inbox.nix
@@ -150,19 +150,19 @@ in
type = types.package;
default = pkgs.public-inbox;
defaultText = literalExpression "pkgs.public-inbox";
- description = "public-inbox package to use.";
+ description = lib.mdDoc "public-inbox package to use.";
};
path = mkOption {
type = with types; listOf package;
default = [];
example = literalExpression "with pkgs; [ spamassassin ]";
- description = ''
+ description = lib.mdDoc ''
Additional packages to place in the path of public-inbox-mda,
public-inbox-watch, etc.
'';
};
inboxes = mkOption {
- description = ''
+ description = lib.mdDoc ''
Inboxes to configure, where attribute names are inbox names.
'';
default = {};
@@ -171,29 +171,29 @@ in
options.inboxdir = mkOption {
type = types.str;
default = "${stateDir}/inboxes/${name}";
- description = "The absolute path to the directory which hosts the public-inbox.";
+ description = lib.mdDoc "The absolute path to the directory which hosts the public-inbox.";
};
options.address = mkOption {
type = with types; listOf str;
example = "example-discuss@example.org";
- description = "The email addresses of the public-inbox.";
+ description = lib.mdDoc "The email addresses of the public-inbox.";
};
options.url = mkOption {
type = with types; nullOr str;
default = null;
example = "https://example.org/lists/example-discuss";
- description = "URL where this inbox can be accessed over HTTP.";
+ description = lib.mdDoc "URL where this inbox can be accessed over HTTP.";
};
options.description = mkOption {
type = types.str;
example = "user/dev discussion of public-inbox itself";
- description = "User-visible description for the repository.";
+ description = lib.mdDoc "User-visible description for the repository.";
apply = pkgs.writeText "public-inbox-description-${name}";
};
options.newsgroup = mkOption {
type = with types; nullOr str;
default = null;
- description = "NNTP group name for the inbox.";
+ description = lib.mdDoc "NNTP group name for the inbox.";
};
options.watch = mkOption {
type = with types; listOf str;
@@ -215,7 +215,7 @@ in
description = "list of coderepo names";
};
default = [];
- description = "Nicknames of a 'coderepo' section associated with the inbox.";
+ description = lib.mdDoc "Nicknames of a 'coderepo' section associated with the inbox.";
};
}));
};
@@ -228,7 +228,7 @@ in
type = with types; listOf str;
default = [ "/" ];
example = [ "/lists/archives" ];
- description = ''
+ description = lib.mdDoc ''
Root paths or URLs that public-inbox will be served on.
If domain parts are present, only requests to those
domains will be accepted.
@@ -264,35 +264,35 @@ in
type = with types; nullOr path;
default = "${cfg.package.sa_config}/user/.spamassassin/user_prefs";
defaultText = literalExpression "\${cfg.package.sa_config}/user/.spamassassin/user_prefs";
- description = "SpamAssassin configuration specific to public-inbox.";
+ description = lib.mdDoc "SpamAssassin configuration specific to public-inbox.";
};
settings = mkOption {
- description = ''
- Settings for the public-inbox config file.
+ description = lib.mdDoc ''
+ Settings for the [public-inbox config file](https://public-inbox.org/public-inbox-config.html).
'';
default = {};
type = types.submodule {
freeformType = gitIni.type;
options.publicinbox = mkOption {
default = {};
- description = "public inboxes";
+ description = lib.mdDoc "public inboxes";
type = types.submodule {
freeformType = with types; /*inbox name*/attrsOf (/*inbox option name*/attrsOf /*inbox option value*/iniAtom);
options.css = mkOption {
type = with types; listOf str;
default = [];
- description = "The local path name of a CSS file for the PSGI web interface.";
+ description = lib.mdDoc "The local path name of a CSS file for the PSGI web interface.";
};
options.nntpserver = mkOption {
type = with types; listOf str;
default = [];
example = [ "nntp://news.public-inbox.org" "nntps://news.public-inbox.org" ];
- description = "NNTP URLs to this public-inbox instance";
+ description = lib.mdDoc "NNTP URLs to this public-inbox instance";
};
options.wwwlisting = mkOption {
type = with types; enum [ "all" "404" "match=domain" ];
default = "404";
- description = ''
+ description = lib.mdDoc ''
Controls which lists (if any) are listed for when the root
public-inbox URL is accessed over HTTP.
'';
@@ -319,23 +319,23 @@ in
type = with types; nullOr str;
default = null;
example = "maildir:/path/to/spam";
- description = ''
+ description = lib.mdDoc ''
If set, mail in this maildir will be trained as spam and
deleted from all watched inboxes
'';
};
options.coderepo = mkOption {
default = {};
- description = "code repositories";
+ description = lib.mdDoc "code repositories";
type = types.attrsOf (types.submodule {
freeformType = types.attrsOf iniAtom;
options.cgitUrl = mkOption {
type = types.str;
- description = "URL of a cgit instance";
+ description = lib.mdDoc "URL of a cgit instance";
};
options.dir = mkOption {
type = types.str;
- description = "Path to a git repository";
+ description = lib.mdDoc "Path to a git repository";
};
});
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/roundcube.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/roundcube.nix
index 1dd393da882..3b6c06d19e8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/roundcube.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/roundcube.nix
@@ -26,7 +26,7 @@ in
hostName = mkOption {
type = types.str;
example = "webmail.example.com";
- description = "Hostname to use for the nginx vhost";
+ description = lib.mdDoc "Hostname to use for the nginx vhost";
};
package = mkOption {
@@ -38,7 +38,7 @@ in
roundcube.withPlugins (plugins: [ plugins.persistent_login ])
'';
- description = ''
+ description = lib.mdDoc ''
The package which contains roundcube's sources. Can be overriden to create
an environment which contains roundcube and third-party plugins.
'';
@@ -48,41 +48,41 @@ in
username = mkOption {
type = types.str;
default = "roundcube";
- description = ''
+ description = lib.mdDoc ''
Username for the postgresql connection.
- If database.host is set to localhost, a unix user and group of the same name will be created as well.
+ If `database.host` is set to `localhost`, a unix user and group of the same name will be created as well.
'';
};
host = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Host of the postgresql server. If this is not set to
- localhost, you have to create the
+ `localhost`, you have to create the
postgresql user and database yourself, with appropriate
permissions.
'';
};
password = mkOption {
type = types.str;
- description = "Password for the postgresql connection. Do not use: the password will be stored world readable in the store; use passwordFile instead.";
+ description = lib.mdDoc "Password for the postgresql connection. Do not use: the password will be stored world readable in the store; use `passwordFile` instead.";
default = "";
};
passwordFile = mkOption {
type = types.str;
- description = "Password file for the postgresql connection. Must be readable by user nginx. Ignored if database.host is set to localhost, as peer authentication will be used.";
+ description = lib.mdDoc "Password file for the postgresql connection. Must be readable by user `nginx`. Ignored if `database.host` is set to `localhost`, as peer authentication will be used.";
};
dbname = mkOption {
type = types.str;
default = "roundcube";
- description = "Name of the postgresql database";
+ description = lib.mdDoc "Name of the postgresql database";
};
};
plugins = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of roundcube plugins to enable. Currently, only those directly shipped with Roundcube are supported.
'';
};
@@ -91,7 +91,7 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "with pkgs.aspellDicts; [ en fr de ]";
- description = ''
+ description = lib.mdDoc ''
List of aspell dictionnaries for spell checking. If empty, spell checking is disabled.
'';
};
@@ -111,7 +111,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Extra configuration for roundcube webmail instance";
+ description = lib.mdDoc "Extra configuration for roundcube webmail instance";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/rspamd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/rspamd.nix
index a570e137a55..ed4d7a50441 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/rspamd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/rspamd.nix
@@ -52,21 +52,21 @@ let
enable = mkOption {
type = types.nullOr types.bool;
default = null;
- description = "Whether to run the rspamd worker.";
+ description = lib.mdDoc "Whether to run the rspamd worker.";
};
name = mkOption {
type = types.nullOr types.str;
default = name;
- description = "Name of the worker";
+ description = lib.mdDoc "Name of the worker";
};
type = mkOption {
type = types.nullOr (types.enum [
"normal" "controller" "fuzzy" "rspamd_proxy" "lua" "proxy"
]);
- description = ''
- The type of this worker. The type proxy is
+ description = lib.mdDoc ''
+ The type of this worker. The type `proxy` is
deprecated and only kept for backwards compatibility and should be
- replaced with rspamd_proxy.
+ replaced with `rspamd_proxy`.
'';
apply = let
from = "services.rspamd.workers.\"${name}\".type";
@@ -77,7 +77,7 @@ let
bindSockets = mkOption {
type = types.listOf (types.either types.str (types.submodule bindSocketOpts));
default = [];
- description = ''
+ description = lib.mdDoc ''
List of sockets to listen, in format acceptable by rspamd
'';
example = [{
@@ -94,21 +94,21 @@ let
count = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Number of worker instances to run
'';
};
includes = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of files to include in configuration
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Additional entries to put verbatim into worker section of rspamd config file.";
+ description = lib.mdDoc "Additional entries to put verbatim into worker section of rspamd config file.";
};
};
config = mkIf (name == "normal" || name == "controller" || name == "fuzzy" || name == "rspamd_proxy") {
@@ -186,7 +186,7 @@ let
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether this file ${prefix} should be generated. This
option allows specific ${prefix} files to be disabled.
'';
@@ -195,12 +195,12 @@ let
text = mkOption {
default = null;
type = types.nullOr types.lines;
- description = "Text of the file.";
+ description = lib.mdDoc "Text of the file.";
};
source = mkOption {
type = types.path;
- description = "Path of the source file.";
+ description = lib.mdDoc "Path of the source file.";
};
};
config = {
@@ -232,14 +232,14 @@ in
debug = mkOption {
type = types.bool;
default = false;
- description = "Whether to run the rspamd daemon in debug mode.";
+ description = lib.mdDoc "Whether to run the rspamd daemon in debug mode.";
};
locals = mkOption {
type = with types; attrsOf (submodule (configFileModule "locals"));
default = {};
- description = ''
- Local configuration files, written into /etc/rspamd/local.d/{name}.
+ description = lib.mdDoc ''
+ Local configuration files, written into {file}`/etc/rspamd/local.d/{name}`.
'';
example = literalExpression ''
{ "redis.conf".source = "/nix/store/.../etc/dir/redis.conf";
@@ -251,8 +251,8 @@ in
overrides = mkOption {
type = with types; attrsOf (submodule (configFileModule "overrides"));
default = {};
- description = ''
- Overridden configuration files, written into /etc/rspamd/override.d/{name}.
+ description = lib.mdDoc ''
+ Overridden configuration files, written into {file}`/etc/rspamd/override.d/{name}`.
'';
example = literalExpression ''
{ "redis.conf".source = "/nix/store/.../etc/dir/redis.conf";
@@ -264,15 +264,15 @@ in
localLuaRules = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
- Path of file to link to /etc/rspamd/rspamd.local.lua for local
+ description = lib.mdDoc ''
+ Path of file to link to {file}`/etc/rspamd/rspamd.local.lua` for local
rules written in Lua
'';
};
workers = mkOption {
type = with types; attrsOf (submodule workerOpts);
- description = ''
+ description = lib.mdDoc ''
Attribute set of workers to start.
'';
default = {
@@ -301,7 +301,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add at the end of the rspamd configuration
file.
'';
@@ -310,7 +310,7 @@ in
user = mkOption {
type = types.str;
default = "rspamd";
- description = ''
+ description = lib.mdDoc ''
User to use when no root privileges are required.
'';
};
@@ -318,7 +318,7 @@ in
group = mkOption {
type = types.str;
default = "rspamd";
- description = ''
+ description = lib.mdDoc ''
Group to use when no root privileges are required.
'';
};
@@ -327,12 +327,12 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Add rspamd milter to postfix main.conf";
+ description = lib.mdDoc "Add rspamd milter to postfix main.conf";
};
config = mkOption {
type = with types; attrsOf (oneOf [ bool str (listOf str) ]);
- description = ''
+ description = lib.mdDoc ''
Addon to postfix configuration
'';
default = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/rss2email.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/rss2email.nix
index 7f8d2adac64..7b74db1e711 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/rss2email.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/rss2email.nix
@@ -15,57 +15,57 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable rss2email.";
+ description = lib.mdDoc "Whether to enable rss2email.";
};
to = mkOption {
type = types.str;
- description = "Mail address to which to send emails";
+ description = lib.mdDoc "Mail address to which to send emails";
};
interval = mkOption {
type = types.str;
default = "12h";
- description = "How often to check the feeds, in systemd interval format";
+ description = lib.mdDoc "How often to check the feeds, in systemd interval format";
};
config = mkOption {
type = with types; attrsOf (oneOf [ str int bool ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
The configuration to give rss2email.
- Default will use system-wide sendmail to send the
+ Default will use system-wide `sendmail` to send the
email. This is rss2email's default when running
- r2e new.
+ `r2e new`.
This set contains key-value associations that will be set in the
- [DEFAULT] block along with the
- to parameter.
+ `[DEFAULT]` block along with the
+ `to` parameter.
- See man r2e for more information on which
+ See `man r2e` for more information on which
parameters are accepted.
'';
};
feeds = mkOption {
- description = "The feeds to watch.";
+ description = lib.mdDoc "The feeds to watch.";
type = types.attrsOf (types.submodule {
options = {
url = mkOption {
type = types.str;
- description = "The URL at which to fetch the feed.";
+ description = lib.mdDoc "The URL at which to fetch the feed.";
};
to = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Email address to which to send feed items.
- If null, this will not be set in the
+ If `null`, this will not be set in the
configuration file, and rss2email will make it default to
- rss2email.to.
+ `rss2email.to`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/schleuder.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/schleuder.nix
index 7ba15f1070b..80b37ac129d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/schleuder.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/schleuder.nix
@@ -21,7 +21,7 @@ in
enable = lib.mkEnableOption "Schleuder secure remailer";
enablePostfix = lib.mkEnableOption "automatic postfix integration" // { default = true; };
lists = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
List of list addresses that should be handled by Schleuder.
Note that this is only handled by the postfix integration, and
@@ -42,16 +42,16 @@ in
};
*/
settings = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Settings for schleuder.yml.
- Check the example configuration for possible values.
+ Check the [example configuration](https://0xacab.org/schleuder/schleuder/blob/master/etc/schleuder.yml) for possible values.
'';
type = lib.types.submodule {
freeformType = settingsFormat.type;
options.keyserver = lib.mkOption {
type = lib.types.str;
- description = ''
+ description = lib.mdDoc ''
Key server from which to fetch and update keys.
Note that NixOS uses a different default from upstream, since the upstream default sks-keyservers.net is deprecated.
@@ -62,15 +62,15 @@ in
default = { };
};
extraSettingsFile = lib.mkOption {
- description = "YAML file to merge into the schleuder config at runtime. This can be used for secrets such as API keys.";
+ description = lib.mdDoc "YAML file to merge into the schleuder config at runtime. This can be used for secrets such as API keys.";
type = lib.types.nullOr lib.types.path;
default = null;
};
listDefaults = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Default settings for lists (list-defaults.yml).
- Check the example configuration for possible values.
+ Check the [example configuration](https://0xacab.org/schleuder/schleuder/-/blob/master/etc/list-defaults.yml) for possible values.
'';
type = settingsFormat.type;
default = { };
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/spamassassin.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/spamassassin.nix
index 3b10d8d2909..153e3c00084 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/spamassassin.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/spamassassin.nix
@@ -17,7 +17,7 @@ in
debug = mkOption {
type = types.bool;
default = false;
- description = "Whether to run the SpamAssassin daemon in debug mode";
+ description = lib.mdDoc "Whether to run the SpamAssassin daemon in debug mode";
};
config = mkOption {
@@ -54,7 +54,7 @@ in
initPreConf = mkOption {
type = with types; either str path;
- description = "The SpamAssassin init.pre config.";
+ description = lib.mdDoc "The SpamAssassin init.pre config.";
apply = val: if builtins.isPath val then val else pkgs.writeText "init.pre" val;
default =
''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/sympa.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/sympa.nix
index f3578bef96e..1d46b090cd8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/sympa.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/mail/sympa.nix
@@ -96,7 +96,7 @@ in
listMasters = mkOption {
type = listOf str;
example = [ "postmaster@sympa.example.org" ];
- description = ''
+ description = lib.mdDoc ''
The list of the email addresses of the listmasters
(users authorized to perform global server commands).
'';
@@ -106,9 +106,9 @@ in
type = nullOr str;
default = null;
example = "lists.example.org";
- description = ''
- Main domain to be used in sympa.conf.
- If null, one of the is chosen for you.
+ description = lib.mdDoc ''
+ Main domain to be used in {file}`sympa.conf`.
+ If `null`, one of the {option}`services.sympa.domains` is chosen for you.
'';
};
@@ -119,8 +119,8 @@ in
type = nullOr str;
default = null;
example = "archive.example.org";
- description = ''
- Domain part of the web interface URL (no web interface for this domain if null).
+ description = lib.mdDoc ''
+ Domain part of the web interface URL (no web interface for this domain if `null`).
DNS record of type A (or AAAA or CNAME) has to exist with this value.
'';
};
@@ -128,7 +128,7 @@ in
type = str;
default = "/";
example = "/sympa";
- description = "URL path part of the web interface.";
+ description = lib.mdDoc "URL path part of the web interface.";
};
settings = mkOption {
type = attrsOf (oneOf [ str int bool ]);
@@ -149,7 +149,7 @@ in
};
}));
- description = ''
+ description = lib.mdDoc ''
Email domains handled by this instance. There have
to be MX records for keys of this attribute set.
'';
@@ -172,36 +172,36 @@ in
type = enum [ "SQLite" "PostgreSQL" "MySQL" ];
default = "SQLite";
example = "MySQL";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Database host address.
- For MySQL, use localhost to connect using Unix domain socket.
+ For MySQL, use `localhost` to connect using Unix domain socket.
- For PostgreSQL, use path to directory (e.g. /run/postgresql)
+ For PostgreSQL, use path to directory (e.g. {file}`/run/postgresql`)
to connect using Unix domain socket located in this directory.
- Use null to fall back on Sympa default, or when using
- .
+ Use `null` to fall back on Sympa default, or when using
+ {option}`services.sympa.database.createLocally`.
'';
};
port = mkOption {
type = nullOr port;
default = null;
- description = "Database port. Use null for default port.";
+ description = lib.mdDoc "Database port. Use `null` for default port.";
};
name = mkOption {
type = str;
default = if cfg.database.type == "SQLite" then "${dataDir}/sympa.sqlite" else "sympa";
defaultText = literalExpression ''if database.type == "SQLite" then "${dataDir}/sympa.sqlite" else "sympa"'';
- description = ''
+ description = lib.mdDoc ''
Database name. When using SQLite this must be an absolute
path to the database file.
'';
@@ -210,22 +210,22 @@ in
user = mkOption {
type = nullOr str;
default = user;
- description = "Database user. The system user name is used as a default.";
+ description = lib.mdDoc "Database user. The system user name is used as a default.";
};
passwordFile = mkOption {
type = nullOr path;
default = null;
example = "/run/keys/sympa-dbpassword";
- description = ''
- A file containing the password for .
+ description = lib.mdDoc ''
+ A file containing the password for {option}`services.sympa.database.user`.
'';
};
createLocally = mkOption {
type = bool;
default = true;
- description = "Whether to create a local database automatically.";
+ description = lib.mdDoc "Whether to create a local database automatically.";
};
};
@@ -233,7 +233,7 @@ in
enable = mkOption {
type = bool;
default = true;
- description = "Whether to enable Sympa web interface.";
+ description = lib.mdDoc "Whether to enable Sympa web interface.";
};
server = mkOption {
@@ -249,7 +249,7 @@ in
https = mkOption {
type = bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to use HTTPS. When nginx integration is enabled, this option forces SSL and enables ACME.
Please note that Sympa web interface always uses https links even when this option is disabled.
'';
@@ -258,7 +258,7 @@ in
fcgiProcs = mkOption {
type = ints.positive;
default = 2;
- description = "Number of FastCGI processes to fork.";
+ description = lib.mdDoc "Number of FastCGI processes to fork.";
};
};
@@ -266,12 +266,12 @@ in
type = mkOption {
type = enum [ "postfix" "none" ];
default = "postfix";
- description = ''
- Mail transfer agent (MTA) integration. Use none if you want to configure it yourself.
+ description = lib.mdDoc ''
+ Mail transfer agent (MTA) integration. Use `none` if you want to configure it yourself.
- The postfix integration sets up local Postfix instance that will pass incoming
+ The `postfix` integration sets up local Postfix instance that will pass incoming
messages from configured domains to Sympa. You still need to configure at least outgoing message
- handling using e.g. .
+ handling using e.g. {option}`services.postfix.relayHost`.
'';
};
};
@@ -298,16 +298,16 @@ in
enable = mkOption {
type = bool;
default = true;
- description = "Whether this file should be generated. This option allows specific files to be disabled.";
+ description = lib.mdDoc "Whether this file should be generated. This option allows specific files to be disabled.";
};
text = mkOption {
default = null;
type = nullOr lines;
- description = "Text of the file.";
+ description = lib.mdDoc "Text of the file.";
};
source = mkOption {
type = path;
- description = "Path of the source file.";
+ description = lib.mdDoc "Path of the source file.";
};
};
@@ -321,7 +321,7 @@ in
};
}
'';
- description = "Set of files to be linked in ${dataDir}.";
+ description = lib.mdDoc "Set of files to be linked in {file}`${dataDir}`.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/appservice-discord.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/appservice-discord.nix
index 8a8c7f41e3c..fa55b3c5de7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/appservice-discord.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/appservice-discord.nix
@@ -64,11 +64,11 @@ in {
environmentFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing environment variables to be passed to the matrix-appservice-discord service,
in which secret tokens can be specified securely by defining values for
- APPSERVICE_DISCORD_AUTH_CLIENT_I_D and
- APPSERVICE_DISCORD_AUTH_BOT_TOKEN.
+ `APPSERVICE_DISCORD_AUTH_CLIENT_I_D` and
+ `APPSERVICE_DISCORD_AUTH_BOT_TOKEN`.
'';
};
@@ -76,7 +76,7 @@ in {
type = types.str;
default = "http://localhost:${toString cfg.port}";
defaultText = literalExpression ''"http://localhost:''${toString config.${opt.port}}"'';
- description = ''
+ description = lib.mdDoc ''
The URL where the application service is listening for HS requests.
'';
};
@@ -84,7 +84,7 @@ in {
port = mkOption {
type = types.port;
default = 9005; # from https://github.com/Half-Shot/matrix-appservice-discord/blob/master/package.json#L11
- description = ''
+ description = lib.mdDoc ''
Port number on which the bridge should listen for internal communication with the Matrix homeserver.
'';
};
@@ -92,7 +92,7 @@ in {
localpart = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The user_id localpart to assign to the AS.
'';
};
@@ -103,7 +103,7 @@ in {
defaultText = literalExpression ''
optional config.services.matrix-synapse.enable "matrix-synapse.service"
'';
- description = ''
+ description = lib.mdDoc ''
List of Systemd services to require and wait for when starting the application service,
such as the Matrix homeserver if it's running on the same host.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/appservice-irc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/appservice-irc.nix
index ff938527ed5..b24edba96d9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/appservice-irc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/appservice-irc.nix
@@ -32,26 +32,26 @@ in {
port = mkOption {
type = port;
- description = "The port to listen on";
+ description = lib.mdDoc "The port to listen on";
default = 8009;
};
needBindingCap = mkOption {
type = bool;
- description = "Whether the daemon needs to bind to ports below 1024 (e.g. for the ident service)";
+ description = lib.mdDoc "Whether the daemon needs to bind to ports below 1024 (e.g. for the ident service)";
default = false;
};
passwordEncryptionKeyLength = mkOption {
type = ints.unsigned;
- description = "Length of the key to encrypt IRC passwords with";
+ description = lib.mdDoc "Length of the key to encrypt IRC passwords with";
default = 4096;
example = 8192;
};
registrationUrl = mkOption {
type = str;
- description = ''
+ description = lib.mdDoc ''
The URL where the application service is listening for homeserver requests,
from the Matrix homeserver perspective.
'';
@@ -60,14 +60,14 @@ in {
localpart = mkOption {
type = str;
- description = "The user_id localpart to assign to the appservice";
+ description = lib.mdDoc "The user_id localpart to assign to the appservice";
default = "appservice-irc";
};
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Configuration for the appservice, see
-
+
for supported values
'';
default = {};
@@ -76,7 +76,7 @@ in {
options = {
homeserver = mkOption {
- description = "Homeserver configuration";
+ description = lib.mdDoc "Homeserver configuration";
default = {};
type = submodule {
freeformType = jsonType;
@@ -84,12 +84,12 @@ in {
options = {
url = mkOption {
type = str;
- description = "The URL to the home server for client-server API calls";
+ description = lib.mdDoc "The URL to the home server for client-server API calls";
};
domain = mkOption {
type = str;
- description = ''
+ description = lib.mdDoc ''
The 'domain' part for user IDs on this home server. Usually
(but not always) is the "domain name" part of the homeserver URL.
'';
@@ -100,21 +100,21 @@ in {
database = mkOption {
default = {};
- description = "Configuration for the database";
+ description = lib.mdDoc "Configuration for the database";
type = submodule {
freeformType = jsonType;
options = {
engine = mkOption {
type = str;
- description = "Which database engine to use";
+ description = lib.mdDoc "Which database engine to use";
default = "nedb";
example = "postgres";
};
connectionString = mkOption {
type = str;
- description = "The database connection string";
+ description = lib.mdDoc "The database connection string";
default = "nedb://var/lib/matrix-appservice-irc/data";
example = "postgres://username:password@host:port/databasename";
};
@@ -124,14 +124,14 @@ in {
ircService = mkOption {
default = {};
- description = "IRC bridge configuration";
+ description = lib.mdDoc "IRC bridge configuration";
type = submodule {
freeformType = jsonType;
options = {
passwordEncryptionKeyPath = mkOption {
type = str;
- description = ''
+ description = lib.mdDoc ''
Location of the key with which IRC passwords are encrypted
for storage. Will be generated on first run if not present.
'';
@@ -140,7 +140,7 @@ in {
servers = mkOption {
type = submodule { freeformType = jsonType; };
- description = "IRC servers to connect to";
+ description = lib.mdDoc "IRC servers to connect to";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/conduit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/conduit.nix
index 108f64de7aa..29040c38500 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/conduit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/conduit.nix
@@ -15,7 +15,7 @@ in
extraEnvironment = mkOption {
type = types.attrsOf types.str;
- description = "Extra Environment variables to pass to the conduit server.";
+ description = lib.mdDoc "Extra Environment variables to pass to the conduit server.";
default = {};
example = { RUST_BACKTRACE="yes"; };
};
@@ -25,7 +25,7 @@ in
default = pkgs.matrix-conduit;
defaultText = "pkgs.matrix-conduit";
example = "pkgs.matrix-conduit";
- description = ''
+ description = lib.mdDoc ''
Package of the conduit matrix server to use.
'';
};
@@ -37,50 +37,50 @@ in
global.server_name = mkOption {
type = types.str;
example = "example.com";
- description = "The server_name is the name of this server. It is used as a suffix for user # and room ids.";
+ description = lib.mdDoc "The server_name is the name of this server. It is used as a suffix for user # and room ids.";
};
global.port = mkOption {
type = types.port;
default = 6167;
- description = "The port Conduit will be running on. You need to set up a reverse proxy in your web server (e.g. apache or nginx), so all requests to /_matrix on port 443 and 8448 will be forwarded to the Conduit instance running on this port";
+ description = lib.mdDoc "The port Conduit will be running on. You need to set up a reverse proxy in your web server (e.g. apache or nginx), so all requests to /_matrix on port 443 and 8448 will be forwarded to the Conduit instance running on this port";
};
global.max_request_size = mkOption {
type = types.ints.positive;
default = 20000000;
- description = "Max request size in bytes. Don't forget to also change it in the proxy.";
+ description = lib.mdDoc "Max request size in bytes. Don't forget to also change it in the proxy.";
};
global.allow_registration = mkOption {
type = types.bool;
default = false;
- description = "Whether new users can register on this server.";
+ description = lib.mdDoc "Whether new users can register on this server.";
};
global.allow_encryption = mkOption {
type = types.bool;
default = true;
- description = "Whether new encrypted rooms can be created. Note: existing rooms will continue to work.";
+ description = lib.mdDoc "Whether new encrypted rooms can be created. Note: existing rooms will continue to work.";
};
global.allow_federation = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether this server federates with other servers.
'';
};
global.trusted_servers = mkOption {
type = types.listOf types.str;
default = [ "matrix.org" ];
- description = "Servers trusted with signing server keys.";
+ description = lib.mdDoc "Servers trusted with signing server keys.";
};
global.address = mkOption {
type = types.str;
default = "::1";
- description = "Address to listen on for connections by the reverse proxy/tls terminator.";
+ description = lib.mdDoc "Address to listen on for connections by the reverse proxy/tls terminator.";
};
global.database_path = mkOption {
type = types.str;
default = "/var/lib/matrix-conduit/";
readOnly = true;
- description = ''
+ description = lib.mdDoc ''
Path to the conduit database, the directory where conduit will save its data.
Note that due to using the DynamicUser feature of systemd, this value should not be changed
and is set to be read only.
@@ -90,7 +90,7 @@ in
type = types.enum [ "sqlite" "rocksdb" ];
default = "sqlite";
example = "rocksdb";
- description = ''
+ description = lib.mdDoc ''
The database backend for the service. Switching it on an existing
instance will require manual migration of data.
'';
@@ -98,9 +98,9 @@ in
};
};
default = {};
- description = ''
+ description = lib.mdDoc ''
Generates the conduit.toml configuration file. Refer to
-
+
for details on supported values.
Note that database_path can not be edited because the service's reliance on systemd StateDir.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/dendrite.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/dendrite.nix
index 54052084b33..4275950ec78 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/dendrite.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/dendrite.nix
@@ -11,14 +11,14 @@ in
httpPort = lib.mkOption {
type = lib.types.nullOr lib.types.port;
default = 8008;
- description = ''
+ description = lib.mdDoc ''
The port to listen for HTTP requests on.
'';
};
httpsPort = lib.mkOption {
type = lib.types.nullOr lib.types.port;
default = null;
- description = ''
+ description = lib.mdDoc ''
The port to listen for HTTPS requests on.
'';
};
@@ -78,11 +78,11 @@ in
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "private_key:/path/to/my_private_key" ];
- description = ''
+ description = lib.mdDoc ''
This can be used to pass secrets to the systemd service without adding them to
the nix store.
To use the example setting, see the example of
- .
+ {option}`services.dendrite.settings.global.private_key`.
See the LoadCredential section of systemd.exec manual for more information.
'';
};
@@ -93,7 +93,7 @@ in
server_name = lib.mkOption {
type = lib.types.str;
example = "example.com";
- description = ''
+ description = lib.mdDoc ''
The domain name of the server, with optional explicit port.
This is used by remote servers to connect to this server.
This is also the last part of your UserID.
@@ -117,7 +117,7 @@ in
type = lib.types.listOf lib.types.str;
example = [ "matrix.org" ];
default = [ "matrix.org" "vector.im" ];
- description = ''
+ description = lib.mdDoc ''
Lists of domains that the server will trust as identity
servers to verify third party identifiers such as phone
numbers and email addresses
@@ -128,7 +128,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:federationapi.db";
- description = ''
+ description = lib.mdDoc ''
Database for the Appservice API.
'';
};
@@ -137,7 +137,7 @@ in
registration_disabled = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to disable user registration to the server
without the shared secret.
'';
@@ -147,7 +147,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:federationapi.db";
- description = ''
+ description = lib.mdDoc ''
Database for the Federation API.
'';
};
@@ -156,7 +156,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:keyserver.db";
- description = ''
+ description = lib.mdDoc ''
Database for the Key Server (for end-to-end encryption).
'';
};
@@ -166,7 +166,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:mediaapi.db";
- description = ''
+ description = lib.mdDoc ''
Database for the Media API.
'';
};
@@ -174,7 +174,7 @@ in
base_path = lib.mkOption {
type = lib.types.str;
default = "${workingDir}/media_store";
- description = ''
+ description = lib.mdDoc ''
Storage path for uploaded media.
'';
};
@@ -183,7 +183,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:roomserver.db";
- description = ''
+ description = lib.mdDoc ''
Database for the Room Server.
'';
};
@@ -192,7 +192,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:syncserver.db";
- description = ''
+ description = lib.mdDoc ''
Database for the Sync API.
'';
};
@@ -202,7 +202,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:userapi_accounts.db";
- description = ''
+ description = lib.mdDoc ''
Database for the User API, accounts.
'';
};
@@ -211,7 +211,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:userapi_devices.db";
- description = ''
+ description = lib.mdDoc ''
Database for the User API, devices.
'';
};
@@ -222,7 +222,7 @@ in
connection_string = lib.mkOption {
type = lib.types.str;
default = "file:mscs.db";
- description = ''
+ description = lib.mdDoc ''
Database for exerimental MSC's.
'';
};
@@ -230,16 +230,16 @@ in
};
};
default = { };
- description = ''
+ description = lib.mdDoc ''
Configuration for dendrite, see:
-
+
for available options with which to populate settings.
'';
};
openRegistration = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow open registration without secondary verification (reCAPTCHA).
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/mautrix-facebook.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/mautrix-facebook.nix
index e046c791ac0..55067abaa52 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/mautrix-facebook.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/mautrix-facebook.nix
@@ -91,28 +91,28 @@ in {
environmentFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing environment variables to be passed to the mautrix-telegram service.
- Any config variable can be overridden by setting MAUTRIX_FACEBOOK_SOME_KEY to override the some.key variable.
+ Any config variable can be overridden by setting `MAUTRIX_FACEBOOK_SOME_KEY` to override the `some.key` variable.
'';
};
configurePostgresql = mkOption {
type = types.bool;
default = true;
- description = ''
- Enable PostgreSQL and create a user and database for mautrix-facebook. The default settings reference this database, if you disable this option you must provide a database URL.
+ description = lib.mdDoc ''
+ Enable PostgreSQL and create a user and database for mautrix-facebook. The default `settings` reference this database, if you disable this option you must provide a database URL.
'';
};
registrationData = mkOption {
type = types.attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
Output data for appservice registration. Simply make any desired changes and serialize to JSON. Note that this data contains secrets so think twice before putting it into the nix store.
- Currently as_token and hs_token need to be added as they are not known to this module.
+ Currently `as_token` and `hs_token` need to be added as they are not known to this module.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/mautrix-telegram.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/mautrix-telegram.nix
index 794c4dd9ddc..c6527be5263 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/mautrix-telegram.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/mautrix-telegram.nix
@@ -94,14 +94,14 @@ in {
environmentFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing environment variables to be passed to the mautrix-telegram service,
in which secret tokens can be specified securely by defining values for
- MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN,
- MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN,
- MAUTRIX_TELEGRAM_TELEGRAM_API_ID,
- MAUTRIX_TELEGRAM_TELEGRAM_API_HASH and optionally
- MAUTRIX_TELEGRAM_TELEGRAM_BOT_TOKEN.
+ `MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN`,
+ `MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN`,
+ `MAUTRIX_TELEGRAM_TELEGRAM_API_ID`,
+ `MAUTRIX_TELEGRAM_TELEGRAM_API_HASH` and optionally
+ `MAUTRIX_TELEGRAM_TELEGRAM_BOT_TOKEN`.
'';
};
@@ -111,7 +111,7 @@ in {
defaultText = literalExpression ''
optional config.services.matrix-synapse.enable "matrix-synapse.service"
'';
- description = ''
+ description = lib.mdDoc ''
List of Systemd services to require and wait for when starting the application service.
'';
};
@@ -125,6 +125,7 @@ in {
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ] ++ cfg.serviceDependencies;
after = [ "network-online.target" ] ++ cfg.serviceDependencies;
+ path = [ pkgs.lottieconverter ];
preStart = ''
# Not all secrets can be passed as environment variable (yet)
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/synapse.xml b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/synapse.xml
index cf33957d58e..65bc53d33ac 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/synapse.xml
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/matrix/synapse.xml
@@ -33,21 +33,26 @@
installation instructions of Synapse .
-{ pkgs, lib, ... }:
+{ pkgs, lib, config, ... }:
let
- fqdn =
- let
- join = hostName: domain: hostName + lib.optionalString (domain != null) ".${domain}";
- in join config.networking.hostName config.networking.domain;
-in {
- networking = {
- hostName = "myhostname";
- domain = "example.org";
+ fqdn = "${config.networking.hostName}.${config.networking.domain}";
+ clientConfig = {
+ "m.homeserver".base_url = "https://${fqdn}";
+ "m.identity_server" = {};
};
- networking.firewall.allowedTCPPorts = [ 80 443 ];
+ serverConfig."m.server" = "${config.services.matrix-synapse.settings.server_name}:443";
+ mkWellKnown = data: ''
+ add_header Content-Type application/json;
+ add_header Access-Control-Allow-Origin *;
+ return 200 '${builtins.toJSON data}';
+ '';
+in {
+ = "myhostname";
+ = "example.org";
+ = [ 80 443 ];
- services.postgresql.enable = true;
- services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" ''
+ = true;
+ = pkgs.writeText "synapse-init.sql" ''
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
TEMPLATE template0
@@ -57,78 +62,41 @@ in {
services.nginx = {
enable = true;
- # only recommendedProxySettings and recommendedGzipSettings are strictly required,
- # but the rest make sense as well
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
-
virtualHosts = {
- # This host section can be placed on a different host than the rest,
- # i.e. to delegate from the host being accessible as ${config.networking.domain}
- # to another host actually running the Matrix homeserver.
- "${config.networking.domain}" = {
+ "${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
-
- locations."= /.well-known/matrix/server".extraConfig =
- let
- # use 443 instead of the default 8448 port to unite
- # the client-server and server-server port for simplicity
- server = { "m.server" = "${fqdn}:443"; };
- in ''
- add_header Content-Type application/json;
- return 200 '${builtins.toJSON server}';
- '';
- locations."= /.well-known/matrix/client".extraConfig =
- let
- client = {
- "m.homeserver" = { "base_url" = "https://${fqdn}"; };
- "m.identity_server" = { "base_url" = "https://vector.im"; };
- };
- # ACAO required to allow element-web on any URL to request this json file
- in ''
- add_header Content-Type application/json;
- add_header Access-Control-Allow-Origin *;
- return 200 '${builtins.toJSON client}';
- '';
+ locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
+ locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
};
-
- # Reverse proxy for Matrix client-server and server-server communication
- ${fqdn} = {
+ "${fqdn}" = {
enableACME = true;
forceSSL = true;
-
- # Or do a redirect instead of the 404, or whatever is appropriate for you.
- # But do not put a Matrix Web client here! See the Element web section below.
- locations."/".extraConfig = ''
+ locations."/".extraConfig = ''
return 404;
'';
-
- # forward all Matrix API calls to the synapse Matrix homeserver
- locations."/_matrix" = {
- proxyPass = "http://[::1]:8008"; # without a trailing /
- };
+ locations."/_matrix".proxyPass = "http://[::1]:8008";
+ locations."/_synapse/client".proxyPass = "http://[::1]:8008";
};
};
};
+
services.matrix-synapse = {
enable = true;
- server_name = config.networking.domain;
- listeners = [
- {
- port = 8008;
+ settings.server_name = config.networking.domain;
+ settings.listeners = [
+ { port = 8008;
bind_addresses = [ "::1" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [ {
- names = [ "client" ];
+ names = [ "client" "federation" ];
compress = true;
- } {
- names = [ "federation" ];
- compress = false;
} ];
}
];
@@ -136,20 +104,59 @@ in {
}
-
-
- If the A and AAAA DNS records on
- example.org do not point on the same host as the records
- for myhostname.example.org, you can easily move the
- /.well-known virtualHost section of the code to the host that
- is serving example.org, while the rest stays on
- myhostname.example.org with no other changes required.
- This pattern also allows to seamlessly move the homeserver from
- myhostname.example.org to
- myotherhost.example.org by only changing the
- /.well-known redirection target.
-
-
+
+
+
+ If the A and AAAA DNS records on
+ example.org do not point on the same host as the records
+ for myhostname.example.org, you can easily move the
+ /.well-known virtualHost section of the code to the host that
+ is serving example.org, while the rest stays on
+ myhostname.example.org with no other changes required.
+ This pattern also allows to seamlessly move the homeserver from
+ myhostname.example.org to
+ myotherhost.example.org by only changing the
+ /.well-known redirection target.
+
+
+
+
+ This section is not needed if the server_name
+ of matrix-synapse is equal to the domain (i.e.
+ example.org from @foo:example.org)
+ and the federation port is 8448.
+ Further reference can be found in the docs
+ about delegation.
+
+
+
+
+ This is usually needed for homeserver discovery (from e.g. other Matrix clients).
+ Further reference can be found in the upstream docs
+
+
+
+
+ It's also possible to do a redirect here or something else, this vhost is not
+ needed for Matrix. It's recommended though to not put element
+ here, see also the section about Element.
+
+
+
+
+ Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash
+ must not be used here.
+
+
+
+
+ Forward requests for e.g. SSO and password-resets.
+
+
+
+
+
+ Registering Matrix users
If you want to run a server with public registration by anybody, you can
then enable services.matrix-synapse.settings.enable_registration =
@@ -159,7 +166,7 @@ in {
To create a new user or admin, run the following after you have set the secret
and have rebuilt NixOS:
-$ nix run nixpkgs.matrix-synapse
+$ nix-shell -p matrix-synapse
$ register_new_matrix_user -k your-registration-shared-secret http://localhost:8008
New user localpart: your-usernamePassword:
@@ -168,12 +175,51 @@ in {
Success!
In the example, this would create a user with the Matrix Identifier
- @your-username:example.org. Note that the registration
- secret ends up in the nix store and therefore is world-readable by any user
- on your machine, so it makes sense to only temporarily activate the
- registration_shared_secret
- option until a better solution for NixOS is in place.
+ @your-username:example.org.
+
+
+ When using , the secret
+ will end up in the world-readable store. Instead it's recommended to deploy the secret
+ in an additional file like this:
+
+
+
+ Create a file with the following contents:
+registration_shared_secret: your-very-secret-secret
+
+
+
+
+ Deploy the file with a secret-manager such as
+ from nixops1
+ or sops-nix to
+ e.g. /run/secrets/matrix-shared-secret and ensure that it's readable
+ by matrix-synapse.
+
+
+
+
+ Include the file like this in your configuration:
+
+{
+ = [
+ "/run/secrets/matrix-shared-secret"
+ ];
+}
+
+
+
+
+
+
+
+
+ It's also possible to user alternative authentication mechanism such as
+ LDAP (via matrix-synapse-ldap3)
+ or OpenID.
+
+ Element (formerly known as Riot) Web Client
@@ -206,10 +252,7 @@ Success!
root = pkgs.element-web.override {
conf = {
- default_server_config."m.homeserver" = {
- "base_url" = "https://${fqdn}";
- "server_name" = "${fqdn}";
- };
+ default_server_config = clientConfig; # see `clientConfig` from the snippet above.
};
};
};
@@ -217,15 +260,17 @@ Success!
-
- Note that the Element developers do not recommend running Element and your Matrix
- homeserver on the same fully-qualified domain name for security reasons. In
- the example, this means that you should not reuse the
- myhostname.example.org virtualHost to also serve Element,
- but instead serve it on a different subdomain, like
- element.example.org in the example. See the
- Element
- Important Security Notes for more information on this subject.
-
+
+
+ The Element developers do not recommend running Element and your Matrix
+ homeserver on the same fully-qualified domain name for security reasons. In
+ the example, this means that you should not reuse the
+ myhostname.example.org virtualHost to also serve Element,
+ but instead serve it on a different subdomain, like
+ element.example.org in the example. See the
+ Element
+ Important Security Notes for more information on this subject.
+
+
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/airsonic.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/airsonic.nix
index 2b9c6d80abb..01e330929ca 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/airsonic.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/airsonic.nix
@@ -14,13 +14,13 @@ in {
user = mkOption {
type = types.str;
default = "airsonic";
- description = "User account under which airsonic runs.";
+ description = lib.mdDoc "User account under which airsonic runs.";
};
home = mkOption {
type = types.path;
default = "/var/lib/airsonic";
- description = ''
+ description = lib.mdDoc ''
The directory where Airsonic will create files.
Make sure it is writable.
'';
@@ -29,7 +29,7 @@ in {
virtualHost = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Name of the nginx virtualhost to use and setup. If null, do not setup any virtualhost.
'';
};
@@ -37,7 +37,7 @@ in {
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The host name or IP address on which to bind Airsonic.
The default value is appropriate for first launch, when the
default credentials are easy to guess. It is also appropriate
@@ -50,7 +50,7 @@ in {
port = mkOption {
type = types.int;
default = 4040;
- description = ''
+ description = lib.mdDoc ''
The port on which Airsonic will listen for
incoming HTTP traffic. Set to 0 to disable.
'';
@@ -59,7 +59,7 @@ in {
contextPath = mkOption {
type = types.path;
default = "/";
- description = ''
+ description = lib.mdDoc ''
The context path, i.e., the last part of the Airsonic
URL. Typically '/' or '/airsonic'. Default '/'
'';
@@ -68,7 +68,7 @@ in {
maxMemory = mkOption {
type = types.int;
default = 100;
- description = ''
+ description = lib.mdDoc ''
The memory limit (max Java heap size) in megabytes.
Default: 100
'';
@@ -78,7 +78,7 @@ in {
type = types.listOf types.path;
default = [ "${pkgs.ffmpeg.bin}/bin/ffmpeg" ];
defaultText = literalExpression ''[ "''${pkgs.ffmpeg.bin}/bin/ffmpeg" ]'';
- description = ''
+ description = lib.mdDoc ''
List of paths to transcoder executables that should be accessible
from Airsonic. Symlinks will be created to each executable inside
''${config.${opt.home}}/transcoders.
@@ -89,7 +89,7 @@ in {
type = types.package;
default = pkgs.jre8;
defaultText = literalExpression "pkgs.jre8";
- description = ''
+ description = lib.mdDoc ''
JRE package to use.
Airsonic only supports Java 8, airsonic-advanced requires at least
@@ -101,11 +101,11 @@ in {
type = types.path;
default = "${pkgs.airsonic}/webapps/airsonic.war";
defaultText = literalExpression ''"''${pkgs.airsonic}/webapps/airsonic.war"'';
- description = "Airsonic war file to use.";
+ description = lib.mdDoc "Airsonic war file to use.";
};
jvmOptions = mkOption {
- description = ''
+ description = lib.mdDoc ''
Extra command line options for the JVM running AirSonic.
Useful for sending jukebox output to non-default alsa
devices.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ananicy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ananicy.nix
index 191666bc362..bf33b2c0602 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ananicy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ananicy.nix
@@ -18,7 +18,7 @@ in
default = pkgs.ananicy;
defaultText = literalExpression "pkgs.ananicy";
example = literalExpression "pkgs.ananicy-cpp";
- description = ''
+ description = lib.mdDoc ''
Which ananicy package to use.
'';
};
@@ -29,18 +29,18 @@ in
example = {
apply_nice = false;
};
- description = ''
- See
+ description = lib.mdDoc ''
+ See
'';
};
extraRules = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra rules in json format on separate lines. See:
-
-
+
+
'';
example = literalExpression ''
'''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ankisyncd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ankisyncd.nix
index 69e471f4f57..fe71b528b6a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ankisyncd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ankisyncd.nix
@@ -34,25 +34,25 @@ in
type = types.package;
default = pkgs.ankisyncd;
defaultText = literalExpression "pkgs.ankisyncd";
- description = "The package to use for the ankisyncd command.";
+ description = lib.mdDoc "The package to use for the ankisyncd command.";
};
host = mkOption {
type = types.str;
default = "localhost";
- description = "ankisyncd host";
+ description = lib.mdDoc "ankisyncd host";
};
port = mkOption {
type = types.int;
default = 27701;
- description = "ankisyncd port";
+ description = lib.mdDoc "ankisyncd port";
};
openFirewall = mkOption {
default = false;
type = types.bool;
- description = "Whether to open the firewall for the specified port.";
+ description = lib.mdDoc "Whether to open the firewall for the specified port.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/apache-kafka.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/apache-kafka.nix
index d1856fff4aa..c428cfbc67e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/apache-kafka.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/apache-kafka.nix
@@ -26,49 +26,49 @@ in {
options.services.apache-kafka = {
enable = mkOption {
- description = "Whether to enable Apache Kafka.";
+ description = lib.mdDoc "Whether to enable Apache Kafka.";
default = false;
type = types.bool;
};
brokerId = mkOption {
- description = "Broker ID.";
+ description = lib.mdDoc "Broker ID.";
default = -1;
type = types.int;
};
port = mkOption {
- description = "Port number the broker should listen on.";
+ description = lib.mdDoc "Port number the broker should listen on.";
default = 9092;
type = types.int;
};
hostname = mkOption {
- description = "Hostname the broker should bind to.";
+ description = lib.mdDoc "Hostname the broker should bind to.";
default = "localhost";
type = types.str;
};
logDirs = mkOption {
- description = "Log file directories";
+ description = lib.mdDoc "Log file directories";
default = [ "/tmp/kafka-logs" ];
type = types.listOf types.path;
};
zookeeper = mkOption {
- description = "Zookeeper connection string";
+ description = lib.mdDoc "Zookeeper connection string";
default = "localhost:2181";
type = types.str;
};
extraProperties = mkOption {
- description = "Extra properties for server.properties.";
+ description = lib.mdDoc "Extra properties for server.properties.";
type = types.nullOr types.lines;
default = null;
};
serverProperties = mkOption {
- description = ''
+ description = lib.mdDoc ''
Complete server.properties content. Other server.properties config
options will be ignored if this option is used.
'';
@@ -77,7 +77,7 @@ in {
};
log4jProperties = mkOption {
- description = "Kafka log4j property configuration.";
+ description = lib.mdDoc "Kafka log4j property configuration.";
default = ''
log4j.rootLogger=INFO, stdout
@@ -89,7 +89,7 @@ in {
};
jvmOptions = mkOption {
- description = "Extra command line options for the JVM running Kafka.";
+ description = lib.mdDoc "Extra command line options for the JVM running Kafka.";
default = [];
type = types.listOf types.str;
example = [
@@ -100,14 +100,14 @@ in {
};
package = mkOption {
- description = "The kafka package to use";
+ description = lib.mdDoc "The kafka package to use";
default = pkgs.apacheKafka;
defaultText = literalExpression "pkgs.apacheKafka";
type = types.package;
};
jre = mkOption {
- description = "The JRE with which to run Kafka";
+ description = lib.mdDoc "The JRE with which to run Kafka";
default = cfg.package.passthru.jre;
defaultText = literalExpression "pkgs.apacheKafka.passthru.jre";
type = types.package;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/autofs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/autofs.nix
index 5fce990afec..55ab15ff003 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/autofs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/autofs.nix
@@ -21,7 +21,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Mount filesystems on demand. Unmount them automatically.
You may also be interested in afuse.
'';
@@ -46,21 +46,21 @@ in
/auto file:''${mapConf}
'''
'';
- description = ''
- Contents of /etc/auto.master file. See auto.master(5) and autofs(5).
+ description = lib.mdDoc ''
+ Contents of `/etc/auto.master` file. See {command}`auto.master(5)` and {command}`autofs(5)`.
'';
};
timeout = mkOption {
type = types.int;
default = 600;
- description = "Set the global minimum timeout, in seconds, until directories are unmounted";
+ description = lib.mdDoc "Set the global minimum timeout, in seconds, until directories are unmounted";
};
debug = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Pass -d and -7 to automount and write log to the system journal.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/autorandr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/autorandr.nix
index ef799e9ce3b..11dc915c2af 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/autorandr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/autorandr.nix
@@ -36,13 +36,13 @@ let
config = mkOption {
type = types.attrsOf configModule;
- description = "Per output profile configuration.";
+ description = lib.mdDoc "Per output profile configuration.";
default = { };
};
hooks = mkOption {
type = hooksModule;
- description = "Profile hook scripts.";
+ description = lib.mdDoc "Profile hook scripts.";
default = { };
};
};
@@ -52,54 +52,54 @@ let
options = {
enable = mkOption {
type = types.bool;
- description = "Whether to enable the output.";
+ description = lib.mdDoc "Whether to enable the output.";
default = true;
};
crtc = mkOption {
type = types.nullOr types.ints.unsigned;
- description = "Output video display controller.";
+ description = lib.mdDoc "Output video display controller.";
default = null;
example = 0;
};
primary = mkOption {
type = types.bool;
- description = "Whether output should be marked as primary";
+ description = lib.mdDoc "Whether output should be marked as primary";
default = false;
};
position = mkOption {
type = types.str;
- description = "Output position";
+ description = lib.mdDoc "Output position";
default = "";
example = "5760x0";
};
mode = mkOption {
type = types.str;
- description = "Output resolution.";
+ description = lib.mdDoc "Output resolution.";
default = "";
example = "3840x2160";
};
rate = mkOption {
type = types.str;
- description = "Output framerate.";
+ description = lib.mdDoc "Output framerate.";
default = "";
example = "60.00";
};
gamma = mkOption {
type = types.str;
- description = "Output gamma configuration.";
+ description = lib.mdDoc "Output gamma configuration.";
default = "";
example = "1.0:0.909:0.833";
};
rotate = mkOption {
type = types.nullOr (types.enum [ "normal" "left" "right" "inverted" ]);
- description = "Output rotate configuration.";
+ description = lib.mdDoc "Output rotate configuration.";
default = null;
example = "left";
};
@@ -126,7 +126,7 @@ let
dpi = mkOption {
type = types.nullOr types.ints.positive;
- description = "Output DPI configuration.";
+ description = lib.mdDoc "Output DPI configuration.";
default = null;
example = 96;
};
@@ -136,19 +136,19 @@ let
options = {
method = mkOption {
type = types.enum [ "factor" "pixel" ];
- description = "Output scaling method.";
+ description = lib.mdDoc "Output scaling method.";
default = "factor";
example = "pixel";
};
x = mkOption {
type = types.either types.float types.ints.positive;
- description = "Horizontal scaling factor/pixels.";
+ description = lib.mdDoc "Horizontal scaling factor/pixels.";
};
y = mkOption {
type = types.either types.float types.ints.positive;
- description = "Vertical scaling factor/pixels.";
+ description = lib.mdDoc "Vertical scaling factor/pixels.";
};
};
});
@@ -184,19 +184,19 @@ let
options = {
postswitch = mkOption {
type = types.attrsOf hookType;
- description = "Postswitch hook executed after mode switch.";
+ description = lib.mdDoc "Postswitch hook executed after mode switch.";
default = { };
};
preswitch = mkOption {
type = types.attrsOf hookType;
- description = "Preswitch hook executed before mode switch.";
+ description = lib.mdDoc "Preswitch hook executed before mode switch.";
default = { };
};
predetect = mkOption {
type = types.attrsOf hookType;
- description = ''
+ description = lib.mdDoc ''
Predetect hook executed before autorandr attempts to run xrandr.
'';
default = { };
@@ -253,7 +253,7 @@ in {
defaultTarget = mkOption {
default = "default";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Fallback if no monitor layout can be detected. See the docs
(https://github.com/phillipberndt/autorandr/blob/v1.0/README.md#how-to-use)
for further reference.
@@ -262,7 +262,7 @@ in {
hooks = mkOption {
type = hooksModule;
- description = "Global hook scripts";
+ description = lib.mdDoc "Global hook scripts";
default = { };
example = ''
{
@@ -292,7 +292,7 @@ in {
};
profiles = mkOption {
type = types.attrsOf profileModule;
- description = "Autorandr profiles specification.";
+ description = lib.mdDoc "Autorandr profiles specification.";
default = { };
example = literalExpression ''
{
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bazarr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bazarr.nix
index 99343a146a7..8c0b4b88e5d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bazarr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bazarr.nix
@@ -13,25 +13,25 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the bazarr web interface.";
+ description = lib.mdDoc "Open ports in the firewall for the bazarr web interface.";
};
listenPort = mkOption {
type = types.port;
default = 6767;
- description = "Port on which the bazarr web interface should listen";
+ description = lib.mdDoc "Port on which the bazarr web interface should listen";
};
user = mkOption {
type = types.str;
default = "bazarr";
- description = "User account under which bazarr runs.";
+ description = lib.mdDoc "User account under which bazarr runs.";
};
group = mkOption {
type = types.str;
default = "bazarr";
- description = "Group under which bazarr runs.";
+ description = lib.mdDoc "Group under which bazarr runs.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/beanstalkd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/beanstalkd.nix
index 1c674a5b23b..498e287ac7d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/beanstalkd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/beanstalkd.nix
@@ -17,13 +17,13 @@ in
listen = {
port = mkOption {
type = types.int;
- description = "TCP port that will be used to accept client connections.";
+ description = lib.mdDoc "TCP port that will be used to accept client connections.";
default = 11300;
};
address = mkOption {
type = types.str;
- description = "IP address to listen on.";
+ description = lib.mdDoc "IP address to listen on.";
default = "127.0.0.1";
example = "0.0.0.0";
};
@@ -32,7 +32,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Whether to open ports in the firewall for the server.";
+ description = lib.mdDoc "Whether to open ports in the firewall for the server.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bees.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bees.nix
index fa00d7e4f55..1b492315026 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bees.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bees.nix
@@ -47,12 +47,12 @@ let
type = types.enum (attrNames logLevels ++ attrValues logLevels);
apply = v: if isString v then logLevels.${v} else v;
default = "info";
- description = "Log verbosity (syslog keyword/level).";
+ description = lib.mdDoc "Log verbosity (syslog keyword/level).";
};
options.workDir = mkOption {
type = str;
default = ".beeshome";
- description = ''
+ description = lib.mdDoc ''
Name (relative to the root of the filesystem) of the subvolume where
the hash table will be stored.
'';
@@ -60,7 +60,7 @@ let
options.extraOptions = mkOption {
type = listOf str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Extra command-line options passed to the daemon. See upstream bees documentation.
'';
example = literalExpression ''
@@ -75,7 +75,7 @@ in
options.services.beesd = {
filesystems = mkOption {
type = with types; attrsOf (submodule fsOptions);
- description = "BTRFS filesystems to run block-level deduplication on.";
+ description = lib.mdDoc "BTRFS filesystems to run block-level deduplication on.";
default = { };
example = literalExpression ''
{
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bepasty.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bepasty.nix
index f69832e5b2b..8d18ef7f194 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bepasty.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/bepasty.nix
@@ -17,7 +17,7 @@ in
servers = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
configure a number of bepasty servers which will be started with
gunicorn.
'';
@@ -27,7 +27,7 @@ in
bind = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Bind address to be used for this server.
'';
example = "0.0.0.0:8000";
@@ -36,7 +36,7 @@ in
dataDir = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Path to the directory where the pastes will be saved to
'';
default = default_home+"/data";
@@ -44,7 +44,7 @@ in
defaultPermissions = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
default permissions for all unauthenticated accesses.
'';
example = "read,create,delete";
@@ -53,7 +53,7 @@ in
extraConfig = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration for bepasty server to be appended on the
configuration.
see https://bepasty-server.readthedocs.org/en/latest/quickstart.html#configuring-bepasty
@@ -70,13 +70,13 @@ in
secretKey = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
server secret for safe session cookies, must be set.
Warning: this secret is stored in the WORLD-READABLE Nix store!
- It's recommended to use
- which takes precedence over .
+ It's recommended to use {option}`secretKeyFile`
+ which takes precedence over {option}`secretKey`.
'';
default = "";
};
@@ -84,19 +84,19 @@ in
secretKeyFile = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file that contains the server secret for safe session cookies, must be set.
- takes precedence over .
+ {option}`secretKeyFile` takes precedence over {option}`secretKey`.
- Warning: when is non-empty
+ Warning: when {option}`secretKey` is non-empty {option}`secretKeyFile`
defaults to a file in the WORLD-READABLE Nix store containing that secret.
'';
};
workDir = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Path to the working directory (used for config and pidfile).
Defaults to the users home directory.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/calibre-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/calibre-server.nix
index 2467d34b524..d75c33bab51 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/calibre-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/calibre-server.nix
@@ -26,20 +26,20 @@ in
enable = mkEnableOption "calibre-server";
libraries = mkOption {
- description = ''
+ description = lib.mdDoc ''
The directories of the libraries to serve. They must be readable for the user under which the server runs.
'';
type = types.listOf types.path;
};
user = mkOption {
- description = "The user under which calibre-server runs.";
+ description = lib.mdDoc "The user under which calibre-server runs.";
type = types.str;
default = "calibre-server";
};
group = mkOption {
- description = "The group under which calibre-server runs.";
+ description = lib.mdDoc "The group under which calibre-server runs.";
type = types.str;
default = "calibre-server";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/canto-daemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/canto-daemon.nix
index db51a263aab..8150e038bc1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/canto-daemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/canto-daemon.nix
@@ -16,7 +16,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the canto RSS daemon.";
+ description = lib.mdDoc "Whether to enable the canto RSS daemon.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cfdyndns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cfdyndns.nix
index 5885617d742..74d7a0b2c62 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cfdyndns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cfdyndns.nix
@@ -18,7 +18,7 @@ in
email = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The email address to use to authenticate to CloudFlare.
'';
};
@@ -26,7 +26,7 @@ in
apikeyFile = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The path to a file containing the API Key
used to authenticate with CloudFlare.
'';
@@ -36,7 +36,7 @@ in
default = [];
example = [ "host.tld" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The records to update in CloudFlare.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cgminer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cgminer.nix
index 60f75530723..a67986d3011 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cgminer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cgminer.nix
@@ -36,20 +36,20 @@ in
package = mkOption {
default = pkgs.cgminer;
defaultText = literalExpression "pkgs.cgminer";
- description = "Which cgminer derivation to use.";
+ description = lib.mdDoc "Which cgminer derivation to use.";
type = types.package;
};
user = mkOption {
type = types.str;
default = "cgminer";
- description = "User account under which cgminer runs";
+ description = lib.mdDoc "User account under which cgminer runs";
};
pools = mkOption {
default = []; # Run benchmark
type = types.listOf (types.attrsOf types.str);
- description = "List of pools where to mine";
+ description = lib.mdDoc "List of pools where to mine";
example = [{
url = "http://p2pool.org:9332";
username = "17EUZxTvs9uRmPsjPZSYUU3zCz9iwstudk";
@@ -60,7 +60,7 @@ in
hardware = mkOption {
default = []; # Run without options
type = types.listOf (types.attrsOf (types.either types.str types.int));
- description= "List of config options for every GPU";
+ description= lib.mdDoc "List of config options for every GPU";
example = [
{
intensity = 9;
@@ -87,7 +87,7 @@ in
config = mkOption {
default = {};
type = types.attrsOf (types.either types.bool types.int);
- description = "Additional config";
+ description = lib.mdDoc "Additional config";
example = {
auto-fan = true;
auto-gpu = true;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/clipcat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/clipcat.nix
index 8b749aa7289..0c067d23d32 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/clipcat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/clipcat.nix
@@ -13,7 +13,7 @@ in {
type = types.package;
default = pkgs.clipcat;
defaultText = literalExpression "pkgs.clipcat";
- description = "clipcat derivation to use.";
+ description = lib.mdDoc "clipcat derivation to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/clipmenu.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/clipmenu.nix
index ef95985f8d8..a31879284e4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/clipmenu.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/clipmenu.nix
@@ -13,7 +13,7 @@ in {
type = types.package;
default = pkgs.clipmenu;
defaultText = literalExpression "pkgs.clipmenu";
- description = "clipmenu derivation to use.";
+ description = lib.mdDoc "clipmenu derivation to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/confd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/confd.nix
index 6c66786524b..87a9a25d491 100755
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/confd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/confd.nix
@@ -20,49 +20,49 @@ in {
enable = mkEnableOption "confd service";
backend = mkOption {
- description = "Confd config storage backend to use.";
+ description = lib.mdDoc "Confd config storage backend to use.";
default = "etcd";
type = types.enum ["etcd" "consul" "redis" "zookeeper"];
};
interval = mkOption {
- description = "Confd check interval.";
+ description = lib.mdDoc "Confd check interval.";
default = 10;
type = types.int;
};
nodes = mkOption {
- description = "Confd list of nodes to connect to.";
+ description = lib.mdDoc "Confd list of nodes to connect to.";
default = [ "http://127.0.0.1:2379" ];
type = types.listOf types.str;
};
watch = mkOption {
- description = "Confd, whether to watch etcd config for changes.";
+ description = lib.mdDoc "Confd, whether to watch etcd config for changes.";
default = true;
type = types.bool;
};
prefix = mkOption {
- description = "The string to prefix to keys.";
+ description = lib.mdDoc "The string to prefix to keys.";
default = "/";
type = types.path;
};
logLevel = mkOption {
- description = "Confd log level.";
+ description = lib.mdDoc "Confd log level.";
default = "info";
type = types.enum ["info" "debug"];
};
confDir = mkOption {
- description = "The path to the confd configs.";
+ description = lib.mdDoc "The path to the confd configs.";
default = "/etc/confd";
type = types.path;
};
package = mkOption {
- description = "Confd package to use.";
+ description = lib.mdDoc "Confd package to use.";
default = pkgs.confd;
defaultText = literalExpression "pkgs.confd";
type = types.package;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cpuminer-cryptonight.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cpuminer-cryptonight.nix
index 907b9d90da2..7b18c6b3cd2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cpuminer-cryptonight.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/cpuminer-cryptonight.nix
@@ -23,27 +23,27 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the cpuminer cryptonight miner.
'';
};
url = mkOption {
type = types.str;
- description = "URL of mining server";
+ description = lib.mdDoc "URL of mining server";
};
user = mkOption {
type = types.str;
- description = "Username for mining server";
+ description = lib.mdDoc "Username for mining server";
};
pass = mkOption {
type = types.str;
default = "x";
- description = "Password for mining server";
+ description = lib.mdDoc "Password for mining server";
};
threads = mkOption {
type = types.int;
default = 0;
- description = "Number of miner threads, defaults to available processors";
+ description = lib.mdDoc "Number of miner threads, defaults to available processors";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dictd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dictd.nix
index 96e2a4e7c26..4b714b84f3b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dictd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dictd.nix
@@ -17,7 +17,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the DICT.org dictionary server.
'';
};
@@ -27,7 +27,7 @@ in
default = with pkgs.dictdDBs; [ wiktionary wordnet ];
defaultText = literalExpression "with pkgs.dictdDBs; [ wiktionary wordnet ]";
example = literalExpression "[ pkgs.dictdDBs.nld2eng ]";
- description = "List of databases to make available.";
+ description = lib.mdDoc "List of databases to make available.";
};
};
@@ -45,6 +45,10 @@ in
# get the command line client on system path to make some use of the service
environment.systemPackages = [ pkgs.dict ];
+ environment.etc."dict.conf".text = ''
+ server localhost
+ '';
+
users.users.dictd =
{ group = "dictd";
description = "DICT.org dictd server";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/disnix.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/disnix.nix
index 07c0613336a..08e0a321a23 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/disnix.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/disnix.nix
@@ -22,14 +22,14 @@ in
enableMultiUser = mkOption {
type = types.bool;
default = true;
- description = "Whether to support multi-user mode by enabling the Disnix D-Bus service";
+ description = lib.mdDoc "Whether to support multi-user mode by enabling the Disnix D-Bus service";
};
useWebServiceInterface = mkEnableOption "the DisnixWebService interface running on Apache Tomcat";
package = mkOption {
type = types.path;
- description = "The Disnix package";
+ description = lib.mdDoc "The Disnix package";
default = pkgs.disnix;
defaultText = literalExpression "pkgs.disnix";
};
@@ -39,7 +39,7 @@ in
profiles = mkOption {
type = types.listOf types.str;
default = [ "default" ];
- description = "Names of the Disnix profiles to expose in the system's PATH";
+ description = lib.mdDoc "Names of the Disnix profiles to expose in the system's PATH";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/docker-registry.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/docker-registry.nix
index cb68a29c530..5b32762a369 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/docker-registry.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/docker-registry.nix
@@ -50,13 +50,13 @@ in {
enable = mkEnableOption "Docker Registry";
listenAddress = mkOption {
- description = "Docker registry host or ip to bind to.";
+ description = lib.mdDoc "Docker registry host or ip to bind to.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
- description = "Docker registry port to bind to.";
+ description = lib.mdDoc "Docker registry port to bind to.";
default = 5000;
type = types.port;
};
@@ -64,7 +64,7 @@ in {
storagePath = mkOption {
type = types.nullOr types.path;
default = "/var/lib/docker-registry";
- description = ''
+ description = lib.mdDoc ''
Docker registry storage path for the filesystem storage backend. Set to
null to configure another backend via extraConfig.
'';
@@ -73,7 +73,7 @@ in {
enableDelete = mkOption {
type = types.bool;
default = false;
- description = "Enable delete for manifests and blobs.";
+ description = lib.mdDoc "Enable delete for manifests and blobs.";
};
enableRedisCache = mkEnableOption "redis as blob cache";
@@ -81,17 +81,17 @@ in {
redisUrl = mkOption {
type = types.str;
default = "localhost:6379";
- description = "Set redis host and port.";
+ description = lib.mdDoc "Set redis host and port.";
};
redisPassword = mkOption {
type = types.str;
default = "";
- description = "Set redis password.";
+ description = lib.mdDoc "Set redis password.";
};
extraConfig = mkOption {
- description = ''
+ description = lib.mdDoc ''
Docker extra registry configuration via environment variables.
'';
default = {};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/domoticz.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/domoticz.nix
index b1353d48404..d01158b327a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/domoticz.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/domoticz.nix
@@ -17,13 +17,13 @@ in {
bind = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "IP address to bind to.";
+ description = lib.mdDoc "IP address to bind to.";
};
port = mkOption {
type = types.int;
default = 8080;
- description = "Port to bind to for HTTP, set to 0 to disable HTTP.";
+ description = lib.mdDoc "Port to bind to for HTTP, set to 0 to disable HTTP.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/duckling.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/duckling.nix
index 77d2a92380b..55a87fccf8e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/duckling.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/duckling.nix
@@ -12,7 +12,7 @@ in {
port = mkOption {
type = types.port;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
Port on which duckling will run.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dwm-status.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dwm-status.nix
index 5f591b3c5d4..92705e5515e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dwm-status.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dwm-status.nix
@@ -29,14 +29,14 @@ in
default = pkgs.dwm-status;
defaultText = literalExpression "pkgs.dwm-status";
example = literalExpression "pkgs.dwm-status.override { enableAlsaUtils = false; }";
- description = ''
+ description = lib.mdDoc ''
Which dwm-status package to use.
'';
};
order = mkOption {
type = types.listOf (types.enum [ "audio" "backlight" "battery" "cpu_load" "network" "time" ]);
- description = ''
+ description = lib.mdDoc ''
List of enabled features in order.
'';
};
@@ -44,7 +44,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra config in TOML format.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dysnomia.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dysnomia.nix
index 7d9c39a6973..4d748ec6eb6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dysnomia.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/dysnomia.nix
@@ -87,52 +87,52 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable Dysnomia";
+ description = lib.mdDoc "Whether to enable Dysnomia";
};
enableAuthentication = mkOption {
type = types.bool;
default = false;
- description = "Whether to publish privacy-sensitive authentication credentials";
+ description = lib.mdDoc "Whether to publish privacy-sensitive authentication credentials";
};
package = mkOption {
type = types.path;
- description = "The Dysnomia package";
+ description = lib.mdDoc "The Dysnomia package";
};
properties = mkOption {
- description = "An attribute set in which each attribute represents a machine property. Optionally, these values can be shell substitutions.";
+ description = lib.mdDoc "An attribute set in which each attribute represents a machine property. Optionally, these values can be shell substitutions.";
default = {};
type = types.attrs;
};
containers = mkOption {
- description = "An attribute set in which each key represents a container and each value an attribute set providing its configuration properties";
+ description = lib.mdDoc "An attribute set in which each key represents a container and each value an attribute set providing its configuration properties";
default = {};
type = types.attrsOf types.attrs;
};
components = mkOption {
- description = "An atttribute set in which each key represents a container and each value an attribute set in which each key represents a component and each value a derivation constructing its initial state";
+ description = lib.mdDoc "An atttribute set in which each key represents a container and each value an attribute set in which each key represents a component and each value a derivation constructing its initial state";
default = {};
type = types.attrsOf types.attrs;
};
extraContainerProperties = mkOption {
- description = "An attribute set providing additional container settings in addition to the default properties";
+ description = lib.mdDoc "An attribute set providing additional container settings in addition to the default properties";
default = {};
type = types.attrs;
};
extraContainerPaths = mkOption {
- description = "A list of paths containing additional container configurations that are added to the search folders";
+ description = lib.mdDoc "A list of paths containing additional container configurations that are added to the search folders";
default = [];
type = types.listOf types.path;
};
extraModulePaths = mkOption {
- description = "A list of paths containing additional modules that are added to the search folders";
+ description = lib.mdDoc "A list of paths containing additional modules that are added to the search folders";
default = [];
type = types.listOf types.path;
};
@@ -140,7 +140,7 @@ in
enableLegacyModules = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable Dysnomia legacy process and wrapper modules";
+ description = lib.mdDoc "Whether to enable Dysnomia legacy process and wrapper modules";
};
};
};
@@ -186,7 +186,7 @@ in
dysnomia.properties = {
hostname = config.networking.hostName;
- inherit (config.nixpkgs.localSystem) system;
+ inherit (pkgs.stdenv.hostPlatform) system;
supportedTypes = [
"echo"
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/errbot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/errbot.nix
index b447ba5d438..a650bc5bbd9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/errbot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/errbot.nix
@@ -27,48 +27,48 @@ in {
options = {
services.errbot.instances = mkOption {
default = {};
- description = "Errbot instance configs";
+ description = lib.mdDoc "Errbot instance configs";
type = types.attrsOf (types.submodule {
options = {
dataDir = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Data directory for errbot instance.";
+ description = lib.mdDoc "Data directory for errbot instance.";
};
plugins = mkOption {
type = types.listOf types.package;
default = [];
- description = "List of errbot plugin derivations.";
+ description = lib.mdDoc "List of errbot plugin derivations.";
};
logLevel = mkOption {
type = types.str;
default = "INFO";
- description = "Errbot log level";
+ description = lib.mdDoc "Errbot log level";
};
admins = mkOption {
type = types.listOf types.str;
default = [];
- description = "List of identifiers of errbot admins.";
+ description = lib.mdDoc "List of identifiers of errbot admins.";
};
backend = mkOption {
type = types.str;
default = "XMPP";
- description = "Errbot backend name.";
+ description = lib.mdDoc "Errbot backend name.";
};
identity = mkOption {
type = types.attrs;
- description = "Errbot identity configuration";
+ description = lib.mdDoc "Errbot identity configuration";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "String to be appended to the config verbatim";
+ description = lib.mdDoc "String to be appended to the config verbatim";
};
};
});
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etcd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etcd.nix
index 3925b7dd163..d589ad780c1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etcd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etcd.nix
@@ -10,116 +10,116 @@ in {
options.services.etcd = {
enable = mkOption {
- description = "Whether to enable etcd.";
+ description = lib.mdDoc "Whether to enable etcd.";
default = false;
type = types.bool;
};
name = mkOption {
- description = "Etcd unique node name.";
+ description = lib.mdDoc "Etcd unique node name.";
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
type = types.str;
};
advertiseClientUrls = mkOption {
- description = "Etcd list of this member's client URLs to advertise to the rest of the cluster.";
+ description = lib.mdDoc "Etcd list of this member's client URLs to advertise to the rest of the cluster.";
default = cfg.listenClientUrls;
defaultText = literalExpression "config.${opt.listenClientUrls}";
type = types.listOf types.str;
};
listenClientUrls = mkOption {
- description = "Etcd list of URLs to listen on for client traffic.";
+ description = lib.mdDoc "Etcd list of URLs to listen on for client traffic.";
default = ["http://127.0.0.1:2379"];
type = types.listOf types.str;
};
listenPeerUrls = mkOption {
- description = "Etcd list of URLs to listen on for peer traffic.";
+ description = lib.mdDoc "Etcd list of URLs to listen on for peer traffic.";
default = ["http://127.0.0.1:2380"];
type = types.listOf types.str;
};
initialAdvertisePeerUrls = mkOption {
- description = "Etcd list of this member's peer URLs to advertise to rest of the cluster.";
+ description = lib.mdDoc "Etcd list of this member's peer URLs to advertise to rest of the cluster.";
default = cfg.listenPeerUrls;
defaultText = literalExpression "config.${opt.listenPeerUrls}";
type = types.listOf types.str;
};
initialCluster = mkOption {
- description = "Etcd initial cluster configuration for bootstrapping.";
+ description = lib.mdDoc "Etcd initial cluster configuration for bootstrapping.";
default = ["${cfg.name}=http://127.0.0.1:2380"];
defaultText = literalExpression ''["''${config.${opt.name}}=http://127.0.0.1:2380"]'';
type = types.listOf types.str;
};
initialClusterState = mkOption {
- description = "Etcd initial cluster configuration for bootstrapping.";
+ description = lib.mdDoc "Etcd initial cluster configuration for bootstrapping.";
default = "new";
type = types.enum ["new" "existing"];
};
initialClusterToken = mkOption {
- description = "Etcd initial cluster token for etcd cluster during bootstrap.";
+ description = lib.mdDoc "Etcd initial cluster token for etcd cluster during bootstrap.";
default = "etcd-cluster";
type = types.str;
};
discovery = mkOption {
- description = "Etcd discovery url";
+ description = lib.mdDoc "Etcd discovery url";
default = "";
type = types.str;
};
clientCertAuth = mkOption {
- description = "Whether to use certs for client authentication";
+ description = lib.mdDoc "Whether to use certs for client authentication";
default = false;
type = types.bool;
};
trustedCaFile = mkOption {
- description = "Certificate authority file to use for clients";
+ description = lib.mdDoc "Certificate authority file to use for clients";
default = null;
type = types.nullOr types.path;
};
certFile = mkOption {
- description = "Cert file to use for clients";
+ description = lib.mdDoc "Cert file to use for clients";
default = null;
type = types.nullOr types.path;
};
keyFile = mkOption {
- description = "Key file to use for clients";
+ description = lib.mdDoc "Key file to use for clients";
default = null;
type = types.nullOr types.path;
};
peerCertFile = mkOption {
- description = "Cert file to use for peer to peer communication";
+ description = lib.mdDoc "Cert file to use for peer to peer communication";
default = cfg.certFile;
defaultText = literalExpression "config.${opt.certFile}";
type = types.nullOr types.path;
};
peerKeyFile = mkOption {
- description = "Key file to use for peer to peer communication";
+ description = lib.mdDoc "Key file to use for peer to peer communication";
default = cfg.keyFile;
defaultText = literalExpression "config.${opt.keyFile}";
type = types.nullOr types.path;
};
peerTrustedCaFile = mkOption {
- description = "Certificate authority file to use for peer to peer communication";
+ description = lib.mdDoc "Certificate authority file to use for peer to peer communication";
default = cfg.trustedCaFile;
defaultText = literalExpression "config.${opt.trustedCaFile}";
type = types.nullOr types.path;
};
peerClientCertAuth = mkOption {
- description = "Whether to check all incoming peer requests from the cluster for valid client certificates signed by the supplied CA";
+ description = lib.mdDoc "Whether to check all incoming peer requests from the cluster for valid client certificates signed by the supplied CA";
default = false;
type = types.bool;
};
@@ -145,7 +145,7 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/lib/etcd";
- description = "Etcd data directory.";
+ description = lib.mdDoc "Etcd data directory.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etebase-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etebase-server.nix
index cb99364aa1a..24be9e8e269 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etebase-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etebase-server.nix
@@ -36,12 +36,12 @@ in
type = types.bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Etebase server.
Once enabled you need to create an admin user by invoking the
- shell command etebase-server createsuperuser with
- the user specified by the user option or a superuser.
+ shell command `etebase-server createsuperuser` with
+ the user specified by the `user` option or a superuser.
Then you can login and create accounts on your-etebase-server.com/admin
'';
};
@@ -49,19 +49,19 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/etebase-server";
- description = "Directory to store the Etebase server data.";
+ description = lib.mdDoc "Directory to store the Etebase server data.";
};
port = mkOption {
type = with types; nullOr port;
default = 8001;
- description = "Port to listen on.";
+ description = lib.mdDoc "Port to listen on.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open ports in the firewall for the server.
'';
};
@@ -69,7 +69,7 @@ in
unixSocket = mkOption {
type = with types; nullOr str;
default = null;
- description = "The path to the socket to bind to.";
+ description = lib.mdDoc "The path to the socket to bind to.";
example = "/run/etebase-server/etebase-server.sock";
};
@@ -82,14 +82,14 @@ in
debug = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to set django's DEBUG flag.
'';
};
secret_file = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The path to a file containing the secret
used as django's SECRET_KEY.
'';
@@ -98,13 +98,13 @@ in
type = types.str;
default = "${cfg.dataDir}/static";
defaultText = literalExpression ''"''${config.services.etebase-server.dataDir}/static"'';
- description = "The directory for static files.";
+ description = lib.mdDoc "The directory for static files.";
};
media_root = mkOption {
type = types.str;
default = "${cfg.dataDir}/media";
defaultText = literalExpression ''"''${config.services.etebase-server.dataDir}/media"'';
- description = "The media directory.";
+ description = lib.mdDoc "The media directory.";
};
};
allowed_hosts = {
@@ -112,7 +112,7 @@ in
type = types.str;
default = "0.0.0.0";
example = "localhost";
- description = ''
+ description = lib.mdDoc ''
The main host that is allowed access.
'';
};
@@ -121,13 +121,13 @@ in
engine = mkOption {
type = types.enum [ "django.db.backends.sqlite3" "django.db.backends.postgresql" ];
default = "django.db.backends.sqlite3";
- description = "The database engine to use.";
+ description = lib.mdDoc "The database engine to use.";
};
name = mkOption {
type = types.str;
default = "${cfg.dataDir}/db.sqlite3";
defaultText = literalExpression ''"''${config.services.etebase-server.dataDir}/db.sqlite3"'';
- description = "The database name.";
+ description = lib.mdDoc "The database name.";
};
};
};
@@ -153,7 +153,7 @@ in
user = mkOption {
type = types.str;
default = defaultUser;
- description = "User under which Etebase server runs.";
+ description = lib.mdDoc "User under which Etebase server runs.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etesync-dav.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etesync-dav.nix
index 9d7cfda371b..6a755be8500 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etesync-dav.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/etesync-dav.nix
@@ -12,32 +12,32 @@ in
host = mkOption {
type = types.str;
default = "localhost";
- description = "The server host address.";
+ description = lib.mdDoc "The server host address.";
};
port = mkOption {
type = types.port;
default = 37358;
- description = "The server host port.";
+ description = lib.mdDoc "The server host port.";
};
apiUrl = mkOption {
type = types.str;
default = "https://api.etesync.com/";
- description = "The url to the etesync API.";
+ description = lib.mdDoc "The url to the etesync API.";
};
openFirewall = mkOption {
default = false;
type = types.bool;
- description = "Whether to open the firewall for the specified port.";
+ description = lib.mdDoc "Whether to open the firewall for the specified port.";
};
sslCertificate = mkOption {
type = types.nullOr types.path;
default = null;
example = "/var/etesync.crt";
- description = ''
+ description = lib.mdDoc ''
Path to server SSL certificate. It will be copied into
etesync-dav's data directory.
'';
@@ -47,7 +47,7 @@ in
type = types.nullOr types.path;
default = null;
example = "/var/etesync.key";
- description = ''
+ description = lib.mdDoc ''
Path to server SSL certificate key. It will be copied into
etesync-dav's data directory.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ethminer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ethminer.nix
index 22363466982..909c49866e5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ethminer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ethminer.nix
@@ -18,61 +18,61 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable ethminer ether mining.";
+ description = lib.mdDoc "Enable ethminer ether mining.";
};
recheckInterval = mkOption {
type = types.ints.unsigned;
default = 2000;
- description = "Interval in milliseconds between farm rechecks.";
+ description = lib.mdDoc "Interval in milliseconds between farm rechecks.";
};
toolkit = mkOption {
type = types.enum [ "cuda" "opencl" ];
default = "cuda";
- description = "Cuda or opencl toolkit.";
+ description = lib.mdDoc "Cuda or opencl toolkit.";
};
apiPort = mkOption {
type = types.int;
default = -3333;
- description = "Ethminer api port. minus sign puts api in read-only mode.";
+ description = lib.mdDoc "Ethminer api port. minus sign puts api in read-only mode.";
};
wallet = mkOption {
type = types.str;
example = "0x0123456789abcdef0123456789abcdef01234567";
- description = "Ethereum wallet address.";
+ description = lib.mdDoc "Ethereum wallet address.";
};
pool = mkOption {
type = types.str;
example = "eth-us-east1.nanopool.org";
- description = "Mining pool address.";
+ description = lib.mdDoc "Mining pool address.";
};
stratumPort = mkOption {
type = types.port;
default = 9999;
- description = "Stratum protocol tcp port.";
+ description = lib.mdDoc "Stratum protocol tcp port.";
};
rig = mkOption {
type = types.str;
default = "mining-rig-name";
- description = "Mining rig name.";
+ description = lib.mdDoc "Mining rig name.";
};
registerMail = mkOption {
type = types.str;
example = "email%40example.org";
- description = "Url encoded email address to register with pool.";
+ description = lib.mdDoc "Url encoded email address to register with pool.";
};
maxPower = mkOption {
type = types.ints.unsigned;
default = 113;
- description = "Miner max watt usage.";
+ description = lib.mdDoc "Miner max watt usage.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/exhibitor.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/exhibitor.nix
index 4c935efbd84..3db42b8e4a4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/exhibitor.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/exhibitor.nix
@@ -80,69 +80,69 @@ in
port = mkOption {
type = types.int;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
The port for exhibitor to listen on and communicate with other exhibitors.
'';
};
baseDir = mkOption {
type = types.str;
default = "/var/exhibitor";
- description = ''
+ description = lib.mdDoc ''
Baseline directory for exhibitor runtime config.
'';
};
configType = mkOption {
type = types.enum [ "file" "s3" "zookeeper" "none" ];
- description = ''
+ description = lib.mdDoc ''
Which configuration type you want to use. Additional config will be
required depending on which type you are using.
'';
};
hostname = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Hostname to use and advertise
'';
default = null;
};
nodeModification = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether the Explorer UI will allow nodes to be modified (use with caution).
'';
default = true;
};
configCheckMs = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Period (ms) to check for shared config updates.
'';
default = 30000;
};
headingText = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Extra text to display in UI header
'';
default = null;
};
jqueryStyle = mkOption {
type = types.enum [ "red" "black" "custom" ];
- description = ''
+ description = lib.mdDoc ''
Styling used for the JQuery-based UI.
'';
default = "red";
};
logLines = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Max lines of logging to keep in memory for display.
'';
default = 1000;
};
servo = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
ZooKeeper will be queried once a minute for its state via the 'mntr' four
letter word (this requires ZooKeeper 3.4.x+). Servo will be used to publish
this data via JMX.
@@ -151,14 +151,14 @@ in
};
timeout = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Connection timeout (ms) for ZK connections.
'';
default = 30000;
};
autoManageInstances = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Automatically manage ZooKeeper instances in the ensemble
'';
default = false;
@@ -167,7 +167,7 @@ in
type = types.str;
default = "${cfg.baseDir}/zkData";
defaultText = literalExpression ''"''${config.${opt.baseDir}}/zkData"'';
- description = ''
+ description = lib.mdDoc ''
The Zookeeper data directory
'';
};
@@ -175,56 +175,56 @@ in
type = types.path;
default = "${cfg.baseDir}/zkLogs";
defaultText = literalExpression ''"''${config.${opt.baseDir}}/zkLogs"'';
- description = ''
+ description = lib.mdDoc ''
The Zookeeper logs directory
'';
};
extraConf = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra Exhibitor configuration to put in the ZooKeeper config file.
'';
};
zkExtraCfg = mkOption {
type = types.str;
default = "initLimit=5&syncLimit=2&tickTime=2000";
- description = ''
+ description = lib.mdDoc ''
Extra options to pass into Zookeeper
'';
};
zkClientPort = mkOption {
type = types.int;
default = 2181;
- description = ''
+ description = lib.mdDoc ''
Zookeeper client port
'';
};
zkConnectPort = mkOption {
type = types.int;
default = 2888;
- description = ''
+ description = lib.mdDoc ''
The port to use for followers to talk to each other.
'';
};
zkElectionPort = mkOption {
type = types.int;
default = 3888;
- description = ''
+ description = lib.mdDoc ''
The port for Zookeepers to use for leader election.
'';
};
zkCleanupPeriod = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
How often (in milliseconds) to run the Zookeeper log cleanup task.
'';
};
zkServersSpec = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Zookeeper server spec for all servers in the ensemble.
'';
example = [ "S:1:zk1.example.com" "S:2:zk2.example.com" "S:3:zk3.example.com" "O:4:zk-observer.example.com" ];
@@ -234,14 +234,14 @@ in
s3Backup = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable backups to S3
'';
};
fileSystemBackup = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables file system backup of ZooKeeper log files
'';
};
@@ -249,21 +249,21 @@ in
# Options for using zookeeper configType
zkConfigConnect = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The initial connection string for ZooKeeper shared config storage
'';
example = ["host1:2181" "host2:2181"];
};
zkConfigExhibitorPath = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
If the ZooKeeper shared config is also running Exhibitor, the URI path for the REST call
'';
default = "/";
};
zkConfigExhibitorPort = mkOption {
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
If the ZooKeeper shared config is also running Exhibitor, the port that
Exhibitor is listening on. IMPORTANT: if this value is not set it implies
that Exhibitor is not being used on the ZooKeeper shared config.
@@ -271,7 +271,7 @@ in
};
zkConfigPollMs = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The period in ms to check for changes in the config ensemble
'';
default = 10000;
@@ -280,21 +280,21 @@ in
sleepMs = mkOption {
type = types.int;
default = 1000;
- description = ''
+ description = lib.mdDoc ''
Retry sleep time connecting to the ZooKeeper config
'';
};
retryQuantity = mkOption {
type = types.int;
default = 3;
- description = ''
+ description = lib.mdDoc ''
Retries connecting to the ZooKeeper config
'';
};
};
zkConfigZPath = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The base ZPath that Exhibitor should use
'';
example = "/exhibitor/config";
@@ -304,19 +304,19 @@ in
s3Config = {
bucketName = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Bucket name to store config
'';
};
objectKey = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
S3 key name to store the config
'';
};
configPrefix = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
When using AWS S3 shared config files, the prefix to use for values such as locks
'';
default = "exhibitor-";
@@ -326,7 +326,7 @@ in
# The next two are used for either s3backup or s3 configType
s3Credentials = mkOption {
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Optional credentials to use for s3backup or s3config. Argument is the path
to an AWS credential properties file with two properties:
com.netflix.exhibitor.s3.access-key-id and com.netflix.exhibitor.s3.access-secret-key
@@ -335,7 +335,7 @@ in
};
s3Region = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Optional region for S3 calls
'';
default = null;
@@ -344,7 +344,7 @@ in
# Config options for file config type
fsConfigDir = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Directory to store Exhibitor properties (cannot be used with s3config).
Exhibitor uses file system locks so you can specify a shared location
so as to enable complete ensemble management.
@@ -352,14 +352,14 @@ in
};
fsConfigLockPrefix = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
A prefix for a locking mechanism used in conjunction with fsconfigdir
'';
default = "exhibitor-lock-";
};
fsConfigName = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The name of the file to store config in
'';
default = "exhibitor.properties";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/felix.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/felix.nix
index 0283de128af..7654ad28440 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/felix.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/felix.nix
@@ -23,19 +23,19 @@ in
type = types.listOf types.package;
default = [ pkgs.felix_remoteshell ];
defaultText = literalExpression "[ pkgs.felix_remoteshell ]";
- description = "List of bundles that should be activated on startup";
+ description = lib.mdDoc "List of bundles that should be activated on startup";
};
user = mkOption {
type = types.str;
default = "osgi";
- description = "User account under which Apache Felix runs.";
+ description = lib.mdDoc "User account under which Apache Felix runs.";
};
group = mkOption {
type = types.str;
default = "osgi";
- description = "Group account under which Apache Felix runs.";
+ description = lib.mdDoc "Group account under which Apache Felix runs.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/freeswitch.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/freeswitch.nix
index 472b0b73ff6..8a74b229ce3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/freeswitch.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/freeswitch.nix
@@ -34,9 +34,9 @@ in {
default = "${config.services.freeswitch.package}/share/freeswitch/conf/vanilla";
defaultText = literalExpression ''"''${config.services.freeswitch.package}/share/freeswitch/conf/vanilla"'';
example = literalExpression ''"''${config.services.freeswitch.package}/share/freeswitch/conf/minimal"'';
- description = ''
+ description = lib.mdDoc ''
Configuration template to use.
- See available templates in FreeSWITCH repository.
+ See available templates in [FreeSWITCH repository](https://github.com/signalwire/freeswitch/tree/master/conf).
You can also set your own configuration directory.
'';
};
@@ -51,18 +51,18 @@ in {
''';
}
'';
- description = ''
+ description = lib.mdDoc ''
Override file in FreeSWITCH config template directory.
Each top-level attribute denotes a file path in the configuration directory, its value is the file path.
- See FreeSWITCH documentation for more info.
- Also check available templates in FreeSWITCH repository.
+ See [FreeSWITCH documentation](https://freeswitch.org/confluence/display/FREESWITCH/Default+Configuration) for more info.
+ Also check available templates in [FreeSWITCH repository](https://github.com/signalwire/freeswitch/tree/master/conf).
'';
};
package = mkOption {
type = types.package;
default = pkgs.freeswitch;
defaultText = literalExpression "pkgs.freeswitch";
- description = ''
+ description = lib.mdDoc ''
FreeSWITCH package.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gammu-smsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gammu-smsd.nix
index d4bb58d81dd..daa0e22e327 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gammu-smsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gammu-smsd.nix
@@ -58,39 +58,39 @@ in {
user = mkOption {
type = types.str;
default = "smsd";
- description = "User that has access to the device";
+ description = lib.mdDoc "User that has access to the device";
};
device = {
path = mkOption {
type = types.path;
- description = "Device node or address of the phone";
+ description = lib.mdDoc "Device node or address of the phone";
example = "/dev/ttyUSB2";
};
group = mkOption {
type = types.str;
default = "root";
- description = "Owner group of the device";
+ description = lib.mdDoc "Owner group of the device";
example = "dialout";
};
connection = mkOption {
type = types.str;
default = "at";
- description = "Protocol which will be used to talk to the phone";
+ description = lib.mdDoc "Protocol which will be used to talk to the phone";
};
synchronizeTime = mkOption {
type = types.bool;
default = true;
- description = "Whether to set time from computer to the phone during starting connection";
+ description = lib.mdDoc "Whether to set time from computer to the phone during starting connection";
};
pin = mkOption {
type = types.nullOr types.str;
default = null;
- description = "PIN code for the simcard";
+ description = lib.mdDoc "PIN code for the simcard";
};
};
@@ -99,13 +99,13 @@ in {
file = mkOption {
type = types.str;
default = "syslog";
- description = "Path to file where information about communication will be stored";
+ description = lib.mdDoc "Path to file where information about communication will be stored";
};
format = mkOption {
type = types.enum [ "nothing" "text" "textall" "textalldate" "errors" "errorsdate" "binary" ];
default = "errors";
- description = "Determines what will be logged to the LogFile";
+ description = lib.mdDoc "Determines what will be logged to the LogFile";
};
};
@@ -114,14 +114,14 @@ in {
gammu = mkOption {
type = types.lines;
default = "";
- description = "Extra config lines to be added into [gammu] section";
+ description = lib.mdDoc "Extra config lines to be added into [gammu] section";
};
smsd = mkOption {
type = types.lines;
default = "";
- description = "Extra config lines to be added into [smsd] section";
+ description = lib.mdDoc "Extra config lines to be added into [smsd] section";
};
};
@@ -130,69 +130,69 @@ in {
service = mkOption {
type = types.enum [ "null" "files" "sql" ];
default = "null";
- description = "Service to use to store sms data.";
+ description = lib.mdDoc "Service to use to store sms data.";
};
files = {
inboxPath = mkOption {
type = types.path;
default = "/var/spool/sms/inbox/";
- description = "Where the received SMSes are stored";
+ description = lib.mdDoc "Where the received SMSes are stored";
};
outboxPath = mkOption {
type = types.path;
default = "/var/spool/sms/outbox/";
- description = "Where SMSes to be sent should be placed";
+ description = lib.mdDoc "Where SMSes to be sent should be placed";
};
sentSMSPath = mkOption {
type = types.path;
default = "/var/spool/sms/sent/";
- description = "Where the transmitted SMSes are placed";
+ description = lib.mdDoc "Where the transmitted SMSes are placed";
};
errorSMSPath = mkOption {
type = types.path;
default = "/var/spool/sms/error/";
- description = "Where SMSes with error in transmission is placed";
+ description = lib.mdDoc "Where SMSes with error in transmission is placed";
};
};
sql = {
driver = mkOption {
type = types.enum [ "native_mysql" "native_pgsql" "odbc" "dbi" ];
- description = "DB driver to use";
+ description = lib.mdDoc "DB driver to use";
};
sqlDialect = mkOption {
type = types.nullOr types.str;
default = null;
- description = "SQL dialect to use (odbc driver only)";
+ description = lib.mdDoc "SQL dialect to use (odbc driver only)";
};
database = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Database name to store sms data";
+ description = lib.mdDoc "Database name to store sms data";
};
host = mkOption {
type = types.str;
default = "localhost";
- description = "Database server address";
+ description = lib.mdDoc "Database server address";
};
user = mkOption {
type = types.nullOr types.str;
default = null;
- description = "User name used for connection to the database";
+ description = lib.mdDoc "User name used for connection to the database";
};
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = "User password used for connetion to the database";
+ description = lib.mdDoc "User password used for connetion to the database";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/geoipupdate.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/geoipupdate.nix
index db643c3d847..20bbba0aad9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/geoipupdate.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/geoipupdate.nix
@@ -65,7 +65,7 @@ in
AccountID = lib.mkOption {
type = lib.types.int;
- description = ''
+ description = lib.mdDoc ''
Your MaxMind account ID.
'';
};
@@ -77,10 +77,10 @@ in
"GeoLite2-City"
"GeoLite2-Country"
];
- description = ''
+ description = lib.mdDoc ''
List of database edition IDs. This includes new string
- IDs like GeoIP2-City and old
- numeric IDs like 106.
+ IDs like `GeoIP2-City` and old
+ numeric IDs like `106`.
'';
};
@@ -103,10 +103,10 @@ in
type = lib.types.path;
default = "/var/lib/GeoIP";
example = "/run/GeoIP";
- description = ''
+ description = lib.mdDoc ''
The directory to store the database files in. The
directory will be automatically created, the owner
- changed to geoip and permissions
+ changed to `geoip` and permissions
set to world readable. This applies if the directory
already exists as well, so don't use a directory with
sensitive contents.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitea.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitea.nix
index effa0c06ad6..82345ad7863 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitea.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitea.nix
@@ -27,26 +27,26 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = "Enable Gitea Service.";
+ description = lib.mdDoc "Enable Gitea Service.";
};
package = mkOption {
default = pkgs.gitea;
type = types.package;
defaultText = literalExpression "pkgs.gitea";
- description = "gitea derivation to use";
+ description = lib.mdDoc "gitea derivation to use";
};
useWizard = mkOption {
default = false;
type = types.bool;
- description = "Do not generate a configuration and use gitea' installation wizard instead. The first registered user will be administrator.";
+ description = lib.mdDoc "Do not generate a configuration and use gitea' installation wizard instead. The first registered user will be administrator.";
};
stateDir = mkOption {
default = "/var/lib/gitea";
type = types.str;
- description = "gitea data directory.";
+ description = lib.mdDoc "gitea data directory.";
};
log = {
@@ -54,19 +54,19 @@ in
default = "${cfg.stateDir}/log";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/log"'';
type = types.str;
- description = "Root path for log files.";
+ description = lib.mdDoc "Root path for log files.";
};
level = mkOption {
default = "Info";
type = types.enum [ "Trace" "Debug" "Info" "Warn" "Error" "Critical" ];
- description = "General log level.";
+ description = lib.mdDoc "General log level.";
};
};
user = mkOption {
type = types.str;
default = "gitea";
- description = "User account under which gitea runs.";
+ description = lib.mdDoc "User account under which gitea runs.";
};
database = {
@@ -74,13 +74,13 @@ in
type = types.enum [ "sqlite3" "mysql" "postgres" ];
example = "mysql";
default = "sqlite3";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Database host address.";
+ description = lib.mdDoc "Database host address.";
};
port = mkOption {
@@ -91,28 +91,28 @@ in
then 3306
else config.${options.services.postgresql.port}
'';
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = mkOption {
type = types.str;
default = "gitea";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = mkOption {
type = types.str;
default = "gitea";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
password = mkOption {
type = types.str;
default = "";
- description = ''
- The password corresponding to .
+ description = lib.mdDoc ''
+ The password corresponding to {option}`database.user`.
Warning: this is stored in cleartext in the Nix store!
- Use instead.
+ Use {option}`database.passwordFile` instead.
'';
};
@@ -120,9 +120,9 @@ in
type = types.nullOr types.path;
default = null;
example = "/run/keys/gitea-dbpassword";
- description = ''
+ description = lib.mdDoc ''
A file containing the password corresponding to
- .
+ {option}`database.user`.
'';
};
@@ -131,20 +131,20 @@ in
default = if (cfg.database.createDatabase && usePostgresql) then "/run/postgresql" else if (cfg.database.createDatabase && useMysql) then "/run/mysqld/mysqld.sock" else null;
defaultText = literalExpression "null";
example = "/run/mysqld/mysqld.sock";
- description = "Path to the unix socket file to use for authentication.";
+ description = lib.mdDoc "Path to the unix socket file to use for authentication.";
};
path = mkOption {
type = types.str;
default = "${cfg.stateDir}/data/gitea.db";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/data/gitea.db"'';
- description = "Path to the sqlite3 database file.";
+ description = lib.mdDoc "Path to the sqlite3 database file.";
};
createDatabase = mkOption {
type = types.bool;
default = true;
- description = "Whether to create a local database automatically.";
+ description = lib.mdDoc "Whether to create a local database automatically.";
};
};
@@ -152,7 +152,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable a timer that runs gitea dump to generate backup-files of the
current gitea database and repositories.
'';
@@ -175,13 +175,13 @@ in
type = types.str;
default = "${cfg.stateDir}/dump";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/dump"'';
- description = "Path to the dump files.";
+ description = lib.mdDoc "Path to the dump files.";
};
type = mkOption {
type = types.enum [ "zip" "rar" "tar" "sz" "tar.gz" "tar.xz" "tar.bz2" "tar.br" "tar.lz4" ];
default = "zip";
- description = "Archive format used to store the dump file.";
+ description = lib.mdDoc "Archive format used to store the dump file.";
};
file = mkOption {
@@ -196,14 +196,14 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = "Enable external SSH feature.";
+ description = lib.mdDoc "Enable external SSH feature.";
};
clonePort = mkOption {
type = types.int;
default = 22;
example = 2222;
- description = ''
+ description = lib.mdDoc ''
SSH port displayed in clone URL.
The option is required to configure a service when the external visible port
differs from the local listening port i.e. if port forwarding is used.
@@ -215,64 +215,64 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enables git-lfs support.";
+ description = lib.mdDoc "Enables git-lfs support.";
};
contentDir = mkOption {
type = types.str;
default = "${cfg.stateDir}/data/lfs";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/data/lfs"'';
- description = "Where to store LFS files.";
+ description = lib.mdDoc "Where to store LFS files.";
};
};
appName = mkOption {
type = types.str;
default = "gitea: Gitea Service";
- description = "Application name.";
+ description = lib.mdDoc "Application name.";
};
repositoryRoot = mkOption {
type = types.str;
default = "${cfg.stateDir}/repositories";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/repositories"'';
- description = "Path to the git repositories.";
+ description = lib.mdDoc "Path to the git repositories.";
};
domain = mkOption {
type = types.str;
default = "localhost";
- description = "Domain name of your server.";
+ description = lib.mdDoc "Domain name of your server.";
};
rootUrl = mkOption {
type = types.str;
default = "http://localhost:3000/";
- description = "Full public URL of gitea server.";
+ description = lib.mdDoc "Full public URL of gitea server.";
};
httpAddress = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "HTTP listen address.";
+ description = lib.mdDoc "HTTP listen address.";
};
httpPort = mkOption {
type = types.int;
default = 3000;
- description = "HTTP listen port.";
+ description = lib.mdDoc "HTTP listen port.";
};
enableUnixSocket = mkOption {
type = types.bool;
default = false;
- description = "Configure Gitea to listen on a unix socket instead of the default TCP port.";
+ description = lib.mdDoc "Configure Gitea to listen on a unix socket instead of the default TCP port.";
};
cookieSecure = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Marks session cookies as "secure" as a hint for browsers to only send
them via HTTPS. This option is recommend, if gitea is being served over HTTPS.
'';
@@ -283,14 +283,14 @@ in
default = gitea.data;
defaultText = literalExpression "package.data";
example = "/var/lib/gitea/data";
- description = "Upper level of template and static files path.";
+ description = lib.mdDoc "Upper level of template and static files path.";
};
mailerPasswordFile = mkOption {
type = types.nullOr types.str;
default = null;
example = "/var/lib/secrets/gitea/mailpw";
- description = "Path to a file containing the SMTP password.";
+ description = lib.mdDoc "Path to a file containing the SMTP password.";
};
disableRegistration = mkEnableOption "the registration lock" // {
@@ -308,8 +308,8 @@ in
settings = mkOption {
type = with types; attrsOf (attrsOf (oneOf [ bool int str ]));
default = {};
- description = ''
- Gitea configuration. Refer to
+ description = lib.mdDoc ''
+ Gitea configuration. Refer to
for details on supported values.
'';
example = literalExpression ''
@@ -335,7 +335,7 @@ in
extraConfig = mkOption {
type = with types; nullOr str;
default = null;
- description = "Configuration lines appended to the generated gitea configuration file.";
+ description = lib.mdDoc "Configuration lines appended to the generated gitea configuration file.";
};
};
};
@@ -506,24 +506,24 @@ in
function gitea_setup {
cp -f ${configFile} ${runConfig}
- if [ ! -e ${secretKey} ]; then
+ if [ ! -s ${secretKey} ]; then
${gitea}/bin/gitea generate secret SECRET_KEY > ${secretKey}
fi
# Migrate LFS_JWT_SECRET filename
- if [[ -e ${oldLfsJwtSecret} && ! -e ${lfsJwtSecret} ]]; then
+ if [[ -s ${oldLfsJwtSecret} && ! -s ${lfsJwtSecret} ]]; then
mv ${oldLfsJwtSecret} ${lfsJwtSecret}
fi
- if [ ! -e ${oauth2JwtSecret} ]; then
+ if [ ! -s ${oauth2JwtSecret} ]; then
${gitea}/bin/gitea generate secret JWT_SECRET > ${oauth2JwtSecret}
fi
- if [ ! -e ${lfsJwtSecret} ]; then
+ if [ ! -s ${lfsJwtSecret} ]; then
${gitea}/bin/gitea generate secret LFS_JWT_SECRET > ${lfsJwtSecret}
fi
- if [ ! -e ${internalToken} ]; then
+ if [ ! -s ${internalToken} ]; then
${gitea}/bin/gitea generate secret INTERNAL_TOKEN > ${internalToken}
fi
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitlab.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitlab.nix
index 0b8bd08a22b..938b1d4ed10 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitlab.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitlab.nix
@@ -19,13 +19,13 @@ let
# https://gitlab.com/gitlab-org/gitlab/-/issues/360783#note_992870101.
gitPackage =
let
- version = "2.35.3";
+ version = "2.35.4";
in
pkgs.git.overrideAttrs (oldAttrs: rec {
inherit version;
src = pkgs.fetchurl {
url = "https://www.kernel.org/pub/software/scm/git/git-${version}.tar.xz";
- sha256 = "sha256-FenbT5vy7Z//MMtioAxcfAkBAV9asEjNtOiwTd7gD6I=";
+ sha256 = "sha256-mv13OdNkXggeKQkJ+47QcJ6lYmcw6Qjri1ZJ2ETCTOk=";
};
});
@@ -252,7 +252,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the gitlab service.
'';
};
@@ -261,7 +261,7 @@ in {
type = types.package;
default = pkgs.gitlab;
defaultText = literalExpression "pkgs.gitlab";
- description = "Reference to the gitlab package";
+ description = lib.mdDoc "Reference to the gitlab package";
example = literalExpression "pkgs.gitlab-ee";
};
@@ -269,48 +269,48 @@ in {
type = types.package;
default = pkgs.gitlab-shell;
defaultText = literalExpression "pkgs.gitlab-shell";
- description = "Reference to the gitlab-shell package";
+ description = lib.mdDoc "Reference to the gitlab-shell package";
};
packages.gitlab-workhorse = mkOption {
type = types.package;
default = pkgs.gitlab-workhorse;
defaultText = literalExpression "pkgs.gitlab-workhorse";
- description = "Reference to the gitlab-workhorse package";
+ description = lib.mdDoc "Reference to the gitlab-workhorse package";
};
packages.gitaly = mkOption {
type = types.package;
default = pkgs.gitaly;
defaultText = literalExpression "pkgs.gitaly";
- description = "Reference to the gitaly package";
+ description = lib.mdDoc "Reference to the gitaly package";
};
packages.pages = mkOption {
type = types.package;
default = pkgs.gitlab-pages;
defaultText = literalExpression "pkgs.gitlab-pages";
- description = "Reference to the gitlab-pages package";
+ description = lib.mdDoc "Reference to the gitlab-pages package";
};
statePath = mkOption {
type = types.str;
default = "/var/gitlab/state";
- description = ''
+ description = lib.mdDoc ''
GitLab state directory. Configuration, repositories and
logs, among other things, are stored here.
The directory will be created automatically if it doesn't
exist already. Its parent directories must be owned by
- either root or the user set in
- .
+ either `root` or the user set in
+ {option}`services.gitlab.user`.
'';
};
extraEnv = mkOption {
type = types.attrsOf types.str;
default = {};
- description = ''
+ description = lib.mdDoc ''
Additional environment variables for the GitLab environment.
'';
};
@@ -331,7 +331,7 @@ in {
type = types.str;
default = cfg.statePath + "/backup";
defaultText = literalExpression ''config.${opt.statePath} + "/backup"'';
- description = "GitLab path for backups.";
+ description = lib.mdDoc "GitLab path for backups.";
};
backup.keepTime = mkOption {
@@ -364,13 +364,13 @@ in {
default = [];
example = [ "artifacts" "lfs" ];
apply = x: if isString x then x else concatStringsSep "," x;
- description = ''
+ description = lib.mdDoc ''
Directories to exclude from the backup. The example excludes
CI artifacts and LFS objects from the backups. The
- tar option skips the creation of a tar
+ `tar` option skips the creation of a tar
file.
- Refer to
+ Refer to
for more information.
'';
};
@@ -403,13 +403,13 @@ in {
storage_class = "STANDARD";
};
'';
- description = ''
+ description = lib.mdDoc ''
GitLab automatic upload specification. Tells GitLab to
upload the backup to a remote location when done.
Attributes specified here are added under
- production -> backup -> upload in
- config/gitlab.yml.
+ `production -> backup -> upload` in
+ {file}`config/gitlab.yml`.
'';
};
@@ -425,7 +425,7 @@ in {
databasePasswordFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing the GitLab database user password.
This should be a string, not a nix path, since nix paths are
@@ -436,43 +436,43 @@ in {
databaseCreateLocally = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether a database should be automatically created on the
- local host. Set this to false if you plan
+ local host. Set this to `false` if you plan
on provisioning a local database yourself. This has no effect
- if is customized.
+ if {option}`services.gitlab.databaseHost` is customized.
'';
};
databaseName = mkOption {
type = types.str;
default = "gitlab";
- description = "GitLab database name.";
+ description = lib.mdDoc "GitLab database name.";
};
databaseUsername = mkOption {
type = types.str;
default = "gitlab";
- description = "GitLab database user.";
+ description = lib.mdDoc "GitLab database user.";
};
databasePool = mkOption {
type = types.int;
default = 5;
- description = "Database connection pool size.";
+ description = lib.mdDoc "Database connection pool size.";
};
extraDatabaseConfig = mkOption {
type = types.attrs;
default = {};
- description = "Extra configuration in config/database.yml.";
+ description = lib.mdDoc "Extra configuration in config/database.yml.";
};
redisUrl = mkOption {
type = types.str;
default = "redis://localhost:${toString config.services.redis.servers.gitlab.port}/";
defaultText = literalExpression ''redis://localhost:''${toString config.services.redis.servers.gitlab.port}/'';
- description = "Redis URL for all GitLab services except gitlab-shell";
+ description = lib.mdDoc "Redis URL for all GitLab services except gitlab-shell";
};
extraGitlabRb = mkOption {
@@ -488,7 +488,7 @@ in {
}
end
'';
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be placed in config/extra-gitlab.rb. This can
be used to add configuration not otherwise exposed through this module's
options.
@@ -499,13 +499,13 @@ in {
type = types.str;
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
- description = "GitLab host name. Used e.g. for copy-paste URLs.";
+ description = lib.mdDoc "GitLab host name. Used e.g. for copy-paste URLs.";
};
port = mkOption {
type = types.port;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
GitLab server port for copy-paste URLs, e.g. 80 or 443 if you're
service over https.
'';
@@ -514,25 +514,25 @@ in {
https = mkOption {
type = types.bool;
default = false;
- description = "Whether gitlab prints URLs with https as scheme.";
+ description = lib.mdDoc "Whether gitlab prints URLs with https as scheme.";
};
user = mkOption {
type = types.str;
default = "gitlab";
- description = "User to run gitlab and all related services.";
+ description = lib.mdDoc "User to run gitlab and all related services.";
};
group = mkOption {
type = types.str;
default = "gitlab";
- description = "Group to run gitlab and all related services.";
+ description = lib.mdDoc "Group to run gitlab and all related services.";
};
initialRootEmail = mkOption {
type = types.str;
default = "admin@local.host";
- description = ''
+ description = lib.mdDoc ''
Initial email address of the root account if this is a new install.
'';
};
@@ -540,7 +540,7 @@ in {
initialRootPasswordFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing the initial password of the root account if
this is a new install.
@@ -553,51 +553,51 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable GitLab container registry.";
+ description = lib.mdDoc "Enable GitLab container registry.";
};
host = mkOption {
type = types.str;
default = config.services.gitlab.host;
defaultText = literalExpression "config.services.gitlab.host";
- description = "GitLab container registry host name.";
+ description = lib.mdDoc "GitLab container registry host name.";
};
port = mkOption {
type = types.int;
default = 4567;
- description = "GitLab container registry port.";
+ description = lib.mdDoc "GitLab container registry port.";
};
certFile = mkOption {
type = types.path;
- description = "Path to GitLab container registry certificate.";
+ description = lib.mdDoc "Path to GitLab container registry certificate.";
};
keyFile = mkOption {
type = types.path;
- description = "Path to GitLab container registry certificate-key.";
+ description = lib.mdDoc "Path to GitLab container registry certificate-key.";
};
defaultForProjects = mkOption {
type = types.bool;
default = cfg.registry.enable;
defaultText = literalExpression "config.${opt.registry.enable}";
- description = "If GitLab container registry should be enabled by default for projects.";
+ description = lib.mdDoc "If GitLab container registry should be enabled by default for projects.";
};
issuer = mkOption {
type = types.str;
default = "gitlab-issuer";
- description = "GitLab container registry issuer.";
+ description = lib.mdDoc "GitLab container registry issuer.";
};
serviceName = mkOption {
type = types.str;
default = "container_registry";
- description = "GitLab container registry service name.";
+ description = lib.mdDoc "GitLab container registry service name.";
};
externalAddress = mkOption {
type = types.str;
default = "";
- description = "External address used to access registry from the internet";
+ description = lib.mdDoc "External address used to access registry from the internet";
};
externalPort = mkOption {
type = types.int;
- description = "External port used to access registry from the internet";
+ description = lib.mdDoc "External port used to access registry from the internet";
};
};
@@ -605,31 +605,31 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable gitlab mail delivery over SMTP.";
+ description = lib.mdDoc "Enable gitlab mail delivery over SMTP.";
};
address = mkOption {
type = types.str;
default = "localhost";
- description = "Address of the SMTP server for GitLab.";
+ description = lib.mdDoc "Address of the SMTP server for GitLab.";
};
port = mkOption {
type = types.int;
default = 25;
- description = "Port of the SMTP server for GitLab.";
+ description = lib.mdDoc "Port of the SMTP server for GitLab.";
};
username = mkOption {
type = with types; nullOr str;
default = null;
- description = "Username of the SMTP server for GitLab.";
+ description = lib.mdDoc "Username of the SMTP server for GitLab.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing the password of the SMTP server for GitLab.
This should be a string, not a nix path, since nix paths
@@ -640,44 +640,44 @@ in {
domain = mkOption {
type = types.str;
default = "localhost";
- description = "HELO domain to use for outgoing mail.";
+ description = lib.mdDoc "HELO domain to use for outgoing mail.";
};
authentication = mkOption {
type = with types; nullOr str;
default = null;
- description = "Authentication type to use, see http://api.rubyonrails.org/classes/ActionMailer/Base.html";
+ description = lib.mdDoc "Authentication type to use, see http://api.rubyonrails.org/classes/ActionMailer/Base.html";
};
enableStartTLSAuto = mkOption {
type = types.bool;
default = true;
- description = "Whether to try to use StartTLS.";
+ description = lib.mdDoc "Whether to try to use StartTLS.";
};
tls = mkOption {
type = types.bool;
default = false;
- description = "Whether to use TLS wrapper-mode.";
+ description = lib.mdDoc "Whether to use TLS wrapper-mode.";
};
opensslVerifyMode = mkOption {
type = types.str;
default = "peer";
- description = "How OpenSSL checks the certificate, see http://api.rubyonrails.org/classes/ActionMailer/Base.html";
+ description = lib.mdDoc "How OpenSSL checks the certificate, see http://api.rubyonrails.org/classes/ActionMailer/Base.html";
};
};
pagesExtraArgs = mkOption {
type = types.listOf types.str;
default = [ "-listen-proxy" "127.0.0.1:8090" ];
- description = "Arguments to pass to the gitlab-pages daemon";
+ description = lib.mdDoc "Arguments to pass to the gitlab-pages daemon";
};
secrets.secretFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing the secret used to encrypt variables in
the DB. If you change or lose this key you will be unable to
access variables stored in database.
@@ -693,7 +693,7 @@ in {
secrets.dbFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing the secret used to encrypt variables in
the DB. If you change or lose this key you will be unable to
access variables stored in database.
@@ -709,7 +709,7 @@ in {
secrets.otpFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing the secret used to encrypt secrets for OTP
tokens. If you change or lose this key, users which have 2FA
enabled for login won't be able to login anymore.
@@ -725,7 +725,7 @@ in {
secrets.jwsFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing the secret used to encrypt session
keys. If you change or lose this key, users will be
disconnected.
@@ -743,7 +743,7 @@ in {
extraShellConfig = mkOption {
type = types.attrs;
default = {};
- description = "Extra configuration to merge into shell-config.yml";
+ description = lib.mdDoc "Extra configuration to merge into shell-config.yml";
};
puma.workers = mkOption {
@@ -805,12 +805,12 @@ in {
sidekiq.memoryKiller.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the Sidekiq MemoryKiller should be turned
on. MemoryKiller kills Sidekiq when its memory consumption
exceeds a certain limit.
- See
+ See
for details.
'';
};
@@ -819,7 +819,7 @@ in {
type = types.int;
default = 2000;
apply = x: builtins.toString (x * 1024);
- description = ''
+ description = lib.mdDoc ''
The maximum amount of memory, in MiB, a Sidekiq worker is
allowed to consume before being killed.
'';
@@ -829,7 +829,7 @@ in {
type = types.int;
default = 900;
apply = x: builtins.toString x;
- description = ''
+ description = lib.mdDoc ''
The time MemoryKiller waits after noticing excessive memory
consumption before killing Sidekiq.
'';
@@ -839,7 +839,7 @@ in {
type = types.int;
default = 30;
apply = x: builtins.toString x;
- description = ''
+ description = lib.mdDoc ''
The time allowed for all jobs to finish before Sidekiq is
killed forcefully.
'';
@@ -849,7 +849,7 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable rotation of log files.
'';
};
@@ -857,21 +857,21 @@ in {
frequency = mkOption {
type = types.str;
default = "daily";
- description = "How often to rotate the logs.";
+ description = lib.mdDoc "How often to rotate the logs.";
};
keep = mkOption {
type = types.int;
default = 30;
- description = "How many rotations to keep.";
+ description = lib.mdDoc "How many rotations to keep.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra logrotate config options for this path. Refer to
- for details.
+ for details.
'';
};
};
@@ -914,21 +914,21 @@ in {
};
};
'';
- description = ''
+ description = lib.mdDoc ''
Extra options to be added under
- production in
- config/gitlab.yml, as a nix attribute
+ `production` in
+ {file}`config/gitlab.yml`, as a nix attribute
set.
Options containing secret data should be set to an attribute
- set containing the attribute _secret - a
+ set containing the attribute `_secret` - a
string pointing to a file containing the value the option
should be set to. See the example to get a better picture of
this: in the resulting
- config/gitlab.yml file, the
- production.omniauth.providers[0].args.client_options.secret
+ {file}`config/gitlab.yml` file, the
+ `production.omniauth.providers[0].args.client_options.secret`
key will be set to the contents of the
- /var/keys/gitlab_oidc_secret file.
+ {file}`/var/keys/gitlab_oidc_secret` file.
'';
};
};
@@ -1063,7 +1063,7 @@ in {
chown ${cfg.user}:${cfg.group} ${cfg.registry.certFile}
'';
- serviceConfig = {
+ unitConfig = {
ConditionPathExists = "!${cfg.registry.certFile}";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitolite.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitolite.nix
index 810ef1f21b9..b313be074db 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitolite.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitolite.nix
@@ -26,7 +26,7 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/gitolite";
- description = ''
+ description = lib.mdDoc ''
The gitolite home directory used to store all repositories. If left as the default value
this directory will automatically be created before the gitolite server starts, otherwise
the sysadmin is responsible for ensuring the directory exists with appropriate ownership
@@ -36,7 +36,7 @@ in
adminPubkey = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Initial administrative public key for Gitolite. This should
be an SSH Public Key. Note that this key will only be used
once, upon the first initialization of the Gitolite user.
@@ -47,8 +47,8 @@ in
enableGitAnnex = mkOption {
type = types.bool;
default = false;
- description = ''
- Enable git-annex support. Uses the extraGitoliteRc option
+ description = lib.mdDoc ''
+ Enable git-annex support. Uses the `extraGitoliteRc` option
to apply the necessary configuration.
'';
};
@@ -56,8 +56,8 @@ in
commonHooks = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
- A list of custom git hooks that get copied to ~/.gitolite/hooks/common.
+ description = lib.mdDoc ''
+ A list of custom git hooks that get copied to `~/.gitolite/hooks/common`.
'';
};
@@ -97,7 +97,7 @@ in
user = mkOption {
type = types.str;
default = "gitolite";
- description = ''
+ description = lib.mdDoc ''
Gitolite user account. This is the username of the gitolite endpoint.
'';
};
@@ -105,7 +105,7 @@ in
group = mkOption {
type = types.str;
default = "gitolite";
- description = ''
+ description = lib.mdDoc ''
Primary group of the Gitolite user account.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitweb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitweb.nix
index a1180716e36..ef20347ee24 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitweb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gitweb.nix
@@ -13,7 +13,7 @@ in
projectroot = mkOption {
default = "/srv/git";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to git projects (bare repositories) that should be served by
gitweb. Must not end with a slash.
'';
@@ -22,7 +22,7 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Verbatim configuration text appended to the generated gitweb.conf file.
'';
example = ''
@@ -35,7 +35,7 @@ in
gitwebTheme = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Use an alternative theme for gitweb, strongly inspired by GitHub.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gogs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gogs.nix
index c7ae4f49407..e726f2c5c7c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gogs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gogs.nix
@@ -48,31 +48,31 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = "Enable Go Git Service.";
+ description = lib.mdDoc "Enable Go Git Service.";
};
useWizard = mkOption {
default = false;
type = types.bool;
- description = "Do not generate a configuration and use Gogs' installation wizard instead. The first registered user will be administrator.";
+ description = lib.mdDoc "Do not generate a configuration and use Gogs' installation wizard instead. The first registered user will be administrator.";
};
stateDir = mkOption {
default = "/var/lib/gogs";
type = types.str;
- description = "Gogs data directory.";
+ description = lib.mdDoc "Gogs data directory.";
};
user = mkOption {
type = types.str;
default = "gogs";
- description = "User account under which Gogs runs.";
+ description = lib.mdDoc "User account under which Gogs runs.";
};
group = mkOption {
type = types.str;
default = "gogs";
- description = "Group account under which Gogs runs.";
+ description = lib.mdDoc "Group account under which Gogs runs.";
};
database = {
@@ -80,40 +80,40 @@ in
type = types.enum [ "sqlite3" "mysql" "postgres" ];
example = "mysql";
default = "sqlite3";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Database host address.";
+ description = lib.mdDoc "Database host address.";
};
port = mkOption {
type = types.int;
default = 3306;
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = mkOption {
type = types.str;
default = "gogs";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = mkOption {
type = types.str;
default = "gogs";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
password = mkOption {
type = types.str;
default = "";
- description = ''
- The password corresponding to .
+ description = lib.mdDoc ''
+ The password corresponding to {option}`database.user`.
Warning: this is stored in cleartext in the Nix store!
- Use instead.
+ Use {option}`database.passwordFile` instead.
'';
};
@@ -121,9 +121,9 @@ in
type = types.nullOr types.path;
default = null;
example = "/run/keys/gogs-dbpassword";
- description = ''
+ description = lib.mdDoc ''
A file containing the password corresponding to
- .
+ {option}`database.user`.
'';
};
@@ -131,51 +131,51 @@ in
type = types.str;
default = "${cfg.stateDir}/data/gogs.db";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/data/gogs.db"'';
- description = "Path to the sqlite3 database file.";
+ description = lib.mdDoc "Path to the sqlite3 database file.";
};
};
appName = mkOption {
type = types.str;
default = "Gogs: Go Git Service";
- description = "Application name.";
+ description = lib.mdDoc "Application name.";
};
repositoryRoot = mkOption {
type = types.str;
default = "${cfg.stateDir}/repositories";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/repositories"'';
- description = "Path to the git repositories.";
+ description = lib.mdDoc "Path to the git repositories.";
};
domain = mkOption {
type = types.str;
default = "localhost";
- description = "Domain name of your server.";
+ description = lib.mdDoc "Domain name of your server.";
};
rootUrl = mkOption {
type = types.str;
default = "http://localhost:3000/";
- description = "Full public URL of Gogs server.";
+ description = lib.mdDoc "Full public URL of Gogs server.";
};
httpAddress = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "HTTP listen address.";
+ description = lib.mdDoc "HTTP listen address.";
};
httpPort = mkOption {
type = types.int;
default = 3000;
- description = "HTTP listen port.";
+ description = lib.mdDoc "HTTP listen port.";
};
cookieSecure = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Marks session cookies as "secure" as a hint for browsers to only send
them via HTTPS. This option is recommend, if Gogs is being served over HTTPS.
'';
@@ -184,7 +184,7 @@ in
extraConfig = mkOption {
type = types.str;
default = "";
- description = "Configuration lines appended to the generated Gogs configuration file.";
+ description = lib.mdDoc "Configuration lines appended to the generated Gogs configuration file.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gollum.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gollum.nix
index 5a5f488dc56..a4bed2da8a2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gollum.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gollum.nix
@@ -11,80 +11,80 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the Gollum service.";
+ description = lib.mdDoc "Enable the Gollum service.";
};
address = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "IP address on which the web server will listen.";
+ description = lib.mdDoc "IP address on which the web server will listen.";
};
port = mkOption {
type = types.int;
default = 4567;
- description = "Port on which the web server will run.";
+ description = lib.mdDoc "Port on which the web server will run.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Content of the configuration file";
+ description = lib.mdDoc "Content of the configuration file";
};
mathjax = mkOption {
type = types.bool;
default = false;
- description = "Enable support for math rendering using MathJax";
+ description = lib.mdDoc "Enable support for math rendering using MathJax";
};
allowUploads = mkOption {
type = types.nullOr (types.enum [ "dir" "page" ]);
default = null;
- description = "Enable uploads of external files";
+ description = lib.mdDoc "Enable uploads of external files";
};
user-icons = mkOption {
type = types.nullOr (types.enum [ "gravatar" "identicon" ]);
default = null;
- description = "Enable specific user icons for history view";
+ description = lib.mdDoc "Enable specific user icons for history view";
};
emoji = mkOption {
type = types.bool;
default = false;
- description = "Parse and interpret emoji tags";
+ description = lib.mdDoc "Parse and interpret emoji tags";
};
h1-title = mkOption {
type = types.bool;
default = false;
- description = "Use the first h1 as page title";
+ description = lib.mdDoc "Use the first h1 as page title";
};
no-edit = mkOption {
type = types.bool;
default = false;
- description = "Disable editing pages";
+ description = lib.mdDoc "Disable editing pages";
};
local-time = mkOption {
type = types.bool;
default = false;
- description = "Use the browser's local timezone instead of the server's for displaying dates.";
+ description = lib.mdDoc "Use the browser's local timezone instead of the server's for displaying dates.";
};
branch = mkOption {
type = types.str;
default = "master";
example = "develop";
- description = "Git branch to serve";
+ description = lib.mdDoc "Git branch to serve";
};
stateDir = mkOption {
type = types.path;
default = "/var/lib/gollum";
- description = "Specifies the path of the repository directory. If it does not exist, Gollum will create it on startup.";
+ description = lib.mdDoc "Specifies the path of the repository directory. If it does not exist, Gollum will create it on startup.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gpsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gpsd.nix
index 6494578f764..1ab8d1bbe06 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gpsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/gpsd.nix
@@ -21,7 +21,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable `gpsd', a GPS service daemon.
'';
};
@@ -29,9 +29,9 @@ in
device = mkOption {
type = types.str;
default = "/dev/ttyUSB0";
- description = ''
+ description = lib.mdDoc ''
A device may be a local serial device for GPS input, or a URL of the form:
- [{dgpsip|ntrip}://][user:passwd@]host[:port][/stream]
+ `[{dgpsip|ntrip}://][user:passwd@]host[:port][/stream]`
in which case it specifies an input source for DGPS or ntrip data.
'';
};
@@ -39,7 +39,7 @@ in
readonly = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the broken-device-safety, otherwise
known as read-only mode. Some popular bluetooth and USB
receivers lock up or become totally inaccessible when
@@ -56,7 +56,7 @@ in
nowait = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
don't wait for client connects to poll GPS
'';
};
@@ -64,7 +64,7 @@ in
port = mkOption {
type = types.port;
default = 2947;
- description = ''
+ description = lib.mdDoc ''
The port where to listen for TCP connections.
'';
};
@@ -72,7 +72,7 @@ in
debugLevel = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
The debugging level.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/greenclip.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/greenclip.nix
index 32e8d746cb5..210827ea075 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/greenclip.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/greenclip.nix
@@ -13,7 +13,7 @@ in {
type = types.package;
default = pkgs.haskellPackages.greenclip;
defaultText = literalExpression "pkgs.haskellPackages.greenclip";
- description = "greenclip derivation to use.";
+ description = lib.mdDoc "greenclip derivation to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/headphones.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/headphones.nix
index 31bd61cb4c2..472b330fff1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/headphones.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/headphones.nix
@@ -20,38 +20,38 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the headphones server.";
+ description = lib.mdDoc "Whether to enable the headphones server.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/${name}";
- description = "Path where to store data files.";
+ description = lib.mdDoc "Path where to store data files.";
};
configFile = mkOption {
type = types.path;
default = "${cfg.dataDir}/config.ini";
defaultText = literalExpression ''"''${config.${opt.dataDir}}/config.ini"'';
- description = "Path to config file.";
+ description = lib.mdDoc "Path to config file.";
};
host = mkOption {
type = types.str;
default = "localhost";
- description = "Host to listen on.";
+ description = lib.mdDoc "Host to listen on.";
};
port = mkOption {
type = types.ints.u16;
default = 8181;
- description = "Port to bind to.";
+ description = lib.mdDoc "Port to bind to.";
};
user = mkOption {
type = types.str;
default = name;
- description = "User to run the service as";
+ description = lib.mdDoc "User to run the service as";
};
group = mkOption {
type = types.str;
default = name;
- description = "Group to run the service as";
+ description = lib.mdDoc "Group to run the service as";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/heisenbridge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/heisenbridge.nix
index deefb061d8b..486ba512ac5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/heisenbridge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/heisenbridge.nix
@@ -30,20 +30,20 @@ in
default = pkgs.heisenbridge;
defaultText = "pkgs.heisenbridge";
example = "pkgs.heisenbridge.override { … = …; }";
- description = ''
+ description = lib.mdDoc ''
Package of the application to run, exposed for overriding purposes.
'';
};
homeserver = mkOption {
type = types.str;
- description = "The URL to the home server for client-server API calls";
+ description = lib.mdDoc "The URL to the home server for client-server API calls";
example = "http://localhost:8008";
};
registrationUrl = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The URL where the application service is listening for HS requests, from the Matrix HS perspective.#
The default value assumes the bridge runs on the same host as the home server, in the same network.
'';
@@ -54,26 +54,26 @@ in
address = mkOption {
type = types.str;
- description = "Address to listen on. IPv6 does not seem to be supported.";
+ description = lib.mdDoc "Address to listen on. IPv6 does not seem to be supported.";
default = "127.0.0.1";
example = "0.0.0.0";
};
port = mkOption {
type = types.port;
- description = "The port to listen on";
+ description = lib.mdDoc "The port to listen on";
default = 9898;
};
debug = mkOption {
type = types.bool;
- description = "More verbose logging. Recommended during initial setup.";
+ description = lib.mdDoc "More verbose logging. Recommended during initial setup.";
default = false;
};
owner = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Set owner MXID otherwise first talking local user will claim the bridge
'';
default = null;
@@ -81,7 +81,7 @@ in
};
namespaces = mkOption {
- description = "Configure the 'namespaces' section of the registration.yml for the bridge and the server";
+ description = lib.mdDoc "Configure the 'namespaces' section of the registration.yml for the bridge and the server";
# TODO link to Matrix documentation of the format
type = types.submodule {
freeformType = jsonType;
@@ -102,13 +102,13 @@ in
identd.enable = mkEnableOption "identd service support";
identd.port = mkOption {
type = types.port;
- description = "identd listen port";
+ description = lib.mdDoc "identd listen port";
default = 113;
};
extraArgs = mkOption {
type = types.listOf types.str;
- description = "Heisenbridge is configured over the command line. Append extra arguments here";
+ description = lib.mdDoc "Heisenbridge is configured over the command line. Append extra arguments here";
default = [ ];
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ihaskell.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ihaskell.nix
index 9978e8a4653..ff5709922e6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ihaskell.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ihaskell.nix
@@ -17,7 +17,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Autostart an IHaskell notebook service.";
+ description = lib.mdDoc "Autostart an IHaskell notebook service.";
};
extraPackages = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/input-remapper.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/input-remapper.nix
index f5fb2bf5308..f66d714e117 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/input-remapper.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/input-remapper.nix
@@ -13,7 +13,7 @@ let cfg = config.services.input-remapper; in
default = [ "graphical.target" ];
example = [ "multi-user.target" ];
type = types.listOf types.str;
- description = "Specifies the WantedBy setting for the input-remapper service.";
+ description = lib.mdDoc "Specifies the WantedBy setting for the input-remapper service.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/irkerd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/irkerd.nix
index 993d77ba424..d080cc0a735 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/irkerd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/irkerd.nix
@@ -9,13 +9,13 @@ in
{
options.services.irkerd = {
enable = mkOption {
- description = "Whether to enable irker, an IRC notification daemon.";
+ description = lib.mdDoc "Whether to enable irker, an IRC notification daemon.";
default = false;
type = types.bool;
};
openPorts = mkOption {
- description = "Open ports in the firewall for irkerd";
+ description = lib.mdDoc "Open ports in the firewall for irkerd";
default = false;
type = types.bool;
};
@@ -24,7 +24,7 @@ in
default = "localhost";
example = "0.0.0.0";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specifies the bind address on which the irker daemon listens.
The default is localhost.
@@ -36,7 +36,7 @@ in
nick = mkOption {
default = "irker";
type = types.str;
- description = "Nick to use for irker";
+ description = lib.mdDoc "Nick to use for irker";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/jackett.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/jackett.nix
index c2144d4a9a9..e8315d13417 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/jackett.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/jackett.nix
@@ -14,32 +14,32 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/jackett/.config/Jackett";
- description = "The directory where Jackett stores its data files.";
+ description = lib.mdDoc "The directory where Jackett stores its data files.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the Jackett web interface.";
+ description = lib.mdDoc "Open ports in the firewall for the Jackett web interface.";
};
user = mkOption {
type = types.str;
default = "jackett";
- description = "User account under which Jackett runs.";
+ description = lib.mdDoc "User account under which Jackett runs.";
};
group = mkOption {
type = types.str;
default = "jackett";
- description = "Group under which Jackett runs.";
+ description = lib.mdDoc "Group under which Jackett runs.";
};
package = mkOption {
type = types.package;
default = pkgs.jackett;
defaultText = literalExpression "pkgs.jackett";
- description = "Jackett package to use.";
+ description = lib.mdDoc "Jackett package to use.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/jellyfin.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/jellyfin.nix
index 789b78702e9..af5256e46da 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/jellyfin.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/jellyfin.nix
@@ -13,14 +13,14 @@ in
user = mkOption {
type = types.str;
default = "jellyfin";
- description = "User account under which Jellyfin runs.";
+ description = lib.mdDoc "User account under which Jellyfin runs.";
};
package = mkOption {
type = types.package;
default = pkgs.jellyfin;
defaultText = literalExpression "pkgs.jellyfin";
- description = ''
+ description = lib.mdDoc ''
Jellyfin package to use.
'';
};
@@ -28,13 +28,13 @@ in
group = mkOption {
type = types.str;
default = "jellyfin";
- description = "Group under which jellyfin runs.";
+ description = lib.mdDoc "Group under which jellyfin runs.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open the default ports in the firewall for the media server. The
HTTP/HTTPS ports can be changed in the Web UI, so this option should
only be used if they are unchanged.
@@ -49,7 +49,10 @@ in
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
+ # This is mostly follows: https://github.com/jellyfin/jellyfin/blob/master/fedora/jellyfin.service
+ # Upstream also disable some hardenings when running in LXC, we do the same with the isContainer option
serviceConfig = rec {
+ Type = "simple";
User = cfg.user;
Group = cfg.group;
StateDirectory = "jellyfin";
@@ -57,48 +60,50 @@ in
CacheDirectory = "jellyfin";
CacheDirectoryMode = "0700";
UMask = "0077";
+ WorkingDirectory = "/var/lib/jellyfin";
ExecStart = "${cfg.package}/bin/jellyfin --datadir '/var/lib/${StateDirectory}' --cachedir '/var/cache/${CacheDirectory}'";
Restart = "on-failure";
+ TimeoutSec = 15;
+ SuccessExitStatus = ["0" "143"];
# Security options:
-
NoNewPrivileges = true;
-
- AmbientCapabilities = "";
- CapabilityBoundingSet = "";
-
- # ProtectClock= adds DeviceAllow=char-rtc r
- DeviceAllow = "";
-
- LockPersonality = true;
-
- PrivateTmp = true;
- # Disabled to allow Jellyfin to access hw accel devices endpoints
- # PrivateDevices = true;
- PrivateUsers = true;
-
- # Disabled as it does not allow Jellyfin to interface with CUDA devices
- # ProtectClock = true;
- ProtectControlGroups = true;
- ProtectHostname = true;
- ProtectKernelLogs = true;
- ProtectKernelModules = true;
- ProtectKernelTunables = true;
-
- RemoveIPC = true;
-
- RestrictNamespaces = true;
+ SystemCallArchitectures = "native";
# AF_NETLINK needed because Jellyfin monitors the network connection
- RestrictAddressFamilies = [ "AF_NETLINK" "AF_INET" "AF_INET6" "AF_UNIX" ];
+ RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" "AF_NETLINK" ];
+ RestrictNamespaces = !config.boot.isContainer;
RestrictRealtime = true;
RestrictSUIDSGID = true;
+ ProtectControlGroups = !config.boot.isContainer;
+ ProtectHostname = true;
+ ProtectKernelLogs = !config.boot.isContainer;
+ ProtectKernelModules = !config.boot.isContainer;
+ ProtectKernelTunables = !config.boot.isContainer;
+ LockPersonality = true;
+ PrivateTmp = !config.boot.isContainer;
+ # needed for hardware accelaration
+ PrivateDevices = false;
+ PrivateUsers = true;
+ RemoveIPC = true;
- SystemCallArchitectures = "native";
- SystemCallErrorNumber = "EPERM";
SystemCallFilter = [
- "@system-service"
- "~@cpu-emulation" "~@debug" "~@keyring" "~@memlock" "~@obsolete" "~@privileged" "~@setuid"
+ "~@clock"
+ "~@aio"
+ "~@chown"
+ "~@cpu-emulation"
+ "~@debug"
+ "~@keyring"
+ "~@memlock"
+ "~@module"
+ "~@mount"
+ "~@obsolete"
+ "~@privileged"
+ "~@raw-io"
+ "~@reboot"
+ "~@setuid"
+ "~@swap"
];
+ SystemCallErrorNumber = "EPERM";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/klipper.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/klipper.nix
index 7b3780b5cc9..52913369bbc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/klipper.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/klipper.nix
@@ -5,9 +5,9 @@ let
format = pkgs.formats.ini {
# https://github.com/NixOS/nixpkgs/pull/121613#issuecomment-885241996
listToValue = l:
- if builtins.length l == 1 then generators.mkValueStringDefault {} (head l)
+ if builtins.length l == 1 then generators.mkValueStringDefault { } (head l)
else lib.concatMapStrings (s: "\n ${generators.mkValueStringDefault {} s}") l;
- mkKeyValue = generators.mkKeyValueDefault {} ":";
+ mkKeyValue = generators.mkKeyValueDefault { } ":";
};
in
{
@@ -20,31 +20,31 @@ in
type = types.package;
default = pkgs.klipper;
defaultText = literalExpression "pkgs.klipper";
- description = "The Klipper package.";
+ description = lib.mdDoc "The Klipper package.";
};
inputTTY = mkOption {
type = types.path;
default = "/run/klipper/tty";
- description = "Path of the virtual printer symlink to create.";
+ description = lib.mdDoc "Path of the virtual printer symlink to create.";
};
apiSocket = mkOption {
type = types.nullOr types.path;
default = "/run/klipper/api";
- description = "Path of the API socket to create.";
+ description = lib.mdDoc "Path of the API socket to create.";
};
octoprintIntegration = mkOption {
type = types.bool;
default = false;
- description = "Allows Octoprint to control Klipper.";
+ description = lib.mdDoc "Allows Octoprint to control Klipper.";
};
user = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
User account under which Klipper runs.
If null is specified (default), a temporary user will be created by systemd.
@@ -54,7 +54,7 @@ in
group = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Group account under which Klipper runs.
If null is specified (default), a temporary user will be created by systemd.
@@ -64,11 +64,29 @@ in
settings = mkOption {
type = format.type;
default = { };
- description = ''
- Configuration for Klipper. See the documentation
+ description = lib.mdDoc ''
+ Configuration for Klipper. See the [documentation](https://www.klipper3d.org/Overview.html#configuration-and-tuning-guides)
for supported values.
'';
};
+
+ firmwares = mkOption {
+ description = "Firmwares klipper should manage";
+ default = { };
+ type = with types; attrsOf
+ (submodule {
+ options = {
+ enable = mkEnableOption ''
+ building of firmware and addition of klipper-flash tools for manual flashing.
+ This will add `klipper-flash-$mcu` scripts to your environment which can be called to flash the firmware.
+ '';
+ configFile = mkOption {
+ type = path;
+ description = "Path to firmware config which is generated using `klipper-genconf`";
+ };
+ };
+ });
+ };
};
};
@@ -83,6 +101,10 @@ in
assertion = cfg.user != null -> cfg.group != null;
message = "Option klipper.group is not set when a user is specified.";
}
+ {
+ assertion = foldl (a: b: a && b) true (mapAttrsToList (mcu: _: mcu != null -> (hasAttrByPath [ "${mcu}" "serial" ] cfg.settings)) cfg.firmwares);
+ message = "Option klipper.settings.$mcu.serial must be set when klipper.firmware.$mcu is specified";
+ }
];
environment.etc."klipper.cfg".source = format.generate "klipper.cfg" cfg.settings;
@@ -92,26 +114,48 @@ in
group = config.services.octoprint.group;
};
- systemd.services.klipper = let
- klippyArgs = "--input-tty=${cfg.inputTTY}"
- + optionalString (cfg.apiSocket != null) " --api-server=${cfg.apiSocket}";
- in {
- description = "Klipper 3D Printer Firmware";
- wantedBy = [ "multi-user.target" ];
- after = [ "network.target" ];
-
- serviceConfig = {
- ExecStart = "${cfg.package}/lib/klipper/klippy.py ${klippyArgs} /etc/klipper.cfg";
- RuntimeDirectory = "klipper";
- SupplementaryGroups = [ "dialout" ];
- WorkingDirectory = "${cfg.package}/lib";
- } // (if cfg.user != null then {
- Group = cfg.group;
- User = cfg.user;
- } else {
- DynamicUser = true;
- User = "klipper";
- });
- };
+ systemd.services.klipper =
+ let
+ klippyArgs = "--input-tty=${cfg.inputTTY}"
+ + optionalString (cfg.apiSocket != null) " --api-server=${cfg.apiSocket}";
+ in
+ {
+ description = "Klipper 3D Printer Firmware";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+
+ serviceConfig = {
+ ExecStart = "${cfg.package}/lib/klipper/klippy.py ${klippyArgs} /etc/klipper.cfg";
+ RuntimeDirectory = "klipper";
+ SupplementaryGroups = [ "dialout" ];
+ WorkingDirectory = "${cfg.package}/lib";
+ } // (if cfg.user != null then {
+ Group = cfg.group;
+ User = cfg.user;
+ } else {
+ DynamicUser = true;
+ User = "klipper";
+ });
+ };
+
+ environment.systemPackages =
+ with pkgs;
+ let
+ firmwares = filterAttrs (n: v: v!= null) (mapAttrs
+ (mcu: { enable, configFile }: if enable then pkgs.klipper-firmware.override {
+ mcu = lib.strings.sanitizeDerivationName mcu;
+ firmwareConfig = configFile;
+ } else null)
+ cfg.firmwares);
+ firmwareFlasher = mapAttrsToList
+ (mcu: firmware: pkgs.klipper-flash.override {
+ mcu = lib.strings.sanitizeDerivationName mcu;
+ klipper-firmware = firmware;
+ flashDevice = cfg.settings."${mcu}".serial;
+ firmwareConfig = cfg.firmwares."${mcu}".configFile;
+ })
+ firmwares;
+ in
+ [ klipper-genconf ] ++ firmwareFlasher ++ attrValues firmwares;
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/leaps.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/leaps.nix
index f797218522c..0308fbfcf47 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/leaps.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/leaps.nix
@@ -13,18 +13,18 @@ in
port = mkOption {
type = types.port;
default = 8080;
- description = "A port where leaps listens for incoming http requests";
+ description = lib.mdDoc "A port where leaps listens for incoming http requests";
};
address = mkOption {
default = "";
type = types.str;
example = "127.0.0.1";
- description = "Hostname or IP-address to listen to. By default it will listen on all interfaces.";
+ description = lib.mdDoc "Hostname or IP-address to listen to. By default it will listen on all interfaces.";
};
path = mkOption {
default = "/";
type = types.path;
- description = "Subdirectory used for reverse proxy setups";
+ description = lib.mdDoc "Subdirectory used for reverse proxy setups";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/libreddit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/libreddit.nix
index e21a8844784..0359f57c0dc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/libreddit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/libreddit.nix
@@ -19,20 +19,20 @@ in
default = "0.0.0.0";
example = "127.0.0.1";
type = types.str;
- description = "The address to listen on";
+ description = lib.mdDoc "The address to listen on";
};
port = mkOption {
default = 8080;
example = 8000;
type = types.port;
- description = "The port to listen on";
+ description = lib.mdDoc "The port to listen on";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the libreddit web interface";
+ description = lib.mdDoc "Open ports in the firewall for the libreddit web interface";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/lidarr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/lidarr.nix
index 20153c7e61a..d070a7f091f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/lidarr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/lidarr.nix
@@ -13,20 +13,20 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/lidarr/.config/Lidarr";
- description = "The directory where Lidarr stores its data files.";
+ description = lib.mdDoc "The directory where Lidarr stores its data files.";
};
package = mkOption {
type = types.package;
default = pkgs.lidarr;
defaultText = literalExpression "pkgs.lidarr";
- description = "The Lidarr package to use";
+ description = lib.mdDoc "The Lidarr package to use";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for Lidarr
'';
};
@@ -34,7 +34,7 @@ in
user = mkOption {
type = types.str;
default = "lidarr";
- description = ''
+ description = lib.mdDoc ''
User account under which Lidarr runs.
'';
};
@@ -42,7 +42,7 @@ in
group = mkOption {
type = types.str;
default = "lidarr";
- description = ''
+ description = lib.mdDoc ''
Group under which Lidarr runs.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/lifecycled.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/lifecycled.nix
index 1c8942998d6..fc8c77c6ca4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/lifecycled.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/lifecycled.nix
@@ -33,12 +33,12 @@ in
frequency = mkOption {
type = types.str;
default = "hourly";
- description = ''
+ description = lib.mdDoc ''
How often to trigger the queue cleaner.
NOTE: This string should be a valid value for a systemd
- timer's OnCalendar configuration. See
- systemd.timer5
+ timer's `OnCalendar` configuration. See
+ {manpage}`systemd.timer(5)`
for more information.
'';
};
@@ -46,7 +46,7 @@ in
parallel = mkOption {
type = types.ints.unsigned;
default = 20;
- description = ''
+ description = lib.mdDoc ''
The number of parallel deletes to run.
'';
};
@@ -55,7 +55,7 @@ in
instanceId = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The instance ID to listen for events for.
'';
};
@@ -63,7 +63,7 @@ in
snsTopic = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The SNS topic that receives events.
'';
};
@@ -71,14 +71,14 @@ in
noSpot = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Disable the spot termination listener.
'';
};
handler = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The script to invoke to handle events.
'';
};
@@ -86,7 +86,7 @@ in
json = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable JSON logging.
'';
};
@@ -94,7 +94,7 @@ in
cloudwatchGroup = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Write logs to a specific Cloudwatch Logs group.
'';
};
@@ -102,7 +102,7 @@ in
cloudwatchStream = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Write logs to a specific Cloudwatch Logs stream. Defaults to the instance ID.
'';
};
@@ -110,7 +110,7 @@ in
debug = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable debugging information.
'';
};
@@ -120,7 +120,7 @@ in
awsRegion = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The region used for accessing AWS services.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/logkeys.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/logkeys.nix
index 0082db63a06..628f5627433 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/logkeys.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/logkeys.nix
@@ -9,7 +9,7 @@ in {
enable = mkEnableOption "logkeys service";
device = mkOption {
- description = "Use the given device as keyboard input event device instead of /dev/input/eventX default.";
+ description = lib.mdDoc "Use the given device as keyboard input event device instead of /dev/input/eventX default.";
default = null;
type = types.nullOr types.str;
example = "/dev/input/event15";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mame.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mame.nix
index dd6c5ef9aa0..6e9d2fd26cf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mame.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mame.nix
@@ -12,19 +12,19 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to setup TUN/TAP Ethernet interface for MAME emulator.
'';
};
user = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User from which you run MAME binary.
'';
};
hostAddr = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
IP address of the host system. Usually an address of the main network
adapter or the adapter through which you get an internet connection.
'';
@@ -32,9 +32,9 @@ in
};
emuAddr = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
IP address of the guest system. The same you set inside guest OS under
- MAME. Should be on the same subnet as .
+ MAME. Should be on the same subnet as {option}`services.mame.hostAddr`.
'';
example = "192.168.31.155";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mbpfan.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mbpfan.nix
index 7a149ff47e6..786ecf2d696 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mbpfan.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mbpfan.nix
@@ -16,7 +16,7 @@ in {
type = types.package;
default = pkgs.mbpfan;
defaultText = literalExpression "pkgs.mbpfan";
- description = ''
+ description = lib.mdDoc ''
The package used for the mbpfan daemon.
'';
};
@@ -24,14 +24,14 @@ in {
verbose = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If true, sets the log level to verbose.
'';
};
settings = mkOption {
default = {};
- description = "INI configuration for Mbpfan.";
+ description = lib.mdDoc "INI configuration for Mbpfan.";
type = types.submodule {
freeformType = settingsFormat.type;
@@ -48,22 +48,22 @@ in {
options.general.low_temp = mkOption {
type = types.int;
default = 55;
- description = "If temperature is below this, fans will run at minimum speed.";
+ description = lib.mdDoc "If temperature is below this, fans will run at minimum speed.";
};
options.general.high_temp = mkOption {
type = types.int;
default = 58;
- description = "If temperature is above this, fan speed will gradually increase.";
+ description = lib.mdDoc "If temperature is above this, fan speed will gradually increase.";
};
options.general.max_temp = mkOption {
type = types.int;
default = 86;
- description = "If temperature is above this, fans will run at maximum speed.";
+ description = lib.mdDoc "If temperature is above this, fans will run at maximum speed.";
};
options.general.polling_interval = mkOption {
type = types.int;
default = 1;
- description = "The polling interval.";
+ description = lib.mdDoc "The polling interval.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mediatomb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mediatomb.nix
index ee5c0ef8d27..8cac87f5326 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mediatomb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mediatomb.nix
@@ -15,19 +15,19 @@ let
options = {
path = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Absolute directory path to the media directory to index.
'';
};
recursive = mkOption {
type = types.bool;
default = false;
- description = "Whether the indexation must take place recursively or not.";
+ description = lib.mdDoc "Whether the indexation must take place recursively or not.";
};
hidden-files = mkOption {
type = types.bool;
default = true;
- description = "Whether to index the hidden files or not.";
+ description = lib.mdDoc "Whether to index the hidden files or not.";
};
};
};
@@ -202,7 +202,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Gerbera/Mediatomb DLNA server.
'';
};
@@ -210,7 +210,7 @@ in {
serverName = mkOption {
type = types.str;
default = "Gerbera (Mediatomb)";
- description = ''
+ description = lib.mdDoc ''
How to identify the server on the network.
'';
};
@@ -219,7 +219,7 @@ in {
type = types.package;
default = pkgs.gerbera;
defaultText = literalExpression "pkgs.gerbera";
- description = ''
+ description = lib.mdDoc ''
Underlying package to be used with the module.
'';
};
@@ -227,7 +227,7 @@ in {
ps3Support = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable ps3 specific tweaks.
WARNING: incompatible with DSM 320 support.
'';
@@ -236,7 +236,7 @@ in {
dsmSupport = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable D-Link DSM 320 specific tweaks.
WARNING: incompatible with ps3 support.
'';
@@ -245,7 +245,7 @@ in {
tg100Support = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Telegent TG100 specific tweaks.
'';
};
@@ -253,7 +253,7 @@ in {
transcoding = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable transcoding.
'';
};
@@ -262,7 +262,7 @@ in {
type = types.path;
default = "/var/lib/${name}";
defaultText = literalExpression ''"/var/lib/''${config.${opt.package}.pname}"'';
- description = ''
+ description = lib.mdDoc ''
The directory where Gerbera/Mediatomb stores its state, data, etc.
'';
};
@@ -270,7 +270,7 @@ in {
pcDirectoryHide = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to list the top-level directory or not (from upnp client standpoint).
'';
};
@@ -278,19 +278,19 @@ in {
user = mkOption {
type = types.str;
default = "mediatomb";
- description = "User account under which the service runs.";
+ description = lib.mdDoc "User account under which the service runs.";
};
group = mkOption {
type = types.str;
default = "mediatomb";
- description = "Group account under which the service runs.";
+ description = lib.mdDoc "Group account under which the service runs.";
};
port = mkOption {
type = types.int;
default = 49152;
- description = ''
+ description = lib.mdDoc ''
The network port to listen on.
'';
};
@@ -298,7 +298,7 @@ in {
interface = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
A specific interface to bind to.
'';
};
@@ -306,12 +306,12 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If false (the default), this is up to the user to declare the firewall rules.
If true, this opens port 1900 (tcp and udp) and the port specified by
- .
+ {option}`sercvices.mediatomb.port`.
- If the option is set,
+ If the option {option}`services.mediatomb.interface` is set,
the firewall rules opened are dedicated to that interface. Otherwise,
those rules are opened globally.
'';
@@ -320,7 +320,7 @@ in {
uuid = mkOption {
type = types.str;
default = "fdfc8a4e-a3ad-4c1d-b43d-a2eedb03a687";
- description = ''
+ description = lib.mdDoc ''
A unique (on your network) to identify the server by.
'';
};
@@ -328,7 +328,7 @@ in {
mediaDirectories = mkOption {
type = with types; listOf (submodule mediaDirectory);
default = [];
- description = ''
+ description = lib.mdDoc ''
Declare media directories to index.
'';
example = [
@@ -340,12 +340,12 @@ in {
customCfg = mkOption {
type = types.bool;
default = false;
- description = ''
- Allow the service to create and use its own config file inside the dataDir as
- configured by .
+ description = lib.mdDoc ''
+ Allow the service to create and use its own config file inside the `dataDir` as
+ configured by {option}`services.mediatomb.dataDir`.
Deactivated by default, the service then runs with the configuration generated from this module.
Otherwise, when enabled, no service configuration is generated. Gerbera/Mediatomb then starts using
- config.xml within the configured dataDir. It's up to the user to make a correct
+ config.xml within the configured `dataDir`. It's up to the user to make a correct
configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/metabase.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/metabase.nix
index e78100a046a..26c48c05037 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/metabase.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/metabase.nix
@@ -19,7 +19,7 @@ in {
ip = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
IP address that Metabase should listen on.
'';
};
@@ -27,7 +27,7 @@ in {
port = mkOption {
type = types.port;
default = 3000;
- description = ''
+ description = lib.mdDoc ''
Listen port for Metabase.
'';
};
@@ -37,7 +37,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable SSL (https) support.
'';
};
@@ -45,7 +45,7 @@ in {
port = mkOption {
type = types.port;
default = 8443;
- description = ''
+ description = lib.mdDoc ''
Listen port over SSL (https) for Metabase.
'';
};
@@ -54,8 +54,8 @@ in {
type = types.nullOr types.path;
default = "${dataDir}/metabase.jks";
example = "/etc/secrets/keystore.jks";
- description = ''
- Java KeyStore file containing the certificates.
+ description = lib.mdDoc ''
+ [Java KeyStore](https://www.digitalocean.com/community/tutorials/java-keytool-essentials-working-with-java-keystores) file containing the certificates.
'';
};
@@ -64,7 +64,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for Metabase.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/moonraker.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/moonraker.nix
index b75227effa0..5b4e4bd34dc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/moonraker.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/moonraker.nix
@@ -20,20 +20,20 @@ in {
type = types.path;
default = config.services.klipper.apiSocket;
defaultText = literalExpression "config.services.klipper.apiSocket";
- description = "Path to Klipper's API socket.";
+ description = lib.mdDoc "Path to Klipper's API socket.";
};
stateDir = mkOption {
type = types.path;
default = "/var/lib/moonraker";
- description = "The directory containing the Moonraker databases.";
+ description = lib.mdDoc "The directory containing the Moonraker databases.";
};
configDir = mkOption {
type = types.path;
default = cfg.stateDir + "/config";
defaultText = literalExpression ''config.${opt.stateDir} + "/config"'';
- description = ''
+ description = lib.mdDoc ''
The directory containing client-writable configuration files.
Clients will be able to edit files in this directory via the API. This directory must be writable.
@@ -43,26 +43,26 @@ in {
user = mkOption {
type = types.str;
default = "moonraker";
- description = "User account under which Moonraker runs.";
+ description = lib.mdDoc "User account under which Moonraker runs.";
};
group = mkOption {
type = types.str;
default = "moonraker";
- description = "Group account under which Moonraker runs.";
+ description = lib.mdDoc "Group account under which Moonraker runs.";
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
example = "0.0.0.0";
- description = "The IP or host to listen on.";
+ description = lib.mdDoc "The IP or host to listen on.";
};
port = mkOption {
type = types.ints.unsigned;
default = 7125;
- description = "The port to listen on.";
+ description = lib.mdDoc "The port to listen on.";
};
settings = mkOption {
@@ -74,8 +74,8 @@ in {
cors_domains = [ "https://app.fluidd.xyz" ];
};
};
- description = ''
- Configuration for Moonraker. See the documentation
+ description = lib.mdDoc ''
+ Configuration for Moonraker. See the [documentation](https://moonraker.readthedocs.io/en/latest/configuration/)
for supported values.
'';
};
@@ -83,12 +83,12 @@ in {
allowSystemControl = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to allow Moonraker to perform system-level operations.
Moonraker exposes APIs to perform system-level operations, such as
reboot, shutdown, and management of systemd units. See the
- documentation
+ [documentation](https://moonraker.readthedocs.io/en/latest/web_api/#machine-commands)
for details on what clients are able to do.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mx-puppet-discord.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mx-puppet-discord.nix
index 6214f7f7eb6..18b083b99ba 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mx-puppet-discord.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/mx-puppet-discord.nix
@@ -57,11 +57,11 @@ in {
relay.whitelist = [ "@.*:example.com" ];
}
'';
- description = ''
- config.yaml configuration as a Nix attribute set.
+ description = lib.mdDoc ''
+ {file}`config.yaml` configuration as a Nix attribute set.
Configuration options should match those described in
-
- sample.config.yaml.
+ [
+ sample.config.yaml](https://github.com/matrix-discord/mx-puppet-discord/blob/master/sample.config.yaml).
'';
};
serviceDependencies = mkOption {
@@ -70,7 +70,7 @@ in {
defaultText = literalExpression ''
optional config.services.matrix-synapse.enable "matrix-synapse.service"
'';
- description = ''
+ description = lib.mdDoc ''
List of Systemd services to require and wait for when starting the application service.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/n8n.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/n8n.nix
index 77e717eeff9..40a262116c8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/n8n.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/n8n.nix
@@ -15,14 +15,14 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the n8n web interface.";
+ description = lib.mdDoc "Open ports in the firewall for the n8n web interface.";
};
settings = mkOption {
type = format.type;
default = {};
- description = ''
- Configuration for n8n, see
+ description = lib.mdDoc ''
+ Configuration for n8n, see
for supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nitter.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nitter.nix
index 5bf0e6bc008..cb6ba7b739d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nitter.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nitter.nix
@@ -53,7 +53,7 @@ in
default = pkgs.nitter;
type = types.package;
defaultText = literalExpression "pkgs.nitter";
- description = "The nitter derivation to use.";
+ description = lib.mdDoc "The nitter derivation to use.";
};
server = {
@@ -61,46 +61,46 @@ in
type = types.str;
default = "0.0.0.0";
example = "127.0.0.1";
- description = "The address to listen on.";
+ description = lib.mdDoc "The address to listen on.";
};
port = mkOption {
type = types.port;
default = 8080;
example = 8000;
- description = "The port to listen on.";
+ description = lib.mdDoc "The port to listen on.";
};
https = mkOption {
type = types.bool;
default = false;
- description = "Set secure attribute on cookies. Keep it disabled to enable cookies when not using HTTPS.";
+ description = lib.mdDoc "Set secure attribute on cookies. Keep it disabled to enable cookies when not using HTTPS.";
};
httpMaxConnections = mkOption {
type = types.int;
default = 100;
- description = "Maximum number of HTTP connections.";
+ description = lib.mdDoc "Maximum number of HTTP connections.";
};
staticDir = mkOption {
type = types.path;
default = "${cfg.package}/share/nitter/public";
defaultText = literalExpression ''"''${config.services.nitter.package}/share/nitter/public"'';
- description = "Path to the static files directory.";
+ description = lib.mdDoc "Path to the static files directory.";
};
title = mkOption {
type = types.str;
default = "nitter";
- description = "Title of the instance.";
+ description = lib.mdDoc "Title of the instance.";
};
hostname = mkOption {
type = types.str;
default = "localhost";
example = "nitter.net";
- description = "Hostname of the instance.";
+ description = lib.mdDoc "Hostname of the instance.";
};
};
@@ -108,37 +108,37 @@ in
listMinutes = mkOption {
type = types.int;
default = 240;
- description = "How long to cache list info (not the tweets, so keep it high).";
+ description = lib.mdDoc "How long to cache list info (not the tweets, so keep it high).";
};
rssMinutes = mkOption {
type = types.int;
default = 10;
- description = "How long to cache RSS queries.";
+ description = lib.mdDoc "How long to cache RSS queries.";
};
redisHost = mkOption {
type = types.str;
default = "localhost";
- description = "Redis host.";
+ description = lib.mdDoc "Redis host.";
};
redisPort = mkOption {
type = types.port;
default = 6379;
- description = "Redis port.";
+ description = lib.mdDoc "Redis port.";
};
redisConnections = mkOption {
type = types.int;
default = 20;
- description = "Redis connection pool size.";
+ description = lib.mdDoc "Redis connection pool size.";
};
redisMaxConnections = mkOption {
type = types.int;
default = 30;
- description = ''
+ description = lib.mdDoc ''
Maximum number of connections to Redis.
New connections are opened when none are available, but if the
@@ -152,13 +152,13 @@ in
base64Media = mkOption {
type = types.bool;
default = false;
- description = "Use base64 encoding for proxied media URLs.";
+ description = lib.mdDoc "Use base64 encoding for proxied media URLs.";
};
tokenCount = mkOption {
type = types.int;
default = 10;
- description = ''
+ description = lib.mdDoc ''
Minimum amount of usable tokens.
Tokens are used to authorize API requests, but they expire after
@@ -175,105 +175,105 @@ in
type = types.str;
default = "";
example = "nitter.net";
- description = "Replace Twitter links with links to this instance (blank to disable).";
+ description = lib.mdDoc "Replace Twitter links with links to this instance (blank to disable).";
};
replaceYouTube = mkOption {
type = types.str;
default = "";
example = "piped.kavin.rocks";
- description = "Replace YouTube links with links to this instance (blank to disable).";
+ description = lib.mdDoc "Replace YouTube links with links to this instance (blank to disable).";
};
replaceInstagram = mkOption {
type = types.str;
default = "";
- description = "Replace Instagram links with links to this instance (blank to disable).";
+ description = lib.mdDoc "Replace Instagram links with links to this instance (blank to disable).";
};
mp4Playback = mkOption {
type = types.bool;
default = true;
- description = "Enable MP4 video playback.";
+ description = lib.mdDoc "Enable MP4 video playback.";
};
hlsPlayback = mkOption {
type = types.bool;
default = false;
- description = "Enable HLS video streaming (requires JavaScript).";
+ description = lib.mdDoc "Enable HLS video streaming (requires JavaScript).";
};
proxyVideos = mkOption {
type = types.bool;
default = true;
- description = "Proxy video streaming through the server (might be slow).";
+ description = lib.mdDoc "Proxy video streaming through the server (might be slow).";
};
muteVideos = mkOption {
type = types.bool;
default = false;
- description = "Mute videos by default.";
+ description = lib.mdDoc "Mute videos by default.";
};
autoplayGifs = mkOption {
type = types.bool;
default = true;
- description = "Autoplay GIFs.";
+ description = lib.mdDoc "Autoplay GIFs.";
};
theme = mkOption {
type = types.str;
default = "Nitter";
- description = "Instance theme.";
+ description = lib.mdDoc "Instance theme.";
};
infiniteScroll = mkOption {
type = types.bool;
default = false;
- description = "Infinite scrolling (requires JavaScript, experimental!).";
+ description = lib.mdDoc "Infinite scrolling (requires JavaScript, experimental!).";
};
stickyProfile = mkOption {
type = types.bool;
default = true;
- description = "Make profile sidebar stick to top.";
+ description = lib.mdDoc "Make profile sidebar stick to top.";
};
bidiSupport = mkOption {
type = types.bool;
default = false;
- description = "Support bidirectional text (makes clicking on tweets harder).";
+ description = lib.mdDoc "Support bidirectional text (makes clicking on tweets harder).";
};
hideTweetStats = mkOption {
type = types.bool;
default = false;
- description = "Hide tweet stats (replies, retweets, likes).";
+ description = lib.mdDoc "Hide tweet stats (replies, retweets, likes).";
};
hideBanner = mkOption {
type = types.bool;
default = false;
- description = "Hide profile banner.";
+ description = lib.mdDoc "Hide profile banner.";
};
hidePins = mkOption {
type = types.bool;
default = false;
- description = "Hide pinned tweets.";
+ description = lib.mdDoc "Hide pinned tweets.";
};
hideReplies = mkOption {
type = types.bool;
default = false;
- description = "Hide tweet replies.";
+ description = lib.mdDoc "Hide tweet replies.";
};
};
settings = mkOption {
type = types.attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
Add settings here to override NixOS module generated settings.
Check the official repository for the available settings:
@@ -284,13 +284,13 @@ in
redisCreateLocally = mkOption {
type = types.bool;
default = true;
- description = "Configure local Redis server for Nitter.";
+ description = lib.mdDoc "Configure local Redis server for Nitter.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for Nitter web interface.";
+ description = lib.mdDoc "Open ports in the firewall for Nitter web interface.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-daemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-daemon.nix
index f6f74d12e10..c76aaaa559b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-daemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-daemon.nix
@@ -127,7 +127,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Nix.
Disabling Nix makes the system hard to modify and the Nix programs and configuration will not be made available by NixOS itself.
'';
@@ -137,7 +137,7 @@ in
type = types.package;
default = pkgs.nix;
defaultText = literalExpression "pkgs.nix";
- description = ''
+ description = lib.mdDoc ''
This option specifies the Nix package instance to use throughout the system.
'';
};
@@ -145,9 +145,9 @@ in
distributedBuilds = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to distribute builds to the machines listed in
- .
+ {option}`nix.buildMachines`.
'';
};
@@ -186,22 +186,22 @@ in
type = types.enum [ "best-effort" "idle" ];
default = "best-effort";
example = "idle";
- description = ''
+ description = lib.mdDoc ''
Nix daemon process I/O scheduling class. This class propagates to
- build processes. best-effort is the default
- class for regular tasks. The idle class is for
+ build processes. `best-effort` is the default
+ class for regular tasks. The `idle` class is for
extremely low-priority tasks that should only perform I/O when no
other task does.
- Please note that while using the idle scheduling
+ Please note that while using the `idle` scheduling
class can improve responsiveness of a system performing expensive
builds, it might also slow down or starve crucial configuration
updates during load.
- idle may therefore be a sensible class for
+ `idle` may therefore be a sensible class for
systems that experience only intermittent phases of high I/O load,
such as desktop or portable computers used interactively. Other
- systems should use the best-effort class.
+ systems should use the `best-effort` class.
'';
};
@@ -209,7 +209,7 @@ in
type = types.int;
default = 0;
example = 1;
- description = ''
+ description = lib.mdDoc ''
Nix daemon process I/O scheduling priority. This priority propagates
to build processes. The supported priorities depend on the
scheduling policy: With idle, priorities are not used in scheduling
@@ -224,7 +224,7 @@ in
hostName = mkOption {
type = types.str;
example = "nixbuilder.example.org";
- description = ''
+ description = lib.mdDoc ''
The hostname of the build machine.
'';
};
@@ -254,11 +254,11 @@ in
type = types.nullOr types.str;
default = null;
example = "builder";
- description = ''
+ description = lib.mdDoc ''
The username to log in as on the remote host. This user must be
able to log in and run nix commands non-interactively. It must
also be privileged to build derivations, so must be included in
- .
+ {option}`nix.settings.trusted-users`.
'';
};
sshKey = mkOption {
@@ -278,7 +278,7 @@ in
maxJobs = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
The number of concurrent jobs the build machine supports. The
build machine will enforce its own limits, but this allows hydra
to schedule better since there is no work-stealing between build
@@ -288,7 +288,7 @@ in
speedFactor = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
The relative speed of this builder. This is an arbitrary integer
that indicates the speed of this builder, relative to other
builders. Higher is faster.
@@ -309,7 +309,7 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "kvm" "big-parallel" ];
- description = ''
+ description = lib.mdDoc ''
A list of features supported by this builder. The builder will
be ignored for derivations that require features not in this
list.
@@ -318,18 +318,18 @@ in
publicHostKey = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The (base64-encoded) public host key of this builder. The field
- is calculated via base64 -w0 /etc/ssh/ssh_host_type_key.pub.
+ is calculated via {command}`base64 -w0 /etc/ssh/ssh_host_type_key.pub`.
If null, SSH will use its regular known-hosts file when connecting.
'';
};
};
});
default = [ ];
- description = ''
+ description = lib.mdDoc ''
This option lists the machines to be used if distributed builds are
- enabled (see ).
+ enabled (see {option}`nix.distributedBuilds`).
Nix will perform derivations on those machines via SSH by copying the
inputs to the Nix store on the remote machine, starting the build,
then copying the output back to the local Nix store.
@@ -346,8 +346,8 @@ in
nrBuildUsers = mkOption {
type = types.int;
- description = ''
- Number of nixbld user accounts created to
+ description = lib.mdDoc ''
+ Number of `nixbld` user accounts created to
perform secure concurrent builds. If you receive an error
message saying that “all build users are currently in use”,
you should increase this value.
@@ -357,9 +357,9 @@ in
readOnlyStore = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
If set, NixOS will enforce the immutability of the Nix store
- by making /nix/store a read-only bind
+ by making {file}`/nix/store` a read-only bind
mount. Nix will automatically make the store writable when
needed.
'';
@@ -372,17 +372,17 @@ in
"nixos-config=/etc/nixos/configuration.nix"
"/nix/var/nix/profiles/per-user/root/channels"
];
- description = ''
+ description = lib.mdDoc ''
The default Nix expression search path, used by the Nix
evaluator to look up paths enclosed in angle brackets
- (e.g. <nixpkgs>).
+ (e.g. ``).
'';
};
checkConfig = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
If enabled (the default), checks for data type mismatches and that Nix
can parse the generated nix.conf.
'';
@@ -404,28 +404,28 @@ in
from = mkOption {
type = referenceAttrs;
example = { type = "indirect"; id = "nixpkgs"; };
- description = "The flake reference to be rewritten.";
+ description = lib.mdDoc "The flake reference to be rewritten.";
};
to = mkOption {
type = referenceAttrs;
example = { type = "github"; owner = "my-org"; repo = "my-nixpkgs"; };
- description = "The flake reference is rewritten to.";
+ description = lib.mdDoc "The flake reference {option}`from` is rewritten to.";
};
flake = mkOption {
type = types.nullOr types.attrs;
default = null;
example = literalExpression "nixpkgs";
- description = ''
- The flake input is rewritten to.
+ description = lib.mdDoc ''
+ The flake input {option}`from` is rewritten to.
'';
};
exact = mkOption {
type = types.bool;
default = true;
- description = ''
- Whether the reference needs to match exactly. If set,
- a reference like nixpkgs does not
- match with a reference like nixpkgs/nixos-20.03.
+ description = lib.mdDoc ''
+ Whether the {option}`from` reference needs to match exactly. If set,
+ a {option}`from` reference like `nixpkgs` does not
+ match with a reference like `nixpkgs/nixos-20.03`.
'';
};
};
@@ -442,7 +442,7 @@ in
}
));
default = { };
- description = ''
+ description = lib.mdDoc ''
A system-wide flake registry.
'';
};
@@ -454,7 +454,7 @@ in
keep-outputs = true
keep-derivations = true
'';
- description = "Additional text appended to nix.conf.";
+ description = lib.mdDoc "Additional text appended to {file}`nix.conf`.";
};
settings = mkOption {
@@ -466,7 +466,7 @@ in
type = types.either types.int (types.enum [ "auto" ]);
default = "auto";
example = 64;
- description = ''
+ description = lib.mdDoc ''
This option defines the maximum number of jobs that Nix will try to
build in parallel. The default is auto, which means it will use all
available logical cores. It is recommend to set it to the total
@@ -479,7 +479,7 @@ in
type = types.bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
If set to true, Nix automatically detects files in the store that have
identical contents, and replaces them with hard links to a single copy.
This saves disk space. If set to false (the default), you can still run
@@ -491,7 +491,7 @@ in
type = types.int;
default = 0;
example = 64;
- description = ''
+ description = lib.mdDoc ''
This option defines the maximum number of concurrent tasks during
one build. It affects, e.g., -j option for make.
The special value 0 means that the builder should use all
@@ -504,7 +504,7 @@ in
sandbox = mkOption {
type = types.either types.bool (types.enum [ "relaxed" ]);
default = true;
- description = ''
+ description = lib.mdDoc ''
If set, Nix will perform builds in a sandboxed environment that it
will set up automatically for each build. This prevents impurities
in builds by disallowing access to dependencies outside of the Nix
@@ -520,7 +520,7 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "/dev" "/proc" ];
- description = ''
+ description = lib.mdDoc ''
Directories from the host filesystem to be included
in the sandbox.
'';
@@ -528,7 +528,7 @@ in
substituters = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of binary cache URLs used to obtain pre-built binaries
of Nix packages.
@@ -540,21 +540,21 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "https://hydra.nixos.org/" ];
- description = ''
+ description = lib.mdDoc ''
List of binary cache URLs that non-root users can use (in
addition to those specified using
- ) by passing
- --option binary-caches to Nix commands.
+ {option}`nix.settings.substituters`) by passing
+ `--option binary-caches` to Nix commands.
'';
};
require-sigs = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
If enabled (the default), Nix will only download binaries from binary caches if
they are cryptographically signed with any of the keys listed in
- . If disabled, signatures are neither
+ {option}`nix.settings.trusted-public-keys`. If disabled, signatures are neither
required nor checked, so it's strongly recommended that you use only
trustworthy caches and https to prevent man-in-the-middle attacks.
'';
@@ -577,13 +577,13 @@ in
type = types.listOf types.str;
default = [ "root" ];
example = [ "root" "alice" "@wheel" ];
- description = ''
+ description = lib.mdDoc ''
A list of names of users that have additional rights when
connecting to the Nix daemon, such as the ability to specify
additional binary caches, or to import unsigned NARs. You
can also specify groups by prefixing them with
- @; for instance,
- @wheel means all users in the wheel
+ `@`; for instance,
+ `@wheel` means all users in the wheel
group.
'';
};
@@ -591,13 +591,13 @@ in
system-features = mkOption {
type = types.listOf types.str;
example = [ "kvm" "big-parallel" "gccarch-skylake" ];
- description = ''
+ description = lib.mdDoc ''
The set of features supported by the machine. Derivations
can express dependencies on system features through the
- requiredSystemFeatures attribute.
+ `requiredSystemFeatures` attribute.
- By default, pseudo-features nixos-test, benchmark,
- and big-parallel used in Nixpkgs are set, kvm
+ By default, pseudo-features `nixos-test`, `benchmark`,
+ and `big-parallel` used in Nixpkgs are set, `kvm`
is also included in it is avaliable.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-gc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-gc.nix
index 0fcb0160101..ac554dcea8d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-gc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-gc.nix
@@ -17,7 +17,7 @@ in
automatic = mkOption {
default = false;
type = types.bool;
- description = "Automatically run the garbage collector at a specific time.";
+ description = lib.mdDoc "Automatically run the garbage collector at a specific time.";
};
dates = mkOption {
@@ -51,7 +51,7 @@ in
default = true;
type = types.bool;
example = false;
- description = ''
+ description = lib.mdDoc ''
Takes a boolean argument. If true, the time when the service
unit was last triggered is stored on disk. When the timer is
activated, the service unit is triggered immediately if it
@@ -67,8 +67,8 @@ in
default = "";
example = "--max-freed $((64 * 1024**3))";
type = types.str;
- description = ''
- Options given to nix-collect-garbage when the
+ description = lib.mdDoc ''
+ Options given to {file}`nix-collect-garbage` when the
garbage collector is run automatically.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-optimise.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-optimise.nix
index acf8177b146..bcfc69c521d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-optimise.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-optimise.nix
@@ -17,7 +17,7 @@ in
automatic = mkOption {
default = false;
type = types.bool;
- description = "Automatically run the nix store optimiser at a specific time.";
+ description = lib.mdDoc "Automatically run the nix store optimiser at a specific time.";
};
dates = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-ssh-serve.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-ssh-serve.nix
index 355fad5db46..b656692ca01 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-ssh-serve.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nix-ssh-serve.nix
@@ -14,26 +14,26 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable serving the Nix store as a remote store via SSH.";
+ description = lib.mdDoc "Whether to enable serving the Nix store as a remote store via SSH.";
};
write = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable writing to the Nix store as a remote store via SSH. Note: the sshServe user is named nix-ssh and is not a trusted-user. nix-ssh should be added to the option in most use cases, such as allowing remote building of derivations.";
+ description = lib.mdDoc "Whether to enable writing to the Nix store as a remote store via SSH. Note: the sshServe user is named nix-ssh and is not a trusted-user. nix-ssh should be added to the {option}`nix.settings.trusted-users` option in most use cases, such as allowing remote building of derivations.";
};
keys = mkOption {
type = types.listOf types.str;
default = [];
example = [ "ssh-dss AAAAB3NzaC1k... alice@example.org" ];
- description = "A list of SSH public keys allowed to access the binary cache via SSH.";
+ description = lib.mdDoc "A list of SSH public keys allowed to access the binary cache via SSH.";
};
protocol = mkOption {
type = types.enum [ "ssh" "ssh-ng" ];
default = "ssh";
- description = "The specific Nix-over-SSH protocol to use.";
+ description = lib.mdDoc "The specific Nix-over-SSH protocol to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nzbget.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nzbget.nix
index 27c5f2e395f..ddcb16e135c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nzbget.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nzbget.nix
@@ -30,21 +30,21 @@ in
user = mkOption {
type = types.str;
default = "nzbget";
- description = "User account under which NZBGet runs";
+ description = lib.mdDoc "User account under which NZBGet runs";
};
group = mkOption {
type = types.str;
default = "nzbget";
- description = "Group under which NZBGet runs";
+ description = lib.mdDoc "Group under which NZBGet runs";
};
settings = mkOption {
type = with types; attrsOf (oneOf [ bool int str ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
NZBGet configuration, passed via command line using switch -o. Refer to
-
+
for details on supported values.
'';
example = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nzbhydra2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nzbhydra2.nix
index 500c40f117d..b728ca248ce 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nzbhydra2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/nzbhydra2.nix
@@ -12,21 +12,21 @@ in {
dataDir = mkOption {
type = types.str;
default = "/var/lib/nzbhydra2";
- description = "The directory where NZBHydra2 stores its data files.";
+ description = lib.mdDoc "The directory where NZBHydra2 stores its data files.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
description =
- "Open ports in the firewall for the NZBHydra2 web interface.";
+ lib.mdDoc "Open ports in the firewall for the NZBHydra2 web interface.";
};
package = mkOption {
type = types.package;
default = pkgs.nzbhydra2;
defaultText = literalExpression "pkgs.nzbhydra2";
- description = "NZBHydra2 package to use.";
+ description = lib.mdDoc "NZBHydra2 package to use.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/octoprint.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/octoprint.nix
index cd846d3f268..071174c141d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/octoprint.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/octoprint.nix
@@ -34,7 +34,7 @@ in
host = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
Host to bind OctoPrint to.
'';
};
@@ -42,7 +42,7 @@ in
port = mkOption {
type = types.port;
default = 5000;
- description = ''
+ description = lib.mdDoc ''
Port to bind OctoPrint to.
'';
};
@@ -50,19 +50,19 @@ in
user = mkOption {
type = types.str;
default = "octoprint";
- description = "User for the daemon.";
+ description = lib.mdDoc "User for the daemon.";
};
group = mkOption {
type = types.str;
default = "octoprint";
- description = "Group for the daemon.";
+ description = lib.mdDoc "Group for the daemon.";
};
stateDir = mkOption {
type = types.path;
default = "/var/lib/octoprint";
- description = "State directory of the daemon.";
+ description = lib.mdDoc "State directory of the daemon.";
};
plugins = mkOption {
@@ -70,13 +70,13 @@ in
default = plugins: [];
defaultText = literalExpression "plugins: []";
example = literalExpression "plugins: with plugins; [ themeify stlviewer ]";
- description = "Additional plugins to be used. Available plugins are passed through the plugins input.";
+ description = lib.mdDoc "Additional plugins to be used. Available plugins are passed through the plugins input.";
};
extraConfig = mkOption {
type = types.attrs;
default = {};
- description = "Extra options which are added to OctoPrint's YAML configuration file.";
+ description = lib.mdDoc "Extra options which are added to OctoPrint's YAML configuration file.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ombi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ombi.nix
index b5882168e51..51cfb05d35c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ombi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ombi.nix
@@ -16,31 +16,31 @@ in {
dataDir = mkOption {
type = types.str;
default = "/var/lib/ombi";
- description = "The directory where Ombi stores its data files.";
+ description = lib.mdDoc "The directory where Ombi stores its data files.";
};
port = mkOption {
type = types.port;
default = 5000;
- description = "The port for the Ombi web interface.";
+ description = lib.mdDoc "The port for the Ombi web interface.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the Ombi web interface.";
+ description = lib.mdDoc "Open ports in the firewall for the Ombi web interface.";
};
user = mkOption {
type = types.str;
default = "ombi";
- description = "User account under which Ombi runs.";
+ description = lib.mdDoc "User account under which Ombi runs.";
};
group = mkOption {
type = types.str;
default = "ombi";
- description = "Group under which Ombi runs.";
+ description = lib.mdDoc "Group under which Ombi runs.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/osrm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/osrm.nix
index 79c347ab7e0..bcfb868422c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/osrm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/osrm.nix
@@ -11,44 +11,44 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the OSRM service.";
+ description = lib.mdDoc "Enable the OSRM service.";
};
address = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "IP address on which the web server will listen.";
+ description = lib.mdDoc "IP address on which the web server will listen.";
};
port = mkOption {
type = types.int;
default = 5000;
- description = "Port on which the web server will run.";
+ description = lib.mdDoc "Port on which the web server will run.";
};
threads = mkOption {
type = types.int;
default = 4;
- description = "Number of threads to use.";
+ description = lib.mdDoc "Number of threads to use.";
};
algorithm = mkOption {
type = types.enum [ "CH" "CoreCH" "MLD" ];
default = "MLD";
- description = "Algorithm to use for the data. Must be one of CH, CoreCH, MLD";
+ description = lib.mdDoc "Algorithm to use for the data. Must be one of CH, CoreCH, MLD";
};
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
example = [ "--max-table-size 1000" "--max-matching-size 1000" ];
- description = "Extra command line arguments passed to osrm-routed";
+ description = lib.mdDoc "Extra command line arguments passed to osrm-routed";
};
dataFile = mkOption {
type = types.path;
example = "/var/lib/osrm/berlin-latest.osrm";
- description = "Data file location";
+ description = lib.mdDoc "Data file location";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/owncast.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/owncast.nix
index 0852335238f..23c49d1c119 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/owncast.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/owncast.nix
@@ -10,7 +10,7 @@ in {
dataDir = mkOption {
type = types.str;
default = "/var/lib/owncast";
- description = ''
+ description = lib.mdDoc ''
The directory where owncast stores its data files. If left as the default value this directory will automatically be created before the owncast server starts, otherwise the sysadmin is responsible for ensuring the directory exists with appropriate ownership and permissions.
'';
};
@@ -18,7 +18,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open the appropriate ports in the firewall for owncast.
'';
};
@@ -26,26 +26,26 @@ in {
user = mkOption {
type = types.str;
default = "owncast";
- description = "User account under which owncast runs.";
+ description = lib.mdDoc "User account under which owncast runs.";
};
group = mkOption {
type = types.str;
default = "owncast";
- description = "Group under which owncast runs.";
+ description = lib.mdDoc "Group under which owncast runs.";
};
listen = mkOption {
type = types.str;
default = "127.0.0.1";
example = "0.0.0.0";
- description = "The IP address to bind the owncast web server to.";
+ description = lib.mdDoc "The IP address to bind the owncast web server to.";
};
port = mkOption {
type = types.port;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
TCP port where owncast web-gui listens.
'';
};
@@ -53,7 +53,7 @@ in {
rtmp-port = mkOption {
type = types.port;
default = 1935;
- description = ''
+ description = lib.mdDoc ''
TCP port where owncast rtmp service listens.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/packagekit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/packagekit.nix
index 9191078ef9c..04150ef76ff 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/packagekit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/packagekit.nix
@@ -48,13 +48,13 @@ in
settings = mkOption {
type = iniFmt.type;
default = { };
- description = "Additional settings passed straight through to PackageKit.conf";
+ description = lib.mdDoc "Additional settings passed straight through to PackageKit.conf";
};
vendorSettings = mkOption {
type = iniFmt.type;
default = { };
- description = "Additional settings passed straight through to Vendor.conf";
+ description = lib.mdDoc "Additional settings passed straight through to Vendor.conf";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/paperless.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/paperless.nix
index 17cd555d7e1..fbf1338a0df 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/paperless.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/paperless.nix
@@ -93,7 +93,7 @@ in
enable = mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Paperless.
When started, the Paperless database is automatically created if it doesn't
@@ -101,54 +101,54 @@ in
Both tasks are achieved by running a Django migration.
A script to manage the Paperless instance (by wrapping Django's manage.py) is linked to
- ''${dataDir}/paperless-manage.
+ `''${dataDir}/paperless-manage`.
'';
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/paperless";
- description = "Directory to store the Paperless data.";
+ description = lib.mdDoc "Directory to store the Paperless data.";
};
mediaDir = mkOption {
type = types.str;
default = "${cfg.dataDir}/media";
defaultText = literalExpression ''"''${dataDir}/media"'';
- description = "Directory to store the Paperless documents.";
+ description = lib.mdDoc "Directory to store the Paperless documents.";
};
consumptionDir = mkOption {
type = types.str;
default = "${cfg.dataDir}/consume";
defaultText = literalExpression ''"''${dataDir}/consume"'';
- description = "Directory from which new documents are imported.";
+ description = lib.mdDoc "Directory from which new documents are imported.";
};
consumptionDirIsPublic = mkOption {
type = types.bool;
default = false;
- description = "Whether all users can write to the consumption dir.";
+ description = lib.mdDoc "Whether all users can write to the consumption dir.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/paperless-password";
- description = ''
+ description = lib.mdDoc ''
A file containing the superuser password.
A superuser is required to access the web interface.
If unset, you can create a superuser manually by running
- ''${dataDir}/paperless-manage createsuperuser.
+ `''${dataDir}/paperless-manage createsuperuser`.
- The default superuser name is admin. To change it, set
- option .
+ The default superuser name is `admin`. To change it, set
+ option {option}`extraConfig.PAPERLESS_ADMIN_USER`.
WARNING: When changing the superuser name after the initial setup, the old superuser
will continue to exist.
To disable login for the web interface, set the following:
- extraConfig.PAPERLESS_AUTO_LOGIN_USERNAME = "admin";.
+ `extraConfig.PAPERLESS_AUTO_LOGIN_USERNAME = "admin";`.
WARNING: Only use this on a trusted system without internet access to Paperless.
'';
};
@@ -156,22 +156,22 @@ in
address = mkOption {
type = types.str;
default = "localhost";
- description = "Web interface address.";
+ description = lib.mdDoc "Web interface address.";
};
port = mkOption {
type = types.port;
default = 28981;
- description = "Web interface port.";
+ description = lib.mdDoc "Web interface port.";
};
extraConfig = mkOption {
type = types.attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
Extra paperless config options.
- See the documentation
+ See [the documentation](https://paperless-ngx.readthedocs.io/en/latest/configuration.html)
for available options.
'';
example = literalExpression ''
@@ -184,14 +184,14 @@ in
user = mkOption {
type = types.str;
default = defaultUser;
- description = "User under which Paperless runs.";
+ description = lib.mdDoc "User under which Paperless runs.";
};
package = mkOption {
type = types.package;
default = pkgs.paperless-ngx;
defaultText = literalExpression "pkgs.paperless-ngx";
- description = "The Paperless package to use.";
+ description = lib.mdDoc "The Paperless package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/parsoid.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/parsoid.nix
index 09b7f977bfb..101ece5ab4c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/parsoid.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/parsoid.nix
@@ -39,7 +39,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Parsoid -- bidirectional
wikitext parser.
'';
@@ -48,7 +48,7 @@ in
wikis = mkOption {
type = types.listOf (types.either types.str types.attrs);
example = [ "http://localhost/api.php" ];
- description = ''
+ description = lib.mdDoc ''
Used MediaWiki API endpoints.
'';
};
@@ -56,7 +56,7 @@ in
workers = mkOption {
type = types.int;
default = 2;
- description = ''
+ description = lib.mdDoc ''
Number of Parsoid workers.
'';
};
@@ -64,7 +64,7 @@ in
interface = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Interface to listen on.
'';
};
@@ -72,7 +72,7 @@ in
port = mkOption {
type = types.int;
default = 8000;
- description = ''
+ description = lib.mdDoc ''
Port to listen on.
'';
};
@@ -80,7 +80,7 @@ in
extraConfig = mkOption {
type = types.attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add to parsoid configuration.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/pinnwand.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/pinnwand.nix
index cbc796c9a7c..4eda25b4eb8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/pinnwand.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/pinnwand.nix
@@ -14,15 +14,15 @@ in
port = mkOption {
type = types.port;
- description = "The port to listen on.";
+ description = lib.mdDoc "The port to listen on.";
default = 8000;
};
settings = mkOption {
type = format.type;
- description = ''
- Your pinnwand.toml as a Nix attribute set. Look up
- possible options in the pinnwand.toml-example.
+ description = lib.mdDoc ''
+ Your {file}`pinnwand.toml` as a Nix attribute set. Look up
+ possible options in the [pinnwand.toml-example](https://github.com/supakeen/pinnwand/blob/master/pinnwand.toml-example).
'';
default = {};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/plex.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/plex.nix
index 1cd8da768f4..cb41bbb54b2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/plex.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/plex.nix
@@ -17,7 +17,7 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/plex";
- description = ''
+ description = lib.mdDoc ''
The directory where Plex stores its data files.
'';
};
@@ -25,7 +25,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the media server.
'';
};
@@ -33,7 +33,7 @@ in
user = mkOption {
type = types.str;
default = "plex";
- description = ''
+ description = lib.mdDoc ''
User account under which Plex runs.
'';
};
@@ -41,7 +41,7 @@ in
group = mkOption {
type = types.str;
default = "plex";
- description = ''
+ description = lib.mdDoc ''
Group under which Plex runs.
'';
};
@@ -49,7 +49,7 @@ in
extraPlugins = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of paths to extra plugin bundles to install in Plex's plugin
directory. Every time the systemd unit for Plex starts up, all of the
symlinks in Plex's plugin directory will be cleared and this module
@@ -73,7 +73,7 @@ in
extraScanners = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of paths to extra scanners to install in Plex's scanners
directory.
@@ -97,7 +97,7 @@ in
type = types.package;
default = pkgs.plex;
defaultText = literalExpression "pkgs.plex";
- description = ''
+ description = lib.mdDoc ''
The Plex package to use. Plex subscribers may wish to use their own
package here, pointing to subscriber-only server versions.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/plikd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/plikd.nix
index a62dbef1d2a..9ae9e064fd5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/plikd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/plikd.nix
@@ -16,14 +16,14 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the plikd.";
+ description = lib.mdDoc "Open ports in the firewall for the plikd.";
};
settings = mkOption {
type = format.type;
default = {};
- description = ''
- Configuration for plikd, see
+ description = lib.mdDoc ''
+ Configuration for plikd, see
for supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/podgrab.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/podgrab.nix
index 7077408b794..590309ace7e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/podgrab.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/podgrab.nix
@@ -10,7 +10,7 @@ in
type = with types; nullOr str;
default = null;
example = "/run/secrets/password.env";
- description = ''
+ description = lib.mdDoc ''
The path to a file containing the PASSWORD environment variable
definition for Podgrab's authentification.
'';
@@ -20,7 +20,7 @@ in
type = types.port;
default = 8080;
example = 4242;
- description = "The port on which Podgrab will listen for incoming HTTP traffic.";
+ description = lib.mdDoc "The port on which Podgrab will listen for incoming HTTP traffic.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/polaris.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/polaris.nix
new file mode 100644
index 00000000000..b5f7f17e664
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/polaris.nix
@@ -0,0 +1,151 @@
+{ config
+, pkgs
+, lib
+, ...}:
+
+with lib;
+let
+ cfg = config.services.polaris;
+ settingsFormat = pkgs.formats.toml {};
+in
+{
+ options = {
+ services.polaris = {
+ enable = mkEnableOption "Polaris Music Server";
+
+ package = mkPackageOption pkgs "polaris" { };
+
+ user = mkOption {
+ type = types.str;
+ default = "polaris";
+ description = lib.mdDoc "User account under which Polaris runs.";
+ };
+
+ group = mkOption {
+ type = types.str;
+ default = "polaris";
+ description = lib.mdDoc "Group under which Polaris is run.";
+ };
+
+ extraGroups = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ description = lib.mdDoc "Polaris' auxiliary groups.";
+ example = literalExpression ''["media" "music"]'';
+ };
+
+ port = mkOption {
+ type = types.port;
+ default = 5050;
+ description = lib.mdDoc ''
+ The port which the Polaris REST api and web UI should listen to.
+ Note: polaris is hardcoded to listen to the hostname "0.0.0.0".
+ '';
+ };
+
+ settings = mkOption {
+ type = settingsFormat.type;
+ default = {};
+ description = lib.mdDoc ''
+ Contents for the TOML Polaris config, applied each start.
+ Although poorly documented, an example may be found here:
+ [test-config.toml](https://github.com/agersant/polaris/blob/374d0ca56fc0a466d797a4b252e2078607476797/test-data/config.toml)
+ '';
+ example = literalExpression ''
+ {
+ settings.reindex_every_n_seconds = 7*24*60*60; # weekly, default is 1800
+ settings.album_art_pattern =
+ "(cover|front|folder)\.(jpeg|jpg|png|bmp|gif)";
+ mount_dirs = [
+ {
+ name = "NAS";
+ source = "/mnt/nas/music";
+ }
+ {
+ name = "Local";
+ source = "/home/my_user/Music";
+ }
+ ];
+ }
+ '';
+ };
+
+ openFirewall = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ Open the configured port in the firewall.
+ '';
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ systemd.services.polaris = {
+ description = "Polaris Music Server";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ serviceConfig = rec {
+ User = cfg.user;
+ Group = cfg.group;
+ DynamicUser = true;
+ SupplementaryGroups = cfg.extraGroups;
+ StateDirectory = "polaris";
+ CacheDirectory = "polaris";
+ ExecStart = escapeShellArgs ([
+ "${cfg.package}/bin/polaris"
+ "--foreground"
+ "--port" cfg.port
+ "--database" "/var/lib/${StateDirectory}/db.sqlite"
+ "--cache" "/var/cache/${CacheDirectory}"
+ ] ++ optionals (cfg.settings != {}) [
+ "--config" (settingsFormat.generate "polaris-config.toml" cfg.settings)
+ ]);
+ Restart = "on-failure";
+
+ # Security options:
+
+ #NoNewPrivileges = true; # implied by DynamicUser
+ #RemoveIPC = true; # implied by DynamicUser
+
+ AmbientCapabilities = "";
+ CapabilityBoundingSet = "";
+
+ DeviceAllow = "";
+
+ LockPersonality = true;
+
+ #PrivateTmp = true; # implied by DynamicUser
+ PrivateDevices = true;
+ PrivateUsers = true;
+
+ ProtectClock = true;
+ ProtectControlGroups = true;
+ ProtectHostname = true;
+ ProtectKernelLogs = true;
+ ProtectKernelModules = true;
+ ProtectKernelTunables = true;
+
+ RestrictNamespaces = true;
+ RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
+ RestrictRealtime = true;
+ #RestrictSUIDSGID = true; # implied by DynamicUser
+
+ SystemCallArchitectures = "native";
+ SystemCallErrorNumber = "EPERM";
+ SystemCallFilter = [
+ "@system-service"
+ "~@cpu-emulation" "~@debug" "~@keyring" "~@memlock" "~@obsolete" "~@privileged" "~@setuid"
+ ];
+ };
+ };
+
+ networking.firewall = mkIf cfg.openFirewall {
+ allowedTCPPorts = [ cfg.port ];
+ };
+
+ };
+
+ meta.maintainers = with maintainers; [ pbsds ];
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/prowlarr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/prowlarr.nix
index ef820b4022d..6152ee4a769 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/prowlarr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/prowlarr.nix
@@ -14,7 +14,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the Prowlarr web interface.";
+ description = lib.mdDoc "Open ports in the firewall for the Prowlarr web interface.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/pykms.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/pykms.nix
index 2f752bcc7ed..d24cd1bfa05 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/pykms.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/pykms.nix
@@ -18,43 +18,43 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the PyKMS service.";
+ description = lib.mdDoc "Whether to enable the PyKMS service.";
};
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "The IP address on which to listen.";
+ description = lib.mdDoc "The IP address on which to listen.";
};
port = mkOption {
type = types.int;
default = 1688;
- description = "The port on which to listen.";
+ description = lib.mdDoc "The port on which to listen.";
};
openFirewallPort = mkOption {
type = types.bool;
default = false;
- description = "Whether the listening port should be opened automatically.";
+ description = lib.mdDoc "Whether the listening port should be opened automatically.";
};
memoryLimit = mkOption {
type = types.str;
default = "64M";
- description = "How much memory to use at most.";
+ description = lib.mdDoc "How much memory to use at most.";
};
logLevel = mkOption {
type = types.enum [ "CRITICAL" "ERROR" "WARNING" "INFO" "DEBUG" "MININFO" ];
default = "INFO";
- description = "How much to log";
+ description = lib.mdDoc "How much to log";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [ ];
- description = "Additional arguments";
+ description = lib.mdDoc "Additional arguments";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/radarr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/radarr.nix
index 826d59da0af..a2d7b734f70 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/radarr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/radarr.nix
@@ -12,7 +12,7 @@ in
enable = mkEnableOption "Radarr";
package = mkOption {
- description = "Radarr package to use";
+ description = lib.mdDoc "Radarr package to use";
default = pkgs.radarr;
defaultText = literalExpression "pkgs.radarr";
example = literalExpression "pkgs.radarr";
@@ -22,25 +22,25 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/radarr/.config/Radarr";
- description = "The directory where Radarr stores its data files.";
+ description = lib.mdDoc "The directory where Radarr stores its data files.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the Radarr web interface.";
+ description = lib.mdDoc "Open ports in the firewall for the Radarr web interface.";
};
user = mkOption {
type = types.str;
default = "radarr";
- description = "User account under which Radarr runs.";
+ description = lib.mdDoc "User account under which Radarr runs.";
};
group = mkOption {
type = types.str;
default = "radarr";
- description = "Group under which Radarr runs.";
+ description = lib.mdDoc "Group under which Radarr runs.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/redmine.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/redmine.nix
index 696b8d1a25d..13b62f43557 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/redmine.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/redmine.nix
@@ -55,40 +55,40 @@ in
type = types.package;
default = pkgs.redmine;
defaultText = literalExpression "pkgs.redmine";
- description = "Which Redmine package to use.";
+ description = lib.mdDoc "Which Redmine package to use.";
example = literalExpression "pkgs.redmine.override { ruby = pkgs.ruby_2_7; }";
};
user = mkOption {
type = types.str;
default = "redmine";
- description = "User under which Redmine is ran.";
+ description = lib.mdDoc "User under which Redmine is ran.";
};
group = mkOption {
type = types.str;
default = "redmine";
- description = "Group under which Redmine is ran.";
+ description = lib.mdDoc "Group under which Redmine is ran.";
};
port = mkOption {
type = types.port;
default = 3000;
- description = "Port on which Redmine is ran.";
+ description = lib.mdDoc "Port on which Redmine is ran.";
};
stateDir = mkOption {
type = types.str;
default = "/var/lib/redmine";
- description = "The state directory, logs and plugins are stored here.";
+ description = lib.mdDoc "The state directory, logs and plugins are stored here.";
};
settings = mkOption {
type = format.type;
default = {};
- description = ''
- Redmine configuration (configuration.yml). Refer to
-
+ description = lib.mdDoc ''
+ Redmine configuration ({file}`configuration.yml`). Refer to
+
for details.
'';
example = literalExpression ''
@@ -107,10 +107,10 @@ in
extraEnv = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration in additional_environment.rb.
- See
+ See
for details.
'';
example = ''
@@ -121,7 +121,7 @@ in
themes = mkOption {
type = types.attrsOf types.path;
default = {};
- description = "Set of themes.";
+ description = lib.mdDoc "Set of themes.";
example = literalExpression ''
{
dkuk-redmine_alex_skin = builtins.fetchurl {
@@ -135,7 +135,7 @@ in
plugins = mkOption {
type = types.attrsOf types.path;
default = {};
- description = "Set of plugins.";
+ description = lib.mdDoc "Set of plugins.";
example = literalExpression ''
{
redmine_env_auth = builtins.fetchurl {
@@ -151,41 +151,41 @@ in
type = types.enum [ "mysql2" "postgresql" ];
example = "postgresql";
default = "mysql2";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
type = types.str;
default = "localhost";
- description = "Database host address.";
+ description = lib.mdDoc "Database host address.";
};
port = mkOption {
type = types.int;
default = if cfg.database.type == "postgresql" then 5432 else 3306;
defaultText = literalExpression "3306";
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = mkOption {
type = types.str;
default = "redmine";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = mkOption {
type = types.str;
default = "redmine";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/redmine-dbpassword";
- description = ''
+ description = lib.mdDoc ''
A file containing the password corresponding to
- .
+ {option}`database.user`.
'';
};
@@ -197,13 +197,13 @@ in
else null;
defaultText = literalExpression "/run/mysqld/mysqld.sock";
example = "/run/mysqld/mysqld.sock";
- description = "Path to the unix socket file to use for authentication.";
+ description = lib.mdDoc "Path to the unix socket file to use for authentication.";
};
createLocally = mkOption {
type = types.bool;
default = true;
- description = "Create the database and database user locally.";
+ description = lib.mdDoc "Create the database and database user locally.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ripple-data-api.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ripple-data-api.nix
index 93eba98b7d3..7d8a4cb2b44 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ripple-data-api.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ripple-data-api.nix
@@ -38,44 +38,44 @@ in {
enable = mkEnableOption "ripple data api";
port = mkOption {
- description = "Ripple data api port";
+ description = lib.mdDoc "Ripple data api port";
default = 5993;
type = types.int;
};
importMode = mkOption {
- description = "Ripple data api import mode.";
+ description = lib.mdDoc "Ripple data api import mode.";
default = "liveOnly";
type = types.enum ["live" "liveOnly"];
};
minLedger = mkOption {
- description = "Ripple data api minimal ledger to fetch.";
+ description = lib.mdDoc "Ripple data api minimal ledger to fetch.";
default = null;
type = types.nullOr types.int;
};
maxLedger = mkOption {
- description = "Ripple data api maximal ledger to fetch.";
+ description = lib.mdDoc "Ripple data api maximal ledger to fetch.";
default = null;
type = types.nullOr types.int;
};
redis = {
enable = mkOption {
- description = "Whether to enable caching of ripple data to redis.";
+ description = lib.mdDoc "Whether to enable caching of ripple data to redis.";
default = true;
type = types.bool;
};
host = mkOption {
- description = "Ripple data api redis host.";
+ description = lib.mdDoc "Ripple data api redis host.";
default = "localhost";
type = types.str;
};
port = mkOption {
- description = "Ripple data api redis port.";
+ description = lib.mdDoc "Ripple data api redis port.";
default = 5984;
type = types.int;
};
@@ -83,44 +83,44 @@ in {
couchdb = {
host = mkOption {
- description = "Ripple data api couchdb host.";
+ description = lib.mdDoc "Ripple data api couchdb host.";
default = "localhost";
type = types.str;
};
port = mkOption {
- description = "Ripple data api couchdb port.";
+ description = lib.mdDoc "Ripple data api couchdb port.";
default = 5984;
type = types.int;
};
db = mkOption {
- description = "Ripple data api couchdb database.";
+ description = lib.mdDoc "Ripple data api couchdb database.";
default = "rippled";
type = types.str;
};
user = mkOption {
- description = "Ripple data api couchdb username.";
+ description = lib.mdDoc "Ripple data api couchdb username.";
default = "rippled";
type = types.str;
};
pass = mkOption {
- description = "Ripple data api couchdb password.";
+ description = lib.mdDoc "Ripple data api couchdb password.";
default = "";
type = types.str;
};
create = mkOption {
- description = "Whether to create couchdb database needed by ripple data api.";
+ description = lib.mdDoc "Whether to create couchdb database needed by ripple data api.";
type = types.bool;
default = true;
};
};
rippleds = mkOption {
- description = "List of rippleds to be used by ripple data api.";
+ description = lib.mdDoc "List of rippleds to be used by ripple data api.";
default = [
"http://s_east.ripple.com:51234"
"http://s_west.ripple.com:51234"
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/rippled.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/rippled.nix
index f6ec0677774..8b6704c1be7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/rippled.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/rippled.nix
@@ -92,41 +92,41 @@ let
ip = mkOption {
default = "127.0.0.1";
- description = "Ip where rippled listens.";
+ description = lib.mdDoc "Ip where rippled listens.";
type = types.str;
};
port = mkOption {
- description = "Port where rippled listens.";
+ description = lib.mdDoc "Port where rippled listens.";
type = types.int;
};
protocol = mkOption {
- description = "Protocols expose by rippled.";
+ description = lib.mdDoc "Protocols expose by rippled.";
type = types.listOf (types.enum ["http" "https" "ws" "wss" "peer"]);
};
user = mkOption {
- description = "When set, these credentials will be required on HTTP/S requests.";
+ description = lib.mdDoc "When set, these credentials will be required on HTTP/S requests.";
type = types.str;
default = "";
};
password = mkOption {
- description = "When set, these credentials will be required on HTTP/S requests.";
+ description = lib.mdDoc "When set, these credentials will be required on HTTP/S requests.";
type = types.str;
default = "";
};
admin = mkOption {
- description = "A comma-separated list of admin IP addresses.";
+ description = lib.mdDoc "A comma-separated list of admin IP addresses.";
type = types.listOf types.str;
default = ["127.0.0.1"];
};
ssl = {
key = mkOption {
- description = ''
+ description = lib.mdDoc ''
Specifies the filename holding the SSL key in PEM format.
'';
default = null;
@@ -134,7 +134,7 @@ let
};
cert = mkOption {
- description = ''
+ description = lib.mdDoc ''
Specifies the path to the SSL certificate file in PEM format.
This is not needed if the chain includes it.
'';
@@ -143,7 +143,7 @@ let
};
chain = mkOption {
- description = ''
+ description = lib.mdDoc ''
If you need a certificate chain, specify the path to the
certificate chain here. The chain may include the end certificate.
'';
@@ -157,33 +157,33 @@ let
dbOptions = {
options = {
type = mkOption {
- description = "Rippled database type.";
+ description = lib.mdDoc "Rippled database type.";
type = types.enum ["rocksdb" "nudb"];
default = "rocksdb";
};
path = mkOption {
- description = "Location to store the database.";
+ description = lib.mdDoc "Location to store the database.";
type = types.path;
default = cfg.databasePath;
defaultText = literalExpression "config.${opt.databasePath}";
};
compression = mkOption {
- description = "Whether to enable snappy compression.";
+ description = lib.mdDoc "Whether to enable snappy compression.";
type = types.nullOr types.bool;
default = null;
};
onlineDelete = mkOption {
- description = "Enable automatic purging of older ledger information.";
+ description = lib.mdDoc "Enable automatic purging of older ledger information.";
type = types.nullOr (types.addCheck types.int (v: v > 256));
default = cfg.ledgerHistory;
defaultText = literalExpression "config.${opt.ledgerHistory}";
};
advisoryDelete = mkOption {
- description = ''
+ description = lib.mdDoc ''
If set, then require administrative RPC call "can_delete"
to enable online deletion of ledger records.
'';
@@ -192,7 +192,7 @@ let
};
extraOpts = mkOption {
- description = "Extra database options.";
+ description = lib.mdDoc "Extra database options.";
type = types.lines;
default = "";
};
@@ -210,14 +210,14 @@ in
enable = mkEnableOption "rippled";
package = mkOption {
- description = "Which rippled package to use.";
+ description = lib.mdDoc "Which rippled package to use.";
type = types.package;
default = pkgs.rippled;
defaultText = literalExpression "pkgs.rippled";
};
ports = mkOption {
- description = "Ports exposed by rippled";
+ description = lib.mdDoc "Ports exposed by rippled";
type = with types; attrsOf (submodule portOptions);
default = {
rpc = {
@@ -241,7 +241,7 @@ in
};
nodeDb = mkOption {
- description = "Rippled main database options.";
+ description = lib.mdDoc "Rippled main database options.";
type = with types; nullOr (submodule dbOptions);
default = {
type = "rocksdb";
@@ -256,19 +256,19 @@ in
};
tempDb = mkOption {
- description = "Rippled temporary database options.";
+ description = lib.mdDoc "Rippled temporary database options.";
type = with types; nullOr (submodule dbOptions);
default = null;
};
importDb = mkOption {
- description = "Settings for performing a one-time import.";
+ description = lib.mdDoc "Settings for performing a one-time import.";
type = with types; nullOr (submodule dbOptions);
default = null;
};
nodeSize = mkOption {
- description = ''
+ description = lib.mdDoc ''
Rippled size of the node you are running.
"tiny", "small", "medium", "large", and "huge"
'';
@@ -277,7 +277,7 @@ in
};
ips = mkOption {
- description = ''
+ description = lib.mdDoc ''
List of hostnames or ips where the Ripple protocol is served.
For a starter list, you can either copy entries from:
https://ripple.com/ripple.txt or if you prefer you can let it
@@ -292,7 +292,7 @@ in
};
ipsFixed = mkOption {
- description = ''
+ description = lib.mdDoc ''
List of IP addresses or hostnames to which rippled should always
attempt to maintain peer connections with. This is useful for
manually forming private networks, for example to configure a
@@ -306,7 +306,7 @@ in
};
validators = mkOption {
- description = ''
+ description = lib.mdDoc ''
List of nodes to always accept as validators. Nodes are specified by domain
or public key.
'';
@@ -321,7 +321,7 @@ in
};
databasePath = mkOption {
- description = ''
+ description = lib.mdDoc ''
Path to the ripple database.
'';
type = types.path;
@@ -329,7 +329,7 @@ in
};
validationQuorum = mkOption {
- description = ''
+ description = lib.mdDoc ''
The minimum number of trusted validations a ledger must have before
the server considers it fully validated.
'';
@@ -338,7 +338,7 @@ in
};
ledgerHistory = mkOption {
- description = ''
+ description = lib.mdDoc ''
The number of past ledgers to acquire on server startup and the minimum
to maintain while running.
'';
@@ -347,7 +347,7 @@ in
};
fetchDepth = mkOption {
- description = ''
+ description = lib.mdDoc ''
The number of past ledgers to serve to other peers that request historical
ledger data (or "full" for no limit).
'';
@@ -356,7 +356,7 @@ in
};
sntpServers = mkOption {
- description = ''
+ description = lib.mdDoc ''
IP address or domain of NTP servers to use for time synchronization.;
'';
type = types.listOf types.str;
@@ -369,7 +369,7 @@ in
};
logLevel = mkOption {
- description = "Logging verbosity.";
+ description = lib.mdDoc "Logging verbosity.";
type = types.enum ["debug" "error" "info"];
default = "error";
};
@@ -378,13 +378,13 @@ in
enable = mkEnableOption "statsd monitoring for rippled";
address = mkOption {
- description = "The UDP address and port of the listening StatsD server.";
+ description = lib.mdDoc "The UDP address and port of the listening StatsD server.";
default = "127.0.0.1:8125";
type = types.str;
};
prefix = mkOption {
- description = "A string prepended to each collected metric.";
+ description = lib.mdDoc "A string prepended to each collected metric.";
default = "";
type = types.str;
};
@@ -393,7 +393,7 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra lines to be added verbatim to the rippled.cfg configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/rmfakecloud.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/rmfakecloud.nix
index fe522653c21..2feb663f7cb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/rmfakecloud.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/rmfakecloud.nix
@@ -15,7 +15,7 @@ in {
type = types.package;
default = pkgs.rmfakecloud;
defaultText = literalExpression "pkgs.rmfakecloud";
- description = ''
+ description = lib.mdDoc ''
rmfakecloud package to use.
The default does not include the web user interface.
@@ -25,7 +25,7 @@ in {
storageUrl = mkOption {
type = types.str;
example = "https://local.appspot.com";
- description = ''
+ description = lib.mdDoc ''
URL used by the tablet to access the rmfakecloud service.
'';
};
@@ -33,7 +33,7 @@ in {
port = mkOption {
type = types.port;
default = 3000;
- description = ''
+ description = lib.mdDoc ''
Listening port number.
'';
};
@@ -41,7 +41,7 @@ in {
logLevel = mkOption {
type = types.enum [ "info" "debug" "warn" "error" ];
default = "info";
- description = ''
+ description = lib.mdDoc ''
Logging level.
'';
};
@@ -63,7 +63,7 @@ in {
type = with types; nullOr path;
default = null;
example = "/etc/secrets/rmfakecloud.env";
- description = ''
+ description = lib.mdDoc ''
Path to an environment file loaded for the rmfakecloud service.
This can be used to securely store tokens and secrets outside of the
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/serviio.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/serviio.nix
index 0ead6a81691..57efebb2c03 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/serviio.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/serviio.nix
@@ -31,7 +31,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Serviio Media Server.
'';
};
@@ -39,7 +39,7 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/lib/serviio";
- description = ''
+ description = lib.mdDoc ''
The directory where serviio stores its state, data, etc.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sickbeard.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sickbeard.nix
index a3db9928634..bd8d8d8fa7c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sickbeard.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sickbeard.nix
@@ -20,43 +20,43 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the sickbeard server.";
+ description = lib.mdDoc "Whether to enable the sickbeard server.";
};
package = mkOption {
type = types.package;
default = pkgs.sickbeard;
defaultText = literalExpression "pkgs.sickbeard";
example = literalExpression "pkgs.sickrage";
- description =''
- Enable pkgs.sickrage or pkgs.sickgear
+ description =lib.mdDoc ''
+ Enable `pkgs.sickrage` or `pkgs.sickgear`
as an alternative to SickBeard
'';
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/${name}";
- description = "Path where to store data files.";
+ description = lib.mdDoc "Path where to store data files.";
};
configFile = mkOption {
type = types.path;
default = "${cfg.dataDir}/config.ini";
defaultText = literalExpression ''"''${config.${opt.dataDir}}/config.ini"'';
- description = "Path to config file.";
+ description = lib.mdDoc "Path to config file.";
};
port = mkOption {
type = types.ints.u16;
default = 8081;
- description = "Port to bind to.";
+ description = lib.mdDoc "Port to bind to.";
};
user = mkOption {
type = types.str;
default = name;
- description = "User to run the service as";
+ description = lib.mdDoc "User to run the service as";
};
group = mkOption {
type = types.str;
default = name;
- description = "Group to run the service as";
+ description = lib.mdDoc "Group to run the service as";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/signald.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/signald.nix
index 4cd34e4326d..8a1d2c4ad38 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/signald.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/signald.nix
@@ -13,19 +13,19 @@ in
user = mkOption {
type = types.str;
default = defaultUser;
- description = "User under which signald runs.";
+ description = lib.mdDoc "User under which signald runs.";
};
group = mkOption {
type = types.str;
default = defaultUser;
- description = "Group under which signald runs.";
+ description = lib.mdDoc "Group under which signald runs.";
};
socketPath = mkOption {
type = types.str;
default = "/run/signald/signald.sock";
- description = "Path to the signald socket";
+ description = lib.mdDoc "Path to the signald socket";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/siproxd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/siproxd.nix
index 20fe0793b84..f1a1ed4d29b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/siproxd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/siproxd.nix
@@ -37,7 +37,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Siproxd SIP
proxy/masquerading daemon.
'';
@@ -46,20 +46,20 @@ in
ifInbound = mkOption {
type = types.str;
example = "eth0";
- description = "Local network interface";
+ description = lib.mdDoc "Local network interface";
};
ifOutbound = mkOption {
type = types.str;
example = "ppp0";
- description = "Public network interface";
+ description = lib.mdDoc "Public network interface";
};
hostsAllowReg = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "192.168.1.0/24" "192.168.2.0/24" ];
- description = ''
+ description = lib.mdDoc ''
Acess control list for incoming SIP registrations.
'';
};
@@ -68,7 +68,7 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "123.45.0.0/16" "123.46.0.0/16" ];
- description = ''
+ description = lib.mdDoc ''
Acess control list for incoming SIP traffic.
'';
};
@@ -77,7 +77,7 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "10.0.0.0/8" "11.0.0.0/8" ];
- description = ''
+ description = lib.mdDoc ''
Acess control list for denying incoming
SIP registrations and traffic.
'';
@@ -86,7 +86,7 @@ in
sipListenPort = mkOption {
type = types.int;
default = 5060;
- description = ''
+ description = lib.mdDoc ''
Port to listen for incoming SIP messages.
'';
};
@@ -94,7 +94,7 @@ in
rtpPortLow = mkOption {
type = types.int;
default = 7070;
- description = ''
+ description = lib.mdDoc ''
Bottom of UDP port range for incoming and outgoing RTP traffic
'';
};
@@ -102,7 +102,7 @@ in
rtpPortHigh = mkOption {
type = types.int;
default = 7089;
- description = ''
+ description = lib.mdDoc ''
Top of UDP port range for incoming and outgoing RTP traffic
'';
};
@@ -110,7 +110,7 @@ in
rtpTimeout = mkOption {
type = types.int;
default = 300;
- description = ''
+ description = lib.mdDoc ''
Timeout for an RTP stream. If for the specified
number of seconds no data is relayed on an active
stream, it is considered dead and will be killed.
@@ -120,7 +120,7 @@ in
rtpDscp = mkOption {
type = types.int;
default = 46;
- description = ''
+ description = lib.mdDoc ''
DSCP (differentiated services) value to be assigned
to RTP packets. Allows QOS aware routers to handle
different types traffic with different priorities.
@@ -130,7 +130,7 @@ in
sipDscp = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
DSCP (differentiated services) value to be assigned
to SIP packets. Allows QOS aware routers to handle
different types traffic with different priorities.
@@ -140,7 +140,7 @@ in
passwordFile = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Path to per-user password file.
'';
};
@@ -148,7 +148,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add to siproxd configuration.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/snapper.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/snapper.nix
index 3c3f6c4d641..7d7e3db3ce0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/snapper.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/snapper.nix
@@ -12,7 +12,7 @@ in
snapshotRootOnBoot = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to snapshot root on boot
'';
};
@@ -44,7 +44,7 @@ in
filters = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Global display difference filter. See man:snapper(8) for more details.
'';
};
@@ -64,7 +64,7 @@ in
}
'';
- description = ''
+ description = lib.mdDoc ''
Subvolume configuration
'';
@@ -72,7 +72,7 @@ in
options = {
subvolume = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path of the subvolume or mount point.
This path is a subvolume and has to contain a subvolume named
.snapshots.
@@ -83,7 +83,7 @@ in
fstype = mkOption {
type = types.enum [ "btrfs" ];
default = "btrfs";
- description = ''
+ description = lib.mdDoc ''
Filesystem type. Only btrfs is stable and tested.
'';
};
@@ -91,7 +91,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Additional configuration next to SUBVOLUME and FSTYPE.
See man:snapper-configs(5).
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sonarr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sonarr.nix
index 77c7f0582d0..a956a14d007 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sonarr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sonarr.nix
@@ -13,13 +13,13 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/sonarr/.config/NzbDrone";
- description = "The directory where Sonarr stores its data files.";
+ description = lib.mdDoc "The directory where Sonarr stores its data files.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the Sonarr web interface
'';
};
@@ -27,13 +27,13 @@ in
user = mkOption {
type = types.str;
default = "sonarr";
- description = "User account under which Sonaar runs.";
+ description = lib.mdDoc "User account under which Sonaar runs.";
};
group = mkOption {
type = types.str;
default = "sonarr";
- description = "Group under which Sonaar runs.";
+ description = lib.mdDoc "Group under which Sonaar runs.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ssm-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ssm-agent.nix
index 4ae596ade17..5f2b47bae47 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ssm-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/ssm-agent.nix
@@ -21,7 +21,7 @@ in {
package = mkOption {
type = types.path;
- description = "The SSM agent package to use";
+ description = lib.mdDoc "The SSM agent package to use";
default = pkgs.ssm-agent.override { overrideEtc = false; };
defaultText = literalExpression "pkgs.ssm-agent.override { overrideEtc = false; }";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sssd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sssd.nix
index 386281e2b7c..3f6b96258f1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sssd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/sssd.nix
@@ -10,7 +10,7 @@ in {
config = mkOption {
type = types.lines;
- description = "Contents of sssd.conf.";
+ description = lib.mdDoc "Contents of {file}`sssd.conf`.";
default = ''
[sssd]
config_file_version = 2
@@ -33,9 +33,18 @@ in {
sshAuthorizedKeysIntegration = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to make sshd look up authorized keys from SSS.
- For this to work, the ssh SSS service must be enabled in the sssd configuration.
+ For this to work, the `ssh` SSS service must be enabled in the sssd configuration.
+ '';
+ };
+
+ kcm = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Whether to use SSS as a Kerberos Cache Manager (KCM).
+ Kerberos will be configured to cache credentials in SSS.
'';
};
};
@@ -79,6 +88,28 @@ in {
services.dbus.packages = [ pkgs.sssd ];
})
+ (mkIf cfg.kcm {
+ systemd.services.sssd-kcm = {
+ description = "SSSD Kerberos Cache Manager";
+ requires = [ "sssd-kcm.socket" ];
+ serviceConfig = {
+ ExecStartPre = "-${pkgs.sssd}/bin/sssd --genconf-section=kcm";
+ ExecStart = "${pkgs.sssd}/libexec/sssd/sssd_kcm --uid 0 --gid 0";
+ };
+ restartTriggers = [
+ config.environment.etc."sssd/sssd.conf".source
+ ];
+ };
+ systemd.sockets.sssd-kcm = {
+ description = "SSSD Kerberos Cache Manager responder socket";
+ wantedBy = [ "sockets.target" ];
+ # Matches the default in MIT krb5 and Heimdal:
+ # https://github.com/krb5/krb5/blob/krb5-1.19.3-final/src/include/kcm.h#L43
+ listenStreams = [ "/var/run/.heim_org.h5l.kcm-socket" ];
+ };
+ krb5.libdefaults.default_ccache_name = "KCM:";
+ })
+
(mkIf cfg.sshAuthorizedKeysIntegration {
# Ugly: sshd refuses to start if a store path is given because /nix/store is group-writable.
# So indirect by a symlink.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/subsonic.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/subsonic.nix
index 2dda8970dd3..d657ae2b998 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/subsonic.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/subsonic.nix
@@ -13,7 +13,7 @@ in {
home = mkOption {
type = types.path;
default = "/var/lib/subsonic";
- description = ''
+ description = lib.mdDoc ''
The directory where Subsonic will create files.
Make sure it is writable.
'';
@@ -22,7 +22,7 @@ in {
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
The host name or IP address on which to bind Subsonic.
Only relevant if you have multiple network interfaces and want
to make Subsonic available on only one of them. The default value
@@ -33,7 +33,7 @@ in {
port = mkOption {
type = types.port;
default = 4040;
- description = ''
+ description = lib.mdDoc ''
The port on which Subsonic will listen for
incoming HTTP traffic. Set to 0 to disable.
'';
@@ -42,7 +42,7 @@ in {
httpsPort = mkOption {
type = types.port;
default = 0;
- description = ''
+ description = lib.mdDoc ''
The port on which Subsonic will listen for
incoming HTTPS traffic. Set to 0 to disable.
'';
@@ -51,7 +51,7 @@ in {
contextPath = mkOption {
type = types.path;
default = "/";
- description = ''
+ description = lib.mdDoc ''
The context path, i.e., the last part of the Subsonic
URL. Typically '/' or '/subsonic'. Default '/'
'';
@@ -60,7 +60,7 @@ in {
maxMemory = mkOption {
type = types.int;
default = 100;
- description = ''
+ description = lib.mdDoc ''
The memory limit (max Java heap size) in megabytes.
Default: 100
'';
@@ -69,7 +69,7 @@ in {
defaultMusicFolder = mkOption {
type = types.path;
default = "/var/music";
- description = ''
+ description = lib.mdDoc ''
Configure Subsonic to use this folder for music. This option
only has effect the first time Subsonic is started.
'';
@@ -78,7 +78,7 @@ in {
defaultPodcastFolder = mkOption {
type = types.path;
default = "/var/music/Podcast";
- description = ''
+ description = lib.mdDoc ''
Configure Subsonic to use this folder for Podcasts. This option
only has effect the first time Subsonic is started.
'';
@@ -87,7 +87,7 @@ in {
defaultPlaylistFolder = mkOption {
type = types.path;
default = "/var/playlists";
- description = ''
+ description = lib.mdDoc ''
Configure Subsonic to use this folder for playlists. This option
only has effect the first time Subsonic is started.
'';
@@ -97,7 +97,7 @@ in {
type = types.listOf types.path;
default = [ "${pkgs.ffmpeg.bin}/bin/ffmpeg" ];
defaultText = literalExpression ''[ "''${pkgs.ffmpeg.bin}/bin/ffmpeg" ]'';
- description = ''
+ description = lib.mdDoc ''
List of paths to transcoder executables that should be accessible
from Subsonic. Symlinks will be created to each executable inside
''${config.${opt.home}}/transcoders.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/svnserve.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/svnserve.nix
index 5fa262ca3b9..a0103641c65 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/svnserve.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/svnserve.nix
@@ -20,13 +20,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable svnserve to serve Subversion repositories through the SVN protocol.";
+ description = lib.mdDoc "Whether to enable svnserve to serve Subversion repositories through the SVN protocol.";
};
svnBaseDir = mkOption {
type = types.str;
default = "/repos";
- description = "Base directory from which Subversion repositories are accessed.";
+ description = lib.mdDoc "Base directory from which Subversion repositories are accessed.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/synergy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/synergy.nix
index d6cd5d7f0d6..c02d80b35c6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/synergy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/synergy.nix
@@ -24,14 +24,14 @@ in
screenName = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Use the given name instead of the hostname to identify
ourselves to the server.
'';
};
serverAddress = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The server address is of the form: [hostname][:port]. The
hostname must be the address or hostname of the server. The
port overrides the default port, 24800.
@@ -40,7 +40,7 @@ in
autoStart = mkOption {
default = true;
type = types.bool;
- description = "Whether the Synergy client should be started automatically.";
+ description = lib.mdDoc "Whether the Synergy client should be started automatically.";
};
};
@@ -50,12 +50,12 @@ in
configFile = mkOption {
type = types.path;
default = "/etc/synergy-server.conf";
- description = "The Synergy server configuration file.";
+ description = lib.mdDoc "The Synergy server configuration file.";
};
screenName = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Use the given name instead of the hostname to identify
this screen in the configuration.
'';
@@ -63,18 +63,18 @@ in
address = mkOption {
type = types.str;
default = "";
- description = "Address on which to listen for clients.";
+ description = lib.mdDoc "Address on which to listen for clients.";
};
autoStart = mkOption {
default = true;
type = types.bool;
- description = "Whether the Synergy server should be started automatically.";
+ description = lib.mdDoc "Whether the Synergy server should be started automatically.";
};
tls = {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether TLS encryption should be used.
Using this requires a TLS certificate that can be
@@ -87,7 +87,7 @@ in
type = types.nullOr types.str;
default = null;
example = "~/.synergy/SSL/Synergy.pem";
- description = "The TLS certificate to use for encryption.";
+ description = lib.mdDoc "The TLS certificate to use for encryption.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/taskserver/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/taskserver/default.nix
index e2080492998..d9572f006ee 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/taskserver/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/taskserver/default.nix
@@ -89,7 +89,7 @@ let
type = types.uniq (types.listOf types.str);
default = [];
example = [ "alice" "bob" ];
- description = ''
+ description = lib.mdDoc ''
A list of user names that belong to the organization.
'';
};
@@ -98,7 +98,7 @@ let
type = types.listOf types.str;
default = [];
example = [ "workers" "slackers" ];
- description = ''
+ description = lib.mdDoc ''
A list of group names that belong to the organization.
'';
};
@@ -151,19 +151,19 @@ in {
user = mkOption {
type = types.str;
default = "taskd";
- description = "User for Taskserver.";
+ description = lib.mdDoc "User for Taskserver.";
};
group = mkOption {
type = types.str;
default = "taskd";
- description = "Group for Taskserver.";
+ description = lib.mdDoc "Group for Taskserver.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/taskserver";
- description = "Data directory for Taskserver.";
+ description = lib.mdDoc "Data directory for Taskserver.";
};
ciphers = mkOption {
@@ -184,17 +184,17 @@ in {
example.myShinyOrganisation.users = [ "alice" "bob" ];
example.myShinyOrganisation.groups = [ "staff" "outsiders" ];
example.yetAnotherOrganisation.users = [ "foo" "bar" ];
- description = ''
+ description = lib.mdDoc ''
An attribute set where the keys name the organisation and the values
- are a set of lists of and
- .
+ are a set of lists of {option}`users` and
+ {option}`groups`.
'';
};
confirmation = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Determines whether certain commands are confirmed.
'';
};
@@ -202,7 +202,7 @@ in {
debug = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Logs debugging information.
'';
};
@@ -210,7 +210,7 @@ in {
extensions = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Fully qualified path of the Taskserver extension scripts.
Currently there are none.
'';
@@ -219,7 +219,7 @@ in {
ipLog = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Logs the IP addresses of incoming requests.
'';
};
@@ -238,7 +238,7 @@ in {
requestLimit = mkOption {
type = types.int;
default = 1048576;
- description = ''
+ description = lib.mdDoc ''
Size limit of incoming requests, in bytes.
'';
};
@@ -247,13 +247,13 @@ in {
type = with types; either str (listOf str);
default = [];
example = [ "[Tt]ask [2-9]+" ];
- description = ''
+ description = lib.mdDoc ''
A list of regular expressions that are matched against the reported
- client id (such as task 2.3.0).
+ client id (such as `task 2.3.0`).
- The values all or none have
+ The values `all` or `none` have
special meaning. Overidden by any entry in the option
- .
+ {option}`services.taskserver.disallowedClientIDs`.
'';
};
@@ -261,13 +261,13 @@ in {
type = with types; either str (listOf str);
default = [];
example = [ "[Tt]ask [2-9]+" ];
- description = ''
+ description = lib.mdDoc ''
A list of regular expressions that are matched against the reported
- client id (such as task 2.3.0).
+ client id (such as `task 2.3.0`).
- The values all or none have
+ The values `all` or `none` have
special meaning. Any entry here overrides those in
- .
+ {option}`services.taskserver.allowedClientIDs`.
'';
};
@@ -275,7 +275,7 @@ in {
type = types.str;
default = "localhost";
example = "::";
- description = ''
+ description = lib.mdDoc ''
The address (IPv4, IPv6 or DNS) to listen on.
'';
};
@@ -283,7 +283,7 @@ in {
listenPort = mkOption {
type = types.int;
default = 53589;
- description = ''
+ description = lib.mdDoc ''
Port number of the Taskserver.
'';
};
@@ -291,7 +291,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open the firewall for the specified Taskserver port.
'';
};
@@ -299,7 +299,7 @@ in {
fqdn = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
The fully qualified domain name of this server, which is also used
as the common name in the certificates.
'';
@@ -308,12 +308,12 @@ in {
trust = mkOption {
type = types.enum [ "allow all" "strict" ];
default = "strict";
- description = ''
+ description = lib.mdDoc ''
Determines how client certificates are validated.
- The value allow all performs no client
+ The value `allow all` performs no client
certificate validation. This is not recommended. The value
- strict causes the client certificate to be
+ `strict` causes the client certificate to be
validated against a CA.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tautulli.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tautulli.nix
index 9a972b29122..3f6633c9a57 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tautulli.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tautulli.nix
@@ -17,38 +17,38 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/plexpy";
- description = "The directory where Tautulli stores its data files.";
+ description = lib.mdDoc "The directory where Tautulli stores its data files.";
};
configFile = mkOption {
type = types.str;
default = "/var/lib/plexpy/config.ini";
- description = "The location of Tautulli's config file.";
+ description = lib.mdDoc "The location of Tautulli's config file.";
};
port = mkOption {
type = types.int;
default = 8181;
- description = "TCP port where Tautulli listens.";
+ description = lib.mdDoc "TCP port where Tautulli listens.";
};
user = mkOption {
type = types.str;
default = "plexpy";
- description = "User account under which Tautulli runs.";
+ description = lib.mdDoc "User account under which Tautulli runs.";
};
group = mkOption {
type = types.str;
default = "nogroup";
- description = "Group under which Tautulli runs.";
+ description = lib.mdDoc "Group under which Tautulli runs.";
};
package = mkOption {
type = types.package;
default = pkgs.tautulli;
defaultText = literalExpression "pkgs.tautulli";
- description = ''
+ description = lib.mdDoc ''
The Tautulli package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tiddlywiki.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tiddlywiki.nix
index 2adc08f6cfe..7052be23d76 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tiddlywiki.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tiddlywiki.nix
@@ -24,9 +24,9 @@ in {
readers="(authenticated)";
port = 3456;
};
- description = ''
- Parameters passed to --listen command.
- Refer to
+ description = lib.mdDoc ''
+ Parameters passed to `--listen` command.
+ Refer to
for details on supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tp-auto-kbbl.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tp-auto-kbbl.nix
index 59018f7f81f..54dec0b3fea 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tp-auto-kbbl.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tp-auto-kbbl.nix
@@ -15,21 +15,21 @@ in {
type = types.package;
default = pkgs.tp-auto-kbbl;
defaultText = literalExpression "pkgs.tp-auto-kbbl";
- description = "Package providing tp-auto-kbbl.";
+ description = lib.mdDoc "Package providing {command}`tp-auto-kbbl`.";
};
arguments = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
- List of arguments appended to ./tp-auto-kbbl --device [device] [arguments]
+ description = lib.mdDoc ''
+ List of arguments appended to `./tp-auto-kbbl --device [device] [arguments]`
'';
};
device = mkOption {
type = types.str;
default = "/dev/input/event0";
- description = "Device watched for activities.";
+ description = lib.mdDoc "Device watched for activities.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tzupdate.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tzupdate.nix
index eac1e1112a5..300a578f7c4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tzupdate.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/tzupdate.nix
@@ -9,7 +9,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the tzupdate timezone updating service. This provides
a one-shot service which can be activated with systemctl to
update the timezone.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/uhub.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/uhub.nix
index 99774fbb920..c3eda0db44d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/uhub.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/uhub.nix
@@ -15,7 +15,7 @@ in {
services.uhub = mkOption {
default = { };
- description = "Uhub ADC hub instances";
+ description = lib.mdDoc "Uhub ADC hub instances";
type = types.attrsOf (types.submodule {
options = {
@@ -24,12 +24,12 @@ in {
enableTLS = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable TLS support.";
+ description = lib.mdDoc "Whether to enable TLS support.";
};
settings = mkOption {
inherit (settingsFormat) type;
- description = ''
+ description = lib.mdDoc ''
Configuration of uhub.
See https://www.uhub.org/doc/config.php for a list of options.
'';
@@ -44,7 +44,7 @@ in {
};
plugins = mkOption {
- description = "Uhub plugin configuration.";
+ description = lib.mdDoc "Uhub plugin configuration.";
type = with types;
listOf (submodule {
options = {
@@ -52,10 +52,10 @@ in {
type = path;
example = literalExpression
"$${pkgs.uhub}/plugins/mod_auth_sqlite.so";
- description = "Path to plugin file.";
+ description = lib.mdDoc "Path to plugin file.";
};
settings = mkOption {
- description = "Settings specific to this plugin.";
+ description = lib.mdDoc "Settings specific to this plugin.";
type = with types; attrsOf str;
example = { file = "/etc/uhub/users.db"; };
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/weechat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/weechat.nix
index 7a4c4dca2ac..b1de30ae2b8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/weechat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/weechat.nix
@@ -10,18 +10,18 @@ in
options.services.weechat = {
enable = mkEnableOption "weechat";
root = mkOption {
- description = "Weechat state directory.";
+ description = lib.mdDoc "Weechat state directory.";
type = types.str;
default = "/var/lib/weechat";
};
sessionName = mkOption {
- description = "Name of the `screen' session for weechat.";
+ description = lib.mdDoc "Name of the `screen' session for weechat.";
default = "weechat-screen";
type = types.str;
};
binary = mkOption {
type = types.path;
- description = "Binary to execute.";
+ description = lib.mdDoc "Binary to execute.";
default = "${pkgs.weechat}/bin/weechat";
defaultText = literalExpression ''"''${pkgs.weechat}/bin/weechat"'';
example = literalExpression ''"''${pkgs.weechat}/bin/weechat-headless"'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/xmr-stak.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/xmr-stak.nix
index 9256e9ae01c..c218f747f28 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/xmr-stak.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/xmr-stak.nix
@@ -23,7 +23,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "--noCPU" "--currency monero" ];
- description = "List of parameters to pass to xmr-stak.";
+ description = lib.mdDoc "List of parameters to pass to xmr-stak.";
};
configFiles = mkOption {
@@ -52,7 +52,7 @@ in
''';
}
'';
- description = ''
+ description = lib.mdDoc ''
Content of config files like config.txt, pools.txt or cpu.txt.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/xmrig.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/xmrig.nix
index c5c3803920c..a98b2292f55 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/xmrig.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/xmrig.nix
@@ -20,7 +20,7 @@ with lib;
default = pkgs.xmrig;
defaultText = literalExpression "pkgs.xmrig";
example = literalExpression "pkgs.xmrig-mo";
- description = "XMRig package to use.";
+ description = lib.mdDoc "XMRig package to use.";
};
settings = mkOption {
@@ -42,9 +42,9 @@ with lib;
]
}
'';
- description = ''
+ description = lib.mdDoc ''
XMRig configuration. Refer to
-
+
for details on supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/zoneminder.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/zoneminder.nix
index a557e742b7c..ab24372037e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/zoneminder.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/zoneminder.nix
@@ -93,7 +93,7 @@ in {
hostname = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
The hostname on which to listen.
'';
};
@@ -101,7 +101,7 @@ in {
port = mkOption {
type = types.int;
default = 8095;
- description = ''
+ description = lib.mdDoc ''
The port on which to listen.
'';
};
@@ -109,7 +109,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open the firewall port(s).
'';
};
@@ -118,7 +118,7 @@ in {
createLocally = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Create the database and database user locally.
'';
};
@@ -126,7 +126,7 @@ in {
host = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Hostname hosting the database.
'';
};
@@ -134,7 +134,7 @@ in {
name = mkOption {
type = types.str;
default = "zm";
- description = ''
+ description = lib.mdDoc ''
Name of database.
'';
};
@@ -142,7 +142,7 @@ in {
username = mkOption {
type = types.str;
default = "zmuser";
- description = ''
+ description = lib.mdDoc ''
Username for accessing the database.
'';
};
@@ -150,9 +150,9 @@ in {
password = mkOption {
type = types.str;
default = "zmpass";
- description = ''
+ description = lib.mdDoc ''
Username for accessing the database.
- Not used if createLocally is set.
+ Not used if `createLocally` is set.
'';
};
};
@@ -160,7 +160,7 @@ in {
cameras = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
Set this to the number of cameras you expect to support.
'';
};
@@ -169,7 +169,7 @@ in {
type = types.nullOr types.str;
default = null;
example = "/storage/tank";
- description = ''
+ description = lib.mdDoc ''
ZoneMinder can generate quite a lot of data, so in case you don't want
to use the default ${defaultDir}, you can override the path here.
'';
@@ -178,7 +178,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Additional configuration added verbatim to the configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/zookeeper.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/zookeeper.nix
index fefbf9a86de..17d4a00f28f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/zookeeper.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/misc/zookeeper.nix
@@ -25,25 +25,25 @@ in {
options.services.zookeeper = {
enable = mkOption {
- description = "Whether to enable Zookeeper.";
+ description = lib.mdDoc "Whether to enable Zookeeper.";
default = false;
type = types.bool;
};
port = mkOption {
- description = "Zookeeper Client port.";
+ description = lib.mdDoc "Zookeeper Client port.";
default = 2181;
type = types.int;
};
id = mkOption {
- description = "Zookeeper ID.";
+ description = lib.mdDoc "Zookeeper ID.";
default = 0;
type = types.int;
};
purgeInterval = mkOption {
- description = ''
+ description = lib.mdDoc ''
The time interval in hours for which the purge task has to be triggered. Set to a positive integer (1 and above) to enable the auto purging.
'';
default = 1;
@@ -51,7 +51,7 @@ in {
};
extraConf = mkOption {
- description = "Extra configuration for Zookeeper.";
+ description = lib.mdDoc "Extra configuration for Zookeeper.";
type = types.lines;
default = ''
initLimit=5
@@ -61,7 +61,7 @@ in {
};
servers = mkOption {
- description = "All Zookeeper Servers.";
+ description = lib.mdDoc "All Zookeeper Servers.";
default = "";
type = types.lines;
example = ''
@@ -72,7 +72,7 @@ in {
};
logging = mkOption {
- description = "Zookeeper logging configuration.";
+ description = lib.mdDoc "Zookeeper logging configuration.";
default = ''
zookeeper.root.logger=INFO, CONSOLE
log4j.rootLogger=INFO, CONSOLE
@@ -87,13 +87,13 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/lib/zookeeper";
- description = ''
+ description = lib.mdDoc ''
Data directory for Zookeeper
'';
};
extraCmdLineOptions = mkOption {
- description = "Extra command line options for the Zookeeper launcher.";
+ description = lib.mdDoc "Extra command line options for the Zookeeper launcher.";
default = [ "-Dcom.sun.management.jmxremote" "-Dcom.sun.management.jmxremote.local.only=true" ];
type = types.listOf types.str;
example = [ "-Djava.net.preferIPv4Stack=true" "-Dcom.sun.management.jmxremote" "-Dcom.sun.management.jmxremote.local.only=true" ];
@@ -102,20 +102,20 @@ in {
preferIPv4 = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Add the -Djava.net.preferIPv4Stack=true flag to the Zookeeper server.
'';
};
package = mkOption {
- description = "The zookeeper package to use";
+ description = lib.mdDoc "The zookeeper package to use";
default = pkgs.zookeeper;
defaultText = literalExpression "pkgs.zookeeper";
type = types.package;
};
jre = mkOption {
- description = "The JRE with which to run Zookeeper";
+ description = lib.mdDoc "The JRE with which to run Zookeeper";
default = cfg.package.jre;
defaultText = literalExpression "pkgs.zookeeper.jre";
example = literalExpression "pkgs.jre";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/alerta.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/alerta.nix
index a73d94001f7..c0caa0dc3be 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/alerta.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/alerta.nix
@@ -26,53 +26,53 @@ in
port = mkOption {
type = types.int;
default = 5000;
- description = "Port of Alerta";
+ description = lib.mdDoc "Port of Alerta";
};
bind = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "Address to bind to. The default is to bind to all addresses";
+ description = lib.mdDoc "Address to bind to. The default is to bind to all addresses";
};
logDir = mkOption {
type = types.path;
- description = "Location where the logfiles are stored";
+ description = lib.mdDoc "Location where the logfiles are stored";
default = "/var/log/alerta";
};
databaseUrl = mkOption {
type = types.str;
- description = "URL of the MongoDB or PostgreSQL database to connect to";
+ description = lib.mdDoc "URL of the MongoDB or PostgreSQL database to connect to";
default = "mongodb://localhost";
};
databaseName = mkOption {
type = types.str;
- description = "Name of the database instance to connect to";
+ description = lib.mdDoc "Name of the database instance to connect to";
default = "monitoring";
};
corsOrigins = mkOption {
type = types.listOf types.str;
- description = "List of URLs that can access the API for Cross-Origin Resource Sharing (CORS)";
+ description = lib.mdDoc "List of URLs that can access the API for Cross-Origin Resource Sharing (CORS)";
default = [ "http://localhost" "http://localhost:5000" ];
};
authenticationRequired = mkOption {
type = types.bool;
- description = "Whether users must authenticate when using the web UI or command-line tool";
+ description = lib.mdDoc "Whether users must authenticate when using the web UI or command-line tool";
default = false;
};
signupEnabled = mkOption {
type = types.bool;
- description = "Whether to prevent sign-up of new users via the web UI";
+ description = lib.mdDoc "Whether to prevent sign-up of new users via the web UI";
default = true;
};
extraConfig = mkOption {
- description = "These lines go into alertad.conf verbatim.";
+ description = lib.mdDoc "These lines go into alertad.conf verbatim.";
default = "";
type = types.lines;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/apcupsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/apcupsd.nix
index 1dccbc93edf..d4216b44cdc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/apcupsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/apcupsd.nix
@@ -75,7 +75,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the APC UPS daemon. apcupsd monitors your UPS and
permits orderly shutdown of your computer in the event of a power
failure. User manual: http://www.apcupsd.com/manual/manual.html.
@@ -92,7 +92,7 @@ in
MINUTES 5
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Contents of the runtime configuration file, apcupsd.conf. The default
settings makes apcupsd autodetect USB UPSes, limit network access to
localhost and shutdown the system when the battery level is below 50
@@ -107,7 +107,7 @@ in
doshutdown = "# shell commands to notify that the computer is shutting down";
};
type = types.attrsOf types.lines;
- description = ''
+ description = lib.mdDoc ''
Each attribute in this option names an apcupsd event and the string
value it contains will be executed in a shell, in response to that
event (prior to the default action). See "man apccontrol" for the
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/arbtt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/arbtt.nix
index 94eead220ae..8bf4f78cc72 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/arbtt.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/arbtt.nix
@@ -10,7 +10,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the arbtt statistics capture service.
'';
};
@@ -19,7 +19,7 @@ in {
type = types.package;
default = pkgs.haskellPackages.arbtt;
defaultText = literalExpression "pkgs.haskellPackages.arbtt";
- description = ''
+ description = lib.mdDoc ''
The package to use for the arbtt binaries.
'';
};
@@ -28,7 +28,7 @@ in {
type = types.str;
default = "%h/.arbtt/capture.log";
example = "/home/username/.arbtt-capture.log";
- description = ''
+ description = lib.mdDoc ''
The log file for captured samples.
'';
};
@@ -37,7 +37,7 @@ in {
type = types.int;
default = 60;
example = 120;
- description = ''
+ description = lib.mdDoc ''
The sampling interval in seconds.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/bosun.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/bosun.nix
index 4b278b9c200..27966e089eb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/bosun.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/bosun.nix
@@ -25,7 +25,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run bosun.
'';
};
@@ -34,7 +34,7 @@ in {
type = types.package;
default = pkgs.bosun;
defaultText = literalExpression "pkgs.bosun";
- description = ''
+ description = lib.mdDoc ''
bosun binary to use.
'';
};
@@ -42,7 +42,7 @@ in {
user = mkOption {
type = types.str;
default = "bosun";
- description = ''
+ description = lib.mdDoc ''
User account under which bosun runs.
'';
};
@@ -50,7 +50,7 @@ in {
group = mkOption {
type = types.str;
default = "bosun";
- description = ''
+ description = lib.mdDoc ''
Group account under which bosun runs.
'';
};
@@ -58,7 +58,7 @@ in {
opentsdbHost = mkOption {
type = types.nullOr types.str;
default = "localhost:4242";
- description = ''
+ description = lib.mdDoc ''
Host and port of the OpenTSDB database that stores bosun data.
To disable opentsdb you can pass null as parameter.
'';
@@ -68,7 +68,7 @@ in {
type = types.nullOr types.str;
default = null;
example = "localhost:8086";
- description = ''
+ description = lib.mdDoc ''
Host and port of the influxdb database.
'';
};
@@ -76,7 +76,7 @@ in {
listenAddress = mkOption {
type = types.str;
default = ":8070";
- description = ''
+ description = lib.mdDoc ''
The host address and port that bosun's web interface will listen on.
'';
};
@@ -84,7 +84,7 @@ in {
stateFile = mkOption {
type = types.path;
default = "/var/lib/bosun/bosun.state";
- description = ''
+ description = lib.mdDoc ''
Path to bosun's state file.
'';
};
@@ -92,7 +92,7 @@ in {
ledisDir = mkOption {
type = types.path;
default = "/var/lib/bosun/ledis_data";
- description = ''
+ description = lib.mdDoc ''
Path to bosun's ledis data dir
'';
};
@@ -100,7 +100,7 @@ in {
checkFrequency = mkOption {
type = types.str;
default = "5m";
- description = ''
+ description = lib.mdDoc ''
Bosun's check frequency
'';
};
@@ -108,7 +108,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration options for Bosun. You should describe your
desired templates, alerts, macros, etc through this configuration
option.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/cadvisor.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/cadvisor.nix
index dfbf07efcae..c844b1599dd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/cadvisor.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/cadvisor.nix
@@ -11,56 +11,56 @@ in {
enable = mkOption {
default = false;
type = types.bool;
- description = "Whether to enable cadvisor service.";
+ description = lib.mdDoc "Whether to enable cadvisor service.";
};
listenAddress = mkOption {
default = "127.0.0.1";
type = types.str;
- description = "Cadvisor listening host";
+ description = lib.mdDoc "Cadvisor listening host";
};
port = mkOption {
default = 8080;
type = types.int;
- description = "Cadvisor listening port";
+ description = lib.mdDoc "Cadvisor listening port";
};
storageDriver = mkOption {
default = null;
type = types.nullOr types.str;
example = "influxdb";
- description = "Cadvisor storage driver.";
+ description = lib.mdDoc "Cadvisor storage driver.";
};
storageDriverHost = mkOption {
default = "localhost:8086";
type = types.str;
- description = "Cadvisor storage driver host.";
+ description = lib.mdDoc "Cadvisor storage driver host.";
};
storageDriverDb = mkOption {
default = "root";
type = types.str;
- description = "Cadvisord storage driver database name.";
+ description = lib.mdDoc "Cadvisord storage driver database name.";
};
storageDriverUser = mkOption {
default = "root";
type = types.str;
- description = "Cadvisor storage driver username.";
+ description = lib.mdDoc "Cadvisor storage driver username.";
};
storageDriverPassword = mkOption {
default = "root";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Cadvisor storage driver password.
Warning: this password is stored in the world-readable Nix store. It's
- recommended to use the option
+ recommended to use the {option}`storageDriverPasswordFile` option
since that gives you control over the security of the password.
- also takes precedence over .
+ {option}`storageDriverPasswordFile` also takes precedence over {option}`storageDriverPassword`.
'';
};
@@ -82,7 +82,7 @@ in {
storageDriverSecure = mkOption {
default = false;
type = types.bool;
- description = "Cadvisor storage driver, enable secure communication.";
+ description = lib.mdDoc "Cadvisor storage driver, enable secure communication.";
};
extraOptions = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/collectd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/collectd.nix
index 1b9af585756..5c62d509511 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/collectd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/collectd.nix
@@ -33,7 +33,7 @@ in {
validateConfig = mkOption {
default = true;
- description = ''
+ description = lib.mdDoc ''
Validate the syntax of collectd configuration file at build time.
Disable this if you use the Include directive on files unavailable in
the build sandbox, or when cross-compiling.
@@ -44,7 +44,7 @@ in {
package = mkOption {
default = pkgs.collectd;
defaultText = literalExpression "pkgs.collectd";
- description = ''
+ description = lib.mdDoc ''
Which collectd package to use.
'';
type = types.package;
@@ -60,7 +60,7 @@ in {
user = mkOption {
default = "collectd";
- description = ''
+ description = lib.mdDoc ''
User under which to run collectd.
'';
type = nullOr str;
@@ -68,7 +68,7 @@ in {
dataDir = mkOption {
default = "/var/lib/collectd";
- description = ''
+ description = lib.mdDoc ''
Data directory for collectd agent.
'';
type = path;
@@ -76,7 +76,7 @@ in {
autoLoadPlugin = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable plugin autoloading.
'';
type = bool;
@@ -84,7 +84,7 @@ in {
include = mkOption {
default = [];
- description = ''
+ description = lib.mdDoc ''
Additional paths to load config from.
'';
type = listOf str;
@@ -93,7 +93,7 @@ in {
plugins = mkOption {
default = {};
example = { cpu = ""; memory = ""; network = "Server 192.168.1.1 25826"; };
- description = ''
+ description = lib.mdDoc ''
Attribute set of plugin names to plugin config segments
'';
type = attrsOf lines;
@@ -101,7 +101,7 @@ in {
extraConfig = mkOption {
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration for collectd. Use mkBefore to add lines before the
default config, and mkAfter to add them below.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/datadog-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/datadog-agent.nix
index 6d9d1ef973a..9b984fafc12 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/datadog-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/datadog-agent.nix
@@ -50,7 +50,7 @@ let
in {
options.services.datadog-agent = {
enable = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to enable the datadog-agent v7 monitoring service
'';
default = false;
@@ -70,7 +70,7 @@ in {
};
apiKeyFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Path to a file containing the Datadog API key to associate the
agent with your account.
'';
@@ -79,7 +79,7 @@ in {
};
ddUrl = mkOption {
- description = ''
+ description = lib.mdDoc ''
Custom dd_url to configure the agent with. Useful if traffic to datadog
needs to go through a proxy.
Don't use this to point to another datadog site (EU) - use site instead.
@@ -90,7 +90,7 @@ in {
};
site = mkOption {
- description = ''
+ description = lib.mdDoc ''
The datadog site to point the agent towards.
Set to datadoghq.eu to point it to their EU site.
'';
@@ -100,21 +100,21 @@ in {
};
tags = mkOption {
- description = "The tags to mark this Datadog agent";
+ description = lib.mdDoc "The tags to mark this Datadog agent";
example = [ "test" "service" ];
default = null;
type = types.nullOr (types.listOf types.str);
};
hostname = mkOption {
- description = "The hostname to show in the Datadog dashboard (optional)";
+ description = lib.mdDoc "The hostname to show in the Datadog dashboard (optional)";
default = null;
example = "mymachine.mydomain";
type = types.nullOr types.str;
};
logLevel = mkOption {
- description = "Logging verbosity.";
+ description = lib.mdDoc "Logging verbosity.";
default = null;
type = types.nullOr (types.enum ["DEBUG" "INFO" "WARN" "ERROR"]);
};
@@ -123,7 +123,7 @@ in {
default = {};
type = types.attrs;
- description = ''
+ description = lib.mdDoc ''
Extra integrations from the Datadog core-integrations
repository that should be built and included.
@@ -145,14 +145,14 @@ in {
extraConfig = mkOption {
default = {};
type = types.attrs;
- description = ''
+ description = lib.mdDoc ''
Extra configuration options that will be merged into the
- main config file datadog.yaml.
+ main config file {file}`datadog.yaml`.
'';
};
enableLiveProcessCollection = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to enable the live process collection agent.
'';
default = false;
@@ -160,7 +160,7 @@ in {
};
enableTraceAgent = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to enable the trace agent.
'';
default = false;
@@ -207,7 +207,7 @@ in {
};
diskCheck = mkOption {
- description = "Disk check config";
+ description = lib.mdDoc "Disk check config";
type = types.attrs;
default = {
init_config = {};
@@ -216,7 +216,7 @@ in {
};
networkCheck = mkOption {
- description = "Network check config";
+ description = lib.mdDoc "Network check config";
type = types.attrs;
default = {
init_config = {};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/dd-agent/dd-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/dd-agent/dd-agent.nix
index a290dae8d4b..8c0070c4853 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/dd-agent/dd-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/dd-agent/dd-agent.nix
@@ -112,68 +112,68 @@ let
in {
options.services.dd-agent = {
enable = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to enable the dd-agent v5 monitoring service.
- For datadog-agent v6, see .
+ For datadog-agent v6, see {option}`services.datadog-agent.enable`.
'';
default = false;
type = types.bool;
};
api_key = mkOption {
- description = ''
+ description = lib.mdDoc ''
The Datadog API key to associate the agent with your account.
Warning: this key is stored in cleartext within the world-readable
Nix store! Consider using the new v6
- module instead.
+ {option}`services.datadog-agent` module instead.
'';
example = "ae0aa6a8f08efa988ba0a17578f009ab";
type = types.str;
};
tags = mkOption {
- description = "The tags to mark this Datadog agent";
+ description = lib.mdDoc "The tags to mark this Datadog agent";
example = [ "test" "service" ];
default = null;
type = types.nullOr (types.listOf types.str);
};
hostname = mkOption {
- description = "The hostname to show in the Datadog dashboard (optional)";
+ description = lib.mdDoc "The hostname to show in the Datadog dashboard (optional)";
default = null;
example = "mymachine.mydomain";
type = types.nullOr types.str;
};
postgresqlConfig = mkOption {
- description = "Datadog PostgreSQL integration configuration";
+ description = lib.mdDoc "Datadog PostgreSQL integration configuration";
default = null;
type = types.nullOr types.lines;
};
nginxConfig = mkOption {
- description = "Datadog nginx integration configuration";
+ description = lib.mdDoc "Datadog nginx integration configuration";
default = null;
type = types.nullOr types.lines;
};
mongoConfig = mkOption {
- description = "MongoDB integration configuration";
+ description = lib.mdDoc "MongoDB integration configuration";
default = null;
type = types.nullOr types.lines;
};
jmxConfig = mkOption {
- description = "JMX integration configuration";
+ description = lib.mdDoc "JMX integration configuration";
default = null;
type = types.nullOr types.lines;
};
processConfig = mkOption {
- description = ''
+ description = lib.mdDoc ''
Process integration configuration
- See
+ See
'';
default = null;
type = types.nullOr types.lines;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/fusion-inventory.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/fusion-inventory.nix
index 9b65c76ce02..6b440e9fa45 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/fusion-inventory.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/fusion-inventory.nix
@@ -26,7 +26,7 @@ in {
servers = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The urls of the OCS/GLPI servers to connect to.
'';
};
@@ -34,7 +34,7 @@ in {
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Configuration that is injected verbatim into the configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-agent.nix
index bbeda184647..8190f44c72f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-agent.nix
@@ -17,11 +17,11 @@ in
type = types.package;
default = pkgs.grafana-agent;
defaultText = "pkgs.grafana-agent";
- description = "The grafana-agent package to use.";
+ description = lib.mdDoc "The grafana-agent package to use.";
};
credentials = mkOption {
- description = ''
+ description = lib.mdDoc ''
Credentials to load at service startup. Keys that are UPPER_SNAKE will be loaded as env vars. Values are absolute paths to the credentials.
'';
type = types.attrsOf types.str;
@@ -48,9 +48,10 @@ in
freeformType = settingsFormat.type;
};
- default = {
+ default = { };
+ defaultText = ''
metrics = {
- wal_directory = "\${STATE_DIRECTORY}";
+ wal_directory = "\''${STATE_DIRECTORY}";
global.scrape_interval = "5s";
};
integrations = {
@@ -59,8 +60,7 @@ in
node_exporter.enabled = true;
replace_instance_label = true;
};
- };
-
+ '';
example = {
metrics.global.remote_write = [{
url = "\${METRICS_REMOTE_WRITE_URL}";
@@ -104,6 +104,20 @@ in
};
config = mkIf cfg.enable {
+ services.grafana-agent.settings = {
+ # keep this in sync with config.services.grafana-agent.settings.defaultText.
+ metrics = {
+ wal_directory = mkDefault "\${STATE_DIRECTORY}";
+ global.scrape_interval = mkDefault "5s";
+ };
+ integrations = {
+ agent.enabled = mkDefault true;
+ agent.scrape_integration = mkDefault true;
+ node_exporter.enabled = mkDefault true;
+ replace_instance_label = mkDefault true;
+ };
+ };
+
systemd.services.grafana-agent = {
wantedBy = [ "multi-user.target" ];
script = ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-image-renderer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-image-renderer.nix
index b8b95d846c6..97488f2653a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-image-renderer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-image-renderer.nix
@@ -14,7 +14,7 @@ in {
chromium = mkOption {
type = types.package;
- description = ''
+ description = lib.mdDoc ''
The chromium to use for image rendering.
'';
};
@@ -32,15 +32,15 @@ in {
port = mkOption {
type = types.port;
default = 8081;
- description = ''
+ description = lib.mdDoc ''
The TCP port to use for the rendering server.
'';
};
logging.level = mkOption {
type = types.enum [ "error" "warning" "info" "debug" ];
default = "info";
- description = ''
- The log-level of the grafana-image-renderer.service-unit.
+ description = lib.mdDoc ''
+ The log-level of the {file}`grafana-image-renderer.service`-unit.
'';
};
};
@@ -48,14 +48,14 @@ in {
width = mkOption {
default = 1000;
type = types.ints.positive;
- description = ''
+ description = lib.mdDoc ''
Width of the PNG used to display the alerting graph.
'';
};
height = mkOption {
default = 500;
type = types.ints.positive;
- description = ''
+ description = lib.mdDoc ''
Height of the PNG used to display the alerting graph.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-reporter.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-reporter.nix
index e40d78f538f..7a27b5cbce3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-reporter.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana-reporter.nix
@@ -11,36 +11,36 @@ in {
grafana = {
protocol = mkOption {
- description = "Grafana protocol.";
+ description = lib.mdDoc "Grafana protocol.";
default = "http";
type = types.enum ["http" "https"];
};
addr = mkOption {
- description = "Grafana address.";
+ description = lib.mdDoc "Grafana address.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
- description = "Grafana port.";
+ description = lib.mdDoc "Grafana port.";
default = 3000;
type = types.int;
};
};
addr = mkOption {
- description = "Listening address.";
+ description = lib.mdDoc "Listening address.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
- description = "Listening port.";
+ description = lib.mdDoc "Listening port.";
default = 8686;
type = types.int;
};
templateDir = mkOption {
- description = "Optional template directory to use custom tex templates";
+ description = lib.mdDoc "Optional template directory to use custom tex templates";
default = pkgs.grafana_reporter;
defaultText = literalExpression "pkgs.grafana_reporter";
type = types.either types.str types.path;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana.nix
index 68b4796f4f4..456fe92eea3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/grafana.nix
@@ -108,90 +108,90 @@ let
options = {
name = mkOption {
type = types.str;
- description = "Name of the datasource. Required.";
+ description = lib.mdDoc "Name of the datasource. Required.";
};
type = mkOption {
type = types.str;
- description = "Datasource type. Required.";
+ description = lib.mdDoc "Datasource type. Required.";
};
access = mkOption {
type = types.enum ["proxy" "direct"];
default = "proxy";
- description = "Access mode. proxy or direct (Server or Browser in the UI). Required.";
+ description = lib.mdDoc "Access mode. proxy or direct (Server or Browser in the UI). Required.";
};
orgId = mkOption {
type = types.int;
default = 1;
- description = "Org id. will default to orgId 1 if not specified.";
+ description = lib.mdDoc "Org id. will default to orgId 1 if not specified.";
};
uid = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Custom UID which can be used to reference this datasource in other parts of the configuration, if not specified will be generated automatically.";
+ description = lib.mdDoc "Custom UID which can be used to reference this datasource in other parts of the configuration, if not specified will be generated automatically.";
};
url = mkOption {
type = types.str;
- description = "Url of the datasource.";
+ description = lib.mdDoc "Url of the datasource.";
};
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Database password, if used.";
+ description = lib.mdDoc "Database password, if used.";
};
user = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Database user, if used.";
+ description = lib.mdDoc "Database user, if used.";
};
database = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Database name, if used.";
+ description = lib.mdDoc "Database name, if used.";
};
basicAuth = mkOption {
type = types.nullOr types.bool;
default = null;
- description = "Enable/disable basic auth.";
+ description = lib.mdDoc "Enable/disable basic auth.";
};
basicAuthUser = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Basic auth username.";
+ description = lib.mdDoc "Basic auth username.";
};
basicAuthPassword = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Basic auth password.";
+ description = lib.mdDoc "Basic auth password.";
};
withCredentials = mkOption {
type = types.bool;
default = false;
- description = "Enable/disable with credentials headers.";
+ description = lib.mdDoc "Enable/disable with credentials headers.";
};
isDefault = mkOption {
type = types.bool;
default = false;
- description = "Mark as default datasource. Max one per org.";
+ description = lib.mdDoc "Mark as default datasource. Max one per org.";
};
jsonData = mkOption {
type = types.nullOr types.attrs;
default = null;
- description = "Datasource specific configuration.";
+ description = lib.mdDoc "Datasource specific configuration.";
};
secureJsonData = mkOption {
type = types.nullOr types.attrs;
default = null;
- description = "Datasource specific secure configuration.";
+ description = lib.mdDoc "Datasource specific secure configuration.";
};
version = mkOption {
type = types.int;
default = 1;
- description = "Version.";
+ description = lib.mdDoc "Version.";
};
editable = mkOption {
type = types.bool;
default = false;
- description = "Allow users to edit datasources from the UI.";
+ description = lib.mdDoc "Allow users to edit datasources from the UI.";
};
};
};
@@ -202,42 +202,42 @@ let
name = mkOption {
type = types.str;
default = "default";
- description = "Provider name.";
+ description = lib.mdDoc "Provider name.";
};
orgId = mkOption {
type = types.int;
default = 1;
- description = "Organization ID.";
+ description = lib.mdDoc "Organization ID.";
};
folder = mkOption {
type = types.str;
default = "";
- description = "Add dashboards to the specified folder.";
+ description = lib.mdDoc "Add dashboards to the specified folder.";
};
type = mkOption {
type = types.str;
default = "file";
- description = "Dashboard provider type.";
+ description = lib.mdDoc "Dashboard provider type.";
};
disableDeletion = mkOption {
type = types.bool;
default = false;
- description = "Disable deletion when JSON file is removed.";
+ description = lib.mdDoc "Disable deletion when JSON file is removed.";
};
updateIntervalSeconds = mkOption {
type = types.int;
default = 10;
- description = "How often Grafana will scan for changed dashboards.";
+ description = lib.mdDoc "How often Grafana will scan for changed dashboards.";
};
options = {
path = mkOption {
type = types.path;
- description = "Path grafana will watch for dashboards.";
+ description = lib.mdDoc "Path grafana will watch for dashboards.";
};
foldersFromFilesStructure = mkOption {
type = types.bool;
default = false;
- description = "Use folder names from filesystem to create folders in Grafana.";
+ description = lib.mdDoc "Use folder names from filesystem to create folders in Grafana.";
};
};
};
@@ -248,55 +248,55 @@ let
name = mkOption {
type = types.str;
default = "default";
- description = "Notifier name.";
+ description = lib.mdDoc "Notifier name.";
};
type = mkOption {
type = types.enum ["dingding" "discord" "email" "googlechat" "hipchat" "kafka" "line" "teams" "opsgenie" "pagerduty" "prometheus-alertmanager" "pushover" "sensu" "sensugo" "slack" "telegram" "threema" "victorops" "webhook"];
- description = "Notifier type.";
+ description = lib.mdDoc "Notifier type.";
};
uid = mkOption {
type = types.str;
- description = "Unique notifier identifier.";
+ description = lib.mdDoc "Unique notifier identifier.";
};
org_id = mkOption {
type = types.int;
default = 1;
- description = "Organization ID.";
+ description = lib.mdDoc "Organization ID.";
};
org_name = mkOption {
type = types.str;
default = "Main Org.";
- description = "Organization name.";
+ description = lib.mdDoc "Organization name.";
};
is_default = mkOption {
type = types.bool;
- description = "Is the default notifier.";
+ description = lib.mdDoc "Is the default notifier.";
default = false;
};
send_reminder = mkOption {
type = types.bool;
default = true;
- description = "Should the notifier be sent reminder notifications while alerts continue to fire.";
+ description = lib.mdDoc "Should the notifier be sent reminder notifications while alerts continue to fire.";
};
frequency = mkOption {
type = types.str;
default = "5m";
- description = "How frequently should the notifier be sent reminders.";
+ description = lib.mdDoc "How frequently should the notifier be sent reminders.";
};
disable_resolve_message = mkOption {
type = types.bool;
default = false;
- description = "Turn off the message that sends when an alert returns to OK.";
+ description = lib.mdDoc "Turn off the message that sends when an alert returns to OK.";
};
settings = mkOption {
type = types.nullOr types.attrs;
default = null;
- description = "Settings for the notifier type.";
+ description = lib.mdDoc "Settings for the notifier type.";
};
secure_settings = mkOption {
type = types.nullOr types.attrs;
default = null;
- description = "Secure settings for the notifier type.";
+ description = lib.mdDoc "Secure settings for the notifier type.";
};
};
};
@@ -305,62 +305,62 @@ in {
enable = mkEnableOption "grafana";
protocol = mkOption {
- description = "Which protocol to listen.";
+ description = lib.mdDoc "Which protocol to listen.";
default = "http";
type = types.enum ["http" "https" "socket"];
};
addr = mkOption {
- description = "Listening address.";
+ description = lib.mdDoc "Listening address.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
- description = "Listening port.";
+ description = lib.mdDoc "Listening port.";
default = 3000;
type = types.port;
};
socket = mkOption {
- description = "Listening socket.";
+ description = lib.mdDoc "Listening socket.";
default = "/run/grafana/grafana.sock";
type = types.str;
};
domain = mkOption {
- description = "The public facing domain name used to access grafana from a browser.";
+ description = lib.mdDoc "The public facing domain name used to access grafana from a browser.";
default = "localhost";
type = types.str;
};
rootUrl = mkOption {
- description = "Full public facing url.";
+ description = lib.mdDoc "Full public facing url.";
default = "%(protocol)s://%(domain)s:%(http_port)s/";
type = types.str;
};
certFile = mkOption {
- description = "Cert file for ssl.";
+ description = lib.mdDoc "Cert file for ssl.";
default = "";
type = types.str;
};
certKey = mkOption {
- description = "Cert key for ssl.";
+ description = lib.mdDoc "Cert key for ssl.";
default = "";
type = types.str;
};
staticRootPath = mkOption {
- description = "Root path for static assets.";
+ description = lib.mdDoc "Root path for static assets.";
default = "${cfg.package}/share/grafana/public";
defaultText = literalExpression ''"''${package}/share/grafana/public"'';
type = types.str;
};
package = mkOption {
- description = "Package to use.";
+ description = lib.mdDoc "Package to use.";
default = pkgs.grafana;
defaultText = literalExpression "pkgs.grafana";
type = types.package;
@@ -369,7 +369,7 @@ in {
declarativePlugins = mkOption {
type = with types; nullOr (listOf path);
default = null;
- description = "If non-null, then a list of packages containing Grafana plugins to install. If set, plugins cannot be manually installed.";
+ description = lib.mdDoc "If non-null, then a list of packages containing Grafana plugins to install. If set, plugins cannot be manually installed.";
example = literalExpression "with pkgs.grafanaPlugins; [ grafana-piechart-panel ]";
# Make sure each plugin is added only once; otherwise building
# the link farm fails, since the same path is added multiple
@@ -378,38 +378,38 @@ in {
};
dataDir = mkOption {
- description = "Data directory.";
+ description = lib.mdDoc "Data directory.";
default = "/var/lib/grafana";
type = types.path;
};
database = {
type = mkOption {
- description = "Database type.";
+ description = lib.mdDoc "Database type.";
default = "sqlite3";
type = types.enum ["mysql" "sqlite3" "postgres"];
};
host = mkOption {
- description = "Database host.";
+ description = lib.mdDoc "Database host.";
default = "127.0.0.1:3306";
type = types.str;
};
name = mkOption {
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
default = "grafana";
type = types.str;
};
user = mkOption {
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
default = "root";
type = types.str;
};
password = mkOption {
- description = ''
+ description = lib.mdDoc ''
Database password.
This option is mutual exclusive with the passwordFile option.
'';
@@ -418,7 +418,7 @@ in {
};
passwordFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
File that containts the database password.
This option is mutual exclusive with the password option.
'';
@@ -427,14 +427,14 @@ in {
};
path = mkOption {
- description = "Database path.";
+ description = lib.mdDoc "Database path.";
default = "${cfg.dataDir}/data/grafana.db";
defaultText = literalExpression ''"''${config.${opt.dataDir}}/data/grafana.db"'';
type = types.path;
};
connMaxLifetime = mkOption {
- description = ''
+ description = lib.mdDoc ''
Sets the maximum amount of time (in seconds) a connection may be reused.
For MySQL this setting should be shorter than the `wait_timeout' variable.
'';
@@ -447,19 +447,19 @@ in {
provision = {
enable = mkEnableOption "provision";
datasources = mkOption {
- description = "Grafana datasources configuration.";
+ description = lib.mdDoc "Grafana datasources configuration.";
default = [];
type = types.listOf grafanaTypes.datasourceConfig;
apply = x: map _filter x;
};
dashboards = mkOption {
- description = "Grafana dashboard configuration.";
+ description = lib.mdDoc "Grafana dashboard configuration.";
default = [];
type = types.listOf grafanaTypes.dashboardConfig;
apply = x: map _filter x;
};
notifiers = mkOption {
- description = "Grafana notifier configuration.";
+ description = lib.mdDoc "Grafana notifier configuration.";
default = [];
type = types.listOf grafanaTypes.notifierConfig;
apply = x: map _filter x;
@@ -468,13 +468,13 @@ in {
security = {
adminUser = mkOption {
- description = "Default admin username.";
+ description = lib.mdDoc "Default admin username.";
default = "admin";
type = types.str;
};
adminPassword = mkOption {
- description = ''
+ description = lib.mdDoc ''
Default admin password.
This option is mutual exclusive with the adminPasswordFile option.
'';
@@ -483,22 +483,22 @@ in {
};
adminPasswordFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Default admin password.
- This option is mutual exclusive with the adminPassword option.
+ This option is mutual exclusive with the `adminPassword` option.
'';
default = null;
type = types.nullOr types.path;
};
secretKey = mkOption {
- description = "Secret key used for signing.";
+ description = lib.mdDoc "Secret key used for signing.";
default = "SW2YcwTIb9zpOOhoPsMm";
type = types.str;
};
secretKeyFile = mkOption {
- description = "Secret key used for signing.";
+ description = lib.mdDoc "Secret key used for signing.";
default = null;
type = types.nullOr types.path;
};
@@ -506,7 +506,7 @@ in {
server = {
serveFromSubPath = mkOption {
- description = "Serve Grafana from subpath specified in rootUrl setting";
+ description = lib.mdDoc "Serve Grafana from subpath specified in rootUrl setting";
default = false;
type = types.bool;
};
@@ -515,17 +515,17 @@ in {
smtp = {
enable = mkEnableOption "smtp";
host = mkOption {
- description = "Host to connect to.";
+ description = lib.mdDoc "Host to connect to.";
default = "localhost:25";
type = types.str;
};
user = mkOption {
- description = "User used for authentication.";
+ description = lib.mdDoc "User used for authentication.";
default = "";
type = types.str;
};
password = mkOption {
- description = ''
+ description = lib.mdDoc ''
Password used for authentication.
This option is mutual exclusive with the passwordFile option.
'';
@@ -533,7 +533,7 @@ in {
type = types.str;
};
passwordFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Password used for authentication.
This option is mutual exclusive with the password option.
'';
@@ -541,7 +541,7 @@ in {
type = types.nullOr types.path;
};
fromAddress = mkOption {
- description = "Email address used for sending.";
+ description = lib.mdDoc "Email address used for sending.";
default = "admin@grafana.localhost";
type = types.str;
};
@@ -549,25 +549,25 @@ in {
users = {
allowSignUp = mkOption {
- description = "Disable user signup / registration.";
+ description = lib.mdDoc "Disable user signup / registration.";
default = false;
type = types.bool;
};
allowOrgCreate = mkOption {
- description = "Whether user is allowed to create organizations.";
+ description = lib.mdDoc "Whether user is allowed to create organizations.";
default = false;
type = types.bool;
};
autoAssignOrg = mkOption {
- description = "Whether to automatically assign new users to default org.";
+ description = lib.mdDoc "Whether to automatically assign new users to default org.";
default = true;
type = types.bool;
};
autoAssignOrgRole = mkOption {
- description = "Default role new users will be auto assigned.";
+ description = lib.mdDoc "Default role new users will be auto assigned.";
default = "Viewer";
type = types.enum ["Viewer" "Editor"];
};
@@ -575,51 +575,51 @@ in {
auth = {
disableLoginForm = mkOption {
- description = "Set to true to disable (hide) the login form, useful if you use OAuth";
+ description = lib.mdDoc "Set to true to disable (hide) the login form, useful if you use OAuth";
default = false;
type = types.bool;
};
anonymous = {
enable = mkOption {
- description = "Whether to allow anonymous access.";
+ description = lib.mdDoc "Whether to allow anonymous access.";
default = false;
type = types.bool;
};
org_name = mkOption {
- description = "Which organization to allow anonymous access to.";
+ description = lib.mdDoc "Which organization to allow anonymous access to.";
default = "Main Org.";
type = types.str;
};
org_role = mkOption {
- description = "Which role anonymous users have in the organization.";
+ description = lib.mdDoc "Which role anonymous users have in the organization.";
default = "Viewer";
type = types.str;
};
};
azuread = {
enable = mkOption {
- description = "Whether to allow Azure AD OAuth.";
+ description = lib.mdDoc "Whether to allow Azure AD OAuth.";
default = false;
type = types.bool;
};
allowSignUp = mkOption {
- description = "Whether to allow sign up with Azure AD OAuth.";
+ description = lib.mdDoc "Whether to allow sign up with Azure AD OAuth.";
default = false;
type = types.bool;
};
clientId = mkOption {
- description = "Azure AD OAuth client ID.";
+ description = lib.mdDoc "Azure AD OAuth client ID.";
default = "";
type = types.str;
};
clientSecretFile = mkOption {
- description = "Azure AD OAuth client secret.";
+ description = lib.mdDoc "Azure AD OAuth client secret.";
default = null;
type = types.nullOr types.path;
};
tenantId = mkOption {
- description = ''
+ description = lib.mdDoc ''
Tenant id used to create auth and token url. Default to "common"
, let user sign in with any tenant.
'';
@@ -627,7 +627,7 @@ in {
type = types.str;
};
allowedDomains = mkOption {
- description = ''
+ description = lib.mdDoc ''
To limit access to authenticated users who are members of one or more groups,
set allowedGroups to a comma- or space-separated list of group object IDs.
You can find object IDs for a specific group on the Azure portal.
@@ -636,7 +636,7 @@ in {
type = types.str;
};
allowedGroups = mkOption {
- description = ''
+ description = lib.mdDoc ''
Limits access to users who belong to specific domains.
Separate domains with space or comma.
'';
@@ -646,22 +646,22 @@ in {
};
google = {
enable = mkOption {
- description = "Whether to allow Google OAuth2.";
+ description = lib.mdDoc "Whether to allow Google OAuth2.";
default = false;
type = types.bool;
};
allowSignUp = mkOption {
- description = "Whether to allow sign up with Google OAuth2.";
+ description = lib.mdDoc "Whether to allow sign up with Google OAuth2.";
default = false;
type = types.bool;
};
clientId = mkOption {
- description = "Google OAuth2 client ID.";
+ description = lib.mdDoc "Google OAuth2 client ID.";
default = "";
type = types.str;
};
clientSecretFile = mkOption {
- description = "Google OAuth2 client secret.";
+ description = lib.mdDoc "Google OAuth2 client secret.";
default = null;
type = types.nullOr types.path;
};
@@ -670,16 +670,16 @@ in {
analytics.reporting = {
enable = mkOption {
- description = "Whether to allow anonymous usage reporting to stats.grafana.net.";
+ description = lib.mdDoc "Whether to allow anonymous usage reporting to stats.grafana.net.";
default = true;
type = types.bool;
};
};
extraOptions = mkOption {
- description = ''
+ description = lib.mdDoc ''
Extra configuration options passed as env variables as specified in
- documentation,
+ [documentation](http://docs.grafana.org/installation/configuration/),
but without GF_ prefix
'';
default = {};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/graphite.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/graphite.nix
index baa943302a0..73b509202df 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/graphite.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/graphite.nix
@@ -24,16 +24,6 @@ let
+ cfg.web.extraConfig
);
- graphiteApiConfig = pkgs.writeText "graphite-api.yaml" ''
- search_index: ${dataDir}/index
- ${optionalString (config.time.timeZone != null) "time_zone: ${config.time.timeZone}"}
- ${optionalString (cfg.api.finders != []) "finders:"}
- ${concatMapStringsSep "\n" (f: " - " + f.moduleName) cfg.api.finders}
- ${optionalString (cfg.api.functions != []) "functions:"}
- ${concatMapStringsSep "\n" (f: " - " + f) cfg.api.functions}
- ${cfg.api.extraConfig}
- '';
-
seyrenConfig = {
SEYREN_URL = cfg.seyren.seyrenUrl;
MONGO_URL = cfg.seyren.mongoUrl;
@@ -72,6 +62,8 @@ let
in {
imports = [
+ (mkRemovedOptionModule ["services" "graphite" "api"] "")
+ (mkRemovedOptionModule ["services" "graphite" "beacon"] "")
(mkRemovedOptionModule ["services" "graphite" "pager"] "")
];
@@ -81,26 +73,26 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/db/graphite";
- description = ''
+ description = lib.mdDoc ''
Data directory for graphite.
'';
};
web = {
enable = mkOption {
- description = "Whether to enable graphite web frontend.";
+ description = lib.mdDoc "Whether to enable graphite web frontend.";
default = false;
type = types.bool;
};
listenAddress = mkOption {
- description = "Graphite web frontend listen address.";
+ description = lib.mdDoc "Graphite web frontend listen address.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
- description = "Graphite web frontend port.";
+ description = lib.mdDoc "Graphite web frontend port.";
default = 8080;
type = types.int;
};
@@ -108,98 +100,16 @@ in {
extraConfig = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Graphite webapp settings. See:
-
+
'';
};
};
- api = {
- enable = mkOption {
- description = ''
- Whether to enable graphite api. Graphite api is lightweight alternative
- to graphite web, with api and without dashboard. It's advised to use
- grafana as alternative dashboard and influxdb as alternative to
- graphite carbon.
-
- For more information visit
-
- '';
- default = false;
- type = types.bool;
- };
-
- finders = mkOption {
- description = "List of finder plugins to load.";
- default = [];
- example = literalExpression "[ pkgs.python3Packages.influxgraph ]";
- type = types.listOf types.package;
- };
-
- functions = mkOption {
- description = "List of functions to load.";
- default = [
- "graphite_api.functions.SeriesFunctions"
- "graphite_api.functions.PieFunctions"
- ];
- type = types.listOf types.str;
- };
-
- listenAddress = mkOption {
- description = "Graphite web service listen address.";
- default = "127.0.0.1";
- type = types.str;
- };
-
- port = mkOption {
- description = "Graphite api service port.";
- default = 8080;
- type = types.int;
- };
-
- package = mkOption {
- description = "Package to use for graphite api.";
- default = pkgs.python3Packages.graphite_api;
- defaultText = literalExpression "pkgs.python3Packages.graphite_api";
- type = types.package;
- };
-
- extraConfig = mkOption {
- description = "Extra configuration for graphite api.";
- default = ''
- whisper:
- directories:
- - ${dataDir}/whisper
- '';
- defaultText = literalExpression ''
- '''
- whisper:
- directories:
- - ''${config.${opt.dataDir}}/whisper
- '''
- '';
- example = ''
- allowed_origins:
- - dashboard.example.com
- cheat_times: true
- influxdb:
- host: localhost
- port: 8086
- user: influxdb
- pass: influxdb
- db: metrics
- cache:
- CACHE_TYPE: 'filesystem'
- CACHE_DIR: '/tmp/graphite-api-cache'
- '';
- type = types.lines;
- };
- };
-
carbon = {
config = mkOption {
- description = "Content of carbon configuration file.";
+ description = lib.mdDoc "Content of carbon configuration file.";
default = ''
[cache]
# Listen on localhost by default for security reasons
@@ -215,13 +125,13 @@ in {
};
enableCache = mkOption {
- description = "Whether to enable carbon cache, the graphite storage daemon.";
+ description = lib.mdDoc "Whether to enable carbon cache, the graphite storage daemon.";
default = false;
type = types.bool;
};
storageAggregation = mkOption {
- description = "Defines how to aggregate data to lower-precision retentions.";
+ description = lib.mdDoc "Defines how to aggregate data to lower-precision retentions.";
default = null;
type = types.nullOr types.str;
example = ''
@@ -233,7 +143,7 @@ in {
};
storageSchemas = mkOption {
- description = "Defines retention rates for storing metrics.";
+ description = lib.mdDoc "Defines retention rates for storing metrics.";
default = "";
type = types.nullOr types.str;
example = ''
@@ -244,21 +154,21 @@ in {
};
blacklist = mkOption {
- description = "Any metrics received which match one of the experssions will be dropped.";
+ description = lib.mdDoc "Any metrics received which match one of the experssions will be dropped.";
default = null;
type = types.nullOr types.str;
example = "^some\\.noisy\\.metric\\.prefix\\..*";
};
whitelist = mkOption {
- description = "Only metrics received which match one of the experssions will be persisted.";
+ description = lib.mdDoc "Only metrics received which match one of the experssions will be persisted.";
default = null;
type = types.nullOr types.str;
example = ".*";
};
rewriteRules = mkOption {
- description = ''
+ description = lib.mdDoc ''
Regular expression patterns that can be used to rewrite metric names
in a search and replace fashion.
'';
@@ -272,13 +182,13 @@ in {
};
enableRelay = mkOption {
- description = "Whether to enable carbon relay, the carbon replication and sharding service.";
+ description = lib.mdDoc "Whether to enable carbon relay, the carbon replication and sharding service.";
default = false;
type = types.bool;
};
relayRules = mkOption {
- description = "Relay rules are used to send certain metrics to a certain backend.";
+ description = lib.mdDoc "Relay rules are used to send certain metrics to a certain backend.";
default = null;
type = types.nullOr types.str;
example = ''
@@ -289,13 +199,13 @@ in {
};
enableAggregator = mkOption {
- description = "Whether to enable carbon aggregator, the carbon buffering service.";
+ description = lib.mdDoc "Whether to enable carbon aggregator, the carbon buffering service.";
default = false;
type = types.bool;
};
aggregationRules = mkOption {
- description = "Defines if and how received metrics will be aggregated.";
+ description = lib.mdDoc "Defines if and how received metrics will be aggregated.";
default = null;
type = types.nullOr types.str;
example = ''
@@ -307,13 +217,13 @@ in {
seyren = {
enable = mkOption {
- description = "Whether to enable seyren service.";
+ description = lib.mdDoc "Whether to enable seyren service.";
default = false;
type = types.bool;
};
port = mkOption {
- description = "Seyren listening port.";
+ description = lib.mdDoc "Seyren listening port.";
default = 8081;
type = types.int;
};
@@ -321,21 +231,21 @@ in {
seyrenUrl = mkOption {
default = "http://localhost:${toString cfg.seyren.port}/";
defaultText = literalExpression ''"http://localhost:''${toString config.${opt.seyren.port}}/"'';
- description = "Host where seyren is accessible.";
+ description = lib.mdDoc "Host where seyren is accessible.";
type = types.str;
};
graphiteUrl = mkOption {
default = "http://${cfg.web.listenAddress}:${toString cfg.web.port}";
defaultText = literalExpression ''"http://''${config.${opt.web.listenAddress}}:''${toString config.${opt.web.port}}"'';
- description = "Host where graphite service runs.";
+ description = lib.mdDoc "Host where graphite service runs.";
type = types.str;
};
mongoUrl = mkOption {
default = "mongodb://${config.services.mongodb.bind_ip}:27017/seyren";
defaultText = literalExpression ''"mongodb://''${config.services.mongodb.bind_ip}:27017/seyren"'';
- description = "Mongodb connection string.";
+ description = lib.mdDoc "Mongodb connection string.";
type = types.str;
};
@@ -354,16 +264,6 @@ in {
'';
};
};
-
- beacon = {
- enable = mkEnableOption "graphite beacon";
-
- config = mkOption {
- description = "Graphite beacon configuration.";
- default = {};
- type = types.attrs;
- };
- };
};
###### implementation
@@ -489,44 +389,6 @@ in {
environment.systemPackages = [ pkgs.python3Packages.graphite-web ];
}))
- (mkIf cfg.api.enable {
- systemd.services.graphiteApi = {
- description = "Graphite Api Interface";
- wantedBy = [ "multi-user.target" ];
- after = [ "network.target" ];
- environment = {
- PYTHONPATH = let
- aenv = pkgs.python3.buildEnv.override {
- extraLibs = [ cfg.api.package pkgs.cairo pkgs.python3Packages.cffi ] ++ cfg.api.finders;
- };
- in "${aenv}/${pkgs.python3.sitePackages}";
- GRAPHITE_API_CONFIG = graphiteApiConfig;
- LD_LIBRARY_PATH = "${pkgs.cairo.out}/lib";
- };
- serviceConfig = {
- ExecStart = ''
- ${pkgs.python3Packages.waitress}/bin/waitress-serve \
- --host=${cfg.api.listenAddress} --port=${toString cfg.api.port} \
- graphite_api.app:app
- '';
- User = "graphite";
- Group = "graphite";
- PermissionsStartOnly = true;
- };
- preStart = ''
- if ! test -e ${dataDir}/db-created; then
- mkdir -p ${dataDir}/cache/
- chmod 0700 ${dataDir}/cache/
-
- chown graphite:graphite ${cfg.dataDir}
- chown -R graphite:graphite ${cfg.dataDir}/cache
-
- touch ${dataDir}/db-created
- fi
- '';
- };
- })
-
(mkIf cfg.seyren.enable {
systemd.services.seyren = {
description = "Graphite Alerting Dashboard";
@@ -550,25 +412,9 @@ in {
services.mongodb.enable = mkDefault true;
})
- (mkIf cfg.beacon.enable {
- systemd.services.graphite-beacon = {
- description = "Grpahite Beacon Alerting Daemon";
- wantedBy = [ "multi-user.target" ];
- serviceConfig = {
- ExecStart = ''
- ${pkgs.python3Packages.graphite_beacon}/bin/graphite-beacon \
- --config=${pkgs.writeText "graphite-beacon.json" (builtins.toJSON cfg.beacon.config)}
- '';
- User = "graphite";
- Group = "graphite";
- };
- };
- })
-
(mkIf (
cfg.carbon.enableCache || cfg.carbon.enableAggregator || cfg.carbon.enableRelay ||
- cfg.web.enable || cfg.api.enable ||
- cfg.seyren.enable || cfg.beacon.enable
+ cfg.web.enable || cfg.seyren.enable
) {
users.users.graphite = {
uid = config.ids.uids.graphite;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/heapster.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/heapster.nix
index 44f53e1890a..2f2467477ae 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/heapster.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/heapster.nix
@@ -7,31 +7,31 @@ let
in {
options.services.heapster = {
enable = mkOption {
- description = "Whether to enable heapster monitoring";
+ description = lib.mdDoc "Whether to enable heapster monitoring";
default = false;
type = types.bool;
};
source = mkOption {
- description = "Heapster metric source";
+ description = lib.mdDoc "Heapster metric source";
example = "kubernetes:https://kubernetes.default";
type = types.str;
};
sink = mkOption {
- description = "Heapster metic sink";
+ description = lib.mdDoc "Heapster metic sink";
example = "influxdb:http://localhost:8086";
type = types.str;
};
extraOpts = mkOption {
- description = "Heapster extra options";
+ description = lib.mdDoc "Heapster extra options";
default = "";
type = types.separatedString " ";
};
package = mkOption {
- description = "Package to use by heapster";
+ description = lib.mdDoc "Package to use by heapster";
default = pkgs.heapster;
defaultText = literalExpression "pkgs.heapster";
type = types.package;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/incron.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/incron.nix
index 2681c35d6a0..53cbe1a9e26 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/incron.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/incron.nix
@@ -27,12 +27,12 @@ in
allow = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = ''
+ description = lib.mdDoc ''
Users allowed to use incrontab.
If empty then no user will be allowed to have their own incrontab.
- If null then will defer to .
- If both and are null
+ If `null` then will defer to {option}`deny`.
+ If both {option}`allow` and {option}`deny` are null
then all users will be allowed to have their own incrontab.
'';
};
@@ -40,13 +40,13 @@ in
deny = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = "Users forbidden from using incrontab.";
+ description = lib.mdDoc "Users forbidden from using incrontab.";
};
systab = mkOption {
type = types.lines;
default = "";
- description = "The system incrontab contents.";
+ description = lib.mdDoc "The system incrontab contents.";
example = ''
/var/mail IN_CLOSE_WRITE abc $@/$#
/tmp IN_ALL_EVENTS efg $@/$# $&
@@ -57,7 +57,7 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.rsync ]";
- description = "Extra packages available to the system incrontab.";
+ description = lib.mdDoc "Extra packages available to the system incrontab.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/kapacitor.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/kapacitor.nix
index a79c647becf..9cdb0e4495a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/kapacitor.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/kapacitor.nix
@@ -62,24 +62,24 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/kapacitor";
- description = "Location where Kapacitor stores its state";
+ description = lib.mdDoc "Location where Kapacitor stores its state";
};
port = mkOption {
type = types.int;
default = 9092;
- description = "Port of Kapacitor";
+ description = lib.mdDoc "Port of Kapacitor";
};
bind = mkOption {
type = types.str;
default = "";
example = "0.0.0.0";
- description = "Address to bind to. The default is to bind to all addresses";
+ description = lib.mdDoc "Address to bind to. The default is to bind to all addresses";
};
extraConfig = mkOption {
- description = "These lines go into kapacitord.conf verbatim.";
+ description = lib.mdDoc "These lines go into kapacitord.conf verbatim.";
default = "";
type = types.lines;
};
@@ -87,24 +87,24 @@ in
user = mkOption {
type = types.str;
default = "kapacitor";
- description = "User account under which Kapacitor runs";
+ description = lib.mdDoc "User account under which Kapacitor runs";
};
group = mkOption {
type = types.str;
default = "kapacitor";
- description = "Group under which Kapacitor runs";
+ description = lib.mdDoc "Group under which Kapacitor runs";
};
taskSnapshotInterval = mkOption {
type = types.str;
- description = "Specifies how often to snapshot the task state (in InfluxDB time units)";
+ description = lib.mdDoc "Specifies how often to snapshot the task state (in InfluxDB time units)";
default = "1m0s";
};
loadDirectory = mkOption {
type = types.nullOr types.path;
- description = "Directory where to load services from, such as tasks, templates and handlers (or null to disable service loading on startup)";
+ description = lib.mdDoc "Directory where to load services from, such as tasks, templates and handlers (or null to disable service loading on startup)";
default = null;
};
@@ -112,18 +112,18 @@ in
enable = mkEnableOption "kapacitor.defaultDatabase";
url = mkOption {
- description = "The URL to an InfluxDB server that serves as the default database";
+ description = lib.mdDoc "The URL to an InfluxDB server that serves as the default database";
example = "http://localhost:8086";
type = types.str;
};
username = mkOption {
- description = "The username to connect to the remote InfluxDB server";
+ description = lib.mdDoc "The username to connect to the remote InfluxDB server";
type = types.str;
};
password = mkOption {
- description = "The password to connect to the remote InfluxDB server";
+ description = lib.mdDoc "The password to connect to the remote InfluxDB server";
type = types.str;
};
};
@@ -132,25 +132,25 @@ in
enable = mkEnableOption "kapacitor alerta integration";
url = mkOption {
- description = "The URL to the Alerta REST API";
+ description = lib.mdDoc "The URL to the Alerta REST API";
default = "http://localhost:5000";
type = types.str;
};
token = mkOption {
- description = "Default Alerta authentication token";
+ description = lib.mdDoc "Default Alerta authentication token";
type = types.str;
default = "";
};
environment = mkOption {
- description = "Default Alerta environment";
+ description = lib.mdDoc "Default Alerta environment";
type = types.str;
default = "Production";
};
origin = mkOption {
- description = "Default origin of alert";
+ description = lib.mdDoc "Default origin of alert";
type = types.str;
default = "kapacitor";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/loki.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/loki.nix
index ebac70c30c2..d73e2abb71d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/loki.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/loki.nix
@@ -17,7 +17,7 @@ in {
user = mkOption {
type = types.str;
default = "loki";
- description = ''
+ description = lib.mdDoc ''
User under which the Loki service runs.
'';
};
@@ -25,7 +25,7 @@ in {
group = mkOption {
type = types.str;
default = "loki";
- description = ''
+ description = lib.mdDoc ''
Group under which the Loki service runs.
'';
};
@@ -33,7 +33,7 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/lib/loki";
- description = ''
+ description = lib.mdDoc ''
Specify the directory for Loki.
'';
};
@@ -41,7 +41,7 @@ in {
configuration = mkOption {
type = (pkgs.formats.json {}).type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Specify the configuration for Loki in Nix.
'';
};
@@ -49,7 +49,7 @@ in {
configFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify a configuration file that Loki should use.
'';
};
@@ -58,7 +58,7 @@ in {
type = types.listOf types.str;
default = [];
example = [ "--server.http-listen-port=3101" ];
- description = ''
+ description = lib.mdDoc ''
Specify a list of additional command line flags,
which get escaped and are then passed to Loki.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/longview.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/longview.nix
index 9c38956f9ba..5825cab0134 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/longview.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/longview.nix
@@ -16,7 +16,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, system metrics will be sent to Linode LongView.
'';
};
@@ -25,12 +25,12 @@ in {
type = types.str;
default = "";
example = "01234567-89AB-CDEF-0123456789ABCDEF";
- description = ''
+ description = lib.mdDoc ''
Longview API key. To get this, look in Longview settings which
are found at https://manager.linode.com/longview/.
Warning: this secret is stored in the world-readable Nix store!
- Use instead.
+ Use {option}`apiKeyFile` instead.
'';
};
@@ -38,12 +38,12 @@ in {
type = types.nullOr types.path;
default = null;
example = "/run/keys/longview-api-key";
- description = ''
+ description = lib.mdDoc ''
A file containing the Longview API key.
To get this, look in Longview settings which
are found at https://manager.linode.com/longview/.
- takes precedence over .
+ {option}`apiKeyFile` takes precedence over {option}`apiKey`.
'';
};
@@ -51,7 +51,7 @@ in {
type = types.str;
default = "";
example = "http://127.0.0.1/server-status";
- description = ''
+ description = lib.mdDoc ''
The Apache status page URL. If provided, Longview will
gather statistics from this location. This requires Apache
mod_status to be loaded and enabled.
@@ -62,7 +62,7 @@ in {
type = types.str;
default = "";
example = "http://127.0.0.1/nginx_status";
- description = ''
+ description = lib.mdDoc ''
The Nginx status page URL. Longview will gather statistics
from this URL. This requires the Nginx stub_status module to
be enabled and configured at the given location.
@@ -72,7 +72,7 @@ in {
mysqlUser = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
The user for connecting to the MySQL database. If provided,
Longview will connect to MySQL and collect statistics about
queries, etc. This user does not need to have been granted
@@ -83,10 +83,10 @@ in {
mysqlPassword = mkOption {
type = types.str;
default = "";
- description = ''
- The password corresponding to .
+ description = lib.mdDoc ''
+ The password corresponding to {option}`mysqlUser`.
Warning: this is stored in cleartext in the Nix store!
- Use instead.
+ Use {option}`mysqlPasswordFile` instead.
'';
};
@@ -94,8 +94,8 @@ in {
type = types.nullOr types.path;
default = null;
example = "/run/keys/dbpassword";
- description = ''
- A file containing the password corresponding to .
+ description = lib.mdDoc ''
+ A file containing the password corresponding to {option}`mysqlUser`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/mackerel-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/mackerel-agent.nix
index aeb6247abd8..89c6d4d6c65 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/mackerel-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/mackerel-agent.nix
@@ -29,11 +29,11 @@ in {
};
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Options for mackerel-agent.conf.
Documentation:
-
+
'';
default = {};
@@ -48,12 +48,12 @@ in {
options.host_status = {
on_start = mkOption {
type = types.enum [ "working" "standby" "maintenance" "poweroff" ];
- description = "Host status after agent startup.";
+ description = lib.mdDoc "Host status after agent startup.";
default = "working";
};
on_stop = mkOption {
type = types.enum [ "working" "standby" "maintenance" "poweroff" ];
- description = "Host status after agent shutdown.";
+ description = lib.mdDoc "Host status after agent shutdown.";
default = "poweroff";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/metricbeat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/metricbeat.nix
index e75039daa10..0968d25c2ad 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/metricbeat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/metricbeat.nix
@@ -26,7 +26,7 @@ in
default = pkgs.metricbeat;
defaultText = literalExpression "pkgs.metricbeat";
example = literalExpression "pkgs.metricbeat7";
- description = ''
+ description = lib.mdDoc ''
The metricbeat package to use
'';
};
@@ -51,11 +51,11 @@ in
module = mkOption {
type = types.str;
default = name;
- description = ''
+ description = lib.mdDoc ''
The name of the module.
- Look for the value after module: on the individual
- module pages linked from .
+ Look for the value after `module:` on the individual
+ module pages linked from .
'';
};
};
@@ -80,18 +80,18 @@ in
name = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Name of the beat. Defaults to the hostname.
- See .
+ See .
'';
};
tags = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Tags to place on the shipped metrics.
- See .
+ See .
'';
};
@@ -108,8 +108,8 @@ in
};
};
default = {};
- description = ''
- Configuration for metricbeat. See for supported values.
+ description = lib.mdDoc ''
+ Configuration for metricbeat. See for supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/mimir.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/mimir.nix
index 83c0b23c59d..87f7af7855e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/mimir.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/mimir.nix
@@ -13,7 +13,7 @@ in {
configuration = mkOption {
type = (pkgs.formats.json {}).type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Specify the configuration for Mimir in Nix.
'';
};
@@ -21,7 +21,7 @@ in {
configFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify a configuration file that Mimir should use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/monit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/monit.nix
index 379ee967620..6ce5b44eb27 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/monit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/monit.nix
@@ -14,7 +14,7 @@ in
config = mkOption {
type = types.lines;
default = "";
- description = "monitrc content";
+ description = lib.mdDoc "monitrc content";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/munin.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/munin.nix
index 4fddb1e37e2..c77ae7b3b6e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/munin.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/munin.nix
@@ -171,7 +171,7 @@ in
extraPlugins = mkOption {
default = {};
type = with types; attrsOf path;
- description = ''
+ description = lib.mdDoc ''
Additional Munin plugins to activate. Keys are the name of the plugin
symlink, values are the path to the underlying plugin script. You
can use the same plugin script multiple times (e.g. for wildcard
@@ -179,15 +179,15 @@ in
Note that these plugins do not participate in autoconfiguration. If
you want to autoconfigure additional plugins, use
- .
+ {option}`services.munin-node.extraAutoPlugins`.
Plugins enabled in this manner take precedence over autoconfigured
plugins.
Plugins will be copied into the Nix store, and it will attempt to
modify them to run properly by fixing hardcoded references to
- /bin, /usr/bin,
- /sbin, and /usr/sbin.
+ `/bin`, `/usr/bin`,
+ `/sbin`, and `/usr/sbin`.
'';
example = literalExpression ''
{
@@ -201,24 +201,24 @@ in
extraAutoPlugins = mkOption {
default = [];
type = with types; listOf path;
- description = ''
+ description = lib.mdDoc ''
Additional Munin plugins to autoconfigure, using
- munin-node-configure --suggest. These should be
+ `munin-node-configure --suggest`. These should be
the actual paths to the plugin files (or directories containing them),
not just their names.
If you want to manually enable individual plugins instead, use
- .
+ {option}`services.munin-node.extraPlugins`.
Note that only plugins that have the 'autoconfig' capability will do
anything if listed here, since plugins that cannot autoconfigure
won't be automatically enabled by
- munin-node-configure.
+ `munin-node-configure`.
Plugins will be copied into the Nix store, and it will attempt to
modify them to run properly by fixing hardcoded references to
- /bin, /usr/bin,
- /sbin, and /usr/sbin.
+ `/bin`, `/usr/bin`,
+ `/sbin`, and `/usr/sbin`.
'';
example = literalExpression ''
[
@@ -234,14 +234,14 @@ in
# NaNs in the output.
default = [ "munin_stats" ];
type = with types; listOf str;
- description = ''
+ description = lib.mdDoc ''
Munin plugins to disable, even if
- munin-node-configure --suggest tries to enable
+ `munin-node-configure --suggest` tries to enable
them. To disable a wildcard plugin, use an actual wildcard, as in
the example.
munin_stats is disabled by default as it tries to read
- /var/log/munin/munin-update.log for timing
+ `/var/log/munin/munin-update.log` for timing
information, and the NixOS build of Munin does not write this file.
'';
example = [ "diskstats" "zfs_usage_*" ];
@@ -253,12 +253,12 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable munin-cron. Takes care of all heavy lifting to collect data from
nodes and draws graphs to html. Runs munin-update, munin-limits,
munin-graphs and munin-html in that order.
- HTML output is in /var/www/munin/, configure your
+ HTML output is in {file}`/var/www/munin/`, configure your
favourite webserver to serve static files.
'';
};
@@ -296,7 +296,7 @@ in
extraCSS = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Custom styling for the HTML that munin-cron generates. This will be
appended to the CSS files used by munin-cron and will thus take
precedence over the builtin styles.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/netdata.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/netdata.nix
index 489dd337bb7..4fd07a4ba14 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/netdata.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/netdata.nix
@@ -55,24 +55,24 @@ in {
type = types.package;
default = pkgs.netdata;
defaultText = literalExpression "pkgs.netdata";
- description = "Netdata package to use.";
+ description = lib.mdDoc "Netdata package to use.";
};
user = mkOption {
type = types.str;
default = "netdata";
- description = "User account under which netdata runs.";
+ description = lib.mdDoc "User account under which netdata runs.";
};
group = mkOption {
type = types.str;
default = "netdata";
- description = "Group under which netdata runs.";
+ description = lib.mdDoc "Group under which netdata runs.";
};
configText = mkOption {
type = types.nullOr types.lines;
- description = "Verbatim netdata.conf, cannot be combined with config.";
+ description = lib.mdDoc "Verbatim netdata.conf, cannot be combined with config.";
default = null;
example = ''
[global]
@@ -86,7 +86,7 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable python-based plugins
'';
};
@@ -101,7 +101,7 @@ in {
ps.dnspython
]
'';
- description = ''
+ description = lib.mdDoc ''
Extra python packages available at runtime
to enable additional python plugins.
'';
@@ -129,7 +129,7 @@ in {
config = mkOption {
type = types.attrsOf types.attrs;
default = {};
- description = "netdata.conf configuration as nix attributes. cannot be combined with configText.";
+ description = lib.mdDoc "netdata.conf configuration as nix attributes. cannot be combined with configText.";
example = literalExpression ''
global = {
"debug log" = "syslog";
@@ -142,7 +142,7 @@ in {
configDir = mkOption {
type = types.attrsOf types.path;
default = {};
- description = ''
+ description = lib.mdDoc ''
Complete netdata config directory except netdata.conf.
The default configuration is merged with changes
defined in this option.
@@ -162,11 +162,11 @@ in {
enableAnalyticsReporting = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable reporting of anonymous usage statistics to Netdata Inc. via either
Google Analytics (in versions prior to 1.29.4), or Netdata Inc.'s
self-hosted PostHog (in versions 1.29.4 and later).
- See:
+ See:
'';
};
};
@@ -186,7 +186,7 @@ in {
description = "Real time performance monitoring";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
- path = (with pkgs; [ curl gawk iproute2 which procps ])
+ path = (with pkgs; [ curl gawk iproute2 which procps bash ])
++ lib.optional cfg.python.enable (pkgs.python3.withPackages cfg.python.extraPackages)
++ lib.optional config.virtualisation.libvirtd.enable (config.virtualisation.libvirtd.package);
environment = {
@@ -201,7 +201,9 @@ in {
serviceConfig = {
ExecStart = "${cfg.package}/bin/netdata -P /run/netdata/netdata.pid -D -c /etc/netdata/netdata.conf";
ExecReload = "${pkgs.util-linux}/bin/kill -s HUP -s USR1 -s USR2 $MAINPID";
- ExecPostStart = ''while [ "$(netdatacli ping)" != pong ]; do sleep 0.5; done'';
+ ExecStartPost = pkgs.writeShellScript "wait-for-netdata-up" ''
+ while [ "$(${pkgs.netdata}/bin/netdatacli ping)" != pong ]; do sleep 0.5; done
+ '';
TimeoutStopSec = 60;
Restart = "on-failure";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/parsedmarc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/parsedmarc.nix
index efc7f69be7d..736718c2535 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/parsedmarc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/parsedmarc.nix
@@ -40,7 +40,7 @@ in
recipientName = lib.mkOption {
type = lib.types.str;
default = "dmarc";
- description = ''
+ description = lib.mdDoc ''
The DMARC mail recipient name, i.e. the name part of the
email address which receives DMARC reports.
@@ -54,7 +54,7 @@ in
default = config.networking.fqdn;
defaultText = lib.literalExpression "config.networking.fqdn";
example = "monitoring.example.com";
- description = ''
+ description = lib.mdDoc ''
The hostname to use when configuring Postfix.
Should correspond to the host's fully qualified domain
@@ -84,7 +84,7 @@ in
elasticsearch = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to set up and use a local instance of Elasticsearch.
'';
};
@@ -110,7 +110,7 @@ in
type = lib.types.bool;
default = config.services.grafana.enable;
defaultText = lib.literalExpression "config.services.grafana.enable";
- description = ''
+ description = lib.mdDoc ''
Whether the official parsedmarc grafana dashboard should
be provisioned to the local grafana instance.
'';
@@ -134,20 +134,20 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
Configuration parameters to set in
- parsedmarc.ini. For a full list of
+ {file}`parsedmarc.ini`. For a full list of
available parameters, see
- .
+ .
Settings containing secret data should be set to an attribute
- set containing the attribute _secret - a
+ set containing the attribute `_secret` - a
string pointing to a file containing the value the option
should be set to. See the example to get a better picture of
- this: in the resulting parsedmarc.ini
- file, the splunk_hec.token key will be set
+ this: in the resulting {file}`parsedmarc.ini`
+ file, the `splunk_hec.token` key will be set
to the contents of the
- /run/keys/splunk_token file.
+ {file}`/run/keys/splunk_token` file.
'';
type = lib.types.submodule {
@@ -158,7 +158,7 @@ in
save_aggregate = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Save aggregate report data to Elasticsearch and/or Splunk.
'';
};
@@ -166,7 +166,7 @@ in
save_forensic = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Save forensic report data to Elasticsearch and/or Splunk.
'';
};
@@ -176,7 +176,7 @@ in
host = lib.mkOption {
type = lib.types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
The IMAP server hostname or IP address.
'';
};
@@ -184,7 +184,7 @@ in
port = lib.mkOption {
type = lib.types.port;
default = 993;
- description = ''
+ description = lib.mdDoc ''
The IMAP server port.
'';
};
@@ -192,7 +192,7 @@ in
ssl = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Use an encrypted SSL/TLS connection.
'';
};
@@ -200,7 +200,7 @@ in
user = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The IMAP server username.
'';
};
@@ -223,7 +223,7 @@ in
watch = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Use the IMAP IDLE command to process messages as they arrive.
'';
};
@@ -231,7 +231,7 @@ in
delete = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Delete messages after processing them, instead of archiving them.
'';
};
@@ -241,7 +241,7 @@ in
host = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The SMTP server hostname or IP address.
'';
};
@@ -249,7 +249,7 @@ in
port = lib.mkOption {
type = with lib.types; nullOr port;
default = null;
- description = ''
+ description = lib.mdDoc ''
The SMTP server port.
'';
};
@@ -257,7 +257,7 @@ in
ssl = lib.mkOption {
type = with lib.types; nullOr bool;
default = null;
- description = ''
+ description = lib.mdDoc ''
Use an encrypted SSL/TLS connection.
'';
};
@@ -265,7 +265,7 @@ in
user = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The SMTP server username.
'';
};
@@ -288,8 +288,8 @@ in
from = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
- description = ''
- The From address to use for the
+ description = lib.mdDoc ''
+ The `From` address to use for the
outgoing mail.
'';
};
@@ -297,7 +297,7 @@ in
to = lib.mkOption {
type = with lib.types; nullOr (listOf str);
default = null;
- description = ''
+ description = lib.mdDoc ''
The addresses to send outgoing mail to.
'';
};
@@ -308,7 +308,7 @@ in
default = [];
type = with lib.types; listOf str;
apply = x: if x == [] then null else lib.concatStringsSep "," x;
- description = ''
+ description = lib.mdDoc ''
A list of Elasticsearch hosts to push parsed reports
to.
'';
@@ -317,7 +317,7 @@ in
user = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Username to use when connecting to Elasticsearch, if
required.
'';
@@ -342,7 +342,7 @@ in
ssl = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use an encrypted SSL/TLS connection.
'';
};
@@ -350,7 +350,7 @@ in
cert_path = lib.mkOption {
type = lib.types.path;
default = "/etc/ssl/certs/ca-certificates.crt";
- description = ''
+ description = lib.mdDoc ''
The path to a TLS certificate bundle used to verify
the server's certificate.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/alertmanager.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/alertmanager.nix
index 1f396634ae0..60e0523cc35 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/alertmanager.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/alertmanager.nix
@@ -46,7 +46,7 @@ in {
type = types.package;
default = pkgs.prometheus-alertmanager;
defaultText = literalExpression "pkgs.alertmanager";
- description = ''
+ description = lib.mdDoc ''
Package that should be used for alertmanager.
'';
};
@@ -54,7 +54,7 @@ in {
configuration = mkOption {
type = types.nullOr types.attrs;
default = null;
- description = ''
+ description = lib.mdDoc ''
Alertmanager configuration as nix attribute set.
'';
};
@@ -62,7 +62,7 @@ in {
configText = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Alertmanager configuration as YAML text. If non-null, this option
defines the text that is written to alertmanager.yml. If null, the
contents of alertmanager.yml is generated from the structured config
@@ -73,7 +73,7 @@ in {
logFormat = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
If set use a syslog logger or JSON logging.
'';
};
@@ -81,7 +81,7 @@ in {
logLevel = mkOption {
type = types.enum ["debug" "info" "warn" "error" "fatal"];
default = "warn";
- description = ''
+ description = lib.mdDoc ''
Only log messages with the given severity or above.
'';
};
@@ -89,7 +89,7 @@ in {
webExternalUrl = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The URL under which Alertmanager is externally reachable (for example, if Alertmanager is served via a reverse proxy).
Used for generating relative and absolute links back to Alertmanager itself.
If the URL has a path portion, it will be used to prefix all HTTP endoints served by Alertmanager.
@@ -100,7 +100,7 @@ in {
listenAddress = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Address to listen on for the web interface and API. Empty string will listen on all interfaces.
"localhost" will listen on 127.0.0.1 (but not ::1).
'';
@@ -109,7 +109,7 @@ in {
port = mkOption {
type = types.int;
default = 9093;
- description = ''
+ description = lib.mdDoc ''
Port to listen on for the web interface and API.
'';
};
@@ -117,7 +117,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open port in firewall for incoming connections.
'';
};
@@ -125,7 +125,7 @@ in {
clusterPeers = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Initial peers for HA cluster.
'';
};
@@ -133,7 +133,7 @@ in {
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra commandline options when launching the Alertmanager.
'';
};
@@ -142,11 +142,11 @@ in {
type = types.nullOr types.path;
default = null;
example = "/root/alertmanager.env";
- description = ''
+ description = lib.mdDoc ''
File to load as environment file. Environment variables
from this file will be interpolated into the config file
using envsubst with this syntax:
- $ENVIRONMENT ''${VARIABLE}
+ `$ENVIRONMENT ''${VARIABLE}`
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/default.nix
index 41848c1c6d3..db4286b66a5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/default.nix
@@ -184,7 +184,7 @@ let
options = {
username = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
HTTP username
'';
};
@@ -257,7 +257,7 @@ let
};
job_name = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The job name assigned to scraped metrics by default.
'';
};
@@ -513,7 +513,7 @@ let
subscription_id = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The subscription ID.
'';
};
@@ -618,7 +618,7 @@ let
mkDockerSdConfigModule = extraOptions: mkSdConfigModule ({
host = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Address of the Docker daemon.
'';
};
@@ -675,7 +675,7 @@ let
options = {
names = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
A list of DNS SRV record names to be queried.
'';
};
@@ -698,7 +698,7 @@ let
options = {
region = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The AWS Region. If blank, the region from the instance metadata is used.
'';
};
@@ -762,7 +762,7 @@ let
promTypes.eureka_sd_config = mkSdConfigModule {
server = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The URL to connect to the Eureka server.
'';
};
@@ -772,7 +772,7 @@ let
options = {
files = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Patterns for files from which target groups are extracted. Refer
to the Prometheus documentation for permitted filename patterns
and formats.
@@ -791,14 +791,14 @@ let
# required configuration values for `gce_sd_config`.
project = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The GCP Project.
'';
};
zone = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The zone of the scrape targets. If you need multiple zones use multiple
gce_sd_configs.
'';
@@ -833,9 +833,9 @@ let
promTypes.hetzner_sd_config = mkSdConfigModule {
role = mkOption {
type = types.enum [ "robot" "hcloud" ];
- description = ''
+ description = lib.mdDoc ''
The Hetzner role of entities that should be discovered.
- One of robot or hcloud.
+ One of `robot` or `hcloud`.
'';
};
@@ -852,7 +852,7 @@ let
options = {
url = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
URL from which the targets are fetched.
'';
};
@@ -889,7 +889,7 @@ let
role = mkOption {
type = types.enum [ "endpoints" "service" "pod" "node" "ingress" ];
- description = ''
+ description = lib.mdDoc ''
The Kubernetes role of entities that should be discovered.
One of endpoints, service, pod, node, or ingress.
'';
@@ -954,7 +954,7 @@ let
promTypes.kuma_sd_config = mkSdConfigModule {
server = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Address of the Kuma Control Plane's MADS xDS server.
'';
};
@@ -1022,7 +1022,7 @@ let
promTypes.marathon_sd_config = mkSdConfigModule {
servers = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of URLs to be used to contact Marathon servers. You need to provide at least one server URL.
'';
};
@@ -1048,14 +1048,14 @@ let
options = {
servers = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The Zookeeper servers.
'';
};
paths = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Paths can point to a single service, or the root of a tree of services.
'';
};
@@ -1097,14 +1097,14 @@ let
{
role = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The OpenStack role of entities that should be discovered.
'';
};
region = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The OpenStack Region.
'';
};
@@ -1165,14 +1165,14 @@ let
promTypes.puppetdb_sd_config = mkSdConfigModule {
url = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The URL of the PuppetDB root query endpoint.
'';
};
query = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Puppet Query Language (PQL) query. Only resources are supported.
https://puppet.com/docs/puppetdb/latest/api/query/v4/pql.html
'';
@@ -1201,7 +1201,7 @@ let
options = {
access_key = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Access key to use. https://console.scaleway.com/project/credentials
'';
};
@@ -1218,7 +1218,7 @@ let
project_id = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Project ID of the targets.
'';
};
@@ -1275,7 +1275,7 @@ let
options = {
account = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The account to use for discovering new targets.
'';
};
@@ -1288,15 +1288,15 @@ let
dns_suffix = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The DNS suffix which should be applied to target.
'';
};
endpoint = mkOption {
type = types.str;
- description = ''
- The Triton discovery endpoint (e.g. cmon.us-east-3b.triton.zone). This is
+ description = lib.mdDoc ''
+ The Triton discovery endpoint (e.g. `cmon.us-east-3b.triton.zone`). This is
often the same value as dns_suffix.
'';
};
@@ -1327,21 +1327,21 @@ let
promTypes.uyuni_sd_config = mkSdConfigModule {
server = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The URL to connect to the Uyuni server.
'';
};
username = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Credentials are used to authenticate the requests to Uyuni API.
'';
};
password = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Credentials are used to authenticate the requests to Uyuni API.
'';
};
@@ -1363,14 +1363,14 @@ let
options = {
targets = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The targets specified by the target group.
'';
};
labels = mkOption {
type = types.attrsOf types.str;
default = { };
- description = ''
+ description = lib.mdDoc ''
Labels assigned to all metrics scraped from the targets.
'';
};
@@ -1426,7 +1426,7 @@ let
options = {
url = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
'';
@@ -1512,7 +1512,7 @@ let
options = {
url = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
'';
@@ -1569,7 +1569,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the Prometheus monitoring daemon.
'';
};
@@ -1578,7 +1578,7 @@ in
type = types.package;
default = pkgs.prometheus;
defaultText = literalExpression "pkgs.prometheus";
- description = ''
+ description = lib.mdDoc ''
The prometheus package that should be used.
'';
};
@@ -1586,7 +1586,7 @@ in
port = mkOption {
type = types.port;
default = 9090;
- description = ''
+ description = lib.mdDoc ''
Port to listen on.
'';
};
@@ -1594,7 +1594,7 @@ in
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
Address to listen on for the web interface, API, and telemetry.
'';
};
@@ -1602,8 +1602,8 @@ in
stateDir = mkOption {
type = types.str;
default = "prometheus2";
- description = ''
- Directory below /var/lib to store Prometheus metrics data.
+ description = lib.mdDoc ''
+ Directory below `/var/lib` to store Prometheus metrics data.
This directory will be created automatically using systemd's StateDirectory mechanism.
'';
};
@@ -1611,7 +1611,7 @@ in
extraFlags = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Extra commandline options when launching Prometheus.
'';
};
@@ -1619,11 +1619,11 @@ in
enableReload = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Reload prometheus when configuration file changes (instead of restart).
The following property holds: switching to a configuration
- (switch-to-configuration) that changes the prometheus
+ (`switch-to-configuration`) that changes the prometheus
configuration only finishes successully when prometheus has finished
loading the new configuration.
'';
@@ -1632,7 +1632,7 @@ in
configText = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
If non-null, this option defines the text that is written to
prometheus.yml. If null, the contents of prometheus.yml is generated
from the structured config options.
@@ -1642,7 +1642,7 @@ in
globalConfig = mkOption {
type = promTypes.globalConfig;
default = { };
- description = ''
+ description = lib.mdDoc ''
Parameters that are valid in all configuration contexts. They
also serve as defaults for other configuration sections
'';
@@ -1651,25 +1651,25 @@ in
remoteRead = mkOption {
type = types.listOf promTypes.remote_read;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Parameters of the endpoints to query from.
- See the official documentation for more information.
+ See [the official documentation](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_read) for more information.
'';
};
remoteWrite = mkOption {
type = types.listOf promTypes.remote_write;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Parameters of the endpoints to send samples to.
- See the official documentation for more information.
+ See [the official documentation](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#remote_write) for more information.
'';
};
rules = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Alerting and/or Recording rules to evaluate at runtime.
'';
};
@@ -1677,7 +1677,7 @@ in
ruleFiles = mkOption {
type = types.listOf types.path;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Any additional rules files to include in this configuration.
'';
};
@@ -1685,7 +1685,7 @@ in
scrapeConfigs = mkOption {
type = types.listOf promTypes.scrape_config;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
A list of scrape configurations.
'';
};
@@ -1704,16 +1704,16 @@ in
} ]
'';
default = [ ];
- description = ''
+ description = lib.mdDoc ''
A list of alertmanagers to send alerts to.
- See the official documentation for more information.
+ See [the official documentation](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config) for more information.
'';
};
alertmanagerNotificationQueueCapacity = mkOption {
type = types.int;
default = 10000;
- description = ''
+ description = lib.mdDoc ''
The capacity of the queue for pending alert manager notifications.
'';
};
@@ -1722,7 +1722,7 @@ in
type = types.nullOr types.str;
default = null;
example = "https://example.com/";
- description = ''
+ description = lib.mdDoc ''
The URL under which Prometheus is externally reachable (for example,
if Prometheus is served via a reverse proxy).
'';
@@ -1750,7 +1750,7 @@ in
type = types.nullOr types.str;
default = null;
example = "15d";
- description = ''
+ description = lib.mdDoc ''
How long to retain samples in storage.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/exporters/mail.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/exporters/mail.nix
index 956bd96aa45..a60f47f6393 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/exporters/mail.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/exporters/mail.nix
@@ -5,6 +5,8 @@ with lib;
let
cfg = config.services.prometheus.exporters.mail;
+ configFile = if cfg.configuration != null then configurationFile else (escapeShellArg cfg.configFile);
+
configurationFile = pkgs.writeText "prometheus-mail-exporter.conf" (builtins.toJSON (
# removes the _module attribute, null values and converts attrNames to lowercase
mapAttrs' (name: value:
@@ -137,6 +139,13 @@ in
{
port = 9225;
extraOpts = {
+ environmentFile = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ description = ''
+ File containing env-vars to be substituted into the exporter's config.
+ '';
+ };
configFile = mkOption {
type = types.nullOr types.path;
default = null;
@@ -162,13 +171,19 @@ in
serviceOpts = {
serviceConfig = {
DynamicUser = false;
+ EnvironmentFile = mkIf (cfg.environmentFile != null) [ cfg.environmentFile ];
+ RuntimeDirectory = "prometheus-mail-exporter";
+ ExecStartPre = [
+ "${pkgs.writeShellScript "subst-secrets-mail-exporter" ''
+ umask 0077
+ ${pkgs.envsubst}/bin/envsubst -i ${configFile} -o ''${RUNTIME_DIRECTORY}/mail-exporter.json
+ ''}"
+ ];
ExecStart = ''
${pkgs.prometheus-mail-exporter}/bin/mailexporter \
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
--web.telemetry-path ${cfg.telemetryPath} \
- --config.file ${
- if cfg.configuration != null then configurationFile else (escapeShellArg cfg.configFile)
- } \
+ --config.file ''${RUNTIME_DIRECTORY}/mail-exporter.json \
${concatStringsSep " \\\n " cfg.extraFlags}
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/exporters/node.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/exporters/node.nix
index 5e5fc7cd552..417920402f3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/exporters/node.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/exporters/node.nix
@@ -44,6 +44,8 @@ in
];
# The timex collector needs to access clock APIs
ProtectClock = any (collector: collector == "timex") cfg.disabledCollectors;
+ # Allow space monitoring under /home
+ ProtectHome = true;
};
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/pushgateway.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/pushgateway.nix
index 01b99376243..ac7a2300f67 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/pushgateway.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/pushgateway.nix
@@ -27,7 +27,7 @@ in {
type = types.package;
default = pkgs.prometheus-pushgateway;
defaultText = literalExpression "pkgs.prometheus-pushgateway";
- description = ''
+ description = lib.mdDoc ''
Package that should be used for the prometheus pushgateway.
'';
};
@@ -35,27 +35,27 @@ in {
web.listen-address = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Address to listen on for the web interface, API and telemetry.
- null will default to :9091.
+ `null` will default to `:9091`.
'';
};
web.telemetry-path = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path under which to expose metrics.
- null will default to /metrics.
+ `null` will default to `/metrics`.
'';
};
web.external-url = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The URL under which Pushgateway is externally reachable.
'';
};
@@ -63,11 +63,11 @@ in {
web.route-prefix = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Prefix for the internal routes of web endpoints.
Defaults to the path of
- .
+ {option}`services.prometheus.pushgateway.web.external-url`.
'';
};
@@ -75,20 +75,20 @@ in {
type = types.nullOr types.str;
default = null;
example = "10m";
- description = ''
+ description = lib.mdDoc ''
The minimum interval at which to write out the persistence file.
- null will default to 5m.
+ `null` will default to `5m`.
'';
};
log.level = mkOption {
type = types.nullOr (types.enum ["debug" "info" "warn" "error" "fatal"]);
default = null;
- description = ''
+ description = lib.mdDoc ''
Only log messages with the given severity or above.
- null will default to info.
+ `null` will default to `info`.
'';
};
@@ -96,17 +96,17 @@ in {
type = types.nullOr types.str;
default = null;
example = "logger:syslog?appname=bob&local=7";
- description = ''
+ description = lib.mdDoc ''
Set the log target and format.
- null will default to logger:stderr.
+ `null` will default to `logger:stderr`.
'';
};
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra commandline options when launching the Pushgateway.
'';
};
@@ -114,26 +114,26 @@ in {
persistMetrics = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to persist metrics to a file.
When enabled metrics will be saved to a file called
- metrics in the directory
- /var/lib/pushgateway. The directory below
- /var/lib can be set using
- .
+ `metrics` in the directory
+ `/var/lib/pushgateway`. The directory below
+ `/var/lib` can be set using
+ {option}`services.prometheus.pushgateway.stateDir`.
'';
};
stateDir = mkOption {
type = types.str;
default = "pushgateway";
- description = ''
- Directory below /var/lib to store metrics.
+ description = lib.mdDoc ''
+ Directory below `/var/lib` to store metrics.
This directory will be created automatically using systemd's
StateDirectory mechanism when
-
+ {option}`services.prometheus.pushgateway.persistMetrics`
is enabled.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/xmpp-alerts.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/xmpp-alerts.nix
index 980c93c9c47..1d7da7ced3f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/xmpp-alerts.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/prometheus/xmpp-alerts.nix
@@ -21,9 +21,9 @@ in
type = settingsFormat.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Configuration for prometheus xmpp-alerts, see
-
+
for supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann-dash.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann-dash.nix
index 16eb8300850..1ca8af14e77 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann-dash.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann-dash.nix
@@ -26,20 +26,20 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the riemann-dash dashboard daemon.
'';
};
config = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Contents added to the end of the riemann-dash configuration file.
'';
};
dataDir = mkOption {
type = types.str;
default = "/var/riemann-dash";
- description = ''
+ description = lib.mdDoc ''
Location of the riemann-base dir. The dashboard configuration file is
is stored to this directory. The directory is created automatically on
service start, and owner is set to the riemanndash user.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann-tools.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann-tools.nix
index 86a11694e7b..b5cd79c7430 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann-tools.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann-tools.nix
@@ -23,14 +23,14 @@ in {
enableHealth = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the riemann-health daemon.
'';
};
riemannHost = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Address of the host riemann node. Defaults to localhost.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann.nix
index 13d2b1cc060..8d61ec2a308 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/riemann.nix
@@ -30,13 +30,13 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the Riemann network monitoring daemon.
'';
};
config = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Contents of the Riemann configuration file. For more complicated
config you should use configFile.
'';
@@ -44,17 +44,17 @@ in {
configFiles = mkOption {
type = with types; listOf path;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra files containing Riemann configuration. These files will be
loaded at runtime by Riemann (with Clojure's
- load-file function) at the end of the
+ `load-file` function) at the end of the
configuration if you use the config option, this is ignored if you
use configFile.
'';
};
configFile = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
A Riemann config file. Any files in the same directory as this file
will be added to the classpath by Riemann.
'';
@@ -62,14 +62,14 @@ in {
extraClasspathEntries = mkOption {
type = with types; listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra entries added to the Java classpath when running Riemann.
'';
};
extraJavaOpts = mkOption {
type = with types; listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra Java options used when launching Riemann.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/scollector.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/scollector.nix
index 6a6fe110f94..48be309c959 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/scollector.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/scollector.nix
@@ -35,7 +35,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run scollector.
'';
};
@@ -44,7 +44,7 @@ in {
type = types.package;
default = pkgs.scollector;
defaultText = literalExpression "pkgs.scollector";
- description = ''
+ description = lib.mdDoc ''
scollector binary to use.
'';
};
@@ -52,7 +52,7 @@ in {
user = mkOption {
type = types.str;
default = "scollector";
- description = ''
+ description = lib.mdDoc ''
User account under which scollector runs.
'';
};
@@ -60,7 +60,7 @@ in {
group = mkOption {
type = types.str;
default = "scollector";
- description = ''
+ description = lib.mdDoc ''
Group account under which scollector runs.
'';
};
@@ -68,7 +68,7 @@ in {
bosunHost = mkOption {
type = types.str;
default = "localhost:8070";
- description = ''
+ description = lib.mdDoc ''
Host and port of the bosun server that will store the collected
data.
'';
@@ -78,7 +78,7 @@ in {
type = with types; attrsOf (listOf path);
default = {};
example = literalExpression ''{ "0" = [ "''${postgresStats}/bin/collect-stats" ]; }'';
- description = ''
+ description = lib.mdDoc ''
An attribute set mapping the frequency of collection to a list of
binaries that should be executed at that frequency. You can use "0"
to run a binary forever.
@@ -89,7 +89,7 @@ in {
type = with types; listOf str;
default = [];
example = [ "-d" ];
- description = ''
+ description = lib.mdDoc ''
Extra scollector command line options
'';
};
@@ -97,7 +97,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra scollector configuration added to the end of scollector.toml
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/smartd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/smartd.nix
index 6d39cc3e4e6..83791631d2c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/smartd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/smartd.nix
@@ -72,14 +72,14 @@ let
device = mkOption {
example = "/dev/sda";
type = types.str;
- description = "Location of the device.";
+ description = lib.mdDoc "Location of the device.";
};
options = mkOption {
default = "";
example = "-d sat";
type = types.separatedString " ";
- description = "Options that determine how smartd monitors the device.";
+ description = lib.mdDoc "Options that determine how smartd monitors the device.";
};
};
@@ -100,12 +100,12 @@ in
autodetect = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whenever smartd should monitor all devices connected to the
machine at the time it's being started (the default).
Set to false to monitor the devices listed in
- only.
+ {option}`services.smartd.devices` only.
'';
};
@@ -113,11 +113,11 @@ in
default = [];
type = types.listOf types.str;
example = ["-A /var/log/smartd/" "--interval=3600"];
- description = ''
- Extra command-line options passed to the smartd
+ description = lib.mdDoc ''
+ Extra command-line options passed to the `smartd`
daemon on startup.
- (See man 8 smartd.)
+ (See `man 8 smartd`.)
'';
};
@@ -128,7 +128,7 @@ in
default = config.services.mail.sendmailSetuidWrapper != null;
defaultText = literalExpression "config.services.mail.sendmailSetuidWrapper != null";
type = types.bool;
- description = "Whenever to send e-mail notifications.";
+ description = lib.mdDoc "Whenever to send e-mail notifications.";
};
sender = mkOption {
@@ -144,17 +144,17 @@ in
recipient = mkOption {
default = "root";
type = types.str;
- description = "Recipient of the notification messages.";
+ description = lib.mdDoc "Recipient of the notification messages.";
};
mailer = mkOption {
default = "/run/wrappers/bin/sendmail";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Sendmail-compatible binary to be used to send the messages.
You should probably enable
- or some other MTA for
+ {option}`services.postfix` or some other MTA for
this to work.
'';
};
@@ -164,7 +164,7 @@ in
enable = mkOption {
default = true;
type = types.bool;
- description = "Whenever to send wall notifications to all users.";
+ description = lib.mdDoc "Whenever to send wall notifications to all users.";
};
};
@@ -173,21 +173,21 @@ in
default = config.services.xserver.enable;
defaultText = literalExpression "config.services.xserver.enable";
type = types.bool;
- description = "Whenever to send X11 xmessage notifications.";
+ description = lib.mdDoc "Whenever to send X11 xmessage notifications.";
};
display = mkOption {
default = ":${toString config.services.xserver.display}";
defaultText = literalExpression ''":''${toString config.services.xserver.display}"'';
type = types.str;
- description = "DISPLAY to send X11 notifications to.";
+ description = lib.mdDoc "DISPLAY to send X11 notifications to.";
};
};
test = mkOption {
default = false;
type = types.bool;
- description = "Whenever to send a test notification on startup.";
+ description = lib.mdDoc "Whenever to send a test notification on startup.";
};
};
@@ -197,12 +197,12 @@ in
default = "-a";
type = types.separatedString " ";
example = "-a -o on -s (S/../.././02|L/../../7/04)";
- description = ''
+ description = lib.mdDoc ''
Common default options for explicitly monitored (listed in
- ) devices.
+ {option}`services.smartd.devices`) devices.
The default value turns on monitoring of all the things (see
- man 5 smartd.conf).
+ `man 5 smartd.conf`).
The example also turns on SMART Automatic Offline Testing on
startup, and schedules short self-tests daily, and long
@@ -214,8 +214,8 @@ in
default = cfg.defaults.monitored;
defaultText = literalExpression "config.${opt.defaults.monitored}";
type = types.separatedString " ";
- description = ''
- Like , but for the
+ description = lib.mdDoc ''
+ Like {option}`services.smartd.defaults.monitored`, but for the
autodetected devices.
'';
};
@@ -225,7 +225,7 @@ in
default = [];
example = [ { device = "/dev/sda"; } { device = "/dev/sdb"; options = "-d sat"; } ];
type = with types; listOf (submodule smartdDeviceOpts);
- description = "List of devices to monitor.";
+ description = lib.mdDoc "List of devices to monitor.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/statsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/statsd.nix
index 30b2916a992..d109e082620 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/statsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/statsd.nix
@@ -59,31 +59,31 @@ in
enable = mkEnableOption "statsd";
listenAddress = mkOption {
- description = "Address that statsd listens on over UDP";
+ description = lib.mdDoc "Address that statsd listens on over UDP";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
- description = "Port that stats listens for messages on over UDP";
+ description = lib.mdDoc "Port that stats listens for messages on over UDP";
default = 8125;
type = types.int;
};
mgmt_address = mkOption {
- description = "Address to run management TCP interface on";
+ description = lib.mdDoc "Address to run management TCP interface on";
default = "127.0.0.1";
type = types.str;
};
mgmt_port = mkOption {
- description = "Port to run the management TCP interface on";
+ description = lib.mdDoc "Port to run the management TCP interface on";
default = 8126;
type = types.int;
};
backends = mkOption {
- description = "List of backends statsd will use for data persistence";
+ description = lib.mdDoc "List of backends statsd will use for data persistence";
default = [];
example = [
"graphite"
@@ -97,19 +97,19 @@ in
};
graphiteHost = mkOption {
- description = "Hostname or IP of Graphite server";
+ description = lib.mdDoc "Hostname or IP of Graphite server";
default = null;
type = types.nullOr types.str;
};
graphitePort = mkOption {
- description = "Port of Graphite server (i.e. carbon-cache).";
+ description = lib.mdDoc "Port of Graphite server (i.e. carbon-cache).";
default = null;
type = types.nullOr types.int;
};
extraConfig = mkOption {
- description = "Extra configuration options for statsd";
+ description = lib.mdDoc "Extra configuration options for statsd";
default = "";
type = types.nullOr types.str;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/sysstat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/sysstat.nix
index ca2cff82723..f8621f08bb8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/sysstat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/sysstat.nix
@@ -10,7 +10,7 @@ in {
collect-frequency = mkOption {
type = types.str;
default = "*:00/10";
- description = ''
+ description = lib.mdDoc ''
OnCalendar specification for sysstat-collect
'';
};
@@ -18,7 +18,7 @@ in {
collect-args = mkOption {
type = types.str;
default = "1 1";
- description = ''
+ description = lib.mdDoc ''
Arguments to pass sa1 when collecting statistics
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/telegraf.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/telegraf.nix
index 13aae58d0f3..d228b5cc2d0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/telegraf.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/telegraf.nix
@@ -16,7 +16,7 @@ in {
package = mkOption {
default = pkgs.telegraf;
defaultText = literalExpression "pkgs.telegraf";
- description = "Which telegraf derivation to use";
+ description = lib.mdDoc "Which telegraf derivation to use";
type = types.package;
};
@@ -24,17 +24,17 @@ in {
type = types.listOf types.path;
default = [];
example = [ "/run/keys/telegraf.env" ];
- description = ''
+ description = lib.mdDoc ''
File to load as environment file. Environment variables from this file
will be interpolated into the config file using envsubst with this
- syntax: $ENVIRONMENT or ''${VARIABLE}.
+ syntax: `$ENVIRONMENT` or `''${VARIABLE}`.
This is useful to avoid putting secrets into the nix store.
'';
};
extraConfig = mkOption {
default = {};
- description = "Extra configuration options for telegraf";
+ description = lib.mdDoc "Extra configuration options for telegraf";
type = settingsFormat.type;
example = {
outputs.influxdb = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/thanos.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/thanos.nix
index 9e93d8dbb0e..c7404241fbf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/thanos.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/thanos.nix
@@ -86,11 +86,11 @@ let
defaultText = literalDocBook ''
calculated from config.services.thanos.${cmd}
'';
- description = ''
- Arguments to the thanos ${cmd} command.
+ description = lib.mdDoc ''
+ Arguments to the `thanos ${cmd}` command.
Defaults to a list of arguments formed by converting the structured
- options of to a list of arguments.
+ options of {option}`services.thanos.${cmd}` to a list of arguments.
Overriding this option will cause none of the structured options to have
any effect. So only set this if you know what you're doing!
@@ -127,10 +127,10 @@ let
if config.services.thanos..tracing.config == null then null
else toString (toYAML "tracing.yaml" config.services.thanos..tracing.config);
'';
- description = ''
+ description = lib.mdDoc ''
Path to YAML file that contains tracing configuration.
- See format details:
+ See format details:
'';
};
};
@@ -192,10 +192,10 @@ let
if config.services.thanos..objstore.config == null then null
else toString (toYAML "objstore.yaml" config.services.thanos..objstore.config);
'';
- description = ''
+ description = lib.mdDoc ''
Path to YAML file that contains object store configuration.
- See format details:
+ See format details:
'';
};
};
@@ -231,7 +231,7 @@ let
type = types.str;
default = "/var/lib/${config.services.prometheus.stateDir}/data";
defaultText = literalExpression ''"/var/lib/''${config.services.prometheus.stateDir}/data"'';
- description = ''
+ description = lib.mdDoc ''
Data directory of TSDB.
'';
};
@@ -660,7 +660,7 @@ in {
type = types.package;
default = pkgs.thanos;
defaultText = literalExpression "pkgs.thanos";
- description = ''
+ description = lib.mdDoc ''
The thanos package that should be used.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/tuptime.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/tuptime.nix
index de80282559a..ffe24c0ef0b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/tuptime.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/tuptime.nix
@@ -16,13 +16,13 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = "Whether to regularly log uptime to detect bad shutdowns.";
+ description = lib.mdDoc "Whether to regularly log uptime to detect bad shutdowns.";
};
period = mkOption {
type = types.str;
default = "*:0/5";
- description = "systemd calendar event";
+ description = lib.mdDoc "systemd calendar event";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/unifi-poller.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/unifi-poller.nix
index cca4a0e7207..a955bf4907f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/unifi-poller.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/unifi-poller.nix
@@ -17,7 +17,7 @@ in {
debug = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Turns on line numbers, microsecond logging, and a per-device log.
This may be noisy if you have a lot of devices. It adds one line per device.
'';
@@ -25,14 +25,14 @@ in {
quiet = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Turns off per-interval logs. Only startup and error logs will be emitted.
'';
};
plugins = mkOption {
type = with types; listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Load additional plugins.
'';
};
@@ -42,21 +42,21 @@ in {
disable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to disable the prometheus ouput plugin.
'';
};
http_listen = mkOption {
type = types.str;
default = "[::]:9130";
- description = ''
+ description = lib.mdDoc ''
Bind the prometheus exporter to this IP or hostname.
'';
};
report_errors = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to report errors.
'';
};
@@ -66,21 +66,21 @@ in {
disable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to disable the influxdb ouput plugin.
'';
};
url = mkOption {
type = types.str;
default = "http://127.0.0.1:8086";
- description = ''
+ description = lib.mdDoc ''
URL of the influxdb host.
'';
};
user = mkOption {
type = types.str;
default = "unifipoller";
- description = ''
+ description = lib.mdDoc ''
Username for the influxdb.
'';
};
@@ -88,7 +88,7 @@ in {
type = types.path;
default = pkgs.writeText "unifi-poller-influxdb-default.password" "unifipoller";
defaultText = literalExpression "unifi-poller-influxdb-default.password";
- description = ''
+ description = lib.mdDoc ''
Path of a file containing the password for influxdb.
This file needs to be readable by the unifi-poller user.
'';
@@ -97,21 +97,21 @@ in {
db = mkOption {
type = types.str;
default = "unifi";
- description = ''
+ description = lib.mdDoc ''
Database name. Database should exist.
'';
};
verify_ssl = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Verify the influxdb's certificate.
'';
};
interval = mkOption {
type = types.str;
default = "30s";
- description = ''
+ description = lib.mdDoc ''
Setting this lower than the Unifi controller's refresh
interval may lead to zeroes in your database.
'';
@@ -122,14 +122,14 @@ in {
url = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
URL of the Loki host.
'';
};
user = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Username for Loki.
'';
};
@@ -137,7 +137,7 @@ in {
type = types.path;
default = pkgs.writeText "unifi-poller-loki-default.password" "";
defaultText = "unifi-poller-influxdb-default.password";
- description = ''
+ description = lib.mdDoc ''
Path of a file containing the password for Loki.
This file needs to be readable by the unifi-poller user.
'';
@@ -146,28 +146,28 @@ in {
verify_ssl = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Verify Loki's certificate.
'';
};
tenant_id = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Tenant ID to use in Loki.
'';
};
interval = mkOption {
type = types.str;
default = "2m";
- description = ''
+ description = lib.mdDoc ''
How often the events are polled and pushed to Loki.
'';
};
timeout = mkOption {
type = types.str;
default = "10s";
- description = ''
+ description = lib.mdDoc ''
Should be increased in case of timeout errors.
'';
};
@@ -178,7 +178,7 @@ in {
user = mkOption {
type = types.str;
default = "unifi";
- description = ''
+ description = lib.mdDoc ''
Unifi service user name.
'';
};
@@ -186,7 +186,7 @@ in {
type = types.path;
default = pkgs.writeText "unifi-poller-unifi-default.password" "unifi";
defaultText = literalExpression "unifi-poller-unifi-default.password";
- description = ''
+ description = lib.mdDoc ''
Path of a file containing the password for the unifi service user.
This file needs to be readable by the unifi-poller user.
'';
@@ -195,14 +195,14 @@ in {
url = mkOption {
type = types.str;
default = "https://unifi:8443";
- description = ''
+ description = lib.mdDoc ''
URL of the Unifi controller.
'';
};
sites = mkOption {
type = with types; either (enum [ "default" "all" ]) (listOf str);
default = "all";
- description = ''
+ description = lib.mdDoc ''
List of site names for which statistics should be exported.
Or the string "default" for the default site or the string "all" for all sites.
'';
@@ -211,35 +211,35 @@ in {
save_ids = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Collect and save data from the intrusion detection system to influxdb and Loki.
'';
};
save_events = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Collect and save data from UniFi events to influxdb and Loki.
'';
};
save_alarms = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Collect and save data from UniFi alarms to influxdb and Loki.
'';
};
save_anomalies = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Collect and save data from UniFi anomalies to influxdb and Loki.
'';
};
save_dpi = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Collect and save data from deep packet inspection.
Adds around 150 data points and impacts performance.
'';
@@ -247,14 +247,14 @@ in {
save_sites = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Collect and save site data.
'';
};
hash_pii = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Hash, with md5, client names and MAC addresses. This attempts
to protect personally identifiable information.
'';
@@ -262,7 +262,7 @@ in {
verify_ssl = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Verify the Unifi controller's certificate.
'';
};
@@ -272,7 +272,7 @@ in {
dynamic = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Let prometheus select which controller to poll when scraping.
Use with default credentials. See unifi-poller wiki for more.
'';
@@ -283,7 +283,7 @@ in {
controllers = mkOption {
type = with types; listOf (submodule { options = controllerOptions; });
default = [];
- description = ''
+ description = lib.mdDoc ''
List of Unifi controllers to poll. Use defaults if empty.
'';
apply = map (flip removeAttrs [ "_module" ]);
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/ups.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/ups.nix
index ae5097c5442..8af2c2a1f25 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/ups.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/ups.nix
@@ -16,7 +16,7 @@ let
# /nix/store/nut/share/driver.list
driver = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specify the program to run to talk to this UPS. apcsmart,
bestups, and sec are some examples.
'';
@@ -24,7 +24,7 @@ let
port = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The serial port to which your UPS is connected. /dev/ttyS0 is
usually the first port on Linux boxes, for example.
'';
@@ -33,7 +33,7 @@ let
shutdownOrder = mkOption {
default = 0;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
When you have multiple UPSes on your system, you usually need to
turn them off in a certain order. upsdrvctl shuts down all the
0s, then the 1s, 2s, and so on. To exclude a UPS from the
@@ -44,7 +44,7 @@ let
maxStartDelay = mkOption {
default = null;
type = types.uniq (types.nullOr types.int);
- description = ''
+ description = lib.mdDoc ''
This can be set as a global variable above your first UPS
definition and it can also be set in a UPS section. This value
controls how long upsdrvctl will wait for the driver to finish
@@ -56,7 +56,7 @@ let
description = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Description of the UPS.
'';
};
@@ -64,7 +64,7 @@ let
directives = mkOption {
default = [];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of configuration directives for this UPS.
'';
};
@@ -72,7 +72,7 @@ let
summary = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Lines which would be added inside ups.conf for handling this UPS.
'';
};
@@ -106,7 +106,7 @@ in
enable = mkOption {
default = false;
type = with types; bool;
- description = ''
+ description = lib.mdDoc ''
Enables support for Power Devices, such as Uninterruptible Power
Supplies, Power Distribution Units and Solar Controllers.
'';
@@ -143,7 +143,7 @@ in
schedulerRules = mkOption {
example = "/etc/nixos/upssched.conf";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
File which contains the rules to handle UPS events.
'';
};
@@ -152,7 +152,7 @@ in
maxStartDelay = mkOption {
default = 45;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
This can be set as a global variable above your first UPS
definition and it can also be set in a UPS section. This value
controls how long upsdrvctl will wait for the driver to finish
@@ -164,7 +164,7 @@ in
ups = mkOption {
default = {};
# see nut/etc/ups.conf.sample
- description = ''
+ description = lib.mdDoc ''
This is where you configure all the UPSes that this system will be
monitoring directly. These are usually attached to serial ports,
but USB devices are also supported.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/uptime.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/uptime.nix
index 79b86be6cc7..24ca7c3763f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/uptime.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/uptime.nix
@@ -26,7 +26,7 @@ let
in {
options.services.uptime = {
configFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
The uptime configuration file
If mongodb: server != localhost, please set usesRemoteMongo = true
@@ -44,7 +44,7 @@ in {
};
usesRemoteMongo = mkOption {
- description = "Whether the configuration file specifies a remote mongo instance";
+ description = lib.mdDoc "Whether the configuration file specifies a remote mongo instance";
default = false;
@@ -59,7 +59,7 @@ in {
};
nodeEnv = mkOption {
- description = "The node environment to run in (development, production, etc.)";
+ description = lib.mdDoc "The node environment to run in (development, production, etc.)";
type = types.str;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-agent.nix
index c48b973f1ef..f2a8adace69 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-agent.nix
@@ -35,7 +35,7 @@ in
type = types.package;
default = pkgs.zabbix.agent;
defaultText = literalExpression "pkgs.zabbix.agent";
- description = "The Zabbix package to use.";
+ description = lib.mdDoc "The Zabbix package to use.";
};
extraPackages = mkOption {
@@ -51,7 +51,7 @@ in
modules = mkOption {
type = types.attrsOf types.package;
- description = "A set of modules to load.";
+ description = lib.mdDoc "A set of modules to load.";
default = {};
example = literalExpression ''
{
@@ -71,7 +71,7 @@ in
server = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The IP address or hostname of the Zabbix server to connect to.
'';
};
@@ -80,7 +80,7 @@ in
ip = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
List of comma delimited IP addresses that the agent should listen on.
'';
};
@@ -88,7 +88,7 @@ in
port = mkOption {
type = types.port;
default = 10050;
- description = ''
+ description = lib.mdDoc ''
Agent will listen on this port for connections from the server.
'';
};
@@ -97,7 +97,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the Zabbix Agent.
'';
};
@@ -105,9 +105,9 @@ in
settings = mkOption {
type = with types; attrsOf (oneOf [ int str (listOf str) ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
Zabbix Agent configuration. Refer to
-
+
for details on supported values.
'';
example = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-proxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-proxy.nix
index 0ebd7bcff83..9cfe1bdaa20 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-proxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-proxy.nix
@@ -42,7 +42,7 @@ in
server = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The IP address or hostname of the Zabbix server to connect to.
'';
};
@@ -54,7 +54,7 @@ in
else if cfg.database.type == "pgsql" then pkgs.zabbix.proxy-pgsql
else pkgs.zabbix.proxy-sqlite;
defaultText = literalExpression "pkgs.zabbix.proxy-pgsql";
- description = "The Zabbix package to use.";
+ description = lib.mdDoc "The Zabbix package to use.";
};
extraPackages = mkOption {
@@ -69,7 +69,7 @@ in
modules = mkOption {
type = types.attrsOf types.package;
- description = "A set of modules to load.";
+ description = lib.mdDoc "A set of modules to load.";
default = {};
example = literalExpression ''
{
@@ -92,13 +92,13 @@ in
type = types.enum [ "mysql" "pgsql" "sqlite" ];
example = "mysql";
default = "pgsql";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
type = types.str;
default = "localhost";
- description = "Database host address.";
+ description = lib.mdDoc "Database host address.";
};
port = mkOption {
@@ -109,29 +109,29 @@ in
then config.${options.services.mysql.port}
else config.${options.services.postgresql.port}
'';
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = mkOption {
type = types.str;
default = if cfg.database.type == "sqlite" then "${stateDir}/zabbix.db" else "zabbix";
defaultText = literalExpression "zabbix";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = mkOption {
type = types.str;
default = "zabbix";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/zabbix-dbpassword";
- description = ''
+ description = lib.mdDoc ''
A file containing the password corresponding to
- .
+ {option}`database.user`.
'';
};
@@ -139,13 +139,13 @@ in
type = types.nullOr types.path;
default = null;
example = "/run/postgresql";
- description = "Path to the unix socket file to use for authentication.";
+ description = lib.mdDoc "Path to the unix socket file to use for authentication.";
};
createLocally = mkOption {
type = types.bool;
default = true;
- description = "Whether to create a local database automatically.";
+ description = lib.mdDoc "Whether to create a local database automatically.";
};
};
@@ -153,7 +153,7 @@ in
ip = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
List of comma delimited IP addresses that the trapper should listen on.
Trapper will listen on all network interfaces if this parameter is missing.
'';
@@ -162,7 +162,7 @@ in
port = mkOption {
type = types.port;
default = 10051;
- description = ''
+ description = lib.mdDoc ''
Listen port for trapper.
'';
};
@@ -171,7 +171,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the Zabbix Proxy.
'';
};
@@ -179,9 +179,9 @@ in
settings = mkOption {
type = with types; attrsOf (oneOf [ int str (listOf str) ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
Zabbix Proxy configuration. Refer to
-
+
for details on supported values.
'';
example = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-server.nix
index 9f960517a81..566ec4ab2f6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/monitoring/zabbix-server.nix
@@ -46,7 +46,7 @@ in
type = types.package;
default = if cfg.database.type == "mysql" then pkgs.zabbix.server-mysql else pkgs.zabbix.server-pgsql;
defaultText = literalExpression "pkgs.zabbix.server-pgsql";
- description = "The Zabbix package to use.";
+ description = lib.mdDoc "The Zabbix package to use.";
};
extraPackages = mkOption {
@@ -61,7 +61,7 @@ in
modules = mkOption {
type = types.attrsOf types.package;
- description = "A set of modules to load.";
+ description = lib.mdDoc "A set of modules to load.";
default = {};
example = literalExpression ''
{
@@ -84,13 +84,13 @@ in
type = types.enum [ "mysql" "pgsql" ];
example = "mysql";
default = "pgsql";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
type = types.str;
default = "localhost";
- description = "Database host address.";
+ description = lib.mdDoc "Database host address.";
};
port = mkOption {
@@ -101,28 +101,28 @@ in
then config.${options.services.mysql.port}
else config.${options.services.postgresql.port}
'';
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = mkOption {
type = types.str;
default = "zabbix";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = mkOption {
type = types.str;
default = "zabbix";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/zabbix-dbpassword";
- description = ''
+ description = lib.mdDoc ''
A file containing the password corresponding to
- .
+ {option}`database.user`.
'';
};
@@ -130,13 +130,13 @@ in
type = types.nullOr types.path;
default = null;
example = "/run/postgresql";
- description = "Path to the unix socket file to use for authentication.";
+ description = lib.mdDoc "Path to the unix socket file to use for authentication.";
};
createLocally = mkOption {
type = types.bool;
default = true;
- description = "Whether to create a local database automatically.";
+ description = lib.mdDoc "Whether to create a local database automatically.";
};
};
@@ -144,7 +144,7 @@ in
ip = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
List of comma delimited IP addresses that the trapper should listen on.
Trapper will listen on all network interfaces if this parameter is missing.
'';
@@ -153,7 +153,7 @@ in
port = mkOption {
type = types.port;
default = 10051;
- description = ''
+ description = lib.mdDoc ''
Listen port for trapper.
'';
};
@@ -162,7 +162,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the Zabbix Server.
'';
};
@@ -170,9 +170,9 @@ in
settings = mkOption {
type = with types; attrsOf (oneOf [ int str (listOf str) ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
Zabbix Server configuration. Refer to
-
+
for details on supported values.
'';
example = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/cachefilesd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/cachefilesd.nix
index 229c9665419..da5a79a062c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/cachefilesd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/cachefilesd.nix
@@ -20,20 +20,20 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable cachefilesd network filesystems caching daemon.";
+ description = lib.mdDoc "Whether to enable cachefilesd network filesystems caching daemon.";
};
cacheDir = mkOption {
type = types.str;
default = "/var/cache/fscache";
- description = "Directory to contain filesystem cache.";
+ description = lib.mdDoc "Directory to contain filesystem cache.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
example = "brun 10%";
- description = "Additional configuration file entries. See cachefilesd.conf(5) for more information.";
+ description = lib.mdDoc "Additional configuration file entries. See cachefilesd.conf(5) for more information.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/ceph.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/ceph.nix
index 7a1444decaf..2437aba86e4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/ceph.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/ceph.nix
@@ -80,7 +80,7 @@ in
example = ''
433a2193-4f8a-47a0-95d2-209d7ca2cca5
'';
- description = ''
+ description = lib.mdDoc ''
Filesystem ID, a generated uuid, its must be generated and set before
attempting to start a cluster
'';
@@ -89,7 +89,7 @@ in
clusterName = mkOption {
type = types.str;
default = "ceph";
- description = ''
+ description = lib.mdDoc ''
Name of cluster
'';
};
@@ -98,7 +98,7 @@ in
type = types.path;
default = "${pkgs.ceph.lib}/lib/ceph/mgr";
defaultText = literalExpression ''"''${pkgs.ceph.lib}/lib/ceph/mgr"'';
- description = ''
+ description = lib.mdDoc ''
Path at which to find ceph-mgr modules.
'';
};
@@ -109,7 +109,7 @@ in
example = ''
node0, node1, node2
'';
- description = ''
+ description = lib.mdDoc ''
List of hosts that will be used as monitors at startup.
'';
};
@@ -120,7 +120,7 @@ in
example = ''
10.10.0.1, 10.10.0.2, 10.10.0.3
'';
- description = ''
+ description = lib.mdDoc ''
List of hostname shortnames/IP addresses of the initial monitors.
'';
};
@@ -128,7 +128,7 @@ in
maxOpenFiles = mkOption {
type = types.int;
default = 131072;
- description = ''
+ description = lib.mdDoc ''
Max open files for each OSD daemon.
'';
};
@@ -136,7 +136,7 @@ in
authClusterRequired = mkOption {
type = types.enum [ "cephx" "none" ];
default = "cephx";
- description = ''
+ description = lib.mdDoc ''
Enables requiring daemons to authenticate with eachother in the cluster.
'';
};
@@ -144,7 +144,7 @@ in
authServiceRequired = mkOption {
type = types.enum [ "cephx" "none" ];
default = "cephx";
- description = ''
+ description = lib.mdDoc ''
Enables requiring clients to authenticate with the cluster to access services in the cluster (e.g. radosgw, mds or osd).
'';
};
@@ -152,7 +152,7 @@ in
authClientRequired = mkOption {
type = types.enum [ "cephx" "none" ];
default = "cephx";
- description = ''
+ description = lib.mdDoc ''
Enables requiring the cluster to authenticate itself to the client.
'';
};
@@ -163,7 +163,7 @@ in
example = ''
10.20.0.0/24, 192.168.1.0/24
'';
- description = ''
+ description = lib.mdDoc ''
A comma-separated list of subnets that will be used as public networks in the cluster.
'';
};
@@ -174,7 +174,7 @@ in
example = ''
10.10.0.0/24, 192.168.0.0/24
'';
- description = ''
+ description = lib.mdDoc ''
A comma-separated list of subnets that will be used as cluster networks in the cluster.
'';
};
@@ -183,7 +183,7 @@ in
type = with types; nullOr path;
default = "${pkgs.mailcap}/etc/mime.types";
defaultText = literalExpression ''"''${pkgs.mailcap}/etc/mime.types"'';
- description = ''
+ description = lib.mdDoc ''
Path to mime types used by radosgw.
'';
};
@@ -195,7 +195,7 @@ in
example = {
"ms bind ipv6" = "true";
};
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add to the global section. Use for setting values that are common for all daemons in the cluster.
'';
};
@@ -206,7 +206,7 @@ in
type = with types; listOf str;
default = [];
example = [ "name1" "name2" ];
- description = ''
+ description = lib.mdDoc ''
A list of names for manager daemons that should have a service created. The names correspond
to the id part in ceph i.e. [ "name1" ] would result in mgr.name1
'';
@@ -214,7 +214,7 @@ in
extraConfig = mkOption {
type = with types; attrsOf str;
default = {};
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add to the global section for manager daemons.
'';
};
@@ -226,7 +226,7 @@ in
type = with types; listOf str;
default = [];
example = [ "name1" "name2" ];
- description = ''
+ description = lib.mdDoc ''
A list of monitor daemons that should have a service created. The names correspond
to the id part in ceph i.e. [ "name1" ] would result in mon.name1
'';
@@ -234,7 +234,7 @@ in
extraConfig = mkOption {
type = with types; attrsOf str;
default = {};
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add to the monitor section.
'';
};
@@ -246,7 +246,7 @@ in
type = with types; listOf str;
default = [];
example = [ "name1" "name2" ];
- description = ''
+ description = lib.mdDoc ''
A list of OSD daemons that should have a service created. The names correspond
to the id part in ceph i.e. [ "name1" ] would result in osd.name1
'';
@@ -262,7 +262,7 @@ in
"osd pool default pgp num" = "200";
"osd crush chooseleaf type" = "1";
};
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add to the OSD section.
'';
};
@@ -274,7 +274,7 @@ in
type = with types; listOf str;
default = [];
example = [ "name1" "name2" ];
- description = ''
+ description = lib.mdDoc ''
A list of metadata service daemons that should have a service created. The names correspond
to the id part in ceph i.e. [ "name1" ] would result in mds.name1
'';
@@ -282,7 +282,7 @@ in
extraConfig = mkOption {
type = with types; attrsOf str;
default = {};
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add to the MDS section.
'';
};
@@ -294,7 +294,7 @@ in
type = with types; listOf str;
default = [];
example = [ "name1" "name2" ];
- description = ''
+ description = lib.mdDoc ''
A list of rados gateway daemons that should have a service created. The names correspond
to the id part in ceph i.e. [ "name1" ] would result in client.name1, radosgw daemons
aren't daemons to cluster in the sense that OSD, MGR or MON daemons are. They are simply
@@ -315,7 +315,7 @@ in
"client.radosgw.node0" = { "some config option" = "true"; };
};
'';
- description = ''
+ description = lib.mdDoc ''
Extra configuration to add to the client section. Configuration for rados gateways
would be added here, with their own sections, see example.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/davfs2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/davfs2.nix
index 8cf314fe63a..8024cfba08b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/davfs2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/davfs2.nix
@@ -15,7 +15,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable davfs2.
'';
};
@@ -23,7 +23,7 @@ in
davUser = mkOption {
type = types.str;
default = "davfs2";
- description = ''
+ description = lib.mdDoc ''
When invoked by root the mount.davfs daemon will run as this user.
Value must be given as name, not as numerical id.
'';
@@ -32,7 +32,7 @@ in
davGroup = mkOption {
type = types.str;
default = "davfs2";
- description = ''
+ description = lib.mdDoc ''
The group of the running mount.davfs daemon. Ordinary users must be
member of this group in order to mount a davfs2 file system. Value must
be given as name, not as numerical id.
@@ -47,7 +47,7 @@ in
proxy foo.bar:8080
use_locks 0
'';
- description = ''
+ description = lib.mdDoc ''
Extra lines appended to the configuration of davfs2.
'' ;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/diod.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/diod.nix
index 063bae6ddb1..541b4ffd6b4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/diod.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/diod.nix
@@ -26,13 +26,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the diod 9P file server.";
+ description = lib.mdDoc "Whether to enable the diod 9P file server.";
};
listen = mkOption {
type = types.listOf types.str;
default = [ "0.0.0.0:564" ];
- description = ''
+ description = lib.mdDoc ''
[ "IP:PORT" [,"IP:PORT",...] ]
List the interfaces and ports that diod should listen on.
'';
@@ -41,7 +41,7 @@ in
exports = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List the file systems that clients will be allowed to mount. All paths should
be fully qualified. The exports table can include two types of element:
a string element (as above),
@@ -57,7 +57,7 @@ in
exportall = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Export all file systems listed in /proc/mounts. If new file systems are mounted
after diod has started, they will become immediately mountable. If there is a
duplicate entry for a file system in the exports list, any options listed in
@@ -68,7 +68,7 @@ in
exportopts = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Establish a default set of export options. These are overridden, not appended
to, by opts attributes in an "exports" entry.
'';
@@ -77,7 +77,7 @@ in
nwthreads = mkOption {
type = types.int;
default = 16;
- description = ''
+ description = lib.mdDoc ''
Sets the (fixed) number of worker threads created to handle 9P
requests for a unique aname.
'';
@@ -86,7 +86,7 @@ in
authRequired = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow clients to connect without authentication, i.e. without a valid MUNGE credential.
'';
};
@@ -94,7 +94,7 @@ in
userdb = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
This option disables password/group lookups. It allows any uid to attach and
assumes gid=uid, and supplementary groups contain only the primary gid.
'';
@@ -103,7 +103,7 @@ in
allsquash = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Remap all users to "nobody". The attaching user need not be present in the
password file.
'';
@@ -112,7 +112,7 @@ in
squashuser = mkOption {
type = types.str;
default = "nobody";
- description = ''
+ description = lib.mdDoc ''
Change the squash user. The squash user must be present in the password file.
'';
};
@@ -120,7 +120,7 @@ in
logdest = mkOption {
type = types.str;
default = "syslog:daemon:err";
- description = ''
+ description = lib.mdDoc ''
Set the destination for logging.
The value has the form of "syslog:facility:level" or "filename".
'';
@@ -130,7 +130,7 @@ in
statfsPassthru = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
This option configures statfs to return the host file system's type
rather than V9FS_MAGIC.
'';
@@ -139,7 +139,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Extra configuration options for diod.conf.";
+ description = lib.mdDoc "Extra configuration options for diod.conf.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/drbd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/drbd.nix
index c730e0b34e9..e74ed391d48 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/drbd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/drbd.nix
@@ -15,7 +15,7 @@ let cfg = config.services.drbd; in
services.drbd.enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable support for DRBD, the Distributed Replicated
Block Device.
'';
@@ -24,8 +24,8 @@ let cfg = config.services.drbd; in
services.drbd.config = mkOption {
default = "";
type = types.lines;
- description = ''
- Contents of the drbd.conf configuration file.
+ description = lib.mdDoc ''
+ Contents of the {file}`drbd.conf` configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/glusterfs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/glusterfs.nix
index 38be098de5d..99aa26feb6f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/glusterfs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/glusterfs.nix
@@ -37,13 +37,13 @@ in
logLevel = mkOption {
type = types.enum ["DEBUG" "INFO" "WARNING" "ERROR" "CRITICAL" "TRACE" "NONE"];
- description = "Log level used by the GlusterFS daemon";
+ description = lib.mdDoc "Log level used by the GlusterFS daemon";
default = "INFO";
};
useRpcbind = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable use of rpcbind. This is required for Gluster's NFS functionality.
You may want to turn it off to reduce the attack surface for DDoS reflection attacks.
@@ -56,13 +56,13 @@ in
enableGlustereventsd = mkOption {
type = types.bool;
- description = "Whether to enable the GlusterFS Events Daemon";
+ description = lib.mdDoc "Whether to enable the GlusterFS Events Daemon";
default = true;
};
killMode = mkOption {
type = types.enum ["control-group" "process" "mixed" "none"];
- description = ''
+ description = lib.mdDoc ''
The systemd KillMode to use for glusterd.
glusterd spawns other daemons like gsyncd.
@@ -79,7 +79,7 @@ in
stopKillTimeout = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The systemd TimeoutStopSec to use.
After this time after having been asked to shut down, glusterd
@@ -94,17 +94,17 @@ in
extraFlags = mkOption {
type = types.listOf types.str;
- description = "Extra flags passed to the GlusterFS daemon";
+ description = lib.mdDoc "Extra flags passed to the GlusterFS daemon";
default = [];
};
tlsSettings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Make the server communicate via TLS.
This means it will only connect to other gluster
servers having certificates signed by the same CA.
- Enabling this will create a file /var/lib/glusterd/secure-access.
+ Enabling this will create a file {file}`/var/lib/glusterd/secure-access`.
Disabling will delete this file again.
See also: https://gluster.readthedocs.io/en/latest/Administrator%20Guide/SSL/
@@ -114,17 +114,17 @@ in
options = {
tlsKeyPath = mkOption {
type = types.str;
- description = "Path to the private key used for TLS.";
+ description = lib.mdDoc "Path to the private key used for TLS.";
};
tlsPem = mkOption {
type = types.path;
- description = "Path to the certificate used for TLS.";
+ description = lib.mdDoc "Path to the certificate used for TLS.";
};
caCert = mkOption {
type = types.path;
- description = "Path certificate authority used to sign the cluster certificates.";
+ description = lib.mdDoc "Path certificate authority used to sign the cluster certificates.";
};
};
});
@@ -159,9 +159,10 @@ in
install -m 0755 -d /var/log/glusterfs
''
# The copying of hooks is due to upstream bug https://bugzilla.redhat.com/show_bug.cgi?id=1452761
+ # Excludes one hook due to missing SELinux binaries.
+ ''
mkdir -p /var/lib/glusterd/hooks/
- ${rsync}/bin/rsync -a ${glusterfs}/var/lib/glusterd/hooks/ /var/lib/glusterd/hooks/
+ ${rsync}/bin/rsync -a --exclude="S10selinux-label-brick.sh" ${glusterfs}/var/lib/glusterd/hooks/ /var/lib/glusterd/hooks/
${tlsCmd}
''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/ipfs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/ipfs.nix
index b7e6a787cfb..af4b725bf21 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/ipfs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/ipfs.nix
@@ -58,19 +58,19 @@ in
type = types.package;
default = pkgs.ipfs;
defaultText = literalExpression "pkgs.ipfs";
- description = "Which IPFS package to use.";
+ description = lib.mdDoc "Which IPFS package to use.";
};
user = mkOption {
type = types.str;
default = "ipfs";
- description = "User under which the IPFS daemon runs";
+ description = lib.mdDoc "User under which the IPFS daemon runs";
};
group = mkOption {
type = types.str;
default = "ipfs";
- description = "Group under which the IPFS daemon runs";
+ description = lib.mdDoc "Group under which the IPFS daemon runs";
};
dataDir = mkOption {
@@ -84,49 +84,49 @@ in
then "/var/lib/ipfs"
else "/var/lib/ipfs/.ipfs"
'';
- description = "The data dir for IPFS";
+ description = lib.mdDoc "The data dir for IPFS";
};
defaultMode = mkOption {
type = types.enum [ "online" "offline" "norouting" ];
default = "online";
- description = "systemd service that is enabled by default";
+ description = lib.mdDoc "systemd service that is enabled by default";
};
autoMount = mkOption {
type = types.bool;
default = false;
- description = "Whether IPFS should try to mount /ipfs and /ipns at startup.";
+ description = lib.mdDoc "Whether IPFS should try to mount /ipfs and /ipns at startup.";
};
autoMigrate = mkOption {
type = types.bool;
default = true;
- description = "Whether IPFS should try to run the fs-repo-migration at startup.";
+ description = lib.mdDoc "Whether IPFS should try to run the fs-repo-migration at startup.";
};
ipfsMountDir = mkOption {
type = types.str;
default = "/ipfs";
- description = "Where to mount the IPFS namespace to";
+ description = lib.mdDoc "Where to mount the IPFS namespace to";
};
ipnsMountDir = mkOption {
type = types.str;
default = "/ipns";
- description = "Where to mount the IPNS namespace to";
+ description = lib.mdDoc "Where to mount the IPNS namespace to";
};
gatewayAddress = mkOption {
type = types.str;
default = "/ip4/127.0.0.1/tcp/8080";
- description = "Where the IPFS Gateway can be reached";
+ description = lib.mdDoc "Where the IPFS Gateway can be reached";
};
apiAddress = mkOption {
type = types.str;
default = "/ip4/127.0.0.1/tcp/5001";
- description = "Where IPFS exposes its API to";
+ description = lib.mdDoc "Where IPFS exposes its API to";
};
swarmAddress = mkOption {
@@ -137,25 +137,25 @@ in
"/ip4/0.0.0.0/udp/4001/quic"
"/ip6/::/udp/4001/quic"
];
- description = "Where IPFS listens for incoming p2p connections";
+ description = lib.mdDoc "Where IPFS listens for incoming p2p connections";
};
enableGC = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable automatic garbage collection";
+ description = lib.mdDoc "Whether to enable automatic garbage collection";
};
emptyRepo = mkOption {
type = types.bool;
default = false;
- description = "If set to true, the repo won't be initialized with help files";
+ description = lib.mdDoc "If set to true, the repo won't be initialized with help files";
};
extraConfig = mkOption {
type = types.attrs;
- description = ''
- Attrset of daemon configuration to set using ipfs config, every time the daemon starts.
+ description = lib.mdDoc ''
+ Attrset of daemon configuration to set using {command}`ipfs config`, every time the daemon starts.
These are applied last, so may override configuration set by other options in this module.
Keep in mind that this configuration is stateful; i.e., unsetting anything in here does not reset the value to the default!
'';
@@ -174,13 +174,13 @@ in
extraFlags = mkOption {
type = types.listOf types.str;
- description = "Extra flags passed to the IPFS daemon";
+ description = lib.mdDoc "Extra flags passed to the IPFS daemon";
default = [ ];
};
localDiscovery = mkOption {
type = types.bool;
- description = ''Whether to enable local discovery for the ipfs daemon.
+ description = lib.mdDoc ''Whether to enable local discovery for the ipfs daemon.
This will allow ipfs to scan ports on your local network. Some hosting services will ban you if you do this.
'';
default = false;
@@ -189,14 +189,14 @@ in
serviceFdlimit = mkOption {
type = types.nullOr types.int;
default = null;
- description = "The fdlimit for the IPFS systemd unit or null to have the daemon attempt to manage it";
+ description = lib.mdDoc "The fdlimit for the IPFS systemd unit or `null` to have the daemon attempt to manage it";
example = 64 * 1024;
};
startWhenNeeded = mkOption {
type = types.bool;
default = false;
- description = "Whether to use socket activation to start IPFS when needed.";
+ description = lib.mdDoc "Whether to use socket activation to start IPFS when needed.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/kbfs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/kbfs.nix
index a43ac656f66..33ff283d5e8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/kbfs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/kbfs.nix
@@ -15,15 +15,15 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to mount the Keybase filesystem.";
+ description = lib.mdDoc "Whether to mount the Keybase filesystem.";
};
enableRedirector = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Keybase root redirector service, allowing
- any user to access KBFS files via /keybase,
+ any user to access KBFS files via `/keybase`,
which will show different contents depending on the requester.
'';
};
@@ -32,7 +32,7 @@ in {
type = types.str;
default = "%h/keybase";
example = "/keybase";
- description = "Mountpoint for the Keybase filesystem.";
+ description = lib.mdDoc "Mountpoint for the Keybase filesystem.";
};
extraFlags = mkOption {
@@ -42,7 +42,7 @@ in {
"-label kbfs"
"-mount-type normal"
];
- description = ''
+ description = lib.mdDoc ''
Additional flags to pass to the Keybase filesystem on launch.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/litestream/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/litestream/default.nix
index 51eb920d778..25744b91964 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/litestream/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/litestream/default.nix
@@ -11,15 +11,15 @@ in
enable = mkEnableOption "litestream";
package = mkOption {
- description = "Package to use.";
+ description = lib.mdDoc "Package to use.";
default = pkgs.litestream;
defaultText = literalExpression "pkgs.litestream";
type = types.package;
};
settings = mkOption {
- description = ''
- See the documentation.
+ description = lib.mdDoc ''
+ See the [documentation](https://litestream.io/reference/config/).
'';
type = settingsFormat.type;
example = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/moosefs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/moosefs.nix
index 88b2ada37e7..6ad4b37761a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/moosefs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/moosefs.nix
@@ -75,14 +75,14 @@ in {
masterHost = mkOption {
type = types.str;
default = null;
- description = "IP or DNS name of master host.";
+ description = lib.mdDoc "IP or DNS name of master host.";
};
runAsUser = mkOption {
type = types.bool;
default = true;
example = true;
- description = "Run daemons as user moosefs instead of root.";
+ description = lib.mdDoc "Run daemons as user moosefs instead of root.";
};
client.enable = mkEnableOption "Moosefs client.";
@@ -90,11 +90,11 @@ in {
master = {
enable = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable Moosefs master daemon.
- You need to run mfsmaster-init on a freshly installed master server to
- initialize the DATA_PATH direcory.
+ You need to run `mfsmaster-init` on a freshly installed master server to
+ initialize the `DATA_PATH` direcory.
'';
default = false;
};
@@ -102,7 +102,7 @@ in {
exports = mkOption {
type = with types; listOf str;
default = null;
- description = "Paths to export (see mfsexports.cfg).";
+ description = lib.mdDoc "Paths to export (see mfsexports.cfg).";
example = [
"* / rw,alldirs,admin,maproot=0:0"
"* . rw"
@@ -111,7 +111,7 @@ in {
openFirewall = mkOption {
type = types.bool;
- description = "Whether to automatically open the necessary ports in the firewall.";
+ description = lib.mdDoc "Whether to automatically open the necessary ports in the firewall.";
default = false;
};
@@ -122,11 +122,11 @@ in {
options.DATA_PATH = mkOption {
type = types.str;
default = "/var/lib/mfs";
- description = "Data storage directory.";
+ description = lib.mdDoc "Data storage directory.";
};
};
- description = "Contents of config file (mfsmaster.cfg).";
+ description = lib.mdDoc "Contents of config file (mfsmaster.cfg).";
};
};
@@ -140,11 +140,11 @@ in {
options.DATA_PATH = mkOption {
type = types.str;
default = "/var/lib/mfs";
- description = "Data storage directory";
+ description = lib.mdDoc "Data storage directory";
};
};
- description = "Contents of metalogger config file (mfsmetalogger.cfg).";
+ description = lib.mdDoc "Contents of metalogger config file (mfsmetalogger.cfg).";
};
};
@@ -153,14 +153,14 @@ in {
openFirewall = mkOption {
type = types.bool;
- description = "Whether to automatically open the necessary ports in the firewall.";
+ description = lib.mdDoc "Whether to automatically open the necessary ports in the firewall.";
default = false;
};
hdds = mkOption {
type = with types; listOf str;
default = null;
- description = "Mount points to be used by chunkserver for storage (see mfshdd.cfg).";
+ description = lib.mdDoc "Mount points to be used by chunkserver for storage (see mfshdd.cfg).";
example = [ "/mnt/hdd1" ];
};
@@ -171,11 +171,11 @@ in {
options.DATA_PATH = mkOption {
type = types.str;
default = "/var/lib/mfs";
- description = "Directory for lock file.";
+ description = lib.mdDoc "Directory for lock file.";
};
};
- description = "Contents of chunkserver config file (mfschunkserver.cfg).";
+ description = lib.mdDoc "Contents of chunkserver config file (mfschunkserver.cfg).";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/netatalk.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/netatalk.nix
index 06a36eb30c2..e870056e1d1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/netatalk.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/netatalk.nix
@@ -15,7 +15,7 @@ in {
port = mkOption {
type = types.port;
default = 548;
- description = "TCP port to be used for AFP.";
+ description = lib.mdDoc "TCP port to be used for AFP.";
};
settings = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/nfsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/nfsd.nix
index 1b62bfa8203..22c7c8790c2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/nfsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/nfsd.nix
@@ -26,7 +26,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the kernel's NFS server.
'';
};
@@ -34,7 +34,7 @@ in
extraNfsdConfig = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration options for the [nfsd] section of /etc/nfs.conf.
'';
};
@@ -63,7 +63,7 @@ in
nproc = mkOption {
type = types.int;
default = 8;
- description = ''
+ description = lib.mdDoc ''
Number of NFS server threads. Defaults to the recommended value of 8.
'';
};
@@ -71,14 +71,14 @@ in
createMountPoints = mkOption {
type = types.bool;
default = false;
- description = "Whether to create the mount points in the exports file at startup time.";
+ description = lib.mdDoc "Whether to create the mount points in the exports file at startup time.";
};
mountdPort = mkOption {
type = types.nullOr types.int;
default = null;
example = 4002;
- description = ''
+ description = lib.mdDoc ''
Use fixed port for rpc.mountd, useful if server is behind firewall.
'';
};
@@ -87,9 +87,9 @@ in
type = types.nullOr types.int;
default = null;
example = 4001;
- description = ''
+ description = lib.mdDoc ''
Use a fixed port for the NFS lock manager kernel module
- (lockd/nlockmgr). This is useful if the
+ (`lockd/nlockmgr`). This is useful if the
NFS server is behind a firewall.
'';
};
@@ -98,8 +98,8 @@ in
type = types.nullOr types.int;
default = null;
example = 4000;
- description = ''
- Use a fixed port for rpc.statd. This is
+ description = lib.mdDoc ''
+ Use a fixed port for {command}`rpc.statd`. This is
useful if the NFS server is behind a firewall.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/orangefs/client.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/orangefs/client.nix
index 36ea5af2168..26cc0e169ae 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/orangefs/client.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/orangefs/client.nix
@@ -15,13 +15,13 @@ in {
extraOptions = mkOption {
type = with types; listOf str;
default = [];
- description = "Extra command line options for pvfs2-client.";
+ description = lib.mdDoc "Extra command line options for pvfs2-client.";
};
fileSystems = mkOption {
- description = ''
+ description = lib.mdDoc ''
The orangefs file systems to be mounted.
- This option is prefered over using directly since
+ This option is prefered over using {option}`fileSystems` directly since
the pvfs client service needs to be running for it to be mounted.
'';
@@ -36,19 +36,19 @@ in {
mountPoint = mkOption {
type = types.str;
default = "/orangefs";
- description = "Mount point.";
+ description = lib.mdDoc "Mount point.";
};
options = mkOption {
type = with types; listOf str;
default = [];
- description = "Mount options";
+ description = lib.mdDoc "Mount options";
};
target = mkOption {
type = types.str;
example = "tcp://server:3334/orangefs";
- description = "Target URL";
+ description = lib.mdDoc "Target URL";
};
};
}));
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/orangefs/server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/orangefs/server.nix
index 621c2fe8f78..3bc3325e186 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/orangefs/server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/orangefs/server.nix
@@ -79,40 +79,40 @@ in {
logType = mkOption {
type = with types; enum [ "file" "syslog" ];
default = "syslog";
- description = "Destination for log messages.";
+ description = lib.mdDoc "Destination for log messages.";
};
dataStorageSpace = mkOption {
type = types.nullOr types.str;
default = null;
example = "/data/storage";
- description = "Directory for data storage.";
+ description = lib.mdDoc "Directory for data storage.";
};
metadataStorageSpace = mkOption {
type = types.nullOr types.str;
default = null;
example = "/data/meta";
- description = "Directory for meta data storage.";
+ description = lib.mdDoc "Directory for meta data storage.";
};
BMIModules = mkOption {
type = with types; listOf str;
default = [ "bmi_tcp" ];
example = [ "bmi_tcp" "bmi_ib"];
- description = "List of BMI modules to load.";
+ description = lib.mdDoc "List of BMI modules to load.";
};
extraDefaults = mkOption {
type = types.lines;
default = "";
- description = "Extra config for <Defaults> section.";
+ description = lib.mdDoc "Extra config for `` section.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Extra config for the global section.";
+ description = lib.mdDoc "Extra config for the global section.";
};
servers = mkOption {
@@ -122,12 +122,12 @@ in {
node1 = "tcp://node1:3334";
node2 = "tcp://node2:3334";
};
- description = "URLs for storage server including port. The attribute names define the server alias.";
+ description = lib.mdDoc "URLs for storage server including port. The attribute names define the server alias.";
};
fileSystems = mkOption {
- description = ''
- These options will create the <FileSystem> sections of config file.
+ description = lib.mdDoc ''
+ These options will create the `` sections of config file.
'';
default = { orangefs = {}; };
example = literalExpression ''
@@ -146,37 +146,37 @@ in {
id = mkOption {
type = types.int;
default = 1;
- description = "File system ID (must be unique within configuration).";
+ description = lib.mdDoc "File system ID (must be unique within configuration).";
};
rootHandle = mkOption {
type = types.int;
default = 3;
- description = "File system root ID.";
+ description = lib.mdDoc "File system root ID.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Extra config for <FileSystem> section.";
+ description = lib.mdDoc "Extra config for `` section.";
};
troveSyncMeta = mkOption {
type = types.bool;
default = true;
- description = "Sync meta data.";
+ description = lib.mdDoc "Sync meta data.";
};
troveSyncData = mkOption {
type = types.bool;
default = false;
- description = "Sync data.";
+ description = lib.mdDoc "Sync data.";
};
extraStorageHints = mkOption {
type = types.lines;
default = "";
- description = "Extra config for <StorageHints> section.";
+ description = lib.mdDoc "Extra config for `` section.";
};
};
}));
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/rsyncd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/rsyncd.nix
index e72f9b54cd6..ab24ebfee27 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/rsyncd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/rsyncd.nix
@@ -15,7 +15,7 @@ in {
port = mkOption {
default = 873;
type = types.port;
- description = "TCP port the daemon will listen on.";
+ description = lib.mdDoc "TCP port the daemon will listen on.";
};
settings = mkOption {
@@ -50,7 +50,7 @@ in {
default = false;
type = types.bool;
description =
- "If enabled Rsync will be socket-activated rather than run persistently.";
+ lib.mdDoc "If enabled Rsync will be socket-activated rather than run persistently.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/samba-wsdd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/samba-wsdd.nix
index 800ef448d37..38980593e76 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/samba-wsdd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/samba-wsdd.nix
@@ -23,46 +23,46 @@ in {
type = types.nullOr types.str;
default = null;
example = "eth0";
- description = "Interface or address to use.";
+ description = lib.mdDoc "Interface or address to use.";
};
hoplimit = mkOption {
type = types.nullOr types.int;
default = null;
example = 2;
- description = "Hop limit for multicast packets (default = 1).";
+ description = lib.mdDoc "Hop limit for multicast packets (default = 1).";
};
workgroup = mkOption {
type = types.nullOr types.str;
default = null;
example = "HOME";
- description = "Set workgroup name (default WORKGROUP).";
+ description = lib.mdDoc "Set workgroup name (default WORKGROUP).";
};
hostname = mkOption {
type = types.nullOr types.str;
default = null;
example = "FILESERVER";
- description = "Override (NetBIOS) hostname to be used (default hostname).";
+ description = lib.mdDoc "Override (NetBIOS) hostname to be used (default hostname).";
};
domain = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Set domain name (disables workgroup).";
+ description = lib.mdDoc "Set domain name (disables workgroup).";
};
discovery = mkOption {
type = types.bool;
default = false;
- description = "Enable discovery operation mode.";
+ description = lib.mdDoc "Enable discovery operation mode.";
};
listen = mkOption {
type = types.str;
default = "/run/wsdd/wsdd.sock";
- description = "Listen on path or localhost port in discovery mode.";
+ description = lib.mdDoc "Listen on path or localhost port in discovery mode.";
};
extraOptions = mkOption {
type = types.listOf types.str;
default = [ "--shortlog" ];
example = [ "--verbose" "--no-http" "--ipv4only" "--no-host" ];
- description = "Additional wsdd options.";
+ description = lib.mdDoc "Additional wsdd options.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/samba.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/samba.nix
index 992f948e8cd..7a07b043859 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/samba.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/samba.nix
@@ -96,7 +96,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically open the necessary ports in the firewall.
'';
};
@@ -104,7 +104,7 @@ in
enableNmbd = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Samba's nmbd, which replies to NetBIOS over IP name
service requests. It also participates in the browsing protocols
which make up the Windows "Network Neighborhood" view.
@@ -114,7 +114,7 @@ in
enableWinbindd = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Samba's winbindd, which provides a number of services
to the Name Service Switch capability found in most modern C libraries,
to arbitrary applications via PAM and ntlm_auth and to Samba itself.
@@ -126,7 +126,7 @@ in
default = pkgs.samba;
defaultText = literalExpression "pkgs.samba";
example = literalExpression "pkgs.samba4Full";
- description = ''
+ description = lib.mdDoc ''
Defines which package should be used for the samba server.
'';
};
@@ -134,7 +134,7 @@ in
invalidUsers = mkOption {
type = types.listOf types.str;
default = [ "root" ];
- description = ''
+ description = lib.mdDoc ''
List of users who are denied to login via Samba.
'';
};
@@ -142,7 +142,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Additional global section and extra section lines go in here.
'';
example = ''
@@ -154,7 +154,7 @@ in
configText = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Verbatim contents of smb.conf. If null (default), use the
autogenerated file from NixOS instead.
'';
@@ -163,13 +163,13 @@ in
securityType = mkOption {
type = types.str;
default = "user";
- description = "Samba security type";
+ description = lib.mdDoc "Samba security type";
};
nsswins = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the WINS NSS (Name Service Switch) plug-in.
Enabling it allows applications to resolve WINS/NetBIOS names (a.k.a.
Windows machine names) by transparently querying the winbindd daemon.
@@ -178,9 +178,9 @@ in
shares = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
A set describing shared resources.
- See man smb.conf for options.
+ See {command}`man smb.conf` for options.
'';
type = types.attrsOf (types.attrsOf types.unspecified);
example = literalExpression ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/tahoe.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/tahoe.nix
index 5426463dffa..a816b5757f7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/tahoe.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/tahoe.nix
@@ -12,21 +12,21 @@ in
options = {
nickname = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The nickname of this Tahoe introducer.
'';
};
tub.port = mkOption {
default = 3458;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The port on which the introducer will listen.
'';
};
tub.location = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The external location that the introducer should listen on.
If specified, the port should be included.
@@ -36,13 +36,13 @@ in
default = pkgs.tahoelafs;
defaultText = literalExpression "pkgs.tahoelafs";
type = types.package;
- description = ''
+ description = lib.mdDoc ''
The package to use for the Tahoe LAFS daemon.
'';
};
};
});
- description = ''
+ description = lib.mdDoc ''
The Tahoe introducers.
'';
};
@@ -52,14 +52,14 @@ in
options = {
nickname = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The nickname of this Tahoe node.
'';
};
tub.port = mkOption {
default = 3457;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The port on which the tub will listen.
This is the correct setting to tweak if you want Tahoe's storage
@@ -69,7 +69,7 @@ in
tub.location = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The external location that the node should listen on.
This is the setting to tweak if there are multiple interfaces
@@ -81,7 +81,7 @@ in
web.port = mkOption {
default = 3456;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The port on which the Web server will listen.
This is the correct setting to tweak if you want Tahoe's WUI to
@@ -91,7 +91,7 @@ in
client.introducer = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The furl for a Tahoe introducer node.
Like all furls, keep this safe and don't share it.
@@ -100,7 +100,7 @@ in
client.helper = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The furl for a Tahoe helper node.
Like all furls, keep this safe and don't share it.
@@ -109,14 +109,14 @@ in
client.shares.needed = mkOption {
default = 3;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The number of shares required to reconstitute a file.
'';
};
client.shares.happy = mkOption {
default = 7;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The number of distinct storage nodes required to store
a file.
'';
@@ -124,7 +124,7 @@ in
client.shares.total = mkOption {
default = 10;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The number of shares required to store a file.
'';
};
@@ -132,7 +132,7 @@ in
storage.reservedSpace = mkOption {
default = "1G";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The amount of filesystem space to not use for storage.
'';
};
@@ -141,7 +141,7 @@ in
sftpd.port = mkOption {
default = null;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
The port on which the SFTP server will listen.
This is the correct setting to tweak if you want Tahoe's SFTP
@@ -151,28 +151,28 @@ in
sftpd.hostPublicKeyFile = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the SSH host public key.
'';
};
sftpd.hostPrivateKeyFile = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the SSH host private key.
'';
};
sftpd.accounts.file = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the accounts file.
'';
};
sftpd.accounts.url = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
URL of the accounts server.
'';
};
@@ -180,13 +180,13 @@ in
default = pkgs.tahoelafs;
defaultText = literalExpression "pkgs.tahoelafs";
type = types.package;
- description = ''
+ description = lib.mdDoc ''
The package to use for the Tahoe LAFS daemon.
'';
};
};
});
- description = ''
+ description = lib.mdDoc ''
The Tahoe nodes.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/u9fs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/u9fs.nix
index 77961b78cad..d6968b2cb82 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/u9fs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/u9fs.nix
@@ -14,16 +14,16 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to run the u9fs 9P server for Unix.";
+ description = lib.mdDoc "Whether to run the u9fs 9P server for Unix.";
};
listenStreams = mkOption {
type = types.listOf types.str;
default = [ "564" ];
example = [ "192.168.16.1:564" ];
- description = ''
+ description = lib.mdDoc ''
Sockets to listen for clients on.
- See man 5 systemd.socket for socket syntax.
+ See {command}`man 5 systemd.socket` for socket syntax.
'';
};
@@ -31,7 +31,7 @@ in
type = types.str;
default = "nobody";
description =
- "User to run u9fs under.";
+ lib.mdDoc "User to run u9fs under.";
};
extraArgs = mkOption {
@@ -39,9 +39,9 @@ in
default = "";
example = "-a none";
description =
- ''
+ lib.mdDoc ''
Extra arguments to pass on invocation,
- see man 4 u9fs
+ see {command}`man 4 u9fs`
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/webdav-server-rs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/webdav-server-rs.nix
index 1c5c299cb67..bd07b8d4381 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/webdav-server-rs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/webdav-server-rs.nix
@@ -19,22 +19,22 @@ in
user = mkOption {
type = types.str;
default = "webdav";
- description = "User to run under when setuid is not enabled.";
+ description = lib.mdDoc "User to run under when setuid is not enabled.";
};
group = mkOption {
type = types.str;
default = "webdav";
- description = "Group to run under when setuid is not enabled.";
+ description = lib.mdDoc "Group to run under when setuid is not enabled.";
};
settings = mkOption {
type = format.type;
default = { };
- description = ''
+ description = lib.mdDoc ''
Attrset that is converted and passed as config file. Available
options can be found at
- here.
+ [here](https://github.com/miquels/webdav-server-rs/blob/master/webdav-server.toml).
'';
example = literalExpression ''
{
@@ -73,7 +73,7 @@ in
type = types.path;
default = format.generate "webdav-server.toml" settings;
defaultText = "Config file generated from services.webdav-server-rs.settings";
- description = ''
+ description = lib.mdDoc ''
Path to config file. If this option is set, it will override any
configuration done in services.webdav-server-rs.settings.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/webdav.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/webdav.nix
index a810af40fd4..5628fd1e6c6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/webdav.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/webdav.nix
@@ -13,27 +13,27 @@ in
user = mkOption {
type = types.str;
default = "webdav";
- description = "User account under which WebDAV runs.";
+ description = lib.mdDoc "User account under which WebDAV runs.";
};
group = mkOption {
type = types.str;
default = "webdav";
- description = "Group under which WebDAV runs.";
+ description = lib.mdDoc "Group under which WebDAV runs.";
};
settings = mkOption {
type = format.type;
default = { };
- description = ''
+ description = lib.mdDoc ''
Attrset that is converted and passed as config file. Available options
can be found at
- here.
+ [here](https://github.com/hacdias/webdav).
This program supports reading username and password configuration
from environment variables, so it's strongly recommended to store
username and password in a separate
- EnvironmentFile.
+ [EnvironmentFile](https://www.freedesktop.org/software/systemd/man/systemd.exec.html#EnvironmentFile=).
This prevents adding secrets to the world-readable Nix store.
'';
example = literalExpression ''
@@ -57,7 +57,7 @@ in
type = types.path;
default = format.generate "webdav.yaml" cfg.settings;
defaultText = "Config file generated from services.webdav.settings";
- description = ''
+ description = lib.mdDoc ''
Path to config file. If this option is set, it will override any
configuration done in options.services.webdav.settings.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/xtreemfs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/xtreemfs.nix
index fc072311578..7b476fc7ac9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/xtreemfs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/xtreemfs.nix
@@ -94,7 +94,7 @@ in
homeDir = mkOption {
type = types.path;
default = "/var/lib/xtreemfs";
- description = ''
+ description = lib.mdDoc ''
XtreemFS home dir for the xtreemfs user.
'';
};
@@ -103,7 +103,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable XtreemFS DIR service.
'';
};
@@ -120,7 +120,7 @@ in
port = mkOption {
default = 32638;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
The port to listen on for incoming connections (TCP).
'';
};
@@ -128,7 +128,7 @@ in
type = types.str;
example = "127.0.0.1";
default = "";
- description = ''
+ description = lib.mdDoc ''
If specified, it defines the interface to listen on. If not
specified, the service will listen on all interfaces (any).
'';
@@ -136,7 +136,7 @@ in
httpPort = mkOption {
default = 30638;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Specifies the listen port for the HTTP service that returns the
status page.
'';
@@ -145,7 +145,7 @@ in
type = types.enum [ "ASYNC" "SYNC_WRITE_METADATA" "SYNC_WRITE" "FDATASYNC" "FSYNC" ];
default = "FSYNC";
example = "FDATASYNC";
- description = ''
+ description = lib.mdDoc ''
The sync mode influences how operations are committed to the disk
log before the operation is acknowledged to the caller.
@@ -173,7 +173,7 @@ in
ssl.trusted_certs.pw = jks_passphrase
ssl.trusted_certs.container = jks
'';
- description = ''
+ description = lib.mdDoc ''
Configuration of XtreemFS DIR service.
WARNING: configuration is saved as plaintext inside nix store.
For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html
@@ -215,7 +215,7 @@ in
babudb.ssl.authenticationWithoutEncryption = false
'';
- description = ''
+ description = lib.mdDoc ''
Configuration of XtreemFS DIR replication plugin.
WARNING: configuration is saved as plaintext inside nix store.
For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html
@@ -228,7 +228,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable XtreemFS MRC service.
'';
};
@@ -245,7 +245,7 @@ in
port = mkOption {
default = 32636;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
The port to listen on for incoming connections (TCP).
'';
};
@@ -253,7 +253,7 @@ in
example = "127.0.0.1";
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
If specified, it defines the interface to listen on. If not
specified, the service will listen on all interfaces (any).
'';
@@ -261,7 +261,7 @@ in
httpPort = mkOption {
default = 30636;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Specifies the listen port for the HTTP service that returns the
status page.
'';
@@ -270,7 +270,7 @@ in
default = "FSYNC";
type = types.enum [ "ASYNC" "SYNC_WRITE_METADATA" "SYNC_WRITE" "FDATASYNC" "FSYNC" ];
example = "FDATASYNC";
- description = ''
+ description = lib.mdDoc ''
The sync mode influences how operations are committed to the disk
log before the operation is acknowledged to the caller.
@@ -316,7 +316,7 @@ in
ssl.trusted_certs.pw = jks_passphrase
ssl.trusted_certs.container = jks
'';
- description = ''
+ description = lib.mdDoc ''
Configuration of XtreemFS MRC service.
WARNING: configuration is saved as plaintext inside nix store.
For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html
@@ -358,7 +358,7 @@ in
babudb.ssl.authenticationWithoutEncryption = false
'';
- description = ''
+ description = lib.mdDoc ''
Configuration of XtreemFS MRC replication plugin.
WARNING: configuration is saved as plaintext inside nix store.
For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html
@@ -371,7 +371,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable XtreemFS OSD service.
'';
};
@@ -388,7 +388,7 @@ in
port = mkOption {
default = 32640;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
The port to listen on for incoming connections (TCP and UDP).
'';
};
@@ -396,7 +396,7 @@ in
example = "127.0.0.1";
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
If specified, it defines the interface to listen on. If not
specified, the service will listen on all interfaces (any).
'';
@@ -404,7 +404,7 @@ in
httpPort = mkOption {
default = 30640;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Specifies the listen port for the HTTP service that returns the
status page.
'';
@@ -435,7 +435,7 @@ in
ssl.trusted_certs.pw = jks_passphrase
ssl.trusted_certs.container = jks
'';
- description = ''
+ description = lib.mdDoc ''
Configuration of XtreemFS OSD service.
WARNING: configuration is saved as plaintext inside nix store.
For more options: http://www.xtreemfs.org/xtfs-guide-1.5.1/index.html
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/yandex-disk.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/yandex-disk.nix
index a5b1f9d4ab6..94f806a6178 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/yandex-disk.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/network-filesystems/yandex-disk.nix
@@ -31,7 +31,7 @@ in
username = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Your yandex.com login name.
'';
};
@@ -39,7 +39,7 @@ in
password = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Your yandex.com password. Warning: it will be world-readable in /nix/store.
'';
};
@@ -47,7 +47,7 @@ in
user = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The user the yandex-disk daemon should run as.
'';
};
@@ -55,14 +55,14 @@ in
directory = mkOption {
type = types.path;
default = "/home/Yandex.Disk";
- description = "The directory to use for Yandex.Disk storage";
+ description = lib.mdDoc "The directory to use for Yandex.Disk storage";
};
excludes = mkOption {
default = "";
type = types.commas;
example = "data,backup";
- description = ''
+ description = lib.mdDoc ''
Comma-separated list of directories which are excluded from synchronization.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/3proxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/3proxy.nix
index 326a8671fcc..9fc1dac7c28 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/3proxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/3proxy.nix
@@ -10,7 +10,7 @@ in {
confFile = mkOption {
type = types.path;
example = "/var/lib/3proxy/3proxy.conf";
- description = ''
+ description = lib.mdDoc ''
Ignore all other 3proxy options and load configuration from this file.
'';
};
@@ -90,7 +90,7 @@ in {
type = types.str;
default = "[::]";
example = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Address used for service.
'';
};
@@ -98,7 +98,7 @@ in {
type = types.nullOr types.int;
default = null;
example = 3128;
- description = ''
+ description = lib.mdDoc ''
Override default port used for service.
'';
};
@@ -106,7 +106,7 @@ in {
type = types.int;
default = 100;
example = 1000;
- description = ''
+ description = lib.mdDoc ''
Maximum number of simulationeous connections to this service.
'';
};
@@ -171,7 +171,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "user1" "user2" "user3" ];
- description = ''
+ description = lib.mdDoc ''
List of users, use empty list for any.
'';
};
@@ -179,7 +179,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "127.0.0.1" "192.168.1.0/24" ];
- description = ''
+ description = lib.mdDoc ''
List of source IP range, use empty list for any.
'';
};
@@ -198,7 +198,7 @@ in {
type = types.listOf types.int;
default = [ ];
example = [ 80 443 ];
- description = ''
+ description = lib.mdDoc ''
List of target ports, use empty list for any.
'';
};
@@ -220,7 +220,7 @@ in {
}
]
'';
- description = ''
+ description = lib.mdDoc ''
Use this option to limit user access to resources.
'';
};
@@ -228,17 +228,17 @@ in {
type = types.nullOr types.str;
default = null;
example = "-46";
- description = ''
+ description = lib.mdDoc ''
Extra arguments for service.
- Consult "Options" section in documentation for available arguments.
+ Consult "Options" section in [documentation](https://github.com/z3APA3A/3proxy/wiki/3proxy.cfg) for available arguments.
'';
};
extraConfig = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Extra configuration for service. Use this to configure things like bandwidth limiter or ACL-based redirection.
- Consult documentation for available options.
+ Consult [documentation](https://github.com/z3APA3A/3proxy/wiki/3proxy.cfg) for available options.
'';
};
};
@@ -266,14 +266,14 @@ in {
}
]
'';
- description = ''
+ description = lib.mdDoc ''
Use this option to define 3proxy services.
'';
};
denyPrivate = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to deny access to private IP ranges including loopback.
'';
};
@@ -290,7 +290,7 @@ in {
"::1"
"fc00::/7"
];
- description = ''
+ description = lib.mdDoc ''
What IP ranges to deny access when denyPrivate is set tu true.
'';
};
@@ -301,7 +301,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "127.0.0.53" "192.168.1.3:5353/tcp" ];
- description = ''
+ description = lib.mdDoc ''
List of nameservers to use.
Up to 5 nservers may be specified. If no nserver is configured,
@@ -311,12 +311,12 @@ in {
nscache = mkOption {
type = types.int;
default = 65535;
- description = "Set name cache size for IPv4.";
+ description = lib.mdDoc "Set name cache size for IPv4.";
};
nscache6 = mkOption {
type = types.int;
default = 65535;
- description = "Set name cache size for IPv6.";
+ description = lib.mdDoc "Set name cache size for IPv6.";
};
nsrecord = mkOption {
type = types.attrsOf types.str;
@@ -327,21 +327,21 @@ in {
"site.local" = "192.168.1.43";
}
'';
- description = "Adds static nsrecords.";
+ description = lib.mdDoc "Adds static nsrecords.";
};
};
};
default = { };
- description = ''
+ description = lib.mdDoc ''
Use this option to configure name resolution and DNS caching.
'';
};
extraConfig = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Extra configuration, appended to the 3proxy configuration file.
- Consult documentation for available options.
+ Consult [documentation](https://github.com/z3APA3A/3proxy/wiki/3proxy.cfg) for available options.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/adguardhome.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/adguardhome.nix
index 98ddf071608..13ef78c10c5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/adguardhome.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/adguardhome.nix
@@ -30,7 +30,7 @@ in {
host = mkOption {
default = "0.0.0.0";
type = str;
- description = ''
+ description = lib.mdDoc ''
Host address to bind HTTP server to.
'';
};
@@ -38,7 +38,7 @@ in {
port = mkOption {
default = 3000;
type = port;
- description = ''
+ description = lib.mdDoc ''
Port to serve HTTP pages on.
'';
};
@@ -46,7 +46,7 @@ in {
openFirewall = mkOption {
default = false;
type = bool;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the AdGuard Home web interface. Does not
open the port needed to access the DNS resolver.
'';
@@ -55,7 +55,7 @@ in {
mutableSettings = mkOption {
default = true;
type = bool;
- description = ''
+ description = lib.mdDoc ''
Allow changes made on the AdGuard Home web interface to persist between
service restarts.
'';
@@ -80,7 +80,7 @@ in {
extraArgs = mkOption {
default = [ ];
type = listOf str;
- description = ''
+ description = lib.mdDoc ''
Extra command line parameters to be passed to the adguardhome binary.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/amuled.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/amuled.nix
index aa72a047526..1cd54335819 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/amuled.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/amuled.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run the AMule daemon. You need to manually run "amuled --ec-config" to configure the service for the first time.
'';
};
@@ -30,7 +30,7 @@ in
defaultText = literalExpression ''
"/home/''${config.${opt.user}}/"
'';
- description = ''
+ description = lib.mdDoc ''
The directory holding configuration, incoming and temporary files.
'';
};
@@ -38,7 +38,7 @@ in
user = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The user the AMule daemon should run as.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/antennas.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/antennas.nix
index ef98af22f20..e3bde2b67d2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/antennas.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/antennas.nix
@@ -13,25 +13,25 @@ in
tvheadendUrl = mkOption {
type = types.str;
default = "http://localhost:9981";
- description = "URL of Tvheadend.";
+ description = lib.mdDoc "URL of Tvheadend.";
};
antennasUrl = mkOption {
type = types.str;
default = "http://127.0.0.1:5004";
- description = "URL of Antennas.";
+ description = lib.mdDoc "URL of Antennas.";
};
tunerCount = mkOption {
type = types.int;
default = 6;
- description = "Numbers of tuners in tvheadend.";
+ description = lib.mdDoc "Numbers of tuners in tvheadend.";
};
deviceUUID = mkOption {
type = types.str;
default = "2f70c0d7-90a3-4429-8275-cbeeee9cd605";
- description = "Device tuner UUID. Change this if you are running multiple instances.";
+ description = lib.mdDoc "Device tuner UUID. Change this if you are running multiple instances.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/aria2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/aria2.nix
index 156fef14479..e848869cc0a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/aria2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/aria2.nix
@@ -28,7 +28,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether or not to enable the headless Aria2 daemon service.
Aria2 daemon can be controlled via the RPC interface using
@@ -41,7 +41,7 @@ in
openPorts = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open listen and RPC ports found in listenPortRange and rpcListenPort
options in the firewall.
'';
@@ -49,26 +49,26 @@ in
downloadDir = mkOption {
type = types.path;
default = downloadDir;
- description = ''
+ description = lib.mdDoc ''
Directory to store downloaded files.
'';
};
listenPortRange = mkOption {
type = types.listOf types.attrs;
default = [ { from = 6881; to = 6999; } ];
- description = ''
+ description = lib.mdDoc ''
Set UDP listening port range used by DHT(IPv4, IPv6) and UDP tracker.
'';
};
rpcListenPort = mkOption {
type = types.int;
default = 6800;
- description = "Specify a port number for JSON-RPC/XML-RPC server to listen to. Possible Values: 1024-65535";
+ description = lib.mdDoc "Specify a port number for JSON-RPC/XML-RPC server to listen to. Possible Values: 1024-65535";
};
rpcSecret = mkOption {
type = types.str;
default = "aria2rpc";
- description = ''
+ description = lib.mdDoc ''
Set RPC secret authorization token.
Read https://aria2.github.io/manual/en/html/aria2c.html#rpc-auth to know how this option value is used.
'';
@@ -77,7 +77,7 @@ in
type = types.separatedString " ";
example = "--rpc-listen-all --remote-time=true";
default = "";
- description = ''
+ description = lib.mdDoc ''
Additional arguments to be passed to Aria2.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/asterisk.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/asterisk.nix
index 297d0b3b2d0..5a1d03f0721 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/asterisk.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/asterisk.nix
@@ -59,7 +59,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Asterisk PBX server.
'';
};
@@ -72,9 +72,9 @@ in
verbose=3
debug=3
'';
- description = ''
+ description = lib.mdDoc ''
Extra configuration options appended to the default
- asterisk.conf file.
+ `asterisk.conf` file.
'';
};
@@ -127,19 +127,19 @@ in
''';
}
'';
- description = ''
+ description = lib.mdDoc ''
Sets the content of config files (typically ending with
- .conf) in the Asterisk configuration directory.
+ `.conf`) in the Asterisk configuration directory.
- Note that if you want to change asterisk.conf, it
- is preferable to use the
- option over this option. If "asterisk.conf" is
- specified with the option (not recommended),
- you must be prepared to set your own astetcdir
+ Note that if you want to change `asterisk.conf`, it
+ is preferable to use the {option}`services.asterisk.extraConfig`
+ option over this option. If `"asterisk.conf"` is
+ specified with the {option}`confFiles` option (not recommended),
+ you must be prepared to set your own `astetcdir`
path.
See
-
+
for more examples of what is possible here.
'';
};
@@ -148,9 +148,9 @@ in
default = [ "ari.conf" "acl.conf" "agents.conf" "amd.conf" "calendar.conf" "cdr.conf" "cdr_syslog.conf" "cdr_custom.conf" "cel.conf" "cel_custom.conf" "cli_aliases.conf" "confbridge.conf" "dundi.conf" "features.conf" "hep.conf" "iax.conf" "pjsip.conf" "pjsip_wizard.conf" "phone.conf" "phoneprov.conf" "queues.conf" "res_config_sqlite3.conf" "res_parking.conf" "statsd.conf" "udptl.conf" "unistim.conf" ];
type = types.listOf types.str;
example = [ "sip.conf" "dundi.conf" ];
- description = ''Sets these config files to the default content. The default value for
+ description = lib.mdDoc ''Sets these config files to the default content. The default value for
this option contains all necesscary files to avoid errors at startup.
- This does not override settings via .
+ This does not override settings via {option}`services.asterisk.confFiles`.
'';
};
@@ -159,7 +159,7 @@ in
type = types.listOf types.str;
example =
[ "-vvvddd" "-e" "1024" ];
- description = ''
+ description = lib.mdDoc ''
Additional command line arguments to pass to Asterisk.
'';
};
@@ -167,7 +167,7 @@ in
type = types.package;
default = pkgs.asterisk;
defaultText = literalExpression "pkgs.asterisk";
- description = "The Asterisk package to use.";
+ description = lib.mdDoc "The Asterisk package to use.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/atftpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/atftpd.nix
index da5e305201f..e31b447e6c5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/atftpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/atftpd.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the atftpd TFTP server. By default, the server
binds to address 0.0.0.0.
'';
@@ -33,7 +33,7 @@ in
"--verbose=7"
]
'';
- description = ''
+ description = lib.mdDoc ''
Extra command line arguments to pass to atftp.
'';
};
@@ -41,7 +41,7 @@ in
root = mkOption {
default = "/srv/tftp";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Document root directory for the atftpd.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/autossh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/autossh.nix
index 245f2bfc2cf..ed9c07d9a14 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/autossh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/autossh.nix
@@ -22,18 +22,18 @@ in
name = mkOption {
type = types.str;
example = "socks-peer";
- description = "Name of the local AutoSSH session";
+ description = lib.mdDoc "Name of the local AutoSSH session";
};
user = mkOption {
type = types.str;
example = "bill";
- description = "Name of the user the AutoSSH session should run as";
+ description = lib.mdDoc "Name of the user the AutoSSH session should run as";
};
monitoringPort = mkOption {
type = types.int;
default = 0;
example = 20000;
- description = ''
+ description = lib.mdDoc ''
Port to be used by AutoSSH for peer monitoring. Note, that
AutoSSH also uses mport+1. Value of 0 disables the keep-alive
style monitoring
@@ -42,7 +42,7 @@ in
extraArguments = mkOption {
type = types.separatedString " ";
example = "-N -D4343 bill@socks.example.net";
- description = ''
+ description = lib.mdDoc ''
Arguments to be passed to AutoSSH and retransmitted to SSH
process. Some meaningful options include -N (don't run remote
command), -D (open SOCKS proxy on local port), -R (forward
@@ -54,7 +54,7 @@ in
});
default = [];
- description = ''
+ description = lib.mdDoc ''
List of AutoSSH sessions to start as systemd services. Each service is
named 'autossh-{session.name}'.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/avahi-daemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/avahi-daemon.nix
index 50c4ffdedce..498e5a47670 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/avahi-daemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/avahi-daemon.nix
@@ -43,7 +43,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run the Avahi daemon, which allows Avahi clients
to use Avahi's service discovery facilities and also allows
the local machine to advertise its presence and services
@@ -55,16 +55,16 @@ in
type = types.str;
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
- description = ''
+ description = lib.mdDoc ''
Host name advertised on the LAN. If not set, avahi will use the value
- of .
+ of {option}`config.networking.hostName`.
'';
};
domainName = mkOption {
type = types.str;
default = "local";
- description = ''
+ description = lib.mdDoc ''
Domain name for all advertisements.
'';
};
@@ -73,7 +73,7 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "0pointer.de" "zeroconf.org" ];
- description = ''
+ description = lib.mdDoc ''
List of non-local DNS domains to be browsed.
'';
};
@@ -81,22 +81,22 @@ in
ipv4 = mkOption {
type = types.bool;
default = true;
- description = "Whether to use IPv4.";
+ description = lib.mdDoc "Whether to use IPv4.";
};
ipv6 = mkOption {
type = types.bool;
default = config.networking.enableIPv6;
defaultText = literalExpression "config.networking.enableIPv6";
- description = "Whether to use IPv6.";
+ description = lib.mdDoc "Whether to use IPv6.";
};
interfaces = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = ''
- List of network interfaces that should be used by the avahi-daemon.
- Other interfaces will be ignored. If null, all local interfaces
+ description = lib.mdDoc ''
+ List of network interfaces that should be used by the {command}`avahi-daemon`.
+ Other interfaces will be ignored. If `null`, all local interfaces
except loopback and point-to-point will be used.
'';
};
@@ -104,7 +104,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to open the firewall for UDP port 5353.
'';
};
@@ -112,7 +112,7 @@ in
allowPointToPoint = mkOption {
type = types.bool;
default = false;
- description= ''
+ description= lib.mdDoc ''
Whether to use POINTTOPOINT interfaces. Might make mDNS unreliable due to usually large
latencies with such links and opens a potential security hole by allowing mDNS access from Internet
connections.
@@ -122,13 +122,13 @@ in
wideArea = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable wide-area service discovery.";
+ description = lib.mdDoc "Whether to enable wide-area service discovery.";
};
reflector = mkOption {
type = types.bool;
default = false;
- description = "Reflect incoming mDNS requests to all allowed network interfaces.";
+ description = lib.mdDoc "Reflect incoming mDNS requests to all allowed network interfaces.";
};
extraServiceFiles = mkOption {
@@ -161,25 +161,25 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to allow publishing in general.";
+ description = lib.mdDoc "Whether to allow publishing in general.";
};
userServices = mkOption {
type = types.bool;
default = false;
- description = "Whether to publish user services. Will set addresses=true.";
+ description = lib.mdDoc "Whether to publish user services. Will set `addresses=true`.";
};
addresses = mkOption {
type = types.bool;
default = false;
- description = "Whether to register mDNS address records for all local IP addresses.";
+ description = lib.mdDoc "Whether to register mDNS address records for all local IP addresses.";
};
hinfo = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to register a mDNS HINFO record which contains information about the
local operating system and CPU.
'';
@@ -188,7 +188,7 @@ in
workstation = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to register a service of type "_workstation._tcp" on the local LAN.
'';
};
@@ -196,14 +196,14 @@ in
domain = mkOption {
type = types.bool;
default = false;
- description = "Whether to announce the locally used domain name for browsing by other hosts.";
+ description = lib.mdDoc "Whether to announce the locally used domain name for browsing by other hosts.";
};
};
nssmdns = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the mDNS NSS (Name Service Switch) plug-in.
Enabling it allows applications to resolve names in the `.local'
domain by transparently querying the Avahi daemon.
@@ -213,7 +213,7 @@ in
cacheEntriesMax = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Number of resource records to be cached per interface. Use 0 to
disable caching. Avahi daemon defaults to 4096 if not set.
'';
@@ -222,7 +222,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra config to append to avahi-daemon.conf.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/babeld.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/babeld.nix
index aae6f1498a4..b393b6e0592 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/babeld.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/babeld.nix
@@ -44,9 +44,9 @@ in
interfaceDefaults = mkOption {
default = null;
- description = ''
+ description = lib.mdDoc ''
A set describing default parameters for babeld interfaces.
- See babeld8 for options.
+ See {manpage}`babeld(8)` for options.
'';
type = types.nullOr (types.attrsOf types.unspecified);
example =
@@ -58,9 +58,9 @@ in
interfaces = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
A set describing babeld interfaces.
- See babeld8 for options.
+ See {manpage}`babeld(8)` for options.
'';
type = types.attrsOf (types.attrsOf types.unspecified);
example =
@@ -75,9 +75,9 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Options that will be copied to babeld.conf.
- See babeld8 for details.
+ See {manpage}`babeld(8)` for details.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bee-clef.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bee-clef.nix
index 719714b2898..852e1396b91 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bee-clef.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bee-clef.nix
@@ -19,7 +19,7 @@ in {
dataDir = mkOption {
type = types.nullOr types.str;
default = "/var/lib/bee-clef";
- description = ''
+ description = lib.mdDoc ''
Data dir for bee-clef. Beware that some helper scripts may not work when changed!
The service itself should work fine, though.
'';
@@ -28,13 +28,13 @@ in {
passwordFile = mkOption {
type = types.nullOr types.str;
default = "/var/lib/bee-clef/password";
- description = "Password file for bee-clef.";
+ description = lib.mdDoc "Password file for bee-clef.";
};
user = mkOption {
type = types.str;
default = "bee-clef";
- description = ''
+ description = lib.mdDoc ''
User the bee-clef daemon should execute under.
'';
};
@@ -42,7 +42,7 @@ in {
group = mkOption {
type = types.str;
default = "bee-clef";
- description = ''
+ description = lib.mdDoc ''
Group the bee-clef daemon should execute under.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bee.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bee.nix
index d6efade0630..a99513cb8cc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bee.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bee.nix
@@ -22,14 +22,14 @@ in {
default = pkgs.bee;
defaultText = literalExpression "pkgs.bee";
example = literalExpression "pkgs.bee-unstable";
- description = "The package providing the bee binary for the service.";
+ description = lib.mdDoc "The package providing the bee binary for the service.";
};
settings = mkOption {
type = format.type;
- description = ''
+ description = lib.mdDoc ''
Ethereum Swarm Bee configuration. Refer to
-
+
for details on supported values.
'';
};
@@ -37,7 +37,7 @@ in {
daemonNiceLevel = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Daemon process priority for bee.
0 is the default Unix process priority, 19 is the lowest.
'';
@@ -46,7 +46,7 @@ in {
user = mkOption {
type = types.str;
default = "bee";
- description = ''
+ description = lib.mdDoc ''
User the bee binary should execute under.
'';
};
@@ -54,7 +54,7 @@ in {
group = mkOption {
type = types.str;
default = "bee";
- description = ''
+ description = lib.mdDoc ''
Group the bee binary should execute under.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/biboumi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/biboumi.nix
index 3f46b95eaf0..7e603300883 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/biboumi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/biboumi.nix
@@ -19,8 +19,8 @@ in
enable = mkEnableOption "the Biboumi XMPP gateway to IRC";
settings = mkOption {
- description = ''
- See biboumi 8.5
+ description = lib.mdDoc ''
+ See [biboumi 8.5](https://lab.louiz.org/louiz/biboumi/blob/8.5/doc/biboumi.1.rst)
for documentation.
'';
default = {};
@@ -34,7 +34,7 @@ in
default = [];
example = ["admin@example.org"];
apply = concatStringsSep ":";
- description = ''
+ description = lib.mdDoc ''
The bare JID of the gateway administrator. This JID will have more
privileges than other standard users, for example some administration
ad-hoc commands will only be available to that JID.
@@ -43,7 +43,7 @@ in
options.ca_file = mkOption {
type = types.path;
default = "/etc/ssl/certs/ca-certificates.crt";
- description = ''
+ description = lib.mdDoc ''
Specifies which file should be used as the list of trusted CA
when negociating a TLS session.
'';
@@ -51,7 +51,7 @@ in
options.db_name = mkOption {
type = with types; either path str;
default = "${stateDir}/biboumi.sqlite";
- description = ''
+ description = lib.mdDoc ''
The name of the database to use.
'';
example = "postgresql://user:secret@localhost";
@@ -59,7 +59,7 @@ in
options.hostname = mkOption {
type = types.str;
example = "biboumi.example.org";
- description = ''
+ description = lib.mdDoc ''
The hostname served by the XMPP gateway.
This domain must be configured in the XMPP server
as an external component.
@@ -69,14 +69,14 @@ in
type = types.port;
default = 113;
example = 0;
- description = ''
+ description = lib.mdDoc ''
The TCP port on which to listen for identd queries.
'';
};
options.log_level = mkOption {
type = types.ints.between 0 3;
default = 1;
- description = ''
+ description = lib.mdDoc ''
Indicate what type of log messages to write in the logs.
0 is debug, 1 is info, 2 is warning, 3 is error.
'';
@@ -96,7 +96,7 @@ in
options.persistent_by_default = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether all rooms will be persistent by default:
the value of the “persistent” option in the global configuration of each
user will be “true”, but the value of each individual room will still
@@ -108,7 +108,7 @@ in
type = types.path;
default = "${pkgs.biboumi}/etc/biboumi";
defaultText = literalExpression ''"''${pkgs.biboumi}/etc/biboumi"'';
- description = ''
+ description = lib.mdDoc ''
A directory that should contain the policy files,
used to customize Botan’s behaviour
when negociating the TLS connections with the IRC servers.
@@ -117,14 +117,14 @@ in
options.port = mkOption {
type = types.port;
default = 5347;
- description = ''
+ description = lib.mdDoc ''
The TCP port to use to connect to the local XMPP component.
'';
};
options.realname_customization = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the users will be able to use
the ad-hoc commands that lets them configure
their realname and username.
@@ -133,7 +133,7 @@ in
options.realname_from_jid = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether the realname and username of each biboumi
user will be extracted from their JID.
Otherwise they will be set to the nick
@@ -143,7 +143,7 @@ in
options.xmpp_server_ip = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The IP address to connect to the XMPP server on.
The connection to the XMPP server is unencrypted,
so the biboumi instance and the server should
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bind.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bind.nix
index 2045612ec05..0966332f7d0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bind.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bind.nix
@@ -17,28 +17,28 @@ let
name = mkOption {
type = types.str;
default = name;
- description = "Name of the zone.";
+ description = lib.mdDoc "Name of the zone.";
};
master = mkOption {
- description = "Master=false means slave server";
+ description = lib.mdDoc "Master=false means slave server";
type = types.bool;
};
file = mkOption {
type = types.either types.str types.path;
- description = "Zone file resource records contain columns of data, separated by whitespace, that define the record.";
+ description = lib.mdDoc "Zone file resource records contain columns of data, separated by whitespace, that define the record.";
};
masters = mkOption {
type = types.listOf types.str;
- description = "List of servers for inclusion in stub and secondary zones.";
+ description = lib.mdDoc "List of servers for inclusion in stub and secondary zones.";
};
slaves = mkOption {
type = types.listOf types.str;
- description = "Addresses who may request zone transfers.";
+ description = lib.mdDoc "Addresses who may request zone transfers.";
default = [ ];
};
extraConfig = mkOption {
type = types.str;
- description = "Extra zone config to be appended at the end of the zone section.";
+ description = lib.mdDoc "Extra zone config to be appended at the end of the zone section.";
default = "";
};
};
@@ -111,7 +111,7 @@ in
type = types.package;
default = pkgs.bind;
defaultText = literalExpression "pkgs.bind";
- description = "The BIND package to use.";
+ description = lib.mdDoc "The BIND package to use.";
};
cacheNetworks = mkOption {
@@ -178,7 +178,7 @@ in
directory = mkOption {
type = types.str;
default = "/run/named";
- description = "Working directory of BIND.";
+ description = lib.mdDoc "Working directory of BIND.";
};
zones = mkOption {
@@ -209,7 +209,7 @@ in
extraOptions = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra lines to be added verbatim to the options section of the
generated named configuration file.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bird-lg.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bird-lg.nix
index 515ef38608b..db4a4140dd4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bird-lg.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bird-lg.nix
@@ -12,19 +12,19 @@ in
type = types.package;
default = pkgs.bird-lg;
defaultText = literalExpression "pkgs.bird-lg";
- description = "The Bird Looking Glass package to use.";
+ description = lib.mdDoc "The Bird Looking Glass package to use.";
};
user = mkOption {
type = types.str;
default = "bird-lg";
- description = "User to run the service.";
+ description = lib.mdDoc "User to run the service.";
};
group = mkOption {
type = types.str;
default = "bird-lg";
- description = "Group to run the service.";
+ description = lib.mdDoc "Group to run the service.";
};
frontend = {
@@ -33,103 +33,103 @@ in
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1:5000";
- description = "Address to listen on.";
+ description = lib.mdDoc "Address to listen on.";
};
proxyPort = mkOption {
type = types.port;
default = 8000;
- description = "Port bird-lg-proxy is running on.";
+ description = lib.mdDoc "Port bird-lg-proxy is running on.";
};
domain = mkOption {
type = types.str;
default = "";
example = "dn42.lantian.pub";
- description = "Server name domain suffixes.";
+ description = lib.mdDoc "Server name domain suffixes.";
};
servers = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "gigsgigscloud" "hostdare" ];
- description = "Server name prefixes.";
+ description = lib.mdDoc "Server name prefixes.";
};
whois = mkOption {
type = types.str;
default = "whois.verisign-grs.com";
- description = "Whois server for queries.";
+ description = lib.mdDoc "Whois server for queries.";
};
dnsInterface = mkOption {
type = types.str;
default = "asn.cymru.com";
- description = "DNS zone to query ASN information.";
+ description = lib.mdDoc "DNS zone to query ASN information.";
};
bgpMapInfo = mkOption {
type = types.listOf types.str;
default = [ "asn" "as-name" "ASName" "descr" ];
- description = "Information displayed in bgpmap.";
+ description = lib.mdDoc "Information displayed in bgpmap.";
};
titleBrand = mkOption {
type = types.str;
default = "Bird-lg Go";
- description = "Prefix of page titles in browser tabs.";
+ description = lib.mdDoc "Prefix of page titles in browser tabs.";
};
netSpecificMode = mkOption {
type = types.str;
default = "";
example = "dn42";
- description = "Apply network-specific changes for some networks.";
+ description = lib.mdDoc "Apply network-specific changes for some networks.";
};
protocolFilter = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "ospf" ];
- description = "Information displayed in bgpmap.";
+ description = lib.mdDoc "Information displayed in bgpmap.";
};
nameFilter = mkOption {
type = types.str;
default = "";
example = "^ospf";
- description = "Protocol names to hide in summary tables (RE2 syntax),";
+ description = lib.mdDoc "Protocol names to hide in summary tables (RE2 syntax),";
};
timeout = mkOption {
type = types.int;
default = 120;
- description = "Time before request timed out, in seconds.";
+ description = lib.mdDoc "Time before request timed out, in seconds.";
};
navbar = {
brand = mkOption {
type = types.str;
default = "Bird-lg Go";
- description = "Brand to show in the navigation bar .";
+ description = lib.mdDoc "Brand to show in the navigation bar .";
};
brandURL = mkOption {
type = types.str;
default = "/";
- description = "URL of the brand to show in the navigation bar.";
+ description = lib.mdDoc "URL of the brand to show in the navigation bar.";
};
allServers = mkOption {
type = types.str;
default = "ALL Servers";
- description = "Text of 'All server' button in the navigation bar.";
+ description = lib.mdDoc "Text of 'All server' button in the navigation bar.";
};
allServersURL = mkOption {
type = types.str;
default = "all";
- description = "URL of 'All servers' button.";
+ description = lib.mdDoc "URL of 'All servers' button.";
};
};
@@ -148,21 +148,21 @@ in
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1:8000";
- description = "Address to listen on.";
+ description = lib.mdDoc "Address to listen on.";
};
allowedIPs = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "192.168.25.52" "192.168.25.53" ];
- description = "List of IPs to allow (default all allowed).";
+ description = lib.mdDoc "List of IPs to allow (default all allowed).";
};
birdSocket = mkOption {
type = types.str;
default = "/run/bird.ctl";
example = "/var/run/bird/bird.ctl";
- description = "Bird control socket path.";
+ description = lib.mdDoc "Bird control socket path.";
};
traceroute = {
@@ -170,13 +170,13 @@ in
type = types.str;
default = "${pkgs.traceroute}/bin/traceroute";
defaultText = literalExpression ''"''${pkgs.traceroute}/bin/traceroute"'';
- description = "Traceroute's binary path.";
+ description = lib.mdDoc "Traceroute's binary path.";
};
rawOutput = mkOption {
type = types.bool;
default = false;
- description = "Display traceroute output in raw format.";
+ description = lib.mdDoc "Display traceroute output in raw format.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bitcoind.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bitcoind.nix
index 80033d95860..1788d5fcf58 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bitcoind.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bitcoind.nix
@@ -11,7 +11,7 @@ let
name = mkOption {
type = types.str;
example = "alice";
- description = ''
+ description = lib.mdDoc ''
Username for JSON-RPC connections.
'';
};
@@ -41,14 +41,14 @@ let
type = types.package;
default = pkgs.bitcoind;
defaultText = literalExpression "pkgs.bitcoind";
- description = "The package providing bitcoin binaries.";
+ description = lib.mdDoc "The package providing bitcoin binaries.";
};
configFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/var/lib/${name}/bitcoin.conf";
- description = "The configuration file path to supply bitcoind.";
+ description = lib.mdDoc "The configuration file path to supply bitcoind.";
};
extraConfig = mkOption {
@@ -59,32 +59,32 @@ let
rpcthreads=16
logips=1
'';
- description = "Additional configurations to be appended to bitcoin.conf.";
+ description = lib.mdDoc "Additional configurations to be appended to {file}`bitcoin.conf`.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/bitcoind-${name}";
- description = "The data directory for bitcoind.";
+ description = lib.mdDoc "The data directory for bitcoind.";
};
user = mkOption {
type = types.str;
default = "bitcoind-${name}";
- description = "The user as which to run bitcoind.";
+ description = lib.mdDoc "The user as which to run bitcoind.";
};
group = mkOption {
type = types.str;
default = config.user;
- description = "The group as which to run bitcoind.";
+ description = lib.mdDoc "The group as which to run bitcoind.";
};
rpc = {
port = mkOption {
type = types.nullOr types.port;
default = null;
- description = "Override the default port on which to listen for JSON-RPC connections.";
+ description = lib.mdDoc "Override the default port on which to listen for JSON-RPC connections.";
};
users = mkOption {
default = {};
@@ -95,33 +95,33 @@ let
}
'';
type = types.attrsOf (types.submodule rpcUserOpts);
- description = "RPC user information for JSON-RPC connnections.";
+ description = lib.mdDoc "RPC user information for JSON-RPC connnections.";
};
};
pidFile = mkOption {
type = types.path;
default = "${config.dataDir}/bitcoind.pid";
- description = "Location of bitcoind pid file.";
+ description = lib.mdDoc "Location of bitcoind pid file.";
};
testnet = mkOption {
type = types.bool;
default = false;
- description = "Whether to use the testnet instead of mainnet.";
+ description = lib.mdDoc "Whether to use the testnet instead of mainnet.";
};
port = mkOption {
type = types.nullOr types.port;
default = null;
- description = "Override the default port on which to listen for connections.";
+ description = lib.mdDoc "Override the default port on which to listen for connections.";
};
dbCache = mkOption {
type = types.nullOr (types.ints.between 4 16384);
default = null;
example = 4000;
- description = "Override the default database cache size in MiB.";
+ description = lib.mdDoc "Override the default database cache size in MiB.";
};
prune = mkOption {
@@ -132,7 +132,7 @@ let
);
default = null;
example = 10000;
- description = ''
+ description = lib.mdDoc ''
Reduce storage requirements by enabling pruning (deleting) of old
blocks. This allows the pruneblockchain RPC to be called to delete
specific blocks, and enables automatic pruning of old blocks if a
@@ -147,7 +147,7 @@ let
extraCmdlineOptions = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra command line options to pass to bitcoind.
Run bitcoind --help to list all available options.
'';
@@ -161,7 +161,7 @@ in
services.bitcoind = mkOption {
type = types.attrsOf (types.submodule bitcoindOpts);
default = {};
- description = "Specification of one or more bitcoind instances.";
+ description = lib.mdDoc "Specification of one or more bitcoind instances.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bitlbee.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bitlbee.nix
index f76cffc79bf..e2844feda02 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bitlbee.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/bitlbee.nix
@@ -49,7 +49,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run the BitlBee IRC to other chat network gateway.
Running it allows you to access the MSN, Jabber, Yahoo! and ICQ chat
networks via an IRC client.
@@ -69,7 +69,7 @@ in
portNumber = mkOption {
default = 6667;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Number of the port BitlBee will be listening to.
'';
};
@@ -77,7 +77,7 @@ in
authBackend = mkOption {
default = "storage";
type = types.enum [ "storage" "pam" ];
- description = ''
+ description = lib.mdDoc ''
How users are authenticated
storage -- save passwords internally
pam -- Linux PAM authentication
@@ -87,7 +87,7 @@ in
authMode = mkOption {
default = "Open";
type = types.enum [ "Open" "Closed" "Registered" ];
- description = ''
+ description = lib.mdDoc ''
The following authentication modes are available:
Open -- Accept connections from anyone, use NickServ for user authentication.
Closed -- Require authorization (using the PASS command during login) before allowing the user to connect at all.
@@ -98,7 +98,7 @@ in
hostName = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Normally, BitlBee gets a hostname using getsockname(). If you have a nicer
alias for your BitlBee daemon, you can set it here and BitlBee will identify
itself with that name instead.
@@ -109,7 +109,7 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.bitlbee-facebook ]";
- description = ''
+ description = lib.mdDoc ''
The list of bitlbee plugins to install.
'';
};
@@ -118,7 +118,7 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.purple-matrix ]";
- description = ''
+ description = lib.mdDoc ''
The list of libpurple plugins to install.
'';
};
@@ -126,7 +126,7 @@ in
configDir = mkOption {
default = "/var/lib/bitlbee";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Specify an alternative directory to store all the per-user configuration
files.
'';
@@ -135,7 +135,7 @@ in
protocols = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
This option allows to remove the support of protocol, even if compiled
in. If nothing is given, there are no restrictions.
'';
@@ -144,7 +144,7 @@ in
extraSettings = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Will be inserted in the Settings section of the config file.
'';
};
@@ -152,7 +152,7 @@ in
extraDefaults = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Will be inserted in the Default section of the config file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/blockbook-frontend.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/blockbook-frontend.nix
index eeea521c8d5..0164883c747 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/blockbook-frontend.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/blockbook-frontend.nix
@@ -16,28 +16,28 @@ let
type = types.package;
default = pkgs.blockbook;
defaultText = literalExpression "pkgs.blockbook";
- description = "Which blockbook package to use.";
+ description = lib.mdDoc "Which blockbook package to use.";
};
user = mkOption {
type = types.str;
default = "blockbook-frontend-${name}";
- description = "The user as which to run blockbook-frontend-${name}.";
+ description = lib.mdDoc "The user as which to run blockbook-frontend-${name}.";
};
group = mkOption {
type = types.str;
default = "${config.user}";
- description = "The group as which to run blockbook-frontend-${name}.";
+ description = lib.mdDoc "The group as which to run blockbook-frontend-${name}.";
};
certFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/etc/secrets/blockbook-frontend-${name}/certFile";
- description = ''
+ description = lib.mdDoc ''
To enable SSL, specify path to the name of certificate files without extension.
- Expecting certFile.crt and certFile.key.
+ Expecting {file}`certFile.crt` and {file}`certFile.key`.
'';
};
@@ -45,14 +45,14 @@ let
type = with types; nullOr path;
default = null;
example = "${config.dataDir}/config.json";
- description = "Location of the blockbook configuration file.";
+ description = lib.mdDoc "Location of the blockbook configuration file.";
};
coinName = mkOption {
type = types.str;
default = "Bitcoin";
- description = ''
- See
+ description = lib.mdDoc ''
+ See
for current of coins supported in master (Note: may differ from release).
'';
};
@@ -62,8 +62,8 @@ let
default = "${config.package}/share/css/";
defaultText = literalExpression ''"''${package}/share/css/"'';
example = literalExpression ''"''${dataDir}/static/css/"'';
- description = ''
- Location of the dir with main.css CSS file.
+ description = lib.mdDoc ''
+ Location of the dir with {file}`main.css` CSS file.
By default, the one shipped with the package is used.
'';
};
@@ -71,68 +71,68 @@ let
dataDir = mkOption {
type = types.path;
default = "/var/lib/blockbook-frontend-${name}";
- description = "Location of blockbook-frontend-${name} data directory.";
+ description = lib.mdDoc "Location of blockbook-frontend-${name} data directory.";
};
debug = mkOption {
type = types.bool;
default = false;
- description = "Debug mode, return more verbose errors, reload templates on each request.";
+ description = lib.mdDoc "Debug mode, return more verbose errors, reload templates on each request.";
};
internal = mkOption {
type = types.nullOr types.str;
default = ":9030";
- description = "Internal http server binding [address]:port.";
+ description = lib.mdDoc "Internal http server binding `[address]:port`.";
};
messageQueueBinding = mkOption {
type = types.str;
default = "tcp://127.0.0.1:38330";
- description = "Message Queue Binding address:port.";
+ description = lib.mdDoc "Message Queue Binding `address:port`.";
};
public = mkOption {
type = types.nullOr types.str;
default = ":9130";
- description = "Public http server binding [address]:port.";
+ description = lib.mdDoc "Public http server binding `[address]:port`.";
};
rpc = {
url = mkOption {
type = types.str;
default = "http://127.0.0.1";
- description = "URL for JSON-RPC connections.";
+ description = lib.mdDoc "URL for JSON-RPC connections.";
};
port = mkOption {
type = types.port;
default = 8030;
- description = "Port for JSON-RPC connections.";
+ description = lib.mdDoc "Port for JSON-RPC connections.";
};
user = mkOption {
type = types.str;
default = "rpc";
- description = "Username for JSON-RPC connections.";
+ description = lib.mdDoc "Username for JSON-RPC connections.";
};
password = mkOption {
type = types.str;
default = "rpc";
- description = ''
+ description = lib.mdDoc ''
RPC password for JSON-RPC connections.
Warning: this is stored in cleartext in the Nix store!!!
- Use configFile or passwordFile if needed.
+ Use `configFile` or `passwordFile` if needed.
'';
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing password of the RPC user.
- Note: This options is ignored when configFile is used.
+ Note: This options is ignored when `configFile` is used.
'';
};
};
@@ -140,7 +140,7 @@ let
sync = mkOption {
type = types.bool;
default = true;
- description = "Synchronizes until tip, if together with zeromq, keeps index synchronized.";
+ description = lib.mdDoc "Synchronizes until tip, if together with zeromq, keeps index synchronized.";
};
templateDir = mkOption {
@@ -148,7 +148,7 @@ let
default = "${config.package}/share/templates/";
defaultText = literalExpression ''"''${package}/share/templates/"'';
example = literalExpression ''"''${dataDir}/templates/static/"'';
- description = "Location of the HTML templates. By default, ones shipped with the package are used.";
+ description = lib.mdDoc "Location of the HTML templates. By default, ones shipped with the package are used.";
};
extraConfig = mkOption {
@@ -171,10 +171,10 @@ let
"mempool_sub_workers" = 2;
"block_addresses_to_keep" = 300;
}'';
- description = ''
- Additional configurations to be appended to coin.conf.
+ description = lib.mdDoc ''
+ Additional configurations to be appended to {file}`coin.conf`.
Overrides any already defined configuration options.
- See
+ See
for current configuration options supported in master (Note: may differ from release).
'';
};
@@ -183,7 +183,7 @@ let
type = types.listOf types.str;
default = [];
example = [ "-workers=1" "-dbcache=0" "-logtosderr" ];
- description = ''
+ description = lib.mdDoc ''
Extra command line options to pass to Blockbook.
Run blockbook --help to list all available options.
'';
@@ -198,7 +198,7 @@ in
services.blockbook-frontend = mkOption {
type = types.attrsOf (types.submodule blockbookOpts);
default = {};
- description = "Specification of one or more blockbook-frontend instances.";
+ description = lib.mdDoc "Specification of one or more blockbook-frontend instances.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/blocky.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/blocky.nix
index 7488e05fc03..42eab145966 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/blocky.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/blocky.nix
@@ -15,9 +15,9 @@ in
settings = mkOption {
type = format.type;
default = { };
- description = ''
+ description = lib.mdDoc ''
Blocky configuration. Refer to
-
+
for details on supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/charybdis.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/charybdis.nix
index ff09c0160cb..c875557a1a3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/charybdis.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/charybdis.nix
@@ -22,7 +22,7 @@ in
config = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Charybdis IRC daemon configuration file.
'';
};
@@ -30,7 +30,7 @@ in
statedir = mkOption {
type = types.path;
default = "/var/lib/charybdis";
- description = ''
+ description = lib.mdDoc ''
Location of the state directory of charybdis.
'';
};
@@ -38,7 +38,7 @@ in
user = mkOption {
type = types.str;
default = "ircd";
- description = ''
+ description = lib.mdDoc ''
Charybdis IRC daemon user.
'';
};
@@ -46,7 +46,7 @@ in
group = mkOption {
type = types.str;
default = "ircd";
- description = ''
+ description = lib.mdDoc ''
Charybdis IRC daemon group.
'';
};
@@ -54,7 +54,7 @@ in
motd = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Charybdis MOTD text.
Charybdis will read its MOTD from /etc/charybdis/ircd.motd .
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cjdns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cjdns.nix
index 0d97d379e90..5a19475161f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cjdns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cjdns.nix
@@ -13,27 +13,27 @@ let
{ options =
{ password = mkOption {
type = types.str;
- description = "Authorized password to the opposite end of the tunnel.";
+ description = lib.mdDoc "Authorized password to the opposite end of the tunnel.";
};
login = mkOption {
default = "";
type = types.str;
- description = "(optional) name your peer has for you";
+ description = lib.mdDoc "(optional) name your peer has for you";
};
peerName = mkOption {
default = "";
type = types.str;
- description = "(optional) human-readable name for peer";
+ description = lib.mdDoc "(optional) human-readable name for peer";
};
publicKey = mkOption {
type = types.str;
- description = "Public key at the opposite end of the tunnel.";
+ description = lib.mdDoc "Public key at the opposite end of the tunnel.";
};
hostname = mkOption {
default = "";
example = "foobar.hype";
type = types.str;
- description = "Optional hostname to add to /etc/hosts; prevents reverse lookup failures.";
+ description = lib.mdDoc "Optional hostname to add to /etc/hosts; prevents reverse lookup failures.";
};
};
};
@@ -87,7 +87,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the cjdns network encryption
and routing engine. A file at /etc/cjdns.keys will
be created if it does not exist to contain a random
@@ -99,7 +99,7 @@ in
type = types.attrs;
default = {};
example = { router.interface.tunDevice = "tun10"; };
- description = ''
+ description = lib.mdDoc ''
Extra configuration, given as attrs, that will be merged recursively
with the rest of the JSON generated by this module, at the root node.
'';
@@ -109,7 +109,7 @@ in
type = types.nullOr types.path;
default = null;
example = "/etc/cjdroute.conf";
- description = ''
+ description = lib.mdDoc ''
Ignore all other cjdns options and load configuration from this file.
'';
};
@@ -122,7 +122,7 @@ in
"z9md3t4p45mfrjzdjurxn4wuj0d8swv"
"49275fut6tmzu354pq70sr5b95qq0vj"
];
- description = ''
+ description = lib.mdDoc ''
Any remote cjdns nodes that offer these passwords on
connection will be allowed to route through this node.
'';
@@ -132,7 +132,7 @@ in
bind = mkOption {
type = types.str;
default = "127.0.0.1:11234";
- description = ''
+ description = lib.mdDoc ''
Bind the administration port to this address and port.
'';
};
@@ -143,7 +143,7 @@ in
type = types.str;
default = "";
example = "192.168.1.32:43211";
- description = ''
+ description = lib.mdDoc ''
Address and port to bind UDP tunnels to.
'';
};
@@ -159,7 +159,7 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
Credentials for making UDP tunnels.
'';
};
@@ -171,16 +171,16 @@ in
default = "";
example = "eth0";
description =
- ''
+ lib.mdDoc ''
Bind to this device for native ethernet operation.
- all is a pseudo-name which will try to connect to all devices.
+ `all` is a pseudo-name which will try to connect to all devices.
'';
};
beacon = mkOption {
type = types.int;
default = 2;
- description = ''
+ description = lib.mdDoc ''
Auto-connect to other cjdns nodes on the same network.
Options:
0: Disabled.
@@ -206,7 +206,7 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
Credentials for connecting look similar to UDP credientials
except they begin with the mac address.
'';
@@ -216,9 +216,9 @@ in
addExtraHosts = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to add cjdns peers with an associated hostname to
- /etc/hosts. Beware that enabling this
+ {file}`/etc/hosts`. Beware that enabling this
incurs heavy eval-time costs.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cloudflare-dyndns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cloudflare-dyndns.nix
index ab5b1a08539..5dd90cfe35b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cloudflare-dyndns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cloudflare-dyndns.nix
@@ -23,7 +23,7 @@ in
domains = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of domain names to update records for.
'';
};
@@ -31,7 +31,7 @@ in
proxied = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether this is a DNS-only record, or also being proxied through CloudFlare.
'';
};
@@ -39,7 +39,7 @@ in
ipv4 = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable setting IPv4 A records.
'';
};
@@ -47,7 +47,7 @@ in
ipv6 = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable setting IPv6 AAAA records.
'';
};
@@ -55,7 +55,7 @@ in
deleteMissing = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to delete the record when no IP address is found.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cntlm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cntlm.nix
index eea28e12ce0..2b5d0583c65 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cntlm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/cntlm.nix
@@ -37,33 +37,33 @@ in
username = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Proxy account name, without the possibility to include domain name ('at' sign is interpreted literally).
'';
};
domain = mkOption {
type = types.str;
- description = "Proxy account domain/workgroup name.";
+ description = lib.mdDoc "Proxy account domain/workgroup name.";
};
password = mkOption {
default = "/etc/cntlm.password";
type = types.str;
- description = "Proxy account password. Note: use chmod 0600 on /etc/cntlm.password for security.";
+ description = lib.mdDoc "Proxy account password. Note: use chmod 0600 on /etc/cntlm.password for security.";
};
netbios_hostname = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
The hostname of your machine.
'';
};
proxy = mkOption {
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
A list of NTLM/NTLMv2 authenticating HTTP proxies.
Parent proxy, which requires authentication. The same as proxy on the command-line, can be used more than once to specify unlimited
@@ -74,7 +74,7 @@ in
};
noproxy = mkOption {
- description = ''
+ description = lib.mdDoc ''
A list of domains where the proxy is skipped.
'';
default = [];
@@ -85,19 +85,19 @@ in
port = mkOption {
default = [3128];
type = types.listOf types.port;
- description = "Specifies on which ports the cntlm daemon listens.";
+ description = lib.mdDoc "Specifies on which ports the cntlm daemon listens.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Additional config appended to the end of the generated cntlm.conf.";
+ description = lib.mdDoc "Additional config appended to the end of the generated {file}`cntlm.conf`.";
};
configText = mkOption {
type = types.lines;
default = "";
- description = "Verbatim contents of cntlm.conf.";
+ description = lib.mdDoc "Verbatim contents of {file}`cntlm.conf`.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/connman.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/connman.nix
index 9945dc83a27..49899141957 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/connman.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/connman.nix
@@ -27,7 +27,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use ConnMan for managing your network connections.
'';
};
@@ -35,7 +35,7 @@ in {
enableVPN = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable ConnMan VPN service.
'';
};
@@ -43,7 +43,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Configuration lines appended to the generated connman configuration file.
'';
};
@@ -51,7 +51,7 @@ in {
networkInterfaceBlacklist = mkOption {
type = with types; listOf str;
default = [ "vmnet" "vboxnet" "virbr" "ifb" "ve" ];
- description = ''
+ description = lib.mdDoc ''
Default blacklisted interfaces, this includes NixOS containers interfaces (ve).
'';
};
@@ -60,9 +60,9 @@ in {
backend = mkOption {
type = types.enum [ "wpa_supplicant" "iwd" ];
default = "wpa_supplicant";
- description = ''
+ description = lib.mdDoc ''
Specify the Wi-Fi backend used.
- Currently supported are or .
+ Currently supported are {option}`wpa_supplicant` or {option}`iwd`.
'';
};
};
@@ -71,14 +71,14 @@ in {
type = with types; listOf str;
default = [ ];
example = [ "--nodnsproxy" ];
- description = ''
+ description = lib.mdDoc ''
Extra flags to pass to connmand
'';
};
package = mkOption {
type = types.package;
- description = "The connman package / build flavor";
+ description = lib.mdDoc "The connman package / build flavor";
default = connman;
defaultText = literalExpression "pkgs.connman";
example = literalExpression "pkgs.connmanFull";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/consul.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/consul.nix
index cb53cc01f52..16f1b5eec87 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/consul.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/consul.nix
@@ -28,7 +28,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables the consul daemon.
'';
};
@@ -37,7 +37,7 @@ in
type = types.package;
default = pkgs.consul;
defaultText = literalExpression "pkgs.consul";
- description = ''
+ description = lib.mdDoc ''
The package used for the Consul agent and CLI.
'';
};
@@ -46,7 +46,7 @@ in
webUi = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables the web interface on the consul http port.
'';
};
@@ -54,7 +54,7 @@ in
leaveOnStop = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, causes a leave action to be sent when closing consul.
This allows a clean termination of the node, but permanently removes
it from the cluster. You probably don't want this option unless you
@@ -68,7 +68,7 @@ in
advertise = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The name of the interface to pull the advertise_addr from.
'';
};
@@ -76,7 +76,7 @@ in
bind = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The name of the interface to pull the bind_addr from.
'';
};
@@ -85,7 +85,7 @@ in
forceAddrFamily = mkOption {
type = types.enum [ "any" "ipv4" "ipv6" ];
default = "any";
- description = ''
+ description = lib.mdDoc ''
Whether to bind ipv4/ipv6 or both kind of addresses.
'';
};
@@ -93,7 +93,7 @@ in
forceIpv4 = mkOption {
type = types.nullOr types.bool;
default = null;
- description = ''
+ description = lib.mdDoc ''
Deprecated: Use consul.forceAddrFamily instead.
Whether we should force the interfaces to only pull ipv4 addresses.
'';
@@ -102,7 +102,7 @@ in
dropPrivileges = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the consul agent should be run as a non-root consul user.
'';
};
@@ -110,7 +110,7 @@ in
extraConfig = mkOption {
default = { };
type = types.attrsOf types.anything;
- description = ''
+ description = lib.mdDoc ''
Extra configuration options which are serialized to json and added
to the config.json file.
'';
@@ -119,7 +119,7 @@ in
extraConfigFiles = mkOption {
default = [ ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Additional configuration files to pass to consul
NOTE: These will not trigger the service to be restarted when altered.
'';
@@ -129,32 +129,32 @@ in
enable = mkEnableOption "consul-alerts";
package = mkOption {
- description = "Package to use for consul-alerts.";
+ description = lib.mdDoc "Package to use for consul-alerts.";
default = pkgs.consul-alerts;
defaultText = literalExpression "pkgs.consul-alerts";
type = types.package;
};
listenAddr = mkOption {
- description = "Api listening address.";
+ description = lib.mdDoc "Api listening address.";
default = "localhost:9000";
type = types.str;
};
consulAddr = mkOption {
- description = "Consul api listening adddress";
+ description = lib.mdDoc "Consul api listening adddress";
default = "localhost:8500";
type = types.str;
};
watchChecks = mkOption {
- description = "Whether to enable check watcher.";
+ description = lib.mdDoc "Whether to enable check watcher.";
default = true;
type = types.bool;
};
watchEvents = mkOption {
- description = "Whether to enable event watcher.";
+ description = lib.mdDoc "Whether to enable event watcher.";
default = true;
type = types.bool;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/coredns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/coredns.nix
index 88615d8e610..9a4140e9d58 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/coredns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/coredns.nix
@@ -24,7 +24,7 @@ in {
default = pkgs.coredns;
defaultText = literalExpression "pkgs.coredns";
type = types.package;
- description = "Coredns package to use.";
+ description = lib.mdDoc "Coredns package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/corerad.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/corerad.nix
index 9d79d5d7686..88428eba558 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/corerad.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/corerad.nix
@@ -36,8 +36,8 @@ in {
};
}
'';
- description = ''
- Configuration for CoreRAD, see
+ description = lib.mdDoc ''
+ Configuration for CoreRAD, see
for supported values. Ignored if configFile is set.
'';
};
@@ -45,14 +45,14 @@ in {
configFile = mkOption {
type = types.path;
example = literalExpression ''"''${pkgs.corerad}/etc/corerad/corerad.toml"'';
- description = "Path to CoreRAD TOML configuration file.";
+ description = lib.mdDoc "Path to CoreRAD TOML configuration file.";
};
package = mkOption {
default = pkgs.corerad;
defaultText = literalExpression "pkgs.corerad";
type = types.package;
- description = "CoreRAD package to use.";
+ description = lib.mdDoc "CoreRAD package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/coturn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/coturn.nix
index ce563c31136..788c51aed6b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/coturn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/coturn.nix
@@ -44,7 +44,7 @@ in {
listening-port = mkOption {
type = types.int;
default = 3478;
- description = ''
+ description = lib.mdDoc ''
TURN listener port for UDP and TCP.
Note: actually, TLS and DTLS sessions can connect to the
"plain" TCP and UDP port(s), too - if allowed by configuration.
@@ -53,7 +53,7 @@ in {
tls-listening-port = mkOption {
type = types.int;
default = 5349;
- description = ''
+ description = lib.mdDoc ''
TURN listener port for TLS.
Note: actually, "plain" TCP and UDP sessions can connect to the TLS and
DTLS port(s), too - if allowed by configuration. The TURN server
@@ -69,7 +69,7 @@ in {
type = types.int;
default = cfg.listening-port + 1;
defaultText = literalExpression "listening-port + 1";
- description = ''
+ description = lib.mdDoc ''
Alternative listening port for UDP and TCP listeners;
default (or zero) value means "listening port plus one".
This is needed for RFC 5780 support
@@ -84,7 +84,7 @@ in {
type = types.int;
default = cfg.tls-listening-port + 1;
defaultText = literalExpression "tls-listening-port + 1";
- description = ''
+ description = lib.mdDoc ''
Alternative listening port for TLS and DTLS protocols.
'';
};
@@ -92,7 +92,7 @@ in {
type = types.listOf types.str;
default = [];
example = [ "203.0.113.42" "2001:DB8::42" ];
- description = ''
+ description = lib.mdDoc ''
Listener IP addresses of relay server.
If no IP(s) specified in the config file or in the command line options,
then all IPv4 and IPv6 system IPs will be used for listening.
@@ -102,7 +102,7 @@ in {
type = types.listOf types.str;
default = [];
example = [ "203.0.113.42" "2001:DB8::42" ];
- description = ''
+ description = lib.mdDoc ''
Relay address (the local IP address that will be used to relay the
packets to the peer).
Multiple relay addresses may be used.
@@ -118,28 +118,28 @@ in {
min-port = mkOption {
type = types.int;
default = 49152;
- description = ''
+ description = lib.mdDoc ''
Lower bound of UDP relay endpoints
'';
};
max-port = mkOption {
type = types.int;
default = 65535;
- description = ''
+ description = lib.mdDoc ''
Upper bound of UDP relay endpoints
'';
};
lt-cred-mech = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Use long-term credential mechanism.
'';
};
no-auth = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
This option is opposite to lt-cred-mech.
(TURN Server with no-auth option allows anonymous access).
If neither option is defined, and no users are defined,
@@ -151,7 +151,7 @@ in {
use-auth-secret = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
TURN REST API flag.
Flag that sets a special authorization option that is based upon authentication secret.
This feature can be used with the long-term authentication mechanism, only.
@@ -175,7 +175,7 @@ in {
static-auth-secret = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
'Static' authentication secret value (a string) for TURN REST API only.
If not set, then the turn server
will try to use the 'dynamic' value in turn_secret table
@@ -186,7 +186,7 @@ in {
static-auth-secret-file = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the file containing the static authentication secret.
'';
};
@@ -195,7 +195,7 @@ in {
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
example = "example.com";
- description = ''
+ description = lib.mdDoc ''
The default realm to be used for the users when no explicit
origin/realm relationship was found in the database, or if the TURN
server is not using any database (just the commands-line settings
@@ -207,7 +207,7 @@ in {
type = types.nullOr types.str;
default = null;
example = "/var/lib/acme/example.com/fullchain.pem";
- description = ''
+ description = lib.mdDoc ''
Certificate file in PEM format.
'';
};
@@ -215,21 +215,21 @@ in {
type = types.nullOr types.str;
default = null;
example = "/var/lib/acme/example.com/key.pem";
- description = ''
+ description = lib.mdDoc ''
Private key file in PEM format.
'';
};
dh-file = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Use custom DH TLS key, stored in PEM format in the file.
'';
};
secure-stun = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Require authentication of the STUN Binding request.
By default, the clients are allowed anonymous access to the STUN Binding functionality.
'';
@@ -237,28 +237,28 @@ in {
no-cli = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Turn OFF the CLI support.
'';
};
cli-ip = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Local system IP address to be used for CLI server endpoint.
'';
};
cli-port = mkOption {
type = types.int;
default = 5766;
- description = ''
+ description = lib.mdDoc ''
CLI server port.
'';
};
cli-password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
CLI access password.
For the security reasons, it is recommended to use the encrypted
for of the password (see the -P command in the turnadmin utility).
@@ -267,37 +267,37 @@ in {
no-udp = mkOption {
type = types.bool;
default = false;
- description = "Disable UDP client listener";
+ description = lib.mdDoc "Disable UDP client listener";
};
no-tcp = mkOption {
type = types.bool;
default = false;
- description = "Disable TCP client listener";
+ description = lib.mdDoc "Disable TCP client listener";
};
no-tls = mkOption {
type = types.bool;
default = false;
- description = "Disable TLS client listener";
+ description = lib.mdDoc "Disable TLS client listener";
};
no-dtls = mkOption {
type = types.bool;
default = false;
- description = "Disable DTLS client listener";
+ description = lib.mdDoc "Disable DTLS client listener";
};
no-udp-relay = mkOption {
type = types.bool;
default = false;
- description = "Disable UDP relay endpoints";
+ description = lib.mdDoc "Disable UDP relay endpoints";
};
no-tcp-relay = mkOption {
type = types.bool;
default = false;
- description = "Disable TCP relay endpoints";
+ description = lib.mdDoc "Disable TCP relay endpoints";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Additional configuration options";
+ description = lib.mdDoc "Additional configuration options";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/croc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/croc.nix
index d044979e10d..82035856733 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/croc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/croc.nix
@@ -10,12 +10,12 @@ in
ports = lib.mkOption {
type = with types; listOf port;
default = [9009 9010 9011 9012 9013];
- description = "Ports of the relay.";
+ description = lib.mdDoc "Ports of the relay.";
};
pass = lib.mkOption {
type = with types; either path str;
default = "pass123";
- description = "Password or passwordfile for the relay.";
+ description = lib.mdDoc "Password or passwordfile for the relay.";
};
openFirewall = lib.mkEnableOption "opening of the peer port(s) in the firewall";
debug = lib.mkEnableOption "debug logs";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dante.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dante.nix
index 20d4faa1cdb..5ddbee88609 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dante.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dante.nix
@@ -23,7 +23,7 @@ in
config = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Contents of Dante's configuration file.
NOTE: user.privileged, user.unprivileged and logoutput are set by the service.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ddclient.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ddclient.nix
index faee99b175e..a0e9405343b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ddclient.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ddclient.nix
@@ -13,7 +13,7 @@ let
foreground=YES
use=${cfg.use}
login=${cfg.username}
- password=${lib.optionalString (cfg.protocol == "nsupdate") "/run/${RuntimeDirectory}/ddclient.key"}
+ password=${if cfg.protocol == "nsupdate" then "/run/${RuntimeDirectory}/ddclient.key" else "@password_placeholder@"}
protocol=${cfg.protocol}
${lib.optionalString (cfg.script != "") "script=${cfg.script}"}
${lib.optionalString (cfg.server != "") "server=${cfg.server}"}
@@ -33,10 +33,9 @@ let
${lib.optionalString (cfg.configFile == null) (if (cfg.protocol == "nsupdate") then ''
install ${cfg.passwordFile} /run/${RuntimeDirectory}/ddclient.key
'' else if (cfg.passwordFile != null) then ''
- password=$(printf "%q" "$(head -n 1 "${cfg.passwordFile}")")
- sed -i "s|^password=$|password=$password|" /run/${RuntimeDirectory}/ddclient.conf
+ "${pkgs.replace-secret}/bin/replace-secret" "@password_placeholder@" "${cfg.passwordFile}" "/run/${RuntimeDirectory}/ddclient.conf"
'' else ''
- sed -i '/^password=$/d' /run/${RuntimeDirectory}/ddclient.conf
+ sed -i '/^password=@password_placeholder@$/d' /run/${RuntimeDirectory}/ddclient.conf
'')}
'';
@@ -64,7 +63,7 @@ with lib;
enable = mkOption {
default = false;
type = bool;
- description = ''
+ description = lib.mdDoc ''
Whether to synchronise your machine's IP address with a dynamic DNS provider (e.g. dyndns.org).
'';
};
@@ -73,7 +72,7 @@ with lib;
type = package;
default = pkgs.ddclient;
defaultText = "pkgs.ddclient";
- description = ''
+ description = lib.mdDoc ''
The ddclient executable package run by the service.
'';
};
@@ -81,7 +80,7 @@ with lib;
domains = mkOption {
default = [ "" ];
type = listOf str;
- description = ''
+ description = lib.mdDoc ''
Domain name(s) to synchronize.
'';
};
@@ -91,7 +90,7 @@ with lib;
default = lib.optionalString (config.services.ddclient.protocol == "nsupdate") "${pkgs.bind.dnsutils}/bin/nsupdate";
defaultText = "";
type = str;
- description = ''
+ description = lib.mdDoc ''
User name.
'';
};
@@ -99,7 +98,7 @@ with lib;
passwordFile = mkOption {
default = null;
type = nullOr str;
- description = ''
+ description = lib.mdDoc ''
A file containing the password or a TSIG key in named format when using the nsupdate protocol.
'';
};
@@ -107,16 +106,16 @@ with lib;
interval = mkOption {
default = "10min";
type = str;
- description = ''
+ description = lib.mdDoc ''
The interval at which to run the check and update.
- See man 7 systemd.time for the format.
+ See {command}`man 7 systemd.time` for the format.
'';
};
configFile = mkOption {
default = null;
type = nullOr path;
- description = ''
+ description = lib.mdDoc ''
Path to configuration file.
When set this overrides the generated configuration from module options.
'';
@@ -126,7 +125,7 @@ with lib;
protocol = mkOption {
default = "dyndns2";
type = str;
- description = ''
+ description = lib.mdDoc ''
Protocol to use with dynamic DNS provider (see https://sourceforge.net/p/ddclient/wiki/protocols).
'';
};
@@ -134,7 +133,7 @@ with lib;
server = mkOption {
default = "";
type = str;
- description = ''
+ description = lib.mdDoc ''
Server address.
'';
};
@@ -142,7 +141,7 @@ with lib;
ssl = mkOption {
default = true;
type = bool;
- description = ''
+ description = lib.mdDoc ''
Whether to use SSL/TLS to connect to dynamic DNS provider.
'';
};
@@ -150,7 +149,7 @@ with lib;
ipv6 = mkOption {
default = false;
type = bool;
- description = ''
+ description = lib.mdDoc ''
Whether to use IPv6.
'';
};
@@ -159,7 +158,7 @@ with lib;
quiet = mkOption {
default = false;
type = bool;
- description = ''
+ description = lib.mdDoc ''
Print no messages for unnecessary updates.
'';
};
@@ -167,7 +166,7 @@ with lib;
script = mkOption {
default = "";
type = str;
- description = ''
+ description = lib.mdDoc ''
script as required by some providers.
'';
};
@@ -175,7 +174,7 @@ with lib;
use = mkOption {
default = "web, web=checkip.dyndns.com/, web-skip='Current IP Address: '";
type = str;
- description = ''
+ description = lib.mdDoc ''
Method to determine the IP address to send to the dynamic DNS provider.
'';
};
@@ -183,7 +182,7 @@ with lib;
verbose = mkOption {
default = false;
type = bool;
- description = ''
+ description = lib.mdDoc ''
Print verbose information.
'';
};
@@ -191,7 +190,7 @@ with lib;
zone = mkOption {
default = "";
type = str;
- description = ''
+ description = lib.mdDoc ''
zone as required by some providers.
'';
};
@@ -199,7 +198,7 @@ with lib;
extraConfig = mkOption {
default = "";
type = lines;
- description = ''
+ description = lib.mdDoc ''
Extra configuration. Contents will be added verbatim to the configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dhcpcd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dhcpcd.nix
index 3eb7ca99eaf..6b7ce828919 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dhcpcd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dhcpcd.nix
@@ -103,7 +103,7 @@ in
networking.dhcpcd.enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable dhcpcd for device configuration. This is mainly to
explicitly disable dhcpcd (for example when using networkd).
'';
@@ -112,7 +112,7 @@ in
networking.dhcpcd.persistent = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whenever to leave interfaces configured on dhcpcd daemon
shutdown. Set to true if you have your root or store mounted
over the network or this machine accepts SSH connections
@@ -124,7 +124,7 @@ in
networking.dhcpcd.denyInterfaces = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Disable the DHCP client for any interface whose name matches
any of the shell glob patterns in this list. The purpose of
this option is to blacklist virtual interfaces such as those
@@ -135,7 +135,7 @@ in
networking.dhcpcd.allowInterfaces = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = ''
+ description = lib.mdDoc ''
Enable the DHCP client for any interface whose name matches
any of the shell glob patterns in this list. Any interface not
explicitly matched by this pattern will be denied. This pattern only
@@ -146,7 +146,7 @@ in
networking.dhcpcd.extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Literal string to append to the config file generated for dhcpcd.
'';
};
@@ -164,7 +164,7 @@ in
networking.dhcpcd.wait = mkOption {
type = types.enum [ "background" "any" "ipv4" "ipv6" "both" "if-carrier-up" ];
default = "any";
- description = ''
+ description = lib.mdDoc ''
This option specifies when the dhcpcd service will fork to background.
If set to "background", dhcpcd will fork to background immediately.
If set to "ipv4" or "ipv6", dhcpcd will wait for the corresponding IP
@@ -215,7 +215,7 @@ in
# dhcpcd. So do a "systemctl restart" instead.
stopIfChanged = false;
- path = [ dhcpcd pkgs.nettools pkgs.openresolv ];
+ path = [ dhcpcd pkgs.nettools config.networking.resolvconf.package ];
unitConfig.ConditionCapability = "CAP_NET_ADMIN";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dhcpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dhcpd.nix
index 49950efc0a1..0bd5e4ef553 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dhcpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dhcpd.nix
@@ -77,7 +77,7 @@ let
hostName = mkOption {
type = types.str;
example = "foo";
- description = ''
+ description = lib.mdDoc ''
Hostname which is assigned statically to the machine.
'';
};
@@ -85,7 +85,7 @@ let
ethernetAddress = mkOption {
type = types.str;
example = "00:16:76:9a:32:1d";
- description = ''
+ description = lib.mdDoc ''
MAC address of the machine.
'';
};
@@ -93,7 +93,7 @@ let
ipAddress = mkOption {
type = types.str;
example = "192.168.1.10";
- description = ''
+ description = lib.mdDoc ''
IP address of the machine.
'';
};
@@ -106,7 +106,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the DHCPv${postfix} server.
'';
};
@@ -124,7 +124,7 @@ let
range 192.168.1.100 192.168.1.200;
}
'';
- description = ''
+ description = lib.mdDoc ''
Extra text to be appended to the DHCP server configuration
file. Currently, you almost certainly need to specify something
there, such as the options specifying the subnet mask, DNS servers,
@@ -135,7 +135,7 @@ let
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Additional command line flags to be passed to the dhcpd daemon.
'';
};
@@ -143,7 +143,7 @@ let
configFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The path of the DHCP server configuration file. If no file
is specified, a file is generated using the other options.
'';
@@ -152,7 +152,7 @@ let
interfaces = mkOption {
type = types.listOf types.str;
default = ["eth0"];
- description = ''
+ description = lib.mdDoc ''
The interfaces on which the DHCP server should listen.
'';
};
@@ -170,7 +170,7 @@ let
ipAddress = "192.168.1.11";
}
];
- description = ''
+ description = lib.mdDoc ''
A list mapping Ethernet addresses to IPv${postfix} addresses for the
DHCP server.
'';
@@ -179,7 +179,7 @@ let
authoritative = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the DHCP server shall send DHCPNAK messages to misconfigured
clients. If this is not done, clients may be unable to get a correct
IP address after changing subnets until their old lease has expired.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscache.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscache.nix
index 7452210de47..eff13f69f47 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscache.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscache.nix
@@ -38,26 +38,26 @@ in {
enable = mkOption {
default = false;
type = types.bool;
- description = "Whether to run the dnscache caching dns server.";
+ description = lib.mdDoc "Whether to run the dnscache caching dns server.";
};
ip = mkOption {
default = "0.0.0.0";
type = types.str;
- description = "IP address on which to listen for connections.";
+ description = lib.mdDoc "IP address on which to listen for connections.";
};
clientIps = mkOption {
default = [ "127.0.0.1" ];
type = types.listOf types.str;
- description = "Client IP addresses (or prefixes) from which to accept connections.";
+ description = lib.mdDoc "Client IP addresses (or prefixes) from which to accept connections.";
example = ["192.168" "172.23.75.82"];
};
domainServers = mkOption {
default = { };
type = types.attrsOf (types.listOf types.str);
- description = ''
+ description = lib.mdDoc ''
Table of {hostname: server} pairs to use as authoritative servers for hosts (and subhosts).
If entry for @ is not specified predefined list of root servers is used.
'';
@@ -72,7 +72,7 @@ in {
forwardOnly = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to treat root servers (for @) as caching
servers, requesting addresses the same way a client does. This is
needed if you want to use e.g. Google DNS as your upstream DNS.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscrypt-proxy2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscrypt-proxy2.nix
index 316e6e37f9d..ff793410103 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscrypt-proxy2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscrypt-proxy2.nix
@@ -9,9 +9,9 @@ in
enable = mkEnableOption "dnscrypt-proxy2";
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Attrset that is converted and passed as TOML config file.
- For available params, see:
+ For available params, see:
'';
example = literalExpression ''
{
@@ -28,8 +28,8 @@ in
};
upstreamDefaults = mkOption {
- description = ''
- Whether to base the config declared in on the upstream example config ()
+ description = lib.mdDoc ''
+ Whether to base the config declared in {option}`services.dnscrypt-proxy2.settings` on the upstream example config ()
Disable this if you want to declare your dnscrypt config from scratch.
'';
@@ -38,8 +38,8 @@ in
};
configFile = mkOption {
- description = ''
- Path to TOML config file. See:
+ description = lib.mdDoc ''
+ Path to TOML config file. See:
If this option is set, it will override any configuration done in options.services.dnscrypt-proxy2.settings.
'';
example = "/etc/dnscrypt-proxy/dnscrypt-proxy.toml";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscrypt-wrapper.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscrypt-wrapper.nix
index c2add170e9c..5df1e8b51a5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscrypt-wrapper.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnscrypt-wrapper.nix
@@ -129,7 +129,7 @@ in {
address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The DNSCrypt wrapper will bind to this IP address.
'';
};
@@ -137,7 +137,7 @@ in {
port = mkOption {
type = types.int;
default = 5353;
- description = ''
+ description = lib.mdDoc ''
The DNSCrypt wrapper will listen for DNS queries on this port.
'';
};
@@ -147,9 +147,9 @@ in {
default = "2.dnscrypt-cert.${config.networking.hostName}";
defaultText = literalExpression ''"2.dnscrypt-cert.''${config.networking.hostName}"'';
example = "2.dnscrypt-cert.myresolver";
- description = ''
+ description = lib.mdDoc ''
The name that will be given to this DNSCrypt resolver.
- Note: the resolver name must start with 2.dnscrypt-cert..
+ Note: the resolver name must start with `2.dnscrypt-cert.`.
'';
};
@@ -157,7 +157,7 @@ in {
type = types.nullOr types.path;
default = null;
example = "/etc/secrets/public.key";
- description = ''
+ description = lib.mdDoc ''
The filepath to the provider public key. If not given a new
provider key pair will be generated on the first run.
'';
@@ -167,7 +167,7 @@ in {
type = types.nullOr types.path;
default = null;
example = "/etc/secrets/secret.key";
- description = ''
+ description = lib.mdDoc ''
The filepath to the provider secret key. If not given a new
provider key pair will be generated on the first run.
'';
@@ -176,7 +176,7 @@ in {
upstream.address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The IP address of the upstream DNS server DNSCrypt will "wrap".
'';
};
@@ -184,7 +184,7 @@ in {
upstream.port = mkOption {
type = types.int;
default = 53;
- description = ''
+ description = lib.mdDoc ''
The port of the upstream DNS server DNSCrypt will "wrap".
'';
};
@@ -192,7 +192,7 @@ in {
keys.expiration = mkOption {
type = types.int;
default = 30;
- description = ''
+ description = lib.mdDoc ''
The duration (in days) of the time-limited secret key.
This will be automatically rotated before expiration.
'';
@@ -201,7 +201,7 @@ in {
keys.checkInterval = mkOption {
type = types.int;
default = 1440;
- description = ''
+ description = lib.mdDoc ''
The time interval (in minutes) between key expiration checks.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnsdist.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnsdist.nix
index c7c6a79864c..44503248cf8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnsdist.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnsdist.nix
@@ -15,19 +15,19 @@ in {
listenAddress = mkOption {
type = types.str;
- description = "Listen IP Address";
+ description = lib.mdDoc "Listen IP Address";
default = "0.0.0.0";
};
listenPort = mkOption {
type = types.int;
- description = "Listen port";
+ description = lib.mdDoc "Listen port";
default = 53;
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra lines to be added verbatim to dnsdist.conf.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnsmasq.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnsmasq.nix
index 59a3ca2f28e..cfc37b74b9a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnsmasq.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/dnsmasq.nix
@@ -32,7 +32,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run dnsmasq.
'';
};
@@ -40,7 +40,7 @@ in
resolveLocalQueries = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether dnsmasq should resolve local queries (i.e. add 127.0.0.1 to
/etc/resolv.conf).
'';
@@ -50,7 +50,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "8.8.8.8" "8.8.4.4" ];
- description = ''
+ description = lib.mdDoc ''
The DNS servers which dnsmasq should query.
'';
};
@@ -58,7 +58,7 @@ in
alwaysKeepRunning = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, systemd will always respawn dnsmasq even if shut down manually. The default, disabled, will only restart it on error.
'';
};
@@ -66,9 +66,9 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration directives that should be added to
- dnsmasq.conf.
+ `dnsmasq.conf`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/doh-proxy-rust.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/doh-proxy-rust.nix
index efd492e23f8..bfd88430d78 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/doh-proxy-rust.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/doh-proxy-rust.nix
@@ -16,9 +16,9 @@ in {
type = types.listOf types.str;
default = [];
example = [ "--server-address=9.9.9.9:53" ];
- description = ''
+ description = lib.mdDoc ''
A list of command-line flags to pass to doh-proxy. For details on the
- available options, see .
+ available options, see .
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ejabberd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ejabberd.nix
index daf8d5c4247..3feafc3bb3b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ejabberd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ejabberd.nix
@@ -26,63 +26,63 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable ejabberd server";
+ description = lib.mdDoc "Whether to enable ejabberd server";
};
package = mkOption {
type = types.package;
default = pkgs.ejabberd;
defaultText = literalExpression "pkgs.ejabberd";
- description = "ejabberd server package to use";
+ description = lib.mdDoc "ejabberd server package to use";
};
user = mkOption {
type = types.str;
default = "ejabberd";
- description = "User under which ejabberd is ran";
+ description = lib.mdDoc "User under which ejabberd is ran";
};
group = mkOption {
type = types.str;
default = "ejabberd";
- description = "Group under which ejabberd is ran";
+ description = lib.mdDoc "Group under which ejabberd is ran";
};
spoolDir = mkOption {
type = types.path;
default = "/var/lib/ejabberd";
- description = "Location of the spooldir of ejabberd";
+ description = lib.mdDoc "Location of the spooldir of ejabberd";
};
logsDir = mkOption {
type = types.path;
default = "/var/log/ejabberd";
- description = "Location of the logfile directory of ejabberd";
+ description = lib.mdDoc "Location of the logfile directory of ejabberd";
};
configFile = mkOption {
type = types.nullOr types.path;
- description = "Configuration file for ejabberd in YAML format";
+ description = lib.mdDoc "Configuration file for ejabberd in YAML format";
default = null;
};
ctlConfig = mkOption {
type = types.lines;
default = "";
- description = "Configuration of ejabberdctl";
+ description = lib.mdDoc "Configuration of ejabberdctl";
};
loadDumps = mkOption {
type = types.listOf types.path;
default = [];
- description = "Configuration dumps that should be loaded on the first startup";
+ description = lib.mdDoc "Configuration dumps that should be loaded on the first startup";
example = literalExpression "[ ./myejabberd.dump ]";
};
imagemagick = mkOption {
type = types.bool;
default = false;
- description = "Add ImageMagick to server's path; allows for image thumbnailing";
+ description = lib.mdDoc "Add ImageMagick to server's path; allows for image thumbnailing";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/envoy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/envoy.nix
index b7f859c73d9..6f3080d19e2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/envoy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/envoy.nix
@@ -39,7 +39,7 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
Specify the configuration for Envoy in Nix.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/epmd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/epmd.nix
index 75d78476e57..534b8090621 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/epmd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/epmd.nix
@@ -11,7 +11,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable socket activation for Erlang Port Mapper Daemon (epmd),
which acts as a name server on all hosts involved in distributed
Erlang computations.
@@ -21,7 +21,7 @@ in
type = types.package;
default = pkgs.erlang;
defaultText = literalExpression "pkgs.erlang";
- description = ''
+ description = lib.mdDoc ''
The Erlang package to use to get epmd binary. That way you can re-use
an Erlang runtime that is already installed for other purposes.
'';
@@ -30,7 +30,7 @@ in
{
type = types.str;
default = "[::]:4369";
- description = ''
+ description = lib.mdDoc ''
the listenStream used by the systemd socket.
see https://www.freedesktop.org/software/systemd/man/systemd.socket.html#ListenStream= for more informations.
use this to change the port epmd will run on.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ergo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ergo.nix
index 6e55a7cfff6..0dbb862b8ec 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ergo.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ergo.nix
@@ -38,20 +38,20 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/lib/ergo";
- description = "The data directory for the Ergo node.";
+ description = lib.mdDoc "The data directory for the Ergo node.";
};
listen = {
ip = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "IP address on which the Ergo node should listen.";
+ description = lib.mdDoc "IP address on which the Ergo node should listen.";
};
port = mkOption {
type = types.port;
default = 9006;
- description = "Listen port for the Ergo node.";
+ description = lib.mdDoc "Listen port for the Ergo node.";
};
};
@@ -60,20 +60,20 @@ in {
type = types.nullOr types.str;
default = null;
example = "324dcf027dd4a30a932c441f365a25e86b173defa4b8e58948253471b81b72cf";
- description = "Hex-encoded Blake2b256 hash of an API key as a 64-chars long Base16 string.";
+ description = lib.mdDoc "Hex-encoded Blake2b256 hash of an API key as a 64-chars long Base16 string.";
};
listen = {
ip = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "IP address that the Ergo node API should listen on if is defined.";
+ description = lib.mdDoc "IP address that the Ergo node API should listen on if {option}`api.keyHash` is defined.";
};
port = mkOption {
type = types.port;
default = 9052;
- description = "Listen port for the API endpoint if is defined.";
+ description = lib.mdDoc "Listen port for the API endpoint if {option}`api.keyHash` is defined.";
};
};
};
@@ -81,26 +81,26 @@ in {
testnet = mkOption {
type = types.bool;
default = false;
- description = "Connect to testnet network instead of the default mainnet.";
+ description = lib.mdDoc "Connect to testnet network instead of the default mainnet.";
};
user = mkOption {
type = types.str;
default = "ergo";
- description = "The user as which to run the Ergo node.";
+ description = lib.mdDoc "The user as which to run the Ergo node.";
};
group = mkOption {
type = types.str;
default = cfg.user;
defaultText = literalExpression "config.${opt.user}";
- description = "The group as which to run the Ergo node.";
+ description = lib.mdDoc "The group as which to run the Ergo node.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the Ergo node as well as the API.";
+ description = lib.mdDoc "Open ports in the firewall for the Ergo node as well as the API.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ergochat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ergochat.nix
index cfaf69fc613..5e815a9eff2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ergochat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ergochat.nix
@@ -9,7 +9,7 @@ in {
openFilesLimit = lib.mkOption {
type = lib.types.int;
default = 1024;
- description = ''
+ description = lib.mdDoc ''
Maximum number of open files. Limits the clients and server connections.
'';
};
@@ -18,15 +18,15 @@ in {
type = lib.types.path;
default = (pkgs.formats.yaml {}).generate "ergo.conf" cfg.settings;
defaultText = "generated config file from .settings";
- description = ''
+ description = lib.mdDoc ''
Path to configuration file.
- Setting this will skip any configuration done via .settings
+ Setting this will skip any configuration done via `.settings`
'';
};
settings = lib.mkOption {
type = (pkgs.formats.yaml {}).type;
- description = ''
+ description = lib.mdDoc ''
Ergo IRC daemon configuration file.
https://raw.githubusercontent.com/ergochat/ergo/master/default.yaml
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/eternal-terminal.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/eternal-terminal.nix
index 0dcf3d28f4e..e90b6103a21 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/eternal-terminal.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/eternal-terminal.nix
@@ -21,7 +21,7 @@ in
port = mkOption {
default = 2022;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The port the server should listen on. Will use the server's default (2022) if not specified.
Make sure to open this port in the firewall if necessary.
@@ -31,7 +31,7 @@ in
verbosity = mkOption {
default = 0;
type = types.enum (lib.range 0 9);
- description = ''
+ description = lib.mdDoc ''
The verbosity level (0-9).
'';
};
@@ -39,7 +39,7 @@ in
silent = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If enabled, disables all logging.
'';
};
@@ -47,7 +47,7 @@ in
logSize = mkOption {
default = 20971520;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The maximum log size.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/expressvpn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/expressvpn.nix
index d8ae6528a4d..30de6987d31 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/expressvpn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/expressvpn.nix
@@ -5,7 +5,7 @@ with lib;
options.services.expressvpn.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the ExpressVPN daemon.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/fakeroute.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/fakeroute.nix
index 7916ad4098a..ed6b1a3c4d2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/fakeroute.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/fakeroute.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the fakeroute service.
'';
};
@@ -33,7 +33,7 @@ in
"198.116.142.34"
"63.199.8.242"
];
- description = ''
+ description = lib.mdDoc ''
Fake route that will appear after the real
one to any host running a traceroute.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ferm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ferm.nix
index 8e03f30efc0..7faebcef630 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ferm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ferm.nix
@@ -28,13 +28,13 @@ in {
'';
};
config = mkOption {
- description = "Verbatim ferm.conf configuration.";
+ description = lib.mdDoc "Verbatim ferm.conf configuration.";
default = "";
defaultText = literalDocBook "empty firewall, allows any traffic";
type = types.lines;
};
package = mkOption {
- description = "The ferm package.";
+ description = lib.mdDoc "The ferm package.";
type = types.package;
default = pkgs.ferm;
defaultText = literalExpression "pkgs.ferm";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/fireqos.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/fireqos.nix
index 0b34f0b6b8b..5469bce58c6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/fireqos.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/fireqos.nix
@@ -28,7 +28,7 @@ in {
class web commit 50kbit
match tcp ports 80,443
'';
- description = ''
+ description = lib.mdDoc ''
The FireQOS configuration goes here.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/firewall.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/firewall.nix
index c213a5516a4..48cb83e344e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/firewall.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/firewall.nix
@@ -258,7 +258,7 @@ let
apply = canonicalizePortList;
example = [ 22 80 ];
description =
- ''
+ lib.mdDoc ''
List of TCP ports on which incoming connections are
accepted.
'';
@@ -269,7 +269,7 @@ let
default = [ ];
example = [ { from = 8999; to = 9003; } ];
description =
- ''
+ lib.mdDoc ''
A range of TCP ports on which incoming connections are
accepted.
'';
@@ -281,7 +281,7 @@ let
apply = canonicalizePortList;
example = [ 53 ];
description =
- ''
+ lib.mdDoc ''
List of open UDP ports.
'';
};
@@ -291,7 +291,7 @@ let
default = [ ];
example = [ { from = 60000; to = 61000; } ];
description =
- ''
+ lib.mdDoc ''
Range of open UDP ports.
'';
};
@@ -310,7 +310,7 @@ in
type = types.bool;
default = true;
description =
- ''
+ lib.mdDoc ''
Whether to enable the firewall. This is a simple stateful
firewall that blocks connection attempts to unauthorised TCP
or UDP ports on this machine. It does not affect packet
@@ -324,7 +324,7 @@ in
defaultText = literalExpression "pkgs.iptables";
example = literalExpression "pkgs.iptables-legacy";
description =
- ''
+ lib.mdDoc ''
The iptables package to use for running the firewall service."
'';
};
@@ -333,7 +333,7 @@ in
type = types.bool;
default = true;
description =
- ''
+ lib.mdDoc ''
Whether to log rejected or dropped incoming connections.
Note: The logs are found in the kernel logs, i.e. dmesg
or journalctl -k.
@@ -344,7 +344,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to log all rejected or dropped incoming packets.
This tends to give a lot of log messages, so it's mostly
useful for debugging.
@@ -357,8 +357,8 @@ in
type = types.bool;
default = true;
description =
- ''
- If
+ lib.mdDoc ''
+ If {option}`networking.firewall.logRefusedPackets`
and this option are enabled, then only log packets
specifically directed at this machine, i.e., not broadcasts
or multicasts.
@@ -369,7 +369,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
If set, refused packets are rejected rather than dropped
(ignored). This means that an ICMP "port unreachable" error
message is sent back to the client (or a TCP RST packet in
@@ -383,7 +383,7 @@ in
default = [ ];
example = [ "enp0s2" ];
description =
- ''
+ lib.mdDoc ''
Traffic coming in from these interfaces will be accepted
unconditionally. Traffic from the loopback (lo) interface
will always be accepted.
@@ -394,7 +394,7 @@ in
type = types.bool;
default = true;
description =
- ''
+ lib.mdDoc ''
Whether to respond to incoming ICMPv4 echo requests
("pings"). ICMPv6 pings are always allowed because the
larger address space of IPv6 makes network scanning much
@@ -407,7 +407,7 @@ in
default = null;
example = "--limit 1/minute --limit-burst 5";
description =
- ''
+ lib.mdDoc ''
If pings are allowed, this allows setting rate limits
on them. If non-null, this option should be in the form of
flags like "--limit 1/minute --limit-burst 5"
@@ -420,7 +420,7 @@ in
defaultText = literalDocBook "true if supported by the chosen kernel";
example = "loose";
description =
- ''
+ lib.mdDoc ''
Performs a reverse path filter test on a packet. If a reply
to the packet would not be sent via the same interface that
the packet arrived on, it is refused.
@@ -440,7 +440,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Logs dropped packets failing the reverse path filter test if
the option networking.firewall.checkReversePath is enabled.
'';
@@ -451,7 +451,7 @@ in
default = [ ];
example = [ "ftp" "irc" "sane" "sip" "tftp" "amanda" "h323" "netbios_sn" "pptp" "snmp" ];
description =
- ''
+ lib.mdDoc ''
List of connection-tracking helpers that are auto-loaded.
The complete list of possible values is given in the example.
@@ -471,7 +471,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to auto-load connection-tracking helpers.
See the description at networking.firewall.connectionTrackingModules
@@ -484,7 +484,7 @@ in
default = "";
example = "iptables -A INPUT -p icmp -j ACCEPT";
description =
- ''
+ lib.mdDoc ''
Additional shell commands executed as part of the firewall
initialisation script. These are executed just before the
final "reject" firewall rule is added, so they can be used
@@ -497,7 +497,7 @@ in
default = [ ];
example = literalExpression "[ pkgs.ipset ]";
description =
- ''
+ lib.mdDoc ''
Additional packages to be included in the environment of the system
as well as the path of networking.firewall.extraCommands.
'';
@@ -508,7 +508,7 @@ in
default = "";
example = "iptables -P INPUT ACCEPT";
description =
- ''
+ lib.mdDoc ''
Additional shell commands executed as part of the firewall
shutdown script. These are executed just after the removal
of the NixOS input rule, or if the service enters a failed
@@ -520,7 +520,7 @@ in
default = { };
type = with types; attrsOf (submodule [ { options = commonOptions; } ]);
description =
- ''
+ lib.mdDoc ''
Interface-specific open ports.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/flannel.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/flannel.nix
index ac84b3d35a3..547b6e03949 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/flannel.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/flannel.nix
@@ -17,14 +17,14 @@ in {
enable = mkEnableOption "flannel";
package = mkOption {
- description = "Package to use for flannel";
+ description = lib.mdDoc "Package to use for flannel";
type = types.package;
default = pkgs.flannel;
defaultText = literalExpression "pkgs.flannel";
};
publicIp = mkOption {
- description = ''
+ description = lib.mdDoc ''
IP accessible by other nodes for inter-host communication.
Defaults to the IP of the interface being used for communication.
'';
@@ -33,7 +33,7 @@ in {
};
iface = mkOption {
- description = ''
+ description = lib.mdDoc ''
Interface to use (IP or name) for inter-host communication.
Defaults to the interface for the default route on the machine.
'';
@@ -43,38 +43,38 @@ in {
etcd = {
endpoints = mkOption {
- description = "Etcd endpoints";
+ description = lib.mdDoc "Etcd endpoints";
type = types.listOf types.str;
default = ["http://127.0.0.1:2379"];
};
prefix = mkOption {
- description = "Etcd key prefix";
+ description = lib.mdDoc "Etcd key prefix";
type = types.str;
default = "/coreos.com/network";
};
caFile = mkOption {
- description = "Etcd certificate authority file";
+ description = lib.mdDoc "Etcd certificate authority file";
type = types.nullOr types.path;
default = null;
};
certFile = mkOption {
- description = "Etcd cert file";
+ description = lib.mdDoc "Etcd cert file";
type = types.nullOr types.path;
default = null;
};
keyFile = mkOption {
- description = "Etcd key file";
+ description = lib.mdDoc "Etcd key file";
type = types.nullOr types.path;
default = null;
};
};
kubeconfig = mkOption {
- description = ''
+ description = lib.mdDoc ''
Path to kubeconfig to use for storing flannel config using the
Kubernetes API
'';
@@ -88,7 +88,7 @@ in {
};
nodeName = mkOption {
- description = ''
+ description = lib.mdDoc ''
Needed when running with Kubernetes as backend as this cannot be auto-detected";
'';
type = types.nullOr types.str;
@@ -100,13 +100,13 @@ in {
};
storageBackend = mkOption {
- description = "Determines where flannel stores its configuration at runtime";
+ description = lib.mdDoc "Determines where flannel stores its configuration at runtime";
type = types.enum ["etcd" "kubernetes"];
default = "etcd";
};
subnetLen = mkOption {
- description = ''
+ description = lib.mdDoc ''
The size of the subnet allocated to each host. Defaults to 24 (i.e. /24)
unless the Network was configured to be smaller than a /24 in which case
it is one less than the network.
@@ -116,7 +116,7 @@ in {
};
subnetMin = mkOption {
- description = ''
+ description = lib.mdDoc ''
The beginning of IP range which the subnet allocation should start with.
Defaults to the first subnet of Network.
'';
@@ -125,7 +125,7 @@ in {
};
subnetMax = mkOption {
- description = ''
+ description = lib.mdDoc ''
The end of IP range which the subnet allocation should start with.
Defaults to the last subnet of Network.
'';
@@ -134,7 +134,7 @@ in {
};
backend = mkOption {
- description = "Type of backend to use and specific configurations for that backend.";
+ description = lib.mdDoc "Type of backend to use and specific configurations for that backend.";
type = types.attrs;
default = {
Type = "vxlan";
@@ -155,10 +155,11 @@ in {
FLANNELD_ETCD_KEYFILE = cfg.etcd.keyFile;
FLANNELD_ETCD_CERTFILE = cfg.etcd.certFile;
FLANNELD_ETCD_CAFILE = cfg.etcd.caFile;
- ETCDCTL_CERT_FILE = cfg.etcd.certFile;
- ETCDCTL_KEY_FILE = cfg.etcd.keyFile;
- ETCDCTL_CA_FILE = cfg.etcd.caFile;
- ETCDCTL_PEERS = concatStringsSep "," cfg.etcd.endpoints;
+ ETCDCTL_CERT = cfg.etcd.certFile;
+ ETCDCTL_KEY = cfg.etcd.keyFile;
+ ETCDCTL_CACERT = cfg.etcd.caFile;
+ ETCDCTL_ENDPOINTS = concatStringsSep "," cfg.etcd.endpoints;
+ ETCDCTL_API = "3";
} // optionalAttrs (cfg.storageBackend == "kubernetes") {
FLANNELD_KUBE_SUBNET_MGR = "true";
FLANNELD_KUBECONFIG_FILE = cfg.kubeconfig;
@@ -167,7 +168,7 @@ in {
path = [ pkgs.iptables ];
preStart = optionalString (cfg.storageBackend == "etcd") ''
echo "setting network configuration"
- until ${pkgs.etcd}/bin/etcdctl set /coreos.com/network/config '${builtins.toJSON networkConfig}'
+ until ${pkgs.etcd}/bin/etcdctl put /coreos.com/network/config '${builtins.toJSON networkConfig}'
do
echo "setting network configuration, retry"
sleep 1
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/freenet.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/freenet.nix
index 3da3ab0c7df..e1737e820a5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/freenet.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/freenet.nix
@@ -22,13 +22,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the Freenet daemon";
+ description = lib.mdDoc "Enable the Freenet daemon";
};
nice = mkOption {
type = types.int;
default = 10;
- description = "Set the nice level for the Freenet daemon";
+ description = lib.mdDoc "Set the nice level for the Freenet daemon";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/freeradius.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/freeradius.nix
index 7fa3a8fa17f..6c6777c8a57 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/freeradius.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/freeradius.nix
@@ -38,7 +38,7 @@ let
configDir = mkOption {
type = types.path;
default = "/etc/raddb";
- description = ''
+ description = lib.mdDoc ''
The path of the freeradius server configuration directory.
'';
};
@@ -46,7 +46,7 @@ let
debug = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable debug logging for freeradius (-xx
option). This should not be left on, since it includes
sensitive data such as passwords in the logs.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/frr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/frr.nix
index 98452123f03..71b66b71ee4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/frr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/frr.nix
@@ -57,7 +57,7 @@ let
type = types.nullOr types.path;
default = null;
example = "/etc/frr/${daemonName service}.conf";
- description = ''
+ description = lib.mdDoc ''
Configuration file to use for FRR ${daemonName service}.
By default the NixOS generated files are used.
'';
@@ -86,7 +86,7 @@ let
};
in
examples.${service} or "";
- description = ''
+ description = lib.mdDoc ''
${daemonName service} configuration statements.
'';
};
@@ -94,7 +94,7 @@ let
vtyListenAddress = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Address to bind to for the VTY interface.
'';
};
@@ -102,7 +102,7 @@ let
vtyListenPort = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
TCP Port to bind to for the VTY interface.
'';
};
@@ -110,7 +110,7 @@ let
extraOptions = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra options for the daemon.
'';
};
@@ -128,7 +128,7 @@ in
enable = mkOption {
type = types.bool;
default = any isEnabled services;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Zebra routing manager.
The Zebra routing manager is automatically enabled
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gateone.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gateone.nix
index e68f8a47d5c..dc4a65f020d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gateone.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gateone.nix
@@ -10,12 +10,12 @@ options = {
pidDir = mkOption {
default = "/run/gateone";
type = types.path;
- description = "Path of pid files for GateOne.";
+ description = lib.mdDoc "Path of pid files for GateOne.";
};
settingsDir = mkOption {
default = "/var/lib/gateone";
type = types.path;
- description = "Path of configuration files for GateOne.";
+ description = lib.mdDoc "Path of configuration files for GateOne.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ghostunnel.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ghostunnel.nix
index 7a62d378e2c..6cac6a69b06 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ghostunnel.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ghostunnel.nix
@@ -23,14 +23,14 @@ let
options = {
listen = mkOption {
- description = ''
+ description = lib.mdDoc ''
Address and port to listen on (can be HOST:PORT, unix:PATH).
'';
type = types.str;
};
target = mkOption {
- description = ''
+ description = lib.mdDoc ''
Address to forward connections to (can be HOST:PORT or unix:PATH).
'';
type = types.str;
@@ -76,7 +76,7 @@ let
};
disableAuthentication = mkOption {
- description = ''
+ description = lib.mdDoc ''
Disable client authentication, no client certificate will be required.
'';
type = types.bool;
@@ -84,7 +84,7 @@ let
};
allowAll = mkOption {
- description = ''
+ description = lib.mdDoc ''
If true, allow all clients, do not check client cert subject.
'';
type = types.bool;
@@ -92,7 +92,7 @@ let
};
allowCN = mkOption {
- description = ''
+ description = lib.mdDoc ''
Allow client if common name appears in the list.
'';
type = types.listOf types.str;
@@ -100,7 +100,7 @@ let
};
allowOU = mkOption {
- description = ''
+ description = lib.mdDoc ''
Allow client if organizational unit name appears in the list.
'';
type = types.listOf types.str;
@@ -108,7 +108,7 @@ let
};
allowDNS = mkOption {
- description = ''
+ description = lib.mdDoc ''
Allow client if DNS subject alternative name appears in the list.
'';
type = types.listOf types.str;
@@ -116,7 +116,7 @@ let
};
allowURI = mkOption {
- description = ''
+ description = lib.mdDoc ''
Allow client if URI subject alternative name appears in the list.
'';
type = types.listOf types.str;
@@ -130,7 +130,7 @@ let
};
unsafeTarget = mkOption {
- description = ''
+ description = lib.mdDoc ''
If set, does not limit target to localhost, 127.0.0.1, [::1], or UNIX sockets.
This is meant to protect against accidental unencrypted traffic on
@@ -216,14 +216,14 @@ in
services.ghostunnel.enable = mkEnableOption "ghostunnel";
services.ghostunnel.package = mkOption {
- description = "The ghostunnel package to use.";
+ description = lib.mdDoc "The ghostunnel package to use.";
type = types.package;
default = pkgs.ghostunnel;
defaultText = literalExpression "pkgs.ghostunnel";
};
services.ghostunnel.servers = mkOption {
- description = ''
+ description = lib.mdDoc ''
Server mode ghostunnels (TLS listener -> plain TCP/UNIX target)
'';
type = types.attrsOf (types.submodule module);
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/git-daemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/git-daemon.nix
index 6be72505c21..80b15eedbbd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/git-daemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/git-daemon.nix
@@ -15,7 +15,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Git daemon, which allows public hosting of git repositories
without any access controls. This is mostly intended for read-only access.
@@ -31,7 +31,7 @@ in
type = types.str;
default = "";
example = "/srv/git/";
- description = ''
+ description = lib.mdDoc ''
Remap all the path requests as relative to the given path. For example,
if you set base-path to /srv/git, then if you later try to pull
git://example.com/hello.git, Git daemon will interpret the path as /srv/git/hello.git.
@@ -41,7 +41,7 @@ in
exportAll = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Publish all directories that look like Git repositories (have the objects
and refs subdirectories), even if they do not have the git-daemon-export-ok file.
@@ -57,7 +57,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "/srv/git" "/home/user/git/repo2" ];
- description = ''
+ description = lib.mdDoc ''
A whitelist of paths of git repositories, or directories containing repositories
all of which would be published. Paths must not end in "/".
@@ -70,31 +70,31 @@ in
type = types.str;
default = "";
example = "example.com";
- description = "Listen on a specific IP address or hostname.";
+ description = lib.mdDoc "Listen on a specific IP address or hostname.";
};
port = mkOption {
type = types.port;
default = 9418;
- description = "Port to listen on.";
+ description = lib.mdDoc "Port to listen on.";
};
options = mkOption {
type = types.str;
default = "";
- description = "Extra configuration options to be passed to Git daemon.";
+ description = lib.mdDoc "Extra configuration options to be passed to Git daemon.";
};
user = mkOption {
type = types.str;
default = "git";
- description = "User under which Git daemon would be running.";
+ description = lib.mdDoc "User under which Git daemon would be running.";
};
group = mkOption {
type = types.str;
default = "git";
- description = "Group under which Git daemon would be running.";
+ description = lib.mdDoc "Group under which Git daemon would be running.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/globalprotect-vpn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/globalprotect-vpn.nix
index 976fdf2b962..19d6e8bfac6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/globalprotect-vpn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/globalprotect-vpn.nix
@@ -16,9 +16,9 @@ in
enable = mkEnableOption "globalprotect";
csdWrapper = mkOption {
- description = ''
+ description = lib.mdDoc ''
A script that will produce a Host Integrity Protection (HIP) report,
- as described at
+ as described at
'';
default = null;
example = literalExpression ''"''${pkgs.openconnect}/libexec/openconnect/hipreport.sh"'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gnunet.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gnunet.nix
index 5c41967d279..2ab9097e7f7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gnunet.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gnunet.nix
@@ -47,7 +47,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run the GNUnet daemon. GNUnet is GNU's anonymous
peer-to-peer communication and file sharing framework.
'';
@@ -57,7 +57,7 @@ in
quota = mkOption {
type = types.int;
default = 1024;
- description = ''
+ description = lib.mdDoc ''
Maximum file system usage (in MiB) for file sharing.
'';
};
@@ -67,7 +67,7 @@ in
port = mkOption {
type = types.port;
default = 2086; # assigned by IANA
- description = ''
+ description = lib.mdDoc ''
The UDP port for use by GNUnet.
'';
};
@@ -77,7 +77,7 @@ in
port = mkOption {
type = types.port;
default = 2086; # assigned by IANA
- description = ''
+ description = lib.mdDoc ''
The TCP port for use by GNUnet.
'';
};
@@ -87,7 +87,7 @@ in
maxNetDownBandwidth = mkOption {
type = types.int;
default = 50000;
- description = ''
+ description = lib.mdDoc ''
Maximum bandwidth usage (in bits per second) for GNUnet
when downloading data.
'';
@@ -96,7 +96,7 @@ in
maxNetUpBandwidth = mkOption {
type = types.int;
default = 50000;
- description = ''
+ description = lib.mdDoc ''
Maximum bandwidth usage (in bits per second) for GNUnet
when downloading data.
'';
@@ -105,7 +105,7 @@ in
hardNetUpBandwidth = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Hard bandwidth limit (in bits per second) when uploading
data.
'';
@@ -116,7 +116,7 @@ in
type = types.package;
default = pkgs.gnunet;
defaultText = literalExpression "pkgs.gnunet";
- description = "Overridable attribute of the gnunet package to use.";
+ description = lib.mdDoc "Overridable attribute of the gnunet package to use.";
example = literalExpression "pkgs.gnunet_git";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/go-neb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/go-neb.nix
index 765834fad83..ffa7923d6fb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/go-neb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/go-neb.nix
@@ -13,7 +13,7 @@ in {
bindAddress = mkOption {
type = types.str;
- description = "Port (and optionally address) to listen on.";
+ description = lib.mdDoc "Port (and optionally address) to listen on.";
default = ":4050";
};
@@ -21,25 +21,25 @@ in {
type = types.nullOr types.path;
default = null;
example = "/run/keys/go-neb.env";
- description = ''
+ description = lib.mdDoc ''
Environment variables from this file will be interpolated into the
- final config file using envsubst with this syntax: $ENVIRONMENT
- or ''${VARIABLE}.
- The file should contain lines formatted as SECRET_VAR=SECRET_VALUE.
+ final config file using envsubst with this syntax: `$ENVIRONMENT`
+ or `''${VARIABLE}`.
+ The file should contain lines formatted as `SECRET_VAR=SECRET_VALUE`.
This is useful to avoid putting secrets into the nix store.
'';
};
baseUrl = mkOption {
type = types.str;
- description = "Public-facing endpoint that can receive webhooks.";
+ description = lib.mdDoc "Public-facing endpoint that can receive webhooks.";
};
config = mkOption {
inherit (settingsFormat) type;
- description = ''
- Your config.yaml as a Nix attribute set.
- See config.sample.yaml
+ description = lib.mdDoc ''
+ Your {file}`config.yaml` as a Nix attribute set.
+ See [config.sample.yaml](https://github.com/matrix-org/go-neb/blob/master/config.sample.yaml)
for possible options.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/go-shadowsocks2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/go-shadowsocks2.nix
index afbd7ea27c6..e3f99f68d61 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/go-shadowsocks2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/go-shadowsocks2.nix
@@ -9,7 +9,7 @@ in {
listenAddress = mkOption {
type = types.str;
- description = "Server listen address or URL";
+ description = lib.mdDoc "Server listen address or URL";
example = "ss://AEAD_CHACHA20_POLY1305:your-password@:8488";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gobgpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gobgpd.nix
index 29ef9a5cf1e..f1e2095708f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gobgpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gobgpd.nix
@@ -13,9 +13,9 @@ in {
settings = mkOption {
type = format.type;
default = { };
- description = ''
+ description = lib.mdDoc ''
GoBGP configuration. Refer to
-
+
for details on supported values.
'';
example = literalExpression ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gvpe.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gvpe.nix
index 4fad37ba15e..5ecf78d09ef 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gvpe.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/gvpe.nix
@@ -47,7 +47,7 @@ in
nodename = mkOption {
default = null;
type = types.nullOr types.str;
- description =''
+ description =lib.mdDoc ''
GVPE node name
'';
};
@@ -68,7 +68,7 @@ in
on alpha if-up = if-up-0
on alpha pid-file = /var/gvpe/gvpe.pid
'';
- description = ''
+ description = lib.mdDoc ''
GVPE config contents
'';
};
@@ -76,14 +76,14 @@ in
default = null;
type = types.nullOr types.path;
example = "/root/my-gvpe-conf";
- description = ''
+ description = lib.mdDoc ''
GVPE config file, if already present
'';
};
ipAddress = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
IP address to assign to GVPE interface
'';
};
@@ -91,14 +91,14 @@ in
default = null;
type = types.nullOr types.str;
example = "10.0.0.0/8";
- description = ''
+ description = lib.mdDoc ''
IP subnet assigned to GVPE network
'';
};
customIFSetup = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Additional commands to apply in ifup script
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hans.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hans.nix
index 2639b4b6800..f74d602be93 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hans.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hans.nix
@@ -41,21 +41,21 @@ in
server = mkOption {
type = types.str;
default = "";
- description = "IP address of server running hans";
+ description = lib.mdDoc "IP address of server running hans";
example = "192.0.2.1";
};
extraConfig = mkOption {
type = types.str;
default = "";
- description = "Additional command line parameters";
+ description = lib.mdDoc "Additional command line parameters";
example = "-v";
};
passwordFile = mkOption {
type = types.str;
default = "";
- description = "File that containts password";
+ description = lib.mdDoc "File that containts password";
};
};
@@ -66,33 +66,33 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "enable hans server";
+ description = lib.mdDoc "enable hans server";
};
ip = mkOption {
type = types.str;
default = "";
- description = "The assigned ip range";
+ description = lib.mdDoc "The assigned ip range";
example = "198.51.100.0";
};
respondToSystemPings = mkOption {
type = types.bool;
default = false;
- description = "Force hans respond to ordinary pings";
+ description = lib.mdDoc "Force hans respond to ordinary pings";
};
extraConfig = mkOption {
type = types.str;
default = "";
- description = "Additional command line parameters";
+ description = lib.mdDoc "Additional command line parameters";
example = "-v";
};
passwordFile = mkOption {
type = types.str;
default = "";
- description = "File that containts password";
+ description = lib.mdDoc "File that containts password";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/haproxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/haproxy.nix
index e9d72b35499..e0b686434b6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/haproxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/haproxy.nix
@@ -20,7 +20,7 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable HAProxy, the reliable, high performance TCP/HTTP
load balancer.
'';
@@ -29,21 +29,21 @@ with lib;
user = mkOption {
type = types.str;
default = "haproxy";
- description = "User account under which haproxy runs.";
+ description = lib.mdDoc "User account under which haproxy runs.";
};
group = mkOption {
type = types.str;
default = "haproxy";
- description = "Group account under which haproxy runs.";
+ description = lib.mdDoc "Group account under which haproxy runs.";
};
config = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Contents of the HAProxy configuration file,
- haproxy.conf.
+ {file}`haproxy.conf`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/headscale.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/headscale.nix
index 5b07beadb45..f7141de97b5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/headscale.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/headscale.nix
@@ -18,7 +18,7 @@ in
type = types.package;
default = pkgs.headscale;
defaultText = literalExpression "pkgs.headscale";
- description = ''
+ description = lib.mdDoc ''
Which headscale package to use for the running server.
'';
};
@@ -52,7 +52,7 @@ in
serverUrl = mkOption {
type = types.str;
default = "http://127.0.0.1:8080";
- description = ''
+ description = lib.mdDoc ''
The url clients will connect to.
'';
example = "https://myheadscale.example.com:443";
@@ -61,7 +61,7 @@ in
address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Listening address of headscale.
'';
example = "0.0.0.0";
@@ -70,7 +70,7 @@ in
port = mkOption {
type = types.port;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
Listening port of headscale.
'';
example = 443;
@@ -79,7 +79,7 @@ in
privateKeyFile = mkOption {
type = types.path;
default = "${dataDir}/private.key";
- description = ''
+ description = lib.mdDoc ''
Path to private key file, generated automatically if it does not exist.
'';
};
@@ -88,18 +88,18 @@ in
urls = mkOption {
type = types.listOf types.str;
default = [ "https://controlplane.tailscale.com/derpmap/default" ];
- description = ''
+ description = lib.mdDoc ''
List of urls containing DERP maps.
- See How Tailscale works for more information on DERP maps.
+ See [How Tailscale works](https://tailscale.com/blog/how-tailscale-works/) for more information on DERP maps.
'';
};
paths = mkOption {
type = types.listOf types.path;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of file paths containing DERP maps.
- See How Tailscale works for more information on DERP maps.
+ See [How Tailscale works](https://tailscale.com/blog/how-tailscale-works/) for more information on DERP maps.
'';
};
@@ -107,7 +107,7 @@ in
autoUpdate = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically update DERP maps on a set frequency.
'';
example = false;
@@ -116,7 +116,7 @@ in
updateFrequency = mkOption {
type = types.str;
default = "24h";
- description = ''
+ description = lib.mdDoc ''
Frequency to update DERP maps.
'';
example = "5m";
@@ -127,7 +127,7 @@ in
ephemeralNodeInactivityTimeout = mkOption {
type = types.str;
default = "30m";
- description = ''
+ description = lib.mdDoc ''
Time before an inactive ephemeral node is deleted.
'';
example = "5m";
@@ -138,58 +138,58 @@ in
type = types.enum [ "sqlite3" "postgres" ];
example = "postgres";
default = "sqlite3";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
type = types.nullOr types.str;
default = null;
example = "127.0.0.1";
- description = "Database host address.";
+ description = lib.mdDoc "Database host address.";
};
port = mkOption {
type = types.nullOr types.port;
default = null;
example = 3306;
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = mkOption {
type = types.nullOr types.str;
default = null;
example = "headscale";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = mkOption {
type = types.nullOr types.str;
default = null;
example = "headscale";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/headscale-dbpassword";
- description = ''
+ description = lib.mdDoc ''
A file containing the password corresponding to
- .
+ {option}`database.user`.
'';
};
path = mkOption {
type = types.nullOr types.str;
default = "${dataDir}/db.sqlite";
- description = "Path to the sqlite3 database file.";
+ description = lib.mdDoc "Path to the sqlite3 database file.";
};
};
logLevel = mkOption {
type = types.str;
default = "info";
- description = ''
+ description = lib.mdDoc ''
headscale log level.
'';
example = "debug";
@@ -199,7 +199,7 @@ in
nameservers = mkOption {
type = types.listOf types.str;
default = [ "1.1.1.1" ];
- description = ''
+ description = lib.mdDoc ''
List of nameservers to pass to Tailscale clients.
'';
};
@@ -207,7 +207,7 @@ in
domains = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Search domains to inject to Tailscale clients.
'';
example = [ "mydomain.internal" ];
@@ -226,12 +226,12 @@ in
baseDomain = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Defines the base domain to create the hostnames for MagicDNS.
- must be a FQDNs, without the trailing dot.
+ {option}`baseDomain` must be a FQDNs, without the trailing dot.
The FQDN of the hosts will be
- hostname.namespace.base_domain (e.g.
- myhost.mynamespace.example.com).
+ `hostname.namespace.base_domain` (e.g.
+ `myhost.mynamespace.example.com`).
'';
};
};
@@ -240,7 +240,7 @@ in
issuer = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
URL to OpenID issuer.
'';
example = "https://openid.example.com";
@@ -249,7 +249,7 @@ in
clientId = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
OpenID Connect client ID.
'';
};
@@ -257,7 +257,7 @@ in
clientSecretFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to OpenID Connect client secret file.
'';
};
@@ -265,7 +265,7 @@ in
domainMap = mkOption {
type = types.attrsOf types.str;
default = { };
- description = ''
+ description = lib.mdDoc ''
Domain map is used to map incomming users (by their email) to
a namespace. The key can be a string, or regex.
'';
@@ -281,25 +281,25 @@ in
hostname = mkOption {
type = types.nullOr types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Domain name to request a TLS certificate for.
'';
};
challengeType = mkOption {
type = types.enum [ "TLS_ALPN-01" "HTTP-01" ];
default = "HTTP-01";
- description = ''
+ description = lib.mdDoc ''
Type of ACME challenge to use, currently supported types:
- HTTP-01 or TLS_ALPN-01.
+ `HTTP-01` or `TLS_ALPN-01`.
'';
};
httpListen = mkOption {
type = types.nullOr types.str;
default = ":http";
- description = ''
+ description = lib.mdDoc ''
When HTTP-01 challenge is chosen, letsencrypt must set up a
verification endpoint, and it will be listening on:
- :http = port 80.
+ `:http = port 80`.
'';
};
};
@@ -307,14 +307,14 @@ in
certFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to already created certificate.
'';
};
keyFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to key for already created certificate.
'';
};
@@ -323,7 +323,7 @@ in
aclPolicyFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to a file containg ACL policies.
'';
};
@@ -331,10 +331,10 @@ in
settings = mkOption {
type = settingsFormat.type;
default = { };
- description = ''
- Overrides to config.yaml as a Nix attribute set.
+ description = lib.mdDoc ''
+ Overrides to {file}`config.yaml` as a Nix attribute set.
This option is ideal for overriding settings not exposed as Nix options.
- Check the example config
+ Check the [example config](https://github.com/juanfont/headscale/blob/main/config-example.yaml)
for possible options.
'';
};
@@ -429,12 +429,16 @@ in
wantedBy = [ "multi-user.target" ];
restartTriggers = [ configFile ];
+ environment.GIN_MODE = "release";
+
script = ''
${optionalString (cfg.database.passwordFile != null) ''
export HEADSCALE_DB_PASS="$(head -n1 ${escapeShellArg cfg.database.passwordFile})"
''}
- export HEADSCALE_OIDC_CLIENT_SECRET="$(head -n1 ${escapeShellArg cfg.openIdConnect.clientSecretFile})"
+ ${optionalString (cfg.openIdConnect.clientSecretFile != null) ''
+ export HEADSCALE_OIDC_CLIENT_SECRET="$(head -n1 ${escapeShellArg cfg.openIdConnect.clientSecretFile})"
+ ''}
exec ${cfg.package}/bin/headscale serve
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hostapd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hostapd.nix
index f719ff59cc7..ec1a7a58b1e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hostapd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hostapd.nix
@@ -53,13 +53,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable putting a wireless interface into infrastructure mode,
allowing other wireless devices to associate with the wireless
interface and do wireless networking. A simple access point will
- ,
- , and
- , as well as DHCP on the wireless
+ {option}`enable hostapd.wpa`,
+ {option}`hostapd.wpaPassphrase`, and
+ {option}`hostapd.ssid`, as well as DHCP on the wireless
interface to provide IP addresses to the associated stations, and
NAT (from the wireless interface to an upstream interface).
'';
@@ -69,15 +69,15 @@ in
default = "";
example = "wlp2s0";
type = types.str;
- description = ''
- The interfaces hostapd will use.
+ description = lib.mdDoc ''
+ The interfaces {command}`hostapd` will use.
'';
};
noScan = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Do not scan for overlapping BSSs in HT40+/- mode.
Caution: turning this on will violate regulatory requirements!
'';
@@ -87,8 +87,8 @@ in
default = "nl80211";
example = "hostapd";
type = types.str;
- description = ''
- Which driver hostapd will use.
+ description = lib.mdDoc ''
+ Which driver {command}`hostapd` will use.
Most applications will probably use the default.
'';
};
@@ -97,13 +97,13 @@ in
default = "nixos";
example = "mySpecialSSID";
type = types.str;
- description = "SSID to be used in IEEE 802.11 management frames.";
+ description = lib.mdDoc "SSID to be used in IEEE 802.11 management frames.";
};
hwMode = mkOption {
default = "g";
type = types.enum [ "a" "b" "g" ];
- description = ''
+ description = lib.mdDoc ''
Operation mode.
(a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g).
'';
@@ -113,11 +113,11 @@ in
default = 7;
example = 11;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Channel number (IEEE 802.11)
Please note that some drivers do not use this value from
- hostapd and the channel will need to be configured
- separately with iwconfig.
+ {command}`hostapd` and the channel will need to be configured
+ separately with {command}`iwconfig`.
'';
};
@@ -125,15 +125,15 @@ in
default = "wheel";
example = "network";
type = types.str;
- description = ''
- Members of this group can control hostapd.
+ description = lib.mdDoc ''
+ Members of this group can control {command}`hostapd`.
'';
};
wpa = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable WPA (IEEE 802.11i/D3.0) to authenticate with the access point.
'';
};
@@ -142,7 +142,7 @@ in
default = "my_sekret";
example = "any_64_char_string";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
WPA-PSK (pre-shared-key) passphrase. Clients will need this
passphrase to associate with this access point.
Warning: This passphrase will get put into a world-readable file in
@@ -153,7 +153,7 @@ in
logLevel = mkOption {
default = 2;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Levels (minimum value for logged events):
0 = verbose debugging
1 = debugging
@@ -167,7 +167,7 @@ in
default = null;
example = "US";
type = with types; nullOr str;
- description = ''
+ description = lib.mdDoc ''
Country code (ISO/IEC 3166-1). Used to set regulatory domain.
Set as needed to indicate country in which device is operating.
This can limit available channels and transmit power.
@@ -187,7 +187,7 @@ in
ht_capab=[HT40-][SHORT-GI-40][DSSS_CCK-40]
'';
type = types.lines;
- description = "Extra configuration options to put in hostapd.conf.";
+ description = lib.mdDoc "Extra configuration options to put in hostapd.conf.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/htpdate.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/htpdate.nix
index 6954e5b060c..8b9bb2888da 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/htpdate.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/htpdate.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable htpdate daemon.
'';
};
@@ -27,7 +27,7 @@ in
extraOptions = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Additional command line arguments to pass to htpdate.
'';
};
@@ -35,7 +35,7 @@ in
servers = mkOption {
type = types.listOf types.str;
default = [ "www.google.com" ];
- description = ''
+ description = lib.mdDoc ''
HTTP servers to use for time synchronization.
'';
};
@@ -44,7 +44,7 @@ in
type = types.str;
default = "";
example = "127.0.0.1:8118";
- description = ''
+ description = lib.mdDoc ''
HTTP proxy used for requests.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/https-dns-proxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/https-dns-proxy.nix
index 85d6c362b46..4b6e302e445 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/https-dns-proxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/https-dns-proxy.nix
@@ -45,20 +45,20 @@ in
enable = mkEnableOption "https-dns-proxy daemon";
address = mkOption {
- description = "The address on which to listen";
+ description = lib.mdDoc "The address on which to listen";
type = types.str;
default = "127.0.0.1";
};
port = mkOption {
- description = "The port on which to listen";
+ description = lib.mdDoc "The port on which to listen";
type = types.port;
default = 5053;
};
provider = {
kind = mkOption {
- description = ''
+ description = lib.mdDoc ''
The upstream provider to use or custom in case you do not trust any of
the predefined providers or just want to use your own.
@@ -74,18 +74,18 @@ in
};
ips = mkOption {
- description = "The custom provider IPs";
+ description = lib.mdDoc "The custom provider IPs";
type = types.listOf types.str;
};
url = mkOption {
- description = "The custom provider URL";
+ description = lib.mdDoc "The custom provider URL";
type = types.str;
};
};
preferIPv4 = mkOption {
- description = ''
+ description = lib.mdDoc ''
https_dns_proxy will by default use IPv6 and fail if it is not available.
To play it safe, we choose IPv4.
'';
@@ -94,7 +94,7 @@ in
};
extraArgs = mkOption {
- description = "Additional arguments to pass to the process.";
+ description = lib.mdDoc "Additional arguments to pass to the process.";
type = types.listOf types.str;
default = [ "-v" ];
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hylafax/options.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hylafax/options.nix
index 8f621b61002..bc289132a76 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hylafax/options.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/hylafax/options.nix
@@ -37,17 +37,17 @@ let
name = mkOption {
type = nonEmptyStr;
example = "ttyS1";
- description = ''
+ description = lib.mdDoc ''
Name of modem device,
- will be searched for in /dev.
+ will be searched for in {file}`/dev`.
'';
};
type = mkOption {
type = nonEmptyStr;
example = "cirrus";
- description = ''
+ description = lib.mdDoc ''
Name of modem configuration file,
- will be searched for in config
+ will be searched for in {file}`config`
in the spooling area directory.
'';
};
@@ -59,11 +59,11 @@ let
FAXNumber = "123456";
LocalIdentifier = "LostInBerlin";
};
- description = ''
+ description = lib.mdDoc ''
Attribute set of values for the given modem.
${commonDescr}
Options defined here override options in
- for this modem.
+ {option}`commonModemConfig` for this modem.
'';
};
};
@@ -124,9 +124,9 @@ in
type = bool;
default = true;
example = false;
- description = ''
+ description = lib.mdDoc ''
Autostart the HylaFAX queue manager at system start.
- If this is false, the queue manager
+ If this is `false`, the queue manager
will still be started if there are pending
jobs or if a user tries to connect to it.
'';
@@ -136,34 +136,34 @@ in
type = nullOr nonEmptyStr;
default = null;
example = "49";
- description = "Country code for server and all modems.";
+ description = lib.mdDoc "Country code for server and all modems.";
};
areaCode = mkOption {
type = nullOr nonEmptyStr;
default = null;
example = "30";
- description = "Area code for server and all modems.";
+ description = lib.mdDoc "Area code for server and all modems.";
};
longDistancePrefix = mkOption {
type = nullOr str;
default = null;
example = "0";
- description = "Long distance prefix for server and all modems.";
+ description = lib.mdDoc "Long distance prefix for server and all modems.";
};
internationalPrefix = mkOption {
type = nullOr str;
default = null;
example = "00";
- description = "International prefix for server and all modems.";
+ description = lib.mdDoc "International prefix for server and all modems.";
};
spoolAreaPath = mkOption {
type = path;
default = "/var/spool/fax";
- description = ''
+ description = lib.mdDoc ''
The spooling area will be created/maintained
at the location given here.
'';
@@ -197,11 +197,11 @@ in
type = path;
example = literalExpression ''"''${pkgs.postfix}/bin/sendmail"'';
# '' ; # fix vim
- description = ''
- Path to sendmail program.
+ description = lib.mdDoc ''
+ Path to {file}`sendmail` program.
The default uses the local sendmail wrapper
- (see ),
- otherwise the false
+ (see {option}`config.services.mail.sendmailSetuidWrapper`),
+ otherwise the {file}`false`
binary to cause an error if used.
'';
};
@@ -209,9 +209,9 @@ in
hfaxdConfig = mkOption {
type = configAttrType;
example.RecvqProtection = "0400";
- description = ''
+ description = lib.mdDoc ''
Attribute set of lines for the global
- hfaxd config file etc/hfaxd.conf.
+ hfaxd config file {file}`etc/hfaxd.conf`.
${commonDescr}
'';
};
@@ -222,9 +222,9 @@ in
InternationalPrefix = "00";
LongDistancePrefix = "0";
};
- description = ''
+ description = lib.mdDoc ''
Attribute set of lines for the global
- faxq config file etc/config.
+ faxq config file {file}`etc/config`.
${commonDescr}
'';
};
@@ -254,7 +254,7 @@ in
LocalIdentifier = "Smith";
};
};
- description = ''
+ description = lib.mdDoc ''
Description of installed modems.
At least on modem must be defined
to enable the HylaFAX server.
@@ -265,7 +265,7 @@ in
type = lines;
default = "";
example = "chmod 0755 . # everyone may read my faxes";
- description = ''
+ description = lib.mdDoc ''
Additional shell code that is executed within the
spooling area directory right after its setup.
'';
@@ -280,16 +280,16 @@ in
type = nullOr nonEmptyStr;
default = null;
example = "daily";
- description = ''
+ description = lib.mdDoc ''
Purge old files from the spooling area with
- faxcron with the given frequency
+ {file}`faxcron` with the given frequency
(see systemd.time(7)).
'';
};
faxcron.infoDays = mkOption {
type = ints.positive;
default = 30;
- description = ''
+ description = lib.mdDoc ''
Set the expiration time for data in the
remote machine information directory in days.
'';
@@ -297,7 +297,7 @@ in
faxcron.logDays = mkOption {
type = ints.positive;
default = 30;
- description = ''
+ description = lib.mdDoc ''
Set the expiration time for
session trace log files in days.
'';
@@ -305,7 +305,7 @@ in
faxcron.rcvDays = mkOption {
type = ints.positive;
default = 7;
- description = ''
+ description = lib.mdDoc ''
Set the expiration time for files in
the received facsimile queue in days.
'';
@@ -320,9 +320,9 @@ in
type = nullOr nonEmptyStr;
default = null;
example = "daily";
- description = ''
+ description = lib.mdDoc ''
Purge old files from the spooling area with
- faxcron with the given frequency
+ {file}`faxcron` with the given frequency
(see systemd.time(7)).
'';
};
@@ -330,12 +330,12 @@ in
type = enum [ "never" "as-flagged" "always" ];
default = "as-flagged";
example = "always";
- description = ''
+ description = lib.mdDoc ''
Enable or suppress job archiving:
- never disables job archiving,
- as-flagged archives jobs that
+ `never` disables job archiving,
+ `as-flagged` archives jobs that
have been flagged for archiving by sendfax,
- always forces archiving of all jobs.
+ `always` forces archiving of all jobs.
See also sendfax(1) and faxqclean(8).
'';
};
@@ -343,7 +343,7 @@ in
type = ints.positive;
default = 15;
example = literalExpression "24*60";
- description = ''
+ description = lib.mdDoc ''
Set the job
age threshold (in minutes) that controls how long
jobs may reside in the doneq directory.
@@ -353,7 +353,7 @@ in
type = ints.positive;
default = 60;
example = literalExpression "24*60";
- description = ''
+ description = lib.mdDoc ''
Set the document
age threshold (in minutes) that controls how long
unreferenced files may reside in the docq directory.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/i2pd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/i2pd.nix
index 34fda57b23d..fb83778fcf7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/i2pd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/i2pd.nix
@@ -24,29 +24,29 @@ let
name = mkOption {
type = types.str;
default = name;
- description = "The endpoint name.";
+ description = lib.mdDoc "The endpoint name.";
};
address = mkOption {
type = types.str;
default = addr;
- description = "Bind address for ${name} endpoint.";
+ description = lib.mdDoc "Bind address for ${name} endpoint.";
};
port = mkOption {
type = types.port;
default = port;
- description = "Bind port for ${name} endpoint.";
+ description = lib.mdDoc "Bind port for ${name} endpoint.";
};
};
i2cpOpts = name: {
length = mkOption {
type = types.int;
- description = "Guaranteed minimum hops for ${name} tunnels.";
+ description = lib.mdDoc "Guaranteed minimum hops for ${name} tunnels.";
default = 3;
};
quantity = mkOption {
type = types.int;
- description = "Number of simultaneous ${name} tunnels.";
+ description = lib.mdDoc "Number of simultaneous ${name} tunnels.";
default = 5;
};
};
@@ -56,7 +56,7 @@ let
keys = mkOption {
type = with types; nullOr str;
default = keyloc;
- description = ''
+ description = lib.mdDoc ''
File to persist ${lib.toUpper name} keys.
'';
};
@@ -64,12 +64,12 @@ let
outbound = i2cpOpts name;
latency.min = mkOption {
type = with types; nullOr int;
- description = "Min latency for tunnels.";
+ description = lib.mdDoc "Min latency for tunnels.";
default = null;
};
latency.max = mkOption {
type = with types; nullOr int;
- description = "Max latency for tunnels.";
+ description = lib.mdDoc "Max latency for tunnels.";
default = null;
};
};
@@ -79,17 +79,17 @@ let
inbound = i2cpOpts name;
crypto.tagsToSend = mkOption {
type = types.int;
- description = "Number of ElGamal/AES tags to send.";
+ description = lib.mdDoc "Number of ElGamal/AES tags to send.";
default = 40;
};
destination = mkOption {
type = types.str;
- description = "Remote endpoint, I2P hostname or b32.i2p address.";
+ description = lib.mdDoc "Remote endpoint, I2P hostname or b32.i2p address.";
};
keys = mkOption {
type = types.str;
default = name + "-keys.dat";
- description = "Keyset used for tunnel identity.";
+ description = lib.mdDoc "Keyset used for tunnel identity.";
};
} // mkEndpointOpt name "127.0.0.1" 0;
@@ -158,6 +158,10 @@ let
(sec "addressbook")
(strOpt "defaulturl" cfg.addressbook.defaulturl)
] ++ (optionalEmptyList "subscriptions" cfg.addressbook.subscriptions)
+ ++ [
+ (sec "meshnets")
+ (boolOpt "yggdrasil" cfg.yggdrasil.enable)
+ ] ++ (optionalNullString "yggaddress" cfg.yggdrasil.address)
++ (flip map
(collect (proto: proto ? port && proto ? address) cfg.proto)
(proto: let protoOpts = [
@@ -255,7 +259,7 @@ in
type = types.package;
default = pkgs.i2pd;
defaultText = literalExpression "pkgs.i2pd";
- description = ''
+ description = lib.mdDoc ''
i2pd package to use.
'';
};
@@ -263,12 +267,12 @@ in
logLevel = mkOption {
type = types.enum ["debug" "info" "warn" "error"];
default = "error";
- description = ''
- The log level. i2pd defaults to "info"
+ description = lib.mdDoc ''
+ The log level. {command}`i2pd` defaults to "info"
but that generates copious amounts of log messages.
We default to "error" which is similar to the default log
- level of tor.
+ level of {command}`tor`.
'';
};
@@ -277,7 +281,7 @@ in
address = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Your external IP or hostname.
'';
};
@@ -285,7 +289,7 @@ in
family = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify a family the router belongs to.
'';
};
@@ -293,7 +297,7 @@ in
dataDir = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Alternative path to storage of i2pd data (RI, keys, peer profiles, ...)
'';
};
@@ -301,7 +305,7 @@ in
share = mkOption {
type = types.int;
default = 100;
- description = ''
+ description = lib.mdDoc ''
Limit of transit traffic from max bandwidth in percents.
'';
};
@@ -309,7 +313,7 @@ in
ifname = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Network interface to bind to.
'';
};
@@ -317,7 +321,7 @@ in
ifname4 = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
IPv4 interface to bind to.
'';
};
@@ -325,7 +329,7 @@ in
ifname6 = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
IPv6 interface to bind to.
'';
};
@@ -333,7 +337,7 @@ in
ntcpProxy = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Proxy URL for NTCP transport.
'';
};
@@ -356,7 +360,7 @@ in
netid = mkOption {
type = types.int;
default = 2;
- description = ''
+ description = lib.mdDoc ''
I2P overlay netid.
'';
};
@@ -364,16 +368,16 @@ in
bandwidth = mkOption {
type = with types; nullOr int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Set a router bandwidth limit integer in KBps.
- If not set, i2pd defaults to 32KBps.
+ If not set, {command}`i2pd` defaults to 32KBps.
'';
};
port = mkOption {
type = with types; nullOr int;
default = null;
- description = ''
+ description = lib.mdDoc ''
I2P listen port. If no one is given the router will pick between 9111 and 30777.
'';
};
@@ -386,7 +390,7 @@ in
upnp.name = mkOption {
type = types.str;
default = "I2Pd";
- description = ''
+ description = lib.mdDoc ''
Name i2pd appears in UPnP forwardings list.
'';
};
@@ -407,7 +411,7 @@ in
reseed.file = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Full path to SU3 file to reseed from.
'';
};
@@ -415,7 +419,7 @@ in
reseed.urls = mkOption {
type = with types; listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Reseed URLs.
'';
};
@@ -423,7 +427,7 @@ in
reseed.floodfill = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to router info of floodfill to reseed from.
'';
};
@@ -431,7 +435,7 @@ in
reseed.zipfile = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to local .zip file to reseed from.
'';
};
@@ -439,7 +443,7 @@ in
reseed.proxy = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
URL for reseed proxy, supports http/socks.
'';
};
@@ -447,7 +451,7 @@ in
addressbook.defaulturl = mkOption {
type = types.str;
default = "http://joajgazyztfssty4w2on5oaqksz6tqoxbduy553y34mf4byv6gpq.b32.i2p/export/alive-hosts.txt";
- description = ''
+ description = lib.mdDoc ''
AddressBook subscription URL for initial setup
'';
};
@@ -458,7 +462,7 @@ in
"http://i2p-projekt.i2p/hosts.txt"
"http://stats.i2p/cgi-bin/newhosts.txt"
];
- description = ''
+ description = lib.mdDoc ''
AddressBook subscription URLs
'';
};
@@ -468,7 +472,7 @@ in
trust.family = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Router Familiy to trust for first hops.
'';
};
@@ -476,7 +480,7 @@ in
trust.routers = mkOption {
type = with types; listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Only connect to the listed routers.
'';
};
@@ -493,7 +497,7 @@ in
ntcp2.port = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Port to listen for incoming NTCP2 connections (0=auto).
'';
};
@@ -501,7 +505,7 @@ in
limits.transittunnels = mkOption {
type = types.int;
default = 2500;
- description = ''
+ description = lib.mdDoc ''
Maximum number of active transit sessions.
'';
};
@@ -509,7 +513,7 @@ in
limits.coreSize = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Maximum size of corefile in Kb (0 - use system limit).
'';
};
@@ -517,7 +521,7 @@ in
limits.openFiles = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Maximum number of open files (0 - use system default).
'';
};
@@ -525,7 +529,7 @@ in
limits.ntcpHard = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Maximum number of active transit sessions.
'';
};
@@ -533,7 +537,7 @@ in
limits.ntcpSoft = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Threshold to start probabalistic backoff with ntcp sessions (default: use system limit).
'';
};
@@ -541,11 +545,22 @@ in
limits.ntcpThreads = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
Maximum number of threads used by NTCP DH worker.
'';
};
+ yggdrasil.enable = mkEnableOption "Yggdrasil";
+
+ yggdrasil.address = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = lib.mdDoc ''
+ Your local yggdrasil address. Specify it if you want to bind your router to a
+ particular address.
+ '';
+ };
+
proto.http = (mkEndpointOpt "http" "127.0.0.1" 7070) // {
auth = mkEnableOption "Webconsole authentication";
@@ -553,7 +568,7 @@ in
user = mkOption {
type = types.str;
default = "i2pd";
- description = ''
+ description = lib.mdDoc ''
Username for webconsole access
'';
};
@@ -561,7 +576,7 @@ in
pass = mkOption {
type = types.str;
default = "i2pd";
- description = ''
+ description = lib.mdDoc ''
Password for webconsole access.
'';
};
@@ -569,7 +584,7 @@ in
strictHeaders = mkOption {
type = with types; nullOr bool;
default = null;
- description = ''
+ description = lib.mdDoc ''
Enable strict host checking on WebUI.
'';
};
@@ -577,7 +592,7 @@ in
hostname = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Expected hostname for WebUI.
'';
};
@@ -588,7 +603,7 @@ in
outproxy = mkOption {
type = with types; nullOr str;
default = null;
- description = "Upstream outproxy bind address.";
+ description = lib.mdDoc "Upstream outproxy bind address.";
};
};
proto.socksProxy = (mkKeyedEndpointOpt "socksproxy" "127.0.0.1" 4447 "socksproxy-keys.dat")
@@ -597,12 +612,12 @@ in
outproxy = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Upstream outproxy bind address.";
+ description = lib.mdDoc "Upstream outproxy bind address.";
};
outproxyPort = mkOption {
type = types.int;
default = 4444;
- description = "Upstream outproxy bind port.";
+ description = lib.mdDoc "Upstream outproxy bind port.";
};
};
@@ -619,7 +634,7 @@ in
destinationPort = mkOption {
type = with types; nullOr int;
default = null;
- description = "Connect to particular port at destination.";
+ description = lib.mdDoc "Connect to particular port at destination.";
};
} // commonTunOpts name;
config = {
@@ -627,7 +642,7 @@ in
};
}
));
- description = ''
+ description = lib.mdDoc ''
Connect to someone as a client and establish a local accept endpoint
'';
};
@@ -640,12 +655,12 @@ in
inPort = mkOption {
type = types.int;
default = 0;
- description = "Service port. Default to the tunnel's listen port.";
+ description = lib.mdDoc "Service port. Default to the tunnel's listen port.";
};
accessList = mkOption {
type = with types; listOf str;
default = [];
- description = "I2P nodes that are allowed to connect to this service.";
+ description = lib.mdDoc "I2P nodes that are allowed to connect to this service.";
};
} // commonTunOpts name;
config = {
@@ -653,7 +668,7 @@ in
};
}
));
- description = ''
+ description = lib.mdDoc ''
Serve something on I2P network at port and delegate requests to address inPort.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/icecream/daemon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/icecream/daemon.nix
index 8593c94e34d..f94832c4778 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/icecream/daemon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/icecream/daemon.nix
@@ -16,14 +16,14 @@ in {
openFirewall = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically open receive port in the firewall.
'';
};
openBroadcast = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically open the firewall for scheduler discovery.
'';
};
@@ -31,7 +31,7 @@ in {
cacheLimit = mkOption {
type = types.ints.u16;
default = 256;
- description = ''
+ description = lib.mdDoc ''
Maximum size in Megabytes of cache used to store compile environments of compile clients.
'';
};
@@ -39,7 +39,7 @@ in {
netName = mkOption {
type = types.str;
default = "ICECREAM";
- description = ''
+ description = lib.mdDoc ''
Network name to connect to. A scheduler with the same name needs to be running.
'';
};
@@ -47,7 +47,7 @@ in {
noRemote = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Prevent jobs from other nodes being scheduled on this daemon.
'';
};
@@ -55,7 +55,7 @@ in {
schedulerHost = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Explicit scheduler hostname, useful in firewalled environments.
Uses scheduler autodiscovery via broadcast if set to null.
@@ -65,7 +65,7 @@ in {
maxProcesses = mkOption {
type = types.nullOr types.ints.u16;
default = null;
- description = ''
+ description = lib.mdDoc ''
Maximum number of compile jobs started in parallel for this daemon.
Uses the number of CPUs if set to null.
@@ -75,7 +75,7 @@ in {
nice = mkOption {
type = types.int;
default = 5;
- description = ''
+ description = lib.mdDoc ''
The level of niceness to use.
'';
};
@@ -83,7 +83,7 @@ in {
hostname = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Hostname of the daemon in the icecream infrastructure.
Uses the hostname retrieved via uname if set to null.
@@ -93,7 +93,7 @@ in {
user = mkOption {
type = types.str;
default = "icecc";
- description = ''
+ description = lib.mdDoc ''
User to run the icecream daemon as. Set to root to enable receive of
remote compile environments.
'';
@@ -103,13 +103,13 @@ in {
default = pkgs.icecream;
defaultText = literalExpression "pkgs.icecream";
type = types.package;
- description = "Icecream package to use.";
+ description = lib.mdDoc "Icecream package to use.";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
- description = "Additional command line parameters.";
+ description = lib.mdDoc "Additional command line parameters.";
example = [ "-v" ];
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/icecream/scheduler.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/icecream/scheduler.nix
index 14fbc966b98..51f3988fe58 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/icecream/scheduler.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/icecream/scheduler.nix
@@ -16,7 +16,7 @@ in {
netName = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Network name for the icecream scheduler.
Uses the default ICECREAM if null.
@@ -26,14 +26,14 @@ in {
port = mkOption {
type = types.port;
default = 8765;
- description = ''
+ description = lib.mdDoc ''
Server port to listen for icecream daemon requests.
'';
};
openFirewall = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically open the daemon port in the firewall.
'';
};
@@ -41,7 +41,7 @@ in {
openTelnet = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open the telnet TCP port on 8766.
'';
};
@@ -49,7 +49,7 @@ in {
persistentClientConnection = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to prevent clients from connecting to a better scheduler.
'';
};
@@ -58,13 +58,13 @@ in {
default = pkgs.icecream;
defaultText = literalExpression "pkgs.icecream";
type = types.package;
- description = "Icecream package to use.";
+ description = lib.mdDoc "Icecream package to use.";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
- description = "Additional command line parameters";
+ description = lib.mdDoc "Additional command line parameters";
example = [ "-v" ];
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/inspircd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/inspircd.nix
index 81c367ec8f7..f2464b9a11f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/inspircd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/inspircd.nix
@@ -19,10 +19,10 @@ in {
default = pkgs.inspircd;
defaultText = lib.literalExpression "pkgs.inspircd";
example = lib.literalExpression "pkgs.inspircdMinimal";
- description = ''
+ description = lib.mdDoc ''
The InspIRCd package to use. This is mainly useful
to specify an overridden version of the
- pkgs.inspircd dervivation, for
+ `pkgs.inspircd` dervivation, for
example if you want to use a more minimal InspIRCd
distribution with less modules enabled or with
modules enabled which can't be distributed in binary
@@ -32,13 +32,13 @@ in {
config = lib.mkOption {
type = lib.types.lines;
- description = ''
- Verbatim inspircd.conf file.
+ description = lib.mdDoc ''
+ Verbatim `inspircd.conf` file.
For a list of options, consult the
- InspIRCd documentation, the
- Module documentation
+ [InspIRCd documentation](https://docs.inspircd.org/3/configuration/), the
+ [Module documentation](https://docs.inspircd.org/3/modules/)
and the example configuration files distributed
- with pkgs.inspircd.doc
+ with `pkgs.inspircd.doc`
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iodine.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iodine.nix
index e241afe3269..c24f118ce89 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iodine.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iodine.nix
@@ -52,28 +52,28 @@ in
server = mkOption {
type = types.str;
default = "";
- description = "Hostname of server running iodined";
+ description = lib.mdDoc "Hostname of server running iodined";
example = "tunnel.mydomain.com";
};
relay = mkOption {
type = types.str;
default = "";
- description = "DNS server to use as an intermediate relay to the iodined server";
+ description = lib.mdDoc "DNS server to use as an intermediate relay to the iodined server";
example = "8.8.8.8";
};
extraConfig = mkOption {
type = types.str;
default = "";
- description = "Additional command line parameters";
+ description = lib.mdDoc "Additional command line parameters";
example = "-l 192.168.1.10 -p 23";
};
passwordFile = mkOption {
type = types.str;
default = "";
- description = "Path to a file containing the password.";
+ description = lib.mdDoc "Path to a file containing the password.";
};
};
}
@@ -85,34 +85,34 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "enable iodined server";
+ description = lib.mdDoc "enable iodined server";
};
ip = mkOption {
type = types.str;
default = "";
- description = "The assigned ip address or ip range";
+ description = lib.mdDoc "The assigned ip address or ip range";
example = "172.16.10.1/24";
};
domain = mkOption {
type = types.str;
default = "";
- description = "Domain or subdomain of which nameservers point to us";
+ description = lib.mdDoc "Domain or subdomain of which nameservers point to us";
example = "tunnel.mydomain.com";
};
extraConfig = mkOption {
type = types.str;
default = "";
- description = "Additional command line parameters";
+ description = lib.mdDoc "Additional command line parameters";
example = "-l 192.168.1.10 -p 23";
};
passwordFile = mkOption {
type = types.str;
default = "";
- description = "File that contains password";
+ description = lib.mdDoc "File that contains password";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iperf3.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iperf3.nix
index 0fe378b225d..0c308f8e7c0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iperf3.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iperf3.nix
@@ -7,52 +7,52 @@ let
port = mkOption {
type = types.ints.u16;
default = 5201;
- description = "Server port to listen on for iperf3 client requsts.";
+ description = lib.mdDoc "Server port to listen on for iperf3 client requsts.";
};
affinity = mkOption {
type = types.nullOr types.ints.unsigned;
default = null;
- description = "CPU affinity for the process.";
+ description = lib.mdDoc "CPU affinity for the process.";
};
bind = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Bind to the specific interface associated with the given address.";
+ description = lib.mdDoc "Bind to the specific interface associated with the given address.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for iperf3.";
+ description = lib.mdDoc "Open ports in the firewall for iperf3.";
};
verbose = mkOption {
type = types.bool;
default = false;
- description = "Give more detailed output.";
+ description = lib.mdDoc "Give more detailed output.";
};
forceFlush = mkOption {
type = types.bool;
default = false;
- description = "Force flushing output at every interval.";
+ description = lib.mdDoc "Force flushing output at every interval.";
};
debug = mkOption {
type = types.bool;
default = false;
- description = "Emit debugging output.";
+ description = lib.mdDoc "Emit debugging output.";
};
rsaPrivateKey = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Path to the RSA private key (not password-protected) used to decrypt authentication credentials from the client.";
+ description = lib.mdDoc "Path to the RSA private key (not password-protected) used to decrypt authentication credentials from the client.";
};
authorizedUsersFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Path to the configuration file containing authorized users credentials to run iperf tests.";
+ description = lib.mdDoc "Path to the configuration file containing authorized users credentials to run iperf tests.";
};
extraFlags = mkOption {
type = types.listOf types.str;
default = [ ];
- description = "Extra flags to pass to iperf3(1).";
+ description = lib.mdDoc "Extra flags to pass to iperf3(1).";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/initiator.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/initiator.nix
index 051c9c7bff3..7414a705a25 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/initiator.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/initiator.nix
@@ -12,16 +12,16 @@ in
discoverPortal = mkOption {
type = nullOr str;
default = null;
- description = "Portal to discover targets on";
+ description = lib.mdDoc "Portal to discover targets on";
};
name = mkOption {
type = str;
- description = "Name of this iscsi initiator";
+ description = lib.mdDoc "Name of this iscsi initiator";
example = "iqn.2020-08.org.linux-iscsi.initiatorhost:example";
};
package = mkOption {
type = package;
- description = "openiscsi package to use";
+ description = lib.mdDoc "openiscsi package to use";
default = pkgs.openiscsi;
defaultText = literalExpression "pkgs.openiscsi";
};
@@ -29,11 +29,11 @@ in
extraConfig = mkOption {
type = str;
default = "";
- description = "Lines to append to default iscsid.conf";
+ description = lib.mdDoc "Lines to append to default iscsid.conf";
};
extraConfigFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Append an additional file's contents to /etc/iscsid.conf. Use a non-store path
and store passwords in this file.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/root-initiator.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/root-initiator.nix
index c12aca1bc24..b55fda67252 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/root-initiator.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/root-initiator.nix
@@ -19,7 +19,7 @@ in
# machines to be up.
options.boot.iscsi-initiator = with types; {
name = mkOption {
- description = ''
+ description = lib.mdDoc ''
Name of the iSCSI initiator to boot from. Note, booting from iscsi
requires networkd based networking.
'';
@@ -29,7 +29,7 @@ in
};
discoverPortal = mkOption {
- description = ''
+ description = lib.mdDoc ''
iSCSI portal to boot from.
'';
default = null;
@@ -38,7 +38,7 @@ in
};
target = mkOption {
- description = ''
+ description = lib.mdDoc ''
Name of the iSCSI target to boot from.
'';
default = null;
@@ -47,7 +47,7 @@ in
};
logLevel = mkOption {
- description = ''
+ description = lib.mdDoc ''
Higher numbers elicits more logs.
'';
default = 1;
@@ -56,7 +56,7 @@ in
};
loginAll = mkOption {
- description = ''
+ description = lib.mdDoc ''
Do not log into a specific target on the portal, but to all that we discover.
This overrides setting target.
'';
@@ -65,13 +65,13 @@ in
};
extraIscsiCommands = mkOption {
- description = "Extra iscsi commands to run in the initrd.";
+ description = lib.mdDoc "Extra iscsi commands to run in the initrd.";
default = "";
type = lines;
};
extraConfig = mkOption {
- description = "Extra lines to append to /etc/iscsid.conf";
+ description = lib.mdDoc "Extra lines to append to /etc/iscsid.conf";
default = null;
type = nullOr lines;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/target.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/target.nix
index 8a10e7d346a..5bdac4336ce 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/target.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iscsi/target.nix
@@ -14,7 +14,7 @@ in
config = mkOption {
type = attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
Content of /etc/target/saveconfig.json
This file is normally read and written by targetcli
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iwd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iwd.nix
index 5c1480e7e2f..4921fe2c76c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iwd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/iwd.nix
@@ -32,9 +32,9 @@ in
};
};
- description = ''
+ description = lib.mdDoc ''
Options passed to iwd.
- See here for supported options.
+ See [here](https://iwd.wiki.kernel.org/networkconfigurationsettings) for supported options.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jibri/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jibri/default.nix
index 113a7aa4384..4ac5bae22cc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jibri/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jibri/default.nix
@@ -93,9 +93,9 @@ in
config = mkOption {
type = attrs;
default = { };
- description = ''
+ description = lib.mdDoc ''
Jibri configuration.
- See
+ See
for default configuration with comments.
'';
};
@@ -136,7 +136,7 @@ in
exit 0
'''''';
'';
- description = ''
+ description = lib.mdDoc ''
This script runs when jibri finishes recording a video of a conference.
'';
};
@@ -145,14 +145,14 @@ in
type = bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the flag "--ignore-certificate-errors" for the Chromium browser opened by Jibri.
Intended for use in automated tests or anywhere else where using a verified cert for Jitsi-Meet is not possible.
'';
};
xmppEnvironments = mkOption {
- description = ''
+ description = lib.mdDoc ''
XMPP servers to connect to.
'';
example = literalExpression ''
@@ -189,54 +189,54 @@ in
xmppServerHosts = mkOption {
type = listOf str;
example = [ "xmpp.example.org" ];
- description = ''
+ description = lib.mdDoc ''
Hostnames of the XMPP servers to connect to.
'';
};
xmppDomain = mkOption {
type = str;
example = "xmpp.example.org";
- description = ''
+ description = lib.mdDoc ''
The base XMPP domain.
'';
};
control.muc.domain = mkOption {
type = str;
- description = ''
+ description = lib.mdDoc ''
The domain part of the MUC to connect to for control.
'';
};
control.muc.roomName = mkOption {
type = str;
default = "JibriBrewery";
- description = ''
+ description = lib.mdDoc ''
The room name of the MUC to connect to for control.
'';
};
control.muc.nickname = mkOption {
type = str;
default = "jibri";
- description = ''
+ description = lib.mdDoc ''
The nickname for this Jibri instance in the MUC.
'';
};
control.login.domain = mkOption {
type = str;
- description = ''
+ description = lib.mdDoc ''
The domain part of the JID for this Jibri instance.
'';
};
control.login.username = mkOption {
type = str;
default = "jvb";
- description = ''
+ description = lib.mdDoc ''
User part of the JID.
'';
};
control.login.passwordFile = mkOption {
type = str;
example = "/run/keys/jibri-xmpp1";
- description = ''
+ description = lib.mdDoc ''
File containing the password for the user.
'';
};
@@ -244,28 +244,28 @@ in
call.login.domain = mkOption {
type = str;
example = "recorder.xmpp.example.org";
- description = ''
+ description = lib.mdDoc ''
The domain part of the JID for the recorder.
'';
};
call.login.username = mkOption {
type = str;
default = "recorder";
- description = ''
+ description = lib.mdDoc ''
User part of the JID for the recorder.
'';
};
call.login.passwordFile = mkOption {
type = str;
example = "/run/keys/jibri-recorder-xmpp1";
- description = ''
+ description = lib.mdDoc ''
File containing the password for the user.
'';
};
disableCertificateVerification = mkOption {
type = bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to skip validation of the server's certificate.
'';
};
@@ -274,7 +274,7 @@ in
type = str;
default = "0";
example = "conference.";
- description = ''
+ description = lib.mdDoc ''
The prefix to strip from the room's JID domain to derive the call URL.
'';
};
@@ -282,7 +282,7 @@ in
type = str;
default = "0";
example = "1 hour";
- description = ''
+ description = lib.mdDoc ''
The duration that the Jibri session can be.
A value of zero means indefinitely.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jicofo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jicofo.nix
index 647119b9039..3b9038f5674 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jicofo.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jicofo.nix
@@ -12,7 +12,7 @@ in
xmppHost = mkOption {
type = str;
example = "localhost";
- description = ''
+ description = lib.mdDoc ''
Hostname of the XMPP server to connect to.
'';
};
@@ -20,17 +20,17 @@ in
xmppDomain = mkOption {
type = nullOr str;
example = "meet.example.org";
- description = ''
+ description = lib.mdDoc ''
Domain name of the XMMP server to which to connect as a component.
- If null, is used.
+ If null, {option}`xmppHost` is used.
'';
};
componentPasswordFile = mkOption {
type = str;
example = "/run/keys/jicofo-component";
- description = ''
+ description = lib.mdDoc ''
Path to file containing component secret.
'';
};
@@ -38,7 +38,7 @@ in
userName = mkOption {
type = str;
default = "focus";
- description = ''
+ description = lib.mdDoc ''
User part of the JID for XMPP user connection.
'';
};
@@ -46,7 +46,7 @@ in
userDomain = mkOption {
type = str;
example = "auth.meet.example.org";
- description = ''
+ description = lib.mdDoc ''
Domain part of the JID for XMPP user connection.
'';
};
@@ -54,7 +54,7 @@ in
userPasswordFile = mkOption {
type = str;
example = "/run/keys/jicofo-user";
- description = ''
+ description = lib.mdDoc ''
Path to file containing password for XMPP user connection.
'';
};
@@ -62,7 +62,7 @@ in
bridgeMuc = mkOption {
type = str;
example = "jvbbrewery@internal.meet.example.org";
- description = ''
+ description = lib.mdDoc ''
JID of the internal MUC used to communicate with Videobridges.
'';
};
@@ -75,8 +75,8 @@ in
"org.jitsi.jicofo.auth.URL" = "XMPP:jitsi-meet.example.com";
}
'';
- description = ''
- Contents of the sip-communicator.properties configuration file for jicofo.
+ description = lib.mdDoc ''
+ Contents of the {file}`sip-communicator.properties` configuration file for jicofo.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jitsi-videobridge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jitsi-videobridge.nix
index abb0bd0a25e..36e7616d755 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jitsi-videobridge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/jitsi-videobridge.nix
@@ -67,19 +67,19 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
Videobridge configuration.
- See
+ See
for default configuration with comments.
'';
};
xmppConfigs = mkOption {
- description = ''
+ description = lib.mdDoc ''
XMPP servers to connect to.
- See for more information.
+ See for more information.
'';
default = { };
example = literalExpression ''
@@ -98,7 +98,7 @@ in
hostName = mkOption {
type = str;
example = "xmpp.example.org";
- description = ''
+ description = lib.mdDoc ''
Hostname of the XMPP server to connect to. Name of the attribute set is used by default.
'';
};
@@ -106,35 +106,35 @@ in
type = nullOr str;
default = null;
example = "auth.xmpp.example.org";
- description = ''
+ description = lib.mdDoc ''
Domain part of JID of the XMPP user, if it is different from hostName.
'';
};
userName = mkOption {
type = str;
default = "jvb";
- description = ''
+ description = lib.mdDoc ''
User part of the JID.
'';
};
passwordFile = mkOption {
type = str;
example = "/run/keys/jitsi-videobridge-xmpp1";
- description = ''
+ description = lib.mdDoc ''
File containing the password for the user.
'';
};
mucJids = mkOption {
type = str;
example = "jvbbrewery@internal.xmpp.example.org";
- description = ''
+ description = lib.mdDoc ''
JID of the MUC to join. JiCoFo needs to be configured to join the same MUC.
'';
};
mucNickname = mkOption {
# Upstream DEBs use UUID, let's use hostname instead.
type = str;
- description = ''
+ description = lib.mdDoc ''
Videobridges use the same XMPP account and need to be distinguished by the
nickname (aka resource part of the JID). By default, system hostname is used.
'';
@@ -142,7 +142,7 @@ in
disableCertificateVerification = mkOption {
type = bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to skip validation of the server's certificate.
'';
};
@@ -161,7 +161,7 @@ in
type = nullOr str;
default = null;
example = "192.168.1.42";
- description = ''
+ description = lib.mdDoc ''
Local address when running behind NAT.
'';
};
@@ -170,7 +170,7 @@ in
type = nullOr str;
default = null;
example = "1.2.3.4";
- description = ''
+ description = lib.mdDoc ''
Public address when running behind NAT.
'';
};
@@ -179,7 +179,7 @@ in
extraProperties = mkOption {
type = attrsOf str;
default = { };
- description = ''
+ description = lib.mdDoc ''
Additional Java properties passed to jitsi-videobridge.
'';
};
@@ -187,14 +187,14 @@ in
openFirewall = mkOption {
type = bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open ports in the firewall for the videobridge.
'';
};
apis = mkOption {
type = with types; listOf str;
- description = ''
+ description = lib.mdDoc ''
What is passed as --apis= parameter. If this is empty, "none" is passed.
Needed for monitoring jitsi.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/kea.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/kea.nix
index 994c511bdc2..d9d6e3f42ce 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/kea.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/kea.nix
@@ -35,7 +35,7 @@ in
{
options.services.kea = with types; {
ctrl-agent = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kea Control Agent configuration
'';
default = {};
@@ -46,7 +46,7 @@ in
extraArgs = mkOption {
type = listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of additonal arguments to pass to the daemon.
'';
};
@@ -65,8 +65,8 @@ in
settings = mkOption {
type = format.type;
default = null;
- description = ''
- Kea Control Agent configuration as an attribute set, see .
+ description = lib.mdDoc ''
+ Kea Control Agent configuration as an attribute set, see .
'';
};
};
@@ -74,7 +74,7 @@ in
};
dhcp4 = mkOption {
- description = ''
+ description = lib.mdDoc ''
DHCP4 Server configuration
'';
default = {};
@@ -85,7 +85,7 @@ in
extraArgs = mkOption {
type = listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of additonal arguments to pass to the daemon.
'';
};
@@ -125,8 +125,8 @@ in
} ];
} ];
};
- description = ''
- Kea DHCP4 configuration as an attribute set, see .
+ description = lib.mdDoc ''
+ Kea DHCP4 configuration as an attribute set, see .
'';
};
};
@@ -134,7 +134,7 @@ in
};
dhcp6 = mkOption {
- description = ''
+ description = lib.mdDoc ''
DHCP6 Server configuration
'';
default = {};
@@ -145,7 +145,7 @@ in
extraArgs = mkOption {
type = listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of additonal arguments to pass to the daemon.
'';
};
@@ -186,8 +186,8 @@ in
} ];
} ];
};
- description = ''
- Kea DHCP6 configuration as an attribute set, see .
+ description = lib.mdDoc ''
+ Kea DHCP6 configuration as an attribute set, see .
'';
};
};
@@ -195,7 +195,7 @@ in
};
dhcp-ddns = mkOption {
- description = ''
+ description = lib.mdDoc ''
Kea DHCP-DDNS configuration
'';
default = {};
@@ -206,7 +206,7 @@ in
extraArgs = mkOption {
type = listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of additonal arguments to pass to the daemon.
'';
};
@@ -239,8 +239,8 @@ in
ddns-domains = [ ];
};
};
- description = ''
- Kea DHCP-DDNS configuration as an attribute set, see .
+ description = lib.mdDoc ''
+ Kea DHCP-DDNS configuration as an attribute set, see .
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/keybase.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/keybase.nix
index 495102cb7ee..ae10aebb86e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/keybase.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/keybase.nix
@@ -14,7 +14,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to start the Keybase service.";
+ description = lib.mdDoc "Whether to start the Keybase service.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/knot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/knot.nix
index a58a03997b3..20f11f0cd59 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/knot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/knot.nix
@@ -42,7 +42,7 @@ in {
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of additional command line paramters for knotd
'';
};
@@ -50,7 +50,7 @@ in {
keyFiles = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of files containing additional configuration
to be included using the include directive. This option
allows to include configuration like TSIG keys without
@@ -63,7 +63,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra lines to be added verbatim to knot.conf
'';
};
@@ -72,7 +72,7 @@ in {
type = types.package;
default = pkgs.knot-dns;
defaultText = literalExpression "pkgs.knot-dns";
- description = ''
+ description = lib.mdDoc ''
Which Knot DNS package to use
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/kresd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/kresd.nix
index 28b8be7a9a0..623e477ca7a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/kresd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/kresd.nix
@@ -50,10 +50,10 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable knot-resolver domain name server.
DNSSEC validation is turned on by default.
- You can run sudo nc -U /run/knot-resolver/control/1
+ You can run `sudo nc -U /run/knot-resolver/control/1`
and give commands interactively to kresd@1.service.
'';
};
@@ -69,7 +69,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra lines to be added verbatim to the generated configuration file.
'';
};
@@ -77,7 +77,7 @@ in {
type = with types; listOf str;
default = [ "[::1]:53" "127.0.0.1:53" ];
example = [ "53" ];
- description = ''
+ description = lib.mdDoc ''
What addresses and ports the server should listen on.
For detailed syntax see ListenStream in man systemd.socket.
'';
@@ -86,7 +86,7 @@ in {
type = with types; listOf str;
default = [];
example = [ "198.51.100.1:853" "[2001:db8::1]:853" "853" ];
- description = ''
+ description = lib.mdDoc ''
Addresses and ports on which kresd should provide DNS over TLS (see RFC 7858).
For detailed syntax see ListenStream in man systemd.socket.
'';
@@ -95,7 +95,7 @@ in {
type = with types; listOf str;
default = [];
example = [ "198.51.100.1:443" "[2001:db8::1]:443" "443" ];
- description = ''
+ description = lib.mdDoc ''
Addresses and ports on which kresd should provide DNS over HTTPS/2 (see RFC 8484).
For detailed syntax see ListenStream in man systemd.socket.
'';
@@ -103,7 +103,7 @@ in {
instances = mkOption {
type = types.ints.unsigned;
default = 1;
- description = ''
+ description = lib.mdDoc ''
The number of instances to start. They will be called kresd@{1,2,...}.service.
Knot Resolver uses no threads, so this is the way to scale.
You can dynamically start/stop them at will, so this is just system default.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lambdabot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lambdabot.nix
index 3005e582455..8609bc97196 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lambdabot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lambdabot.nix
@@ -21,20 +21,20 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the Lambdabot IRC bot";
+ description = lib.mdDoc "Enable the Lambdabot IRC bot";
};
package = mkOption {
type = types.package;
default = pkgs.lambdabot;
defaultText = literalExpression "pkgs.lambdabot";
- description = "Used lambdabot package";
+ description = lib.mdDoc "Used lambdabot package";
};
script = mkOption {
type = types.str;
default = "";
- description = "Lambdabot script";
+ description = lib.mdDoc "Lambdabot script";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/libreswan.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/libreswan.nix
index 429167aed9d..08ffcca8a5a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/libreswan.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/libreswan.nix
@@ -60,7 +60,7 @@ in
protostack=netkey
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
'';
- description = "Options to go in the 'config setup' section of the Libreswan IPsec configuration";
+ description = lib.mdDoc "Options to go in the 'config setup' section of the Libreswan IPsec configuration";
};
connections = mkOption {
@@ -79,7 +79,7 @@ in
''';
}
'';
- description = "A set of connections to define for the Libreswan IPsec service";
+ description = lib.mdDoc "A set of connections to define for the Libreswan IPsec service";
};
policies = mkOption {
@@ -105,10 +105,10 @@ in
disableRedirects = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to disable send and accept redirects for all nework interfaces.
- See the Libreswan
- FAQ page for why this is recommended.
+ See the Libreswan [
+ FAQ](https://libreswan.org/wiki/FAQ#Why_is_it_recommended_to_disable_send_redirects_in_.2Fproc.2Fsys.2Fnet_.3F) page for why this is recommended.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lldpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lldpd.nix
index d5de9c45d84..41a3713fcef 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lldpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lldpd.nix
@@ -15,7 +15,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "-c" "-k" "-I eth0" ];
- description = "List of command line parameters for lldpd";
+ description = lib.mdDoc "List of command line parameters for lldpd";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/logmein-hamachi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/logmein-hamachi.nix
index 11cbdda2f84..7c00b82e3b3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/logmein-hamachi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/logmein-hamachi.nix
@@ -18,7 +18,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to enable LogMeIn Hamachi, a proprietary
(closed source) commercial VPN software.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lokinet.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lokinet.nix
new file mode 100644
index 00000000000..6dc33faa82b
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lokinet.nix
@@ -0,0 +1,157 @@
+{ config, lib, pkgs, ... }:
+
+let
+ cfg = config.services.lokinet;
+ dataDir = "/var/lib/lokinet";
+ settingsFormat = pkgs.formats.ini { listsAsDuplicateKeys = true; };
+ configFile = settingsFormat.generate "lokinet.ini" (lib.filterAttrsRecursive (n: v: v != null) cfg.settings);
+in with lib; {
+ options.services.lokinet = {
+ enable = mkEnableOption "Lokinet daemon";
+
+ package = mkOption {
+ type = types.package;
+ default = pkgs.lokinet;
+ defaultText = literalExpression "pkgs.lokinet";
+ description = lib.mdDoc "Lokinet package to use.";
+ };
+
+ useLocally = mkOption {
+ type = types.bool;
+ default = false;
+ example = true;
+ description = lib.mdDoc "Whether to use Lokinet locally.";
+ };
+
+ settings = mkOption {
+ type = with types;
+ submodule {
+ freeformType = settingsFormat.type;
+
+ options = {
+ dns = {
+ bind = mkOption {
+ type = str;
+ default = "127.3.2.1";
+ description = lib.mdDoc "Address to bind to for handling DNS requests.";
+ };
+
+ upstream = mkOption {
+ type = listOf str;
+ default = [ "9.9.9.10" ];
+ example = [ "1.1.1.1" "8.8.8.8" ];
+ description = lib.mdDoc ''
+ Upstream resolver(s) to use as fallback for non-loki addresses.
+ Multiple values accepted.
+ '';
+ };
+ };
+
+ network = {
+ exit = mkOption {
+ type = bool;
+ default = false;
+ description = lib.mdDoc ''
+ Whether to act as an exit node. Beware that this
+ increases demand on the server and may pose liability concerns.
+ Enable at your own risk.
+ '';
+ };
+
+ exit-node = mkOption {
+ type = nullOr (listOf str);
+ default = null;
+ example = ''
+ exit-node = [ "example.loki" ]; # maps all exit traffic to example.loki
+ exit-node = [ "example.loki:100.0.0.0/24" ]; # maps 100.0.0.0/24 to example.loki
+ '';
+ description = ''
+ Specify a `.loki` address and an optional ip range to use as an exit broker.
+ See for
+ a list of exit nodes.
+ '';
+ };
+
+ keyfile = mkOption {
+ type = nullOr str;
+ default = null;
+ example = "snappkey.private";
+ description = lib.mdDoc ''
+ The private key to persist address with. If not specified the address will be ephemeral.
+ This keyfile is generated automatically if the specified file doesn't exist.
+ '';
+ };
+ };
+ };
+ };
+ default = { };
+ example = literalExpression ''
+ {
+ dns = {
+ bind = "127.3.2.1";
+ upstream = [ "1.1.1.1" "8.8.8.8" ];
+ };
+
+ network.exit-node = [ "example.loki" "example2.loki" ];
+ }
+ '';
+ description = ''
+ Configuration for Lokinet.
+ Currently, the best way to view the available settings is by
+ generating a config file using `lokinet -g`.
+ '';
+ };
+ };
+
+ config = mkIf cfg.enable {
+ networking.resolvconf.extraConfig = mkIf cfg.useLocally ''
+ name_servers="${cfg.settings.dns.bind}"
+ '';
+
+ systemd.services.lokinet = {
+ description = "Lokinet";
+ after = [ "network-online.target" "network.target" ];
+ wants = [ "network-online.target" "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ preStart = ''
+ ln -sf ${cfg.package}/share/bootstrap.signed ${dataDir}
+ ${pkgs.coreutils}/bin/install -m 600 ${configFile} ${dataDir}/lokinet.ini
+
+ ${optionalString (cfg.settings.network.keyfile != null) ''
+ ${pkgs.crudini}/bin/crudini --set ${dataDir}/lokinet.ini network keyfile "${dataDir}/${cfg.settings.network.keyfile}"
+ ''}
+ '';
+
+ serviceConfig = {
+ DynamicUser = true;
+ StateDirectory = "lokinet";
+ AmbientCapabilities = [ "CAP_NET_ADMIN" "CAP_NET_BIND_SERVICE" ];
+ ExecStart = "${cfg.package}/bin/lokinet ${dataDir}/lokinet.ini";
+ Restart = "always";
+ RestartSec = "5s";
+
+ # hardening
+ LockPersonality = true;
+ MemoryDenyWriteExecute = true;
+ NoNewPrivileges = true;
+ PrivateTmp = true;
+ PrivateMounts = true;
+ ProtectControlGroups = true;
+ ProtectHome = true;
+ ProtectHostname = true;
+ ProtectKernelLogs = true;
+ ProtectKernelModules = true;
+ ProtectKernelTunables = true;
+ ProtectSystem = "strict";
+ ReadWritePaths = "/dev/net/tun";
+ RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" "AF_NETLINK" ];
+ RestrictNamespaces = true;
+ RestrictRealtime = true;
+ RestrictSUIDSGID = true;
+ };
+ };
+
+ environment.systemPackages = [ cfg.package ];
+ };
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lxd-image-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lxd-image-server.nix
index d326626eed4..44f93a5c56e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lxd-image-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/lxd-image-server.nix
@@ -15,17 +15,17 @@ in
group = mkOption {
type = types.str;
- description = "Group assigned to the user and the webroot directory.";
+ description = lib.mdDoc "Group assigned to the user and the webroot directory.";
default = "nginx";
example = "www-data";
};
settings = mkOption {
type = format.type;
- description = ''
+ description = lib.mdDoc ''
Configuration for lxd-image-server.
- Example see .
+ Example see .
'';
default = {};
};
@@ -34,7 +34,7 @@ in
enable = mkEnableOption "nginx";
domain = mkOption {
type = types.str;
- description = "Domain to use for nginx virtual host.";
+ description = lib.mdDoc "Domain to use for nginx virtual host.";
example = "images.example.org";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/matterbridge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/matterbridge.nix
index 9186eee26ab..f75be9b4e37 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/matterbridge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/matterbridge.nix
@@ -23,7 +23,7 @@ in
type = with types; nullOr str;
default = null;
example = "/etc/nixos/matterbridge.toml";
- description = ''
+ description = lib.mdDoc ''
The path to the matterbridge configuration file.
'';
};
@@ -62,10 +62,10 @@ in
account="mattermost.work"
channel="off-topic"
'';
- description = ''
+ description = lib.mdDoc ''
WARNING: THIS IS INSECURE, as your password will end up in
- /nix/store, thus publicly readable. Use
- services.matterbridge.configPath instead.
+ {file}`/nix/store`, thus publicly readable. Use
+ `services.matterbridge.configPath` instead.
The matterbridge configuration file in the TOML file format.
'';
@@ -73,7 +73,7 @@ in
user = mkOption {
type = types.str;
default = "matterbridge";
- description = ''
+ description = lib.mdDoc ''
User which runs the matterbridge service.
'';
};
@@ -81,7 +81,7 @@ in
group = mkOption {
type = types.str;
default = "matterbridge";
- description = ''
+ description = lib.mdDoc ''
Group which runs the matterbridge service.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/minidlna.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/minidlna.nix
index c860f63efa6..0cac41f58da 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/minidlna.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/minidlna.nix
@@ -5,164 +5,136 @@ with lib;
let
cfg = config.services.minidlna;
- port = 8200;
+ settingsFormat = pkgs.formats.keyValue { listsAsDuplicateKeys = true; };
+ settingsFile = settingsFormat.generate "minidlna.conf" cfg.settings;
in
{
###### interface
- options = {
- services.minidlna.enable = mkOption {
- type = types.bool;
- default = false;
- description =
- ''
- Whether to enable MiniDLNA, a simple DLNA server. It serves
- media files such as video and music to DLNA client devices
- such as televisions and media players.
- '';
- };
-
- services.minidlna.mediaDirs = mkOption {
- type = types.listOf types.str;
- default = [];
- example = [ "/data/media" "V,/home/alice/video" ];
- description =
- ''
- Directories to be scanned for media files. The prefixes
- A,, V, and
- P, restrict a directory to audio, video
- or image files. The directories must be accessible to the
- minidlna user account.
- '';
- };
-
- services.minidlna.friendlyName = mkOption {
- type = types.str;
- default = "${config.networking.hostName} MiniDLNA";
- defaultText = literalExpression ''"''${config.networking.hostName} MiniDLNA"'';
- example = "rpi3";
- description =
- ''
- Name that the DLNA server presents to clients.
- '';
- };
-
- services.minidlna.rootContainer = mkOption {
- type = types.str;
- default = ".";
- example = "B";
- description =
- ''
- Use a different container as the root of the directory tree presented
- to clients. The possible values are:
- - "." - standard container
- - "B" - "Browse Directory"
- - "M" - "Music"
- - "P" - "Pictures"
- - "V" - "Video"
- - Or, you can specify the ObjectID of your desired root container
- (eg. 1$F for Music/Playlists)
- If you specify "B" and the client device is audio-only then
- "Music/Folders" will be used as root.
- '';
- };
-
- services.minidlna.loglevel = mkOption {
- type = types.str;
- default = "warn";
- example = "general,artwork,database,inotify,scanner,metadata,http,ssdp,tivo=warn";
- description =
- ''
- Defines the type of messages that should be logged, and down to
- which level of importance they should be considered.
-
- The possible types are “artwork”, “database”, “general”, “http”,
- “inotify”, “metadata”, “scanner”, “ssdp” and “tivo”.
-
- The levels are “off”, “fatal”, “error”, “warn”, “info” and
- “debug”, listed here in order of decreasing importance. “off”
- turns off logging messages entirely, “fatal” logs the most
- critical messages only, and so on down to “debug” that logs every
- single messages.
+ options.services.minidlna.enable = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ Whether to enable MiniDLNA, a simple DLNA server.
+ It serves media files such as video and music to DLNA client devices
+ such as televisions and media players. If you use the firewall consider
+ adding the following: `services.minidlna.openFirewall = true;`
+ '';
+ };
- The types are comma-separated, followed by an equal sign (‘=’),
- followed by a level that applies to the preceding types. This can
- be repeated, separating each of these constructs with a comma.
+ options.services.minidlna.openFirewall = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ Whether to open both HTTP (TCP) and SSDP (UDP) ports in the firewall.
+ '';
+ };
- Defaults to “general,artwork,database,inotify,scanner,metadata,
- http,ssdp,tivo=warn” which logs every type of message at the
- “warn” level.
+ options.services.minidlna.settings = mkOption {
+ default = {};
+ description = lib.mdDoc ''
+ The contents of MiniDLNA's configuration file.
+ When the service is activated, a basic template is generated
+ from the current options opened here.
+ '';
+ type = types.submodule {
+ freeformType = settingsFormat.type;
+
+ options.media_dir = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ example = [ "/data/media" "V,/home/alice/video" ];
+ description = lib.mdDoc ''
+ Directories to be scanned for media files.
+ The prefixes `A,`,`V,` and
+ `P,` restrict a directory to audio, video
+ or image files. The directories must be accessible to the
+ `minidlna` user account.
'';
- };
-
- services.minidlna.announceInterval = mkOption {
- type = types.int;
- default = 895;
- description =
- ''
+ };
+ options.notify_interval = mkOption {
+ type = types.int;
+ default = 90000;
+ description = lib.mdDoc ''
The interval between announces (in seconds).
-
- By default miniDLNA will announce its presence on the network
- approximately every 15 minutes.
-
- Many people prefer shorter announce intervals (e.g. 60 seconds)
- on their home networks, especially when DLNA clients are
- started on demand.
+ Instead of waiting on announces, one can open port UDP 1900 or
+ set `openFirewall` option to use SSDP discovery.
+ Furthermore announce interval has now been set as 90000 in order
+ to prevent disconnects with certain clients and to rely solely
+ on the SSDP method.
+
+ Lower values (e.g. 60 seconds) should be used if one does not
+ want to utilize SSDP. By default miniDLNA will announce its
+ presence on the network approximately every 15 minutes. Many
+ people prefer shorter announce intervals on their home networks,
+ especially when DLNA clients are started on demand.
+
+ Some relevant information can be found here:
+ https://sourceforge.net/p/minidlna/discussion/879957/thread/1389d197/
'';
- };
-
- services.minidlna.config = mkOption {
- type = types.lines;
- description =
- ''
- The contents of MiniDLNA's configuration file.
- When the service is activated, a basic template is generated
- from the current options opened here.
- '';
- };
-
- services.minidlna.extraConfig = mkOption {
- type = types.lines;
- default = "";
- example = ''
- # Not exhaustive example
- # Support for streaming .jpg and .mp3 files to a TiVo supporting HMO.
- enable_tivo=no
- # SSDP notify interval, in seconds.
- notify_interval=10
- # maximum number of simultaneous connections
- # note: many clients open several simultaneous connections while
- # streaming
- max_connections=50
- # set this to yes to allow symlinks that point outside user-defined
- # media_dirs.
- wide_links=yes
- '';
- description =
- ''
- Extra minidlna options not yet opened for configuration here
- (strict_dlna, model_number, model_name, etc...). This is appended
- to the current service already provided.
- '';
+ };
+ options.port = mkOption {
+ type = types.port;
+ default = 8200;
+ description = lib.mdDoc "Port number for HTTP traffic (descriptions, SOAP, media transfer).";
+ };
+ options.db_dir = mkOption {
+ type = types.path;
+ default = "/var/cache/minidlna";
+ example = "/tmp/minidlna";
+ description = lib.mdDoc "Specify the directory where you want MiniDLNA to store its database and album art cache.";
+ };
+ options.friendly_name = mkOption {
+ type = types.str;
+ default = "${config.networking.hostName} MiniDLNA";
+ defaultText = literalExpression "config.networking.hostName";
+ example = "rpi3";
+ description = lib.mdDoc "Name that the DLNA server presents to clients.";
+ };
+ options.root_container = mkOption {
+ type = types.str;
+ default = ".";
+ example = "B";
+ description = lib.mdDoc "Use a different container as the root of the directory tree presented to clients.";
+ };
+ options.log_level = mkOption {
+ type = types.str;
+ default = "warn";
+ example = "general,artwork,database,inotify,scanner,metadata,http,ssdp,tivo=warn";
+ description = lib.mdDoc "Defines the type of messages that should be logged and down to which level of importance.";
+ };
+ options.inotify = mkOption {
+ type = types.enum [ "yes" "no" ];
+ default = "no";
+ description = lib.mdDoc "Whether to enable inotify monitoring to automatically discover new files.";
+ };
+ options.enable_tivo = mkOption {
+ type = types.enum [ "yes" "no" ];
+ default = "no";
+ description = lib.mdDoc "Support for streaming .jpg and .mp3 files to a TiVo supporting HMO.";
+ };
+ options.wide_links = mkOption {
+ type = types.enum [ "yes" "no" ];
+ default = "no";
+ description = lib.mdDoc "Set this to yes to allow symlinks that point outside user-defined media_dirs.";
+ };
};
};
+ imports = [
+ (mkRemovedOptionModule [ "services" "minidlna" "config" ] "")
+ (mkRemovedOptionModule [ "services" "minidlna" "extraConfig" ] "")
+ (mkRenamedOptionModule [ "services" "minidlna" "loglevel"] [ "services" "minidlna" "settings" "log_level" ])
+ (mkRenamedOptionModule [ "services" "minidlna" "rootContainer"] [ "services" "minidlna" "settings" "root_container" ])
+ (mkRenamedOptionModule [ "services" "minidlna" "mediaDirs"] [ "services" "minidlna" "settings" "media_dir" ])
+ (mkRenamedOptionModule [ "services" "minidlna" "friendlyName"] [ "services" "minidlna" "settings" "friendly_name" ])
+ (mkRenamedOptionModule [ "services" "minidlna" "announceInterval"] [ "services" "minidlna" "settings" "notify_interval" ])
+ ];
+
###### implementation
config = mkIf cfg.enable {
- services.minidlna.config =
- ''
- port=${toString port}
- friendly_name=${cfg.friendlyName}
- db_dir=/var/cache/minidlna
- log_level=${cfg.loglevel}
- inotify=yes
- root_container=${cfg.rootContainer}
- ${concatMapStrings (dir: ''
- media_dir=${dir}
- '') cfg.mediaDirs}
- notify_interval=${toString cfg.announceInterval}
- ${cfg.extraConfig}
- '';
+ networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.port ];
+ networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [ 1900 ];
users.users.minidlna = {
description = "MiniDLNA daemon user";
@@ -186,7 +158,7 @@ in
PIDFile = "/run/minidlna/pid";
ExecStart =
"${pkgs.minidlna}/sbin/minidlnad -S -P /run/minidlna/pid" +
- " -f ${pkgs.writeText "minidlna.conf" cfg.config}";
+ " -f ${settingsFile}";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/miniupnpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/miniupnpd.nix
index c095d994854..524270edd1c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/miniupnpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/miniupnpd.nix
@@ -23,7 +23,7 @@ in
externalInterface = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the external interface.
'';
};
@@ -31,7 +31,7 @@ in
internalIPs = mkOption {
type = types.listOf types.str;
example = [ "192.168.1.1/24" "enp1s0" ];
- description = ''
+ description = lib.mdDoc ''
The IP address ranges to listen on.
'';
};
@@ -41,7 +41,7 @@ in
upnp = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable UPNP support.
'';
};
@@ -49,7 +49,7 @@ in
appendConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Configuration lines appended to the MiniUPnP config.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/miredo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/miredo.nix
index b7f657efb71..5e42678c32f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/miredo.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/miredo.nix
@@ -26,7 +26,7 @@ in
type = types.package;
default = pkgs.miredo;
defaultText = literalExpression "pkgs.miredo";
- description = ''
+ description = lib.mdDoc ''
The package to use for the miredo daemon's binary.
'';
};
@@ -34,7 +34,7 @@ in
serverAddress = mkOption {
default = "teredo.remlab.net";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The hostname or primary IPv4 address of the Teredo server.
This setting is required if Miredo runs as a Teredo client.
"teredo.remlab.net" is an experimental service for testing only.
@@ -45,7 +45,7 @@ in
interfaceName = mkOption {
default = "teredo";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the network tunneling interface.
'';
};
@@ -53,7 +53,7 @@ in
bindAddress = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
'';
@@ -62,7 +62,7 @@ in
bindPort = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mjpg-streamer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mjpg-streamer.nix
index dbc35e2e71c..8b490f0248b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mjpg-streamer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mjpg-streamer.nix
@@ -17,7 +17,7 @@ in {
inputPlugin = mkOption {
type = types.str;
default = "input_uvc.so";
- description = ''
+ description = lib.mdDoc ''
Input plugin. See plugins documentation for more information.
'';
};
@@ -25,8 +25,8 @@ in {
outputPlugin = mkOption {
type = types.str;
default = "output_http.so -w @www@ -n -p 5050";
- description = ''
- Output plugin. @www@ is substituted for default mjpg-streamer www directory.
+ description = lib.mdDoc ''
+ Output plugin. `@www@` is substituted for default mjpg-streamer www directory.
See plugins documentation for more information.
'';
};
@@ -34,13 +34,13 @@ in {
user = mkOption {
type = types.str;
default = "mjpg-streamer";
- description = "mjpg-streamer user name.";
+ description = lib.mdDoc "mjpg-streamer user name.";
};
group = mkOption {
type = types.str;
default = "video";
- description = "mjpg-streamer group name.";
+ description = lib.mdDoc "mjpg-streamer group name.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/monero.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/monero.nix
index 8bed89917c8..032f6df4e79 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/monero.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/monero.nix
@@ -55,7 +55,7 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/monero";
- description = ''
+ description = lib.mdDoc ''
The directory where Monero stores its data files.
'';
};
@@ -63,7 +63,7 @@ in
mining.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to mine monero.
'';
};
@@ -71,7 +71,7 @@ in
mining.address = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Monero address where to send mining rewards.
'';
};
@@ -79,16 +79,16 @@ in
mining.threads = mkOption {
type = types.addCheck types.int (x: x>=0);
default = 0;
- description = ''
+ description = lib.mdDoc ''
Number of threads used for mining.
- Set to 0 to use all available.
+ Set to `0` to use all available.
'';
};
rpc.user = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
User name for RPC connections.
'';
};
@@ -96,7 +96,7 @@ in
rpc.password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Password for RPC connections.
'';
};
@@ -104,7 +104,7 @@ in
rpc.address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
IP address the RPC server will bind to.
'';
};
@@ -112,7 +112,7 @@ in
rpc.port = mkOption {
type = types.port;
default = 18081;
- description = ''
+ description = lib.mdDoc ''
Port the RPC server will bind to.
'';
};
@@ -120,7 +120,7 @@ in
rpc.restricted = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to restrict RPC to view only commands.
'';
};
@@ -128,43 +128,43 @@ in
limits.upload = mkOption {
type = types.addCheck types.int (x: x>=-1);
default = -1;
- description = ''
+ description = lib.mdDoc ''
Limit of the upload rate in kB/s.
- Set to -1 to leave unlimited.
+ Set to `-1` to leave unlimited.
'';
};
limits.download = mkOption {
type = types.addCheck types.int (x: x>=-1);
default = -1;
- description = ''
+ description = lib.mdDoc ''
Limit of the download rate in kB/s.
- Set to -1 to leave unlimited.
+ Set to `-1` to leave unlimited.
'';
};
limits.threads = mkOption {
type = types.addCheck types.int (x: x>=0);
default = 0;
- description = ''
+ description = lib.mdDoc ''
Maximum number of threads used for a parallel job.
- Set to 0 to leave unlimited.
+ Set to `0` to leave unlimited.
'';
};
limits.syncSize = mkOption {
type = types.addCheck types.int (x: x>=0);
default = 0;
- description = ''
+ description = lib.mdDoc ''
Maximum number of blocks to sync at once.
- Set to 0 for adaptive.
+ Set to `0` for adaptive.
'';
};
extraNodes = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of additional peer IP addresses to add to the local list.
'';
};
@@ -172,7 +172,7 @@ in
priorityNodes = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of peer IP addresses to connect to and
attempt to keep the connection open.
'';
@@ -190,7 +190,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra lines to be added verbatim to monerod configuration.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/morty.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/morty.nix
index dff2f482ca6..cc5d7998f36 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/morty.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/morty.nix
@@ -22,43 +22,43 @@ in
ipv6 = mkOption {
type = types.bool;
default = true;
- description = "Allow IPv6 HTTP requests?";
+ description = lib.mdDoc "Allow IPv6 HTTP requests?";
};
key = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
HMAC url validation key (hexadecimal encoded).
Leave blank to disable. Without validation key, anyone can
submit proxy requests. Leave blank to disable.
- Generate with printf %s somevalue | openssl dgst -sha1 -hmac somekey
+ Generate with `printf %s somevalue | openssl dgst -sha1 -hmac somekey`
'';
};
timeout = mkOption {
type = types.int;
default = 2;
- description = "Request timeout in seconds.";
+ description = lib.mdDoc "Request timeout in seconds.";
};
package = mkOption {
type = types.package;
default = pkgs.morty;
defaultText = literalExpression "pkgs.morty";
- description = "morty package to use.";
+ description = lib.mdDoc "morty package to use.";
};
port = mkOption {
type = types.int;
default = 3000;
- description = "Listing port";
+ description = lib.mdDoc "Listing port";
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "The address on which the service listens";
+ description = lib.mdDoc "The address on which the service listens";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mosquitto.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mosquitto.nix
index 70c6725d103..49f0cc90122 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mosquitto.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mosquitto.nix
@@ -36,7 +36,7 @@ let
password = mkOption {
type = uniq (nullOr str);
default = null;
- description = ''
+ description = lib.mdDoc ''
Specifies the (clear text) password for the MQTT User.
'';
};
@@ -45,7 +45,7 @@ let
type = uniq (nullOr types.path);
example = "/path/to/file";
default = null;
- description = ''
+ description = lib.mdDoc ''
Specifies the path to a file containing the
clear text password for the MQTT user.
'';
@@ -77,7 +77,7 @@ let
type = listOf str;
example = [ "read A/B" "readwrite A/#" ];
default = [];
- description = ''
+ description = lib.mdDoc ''
Control client access to topics on the broker.
'';
};
@@ -231,7 +231,7 @@ let
options = {
port = mkOption {
type = port;
- description = ''
+ description = lib.mdDoc ''
Port to listen on. Must be set to 0 to listen on a unix domain socket.
'';
default = 1883;
@@ -259,7 +259,7 @@ let
users = mkOption {
type = attrsOf userOptions;
example = { john = { password = "123456"; acl = [ "readwrite john/#" ]; }; };
- description = ''
+ description = lib.mdDoc ''
A set of users and their passwords and ACLs.
'';
default = {};
@@ -267,7 +267,7 @@ let
omitPasswordAuth = mkOption {
type = bool;
- description = ''
+ description = lib.mdDoc ''
Omits password checking, allowing anyone to log in with any user name unless
other mandatory authentication methods (eg TLS client certificates) are configured.
'';
@@ -276,7 +276,7 @@ let
acl = mkOption {
type = listOf str;
- description = ''
+ description = lib.mdDoc ''
Additional ACL items to prepend to the generated ACL file.
'';
example = [ "pattern read #" "topic readwrite anon/report/#" ];
@@ -287,7 +287,7 @@ let
type = submodule {
freeformType = attrsOf optionType;
};
- description = ''
+ description = lib.mdDoc ''
Additional settings for this listener.
'';
default = {};
@@ -354,14 +354,14 @@ let
options = {
address = mkOption {
type = str;
- description = ''
+ description = lib.mdDoc ''
Address of the remote MQTT broker.
'';
};
port = mkOption {
type = port;
- description = ''
+ description = lib.mdDoc ''
Port of the remote MQTT broker.
'';
default = 1883;
@@ -369,17 +369,17 @@ let
};
});
default = [];
- description = ''
+ description = lib.mdDoc ''
Remote endpoints for the bridge.
'';
};
topics = mkOption {
type = listOf str;
- description = ''
+ description = lib.mdDoc ''
Topic patterns to be shared between the two brokers.
- Refer to the
- mosquitto.conf documentation for details on the format.
+ Refer to the [
+ mosquitto.conf documentation](https://mosquitto.org/man/mosquitto-conf-5.html) for details on the format.
'';
default = [];
example = [ "# both 2 local/topic/ remote/topic/" ];
@@ -389,7 +389,7 @@ let
type = submodule {
freeformType = attrsOf optionType;
};
- description = ''
+ description = lib.mdDoc ''
Additional settings for this bridge.
'';
default = {};
@@ -449,7 +449,7 @@ let
type = package;
default = pkgs.mosquitto;
defaultText = literalExpression "pkgs.mosquitto";
- description = ''
+ description = lib.mdDoc ''
Mosquitto package to use.
'';
};
@@ -457,7 +457,7 @@ let
bridges = mkOption {
type = attrsOf bridgeOptions;
default = {};
- description = ''
+ description = lib.mdDoc ''
Bridges to build to other MQTT brokers.
'';
};
@@ -465,7 +465,7 @@ let
listeners = mkOption {
type = listOf listenerOptions;
default = {};
- description = ''
+ description = lib.mdDoc ''
Listeners to configure on this broker.
'';
};
@@ -483,7 +483,7 @@ let
logDest = mkOption {
type = listOf (either path (enum [ "stdout" "stderr" "syslog" "topic" "dlt" ]));
- description = ''
+ description = lib.mdDoc ''
Destinations to send log messages to.
'';
default = [ "stderr" ];
@@ -492,7 +492,7 @@ let
logType = mkOption {
type = listOf (enum [ "debug" "error" "warning" "notice" "information"
"subscribe" "unsubscribe" "websockets" "none" "all" ]);
- description = ''
+ description = lib.mdDoc ''
Types of messages to log.
'';
default = [];
@@ -500,7 +500,7 @@ let
persistence = mkOption {
type = bool;
- description = ''
+ description = lib.mdDoc ''
Enable persistent storage of subscriptions and messages.
'';
default = true;
@@ -509,7 +509,7 @@ let
dataDir = mkOption {
default = "/var/lib/mosquitto";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The data directory.
'';
};
@@ -518,7 +518,7 @@ let
type = submodule {
freeformType = attrsOf optionType;
};
- description = ''
+ description = lib.mdDoc ''
Global configuration options for the mosquitto broker.
'';
default = {};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mozillavpn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mozillavpn.nix
index e35ba65314e..71cbb047041 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mozillavpn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mozillavpn.nix
@@ -4,7 +4,7 @@
options.services.mozillavpn.enable = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the Mozilla VPN daemon.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mstpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mstpd.nix
index bd71010ce54..ba82c5ac823 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mstpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mstpd.nix
@@ -9,7 +9,7 @@ with lib;
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the multiple spanning tree protocol daemon.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mtprotoproxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mtprotoproxy.nix
index d896f227b82..7ff1cb0b2da 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mtprotoproxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mtprotoproxy.nix
@@ -42,7 +42,7 @@ in
port = mkOption {
type = types.int;
default = 3256;
- description = ''
+ description = lib.mdDoc ''
TCP port to accept mtproto connections on.
'';
};
@@ -53,7 +53,7 @@ in
tg = "00000000000000000000000000000000";
tg2 = "0123456789abcdef0123456789abcdef";
};
- description = ''
+ description = lib.mdDoc ''
Allowed users and their secrets. A secret is a 32 characters long hex string.
'';
};
@@ -61,7 +61,7 @@ in
secureOnly = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Don't allow users to connect in non-secure mode (without random padding).
'';
};
@@ -71,7 +71,7 @@ in
default = null;
# Taken from mtproxyproto's repo.
example = "3c09c680b76ee91a4c25ad51f742267d";
- description = ''
+ description = lib.mdDoc ''
Tag for advertising that can be obtained from @MTProxybot.
'';
};
@@ -82,7 +82,7 @@ in
example = {
STATS_PRINT_PERIOD = 600;
};
- description = ''
+ description = lib.mdDoc ''
Extra configuration options for mtprotoproxy.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mtr-exporter.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mtr-exporter.nix
index ca261074ebd..b95af08d363 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mtr-exporter.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mtr-exporter.nix
@@ -14,32 +14,32 @@ in {
target = mkOption {
type = types.str;
example = "example.org";
- description = "Target to check using MTR.";
+ description = lib.mdDoc "Target to check using MTR.";
};
interval = mkOption {
type = types.int;
default = 60;
- description = "Interval between MTR checks in seconds.";
+ description = lib.mdDoc "Interval between MTR checks in seconds.";
};
port = mkOption {
type = types.port;
default = 8080;
- description = "Listen port for MTR exporter.";
+ description = lib.mdDoc "Listen port for MTR exporter.";
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Listen address for MTR exporter.";
+ description = lib.mdDoc "Listen address for MTR exporter.";
};
mtrFlags = mkOption {
type = with types; listOf str;
default = [];
example = ["-G1"];
- description = "Additional flags to pass to MTR.";
+ description = lib.mdDoc "Additional flags to pass to MTR.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mullvad-vpn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mullvad-vpn.nix
index 9ec1ddc929e..ca60682b4b8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mullvad-vpn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mullvad-vpn.nix
@@ -7,9 +7,9 @@ with lib;
options.services.mullvad-vpn.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
This option enables Mullvad VPN daemon.
- This sets to "loose", which might be undesirable for security.
+ This sets {option}`networking.firewall.checkReversePath` to "loose", which might be undesirable for security.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/multipath.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/multipath.nix
index 1a44184ff6d..3dc6be96e7a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/multipath.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/multipath.nix
@@ -26,7 +26,7 @@ in {
package = mkOption {
type = package;
- description = "multipath-tools package to use";
+ description = lib.mdDoc "multipath-tools package to use";
default = pkgs.multipath-tools;
defaultText = "pkgs.multipath-tools";
};
@@ -44,7 +44,7 @@ in {
}, ...
]
'';
- description = ''
+ description = lib.mdDoc ''
This option allows you to define arrays for use in multipath
groups.
'';
@@ -54,62 +54,62 @@ in {
vendor = mkOption {
type = str;
example = "COMPELNT";
- description = "Regular expression to match the vendor name";
+ description = lib.mdDoc "Regular expression to match the vendor name";
};
product = mkOption {
type = str;
example = "Compellent Vol";
- description = "Regular expression to match the product name";
+ description = lib.mdDoc "Regular expression to match the product name";
};
revision = mkOption {
type = nullOr str;
default = null;
- description = "Regular expression to match the product revision";
+ description = lib.mdDoc "Regular expression to match the product revision";
};
product_blacklist = mkOption {
type = nullOr str;
default = null;
- description = "Products with the given vendor matching this string are blacklisted";
+ description = lib.mdDoc "Products with the given vendor matching this string are blacklisted";
};
alias_prefix = mkOption {
type = nullOr str;
default = null;
- description = "The user_friendly_names prefix to use for this device type, instead of the default mpath";
+ description = lib.mdDoc "The user_friendly_names prefix to use for this device type, instead of the default mpath";
};
vpd_vendor = mkOption {
type = nullOr str;
default = null;
- description = "The vendor specific vpd page information, using the vpd page abbreviation";
+ description = lib.mdDoc "The vendor specific vpd page information, using the vpd page abbreviation";
};
hardware_handler = mkOption {
type = nullOr (enum [ "emc" "rdac" "hp_sw" "alua" "ana" ]);
default = null;
- description = "The hardware handler to use for this device type";
+ description = lib.mdDoc "The hardware handler to use for this device type";
};
# Optional arguments
path_grouping_policy = mkOption {
type = nullOr (enum [ "failover" "multibus" "group_by_serial" "group_by_prio" "group_by_node_name" ]);
default = null; # real default: "failover"
- description = "The default path grouping policy to apply to unspecified multipaths";
+ description = lib.mdDoc "The default path grouping policy to apply to unspecified multipaths";
};
uid_attribute = mkOption {
type = nullOr str;
default = null;
- description = "The udev attribute providing a unique path identifier (WWID)";
+ description = lib.mdDoc "The udev attribute providing a unique path identifier (WWID)";
};
getuid_callout = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
(Superseded by uid_attribute) The default program and args to callout
to obtain a unique path identifier. Should be specified with an absolute path.
'';
@@ -123,13 +123,13 @@ in {
''"historical-service-time 0"''
]);
default = null; # real default: "service-time 0"
- description = "The default path selector algorithm to use; they are offered by the kernel multipath target";
+ description = lib.mdDoc "The default path selector algorithm to use; they are offered by the kernel multipath target";
};
path_checker = mkOption {
type = enum [ "readsector0" "tur" "emc_clariion" "hp_sw" "rdac" "directio" "cciss_tur" "none" ];
default = "tur";
- description = "The default method used to determine the paths state";
+ description = lib.mdDoc "The default method used to determine the paths state";
};
prio = mkOption {
@@ -138,31 +138,31 @@ in {
"random" "weightedpath" "path_latency" "ana" "datacore" "iet"
]);
default = null; # real default: "const"
- description = "The name of the path priority routine";
+ description = lib.mdDoc "The name of the path priority routine";
};
prio_args = mkOption {
type = nullOr str;
default = null;
- description = "Arguments to pass to to the prio function";
+ description = lib.mdDoc "Arguments to pass to to the prio function";
};
features = mkOption {
type = nullOr str;
default = null;
- description = "Specify any device-mapper features to be used";
+ description = lib.mdDoc "Specify any device-mapper features to be used";
};
failback = mkOption {
type = nullOr str;
default = null; # real default: "manual"
- description = "Tell multipathd how to manage path group failback. Quote integers as strings";
+ description = lib.mdDoc "Tell multipathd how to manage path group failback. Quote integers as strings";
};
rr_weight = mkOption {
type = nullOr (enum [ "priorities" "uniform" ]);
default = null; # real default: "uniform"
- description = ''
+ description = lib.mdDoc ''
If set to priorities the multipath configurator will assign path weights
as "path prio * rr_min_io".
'';
@@ -171,13 +171,13 @@ in {
no_path_retry = mkOption {
type = nullOr str;
default = null; # real default: "fail"
- description = "Specify what to do when all paths are down. Quote integers as strings";
+ description = lib.mdDoc "Specify what to do when all paths are down. Quote integers as strings";
};
rr_min_io = mkOption {
type = nullOr int;
default = null; # real default: 1000
- description = ''
+ description = lib.mdDoc ''
Number of I/O requests to route to a path before switching to the next in the
same path group. This is only for Block I/O (BIO) based multipath and
only apply to round-robin path_selector.
@@ -187,7 +187,7 @@ in {
rr_min_io_rq = mkOption {
type = nullOr int;
default = null; # real default: 1
- description = ''
+ description = lib.mdDoc ''
Number of I/O requests to route to a path before switching to the next in the
same path group. This is only for Request based multipath and
only apply to round-robin path_selector.
@@ -197,7 +197,7 @@ in {
fast_io_fail_tmo = mkOption {
type = nullOr str;
default = null; # real default: 5
- description = ''
+ description = lib.mdDoc ''
Specify the number of seconds the SCSI layer will wait after a problem has been
detected on a FC remote port before failing I/O to devices on that remote port.
This should be smaller than dev_loss_tmo. Setting this to "off" will disable
@@ -208,7 +208,7 @@ in {
dev_loss_tmo = mkOption {
type = nullOr str;
default = null; # real default: 600
- description = ''
+ description = lib.mdDoc ''
Specify the number of seconds the SCSI layer will wait after a problem has
been detected on a FC remote port before removing it from the system. This
can be set to "infinity" which sets it to the max value of 2147483647
@@ -224,7 +224,7 @@ in {
flush_on_last_del = mkOption {
type = nullOr (enum [ "yes" "no" ]);
default = null; # real default: "no"
- description = ''
+ description = lib.mdDoc ''
If set to "yes" multipathd will disable queueing when the last path to a
device has been deleted.
'';
@@ -233,7 +233,7 @@ in {
user_friendly_names = mkOption {
type = nullOr (enum [ "yes" "no" ]);
default = null; # real default: "no"
- description = ''
+ description = lib.mdDoc ''
If set to "yes", using the bindings file /etc/multipath/bindings
to assign a persistent and unique alias to the multipath, in the
form of mpath. If set to "no" use the WWID as the alias. In either
@@ -245,7 +245,7 @@ in {
detect_prio = mkOption {
type = nullOr (enum [ "yes" "no" ]);
default = null; # real default: "yes"
- description = ''
+ description = lib.mdDoc ''
If set to "yes", multipath will try to detect if the device supports
SCSI-3 ALUA. If so, the device will automatically use the sysfs
prioritizer if the required sysf attributes access_state and
@@ -257,7 +257,7 @@ in {
detect_checker = mkOption {
type = nullOr (enum [ "yes" "no" ]);
default = null; # real default: "yes"
- description = ''
+ description = lib.mdDoc ''
If set to "yes", multipath will try to detect if the device supports
SCSI-3 ALUA. If so, the device will automatically use the tur checker.
If set to "no", the checker will be selected as usual.
@@ -267,7 +267,7 @@ in {
deferred_remove = mkOption {
type = nullOr (enum [ "yes" "no" ]);
default = null; # real default: "no"
- description = ''
+ description = lib.mdDoc ''
If set to "yes", multipathd will do a deferred remove instead of a
regular remove when the last path device has been deleted. This means
that if the multipath device is still in use, it will be freed when
@@ -279,7 +279,7 @@ in {
san_path_err_threshold = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
If set to a value greater than 0, multipathd will watch paths and check
how many times a path has been failed due to errors.If the number of
failures on a particular path is greater then the san_path_err_threshold,
@@ -292,7 +292,7 @@ in {
san_path_err_forget_rate = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
If set to a value greater than 0, multipathd will check whether the path
failures has exceeded the san_path_err_threshold within this many checks
i.e san_path_err_forget_rate. If so we will not reinstante the path till
@@ -303,7 +303,7 @@ in {
san_path_err_recovery_time = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
If set to a value greater than 0, multipathd will make sure that when
path failures has exceeded the san_path_err_threshold within
san_path_err_forget_rate then the path will be placed in failed state
@@ -316,61 +316,61 @@ in {
marginal_path_err_sample_time = mkOption {
type = nullOr int;
default = null;
- description = "One of the four parameters of supporting path check based on accounting IO error such as intermittent error";
+ description = lib.mdDoc "One of the four parameters of supporting path check based on accounting IO error such as intermittent error";
};
marginal_path_err_rate_threshold = mkOption {
type = nullOr int;
default = null;
- description = "The error rate threshold as a permillage (1/1000)";
+ description = lib.mdDoc "The error rate threshold as a permillage (1/1000)";
};
marginal_path_err_recheck_gap_time = mkOption {
type = nullOr str;
default = null;
- description = "One of the four parameters of supporting path check based on accounting IO error such as intermittent error";
+ description = lib.mdDoc "One of the four parameters of supporting path check based on accounting IO error such as intermittent error";
};
marginal_path_double_failed_time = mkOption {
type = nullOr str;
default = null;
- description = "One of the four parameters of supporting path check based on accounting IO error such as intermittent error";
+ description = lib.mdDoc "One of the four parameters of supporting path check based on accounting IO error such as intermittent error";
};
delay_watch_checks = mkOption {
type = nullOr str;
default = null;
- description = "This option is deprecated, and mapped to san_path_err_forget_rate";
+ description = lib.mdDoc "This option is deprecated, and mapped to san_path_err_forget_rate";
};
delay_wait_checks = mkOption {
type = nullOr str;
default = null;
- description = "This option is deprecated, and mapped to san_path_err_recovery_time";
+ description = lib.mdDoc "This option is deprecated, and mapped to san_path_err_recovery_time";
};
skip_kpartx = mkOption {
type = nullOr (enum [ "yes" "no" ]);
default = null; # real default: "no"
- description = "If set to yes, kpartx will not automatically create partitions on the device";
+ description = lib.mdDoc "If set to yes, kpartx will not automatically create partitions on the device";
};
max_sectors_kb = mkOption {
type = nullOr int;
default = null;
- description = "Sets the max_sectors_kb device parameter on all path devices and the multipath device to the specified value";
+ description = lib.mdDoc "Sets the max_sectors_kb device parameter on all path devices and the multipath device to the specified value";
};
ghost_delay = mkOption {
type = nullOr int;
default = null;
- description = "Sets the number of seconds that multipath will wait after creating a device with only ghost paths before marking it ready for use in systemd";
+ description = lib.mdDoc "Sets the number of seconds that multipath will wait after creating a device with only ghost paths before marking it ready for use in systemd";
};
all_tg_pt = mkOption {
type = nullOr str;
default = null;
- description = "Set the 'all targets ports' flag when registering keys with mpathpersist";
+ description = lib.mdDoc "Set the 'all targets ports' flag when registering keys with mpathpersist";
};
};
@@ -380,7 +380,7 @@ in {
defaults = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
This section defines default values for attributes which are used
whenever no values are given in the appropriate device or multipath
sections.
@@ -390,7 +390,7 @@ in {
blacklist = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
This section defines which devices should be excluded from the
multipath topology discovery.
'';
@@ -399,7 +399,7 @@ in {
blacklist_exceptions = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
This section defines which devices should be included in the
multipath topology discovery, despite being listed in the
blacklist section.
@@ -409,7 +409,7 @@ in {
overrides = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
This section defines values for attributes that should override the
device-specific settings for all devices.
'';
@@ -418,13 +418,13 @@ in {
extraConfig = mkOption {
type = nullOr str;
default = null;
- description = "Lines to append to default multipath.conf";
+ description = lib.mdDoc "Lines to append to default multipath.conf";
};
extraConfigFile = mkOption {
type = nullOr str;
default = null;
- description = "Append an additional file's contents to /etc/multipath.conf";
+ description = lib.mdDoc "Append an additional file's contents to /etc/multipath.conf";
};
pathGroups = mkOption {
@@ -439,7 +439,7 @@ in {
}, ...
]
'';
- description = ''
+ description = lib.mdDoc ''
This option allows you to define multipath groups as described
in http://christophe.varoqui.free.fr/usage.html.
'';
@@ -449,34 +449,34 @@ in {
alias = mkOption {
type = int;
example = 1001234;
- description = "The name of the multipath device";
+ description = lib.mdDoc "The name of the multipath device";
};
wwid = mkOption {
type = hexStr;
example = "360080e500043b35c0123456789abcdef";
- description = "The identifier for the multipath device";
+ description = lib.mdDoc "The identifier for the multipath device";
};
array = mkOption {
type = str;
default = null;
example = "bigarray.example.com";
- description = "The DNS name of the storage array";
+ description = lib.mdDoc "The DNS name of the storage array";
};
fsType = mkOption {
type = nullOr str;
default = null;
example = "zfs";
- description = "Type of the filesystem";
+ description = lib.mdDoc "Type of the filesystem";
};
options = mkOption {
type = nullOr str;
default = null;
example = "ro";
- description = "Options used to mount the file system";
+ description = lib.mdDoc "Options used to mount the file system";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/murmur.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/murmur.nix
index 06ec04dbbf1..3bff9faa6a3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/murmur.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/murmur.nix
@@ -56,23 +56,31 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "If enabled, start the Murmur Mumble server.";
+ description = lib.mdDoc "If enabled, start the Murmur Mumble server.";
+ };
+
+ openFirewall = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ Open ports in the firewall for the Murmur Mumble server.
+ '';
};
autobanAttempts = mkOption {
type = types.int;
default = 10;
- description = ''
+ description = lib.mdDoc ''
Number of attempts a client is allowed to make in
- autobanTimeframe seconds, before being
- banned for autobanTime.
+ `autobanTimeframe` seconds, before being
+ banned for `autobanTime`.
'';
};
autobanTimeframe = mkOption {
type = types.int;
default = 120;
- description = ''
+ description = lib.mdDoc ''
Timeframe in which a client can connect without being banned
for repeated attempts (in seconds).
'';
@@ -81,51 +89,51 @@ in
autobanTime = mkOption {
type = types.int;
default = 300;
- description = "The amount of time an IP ban lasts (in seconds).";
+ description = lib.mdDoc "The amount of time an IP ban lasts (in seconds).";
};
logFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/var/log/murmur/murmurd.log";
- description = "Path to the log file for Murmur daemon. Empty means log to journald.";
+ description = lib.mdDoc "Path to the log file for Murmur daemon. Empty means log to journald.";
};
welcometext = mkOption {
type = types.str;
default = "";
- description = "Welcome message for connected clients.";
+ description = lib.mdDoc "Welcome message for connected clients.";
};
port = mkOption {
type = types.port;
default = 64738;
- description = "Ports to bind to (UDP and TCP).";
+ description = lib.mdDoc "Ports to bind to (UDP and TCP).";
};
hostName = mkOption {
type = types.str;
default = "";
- description = "Host to bind to. Defaults binding on all addresses.";
+ description = lib.mdDoc "Host to bind to. Defaults binding on all addresses.";
};
package = mkOption {
type = types.package;
default = pkgs.murmur;
defaultText = literalExpression "pkgs.murmur";
- description = "Overridable attribute of the murmur package to use.";
+ description = lib.mdDoc "Overridable attribute of the murmur package to use.";
};
password = mkOption {
type = types.str;
default = "";
- description = "Required password to join server, if specified.";
+ description = lib.mdDoc "Required password to join server, if specified.";
};
bandwidth = mkOption {
type = types.int;
default = 72000;
- description = ''
+ description = lib.mdDoc ''
Maximum bandwidth (in bits per second) that clients may send
speech at.
'';
@@ -134,25 +142,25 @@ in
users = mkOption {
type = types.int;
default = 100;
- description = "Maximum number of concurrent clients allowed.";
+ description = lib.mdDoc "Maximum number of concurrent clients allowed.";
};
textMsgLength = mkOption {
type = types.int;
default = 5000;
- description = "Max length of text messages. Set 0 for no limit.";
+ description = lib.mdDoc "Max length of text messages. Set 0 for no limit.";
};
imgMsgLength = mkOption {
type = types.int;
default = 131072;
- description = "Max length of image messages. Set 0 for no limit.";
+ description = lib.mdDoc "Max length of image messages. Set 0 for no limit.";
};
allowHtml = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Allow HTML in client messages, comments, and channel
descriptions.
'';
@@ -161,7 +169,7 @@ in
logDays = mkOption {
type = types.int;
default = 31;
- description = ''
+ description = lib.mdDoc ''
How long to store RPC logs for in the database. Set 0 to
keep logs forever, or -1 to disable DB logging.
'';
@@ -170,7 +178,7 @@ in
bonjour = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Bonjour auto-discovery, which allows clients over
your LAN to automatically discover Murmur servers.
'';
@@ -179,13 +187,13 @@ in
sendVersion = mkOption {
type = types.bool;
default = true;
- description = "Send Murmur version in UDP response.";
+ description = lib.mdDoc "Send Murmur version in UDP response.";
};
registerName = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Public server registration name, and also the name of the
Root channel. Even if you don't publicly register your
server, you probably still want to set this.
@@ -195,7 +203,7 @@ in
registerPassword = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Public server registry password, used authenticate your
server to the registry to prevent impersonation; required for
subsequent registry updates.
@@ -205,7 +213,7 @@ in
registerUrl = mkOption {
type = types.str;
default = "";
- description = "URL website for your server.";
+ description = lib.mdDoc "URL website for your server.";
};
registerHostname = mkOption {
@@ -222,31 +230,31 @@ in
clientCertRequired = mkOption {
type = types.bool;
default = false;
- description = "Require clients to authenticate via certificates.";
+ description = lib.mdDoc "Require clients to authenticate via certificates.";
};
sslCert = mkOption {
type = types.str;
default = "";
- description = "Path to your SSL certificate.";
+ description = lib.mdDoc "Path to your SSL certificate.";
};
sslKey = mkOption {
type = types.str;
default = "";
- description = "Path to your SSL key.";
+ description = lib.mdDoc "Path to your SSL key.";
};
sslCa = mkOption {
type = types.str;
default = "";
- description = "Path to your SSL CA certificate.";
+ description = lib.mdDoc "Path to your SSL CA certificate.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Extra configuration to put into murmur.ini.";
+ description = lib.mdDoc "Extra configuration to put into murmur.ini.";
};
environmentFile = mkOption {
@@ -291,6 +299,11 @@ in
gid = config.ids.gids.murmur;
};
+ networking.firewall = mkIf cfg.openFirewall {
+ allowedTCPPorts = [ cfg.port ];
+ allowedUDPPorts = [ cfg.port ];
+ };
+
systemd.services.murmur = {
description = "Murmur Chat Service";
wantedBy = [ "multi-user.target" ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mxisd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mxisd.nix
index 803f0689d1f..9ddc2094b6d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mxisd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/mxisd.nix
@@ -43,26 +43,35 @@ in {
type = types.package;
default = pkgs.ma1sd;
defaultText = literalExpression "pkgs.ma1sd";
- description = "The mxisd/ma1sd package to use";
+ description = lib.mdDoc "The mxisd/ma1sd package to use";
+ };
+
+ environmentFile = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ description = ''
+ Path to an environment-file which may contain secrets to be
+ substituted via envsubst.
+ '';
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/mxisd";
- description = "Where data mxisd/ma1sd uses resides";
+ description = lib.mdDoc "Where data mxisd/ma1sd uses resides";
};
extraConfig = mkOption {
type = types.attrs;
default = {};
- description = "Extra options merged into the mxisd/ma1sd configuration";
+ description = lib.mdDoc "Extra options merged into the mxisd/ma1sd configuration";
};
matrix = {
domain = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
the domain of the matrix homeserver
'';
};
@@ -74,7 +83,7 @@ in {
name = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Public hostname of mxisd/ma1sd, if different from the Matrix domain.
'';
};
@@ -82,7 +91,7 @@ in {
port = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
HTTP port to listen on (unencrypted)
'';
};
@@ -118,7 +127,13 @@ in {
Type = "simple";
User = "mxisd";
Group = "mxisd";
- ExecStart = "${cfg.package}/bin/${executable} -c ${configFile}";
+ EnvironmentFile = mkIf (cfg.environmentFile != null) [ cfg.environmentFile ];
+ ExecStart = "${cfg.package}/bin/${executable} -c ${cfg.dataDir}/mxisd-config.yaml";
+ ExecStartPre = "${pkgs.writeShellScript "mxisd-substitute-secrets" ''
+ umask 0077
+ ${pkgs.envsubst}/bin/envsubst -o ${cfg.dataDir}/mxisd-config.yaml \
+ -i ${configFile}
+ ''}";
WorkingDirectory = cfg.dataDir;
Restart = "on-failure";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/namecoind.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/namecoind.nix
index 8f7a5123f7e..45a90741465 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/namecoind.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/namecoind.nix
@@ -49,7 +49,7 @@ in
wallet = mkOption {
type = types.path;
default = "${dataDir}/wallet.dat";
- description = ''
+ description = lib.mdDoc ''
Wallet file. The ownership of the file has to be
namecoin:namecoin, and the permissions must be 0640.
'';
@@ -58,7 +58,7 @@ in
generate = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to generate (mine) Namecoins.
'';
};
@@ -66,7 +66,7 @@ in
extraNodes = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of additional peer IP addresses to connect to.
'';
};
@@ -74,7 +74,7 @@ in
trustedNodes = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of the only peer IP addresses to connect to. If specified
no other connection will be made.
'';
@@ -83,7 +83,7 @@ in
rpc.user = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
User name for RPC connections.
'';
};
@@ -91,7 +91,7 @@ in
rpc.password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Password for RPC connections.
'';
};
@@ -99,7 +99,7 @@ in
rpc.address = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
IP address the RPC server will bind to.
'';
};
@@ -107,7 +107,7 @@ in
rpc.port = mkOption {
type = types.port;
default = 8332;
- description = ''
+ description = lib.mdDoc ''
Port the RPC server will bind to.
'';
};
@@ -116,7 +116,7 @@ in
type = types.nullOr types.path;
default = null;
example = "/var/lib/namecoind/server.cert";
- description = ''
+ description = lib.mdDoc ''
Certificate file for securing RPC connections.
'';
};
@@ -125,7 +125,7 @@ in
type = types.nullOr types.path;
default = null;
example = "/var/lib/namecoind/server.pem";
- description = ''
+ description = lib.mdDoc ''
Key file for securing RPC connections.
'';
};
@@ -134,7 +134,7 @@ in
rpc.allowFrom = mkOption {
type = types.listOf types.str;
default = [ "127.0.0.1" ];
- description = ''
+ description = lib.mdDoc ''
List of IP address ranges allowed to use the RPC API.
Wiledcards (*) can be user to specify a range.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nar-serve.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nar-serve.nix
index 745138186a2..09f019d41bb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nar-serve.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nar-serve.nix
@@ -15,7 +15,7 @@ in
port = mkOption {
type = types.port;
default = 8383;
- description = ''
+ description = lib.mdDoc ''
Port number where nar-serve will listen on.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nat.nix
index 2e58cd699b2..0eb9b158e68 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nat.nix
@@ -136,7 +136,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to enable Network Address Translation (NAT).
'';
};
@@ -145,7 +145,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to enable IPv6 NAT.
'';
};
@@ -155,7 +155,7 @@ in
default = [];
example = [ "eth0" ];
description =
- ''
+ lib.mdDoc ''
The interfaces for which to perform NAT. Packets coming from
these interface and destined for the external interface will
be rewritten.
@@ -167,7 +167,7 @@ in
default = [];
example = [ "192.168.1.0/24" ];
description =
- ''
+ lib.mdDoc ''
The IP address ranges for which to perform NAT. Packets
coming from these addresses (on any interface) and destined
for the external interface will be rewritten.
@@ -179,7 +179,7 @@ in
default = [];
example = [ "fc00::/64" ];
description =
- ''
+ lib.mdDoc ''
The IPv6 address ranges for which to perform NAT. Packets
coming from these addresses (on any interface) and destined
for the external interface will be rewritten.
@@ -191,7 +191,7 @@ in
default = null;
example = "eth1";
description =
- ''
+ lib.mdDoc ''
The name of the external network interface.
'';
};
@@ -201,7 +201,7 @@ in
default = null;
example = "203.0.113.123";
description =
- ''
+ lib.mdDoc ''
The public IP address to which packets from the local
network are to be rewritten. If this is left empty, the
IP address associated with the external interface will be
@@ -214,7 +214,7 @@ in
default = null;
example = "2001:dc0:2001:11::175";
description =
- ''
+ lib.mdDoc ''
The public IPv6 address to which packets from the local
network are to be rewritten. If this is left empty, the
IP address associated with the external interface will be
@@ -228,27 +228,27 @@ in
sourcePort = mkOption {
type = types.either types.int (types.strMatching "[[:digit:]]+:[[:digit:]]+");
example = 8080;
- description = "Source port of the external interface; to specify a port range, use a string with a colon (e.g. \"60000:61000\")";
+ description = lib.mdDoc "Source port of the external interface; to specify a port range, use a string with a colon (e.g. \"60000:61000\")";
};
destination = mkOption {
type = types.str;
example = "10.0.0.1:80";
- description = "Forward connection to destination ip:port (or [ipv6]:port); to specify a port range, use ip:start-end";
+ description = lib.mdDoc "Forward connection to destination ip:port (or [ipv6]:port); to specify a port range, use ip:start-end";
};
proto = mkOption {
type = types.str;
default = "tcp";
example = "udp";
- description = "Protocol of forwarded connection";
+ description = lib.mdDoc "Protocol of forwarded connection";
};
loopbackIPs = mkOption {
type = types.listOf types.str;
default = [];
example = literalExpression ''[ "55.1.2.3" ]'';
- description = "Public IPs for NAT reflection; for connections to `loopbackip:sourcePort' from the host itself and from other hosts behind NAT";
+ description = lib.mdDoc "Public IPs for NAT reflection; for connections to `loopbackip:sourcePort' from the host itself and from other hosts behind NAT";
};
};
});
@@ -258,7 +258,7 @@ in
{ sourcePort = 8080; destination = "[fc00::2]:80"; proto = "tcp"; }
];
description =
- ''
+ lib.mdDoc ''
List of forwarded ports from the external interface to
internal destinations by using DNAT. Destination can be
IPv6 if IPv6 NAT is enabled.
@@ -270,7 +270,7 @@ in
default = null;
example = "10.0.0.1";
description =
- ''
+ lib.mdDoc ''
The local IP address to which all traffic that does not match any
forwarding rule is forwarded.
'';
@@ -281,7 +281,7 @@ in
default = "";
example = "iptables -A INPUT -p icmp -j ACCEPT";
description =
- ''
+ lib.mdDoc ''
Additional shell commands executed as part of the nat
initialisation script.
'';
@@ -292,7 +292,7 @@ in
default = "";
example = "iptables -D INPUT -p icmp -j ACCEPT || true";
description =
- ''
+ lib.mdDoc ''
Additional shell commands executed as part of the nat
teardown script.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nats.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nats.nix
index 3e86a4f07bc..41e38add69f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nats.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nats.nix
@@ -21,20 +21,20 @@ in {
user = mkOption {
type = types.str;
default = "nats";
- description = "User account under which NATS runs.";
+ description = lib.mdDoc "User account under which NATS runs.";
};
group = mkOption {
type = types.str;
default = "nats";
- description = "Group under which NATS runs.";
+ description = lib.mdDoc "Group under which NATS runs.";
};
serverName = mkOption {
default = "nats";
example = "n1-c3";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the NATS server, must be unique if clustered.
'';
};
@@ -44,7 +44,7 @@ in {
port = mkOption {
default = 4222;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Port on which to listen.
'';
};
@@ -52,7 +52,7 @@ in {
dataDir = mkOption {
default = "/var/lib/nats";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The NATS data directory. Only used if JetStream is enabled, for
storing stream metadata and messages.
@@ -74,10 +74,10 @@ in {
};
};
'';
- description = ''
+ description = lib.mdDoc ''
Declarative NATS configuration. See the
-
- NATS documentation for a list of options.
+ [
+ NATS documentation](https://docs.nats.io/nats-server/configuration) for a list of options.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nbd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nbd.nix
index df3358f5187..3a813d10257 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nbd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nbd.nix
@@ -48,7 +48,7 @@ in
listenPort = mkOption {
type = types.port;
default = 10809;
- description = "Port to listen on. The port is NOT automatically opened in the firewall.";
+ description = lib.mdDoc "Port to listen on. The port is NOT automatically opened in the firewall.";
};
extraOptions = mkOption {
@@ -64,14 +64,14 @@ in
};
exports = mkOption {
- description = "Files or block devices to make available over the network.";
+ description = lib.mdDoc "Files or block devices to make available over the network.";
default = { };
type = with types; attrsOf
(submodule {
options = {
path = mkOption {
type = str;
- description = "File or block device to export.";
+ description = lib.mdDoc "File or block device to export.";
example = "/dev/sdb1";
};
@@ -79,7 +79,7 @@ in
type = nullOr (listOf str);
default = null;
example = [ "10.10.0.0/24" "127.0.0.1" ];
- description = "IPs and subnets that are authorized to connect for this device. If not specified, the server will allow all connections.";
+ description = lib.mdDoc "IPs and subnets that are authorized to connect for this device. If not specified, the server will allow all connections.";
};
extraOptions = mkOption {
@@ -100,7 +100,7 @@ in
listenAddress = mkOption {
type = with types; nullOr str;
- description = "Address to listen on. If not specified, the server will listen on all interfaces.";
+ description = lib.mdDoc "Address to listen on. If not specified, the server will listen on all interfaces.";
default = null;
example = "10.10.0.1";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ncdns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ncdns.nix
index c8d1b6718e2..8ee787b7d79 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ncdns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ncdns.nix
@@ -59,7 +59,7 @@ in
address = mkOption {
type = types.str;
default = "[::1]";
- description = ''
+ description = lib.mdDoc ''
The IP address the ncdns resolver will bind to. Leave this unchanged
if you do not wish to directly expose the resolver.
'';
@@ -68,7 +68,7 @@ in
port = mkOption {
type = types.port;
default = 5333;
- description = ''
+ description = lib.mdDoc ''
The port the ncdns resolver will bind to.
'';
};
@@ -96,7 +96,7 @@ in
type = types.str;
default = "";
example = "root@example.com";
- description = ''
+ description = lib.mdDoc ''
An email address for the SOA record at the bit zone.
If you are only using ncdns locally you can ignore this.
'';
@@ -105,9 +105,9 @@ in
identity.address = mkOption {
type = types.str;
default = "127.127.127.127";
- description = ''
+ description = lib.mdDoc ''
The IP address the hostname specified in
- should resolve to.
+ {option}`services.ncdns.identity.hostname` should resolve to.
If you are only using ncdns locally you can ignore this.
'';
};
@@ -136,7 +136,7 @@ in
dnssec.keys.private = mkOption {
type = types.path;
default = defaultFiles.private;
- description = ''
+ description = lib.mdDoc ''
Path to the file containing the KSK private key.
'';
};
@@ -157,7 +157,7 @@ in
dnssec.keys.zonePrivate = mkOption {
type = types.path;
default = defaultFiles.zonePrivate;
- description = ''
+ description = lib.mdDoc ''
Path to the file containing the ZSK private key.
'';
};
@@ -189,8 +189,8 @@ in
services.pdns-recursor.resolveNamecoin = mkOption {
type = types.bool;
default = false;
- description = ''
- Resolve .bit top-level domains using ncdns and namecoin.
+ description = lib.mdDoc ''
+ Resolve `.bit` top-level domains using ncdns and namecoin.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ndppd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ndppd.nix
index 6046ac860cf..ed97fe233b8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ndppd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ndppd.nix
@@ -26,7 +26,7 @@ let
options = {
interface = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Listen for any Neighbor Solicitation messages on this interface,
and respond to them according to a set of rules.
Defaults to the name of the attrset.
@@ -35,14 +35,14 @@ let
};
router = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Turns on or off the router flag for Neighbor Advertisement Messages.
'';
default = true;
};
timeout = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Controls how long to wait for a Neighbor Advertisment Message before
invalidating the entry, in milliseconds.
'';
@@ -50,7 +50,7 @@ let
};
ttl = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Controls how long a valid or invalid entry remains in the cache, in
milliseconds.
'';
@@ -58,7 +58,7 @@ let
};
rules = mkOption {
type = types.attrsOf rule;
- description = ''
+ description = lib.mdDoc ''
This is a rule that the target address is to match against. If no netmask
is provided, /128 is assumed. You may have several rule sections, and the
addresses may or may not overlap.
@@ -72,7 +72,7 @@ let
options = {
network = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
This is the target address is to match against. If no netmask
is provided, /128 is assumed. The addresses of serveral rules
may or may not overlap.
@@ -82,7 +82,7 @@ let
};
method = mkOption {
type = types.enum [ "static" "iface" "auto" ];
- description = ''
+ description = lib.mdDoc ''
static: Immediately answer any Neighbor Solicitation Messages
(if they match the IP rule).
iface: Forward the Neighbor Solicitation Message through the specified
@@ -95,7 +95,7 @@ let
};
interface = mkOption {
type = types.nullOr types.str;
- description = "Interface to use when method is iface.";
+ description = lib.mdDoc "Interface to use when method is iface.";
default = null;
};
};
@@ -124,12 +124,12 @@ in {
};
configFile = mkOption {
type = types.nullOr types.path;
- description = "Path to configuration file.";
+ description = lib.mdDoc "Path to configuration file.";
default = null;
};
routeTTL = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
This tells 'ndppd' how often to reload the route file /proc/net/ipv6_route,
in milliseconds.
'';
@@ -137,7 +137,7 @@ in {
};
proxies = mkOption {
type = types.attrsOf proxy;
- description = ''
+ description = lib.mdDoc ''
This sets up a listener, that will listen for any Neighbor Solicitation
messages, and respond to them according to a set of rules.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nebula.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nebula.nix
index c83cd9d521c..2bedafc5d9f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nebula.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nebula.nix
@@ -17,45 +17,45 @@ in
options = {
services.nebula = {
networks = mkOption {
- description = "Nebula network definitions.";
+ description = lib.mdDoc "Nebula network definitions.";
default = {};
type = types.attrsOf (types.submodule {
options = {
enable = mkOption {
type = types.bool;
default = true;
- description = "Enable or disable this network.";
+ description = lib.mdDoc "Enable or disable this network.";
};
package = mkOption {
type = types.package;
default = pkgs.nebula;
defaultText = literalExpression "pkgs.nebula";
- description = "Nebula derivation to use.";
+ description = lib.mdDoc "Nebula derivation to use.";
};
ca = mkOption {
type = types.path;
- description = "Path to the certificate authority certificate.";
+ description = lib.mdDoc "Path to the certificate authority certificate.";
example = "/etc/nebula/ca.crt";
};
cert = mkOption {
type = types.path;
- description = "Path to the host certificate.";
+ description = lib.mdDoc "Path to the host certificate.";
example = "/etc/nebula/host.crt";
};
key = mkOption {
type = types.path;
- description = "Path to the host key.";
+ description = lib.mdDoc "Path to the host key.";
example = "/etc/nebula/host.key";
};
staticHostMap = mkOption {
type = types.attrsOf (types.listOf (types.str));
default = {};
- description = ''
+ description = lib.mdDoc ''
The static host map defines a set of hosts with fixed IP addresses on the internet (or any network).
A host can have multiple fixed IP addresses defined here, and nebula will try each when establishing a tunnel.
'';
@@ -65,13 +65,13 @@ in
isLighthouse = mkOption {
type = types.bool;
default = false;
- description = "Whether this node is a lighthouse.";
+ description = lib.mdDoc "Whether this node is a lighthouse.";
};
lighthouses = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of IPs of lighthouse hosts this node should report to and query from. This should be empty on lighthouse
nodes. The IPs should be the lighthouse's Nebula IPs, not their external IPs.
'';
@@ -81,19 +81,19 @@ in
listen.host = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "IP address to listen on.";
+ description = lib.mdDoc "IP address to listen on.";
};
listen.port = mkOption {
type = types.port;
default = 4242;
- description = "Port number to listen on.";
+ description = lib.mdDoc "Port number to listen on.";
};
tun.disable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
When tun is disabled, a lighthouse can be started without a local tun interface (and therefore without root).
'';
};
@@ -101,29 +101,29 @@ in
tun.device = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Name of the tun device. Defaults to nebula.\${networkName}.";
+ description = lib.mdDoc "Name of the tun device. Defaults to nebula.\${networkName}.";
};
firewall.outbound = mkOption {
type = types.listOf types.attrs;
default = [];
- description = "Firewall rules for outbound traffic.";
+ description = lib.mdDoc "Firewall rules for outbound traffic.";
example = [ { port = "any"; proto = "any"; host = "any"; } ];
};
firewall.inbound = mkOption {
type = types.listOf types.attrs;
default = [];
- description = "Firewall rules for inbound traffic.";
+ description = lib.mdDoc "Firewall rules for inbound traffic.";
example = [ { port = "any"; proto = "any"; host = "any"; } ];
};
settings = mkOption {
type = format.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Nebula configuration. Refer to
-
+
for details on supported values.
'';
example = literalExpression ''
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/networkmanager.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/networkmanager.nix
index 242afd548df..7abdf16b153 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/networkmanager.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/networkmanager.nix
@@ -157,10 +157,10 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use NetworkManager to obtain an IP address and other
configuration for all network interfaces that are not manually
- configured. If enabled, a group networkmanager
+ configured. If enabled, a group `networkmanager`
will be created. Add all users that should have permission
to change network settings to this group.
'';
@@ -243,7 +243,7 @@ in {
in
types.listOf networkManagerPluginPackage;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of NetworkManager plug-ins to enable.
Some plug-ins are enabled by the NetworkManager module by default.
'';
@@ -252,7 +252,7 @@ in {
dhcp = mkOption {
type = types.enum [ "dhcpcd" "internal" ];
default = "internal";
- description = ''
+ description = lib.mdDoc ''
Which program (or internal library) should be used for DHCP.
'';
};
@@ -260,7 +260,7 @@ in {
firewallBackend = mkOption {
type = types.enum [ "iptables" "nftables" "none" ];
default = "iptables";
- description = ''
+ description = lib.mdDoc ''
Which firewall backend should be used for configuring masquerading with shared mode.
If set to none, NetworkManager doesn't manage the configuration at all.
'';
@@ -269,7 +269,7 @@ in {
logLevel = mkOption {
type = types.enum [ "OFF" "ERR" "WARN" "INFO" "DEBUG" "TRACE" ];
default = "WARN";
- description = ''
+ description = lib.mdDoc ''
Set the default logging verbosity level.
'';
};
@@ -277,7 +277,7 @@ in {
appendNameservers = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of name servers that should be appended
to the ones configured in NetworkManager or received by DHCP.
'';
@@ -286,7 +286,7 @@ in {
insertNameservers = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of name servers that should be inserted before
the ones configured in NetworkManager or received by DHCP.
'';
@@ -300,16 +300,16 @@ in {
backend = mkOption {
type = types.enum [ "wpa_supplicant" "iwd" ];
default = "wpa_supplicant";
- description = ''
+ description = lib.mdDoc ''
Specify the Wi-Fi backend used for the device.
- Currently supported are or (experimental).
+ Currently supported are {option}`wpa_supplicant` or {option}`iwd` (experimental).
'';
};
powersave = mkOption {
type = types.nullOr types.bool;
default = null;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Wi-Fi power saving.
'';
};
@@ -317,7 +317,7 @@ in {
scanRandMacAddress = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable MAC address randomization of a Wi-Fi device
during scanning.
'';
@@ -348,7 +348,7 @@ in {
options = {
source = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the hook script.
'';
};
@@ -380,7 +380,7 @@ in {
''';
type = "basic";
} ]'';
- description = ''
+ description = lib.mdDoc ''
A list of scripts which will be executed in response to network events.
'';
};
@@ -401,10 +401,10 @@ in {
enableFccUnlock = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable FCC unlock procedures. Since release 1.18.4, the ModemManager daemon no longer
automatically performs the FCC unlock procedure by default. See
- the docs
+ [the docs](https://modemmanager.org/docs/modemmanager/fcc-unlock/)
for more details.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nextdns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nextdns.nix
index b070eeec894..697fa605049 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nextdns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nextdns.nix
@@ -10,13 +10,13 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the NextDNS DNS/53 to DoH Proxy service.";
+ description = lib.mdDoc "Whether to enable the NextDNS DNS/53 to DoH Proxy service.";
};
arguments = mkOption {
type = types.listOf types.str;
default = [];
example = [ "-config" "10.0.3.0/24=abcdef" ];
- description = "Additional arguments to be passed to nextdns run.";
+ description = lib.mdDoc "Additional arguments to be passed to nextdns run.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nftables.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nftables.nix
index b911f97491e..4e7d5ce59ce 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nftables.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nftables.nix
@@ -77,7 +77,7 @@ in
}
'';
description =
- ''
+ lib.mdDoc ''
The ruleset to be used with nftables. Should be in a format that
can be loaded using "/bin/nft -f". The ruleset is updated atomically.
'';
@@ -90,7 +90,7 @@ in
};
defaultText = literalDocBook ''a file with the contents of '';
description =
- ''
+ lib.mdDoc ''
The ruleset file to be used with nftables. Should be in a format that
can be loaded using "nft -f". The ruleset is updated atomically.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/backend-params-submodule.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/backend-params-submodule.nix
index 6523f4b8b9e..510dc02b5c9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/backend-params-submodule.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/backend-params-submodule.nix
@@ -3,7 +3,7 @@
proto = lib.mkOption {
type = lib.types.enum [ "h2" "http/1.1" ];
default = "http/1.1";
- description = ''
+ description = lib.mdDoc ''
This option configures the protocol the backend server expects
to use.
@@ -15,7 +15,7 @@
tls = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
This option determines whether nghttpx will negotiate its
connection with a backend server using TLS or not. The burden
is on the backend server to provide the TLS certificate!
@@ -28,7 +28,7 @@
sni = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Override the TLS SNI field value. This value (in nghttpx)
defaults to the host value of the backend configuration.
@@ -40,7 +40,7 @@
fall = lib.mkOption {
type = lib.types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
If nghttpx cannot connect to the backend N times in a row, the
backend is assumed to be offline and is excluded from load
balancing. If N is 0 the backend is never excluded from load
@@ -54,7 +54,7 @@
rise = lib.mkOption {
type = lib.types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
If the backend is excluded from load balancing, nghttpx will
periodically attempt to make a connection to the backend. If
the connection is successful N times in a row the backend is
@@ -69,7 +69,7 @@
affinity = lib.mkOption {
type = lib.types.enum [ "ip" "none" ];
default = "none";
- description = ''
+ description = lib.mdDoc ''
If "ip" is given, client IP based session affinity is
enabled. If "none" is given, session affinity is disabled.
@@ -91,7 +91,7 @@
dns = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Name resolution of a backends host name is done at start up,
or configuration reload. If "dns" is true, name resolution
takes place dynamically.
@@ -108,7 +108,7 @@
redirect-if-not-tls = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If true, a backend match requires the frontend connection be
TLS encrypted. If it is not, nghttpx responds to the request
with a 308 status code and https URI the client should use
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix
index 33c8572bd14..66c6d7efa6a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/frontend-params-submodule.nix
@@ -3,7 +3,7 @@
tls = lib.mkOption {
type = lib.types.enum [ "tls" "no-tls" ];
default = "tls";
- description = ''
+ description = lib.mdDoc ''
Enable or disable TLS. If true (enabled) the key and
certificate must be configured for nghttpx.
@@ -15,7 +15,7 @@
sni-fwd = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
When performing a match to select a backend server, SNI host
name received from the client is used instead of the request
host. See --backend option about the pattern match.
@@ -28,7 +28,7 @@
api = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable API access for this frontend. This enables you to
dynamically modify nghttpx at run-time therefore this feature
is disabled by default and should be turned on with care.
@@ -41,7 +41,7 @@
healthmon = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Make this frontend a health monitor endpoint. Any request
received on this frontend is responded to with a 200 OK.
@@ -53,7 +53,7 @@
proxyproto = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Accept PROXY protocol version 1 on frontend connection.
Please see https://nghttp2.org/documentation/nghttpx.1.html#cmdoption-nghttpx-f
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/server-options.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/server-options.nix
index ef23bfd793c..48e2a304559 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/server-options.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/server-options.nix
@@ -3,14 +3,14 @@
host = lib.mkOption {
type = lib.types.str;
example = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Server host address.
'';
};
port = lib.mkOption {
type = lib.types.int;
example = 5088;
- description = ''
+ description = lib.mdDoc ''
Server host port.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/tls-submodule.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/tls-submodule.nix
index 8f3cdaae2c8..bb6cdae07e5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/tls-submodule.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nghttpx/tls-submodule.nix
@@ -4,7 +4,7 @@
type = lib.types.str;
example = "/etc/ssl/keys/mykeyfile.key";
default = "/etc/ssl/keys/server.key";
- description = ''
+ description = lib.mdDoc ''
Path to the TLS key file.
'';
};
@@ -13,7 +13,7 @@
type = lib.types.str;
example = "/etc/ssl/certs/mycert.crt";
default = "/etc/ssl/certs/server.crt";
- description = ''
+ description = lib.mdDoc ''
Path to the TLS certificate file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ngircd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ngircd.nix
index c0b9c98fb4b..f6c7415c1d3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ngircd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ngircd.nix
@@ -23,13 +23,13 @@ in {
enable = mkEnableOption "the ngircd IRC server";
config = mkOption {
- description = "The ngircd configuration (see ngircd.conf(5)).";
+ description = lib.mdDoc "The ngircd configuration (see ngircd.conf(5)).";
type = types.lines;
};
package = mkOption {
- description = "The ngircd package.";
+ description = lib.mdDoc "The ngircd package.";
type = types.package;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nix-serve.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nix-serve.nix
index 432938d59d9..04cbc0c0d8f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nix-serve.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nix-serve.nix
@@ -13,7 +13,7 @@ in
port = mkOption {
type = types.port;
default = 5000;
- description = ''
+ description = lib.mdDoc ''
Port number where nix-serve will listen on.
'';
};
@@ -21,7 +21,7 @@ in
bindAddress = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
IP address where nix-serve will bind its listening socket.
'';
};
@@ -29,7 +29,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for nix-serve.";
+ description = lib.mdDoc "Open ports in the firewall for nix-serve.";
};
secretKeyFile = mkOption {
@@ -50,7 +50,7 @@ in
extraParams = mkOption {
type = types.separatedString " ";
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra command line parameters for nix-serve.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nix-store-gcs-proxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nix-store-gcs-proxy.nix
index 0012302db2e..531b2bde763 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nix-store-gcs-proxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nix-store-gcs-proxy.nix
@@ -9,18 +9,18 @@ let
default = true;
type = types.bool;
example = true;
- description = "Whether to enable proxy for this bucket";
+ description = lib.mdDoc "Whether to enable proxy for this bucket";
};
bucketName = mkOption {
type = types.str;
default = name;
example = "my-bucket-name";
- description = "Name of Google storage bucket";
+ description = lib.mdDoc "Name of Google storage bucket";
};
address = mkOption {
type = types.str;
example = "localhost:3000";
- description = "The address of the proxy.";
+ description = lib.mdDoc "The address of the proxy.";
};
};
};
@@ -31,7 +31,7 @@ in
options.services.nix-store-gcs-proxy = mkOption {
type = types.attrsOf (types.submodule opts);
default = {};
- description = ''
+ description = lib.mdDoc ''
An attribute set describing an HTTP to GCS proxy that allows us to use GCS
bucket via HTTP protocol.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nixops-dns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nixops-dns.nix
index 5e33d872ea4..4abdb50d694 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nixops-dns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nixops-dns.nix
@@ -12,7 +12,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the nixops-dns resolution
of NixOps virtual machines via dnsmasq and fake domain name.
'';
@@ -20,7 +20,7 @@ in
user = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The user the nixops-dns daemon should run as.
This should be the user, which is also used for nixops and
have the .nixops directory in its home.
@@ -29,7 +29,7 @@ in
domain = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Fake domain name to resolve to NixOps virtual machines.
For example "ops" will resolve "vm.ops".
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nntp-proxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nntp-proxy.nix
index a5973cd5933..618ed0a93f1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nntp-proxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nntp-proxy.nix
@@ -65,7 +65,7 @@ in
type = types.str;
default = "";
example = "ssl-eu.astraweb.com";
- description = ''
+ description = lib.mdDoc ''
Upstream server address
'';
};
@@ -73,7 +73,7 @@ in
upstreamPort = mkOption {
type = types.int;
default = 563;
- description = ''
+ description = lib.mdDoc ''
Upstream server port
'';
};
@@ -81,7 +81,7 @@ in
upstreamMaxConnections = mkOption {
type = types.int;
default = 20;
- description = ''
+ description = lib.mdDoc ''
Upstream server maximum allowed concurrent connections
'';
};
@@ -89,7 +89,7 @@ in
upstreamUser = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Upstream server username
'';
};
@@ -97,7 +97,7 @@ in
upstreamPassword = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Upstream server password
'';
};
@@ -106,7 +106,7 @@ in
type = types.str;
default = "127.0.0.1";
example = "[::]";
- description = ''
+ description = lib.mdDoc ''
Proxy listen address (IPv6 literal addresses need to be enclosed in "[" and "]" characters)
'';
};
@@ -114,7 +114,7 @@ in
port = mkOption {
type = types.int;
default = 5555;
- description = ''
+ description = lib.mdDoc ''
Proxy listen port
'';
};
@@ -123,7 +123,7 @@ in
type = types.str;
default = "key.pem";
example = "/path/to/your/key.file";
- description = ''
+ description = lib.mdDoc ''
Proxy ssl key path
'';
};
@@ -132,7 +132,7 @@ in
type = types.str;
default = "cert.pem";
example = "/path/to/your/cert.file";
- description = ''
+ description = lib.mdDoc ''
Proxy ssl certificate path
'';
};
@@ -140,7 +140,7 @@ in
prohibitPosting = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to prohibit posting to the upstream server
'';
};
@@ -149,7 +149,7 @@ in
type = types.enum [ "error" "warning" "notice" "info" "debug" ];
default = "info";
example = "error";
- description = ''
+ description = lib.mdDoc ''
Verbosity level
'';
};
@@ -159,7 +159,7 @@ in
options = {
username = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Username
'';
};
@@ -176,13 +176,13 @@ in
maxConnections = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
Maximum number of concurrent connections to the proxy for this user
'';
};
};
});
- description = ''
+ description = lib.mdDoc ''
NNTP-Proxy user configuration
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nomad.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nomad.nix
index 43333af5e2f..73b6f13327f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nomad.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nomad.nix
@@ -14,7 +14,7 @@ in
type = types.package;
default = pkgs.nomad;
defaultText = literalExpression "pkgs.nomad";
- description = ''
+ description = lib.mdDoc ''
The package used for the Nomad agent and CLI.
'';
};
@@ -33,7 +33,7 @@ in
dropPrivileges = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the nomad agent should be run as a non-root nomad user.
'';
};
@@ -41,7 +41,7 @@ in
enableDocker = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable Docker support. Needed for Nomad's docker driver.
Note that the docker group membership is effectively equivalent
@@ -52,7 +52,7 @@ in
extraSettingsPaths = mkOption {
type = types.listOf types.path;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Additional settings paths used to configure nomad. These can be files or directories.
'';
example = literalExpression ''
@@ -63,7 +63,7 @@ in
extraSettingsPlugins = mkOption {
type = types.listOf (types.either types.package types.path);
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Additional plugins dir used to configure nomad.
'';
example = literalExpression ''
@@ -75,23 +75,23 @@ in
settings = mkOption {
type = format.type;
default = { };
- description = ''
- Configuration for Nomad. See the documentation
+ description = lib.mdDoc ''
+ Configuration for Nomad. See the [documentation](https://www.nomadproject.io/docs/configuration)
for supported values.
- Notes about data_dir:
+ Notes about `data_dir`:
- If data_dir is set to a value other than the
- default value of "/var/lib/nomad" it is the Nomad
+ If `data_dir` is set to a value other than the
+ default value of `"/var/lib/nomad"` it is the Nomad
cluster manager's responsibility to make sure that this directory
exists and has the appropriate permissions.
- Additionally, if dropPrivileges is
- true then data_dir
- cannot be customized. Setting
- dropPrivileges to true enables
- the DynamicUser feature of systemd which directly
- manages and operates on StateDirectory.
+ Additionally, if `dropPrivileges` is
+ `true` then `data_dir`
+ *cannot* be customized. Setting
+ `dropPrivileges` to `true` enables
+ the `DynamicUser` feature of systemd which directly
+ manages and operates on `StateDirectory`.
'';
example = literalExpression ''
{
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nsd.nix
index a51fc534534..1102fc85d40 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nsd.nix
@@ -201,7 +201,7 @@ let
allowAXFRFallback = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
If NSD as secondary server should be allowed to AXFR if the primary
server does not allow IXFR.
'';
@@ -243,7 +243,7 @@ let
# to default values, breaking the parent inheriting function.
type = types.attrsOf types.anything;
default = {};
- description = ''
+ description = lib.mdDoc ''
Children zones inherit all options of their parents. Attributes
defined in a child will overwrite the ones of its parent. Only
leaf zones will be actually served. This way it's possible to
@@ -256,7 +256,7 @@ let
data = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
The actual zone data. This is the content of your zone file.
Use imports or pkgs.lib.readFile if you don't want this data in your config file.
'';
@@ -268,17 +268,17 @@ let
algorithm = mkOption {
type = types.str;
default = "RSASHA256";
- description = "Which algorithm to use for DNSSEC";
+ description = lib.mdDoc "Which algorithm to use for DNSSEC";
};
keyttl = mkOption {
type = types.str;
default = "1h";
- description = "TTL for dnssec records";
+ description = lib.mdDoc "TTL for dnssec records";
};
coverage = mkOption {
type = types.str;
default = "1y";
- description = ''
+ description = lib.mdDoc ''
The length of time to ensure that keys will be correct; no action will be taken to create new keys to be activated after this time.
'';
};
@@ -289,7 +289,7 @@ let
postPublish = "1w";
rollPeriod = "1mo";
};
- description = "Key policy for zone signing keys";
+ description = lib.mdDoc "Key policy for zone signing keys";
};
ksk = mkOption {
type = keyPolicy;
@@ -298,14 +298,14 @@ let
postPublish = "1mo";
rollPeriod = "0";
};
- description = "Key policy for key signing keys";
+ description = lib.mdDoc "Key policy for key signing keys";
};
};
maxRefreshSecs = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Limit refresh time for secondary zones. This is the timer which
checks to see if the zone has to be refetched when it expires.
Normally the value from the SOA record is used, but this option
@@ -316,7 +316,7 @@ let
minRefreshSecs = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Limit refresh time for secondary zones.
'';
};
@@ -324,7 +324,7 @@ let
maxRetrySecs = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Limit retry time for secondary zones. This is the timeout after
a failed fetch attempt for the zone. Normally the value from
the SOA record is used, but this option restricts that value.
@@ -334,7 +334,7 @@ let
minRetrySecs = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Limit retry time for secondary zones.
'';
};
@@ -362,7 +362,7 @@ let
notifyRetry = mkOption {
type = types.int;
default = 5;
- description = ''
+ description = lib.mdDoc ''
Specifies the number of retries for failed notifies. Set this along with notify.
'';
};
@@ -371,7 +371,7 @@ let
type = types.nullOr types.str;
default = null;
example = "2000::1@1234";
- description = ''
+ description = lib.mdDoc ''
This address will be used for zone-transfere requests if configured
as a secondary server or notifications in case of a primary server.
Supply either a plain IPv4 or IPv6 address with an optional port
@@ -400,7 +400,7 @@ let
rrlWhitelist = mkOption {
type = with types; listOf (enum [ "nxdomain" "error" "referral" "any" "rrsig" "wildcard" "nodata" "dnskey" "positive" "all" ]);
default = [];
- description = ''
+ description = lib.mdDoc ''
Whitelists the given rrl-types.
'';
};
@@ -409,7 +409,7 @@ let
type = types.nullOr types.str;
default = null;
example = "%s";
- description = ''
+ description = lib.mdDoc ''
When set to something distinct to null NSD is able to collect
statistics per zone. All statistics of this zone(s) will be added
to the group specified by this given name. Use "%s" to use the zones
@@ -424,19 +424,19 @@ let
options = {
keySize = mkOption {
type = types.int;
- description = "Key size in bits";
+ description = lib.mdDoc "Key size in bits";
};
prePublish = mkOption {
type = types.str;
- description = "How long in advance to publish new keys";
+ description = lib.mdDoc "How long in advance to publish new keys";
};
postPublish = mkOption {
type = types.str;
- description = "How long after deactivation to keep a key in the zone";
+ description = lib.mdDoc "How long after deactivation to keep a key in the zone";
};
rollPeriod = mkOption {
type = types.str;
- description = "How frequently to change keys";
+ description = lib.mdDoc "How frequently to change keys";
};
};
};
@@ -486,7 +486,7 @@ in
dnssecInterval = mkOption {
type = types.str;
default = "1h";
- description = ''
+ description = lib.mdDoc ''
How often to check whether dnssec key rollover is required
'';
};
@@ -494,7 +494,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra nsd config.
'';
};
@@ -502,7 +502,7 @@ in
hideVersion = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether NSD should answer VERSION.BIND and VERSION.SERVER CHAOS class queries.
'';
};
@@ -510,7 +510,7 @@ in
identity = mkOption {
type = types.str;
default = "unidentified server";
- description = ''
+ description = lib.mdDoc ''
Identify the server (CH TXT ID.SERVER entry).
'';
};
@@ -518,7 +518,7 @@ in
interfaces = mkOption {
type = types.listOf types.str;
default = [ "127.0.0.0" "::1" ];
- description = ''
+ description = lib.mdDoc ''
What addresses the server should listen to.
'';
};
@@ -526,7 +526,7 @@ in
ipFreebind = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to bind to nonlocal addresses and interfaces that are down.
Similar to ip-transparent.
'';
@@ -535,7 +535,7 @@ in
ipTransparent = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow binding to non local addresses.
'';
};
@@ -543,7 +543,7 @@ in
ipv4 = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to listen on IPv4 connections.
'';
};
@@ -551,7 +551,7 @@ in
ipv4EDNSSize = mkOption {
type = types.int;
default = 4096;
- description = ''
+ description = lib.mdDoc ''
Preferred EDNS buffer size for IPv4.
'';
};
@@ -559,7 +559,7 @@ in
ipv6 = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to listen on IPv6 connections.
'';
};
@@ -567,7 +567,7 @@ in
ipv6EDNSSize = mkOption {
type = types.int;
default = 4096;
- description = ''
+ description = lib.mdDoc ''
Preferred EDNS buffer size for IPv6.
'';
};
@@ -575,7 +575,7 @@ in
logTimeAscii = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Log time in ascii, if false then in unix epoch seconds.
'';
};
@@ -583,7 +583,7 @@ in
nsid = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
NSID identity (hex string, or "ascii_somestring").
'';
};
@@ -591,7 +591,7 @@ in
port = mkOption {
type = types.int;
default = 53;
- description = ''
+ description = lib.mdDoc ''
Port the service should bind do.
'';
};
@@ -600,7 +600,7 @@ in
type = types.bool;
default = pkgs.stdenv.isLinux;
defaultText = literalExpression "pkgs.stdenv.isLinux";
- description = ''
+ description = lib.mdDoc ''
Whether to enable SO_REUSEPORT on all used sockets. This lets multiple
processes bind to the same port. This speeds up operation especially
if the server count is greater than one and makes fast restarts less
@@ -611,7 +611,7 @@ in
rootServer = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether this server will be a root server (a DNS root server, you
usually don't want that).
'';
@@ -622,7 +622,7 @@ in
serverCount = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
Number of NSD servers to fork. Put the number of CPUs to use here.
'';
};
@@ -630,7 +630,7 @@ in
statistics = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Statistics are produced every number of seconds. Prints to log.
If null no statistics are logged.
'';
@@ -639,7 +639,7 @@ in
tcpCount = mkOption {
type = types.int;
default = 100;
- description = ''
+ description = lib.mdDoc ''
Maximum number of concurrent TCP connections per server.
'';
};
@@ -647,7 +647,7 @@ in
tcpQueryCount = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Maximum number of queries served on a single TCP connection.
0 means no maximum.
'';
@@ -656,7 +656,7 @@ in
tcpTimeout = mkOption {
type = types.int;
default = 120;
- description = ''
+ description = lib.mdDoc ''
TCP timeout in seconds.
'';
};
@@ -664,7 +664,7 @@ in
verbosity = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Verbosity level.
'';
};
@@ -672,7 +672,7 @@ in
version = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The version string replied for CH TXT version.server and version.bind
queries. Will use the compiled package version on null.
See hideVersion for enabling/disabling this responses.
@@ -682,7 +682,7 @@ in
xfrdReloadTimeout = mkOption {
type = types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
Number of seconds between reloads triggered by xfrd.
'';
};
@@ -690,7 +690,7 @@ in
zonefilesCheck = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to check mtime of all zone files on start and sighup.
'';
};
@@ -703,14 +703,14 @@ in
algorithm = mkOption {
type = types.str;
default = "hmac-sha256";
- description = ''
+ description = lib.mdDoc ''
Authentication algorithm for this key.
'';
};
keyFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the file which contains the actual base64 encoded
key. The key will be copied into "${stateDir}/private" before
NSD starts. The copied file is only accessibly by the NSD
@@ -728,7 +728,7 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
Define your TSIG keys here.
'';
};
@@ -741,7 +741,7 @@ in
ipv4PrefixLength = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
IPv4 prefix length. Addresses are grouped by netblock.
'';
};
@@ -749,7 +749,7 @@ in
ipv6PrefixLength = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
IPv6 prefix length. Addresses are grouped by netblock.
'';
};
@@ -757,7 +757,7 @@ in
ratelimit = mkOption {
type = types.int;
default = 200;
- description = ''
+ description = lib.mdDoc ''
Max qps allowed from any query source.
0 means unlimited. With an verbosity of 2 blocked and
unblocked subnets will be logged.
@@ -767,7 +767,7 @@ in
slip = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Number of packets that get discarded before replying a SLIP response.
0 disables SLIP responses. 1 will make every response a SLIP response.
'';
@@ -776,7 +776,7 @@ in
size = mkOption {
type = types.int;
default = 1000000;
- description = ''
+ description = lib.mdDoc ''
Size of the hashtable. More buckets use more memory but lower
the chance of hash hash collisions.
'';
@@ -785,7 +785,7 @@ in
whitelistRatelimit = mkOption {
type = types.int;
default = 2000;
- description = ''
+ description = lib.mdDoc ''
Max qps allowed from whitelisted sources.
0 means unlimited. Set the rrl-whitelist option for specific
queries to apply this limit instead of the default to them.
@@ -802,7 +802,7 @@ in
controlCertFile = mkOption {
type = types.path;
default = "/etc/nsd/nsd_control.pem";
- description = ''
+ description = lib.mdDoc ''
Path to the client certificate signed with the server certificate.
This file is used by nsd-control and generated by nsd-control-setup.
'';
@@ -811,7 +811,7 @@ in
controlKeyFile = mkOption {
type = types.path;
default = "/etc/nsd/nsd_control.key";
- description = ''
+ description = lib.mdDoc ''
Path to the client private key, which is used by nsd-control
but not by the server. This file is generated by nsd-control-setup.
'';
@@ -820,7 +820,7 @@ in
interfaces = mkOption {
type = types.listOf types.str;
default = [ "127.0.0.1" "::1" ];
- description = ''
+ description = lib.mdDoc ''
Which interfaces NSD should bind to for remote control.
'';
};
@@ -828,7 +828,7 @@ in
port = mkOption {
type = types.int;
default = 8952;
- description = ''
+ description = lib.mdDoc ''
Port number for remote control operations (uses TLS over TCP).
'';
};
@@ -836,7 +836,7 @@ in
serverCertFile = mkOption {
type = types.path;
default = "/etc/nsd/nsd_server.pem";
- description = ''
+ description = lib.mdDoc ''
Path to the server self signed certificate, which is used by the server
but and by nsd-control. This file is generated by nsd-control-setup.
'';
@@ -845,7 +845,7 @@ in
serverKeyFile = mkOption {
type = types.path;
default = "/etc/nsd/nsd_server.key";
- description = ''
+ description = lib.mdDoc ''
Path to the server private key, which is used by the server
but not by nsd-control. This file is generated by nsd-control-setup.
'';
@@ -887,7 +887,7 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
Define your zones here. Zones can cascade other zones and therefore
inherit settings from parent zones. Look at the definition of
children to learn about inheritance and child zones.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntopng.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntopng.nix
index 022fc923eda..e6344d7ff3b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntopng.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntopng.nix
@@ -43,7 +43,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable ntopng, a high-speed web-based traffic analysis and flow
collection tool.
@@ -63,7 +63,7 @@ in
default = [ "any" ];
example = [ "eth0" "wlan0" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of interfaces to monitor. Use "any" to monitor all interfaces.
'';
};
@@ -71,7 +71,7 @@ in
httpPort = mkOption {
default = 3000;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Sets the HTTP port of the embedded web server.
'';
};
@@ -79,7 +79,7 @@ in
redis.address = mkOption {
type = types.str;
example = literalExpression "config.services.redis.ntopng.unixSocket";
- description = ''
+ description = lib.mdDoc ''
Redis address - may be a Unix socket or a network host and port.
'';
};
@@ -87,10 +87,10 @@ in
redis.createInstance = mkOption {
type = types.nullOr types.str;
default = if versionAtLeast config.system.stateVersion "22.05" then "ntopng" else "";
- description = ''
- Local Redis instance name. Set to null to disable
- local Redis instance. Defaults to "" for
- system.stateVersion older than 22.05.
+ description = lib.mdDoc ''
+ Local Redis instance name. Set to `null` to disable
+ local Redis instance. Defaults to `""` for
+ `system.stateVersion` older than 22.05.
'';
};
@@ -102,7 +102,7 @@ in
--disable-login
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Overridable configuration file contents to use for ntopng. By
default, use the contents automatically generated by NixOS.
'';
@@ -111,10 +111,10 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Configuration lines that will be appended to the generated ntopng
configuration file. Note that this mechanism does not work when the
- manual option is used.
+ manual {option}`configText` option is used.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/chrony.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/chrony.nix
index 34728455a21..a89c7769152 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/chrony.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/chrony.nix
@@ -35,7 +35,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to synchronise your machine's time using chrony.
Make sure you disable NTP if you enable this service.
'';
@@ -45,7 +45,7 @@ in
type = types.package;
default = pkgs.chrony;
defaultText = literalExpression "pkgs.chrony";
- description = ''
+ description = lib.mdDoc ''
Which chrony package to use.
'';
};
@@ -54,7 +54,7 @@ in
default = config.networking.timeServers;
defaultText = literalExpression "config.networking.timeServers";
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The set of NTP servers from which to synchronise.
'';
};
@@ -62,7 +62,7 @@ in
serverOption = mkOption {
default = "iburst";
type = types.enum [ "iburst" "offline" ];
- description = ''
+ description = lib.mdDoc ''
Set option for server directives.
Use "iburst" to rapidly poll on startup. Recommended if your machine
@@ -76,7 +76,7 @@ in
enableNTS = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Network Time Security authentication.
Make sure it is supported by your selected NTP server(s).
'';
@@ -86,7 +86,7 @@ in
enabled = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Allow chronyd to make a rapid measurement of the system clock error
at boot time, and to correct the system clock by stepping before
normal operation begins.
@@ -96,7 +96,7 @@ in
threshold = mkOption {
type = types.either types.float types.int;
default = 1000; # by default, same threshold as 'ntpd -g' (1000s)
- description = ''
+ description = lib.mdDoc ''
The threshold of system clock error (in seconds) above which the
clock will be stepped. If the correction required is less than the
threshold, a slew is used instead.
@@ -107,15 +107,15 @@ in
directory = mkOption {
type = types.str;
default = "/var/lib/chrony";
- description = "Directory where chrony state is stored.";
+ description = lib.mdDoc "Directory where chrony state is stored.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration directives that should be added to
- chrony.conf
+ `chrony.conf`
'';
};
@@ -123,7 +123,7 @@ in
default = [];
example = [ "-s" ];
type = types.listOf types.str;
- description = "Extra flags passed to the chronyd command.";
+ description = lib.mdDoc "Extra flags passed to the chronyd command.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/ntpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/ntpd.nix
index 12be0d045a8..47922f5e149 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/ntpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/ntpd.nix
@@ -79,7 +79,7 @@ in
default = config.networking.timeServers;
defaultText = literalExpression "config.networking.timeServers";
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The set of NTP servers from which to synchronise.
'';
};
@@ -90,14 +90,14 @@ in
example = ''
fudge 127.127.1.0 stratum 10
'';
- description = ''
- Additional text appended to ntp.conf.
+ description = lib.mdDoc ''
+ Additional text appended to {file}`ntp.conf`.
'';
};
extraFlags = mkOption {
type = types.listOf types.str;
- description = "Extra flags passed to the ntpd command.";
+ description = lib.mdDoc "Extra flags passed to the ntpd command.";
example = literalExpression ''[ "--interface=eth0" ]'';
default = [];
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/openntpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/openntpd.nix
index e86b71291f9..2a766a134f7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/openntpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ntp/openntpd.nix
@@ -35,8 +35,8 @@ in
listen on 127.0.0.1
listen on ::1
'';
- description = ''
- Additional text appended to openntpd.conf.
+ description = lib.mdDoc ''
+ Additional text appended to {file}`openntpd.conf`.
'';
};
@@ -44,7 +44,7 @@ in
type = with types; separatedString " ";
default = "";
example = "-s";
- description = ''
+ description = lib.mdDoc ''
Extra options used when launching openntpd.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nullidentdmod.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nullidentdmod.nix
index b0d338a2794..85f5c799a31 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nullidentdmod.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nullidentdmod.nix
@@ -7,7 +7,7 @@ in {
userid = mkOption {
type = nullOr str;
- description = "User ID to return. Set to null to return a random string each time.";
+ description = lib.mdDoc "User ID to return. Set to null to return a random string each time.";
default = null;
example = "alice";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nylon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nylon.nix
index a20fa615af8..3eb15c23bef 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nylon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/nylon.nix
@@ -29,7 +29,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables nylon as a running service upon activation.
'';
};
@@ -37,13 +37,13 @@ let
name = mkOption {
type = types.str;
default = "";
- description = "The name of this nylon instance.";
+ description = lib.mdDoc "The name of this nylon instance.";
};
nrConnections = mkOption {
type = types.int;
default = 10;
- description = ''
+ description = lib.mdDoc ''
The number of allowed simultaneous connections to the daemon, default 10.
'';
};
@@ -51,7 +51,7 @@ let
logging = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable logging, default is no logging.
'';
};
@@ -59,7 +59,7 @@ let
verbosity = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable verbose output, default is to not be verbose.
'';
};
@@ -67,7 +67,7 @@ let
acceptInterface = mkOption {
type = types.str;
default = "lo";
- description = ''
+ description = lib.mdDoc ''
Tell nylon which interface to listen for client requests on, default is "lo".
'';
};
@@ -75,7 +75,7 @@ let
bindInterface = mkOption {
type = types.str;
default = "enp3s0f0";
- description = ''
+ description = lib.mdDoc ''
Tell nylon which interface to use as an uplink, default is "enp3s0f0".
'';
};
@@ -83,7 +83,7 @@ let
port = mkOption {
type = types.int;
default = 1080;
- description = ''
+ description = lib.mdDoc ''
What port to listen for client requests, default is 1080.
'';
};
@@ -91,7 +91,7 @@ let
allowedIPRanges = mkOption {
type = with types; listOf str;
default = [ "192.168.0.0/16" "127.0.0.1/8" "172.16.0.1/12" "10.0.0.0/8" ];
- description = ''
+ description = lib.mdDoc ''
Allowed client IP ranges are evaluated first, defaults to ARIN IPv4 private ranges:
[ "192.168.0.0/16" "127.0.0.0/8" "172.16.0.0/12" "10.0.0.0/8" ]
'';
@@ -100,7 +100,7 @@ let
deniedIPRanges = mkOption {
type = with types; listOf str;
default = [ "0.0.0.0/0" ];
- description = ''
+ description = lib.mdDoc ''
Denied client IP ranges, these gets evaluated after the allowed IP ranges, defaults to all IPv4 addresses:
[ "0.0.0.0/0" ]
To block all other access than the allowed.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ofono.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ofono.nix
index 460b06443c4..6192857cd3e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ofono.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ofono.nix
@@ -25,7 +25,7 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "[ pkgs.modem-manager-gui ]";
- description = ''
+ description = lib.mdDoc ''
The list of plugins to install.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/oidentd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/oidentd.nix
index feb84806ba9..7c7883c9461 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/oidentd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/oidentd.nix
@@ -11,7 +11,7 @@ with lib;
services.oidentd.enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable ‘oidentd’, an implementation of the Ident
protocol (RFC 1413). It allows remote systems to identify the
name of the user associated with a TCP connection.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/onedrive.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/onedrive.nix
index 0256a6a4111..5a531d7a47f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/onedrive.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/onedrive.nix
@@ -29,14 +29,14 @@ in {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
- description = "Enable OneDrive service";
+ description = lib.mdDoc "Enable OneDrive service";
};
package = lib.mkOption {
type = lib.types.package;
default = pkgs.onedrive;
defaultText = lib.literalExpression "pkgs.onedrive";
- description = ''
+ description = lib.mdDoc ''
OneDrive package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/openconnect.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/openconnect.nix
index bc873b2198b..c5313bb305a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/openconnect.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/openconnect.nix
@@ -11,25 +11,25 @@ let
options = {
autoStart = mkOption {
default = true;
- description = "Whether this VPN connection should be started automatically.";
+ description = lib.mdDoc "Whether this VPN connection should be started automatically.";
type = types.bool;
};
gateway = mkOption {
- description = "Gateway server to connect to.";
+ description = lib.mdDoc "Gateway server to connect to.";
example = "gateway.example.com";
type = types.str;
};
protocol = mkOption {
- description = "Protocol to use.";
+ description = lib.mdDoc "Protocol to use.";
example = "anyconnect";
type =
types.enum [ "anyconnect" "array" "nc" "pulse" "gp" "f5" "fortinet" ];
};
user = mkOption {
- description = "Username to authenticate with.";
+ description = lib.mdDoc "Username to authenticate with.";
example = "example-user";
type = types.nullOr types.str;
};
@@ -49,14 +49,14 @@ let
};
certificate = mkOption {
- description = "Certificate to authenticate with.";
+ description = lib.mdDoc "Certificate to authenticate with.";
default = null;
example = "/var/lib/secrets/openconnect_certificate.pem";
type = with types; nullOr (either path pkcs11);
};
privateKey = mkOption {
- description = "Private key to authenticate with.";
+ description = lib.mdDoc "Private key to authenticate with.";
example = "/var/lib/secrets/openconnect_private_key.pem";
default = null;
type = with types; nullOr (either path pkcs11);
@@ -118,7 +118,7 @@ in {
package = mkPackageOption pkgs "openconnect" { };
interfaces = mkOption {
- description = "OpenConnect interfaces.";
+ description = lib.mdDoc "OpenConnect interfaces.";
default = { };
example = {
openconnect0 = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/openvpn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/openvpn.nix
index cf3f79fc578..752b4d67d47 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/openvpn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/openvpn.nix
@@ -130,20 +130,20 @@ in
config = mkOption {
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Configuration of this OpenVPN instance. See
- openvpn8
+ {manpage}`openvpn(8)`
for details.
To import an external config file, use the following definition:
- config = "config /path/to/config.ovpn"
+ `config = "config /path/to/config.ovpn"`
'';
};
up = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands executed when the instance is starting.
'';
};
@@ -151,7 +151,7 @@ in
down = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands executed when the instance is shutting down.
'';
};
@@ -159,13 +159,13 @@ in
autoStart = mkOption {
default = true;
type = types.bool;
- description = "Whether this OpenVPN instance should be started automatically.";
+ description = lib.mdDoc "Whether this OpenVPN instance should be started automatically.";
};
updateResolvConf = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Use the script from the update-resolv-conf package to automatically
update resolv.conf with the DNS information provided by openvpn. The
script will be run after the "up" commands and before the "down" commands.
@@ -174,7 +174,7 @@ in
authUserPass = mkOption {
default = null;
- description = ''
+ description = lib.mdDoc ''
This option can be used to store the username / password credentials
with the "auth-user-pass" authentication method.
@@ -184,12 +184,12 @@ in
options = {
username = mkOption {
- description = "The username to store inside the credentials file.";
+ description = lib.mdDoc "The username to store inside the credentials file.";
type = types.str;
};
password = mkOption {
- description = "The password to store inside the credentials file.";
+ description = lib.mdDoc "The password to store inside the credentials file.";
type = types.str;
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ostinato.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ostinato.nix
index 4da11984b9f..808ccdd4e0c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ostinato.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ostinato.nix
@@ -31,7 +31,7 @@ in
port = mkOption {
type = types.int;
default = 7878;
- description = ''
+ description = lib.mdDoc ''
Port to listen on.
'';
};
@@ -39,7 +39,7 @@ in
rateAccuracy = mkOption {
type = types.enum [ "High" "Low" ];
default = "High";
- description = ''
+ description = lib.mdDoc ''
To ensure that the actual transmit rate is as close as possible to
the configured transmit rate, Drone runs a busy-wait loop.
While this provides the maximum accuracy possible, the CPU
@@ -52,7 +52,7 @@ in
address = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
By default, the Drone RPC server will listen on all interfaces and
local IPv4 adresses for incoming connections from clients. Specify
a single IPv4 or IPv6 address if you want to restrict that.
@@ -66,7 +66,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "eth*" "lo*" ];
- description = ''
+ description = lib.mdDoc ''
For a port to pass the filter and appear on the port list managed
by drone, it be allowed by this include list.
'';
@@ -75,7 +75,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "usbmon*" "eth0" ];
- description = ''
+ description = lib.mdDoc ''
A list of ports does not appear on the port list managed by drone.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pdns-recursor.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pdns-recursor.nix
index a986f83141c..7319793101c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pdns-recursor.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pdns-recursor.nix
@@ -32,7 +32,7 @@ in {
dns.address = mkOption {
type = oneOrMore types.str;
default = [ "::" "0.0.0.0" ];
- description = ''
+ description = lib.mdDoc ''
IP addresses Recursor DNS server will bind to.
'';
};
@@ -40,7 +40,7 @@ in {
dns.port = mkOption {
type = types.int;
default = 53;
- description = ''
+ description = lib.mdDoc ''
Port number Recursor DNS server will bind to.
'';
};
@@ -53,7 +53,7 @@ in {
"::1/128" "fc00::/7" "fe80::/10"
];
example = [ "0.0.0.0/0" "::/0" ];
- description = ''
+ description = lib.mdDoc ''
IP address ranges of clients allowed to make DNS queries.
'';
};
@@ -61,7 +61,7 @@ in {
api.address = mkOption {
type = types.str;
default = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
IP address Recursor REST API server will bind to.
'';
};
@@ -69,7 +69,7 @@ in {
api.port = mkOption {
type = types.int;
default = 8082;
- description = ''
+ description = lib.mdDoc ''
Port number Recursor REST API server will bind to.
'';
};
@@ -78,7 +78,7 @@ in {
type = types.listOf types.str;
default = [ "127.0.0.1" "::1" ];
example = [ "0.0.0.0/0" "::/0" ];
- description = ''
+ description = lib.mdDoc ''
IP address ranges of clients allowed to make API requests.
'';
};
@@ -86,7 +86,7 @@ in {
exportHosts = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to export names and IP addresses defined in /etc/hosts.
'';
};
@@ -94,7 +94,7 @@ in {
forwardZones = mkOption {
type = types.attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
DNS zones to be forwarded to other authoritative servers.
'';
};
@@ -103,7 +103,7 @@ in {
type = types.attrs;
example = { eth = "[::1]:5353"; };
default = {};
- description = ''
+ description = lib.mdDoc ''
DNS zones to be forwarded to other recursive servers.
'';
};
@@ -111,7 +111,7 @@ in {
dnssecValidation = mkOption {
type = types.enum ["off" "process-no-validate" "process" "log-fail" "validate"];
default = "validate";
- description = ''
+ description = lib.mdDoc ''
Controls the level of DNSSEC processing done by the PowerDNS Recursor.
See https://doc.powerdns.com/md/recursor/dnssec/ for a detailed explanation.
'';
@@ -120,11 +120,11 @@ in {
serveRFC1918 = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to directly resolve the RFC1918 reverse-mapping domains:
- 10.in-addr.arpa,
- 168.192.in-addr.arpa,
- 16-31.172.in-addr.arpa
+ `10.in-addr.arpa`,
+ `168.192.in-addr.arpa`,
+ `16-31.172.in-addr.arpa`
This saves load on the AS112 servers.
'';
};
@@ -138,11 +138,11 @@ in {
log-common-errors = true;
}
'';
- description = ''
+ description = lib.mdDoc ''
PowerDNS Recursor settings. Use this option to configure Recursor
settings not exposed in a NixOS option or to bypass one.
See the full documentation at
-
+
for the available options.
'';
};
@@ -150,9 +150,9 @@ in {
luaConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
The content Lua configuration file for PowerDNS Recursor. See
- .
+ .
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pdnsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pdnsd.nix
index 24b5bbc5104..03c9005413b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pdnsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pdnsd.nix
@@ -29,33 +29,33 @@ in
cacheDir = mkOption {
type = types.str;
default = "/var/cache/pdnsd";
- description = "Directory holding the pdnsd cache";
+ description = lib.mdDoc "Directory holding the pdnsd cache";
};
globalConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Global configuration that should be added to the global directory
- of pdnsd.conf.
+ of `pdnsd.conf`.
'';
};
serverConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Server configuration that should be added to the server directory
- of pdnsd.conf.
+ of `pdnsd.conf`.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration directives that should be added to
- pdnsd.conf.
+ `pdnsd.conf`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pixiecore.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pixiecore.nix
index d2642c82c2d..c88081af620 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pixiecore.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pixiecore.nix
@@ -15,13 +15,13 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports (67, 69 UDP and 4011, 'port', 'statusPort' TCP) in the firewall for Pixiecore.
'';
};
mode = mkOption {
- description = "Which mode to use";
+ description = lib.mdDoc "Which mode to use";
default = "boot";
type = types.enum [ "api" "boot" ];
};
@@ -29,61 +29,61 @@ in
debug = mkOption {
type = types.bool;
default = false;
- description = "Log more things that aren't directly related to booting a recognized client";
+ description = lib.mdDoc "Log more things that aren't directly related to booting a recognized client";
};
dhcpNoBind = mkOption {
type = types.bool;
default = false;
- description = "Handle DHCP traffic without binding to the DHCP server port";
+ description = lib.mdDoc "Handle DHCP traffic without binding to the DHCP server port";
};
kernel = mkOption {
type = types.str or types.path;
default = "";
- description = "Kernel path. Ignored unless mode is set to 'boot'";
+ description = lib.mdDoc "Kernel path. Ignored unless mode is set to 'boot'";
};
initrd = mkOption {
type = types.str or types.path;
default = "";
- description = "Initrd path. Ignored unless mode is set to 'boot'";
+ description = lib.mdDoc "Initrd path. Ignored unless mode is set to 'boot'";
};
cmdLine = mkOption {
type = types.str;
default = "";
- description = "Kernel commandline arguments. Ignored unless mode is set to 'boot'";
+ description = lib.mdDoc "Kernel commandline arguments. Ignored unless mode is set to 'boot'";
};
listen = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "IPv4 address to listen on";
+ description = lib.mdDoc "IPv4 address to listen on";
};
port = mkOption {
type = types.port;
default = 80;
- description = "Port to listen on for HTTP";
+ description = lib.mdDoc "Port to listen on for HTTP";
};
statusPort = mkOption {
type = types.port;
default = 80;
- description = "HTTP port for status information (can be the same as --port)";
+ description = lib.mdDoc "HTTP port for status information (can be the same as --port)";
};
apiServer = mkOption {
type = types.str;
example = "localhost:8080";
- description = "host:port to connect to the API. Ignored unless mode is set to 'api'";
+ description = lib.mdDoc "host:port to connect to the API. Ignored unless mode is set to 'api'";
};
extraArguments = mkOption {
type = types.listOf types.str;
default = [];
- description = "Additional command line arguments to pass to Pixiecore";
+ description = lib.mdDoc "Additional command line arguments to pass to Pixiecore";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pleroma.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pleroma.nix
index 9b8382392c0..03868c8cc76 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pleroma.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pleroma.nix
@@ -10,26 +10,26 @@ in {
type = types.package;
default = pkgs.pleroma;
defaultText = literalExpression "pkgs.pleroma";
- description = "Pleroma package to use.";
+ description = lib.mdDoc "Pleroma package to use.";
};
user = mkOption {
type = types.str;
default = "pleroma";
- description = "User account under which pleroma runs.";
+ description = lib.mdDoc "User account under which pleroma runs.";
};
group = mkOption {
type = types.str;
default = "pleroma";
- description = "Group account under which pleroma runs.";
+ description = lib.mdDoc "Group account under which pleroma runs.";
};
stateDir = mkOption {
type = types.str;
default = "/var/lib/pleroma";
readOnly = true;
- description = "Directory where the pleroma service will save the uploads and static files.";
+ description = lib.mdDoc "Directory where the pleroma service will save the uploads and static files.";
};
configs = mkOption {
@@ -59,11 +59,11 @@ in {
secretConfigFile = mkOption {
type = types.str;
default = "/var/lib/pleroma/secrets.exs";
- description = ''
+ description = lib.mdDoc ''
Path to the file containing your secret pleroma configuration.
- DO NOT POINT THIS OPTION TO THE NIX
- STORE, the store being world-readable, it'll
+ *DO NOT POINT THIS OPTION TO THE NIX
+ STORE*, the store being world-readable, it'll
compromise all your secrets.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/polipo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/polipo.nix
index 1ff9388346b..d820e1b397b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/polipo.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/polipo.nix
@@ -26,26 +26,26 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to run the polipo caching web proxy.";
+ description = lib.mdDoc "Whether to run the polipo caching web proxy.";
};
proxyAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "IP address on which Polipo will listen.";
+ description = lib.mdDoc "IP address on which Polipo will listen.";
};
proxyPort = mkOption {
type = types.int;
default = 8123;
- description = "TCP port on which Polipo will listen.";
+ description = lib.mdDoc "TCP port on which Polipo will listen.";
};
allowedClients = mkOption {
type = types.listOf types.str;
default = [ "127.0.0.1" "::1" ];
example = [ "127.0.0.1" "::1" "134.157.168.0/24" "2001:660:116::/48" ];
- description = ''
+ description = lib.mdDoc ''
List of IP addresses or network addresses that may connect to Polipo.
'';
};
@@ -54,7 +54,7 @@ in
type = types.str;
default = "";
example = "localhost:8124";
- description = ''
+ description = lib.mdDoc ''
Hostname and port number of an HTTP parent proxy;
it should have the form ‘host:port’.
'';
@@ -64,7 +64,7 @@ in
type = types.str;
default = "";
example = "localhost:9050";
- description = ''
+ description = lib.mdDoc ''
Hostname and port number of an SOCKS parent proxy;
it should have the form ‘host:port’.
'';
@@ -73,7 +73,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Polio configuration. Contents will be added
verbatim to the configuration file.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/powerdns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/powerdns.nix
index b035698456c..f7c72361dfa 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/powerdns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/powerdns.nix
@@ -13,9 +13,9 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "launch=bind";
- description = ''
+ description = lib.mdDoc ''
PowerDNS configuration. Refer to
-
+
for details on supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pppd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pppd.nix
index d1ed25b0238..d923b49dda2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pppd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pppd.nix
@@ -18,12 +18,12 @@ in
default = pkgs.ppp;
defaultText = literalExpression "pkgs.ppp";
type = types.package;
- description = "pppd package to use.";
+ description = lib.mdDoc "pppd package to use.";
};
peers = mkOption {
default = {};
- description = "pppd peers.";
+ description = lib.mdDoc "pppd peers.";
type = types.attrsOf (types.submodule (
{ name, ... }:
{
@@ -32,27 +32,27 @@ in
type = types.str;
default = name;
example = "dialup";
- description = "Name of the PPP peer.";
+ description = lib.mdDoc "Name of the PPP peer.";
};
enable = mkOption {
type = types.bool;
default = true;
example = false;
- description = "Whether to enable this PPP peer.";
+ description = lib.mdDoc "Whether to enable this PPP peer.";
};
autostart = mkOption {
type = types.bool;
default = true;
example = false;
- description = "Whether the PPP session is automatically started at boot time.";
+ description = lib.mdDoc "Whether the PPP session is automatically started at boot time.";
};
config = mkOption {
type = types.lines;
default = "";
- description = "pppd configuration for this peer, see the pppd(8) man page.";
+ description = lib.mdDoc "pppd configuration for this peer, see the pppd(8) man page.";
};
};
}));
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pptpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pptpd.nix
index 423e14e998f..d16496a2cb5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pptpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/pptpd.nix
@@ -9,31 +9,31 @@ with lib;
serverIp = mkOption {
type = types.str;
- description = "The server-side IP address.";
+ description = lib.mdDoc "The server-side IP address.";
default = "10.124.124.1";
};
clientIpRange = mkOption {
type = types.str;
- description = "The range from which client IPs are drawn.";
+ description = lib.mdDoc "The range from which client IPs are drawn.";
default = "10.124.124.2-11";
};
maxClients = mkOption {
type = types.int;
- description = "The maximum number of simultaneous connections.";
+ description = lib.mdDoc "The maximum number of simultaneous connections.";
default = 10;
};
extraPptpdOptions = mkOption {
type = types.lines;
- description = "Adds extra lines to the pptpd configuration file.";
+ description = lib.mdDoc "Adds extra lines to the pptpd configuration file.";
default = "";
};
extraPppdOptions = mkOption {
type = types.lines;
- description = "Adds extra lines to the pppd options file.";
+ description = lib.mdDoc "Adds extra lines to the pppd options file.";
default = "";
example = ''
ms-dns 8.8.8.8
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/prayer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/prayer.nix
index 513509eaca3..01e961997a7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/prayer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/prayer.nix
@@ -46,7 +46,7 @@ in
port = mkOption {
default = 2080;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Port the prayer http server is listening to.
'';
};
@@ -54,7 +54,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "" ;
- description = ''
+ description = lib.mdDoc ''
Extra configuration. Contents will be added verbatim to the configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/privoxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/privoxy.nix
index 7bc964d5f34..1ad5b155feb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/privoxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/privoxy.nix
@@ -58,7 +58,7 @@ in
enableTor = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to configure Privoxy to use Tor's faster SOCKS port,
suitable for HTTP.
'';
@@ -106,8 +106,8 @@ in
userActions = mkOption {
type = types.lines;
default = "";
- description = ''
- Actions to be included in a user.action file. This
+ description = lib.mdDoc ''
+ Actions to be included in a `user.action` file. This
will have a higher priority and can be used to override all other
actions.
'';
@@ -116,8 +116,8 @@ in
userFilters = mkOption {
type = types.lines;
default = "";
- description = ''
- Filters to be included in a user.filter file. This
+ description = lib.mdDoc ''
+ Filters to be included in a `user.filter` file. This
will have a higher priority and can be used to override all other
filters definitions.
'';
@@ -130,13 +130,13 @@ in
options.listen-address = mkOption {
type = types.str;
default = "127.0.0.1:8118";
- description = "Pair of address:port the proxy server is listening to.";
+ description = lib.mdDoc "Pair of address:port the proxy server is listening to.";
};
options.enable-edit-actions = mkOption {
type = types.bool;
default = false;
- description = "Whether the web-based actions file editor may be used.";
+ description = lib.mdDoc "Whether the web-based actions file editor may be used.";
};
options.actionsfile = mkOption {
@@ -146,7 +146,7 @@ in
apply = x: x ++ optional (cfg.userActions != "")
(toString (pkgs.writeText "user.actions" cfg.userActions));
default = [ "match-all.action" "default.action" ];
- description = ''
+ description = lib.mdDoc ''
List of paths to Privoxy action files. These paths may either be
absolute or relative to the privoxy configuration directory.
'';
@@ -157,7 +157,7 @@ in
default = [ "default.filter" ];
apply = x: x ++ optional (cfg.userFilters != "")
(toString (pkgs.writeText "user.filter" cfg.userFilters));
- description = ''
+ description = lib.mdDoc ''
List of paths to Privoxy filter files. These paths may either be
absolute or relative to the privoxy configuration directory.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/prosody.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/prosody.nix
index 9e8db04e622..f32c7adbd2c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/prosody.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/prosody.nix
@@ -10,19 +10,19 @@ let
key = mkOption {
type = types.path;
- description = "Path to the key file.";
+ description = lib.mdDoc "Path to the key file.";
};
# TODO: rename to certificate to match the prosody config
cert = mkOption {
type = types.path;
- description = "Path to the certificate file.";
+ description = lib.mdDoc "Path to the certificate file.";
};
extraOptions = mkOption {
type = types.attrs;
default = {};
- description = "Extra SSL configuration options.";
+ description = lib.mdDoc "Extra SSL configuration options.";
};
};
@@ -32,11 +32,11 @@ let
options = {
url = mkOption {
type = types.str;
- description = "URL of the endpoint you want to make discoverable";
+ description = lib.mdDoc "URL of the endpoint you want to make discoverable";
};
description = mkOption {
type = types.str;
- description = "A short description of the endpoint you want to advertise";
+ description = lib.mdDoc "A short description of the endpoint you want to advertise";
};
};
};
@@ -46,216 +46,216 @@ let
roster = mkOption {
type = types.bool;
default = true;
- description = "Allow users to have a roster";
+ description = lib.mdDoc "Allow users to have a roster";
};
saslauth = mkOption {
type = types.bool;
default = true;
- description = "Authentication for clients and servers. Recommended if you want to log in.";
+ description = lib.mdDoc "Authentication for clients and servers. Recommended if you want to log in.";
};
tls = mkOption {
type = types.bool;
default = true;
- description = "Add support for secure TLS on c2s/s2s connections";
+ description = lib.mdDoc "Add support for secure TLS on c2s/s2s connections";
};
dialback = mkOption {
type = types.bool;
default = true;
- description = "s2s dialback support";
+ description = lib.mdDoc "s2s dialback support";
};
disco = mkOption {
type = types.bool;
default = true;
- description = "Service discovery";
+ description = lib.mdDoc "Service discovery";
};
# Not essential, but recommended
carbons = mkOption {
type = types.bool;
default = true;
- description = "Keep multiple clients in sync";
+ description = lib.mdDoc "Keep multiple clients in sync";
};
csi = mkOption {
type = types.bool;
default = true;
- description = "Implements the CSI protocol that allows clients to report their active/inactive state to the server";
+ description = lib.mdDoc "Implements the CSI protocol that allows clients to report their active/inactive state to the server";
};
cloud_notify = mkOption {
type = types.bool;
default = true;
- description = "Push notifications to inform users of new messages or other pertinent information even when they have no XMPP clients online";
+ description = lib.mdDoc "Push notifications to inform users of new messages or other pertinent information even when they have no XMPP clients online";
};
pep = mkOption {
type = types.bool;
default = true;
- description = "Enables users to publish their mood, activity, playing music and more";
+ description = lib.mdDoc "Enables users to publish their mood, activity, playing music and more";
};
private = mkOption {
type = types.bool;
default = true;
- description = "Private XML storage (for room bookmarks, etc.)";
+ description = lib.mdDoc "Private XML storage (for room bookmarks, etc.)";
};
blocklist = mkOption {
type = types.bool;
default = true;
- description = "Allow users to block communications with other users";
+ description = lib.mdDoc "Allow users to block communications with other users";
};
vcard = mkOption {
type = types.bool;
default = false;
- description = "Allow users to set vCards";
+ description = lib.mdDoc "Allow users to set vCards";
};
vcard_legacy = mkOption {
type = types.bool;
default = true;
- description = "Converts users profiles and Avatars between old and new formats";
+ description = lib.mdDoc "Converts users profiles and Avatars between old and new formats";
};
bookmarks = mkOption {
type = types.bool;
default = true;
- description = "Allows interop between older clients that use XEP-0048: Bookmarks in its 1.0 version and recent clients which use it in PEP";
+ description = lib.mdDoc "Allows interop between older clients that use XEP-0048: Bookmarks in its 1.0 version and recent clients which use it in PEP";
};
# Nice to have
version = mkOption {
type = types.bool;
default = true;
- description = "Replies to server version requests";
+ description = lib.mdDoc "Replies to server version requests";
};
uptime = mkOption {
type = types.bool;
default = true;
- description = "Report how long server has been running";
+ description = lib.mdDoc "Report how long server has been running";
};
time = mkOption {
type = types.bool;
default = true;
- description = "Let others know the time here on this server";
+ description = lib.mdDoc "Let others know the time here on this server";
};
ping = mkOption {
type = types.bool;
default = true;
- description = "Replies to XMPP pings with pongs";
+ description = lib.mdDoc "Replies to XMPP pings with pongs";
};
register = mkOption {
type = types.bool;
default = true;
- description = "Allow users to register on this server using a client and change passwords";
+ description = lib.mdDoc "Allow users to register on this server using a client and change passwords";
};
mam = mkOption {
type = types.bool;
default = true;
- description = "Store messages in an archive and allow users to access it";
+ description = lib.mdDoc "Store messages in an archive and allow users to access it";
};
smacks = mkOption {
type = types.bool;
default = true;
- description = "Allow a client to resume a disconnected session, and prevent message loss";
+ description = lib.mdDoc "Allow a client to resume a disconnected session, and prevent message loss";
};
# Admin interfaces
admin_adhoc = mkOption {
type = types.bool;
default = true;
- description = "Allows administration via an XMPP client that supports ad-hoc commands";
+ description = lib.mdDoc "Allows administration via an XMPP client that supports ad-hoc commands";
};
http_files = mkOption {
type = types.bool;
default = true;
- description = "Serve static files from a directory over HTTP";
+ description = lib.mdDoc "Serve static files from a directory over HTTP";
};
proxy65 = mkOption {
type = types.bool;
default = true;
- description = "Enables a file transfer proxy service which clients behind NAT can use";
+ description = lib.mdDoc "Enables a file transfer proxy service which clients behind NAT can use";
};
admin_telnet = mkOption {
type = types.bool;
default = false;
- description = "Opens telnet console interface on localhost port 5582";
+ description = lib.mdDoc "Opens telnet console interface on localhost port 5582";
};
# HTTP modules
bosh = mkOption {
type = types.bool;
default = false;
- description = "Enable BOSH clients, aka 'Jabber over HTTP'";
+ description = lib.mdDoc "Enable BOSH clients, aka 'Jabber over HTTP'";
};
websocket = mkOption {
type = types.bool;
default = false;
- description = "Enable WebSocket support";
+ description = lib.mdDoc "Enable WebSocket support";
};
# Other specific functionality
limits = mkOption {
type = types.bool;
default = false;
- description = "Enable bandwidth limiting for XMPP connections";
+ description = lib.mdDoc "Enable bandwidth limiting for XMPP connections";
};
groups = mkOption {
type = types.bool;
default = false;
- description = "Shared roster support";
+ description = lib.mdDoc "Shared roster support";
};
server_contact_info = mkOption {
type = types.bool;
default = false;
- description = "Publish contact information for this service";
+ description = lib.mdDoc "Publish contact information for this service";
};
announce = mkOption {
type = types.bool;
default = false;
- description = "Send announcement to all online users";
+ description = lib.mdDoc "Send announcement to all online users";
};
welcome = mkOption {
type = types.bool;
default = false;
- description = "Welcome users who register accounts";
+ description = lib.mdDoc "Welcome users who register accounts";
};
watchregistrations = mkOption {
type = types.bool;
default = false;
- description = "Alert admins of registrations";
+ description = lib.mdDoc "Alert admins of registrations";
};
motd = mkOption {
type = types.bool;
default = false;
- description = "Send a message to users when they log in";
+ description = lib.mdDoc "Send a message to users when they log in";
};
legacyauth = mkOption {
type = types.bool;
default = false;
- description = "Legacy authentication. Only used by some old clients and bots";
+ description = lib.mdDoc "Legacy authentication. Only used by some old clients and bots";
};
};
@@ -279,27 +279,27 @@ let
options = {
domain = mkOption {
type = types.str;
- description = "Domain name of the MUC";
+ description = lib.mdDoc "Domain name of the MUC";
};
name = mkOption {
type = types.str;
- description = "The name to return in service discovery responses for the MUC service itself";
+ description = lib.mdDoc "The name to return in service discovery responses for the MUC service itself";
default = "Prosody Chatrooms";
};
restrictRoomCreation = mkOption {
type = types.enum [ true false "admin" "local" ];
default = false;
- description = "Restrict room creation to server admins";
+ description = lib.mdDoc "Restrict room creation to server admins";
};
maxHistoryMessages = mkOption {
type = types.int;
default = 20;
- description = "Specifies a limit on what each room can be configured to keep";
+ description = lib.mdDoc "Specifies a limit on what each room can be configured to keep";
};
roomLocking = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enables room locking, which means that a room must be
configured before it can be used. Locked rooms are invisible
and cannot be entered by anyone but the creator
@@ -308,7 +308,7 @@ let
roomLockTimeout = mkOption {
type = types.int;
default = 300;
- description = ''
+ description = lib.mdDoc ''
Timout after which the room is destroyed or unlocked if not
configured, in seconds
'';
@@ -316,7 +316,7 @@ let
tombstones = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
When a room is destroyed, it leaves behind a tombstone which
prevents the room being entered or recreated. It also allows
anyone who was not in the room at the time it was destroyed
@@ -329,7 +329,7 @@ let
tombstoneExpiry = mkOption {
type = types.int;
default = 2678400;
- description = ''
+ description = lib.mdDoc ''
This settings controls how long a tombstone is considered
valid. It defaults to 31 days. After this time, the room in
question can be created again.
@@ -339,7 +339,7 @@ let
vcard_muc = mkOption {
type = types.bool;
default = true;
- description = "Adds the ability to set vCard for Multi User Chat rooms";
+ description = lib.mdDoc "Adds the ability to set vCard for Multi User Chat rooms";
};
# Extra parameters. Defaulting to prosody default values.
@@ -350,42 +350,42 @@ let
roomDefaultPublic = mkOption {
type = types.bool;
default = true;
- description = "If set, the MUC rooms will be public by default.";
+ description = lib.mdDoc "If set, the MUC rooms will be public by default.";
};
roomDefaultMembersOnly = mkOption {
type = types.bool;
default = false;
- description = "If set, the MUC rooms will only be accessible to the members by default.";
+ description = lib.mdDoc "If set, the MUC rooms will only be accessible to the members by default.";
};
roomDefaultModerated = mkOption {
type = types.bool;
default = false;
- description = "If set, the MUC rooms will be moderated by default.";
+ description = lib.mdDoc "If set, the MUC rooms will be moderated by default.";
};
roomDefaultPublicJids = mkOption {
type = types.bool;
default = false;
- description = "If set, the MUC rooms will display the public JIDs by default.";
+ description = lib.mdDoc "If set, the MUC rooms will display the public JIDs by default.";
};
roomDefaultChangeSubject = mkOption {
type = types.bool;
default = false;
- description = "If set, the rooms will display the public JIDs by default.";
+ description = lib.mdDoc "If set, the rooms will display the public JIDs by default.";
};
roomDefaultHistoryLength = mkOption {
type = types.int;
default = 20;
- description = "Number of history message sent to participants by default.";
+ description = lib.mdDoc "Number of history message sent to participants by default.";
};
roomDefaultLanguage = mkOption {
type = types.str;
default = "en";
- description = "Default room language.";
+ description = lib.mdDoc "Default room language.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Additional MUC specific configuration";
+ description = lib.mdDoc "Additional MUC specific configuration";
};
};
};
@@ -394,30 +394,30 @@ let
options = {
domain = mkOption {
type = types.nullOr types.str;
- description = "Domain name for the http-upload service";
+ description = lib.mdDoc "Domain name for the http-upload service";
};
uploadFileSizeLimit = mkOption {
type = types.str;
default = "50 * 1024 * 1024";
- description = "Maximum file size, in bytes. Defaults to 50MB.";
+ description = lib.mdDoc "Maximum file size, in bytes. Defaults to 50MB.";
};
uploadExpireAfter = mkOption {
type = types.str;
default = "60 * 60 * 24 * 7";
- description = "Max age of a file before it gets deleted, in seconds.";
+ description = lib.mdDoc "Max age of a file before it gets deleted, in seconds.";
};
userQuota = mkOption {
type = types.nullOr types.int;
default = null;
example = 1234;
- description = ''
+ description = lib.mdDoc ''
Maximum size of all uploaded files per user, in bytes. There
will be no quota if this option is set to null.
'';
};
httpUploadPath = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Directory where the uploaded files will be stored. By
default, uploaded files are put in a sub-directory of the
default Prosody storage path (usually /var/lib/prosody).
@@ -434,25 +434,25 @@ let
# TODO: require attribute
domain = mkOption {
type = types.str;
- description = "Domain name";
+ description = lib.mdDoc "Domain name";
};
enabled = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the virtual host";
+ description = lib.mdDoc "Whether to enable the virtual host";
};
ssl = mkOption {
type = types.nullOr (types.submodule sslOpts);
default = null;
- description = "Paths to SSL files";
+ description = lib.mdDoc "Paths to SSL files";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Additional virtual host specific configuration";
+ description = lib.mdDoc "Additional virtual host specific configuration";
};
};
@@ -472,13 +472,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the prosody server";
+ description = lib.mdDoc "Whether to enable the prosody server";
};
xmppComplianceSuite = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
The XEP-0423 defines a set of recommended XEPs to implement
for a server. It's generally a good idea to implement this
set of extensions if you want to provide your users with a
@@ -498,7 +498,7 @@ in
package = mkOption {
type = types.package;
- description = "Prosody package to use";
+ description = lib.mdDoc "Prosody package to use";
default = pkgs.prosody;
defaultText = literalExpression "pkgs.prosody";
example = literalExpression ''
@@ -512,7 +512,7 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/prosody";
- description = ''
+ description = lib.mdDoc ''
The prosody home directory used to store all data. If left as the default value
this directory will automatically be created before the prosody server starts, otherwise
you are responsible for ensuring the directory exists with appropriate ownership
@@ -523,7 +523,7 @@ in
disco_items = mkOption {
type = types.listOf (types.submodule discoOpts);
default = [];
- description = "List of discoverable items you want to advertise.";
+ description = lib.mdDoc "List of discoverable items you want to advertise.";
};
user = mkOption {
@@ -557,38 +557,38 @@ in
allowRegistration = mkOption {
type = types.bool;
default = false;
- description = "Allow account creation";
+ description = lib.mdDoc "Allow account creation";
};
# HTTP server-related options
httpPorts = mkOption {
type = types.listOf types.int;
- description = "Listening HTTP ports list for this service.";
+ description = lib.mdDoc "Listening HTTP ports list for this service.";
default = [ 5280 ];
};
httpInterfaces = mkOption {
type = types.listOf types.str;
default = [ "*" "::" ];
- description = "Interfaces on which the HTTP server will listen on.";
+ description = lib.mdDoc "Interfaces on which the HTTP server will listen on.";
};
httpsPorts = mkOption {
type = types.listOf types.int;
- description = "Listening HTTPS ports list for this service.";
+ description = lib.mdDoc "Listening HTTPS ports list for this service.";
default = [ 5281 ];
};
httpsInterfaces = mkOption {
type = types.listOf types.str;
default = [ "*" "::" ];
- description = "Interfaces on which the HTTPS server will listen on.";
+ description = lib.mdDoc "Interfaces on which the HTTPS server will listen on.";
};
c2sRequireEncryption = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Force clients to use encrypted connections? This option will
prevent clients from authenticating unless they are using encryption.
'';
@@ -597,7 +597,7 @@ in
s2sRequireEncryption = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Force servers to use encrypted connections? This option will
prevent servers from authenticating unless they are using encryption.
Note that this is different from authentication.
@@ -607,7 +607,7 @@ in
s2sSecureAuth = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Force certificate authentication for server-to-server connections?
This provides ideal security, but requires servers you communicate
with to support encryption AND present valid, trusted certificates.
@@ -619,7 +619,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "insecure.example.com" ];
- description = ''
+ description = lib.mdDoc ''
Some servers have invalid or self-signed certificates. You can list
remote domains here that will not be required to authenticate using
certificates. They will be authenticated using DNS instead, even
@@ -631,7 +631,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "jabber.org" ];
- description = ''
+ description = lib.mdDoc ''
Even if you leave s2s_secure_auth disabled, you can still require valid
certificates for some domains by specifying a list here.
'';
@@ -643,17 +643,17 @@ in
extraModules = mkOption {
type = types.listOf types.str;
default = [];
- description = "Enable custom modules";
+ description = lib.mdDoc "Enable custom modules";
};
extraPluginPaths = mkOption {
type = types.listOf types.path;
default = [];
- description = "Addtional path in which to look find plugins/modules";
+ description = lib.mdDoc "Addtional path in which to look find plugins/modules";
};
uploadHttp = mkOption {
- description = ''
+ description = lib.mdDoc ''
Configures the Prosody builtin HTTP server to handle user uploads.
'';
type = types.nullOr (types.submodule uploadHttpOpts);
@@ -669,12 +669,12 @@ in
example = [ {
domain = "conference.my-xmpp-example-host.org";
} ];
- description = "Multi User Chat (MUC) configuration";
+ description = lib.mdDoc "Multi User Chat (MUC) configuration";
};
virtualHosts = mkOption {
- description = "Define the virtual hosts";
+ description = lib.mdDoc "Define the virtual hosts";
type = with types; attrsOf (submodule vHostOpts);
@@ -697,27 +697,27 @@ in
ssl = mkOption {
type = types.nullOr (types.submodule sslOpts);
default = null;
- description = "Paths to SSL files";
+ description = lib.mdDoc "Paths to SSL files";
};
admins = mkOption {
type = types.listOf types.str;
default = [];
example = [ "admin1@example.com" "admin2@example.com" ];
- description = "List of administrators of the current host";
+ description = lib.mdDoc "List of administrators of the current host";
};
authentication = mkOption {
type = types.enum [ "internal_plain" "internal_hashed" "cyrus" "anonymous" ];
default = "internal_hashed";
example = "internal_plain";
- description = "Authentication mechanism used for logins.";
+ description = lib.mdDoc "Authentication mechanism used for logins.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Additional prosody configuration";
+ description = lib.mdDoc "Additional prosody configuration";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quassel.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quassel.nix
index 844c9a6b8b3..a4b203ea001 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quassel.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quassel.nix
@@ -22,7 +22,7 @@ in
certificateFile = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the certificate used for SSL connections with clients.
'';
};
@@ -30,7 +30,7 @@ in
requireSSL = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Require SSL for connections from clients.
'';
};
@@ -39,7 +39,7 @@ in
type = types.package;
default = pkgs.quasselDaemon;
defaultText = literalExpression "pkgs.quasselDaemon";
- description = ''
+ description = lib.mdDoc ''
The package of the quassel daemon.
'';
};
@@ -57,7 +57,7 @@ in
portNumber = mkOption {
type = types.port;
default = 4242;
- description = ''
+ description = lib.mdDoc ''
The port number the Quassel daemon will be listening to.
'';
};
@@ -68,7 +68,7 @@ in
"/home/''${config.${opt.user}}/.config/quassel-irc.org"
'';
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The directory holding configuration files, the SQlite database and the SSL Cert.
'';
};
@@ -76,7 +76,7 @@ in
user = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The existing user the Quassel daemon should run as. If left empty, a default "quassel" user will be created.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quicktun.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quicktun.nix
index 438e67d5ebb..e2282b9aaf7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quicktun.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quicktun.nix
@@ -13,7 +13,7 @@ with lib;
services.quicktun = mkOption {
default = { };
- description = "QuickTun tunnels";
+ description = lib.mdDoc "QuickTun tunnels";
type = types.attrsOf (types.submodule {
options = {
tunMode = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quorum.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quorum.nix
index bddcd18c7fb..67027ae3f85 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quorum.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/quorum.nix
@@ -18,82 +18,82 @@ in {
user = mkOption {
type = types.str;
default = "quorum";
- description = "The user as which to run quorum.";
+ description = lib.mdDoc "The user as which to run quorum.";
};
group = mkOption {
type = types.str;
default = cfg.user;
defaultText = literalExpression "config.${opt.user}";
- description = "The group as which to run quorum.";
+ description = lib.mdDoc "The group as which to run quorum.";
};
port = mkOption {
type = types.port;
default = 21000;
- description = "Override the default port on which to listen for connections.";
+ description = lib.mdDoc "Override the default port on which to listen for connections.";
};
nodekeyFile = mkOption {
type = types.path;
default = "${dataDir}/nodekey";
- description = "Path to the nodekey.";
+ description = lib.mdDoc "Path to the nodekey.";
};
staticNodes = mkOption {
type = types.listOf types.str;
default = [];
example = [ "enode://dd333ec28f0a8910c92eb4d336461eea1c20803eed9cf2c056557f986e720f8e693605bba2f4e8f289b1162e5ac7c80c914c7178130711e393ca76abc1d92f57@0.0.0.0:30303?discport=0" ];
- description = "List of validator nodes.";
+ description = lib.mdDoc "List of validator nodes.";
};
privateconfig = mkOption {
type = types.str;
default = "ignore";
- description = "Configuration of privacy transaction manager.";
+ description = lib.mdDoc "Configuration of privacy transaction manager.";
};
syncmode = mkOption {
type = types.enum [ "fast" "full" "light" ];
default = "full";
- description = "Blockchain sync mode.";
+ description = lib.mdDoc "Blockchain sync mode.";
};
blockperiod = mkOption {
type = types.int;
default = 5;
- description = "Default minimum difference between two consecutive block's timestamps in seconds.";
+ description = lib.mdDoc "Default minimum difference between two consecutive block's timestamps in seconds.";
};
permissioned = mkOption {
type = types.bool;
default = true;
- description = "Allow only a defined list of nodes to connect.";
+ description = lib.mdDoc "Allow only a defined list of nodes to connect.";
};
rpc = {
enable = mkOption {
type = types.bool;
default = true;
- description = "Enable RPC interface.";
+ description = lib.mdDoc "Enable RPC interface.";
};
address = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "Listening address for RPC connections.";
+ description = lib.mdDoc "Listening address for RPC connections.";
};
port = mkOption {
type = types.port;
default = 22004;
- description = "Override the default port on which to listen for RPC connections.";
+ description = lib.mdDoc "Override the default port on which to listen for RPC connections.";
};
api = mkOption {
type = types.str;
default = "admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul";
- description = "API's offered over the HTTP-RPC interface.";
+ description = lib.mdDoc "API's offered over the HTTP-RPC interface.";
};
};
@@ -101,31 +101,31 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = "Enable WS-RPC interface.";
+ description = lib.mdDoc "Enable WS-RPC interface.";
};
address = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "Listening address for WS-RPC connections.";
+ description = lib.mdDoc "Listening address for WS-RPC connections.";
};
port = mkOption {
type = types.port;
default = 8546;
- description = "Override the default port on which to listen for WS-RPC connections.";
+ description = lib.mdDoc "Override the default port on which to listen for WS-RPC connections.";
};
api = mkOption {
type = types.str;
default = "admin,db,eth,debug,miner,net,shh,txpool,personal,web3,quorum,istanbul";
- description = "API's offered over the WS-RPC interface.";
+ description = lib.mdDoc "API's offered over the WS-RPC interface.";
};
origins = mkOption {
type = types.str;
default = "*";
- description = "Origins from which to accept websockets requests";
+ description = lib.mdDoc "Origins from which to accept websockets requests";
};
};
@@ -160,7 +160,7 @@ in {
parentHash = "0x0000000000000000000000000000000000000000000000000000000000000000";
timestamp = "0x00";
}'';
- description = "Blockchain genesis settings.";
+ description = lib.mdDoc "Blockchain genesis settings.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/r53-ddns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/r53-ddns.nix
index a8839762d53..77738c75531 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/r53-ddns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/r53-ddns.nix
@@ -15,22 +15,22 @@ in
interval = mkOption {
type = types.str;
default = "15min";
- description = "How often to update the entry";
+ description = lib.mdDoc "How often to update the entry";
};
zoneID = mkOption {
type = types.str;
- description = "The ID of your zone in Route53";
+ description = lib.mdDoc "The ID of your zone in Route53";
};
domain = mkOption {
type = types.str;
- description = "The name of your domain in Route53";
+ description = lib.mdDoc "The name of your domain in Route53";
};
hostname = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Manually specify the hostname. Otherwise the tool will try to use the name
returned by the OS (Call to gethostname)
'';
@@ -38,7 +38,7 @@ in
environmentFile = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
File containing the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
in the format of an EnvironmentFile as described by systemd.exec(5)
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/radicale.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/radicale.nix
index 227bafc1d0e..687cf206e14 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/radicale.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/radicale.nix
@@ -28,7 +28,7 @@ in {
enable = mkEnableOption "Radicale CalDAV and CardDAV server";
package = mkOption {
- description = "Radicale package to use.";
+ description = lib.mdDoc "Radicale package to use.";
# Default cannot be pkgs.radicale because non-null values suppress
# warnings about incompatible configuration and storage formats.
type = with types; nullOr package // { inherit (package) description; };
@@ -39,21 +39,21 @@ in {
config = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Radicale configuration, this will set the service
configuration file.
- This option is mutually exclusive with .
- This option is deprecated. Use instead.
+ This option is mutually exclusive with {option}`settings`.
+ This option is deprecated. Use {option}`settings` instead.
'';
};
settings = mkOption {
type = format.type;
default = { };
- description = ''
+ description = lib.mdDoc ''
Configuration for Radicale. See
- .
- This option is mutually exclusive with .
+ .
+ This option is mutually exclusive with {option}`config`.
'';
example = literalExpression ''
server = {
@@ -72,12 +72,12 @@ in {
rights = mkOption {
type = format.type;
- description = ''
+ description = lib.mdDoc ''
Configuration for Radicale's rights file. See
- .
- This option only works in conjunction with .
- Setting this will also set and
- to approriate values.
+ .
+ This option only works in conjunction with {option}`settings`.
+ Setting this will also set {option}`settings.rights.type` and
+ {option}`settings.rights.file` to approriate values.
'';
default = { };
example = literalExpression ''
@@ -102,7 +102,7 @@ in {
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
- description = "Extra arguments passed to the Radicale daemon.";
+ description = lib.mdDoc "Extra arguments passed to the Radicale daemon.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/radvd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/radvd.nix
index 6e8db55bbf0..72590eda4ee 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/radvd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/radvd.nix
@@ -16,15 +16,15 @@ in
###### interface
- options = {
+ options.services.radvd = {
- services.radvd.enable = mkOption {
+ enable = mkOption {
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to enable the Router Advertisement Daemon
- (radvd), which provides link-local
+ ({command}`radvd`), which provides link-local
advertisements of IPv6 router addresses and prefixes using
the Neighbor Discovery Protocol (NDP). This enables
stateless address autoconfiguration in IPv6 clients on the
@@ -32,7 +32,16 @@ in
'';
};
- services.radvd.config = mkOption {
+ package = mkOption {
+ type = types.package;
+ default = pkgs.radvd;
+ defaultText = literalExpression "pkgs.radvd";
+ description = lib.mdDoc ''
+ The RADVD package to use for the RADVD service.
+ '';
+ };
+
+ config = mkOption {
type = types.lines;
example =
''
@@ -42,7 +51,7 @@ in
};
'';
description =
- ''
+ lib.mdDoc ''
The contents of the radvd configuration file.
'';
};
@@ -67,7 +76,7 @@ in
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig =
- { ExecStart = "@${pkgs.radvd}/bin/radvd radvd -n -u radvd -C ${confFile}";
+ { ExecStart = "@${cfg.package}/bin/radvd radvd -n -u radvd -C ${confFile}";
Restart = "always";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/rdnssd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/rdnssd.nix
index fd04bb8108f..c63356e7346 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/rdnssd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/rdnssd.nix
@@ -21,10 +21,10 @@ in
default = false;
#default = config.networking.enableIPv6;
description =
- ''
+ lib.mdDoc ''
Whether to enable the RDNSS daemon
- (rdnssd), which configures DNS servers in
- /etc/resolv.conf from RDNSS
+ ({command}`rdnssd`), which configures DNS servers in
+ {file}`/etc/resolv.conf` from RDNSS
advertisements sent by IPv6 routers.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/redsocks.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/redsocks.nix
index 8481f9debf3..5aa9f003bad 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/redsocks.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/redsocks.nix
@@ -11,19 +11,19 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable redsocks.";
+ description = lib.mdDoc "Whether to enable redsocks.";
};
log_debug = mkOption {
type = types.bool;
default = false;
- description = "Log connection progress.";
+ description = lib.mdDoc "Log connection progress.";
};
log_info = mkOption {
type = types.bool;
default = false;
- description = "Log start and end of client sessions.";
+ description = lib.mdDoc "Log start and end of client sessions.";
};
log = mkOption {
@@ -45,7 +45,7 @@ in
type = with types; nullOr str;
default = null;
description =
- ''
+ lib.mdDoc ''
Chroot under which to run redsocks. Log file is opened before
chroot, but if logging to syslog /etc/localtime may be required.
'';
@@ -53,7 +53,7 @@ in
redsocks = mkOption {
description =
- ''
+ lib.mdDoc ''
Local port to proxy associations to be performed.
The example shows how to configure a proxy to handle port 80 as HTTP
@@ -74,7 +74,7 @@ in
type = types.str;
default = "127.0.0.1";
description =
- ''
+ lib.mdDoc ''
IP on which redsocks should listen. Defaults to 127.0.0.1 for
security reasons.
'';
@@ -83,13 +83,13 @@ in
port = mkOption {
type = types.int;
default = 12345;
- description = "Port on which redsocks should listen.";
+ description = lib.mdDoc "Port on which redsocks should listen.";
};
proxy = mkOption {
type = types.str;
description =
- ''
+ lib.mdDoc ''
Proxy through which redsocks should forward incoming traffic.
Example: "example.org:8080"
'';
@@ -97,20 +97,20 @@ in
type = mkOption {
type = types.enum [ "socks4" "socks5" "http-connect" "http-relay" ];
- description = "Type of proxy.";
+ description = lib.mdDoc "Type of proxy.";
};
login = mkOption {
type = with types; nullOr str;
default = null;
- description = "Login to send to proxy.";
+ description = lib.mdDoc "Login to send to proxy.";
};
password = mkOption {
type = with types; nullOr str;
default = null;
description =
- ''
+ lib.mdDoc ''
Password to send to proxy. WARNING, this will end up
world-readable in the store! Awaiting
https://github.com/NixOS/nix/issues/8 to be able to fix.
@@ -135,14 +135,14 @@ in
redirectInternetOnly = mkOption {
type = types.bool;
default = true;
- description = "Exclude all non-globally-routable IPs from redsocks";
+ description = lib.mdDoc "Exclude all non-globally-routable IPs from redsocks";
};
doNotRedirect = mkOption {
type = with types; listOf str;
default = [];
description =
- ''
+ lib.mdDoc ''
Iptables filters that if matched will get the packet off of
redsocks.
'';
@@ -153,7 +153,7 @@ in
type = with types; either bool str;
default = false;
description =
- ''
+ lib.mdDoc ''
Conditions to make outbound packets go through this redsocks
instance.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/resilio.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/resilio.nix
index 89127850641..05798a2c83e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/resilio.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/resilio.nix
@@ -47,7 +47,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If enabled, start the Resilio Sync daemon. Once enabled, you can
interact with the service through the Web UI, or configure it in your
NixOS configuration.
@@ -59,7 +59,7 @@ in
example = "Voltron";
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
- description = ''
+ description = lib.mdDoc ''
Name of the Resilio Sync device.
'';
};
@@ -68,7 +68,7 @@ in
type = types.int;
default = 0;
example = 44444;
- description = ''
+ description = lib.mdDoc ''
Listening port. Defaults to 0 which randomizes the port.
'';
};
@@ -76,7 +76,7 @@ in
checkForUpdates = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Determines whether to check for updates and alert the user
about them in the UI.
'';
@@ -85,7 +85,7 @@ in
useUpnp = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Use Universal Plug-n-Play (UPnP)
'';
};
@@ -94,7 +94,7 @@ in
type = types.int;
default = 0;
example = 1024;
- description = ''
+ description = lib.mdDoc ''
Download speed limit. 0 is unlimited (default).
'';
};
@@ -103,7 +103,7 @@ in
type = types.int;
default = 0;
example = 1024;
- description = ''
+ description = lib.mdDoc ''
Upload speed limit. 0 is unlimited (default).
'';
};
@@ -112,7 +112,7 @@ in
type = types.str;
default = "[::1]";
example = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
HTTP address to bind to.
'';
};
@@ -120,7 +120,7 @@ in
httpListenPort = mkOption {
type = types.int;
default = 9000;
- description = ''
+ description = lib.mdDoc ''
HTTP port to bind on.
'';
};
@@ -129,7 +129,7 @@ in
type = types.str;
example = "allyourbase";
default = "";
- description = ''
+ description = lib.mdDoc ''
HTTP web login username.
'';
};
@@ -138,7 +138,7 @@ in
type = types.str;
example = "arebelongtous";
default = "";
- description = ''
+ description = lib.mdDoc ''
HTTP web login password.
'';
};
@@ -146,23 +146,23 @@ in
encryptLAN = mkOption {
type = types.bool;
default = true;
- description = "Encrypt LAN data.";
+ description = lib.mdDoc "Encrypt LAN data.";
};
enableWebUI = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Web UI for administration. Bound to the specified
- httpListenAddress and
- httpListenPort.
+ `httpListenAddress` and
+ `httpListenPort`.
'';
};
storagePath = mkOption {
type = types.path;
default = "/var/lib/resilio-sync/";
- description = ''
+ description = lib.mdDoc ''
Where BitTorrent Sync will store it's database files (containing
things like username info and licenses). Generally, you should not
need to ever change this.
@@ -172,14 +172,14 @@ in
apiKey = mkOption {
type = types.str;
default = "";
- description = "API key, which enables the developer API.";
+ description = lib.mdDoc "API key, which enables the developer API.";
};
directoryRoot = mkOption {
type = types.str;
default = "";
example = "/media";
- description = "Default directory to add folders in the web UI.";
+ description = lib.mdDoc "Default directory to add folders in the web UI.";
};
sharedFolders = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/robustirc-bridge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/robustirc-bridge.nix
index 255af79ec04..c5afbaf8ea1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/robustirc-bridge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/robustirc-bridge.nix
@@ -13,7 +13,7 @@ in
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
- description = ''Extra flags passed to the robustirc-bridge command. See RobustIRC Documentation or robustirc-bridge(1) for details.'';
+ description = lib.mdDoc ''Extra flags passed to the {command}`robustirc-bridge` command. See [RobustIRC Documentation](https://robustirc.net/docs/adminguide.html#_bridge) or robustirc-bridge(1) for details.'';
example = [
"-network robustirc.net"
];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/routedns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/routedns.nix
index e0f5eedd2c8..6f3d769e864 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/routedns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/routedns.nix
@@ -38,8 +38,8 @@ in
};
}
'';
- description = ''
- Configuration for RouteDNS, see
+ description = lib.mdDoc ''
+ Configuration for RouteDNS, see
for more information.
'';
};
@@ -49,14 +49,14 @@ in
defaultText = "A RouteDNS configuration file automatically generated by values from services.routedns.*";
type = types.path;
example = literalExpression ''"''${pkgs.routedns}/cmd/routedns/example-config/use-case-1.toml"'';
- description = "Path to RouteDNS TOML configuration file.";
+ description = lib.mdDoc "Path to RouteDNS TOML configuration file.";
};
package = mkOption {
default = pkgs.routedns;
defaultText = literalExpression "pkgs.routedns";
type = types.package;
- description = "RouteDNS package to use.";
+ description = lib.mdDoc "RouteDNS package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sabnzbd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sabnzbd.nix
index 54eeba1a9ec..18e1d9f48b2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sabnzbd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sabnzbd.nix
@@ -21,25 +21,25 @@ in
type = types.package;
default = pkgs.sabnzbd;
defaultText = "pkgs.sabnzbd";
- description = "The sabnzbd executable package run by the service.";
+ description = lib.mdDoc "The sabnzbd executable package run by the service.";
};
configFile = mkOption {
type = types.path;
default = "/var/lib/sabnzbd/sabnzbd.ini";
- description = "Path to config file.";
+ description = lib.mdDoc "Path to config file.";
};
user = mkOption {
default = "sabnzbd";
type = types.str;
- description = "User to run the service as";
+ description = lib.mdDoc "User to run the service as";
};
group = mkOption {
type = types.str;
default = "sabnzbd";
- description = "Group to run the service as";
+ description = lib.mdDoc "Group to run the service as";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/seafile.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/seafile.nix
index 2839ffb60a1..7cda71458dd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/seafile.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/seafile.nix
@@ -19,6 +19,8 @@ let
MEDIA_ROOT = '${seahubDir}/media/'
THUMBNAIL_ROOT = '${seahubDir}/thumbnail/'
+ SERVICE_URL = '${cfg.ccnetSettings.General.SERVICE_URL}'
+
with open('${seafRoot}/.seahubSecret') as f:
SECRET_KEY = f.readline().rstrip()
@@ -46,7 +48,7 @@ in {
SERVICE_URL = mkOption {
type = types.str;
example = "https://www.example.com";
- description = ''
+ description = lib.mdDoc ''
Seahub public URL.
'';
};
@@ -54,9 +56,9 @@ in {
};
};
default = { };
- description = ''
+ description = lib.mdDoc ''
Configuration for ccnet, see
-
+
for supported values.
'';
};
@@ -70,7 +72,7 @@ in {
port = mkOption {
type = types.port;
default = 8082;
- description = ''
+ description = lib.mdDoc ''
The tcp port used by seafile fileserver.
'';
};
@@ -78,7 +80,7 @@ in {
type = types.str;
default = "127.0.0.1";
example = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
The binding address used by seafile fileserver.
'';
};
@@ -86,9 +88,9 @@ in {
};
};
default = { };
- description = ''
+ description = lib.mdDoc ''
Configuration for seafile-server, see
-
+
for supported values.
'';
};
@@ -97,7 +99,7 @@ in {
type = types.int;
default = 4;
example = 10;
- description = ''
+ description = lib.mdDoc ''
The number of gunicorn worker processes for handling requests.
'';
};
@@ -105,7 +107,7 @@ in {
adminEmail = mkOption {
example = "john@example.com";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Seafile Seahub Admin Account Email.
'';
};
@@ -113,7 +115,7 @@ in {
initialAdminPassword = mkOption {
example = "someStrongPass";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Seafile Seahub Admin Account initial password.
Should be change via Seahub web front-end.
'';
@@ -121,7 +123,7 @@ in {
seafilePackage = mkOption {
type = types.package;
- description = "Which package to use for the seafile server.";
+ description = lib.mdDoc "Which package to use for the seafile server.";
default = pkgs.seafile-server;
defaultText = literalExpression "pkgs.seafile-server";
};
@@ -177,6 +179,7 @@ in {
after = [ "network.target" ];
wantedBy = [ "seafile.target" ];
restartTriggers = [ ccnetConf seafileConf ];
+ path = [ pkgs.sqlite ];
serviceConfig = securityOptions // {
User = "seafile";
Group = "seafile";
@@ -200,11 +203,11 @@ in {
if [ ! -f "${seafRoot}/server-setup" ]; then
mkdir -p ${dataDir}/library-template
mkdir -p ${ccnetDir}/{GroupMgr,misc,OrgMgr,PeerMgr}
- ${pkgs.sqlite}/bin/sqlite3 ${ccnetDir}/GroupMgr/groupmgr.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/groupmgr.sql"
- ${pkgs.sqlite}/bin/sqlite3 ${ccnetDir}/misc/config.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/config.sql"
- ${pkgs.sqlite}/bin/sqlite3 ${ccnetDir}/OrgMgr/orgmgr.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/org.sql"
- ${pkgs.sqlite}/bin/sqlite3 ${ccnetDir}/PeerMgr/usermgr.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/user.sql"
- ${pkgs.sqlite}/bin/sqlite3 ${dataDir}/seafile.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/seafile.sql"
+ sqlite3 ${ccnetDir}/GroupMgr/groupmgr.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/groupmgr.sql"
+ sqlite3 ${ccnetDir}/misc/config.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/config.sql"
+ sqlite3 ${ccnetDir}/OrgMgr/orgmgr.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/org.sql"
+ sqlite3 ${ccnetDir}/PeerMgr/usermgr.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/user.sql"
+ sqlite3 ${dataDir}/seafile.db ".read ${cfg.seafilePackage}/share/seafile/sql/sqlite/seafile.sql"
echo "${cfg.seafilePackage.version}-sqlite" > "${seafRoot}"/server-setup
fi
# checking for upgrades and handling them
@@ -213,7 +216,14 @@ in {
installedMinor=$(cat "${seafRoot}/server-setup" | cut -d"-" -f1 | cut -d"." -f2)
pkgMajor=$(echo "${cfg.seafilePackage.version}" | cut -d"." -f1)
pkgMinor=$(echo "${cfg.seafilePackage.version}" | cut -d"." -f2)
- if [ $installedMajor != $pkgMajor ] || [ $installedMinor != $pkgMinor ]; then
+
+ if [[ $installedMajor == $pkgMajor && $installedMinor == $pkgMinor ]]; then
+ :
+ elif [[ $installedMajor == 8 && $installedMinor == 0 && $pkgMajor == 9 && $pkgMinor == 0 ]]; then
+ # Upgrade from 8.0 to 9.0
+ sqlite3 ${dataDir}/seafile.db ".read ${pkgs.seahub}/scripts/upgrade/sql/9.0.0/sqlite3/seafile.sql"
+ echo "${cfg.seafilePackage.version}-sqlite" > "${seafRoot}"/server-setup
+ else
echo "Unsupported upgrade" >&2
exit 1
fi
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/searx.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/searx.nix
index b73f255eb9d..238479864f8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/searx.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/searx.nix
@@ -51,14 +51,14 @@ in
type = types.bool;
default = false;
relatedPackages = [ "searx" ];
- description = "Whether to enable Searx, the meta search engine.";
+ description = lib.mdDoc "Whether to enable Searx, the meta search engine.";
};
environmentFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
- Environment file (see systemd.exec(5)
+ description = lib.mdDoc ''
+ Environment file (see `systemd.exec(5)`
"EnvironmentFile=" section for the syntax) to define variables for
Searx. This option can be used to safely include secret keys into the
Searx configuration.
@@ -117,7 +117,7 @@ in
type = types.package;
default = pkgs.searx;
defaultText = literalExpression "pkgs.searx";
- description = "searx package to use.";
+ description = lib.mdDoc "searx package to use.";
};
runInUwsgi = mkOption {
@@ -143,9 +143,10 @@ in
disable-logging = true;
http = ":8080"; # serve via HTTP...
socket = "/run/searx/searx.sock"; # ...or UNIX socket
+ chmod-socket = "660"; # allow the searx group to read/write to the socket
}
'';
- description = ''
+ description = lib.mdDoc ''
Additional configuration of the uWSGI vassal running searx. It
should notably specify on which interfaces and ports the vassal
should listen.
@@ -220,7 +221,12 @@ in
lazy-apps = true;
enable-threads = true;
module = "searx.webapp";
- env = [ "SEARX_SETTINGS_PATH=${cfg.settingsFile}" ];
+ env = [
+ "SEARX_SETTINGS_PATH=${cfg.settingsFile}"
+ # searxng compatiblity https://github.com/searxng/searxng/issues/1519
+ "SEARXNG_SETTINGS_PATH=${cfg.settingsFile}"
+ ];
+ buffer-size = 32768;
pythonPackages = self: [ cfg.package ];
} // cfg.uwsgiConfig;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shadowsocks.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shadowsocks.nix
index 7bea269a9ed..8eee40711a6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shadowsocks.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shadowsocks.nix
@@ -34,7 +34,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run shadowsocks-libev shadowsocks server.
'';
};
@@ -42,7 +42,7 @@ in
localAddress = mkOption {
type = types.coercedTo types.str singleton (types.listOf types.str);
default = [ "[::0]" "0.0.0.0" ];
- description = ''
+ description = lib.mdDoc ''
Local addresses to which the server binds.
'';
};
@@ -50,7 +50,7 @@ in
port = mkOption {
type = types.int;
default = 8388;
- description = ''
+ description = lib.mdDoc ''
Port which the server uses.
'';
};
@@ -58,7 +58,7 @@ in
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Password for connecting clients.
'';
};
@@ -66,7 +66,7 @@ in
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Password file with a password for connecting clients.
'';
};
@@ -74,7 +74,7 @@ in
mode = mkOption {
type = types.enum [ "tcp_only" "tcp_and_udp" "udp_only" ];
default = "tcp_and_udp";
- description = ''
+ description = lib.mdDoc ''
Relay protocols.
'';
};
@@ -82,7 +82,7 @@ in
fastOpen = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
use TCP fast-open
'';
};
@@ -90,8 +90,8 @@ in
encryptionMethod = mkOption {
type = types.str;
default = "chacha20-ietf-poly1305";
- description = ''
- Encryption method. See .
+ description = lib.mdDoc ''
+ Encryption method. See .
'';
};
@@ -99,7 +99,7 @@ in
type = types.nullOr types.str;
default = null;
example = literalExpression ''"''${pkgs.shadowsocks-v2ray-plugin}/bin/v2ray-plugin"'';
- description = ''
+ description = lib.mdDoc ''
SIP003 plugin for shadowsocks
'';
};
@@ -108,7 +108,7 @@ in
type = types.str;
default = "";
example = "server;host=example.com";
- description = ''
+ description = lib.mdDoc ''
Options to pass to the plugin if one was specified
'';
};
@@ -119,13 +119,13 @@ in
example = {
nameserver = "8.8.8.8";
};
- description = ''
+ description = lib.mdDoc ''
Additional configuration for shadowsocks that is not covered by the
provided options. The provided attrset will be serialized to JSON and
has to contain valid shadowsocks options. Unfortunately most
additional options are undocumented but it's easy to find out what is
available by looking into the source code of
-
+
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shairport-sync.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shairport-sync.nix
index eb61663e4d9..75684eea3ad 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shairport-sync.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shairport-sync.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the shairport-sync daemon.
Running with a local system-wide or remote pulseaudio server
@@ -30,7 +30,7 @@ in
arguments = mkOption {
type = types.str;
default = "-v -o pa";
- description = ''
+ description = lib.mdDoc ''
Arguments to pass to the daemon. Defaults to a local pulseaudio
server.
'';
@@ -39,7 +39,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically open ports in the firewall.
'';
};
@@ -47,7 +47,7 @@ in
user = mkOption {
type = types.str;
default = "shairport";
- description = ''
+ description = lib.mdDoc ''
User account name under which to run shairport-sync. The account
will be created.
'';
@@ -56,7 +56,7 @@ in
group = mkOption {
type = types.str;
default = "shairport";
- description = ''
+ description = lib.mdDoc ''
Group account name under which to run shairport-sync. The account
will be created.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shellhub-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shellhub-agent.nix
index 57825945d9f..c13f183d4fe 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shellhub-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shellhub-agent.nix
@@ -19,7 +19,7 @@ in
preferredHostname = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Set the device preferred hostname. This provides a hint to
the server to use this as hostname if it is available.
'';
@@ -28,7 +28,7 @@ in
keepAliveInterval = mkOption {
type = types.int;
default = 30;
- description = ''
+ description = lib.mdDoc ''
Determine the interval to send the keep alive message to
the server. This has a direct impact of the bandwidth
used by the device.
@@ -38,7 +38,7 @@ in
tenantId = mkOption {
type = types.str;
example = "ba0a880c-2ada-11eb-a35e-17266ef329d6";
- description = ''
+ description = lib.mdDoc ''
The tenant ID to use when connecting to the ShellHub
Gateway.
'';
@@ -47,7 +47,7 @@ in
server = mkOption {
type = types.str;
default = "https://cloud.shellhub.io";
- description = ''
+ description = lib.mdDoc ''
Server address of ShellHub Gateway to connect.
'';
};
@@ -55,7 +55,7 @@ in
privateKey = mkOption {
type = types.path;
default = "/var/lib/shellhub-agent/private.key";
- description = ''
+ description = lib.mdDoc ''
Location where to store the ShellHub Agent private
key.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shorewall.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shorewall.nix
index ac732d4b12e..795295d1628 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shorewall.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shorewall.nix
@@ -23,12 +23,12 @@ in {
type = types.package;
default = pkgs.shorewall;
defaultText = lib.literalExpression "pkgs.shorewall";
- description = "The shorewall package to use.";
+ description = lib.mdDoc "The shorewall package to use.";
};
configs = lib.mkOption {
type = types.attrsOf types.lines;
default = {};
- description = ''
+ description = lib.mdDoc ''
This option defines the Shorewall configs.
The attribute name defines the name of the config,
and the attribute value defines the content of the config.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shorewall6.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shorewall6.nix
index 4235c74a3f8..1d6d84eb89b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shorewall6.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shorewall6.nix
@@ -23,12 +23,12 @@ in {
type = types.package;
default = pkgs.shorewall;
defaultText = lib.literalExpression "pkgs.shorewall";
- description = "The shorewall package to use.";
+ description = lib.mdDoc "The shorewall package to use.";
};
configs = lib.mkOption {
type = types.attrsOf types.lines;
default = {};
- description = ''
+ description = lib.mdDoc ''
This option defines the Shorewall configs.
The attribute name defines the name of the config,
and the attribute value defines the content of the config.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shout.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shout.nix
index cca03a8f88a..1ef21ad5bf8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shout.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/shout.nix
@@ -28,32 +28,32 @@ in {
private = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Make your shout instance private. You will need to configure user
- accounts by adding entries in ${shoutHome}/users.
+ accounts by adding entries in {file}`${shoutHome}/users`.
'';
};
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "IP interface to listen on for http connections.";
+ description = lib.mdDoc "IP interface to listen on for http connections.";
};
port = mkOption {
type = types.port;
default = 9000;
- description = "TCP port to listen on for http connections.";
+ description = lib.mdDoc "TCP port to listen on for http connections.";
};
configFile = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
- Contents of Shout's config.js file.
+ description = lib.mdDoc ''
+ Contents of Shout's {file}`config.js` file.
Used for backward compatibility, recommended way is now to use
- the config option.
+ the `config` option.
Documentation: http://shout-irc.com/docs/server/configuration.html
'';
@@ -70,8 +70,8 @@ in {
port = 6697;
};
};
- description = ''
- Shout config.js contents as attribute set (will be
+ description = lib.mdDoc ''
+ Shout {file}`config.js` contents as attribute set (will be
converted to JSON to generate the configuration file).
The options defined here will be merged to the default configuration file.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/skydns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/skydns.nix
index dea60a3862a..f73a8718841 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/skydns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/skydns.nix
@@ -13,45 +13,45 @@ in {
machines = mkOption {
default = [ "http://127.0.0.1:2379" ];
type = types.listOf types.str;
- description = "Skydns list of etcd endpoints to connect to.";
+ description = lib.mdDoc "Skydns list of etcd endpoints to connect to.";
};
tlsKey = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Skydns path of TLS client certificate - private key.";
+ description = lib.mdDoc "Skydns path of TLS client certificate - private key.";
};
tlsPem = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Skydns path of TLS client certificate - public key.";
+ description = lib.mdDoc "Skydns path of TLS client certificate - public key.";
};
caCert = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Skydns path of TLS certificate authority public key.";
+ description = lib.mdDoc "Skydns path of TLS certificate authority public key.";
};
};
address = mkOption {
default = "0.0.0.0:53";
type = types.str;
- description = "Skydns address to bind to.";
+ description = lib.mdDoc "Skydns address to bind to.";
};
domain = mkOption {
default = "skydns.local.";
type = types.str;
- description = "Skydns default domain if not specified by etcd config.";
+ description = lib.mdDoc "Skydns default domain if not specified by etcd config.";
};
nameservers = mkOption {
default = map (n: n + ":53") config.networking.nameservers;
defaultText = literalExpression ''map (n: n + ":53") config.networking.nameservers'';
type = types.listOf types.str;
- description = "Skydns list of nameservers to forward DNS requests to when not authoritative for a domain.";
+ description = lib.mdDoc "Skydns list of nameservers to forward DNS requests to when not authoritative for a domain.";
example = ["8.8.8.8:53" "8.8.4.4:53"];
};
@@ -59,13 +59,13 @@ in {
default = pkgs.skydns;
defaultText = literalExpression "pkgs.skydns";
type = types.package;
- description = "Skydns package to use.";
+ description = lib.mdDoc "Skydns package to use.";
};
extraConfig = mkOption {
default = {};
type = types.attrsOf types.str;
- description = "Skydns attribute set of extra config options passed as environment variables.";
+ description = lib.mdDoc "Skydns attribute set of extra config options passed as environment variables.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/smartdns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/smartdns.nix
index 7f9df42ce9c..aa132747885 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/smartdns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/smartdns.nix
@@ -25,7 +25,7 @@ in {
bindPort = mkOption {
type = types.port;
default = 53;
- description = "DNS listening port number.";
+ description = lib.mdDoc "DNS listening port number.";
};
settings = mkOption {
@@ -42,9 +42,9 @@ in {
speed-check-mode = "ping,tcp:80";
};
'';
- description = ''
- A set that will be generated into configuration file, see the SmartDNS README for details of configuration parameters.
- You could override the options here like by writing settings.bind = ":5353 -no-rule -group example";.
+ description = lib.mdDoc ''
+ A set that will be generated into configuration file, see the [SmartDNS README](https://github.com/pymumu/smartdns/blob/master/ReadMe_en.md#configuration-parameter) for details of configuration parameters.
+ You could override the options here like {option}`services.smartdns.bindPort` by writing `settings.bind = ":5353 -no-rule -group example";`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/smokeping.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/smokeping.nix
index bd71b158dbe..217c16c8f37 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/smokeping.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/smokeping.nix
@@ -52,7 +52,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the smokeping service";
+ description = lib.mdDoc "Enable the smokeping service";
};
alertConfig = mkOption {
type = types.lines;
@@ -70,14 +70,14 @@ in
pattern = >0%,*12*,>0%,*12*,>0%
comment = loss 3 times in a row;
'';
- description = "Configuration for alerts.";
+ description = lib.mdDoc "Configuration for alerts.";
};
cgiUrl = mkOption {
type = types.str;
default = "http://${cfg.hostName}:${toString cfg.port}/smokeping.cgi";
defaultText = literalExpression ''"http://''${hostName}:''${toString port}/smokeping.cgi"'';
example = "https://somewhere.example.com/smokeping.cgi";
- description = "URL to the smokeping cgi.";
+ description = lib.mdDoc "URL to the smokeping cgi.";
};
config = mkOption {
type = types.nullOr types.lines;
@@ -113,28 +113,28 @@ in
MAX 0.5 144 7200
MIN 0.5 144 7200
'';
- description = ''Configure the ping frequency and retention of the rrd files.
+ description = lib.mdDoc ''Configure the ping frequency and retention of the rrd files.
Once set, changing the interval will require deletion or migration of all
the collected data.'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Any additional customization not already included.";
+ description = lib.mdDoc "Any additional customization not already included.";
};
hostName = mkOption {
type = types.str;
default = config.networking.fqdn;
defaultText = literalExpression "config.networking.fqdn";
example = "somewhere.example.com";
- description = "DNS name for the urls generated in the cgi.";
+ description = lib.mdDoc "DNS name for the urls generated in the cgi.";
};
imgUrl = mkOption {
type = types.str;
default = "cache";
defaultText = literalExpression ''"cache"'';
example = "https://somewhere.example.com/cache";
- description = ''
+ description = lib.mdDoc ''
Base url for images generated in the cgi.
The default is a relative URL to ensure it works also when e.g. forwarding
@@ -145,48 +145,48 @@ in
type = types.enum ["original" "absolute" "relative"];
default = "relative";
example = "absolute";
- description = "DNS name for the urls generated in the cgi.";
+ description = lib.mdDoc "DNS name for the urls generated in the cgi.";
};
mailHost = mkOption {
type = types.str;
default = "";
example = "localhost";
- description = "Use this SMTP server to send alerts";
+ description = lib.mdDoc "Use this SMTP server to send alerts";
};
owner = mkOption {
type = types.str;
default = "nobody";
example = "Joe Admin";
- description = "Real name of the owner of the instance";
+ description = lib.mdDoc "Real name of the owner of the instance";
};
ownerEmail = mkOption {
type = types.str;
default = "no-reply@${cfg.hostName}";
defaultText = literalExpression ''"no-reply@''${hostName}"'';
example = "no-reply@yourdomain.com";
- description = "Email contact for owner";
+ description = lib.mdDoc "Email contact for owner";
};
package = mkOption {
type = types.package;
default = pkgs.smokeping;
defaultText = literalExpression "pkgs.smokeping";
- description = "Specify a custom smokeping package";
+ description = lib.mdDoc "Specify a custom smokeping package";
};
host = mkOption {
type = types.nullOr types.str;
default = "localhost";
example = "192.0.2.1"; # rfc5737 example IP for documentation
- description = ''
+ description = lib.mdDoc ''
Host/IP to bind to for the web server.
- Setting it to null skips passing the -h option to thttpd,
+ Setting it to `null` skips passing the -h option to thttpd,
which makes it bind to all interfaces.
'';
};
port = mkOption {
type = types.int;
default = 8081;
- description = "TCP port to use for the web server.";
+ description = lib.mdDoc "TCP port to use for the web server.";
};
presentationConfig = mkOption {
type = types.lines;
@@ -227,13 +227,13 @@ in
"Last 10 Days" 10d
"Last 360 Days" 360d
'';
- description = "presentation graph style";
+ description = lib.mdDoc "presentation graph style";
};
presentationTemplate = mkOption {
type = types.str;
default = "${pkgs.smokeping}/etc/basepage.html.dist";
defaultText = literalExpression ''"''${pkgs.smokeping}/etc/basepage.html.dist"'';
- description = "Default page layout for the web UI.";
+ description = lib.mdDoc "Default page layout for the web UI.";
};
probeConfig = mkOption {
type = types.lines;
@@ -247,19 +247,19 @@ in
binary = ''${config.security.wrapperDir}/fping
'''
'';
- description = "Probe configuration";
+ description = lib.mdDoc "Probe configuration";
};
sendmail = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/wrappers/bin/sendmail";
- description = "Use this sendmail compatible script to deliver alerts";
+ description = lib.mdDoc "Use this sendmail compatible script to deliver alerts";
};
smokeMailTemplate = mkOption {
type = types.str;
default = "${cfg.package}/etc/smokemail.dist";
defaultText = literalExpression ''"''${package}/etc/smokemail.dist"'';
- description = "Specify the smokemail template for alerts.";
+ description = lib.mdDoc "Specify the smokemail template for alerts.";
};
targetConfig = mkOption {
type = types.lines;
@@ -277,17 +277,17 @@ in
title = This host
host = localhost
'';
- description = "Target configuration";
+ description = lib.mdDoc "Target configuration";
};
user = mkOption {
type = types.str;
default = "smokeping";
- description = "User that runs smokeping and (optionally) thttpd. A group of the same name will be created as well.";
+ description = lib.mdDoc "User that runs smokeping and (optionally) thttpd. A group of the same name will be created as well.";
};
webService = mkOption {
type = types.bool;
default = true;
- description = "Enable a smokeping web interface";
+ description = lib.mdDoc "Enable a smokeping web interface";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sniproxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sniproxy.nix
index adca5398e4a..dedeb96f736 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sniproxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sniproxy.nix
@@ -23,19 +23,19 @@ in
user = mkOption {
type = types.str;
default = "sniproxy";
- description = "User account under which sniproxy runs.";
+ description = lib.mdDoc "User account under which sniproxy runs.";
};
group = mkOption {
type = types.str;
default = "sniproxy";
- description = "Group under which sniproxy runs.";
+ description = lib.mdDoc "Group under which sniproxy runs.";
};
config = mkOption {
type = types.lines;
default = "";
- description = "sniproxy.conf configuration excluding the daemon username and pid file.";
+ description = lib.mdDoc "sniproxy.conf configuration excluding the daemon username and pid file.";
example = ''
error_log {
filename /var/log/sniproxy/error.log
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/snowflake-proxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/snowflake-proxy.nix
index 2124644ed9b..d759b07e8bf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/snowflake-proxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/snowflake-proxy.nix
@@ -11,25 +11,25 @@ in
enable = mkEnableOption "System to defeat internet censorship";
broker = mkOption {
- description = "Broker URL (default \"https://snowflake-broker.torproject.net/\")";
+ description = lib.mdDoc "Broker URL (default \"https://snowflake-broker.torproject.net/\")";
type = with types; nullOr str;
default = null;
};
capacity = mkOption {
- description = "Limits the amount of maximum concurrent clients allowed.";
+ description = lib.mdDoc "Limits the amount of maximum concurrent clients allowed.";
type = with types; nullOr int;
default = null;
};
relay = mkOption {
- description = "websocket relay URL (default \"wss://snowflake.bamsoftware.com/\")";
+ description = lib.mdDoc "websocket relay URL (default \"wss://snowflake.bamsoftware.com/\")";
type = with types; nullOr str;
default = null;
};
stun = mkOption {
- description = "STUN broker URL (default \"stun:stun.stunprotocol.org:3478\")";
+ description = lib.mdDoc "STUN broker URL (default \"stun:stun.stunprotocol.org:3478\")";
type = with types; nullOr str;
default = null;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/softether.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/softether.nix
index 5405f56871e..47d10bf64ca 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/softether.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/softether.nix
@@ -22,7 +22,7 @@ in
type = types.package;
default = pkgs.softether;
defaultText = literalExpression "pkgs.softether";
- description = ''
+ description = lib.mdDoc ''
softether derivation to use.
'';
};
@@ -36,14 +36,14 @@ in
up = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell commands executed when the Virtual Network Adapter(s) is/are starting.
'';
};
down = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell commands executed when the Virtual Network Adapter(s) is/are shutting down.
'';
};
@@ -52,7 +52,7 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/softether";
- description = ''
+ description = lib.mdDoc ''
Data directory for SoftEther VPN.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/soju.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/soju.nix
index cb0acf4765f..32ace43660a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/soju.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/soju.nix
@@ -44,25 +44,27 @@ in
type = types.str;
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
- description = "Server hostname.";
+ description = lib.mdDoc "Server hostname.";
};
tlsCertificate = mkOption {
type = types.nullOr types.path;
+ default = null;
example = "/var/host.cert";
- description = "Path to server TLS certificate.";
+ description = lib.mdDoc "Path to server TLS certificate.";
};
tlsCertificateKey = mkOption {
type = types.nullOr types.path;
+ default = null;
example = "/var/host.key";
- description = "Path to server TLS certificate key.";
+ description = lib.mdDoc "Path to server TLS certificate key.";
};
enableMessageLogging = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable message logging.";
+ description = lib.mdDoc "Whether to enable message logging.";
};
httpOrigins = mkOption {
@@ -90,13 +92,23 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Lines added verbatim to the configuration file.";
+ description = lib.mdDoc "Lines added verbatim to the configuration file.";
};
};
###### implementation
config = mkIf cfg.enable {
+ assertions = [
+ {
+ assertion = (cfg.tlsCertificate != null) == (cfg.tlsCertificateKey != null);
+ message = ''
+ services.soju.tlsCertificate and services.soju.tlsCertificateKey
+ must both be specified to enable TLS.
+ '';
+ }
+ ];
+
systemd.services.soju = {
description = "soju IRC bouncer";
wantedBy = [ "multi-user.target" ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/solanum.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/solanum.nix
index dc066a24549..daa3650fc99 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/solanum.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/solanum.nix
@@ -44,16 +44,16 @@ in
default_split_user_count = 0;
};
'';
- description = ''
+ description = lib.mdDoc ''
Solanum IRC daemon configuration file.
- check for all options.
+ check for all options.
'';
};
openFilesLimit = mkOption {
type = types.int;
default = 1024;
- description = ''
+ description = lib.mdDoc ''
Maximum number of open files. Limits the clients and server connections.
'';
};
@@ -61,10 +61,10 @@ in
motd = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Solanum MOTD text.
- Solanum will read its MOTD from /etc/solanum/ircd.motd.
+ Solanum will read its MOTD from `/etc/solanum/ircd.motd`.
If set, the value of this option will be written to this path.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/spacecookie.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/spacecookie.nix
index 400f3e26cc9..4aa76de6f41 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/spacecookie.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/spacecookie.nix
@@ -32,7 +32,7 @@ in {
default = pkgs.spacecookie;
defaultText = literalExpression "pkgs.spacecookie";
example = literalExpression "pkgs.haskellPackages.spacecookie";
- description = ''
+ description = lib.mdDoc ''
The spacecookie derivation to use. This can be used to
override the used package or to use another version.
'';
@@ -41,7 +41,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open the necessary port in the firewall for spacecookie.
'';
};
@@ -49,7 +49,7 @@ in {
port = mkOption {
type = types.port;
default = 70;
- description = ''
+ description = lib.mdDoc ''
Port the gopher service should be exposed on.
'';
};
@@ -57,10 +57,10 @@ in {
address = mkOption {
type = types.str;
default = "[::]";
- description = ''
+ description = lib.mdDoc ''
Address to listen on. Must be in the
- ListenStream= syntax of
- systemd.socket(5).
+ `ListenStream=` syntax of
+ [systemd.socket(5)](https://www.freedesktop.org/software/systemd/man/systemd.socket.html).
'';
};
@@ -71,7 +71,7 @@ in {
options.hostname = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
The hostname the service is reachable via. Clients
will use this hostname for further requests after
loading the initial gopher menu.
@@ -81,11 +81,11 @@ in {
options.root = mkOption {
type = types.path;
default = "/srv/gopher";
- description = ''
+ description = lib.mdDoc ''
The directory spacecookie should serve via gopher.
Files in there need to be world-readable since
the spacecookie service file sets
- DynamicUser=true.
+ `DynamicUser=true`.
'';
};
@@ -96,7 +96,7 @@ in {
hide-ips = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
If enabled, spacecookie will hide personal
information of users like IP addresses from
log output.
@@ -110,7 +110,7 @@ in {
# journald will add timestamps, so no need
# to double up.
default = true;
- description = ''
+ description = lib.mdDoc ''
If enabled, spacecookie will not print timestamps
at the beginning of every log line.
'';
@@ -123,18 +123,18 @@ in {
"error"
];
default = "info";
- description = ''
+ description = lib.mdDoc ''
Log level for the spacecookie service.
'';
};
};
};
- description = ''
+ description = lib.mdDoc ''
Settings for spacecookie. The settings set here are
directly translated to the spacecookie JSON config
file. See
- spacecookie.json(5)
+ [spacecookie.json(5)](https://sternenseemann.github.io/spacecookie/spacecookie.json.5.html)
for explanations of all options.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/spiped.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/spiped.nix
index 3c229ecfc72..3e01ace54ad 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/spiped.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/spiped.nix
@@ -11,7 +11,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the spiped service module.";
+ description = lib.mdDoc "Enable the spiped service module.";
};
config = mkOption {
@@ -21,32 +21,32 @@ in
encrypt = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Take unencrypted connections from the
- source socket and send encrypted
- connections to the target socket.
+ `source` socket and send encrypted
+ connections to the `target` socket.
'';
};
decrypt = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Take encrypted connections from the
- source socket and send unencrypted
- connections to the target socket.
+ `source` socket and send unencrypted
+ connections to the `target` socket.
'';
};
source = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Address on which spiped should listen for incoming
connections. Must be in one of the following formats:
- /absolute/path/to/unix/socket,
- host.name:port,
- [ip.v4.ad.dr]:port or
- [ipv6::addr]:port - note that
+ `/absolute/path/to/unix/socket`,
+ `host.name:port`,
+ `[ip.v4.ad.dr]:port` or
+ `[ipv6::addr]:port` - note that
hostnames are resolved when spiped is launched and are
not re-resolved later; thus if DNS entries change
spiped will continue to connect to the expired
@@ -56,24 +56,24 @@ in
target = mkOption {
type = types.str;
- description = "Address to which spiped should connect.";
+ description = lib.mdDoc "Address to which spiped should connect.";
};
keyfile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Name of a file containing the spiped key. As the
- daemon runs as the spiped user, the
+ daemon runs as the `spiped` user, the
key file must be somewhere owned by that user. By
default, we recommend putting the keys for any spipe
- services in /var/lib/spiped.
+ services in `/var/lib/spiped`.
'';
};
timeout = mkOption {
type = types.int;
default = 5;
- description = ''
+ description = lib.mdDoc ''
Timeout, in seconds, after which an attempt to connect to
the target or a protocol handshake will be aborted (and the
connection dropped) if not completed
@@ -83,7 +83,7 @@ in
maxConns = mkOption {
type = types.int;
default = 100;
- description = ''
+ description = lib.mdDoc ''
Limit on the number of simultaneous connections allowed.
'';
};
@@ -91,14 +91,14 @@ in
waitForDNS = mkOption {
type = types.bool;
default = false;
- description = ''
- Wait for DNS. Normally when spiped is
+ description = lib.mdDoc ''
+ Wait for DNS. Normally when `spiped` is
launched it resolves addresses and binds to its source
socket before the parent process returns; with this option
it will daemonize first and retry failed DNS lookups until
- they succeed. This allows spiped to
+ they succeed. This allows `spiped` to
launch even if DNS isn't set up yet, but at the expense of
- losing the guarantee that once spiped has
+ losing the guarantee that once `spiped` has
finished launching it will be ready to create pipes.
'';
};
@@ -106,13 +106,13 @@ in
disableKeepalives = mkOption {
type = types.bool;
default = false;
- description = "Disable transport layer keep-alives.";
+ description = lib.mdDoc "Disable transport layer keep-alives.";
};
weakHandshake = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Use fast/weak handshaking: This reduces the CPU time spent
in the initial connection setup, at the expense of losing
perfect forward secrecy.
@@ -122,7 +122,7 @@ in
resolveRefresh = mkOption {
type = types.int;
default = 60;
- description = ''
+ description = lib.mdDoc ''
Resolution refresh time for the target socket, in seconds.
'';
};
@@ -130,7 +130,7 @@ in
disableReresolution = mkOption {
type = types.bool;
default = false;
- description = "Disable target address re-resolution.";
+ description = lib.mdDoc "Disable target address re-resolution.";
};
};
}
@@ -155,11 +155,11 @@ in
}
'';
- description = ''
+ description = lib.mdDoc ''
Configuration for a secure pipe daemon. The daemon can be
started, stopped, or examined using
- systemctl, under the name
- spiped@foo.
+ `systemctl`, under the name
+ `spiped@foo`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/squid.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/squid.nix
index db4f0d26b6f..914cd7f320c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/squid.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/squid.nix
@@ -108,32 +108,32 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to run squid web proxy.";
+ description = lib.mdDoc "Whether to run squid web proxy.";
};
package = mkOption {
default = pkgs.squid;
defaultText = literalExpression "pkgs.squid";
type = types.package;
- description = "Squid package to use.";
+ description = lib.mdDoc "Squid package to use.";
};
proxyAddress = mkOption {
type = types.nullOr types.str;
default = null;
- description = "IP address on which squid will listen.";
+ description = lib.mdDoc "IP address on which squid will listen.";
};
proxyPort = mkOption {
type = types.int;
default = 3128;
- description = "TCP port on which squid will listen.";
+ description = lib.mdDoc "TCP port on which squid will listen.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Squid configuration. Contents will be added
verbatim to the configuration file.
'';
@@ -142,7 +142,7 @@ in
configText = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Verbatim contents of squid.conf. If null (default), use the
autogenerated file from NixOS instead.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ssh/lshd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ssh/lshd.nix
index 862ff7df054..41c4ec2d295 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ssh/lshd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ssh/lshd.nix
@@ -21,7 +21,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the GNU lshd SSH2 daemon, which allows
secure remote login.
'';
@@ -30,7 +30,7 @@ in
portNumber = mkOption {
default = 22;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
The port on which to listen for connections.
'';
};
@@ -38,7 +38,7 @@ in
interfaces = mkOption {
default = [];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of network interfaces where listening for connections.
When providing the empty list, `[]', lshd listens on all
network interfaces.
@@ -49,7 +49,7 @@ in
hostKey = mkOption {
default = "/etc/lsh/host-key";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Path to the server's private key. Note that this key must
have been created, e.g., using "lsh-keygen --server |
lsh-writekey --server", so that you can run lshd.
@@ -59,31 +59,31 @@ in
syslog = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable syslog output.";
+ description = lib.mdDoc "Whether to enable syslog output.";
};
passwordAuthentication = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable password authentication.";
+ description = lib.mdDoc "Whether to enable password authentication.";
};
publicKeyAuthentication = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable public key authentication.";
+ description = lib.mdDoc "Whether to enable public key authentication.";
};
rootLogin = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable remote root login.";
+ description = lib.mdDoc "Whether to enable remote root login.";
};
loginShell = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
If non-null, override the default login shell with the
specified value.
'';
@@ -93,7 +93,7 @@ in
srpKeyExchange = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable SRP key exchange and user authentication.
'';
};
@@ -101,18 +101,18 @@ in
tcpForwarding = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable TCP/IP forwarding.";
+ description = lib.mdDoc "Whether to enable TCP/IP forwarding.";
};
x11Forwarding = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable X11 forwarding.";
+ description = lib.mdDoc "Whether to enable X11 forwarding.";
};
subsystems = mkOption {
type = types.listOf types.path;
- description = ''
+ description = lib.mdDoc ''
List of subsystem-path pairs, where the head of the pair
denotes the subsystem name, and the tail denotes the path to
an executable implementing it.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ssh/sshd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ssh/sshd.nix
index 6b69d559748..c6386ed6823 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ssh/sshd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ssh/sshd.nix
@@ -32,13 +32,13 @@ let
keys = mkOption {
type = types.listOf types.singleLineStr;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys. The keys are added to a file that the SSH
daemon reads in addition to the the user's authorized_keys file.
- You can combine the keys and
- keyFiles options.
- Warning: If you are using NixOps then don't use this
+ You can combine the `keys` and
+ `keyFiles` options.
+ Warning: If you are using `NixOps` then don't use this
option since it will replace the key required for deployment via ssh.
'';
example = [
@@ -50,12 +50,12 @@ let
keyFiles = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys. The contents of the files are
read at build time and added to a file that the SSH daemon reads in
addition to the the user's authorized_keys file. You can combine the
- keyFiles and keys options.
+ `keyFiles` and `keys` options.
'';
};
};
@@ -93,7 +93,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the OpenSSH secure shell daemon, which
allows secure remote logins.
'';
@@ -102,8 +102,8 @@ in
startWhenNeeded = mkOption {
type = types.bool;
default = false;
- description = ''
- If set, sshd is socket-activated; that
+ description = lib.mdDoc ''
+ If set, {command}`sshd` is socket-activated; that
is, instead of having it permanently running as a daemon,
systemd will start an instance for each incoming connection.
'';
@@ -112,7 +112,7 @@ in
forwardX11 = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to allow X11 connections to be forwarded.
'';
};
@@ -120,17 +120,17 @@ in
allowSFTP = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the SFTP subsystem in the SSH daemon. This
- enables the use of commands such as sftp and
- sshfs.
+ enables the use of commands such as {command}`sftp` and
+ {command}`sshfs`.
'';
};
sftpServerExecutable = mkOption {
type = types.str;
example = "internal-sftp";
- description = ''
+ description = lib.mdDoc ''
The sftp server executable. Can be a path or "internal-sftp" to use
the sftp server built into the sshd binary.
'';
@@ -140,7 +140,7 @@ in
type = with types; listOf str;
default = [];
example = [ "-f AUTHPRIV" "-l INFO" ];
- description = ''
+ description = lib.mdDoc ''
Commandline flags to add to sftp-server.
'';
};
@@ -148,7 +148,7 @@ in
permitRootLogin = mkOption {
default = "prohibit-password";
type = types.enum ["yes" "without-password" "prohibit-password" "forced-commands-only" "no"];
- description = ''
+ description = lib.mdDoc ''
Whether the root user can login using ssh.
'';
};
@@ -167,7 +167,7 @@ in
ports = mkOption {
type = types.listOf types.port;
default = [22];
- description = ''
+ description = lib.mdDoc ''
Specifies on which ports the SSH daemon listens.
'';
};
@@ -175,7 +175,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to automatically open the specified ports in the firewall.
'';
};
@@ -186,14 +186,14 @@ in
addr = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Host, IPv4 or IPv6 address to listen to.
'';
};
port = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Port to listen to.
'';
};
@@ -201,10 +201,10 @@ in
});
default = [];
example = [ { addr = "192.168.3.1"; port = 22; } { addr = "0.0.0.0"; port = 64022; } ];
- description = ''
+ description = lib.mdDoc ''
List of addresses and ports to listen on (ListenAddress directive
in config). If port is not specified for address sshd will listen
- on all ports specified by ports option.
+ on all ports specified by `ports` option.
NOTE: this will override default listening on all local addresses and port 22.
NOTE: setting this option won't automatically enable given ports
in firewall configuration.
@@ -214,7 +214,7 @@ in
passwordAuthentication = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Specifies whether password authentication is allowed.
'';
};
@@ -222,7 +222,7 @@ in
kbdInteractiveAuthentication = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Specifies whether keyboard-interactive authentication is allowed.
'';
};
@@ -249,7 +249,7 @@ in
banner = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Message to display to the remote user before authentication is allowed.
'';
};
@@ -273,7 +273,7 @@ in
authorizedKeysCommand = mkOption {
type = types.str;
default = "none";
- description = ''
+ description = lib.mdDoc ''
Specifies a program to be used to look up the user's public
keys. The program must be owned by root, not writable by group
or others and specified by an absolute path.
@@ -283,7 +283,7 @@ in
authorizedKeysCommandUser = mkOption {
type = types.str;
default = "nobody";
- description = ''
+ description = lib.mdDoc ''
Specifies the user under whose account the AuthorizedKeysCommand
is run. It is recommended to use a dedicated user that has no
other role on the host than running authorized keys commands.
@@ -354,7 +354,7 @@ in
logLevel = mkOption {
type = types.enum [ "QUIET" "FATAL" "ERROR" "INFO" "VERBOSE" "DEBUG" "DEBUG1" "DEBUG2" "DEBUG3" ];
default = "INFO"; # upstream default
- description = ''
+ description = lib.mdDoc ''
Gives the verbosity level that is used when logging messages from sshd(8). The possible values are:
QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1
are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. Logging with a DEBUG level
@@ -365,7 +365,7 @@ in
useDns = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Specifies whether sshd(8) should look up the remote host name, and to check that the resolved host name for
the remote IP address maps back to the very same IP address.
If this option is set to no (the default) then only addresses and not host names may be used in
@@ -376,16 +376,16 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Verbatim contents of sshd_config.";
+ description = lib.mdDoc "Verbatim contents of {file}`sshd_config`.";
};
moduliFile = mkOption {
example = "/etc/my-local-ssh-moduli;";
type = types.path;
- description = ''
- Path to moduli file to install in
- /etc/ssh/moduli. If this option is unset, then
- the moduli file shipped with OpenSSH will be used.
+ description = lib.mdDoc ''
+ Path to `moduli` file to install in
+ `/etc/ssh/moduli`. If this option is unset, then
+ the `moduli` file shipped with OpenSSH will be used.
'';
};
@@ -442,7 +442,9 @@ in
${flip concatMapStrings cfg.hostKeys (k: ''
if ! [ -s "${k.path}" ]; then
- rm -f "${k.path}"
+ if ! [ -h "${k.path}" ]; then
+ rm -f "${k.path}"
+ fi
ssh-keygen \
-t "${k.type}" \
${if k ? bits then "-b ${toString k.bits}" else ""} \
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sslh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sslh.nix
index abe96f60f81..03c0bd23141 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sslh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/sslh.nix
@@ -48,37 +48,37 @@ in
verbose = mkOption {
type = types.bool;
default = false;
- description = "Verbose logs.";
+ description = lib.mdDoc "Verbose logs.";
};
timeout = mkOption {
type = types.int;
default = 2;
- description = "Timeout in seconds.";
+ description = lib.mdDoc "Timeout in seconds.";
};
transparent = mkOption {
type = types.bool;
default = false;
- description = "Will the services behind sslh (Apache, sshd and so on) see the external IP and ports as if the external world connected directly to them";
+ description = lib.mdDoc "Will the services behind sslh (Apache, sshd and so on) see the external IP and ports as if the external world connected directly to them";
};
listenAddresses = mkOption {
type = types.coercedTo types.str singleton (types.listOf types.str);
default = [ "0.0.0.0" "[::]" ];
- description = "Listening addresses or hostnames.";
+ description = lib.mdDoc "Listening addresses or hostnames.";
};
port = mkOption {
type = types.int;
default = 443;
- description = "Listening port.";
+ description = lib.mdDoc "Listening port.";
};
appendConfig = mkOption {
type = types.str;
default = defaultAppendConfig;
- description = "Verbatim configuration file.";
+ description = lib.mdDoc "Verbatim configuration file.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/strongswan.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/strongswan.nix
index e3a97207be7..f1b0a3f0d3b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/strongswan.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/strongswan.nix
@@ -57,10 +57,10 @@ in
type = types.listOf types.str;
default = [];
example = [ "/run/keys/ipsec-foo.secret" ];
- description = ''
+ description = lib.mdDoc ''
A list of paths to IPSec secret files. These
files will be included into the main ipsec.secrets file with
- the include directive. It is safer if these
+ the `include` directive. It is safer if these
paths are absolute.
'';
};
@@ -69,9 +69,9 @@ in
type = types.attrsOf types.str;
default = {};
example = { cachecrls = "yes"; strictcrlpolicy = "yes"; };
- description = ''
+ description = lib.mdDoc ''
A set of options for the ‘config setup’ section of the
- ipsec.conf file. Defines general
+ {file}`ipsec.conf` file. Defines general
configuration parameters.
'';
};
@@ -94,9 +94,9 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
A set of connections and their options for the ‘conn xxx’
- sections of the ipsec.conf file.
+ sections of the {file}`ipsec.conf` file.
'';
};
@@ -110,9 +110,9 @@ in
crluri = "http://crl2.strongswan.org/strongswan.crl";
};
};
- description = ''
+ description = lib.mdDoc ''
A set of CAs (certification authorities) and their options for
- the ‘ca xxx’ sections of the ipsec.conf
+ the ‘ca xxx’ sections of the {file}`ipsec.conf`
file.
'';
};
@@ -120,19 +120,19 @@ in
managePlugins = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If set to true, this option will disable automatic plugin loading and
then tell strongSwan to enable the plugins specified in the
- option.
+ {option}`enabledPlugins` option.
'';
};
enabledPlugins = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of additional plugins to enable if
- is true.
+ {option}`managePlugins` is true.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/stubby.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/stubby.nix
index 78c13798dde..f9d6869ad97 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/stubby.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/stubby.nix
@@ -39,20 +39,20 @@ in {
}];
};
'';
- description = ''
+ description = lib.mdDoc ''
Content of the Stubby configuration file. All Stubby settings may be set or queried
here. The default settings are available at
- pkgs.stubby.passthru.settingsExample. See
- .
+ `pkgs.stubby.passthru.settingsExample`. See
+ .
A list of the public recursive servers can be found here:
- .
+ .
'';
};
debugLogging = mkOption {
default = false;
type = types.bool;
- description = "Enable or disable debug level logging.";
+ description = lib.mdDoc "Enable or disable debug level logging.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/stunnel.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/stunnel.nix
index df4908a0fff..d7311a24bb3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/stunnel.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/stunnel.nix
@@ -7,80 +7,27 @@ let
cfg = config.services.stunnel;
yesNo = val: if val then "yes" else "no";
+ verifyRequiredField = type: field: n: c: {
+ assertion = hasAttr field c;
+ message = "stunnel: \"${n}\" ${type} configuration - Field ${field} is required.";
+ };
+
verifyChainPathAssert = n: c: {
- assertion = c.verifyHostname == null || (c.verifyChain || c.verifyPeer);
+ assertion = (c.verifyHostname or null) == null || (c.verifyChain || c.verifyPeer);
message = "stunnel: \"${n}\" client configuration - hostname verification " +
"is not possible without either verifyChain or verifyPeer enabled";
};
- serverConfig = {
- options = {
- accept = mkOption {
- type = types.either types.str types.int;
- description = ''
- On which [host:]port stunnel should listen for incoming TLS connections.
- Note that unlike other softwares stunnel ipv6 address need no brackets,
- so to listen on all IPv6 addresses on port 1234 one would use ':::1234'.
- '';
- };
-
- connect = mkOption {
- type = types.either types.str types.int;
- description = "Port or IP:Port to which the decrypted connection should be forwarded.";
- };
-
- cert = mkOption {
- type = types.path;
- description = "File containing both the private and public keys.";
- };
- };
- };
-
- clientConfig = {
- options = {
- accept = mkOption {
- type = types.str;
- description = "IP:Port on which connections should be accepted.";
- };
-
- connect = mkOption {
- type = types.str;
- description = "IP:Port destination to connect to.";
- };
-
- verifyChain = mkOption {
- type = types.bool;
- default = true;
- description = "Check if the provided certificate has a valid certificate chain (against CAPath).";
- };
-
- verifyPeer = mkOption {
- type = types.bool;
- default = false;
- description = "Check if the provided certificate is contained in CAPath.";
- };
-
- CAPath = mkOption {
- type = types.nullOr types.path;
- default = null;
- description = "Path to a directory containing certificates to validate against.";
- };
-
- CAFile = mkOption {
- type = types.nullOr types.path;
- default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
- defaultText = literalExpression ''"''${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"'';
- description = "Path to a file containing certificates to validate against.";
- };
-
- verifyHostname = mkOption {
- type = with types; nullOr str;
- default = null;
- description = "If set, stunnel checks if the provided certificate is valid for the given hostname.";
- };
- };
- };
-
+ removeNulls = mapAttrs (_: filterAttrs (_: v: v != null));
+ mkValueString = v:
+ if v == true then "yes"
+ else if v == false then "no"
+ else generators.mkValueStringDefault {} v;
+ generateConfig = c:
+ generators.toINI {
+ mkSectionName = id;
+ mkKeyValue = k: v: "${k} = ${mkValueString v}";
+ } (removeNulls c);
in
@@ -95,43 +42,48 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the stunnel TLS tunneling service.";
+ description = lib.mdDoc "Whether to enable the stunnel TLS tunneling service.";
};
user = mkOption {
type = with types; nullOr str;
default = "nobody";
- description = "The user under which stunnel runs.";
+ description = lib.mdDoc "The user under which stunnel runs.";
};
group = mkOption {
type = with types; nullOr str;
default = "nogroup";
- description = "The group under which stunnel runs.";
+ description = lib.mdDoc "The group under which stunnel runs.";
};
logLevel = mkOption {
type = types.enum [ "emerg" "alert" "crit" "err" "warning" "notice" "info" "debug" ];
default = "info";
- description = "Verbosity of stunnel output.";
+ description = lib.mdDoc "Verbosity of stunnel output.";
};
fipsMode = mkOption {
type = types.bool;
default = false;
- description = "Enable FIPS 140-2 mode required for compliance.";
+ description = lib.mdDoc "Enable FIPS 140-2 mode required for compliance.";
};
enableInsecureSSLv3 = mkOption {
type = types.bool;
default = false;
- description = "Enable support for the insecure SSLv3 protocol.";
+ description = lib.mdDoc "Enable support for the insecure SSLv3 protocol.";
};
servers = mkOption {
- description = "Define the server configuations.";
- type = with types; attrsOf (submodule serverConfig);
+ description = ''
+ Define the server configuations.
+
+ See "SERVICE-LEVEL OPTIONS" in stunnel
+ 8.
+ '';
+ type = with types; attrsOf (attrsOf (nullOr (oneOf [bool int str])));
example = {
fancyWebserver = {
accept = 443;
@@ -143,8 +95,33 @@ in
};
clients = mkOption {
- description = "Define the client configurations.";
- type = with types; attrsOf (submodule clientConfig);
+ description = ''
+ Define the client configurations.
+
+ By default, verifyChain and OCSPaia are enabled and a CAFile is provided from pkgs.cacert.
+
+ See "SERVICE-LEVEL OPTIONS" in stunnel
+ 8.
+ '';
+ type = with types; attrsOf (attrsOf (nullOr (oneOf [bool int str])));
+
+ apply = let
+ applyDefaults = c:
+ {
+ CAFile = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+ OCSPaia = true;
+ verifyChain = true;
+ } // c;
+ setCheckHostFromVerifyHostname = c:
+ # To preserve backward-compatibility with the old NixOS stunnel module
+ # definition, allow "verifyHostname" as an alias for "checkHost".
+ c // {
+ checkHost = c.checkHost or c.verifyHostname or null;
+ verifyHostname = null; # Not a real stunnel configuration setting
+ };
+ forceClient = c: c // { client = true; };
+ in mapAttrs (_: c: forceClient (setCheckHostFromVerifyHostname (applyDefaults c)));
+
example = {
foobar = {
accept = "0.0.0.0:8080";
@@ -169,6 +146,11 @@ in
})
(mapAttrsToList verifyChainPathAssert cfg.clients)
+ (mapAttrsToList (verifyRequiredField "client" "accept") cfg.clients)
+ (mapAttrsToList (verifyRequiredField "client" "connect") cfg.clients)
+ (mapAttrsToList (verifyRequiredField "server" "accept") cfg.servers)
+ (mapAttrsToList (verifyRequiredField "server" "cert") cfg.servers)
+ (mapAttrsToList (verifyRequiredField "server" "connect") cfg.servers)
];
environment.systemPackages = [ pkgs.stunnel ];
@@ -183,36 +165,10 @@ in
${ optionalString cfg.enableInsecureSSLv3 "options = -NO_SSLv3" }
; ----- SERVER CONFIGURATIONS -----
- ${ lib.concatStringsSep "\n"
- (lib.mapAttrsToList
- (n: v: ''
- [${n}]
- accept = ${toString v.accept}
- connect = ${toString v.connect}
- cert = ${v.cert}
-
- '')
- cfg.servers)
- }
+ ${ generateConfig cfg.servers }
; ----- CLIENT CONFIGURATIONS -----
- ${ lib.concatStringsSep "\n"
- (lib.mapAttrsToList
- (n: v: ''
- [${n}]
- client = yes
- accept = ${v.accept}
- connect = ${v.connect}
- verifyChain = ${yesNo v.verifyChain}
- verifyPeer = ${yesNo v.verifyPeer}
- ${optionalString (v.CAPath != null) "CApath = ${v.CAPath}"}
- ${optionalString (v.CAFile != null) "CAFile = ${v.CAFile}"}
- ${optionalString (v.verifyHostname != null) "checkHost = ${v.verifyHostname}"}
- OCSPaia = yes
-
- '')
- cfg.clients)
- }
+ ${ generateConfig cfg.clients }
'';
systemd.services.stunnel = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/supplicant.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/supplicant.nix
index e111b311d68..0a48e73932e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/supplicant.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/supplicant.nix
@@ -74,19 +74,19 @@ in
type = types.nullOr types.path;
default = null;
example = literalExpression "/etc/wpa_supplicant.conf";
- description = ''
- External wpa_supplicant.conf configuration file.
- The configuration options defined declaratively within networking.supplicant have
- precedence over options defined in configFile.
+ description = lib.mdDoc ''
+ External `wpa_supplicant.conf` configuration file.
+ The configuration options defined declaratively within `networking.supplicant` have
+ precedence over options defined in `configFile`.
'';
};
writable = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether the configuration file at configFile.path should be written to by
- wpa_supplicant.
+ description = lib.mdDoc ''
+ Whether the configuration file at `configFile.path` should be written to by
+ `wpa_supplicant`.
'';
};
@@ -109,12 +109,12 @@ in
model_name=NixOS_Unstable
model_number=2015
'';
- description = ''
- Configuration options for wpa_supplicant.conf.
- Options defined here have precedence over options in configFile.
- NOTE: Do not write sensitive data into extraConf as it will
- be world-readable in the nix-store. For sensitive information
- use the configFile instead.
+ description = lib.mdDoc ''
+ Configuration options for `wpa_supplicant.conf`.
+ Options defined here have precedence over options in `configFile`.
+ NOTE: Do not write sensitive data into `extraConf` as it will
+ be world-readable in the `nix-store`. For sensitive information
+ use the `configFile` instead.
'';
};
@@ -123,19 +123,19 @@ in
default = "";
example = "-e/run/wpa_supplicant/entropy.bin";
description =
- "Command line arguments to add when executing wpa_supplicant.";
+ lib.mdDoc "Command line arguments to add when executing `wpa_supplicant`.";
};
driver = mkOption {
type = types.nullOr types.str;
default = "nl80211,wext";
- description = "Force a specific wpa_supplicant driver.";
+ description = lib.mdDoc "Force a specific wpa_supplicant driver.";
};
bridge = mkOption {
type = types.str;
default = "";
- description = "Name of the bridge interface that wpa_supplicant should listen at.";
+ description = lib.mdDoc "Name of the bridge interface that wpa_supplicant should listen at.";
};
userControlled = {
@@ -143,7 +143,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli.
This is useful for laptop users that switch networks a lot and don't want
to depend on a large package such as NetworkManager just to pick nearby
@@ -154,14 +154,14 @@ in
socketDir = mkOption {
type = types.str;
default = "/run/wpa_supplicant";
- description = "Directory of sockets for controlling wpa_supplicant.";
+ description = lib.mdDoc "Directory of sockets for controlling wpa_supplicant.";
};
group = mkOption {
type = types.str;
default = "wheel";
example = "network";
- description = "Members of this group can control wpa_supplicant.";
+ description = lib.mdDoc "Members of this group can control wpa_supplicant.";
};
};
@@ -184,21 +184,21 @@ in
}
'';
- description = ''
- Interfaces for which to start wpa_supplicant.
+ description = lib.mdDoc ''
+ Interfaces for which to start {command}`wpa_supplicant`.
The supplicant is used to scan for and associate with wireless networks,
or to authenticate with 802.1x capable network switches.
The value of this option is an attribute set. Each attribute configures a
- wpa_supplicant service, where the attribute name specifies
- the name of the interface that wpa_supplicant operates on.
+ {command}`wpa_supplicant` service, where the attribute name specifies
+ the name of the interface that {command}`wpa_supplicant` operates on.
The attribute name can be a space separated list of interfaces.
- The attribute names WLAN, LAN and DBUS
- have a special meaning. WLAN and LAN are
- configurations for universal wpa_supplicant service that is
+ The attribute names `WLAN`, `LAN` and `DBUS`
+ have a special meaning. `WLAN` and `LAN` are
+ configurations for universal {command}`wpa_supplicant` service that is
started for each WLAN interface or for each LAN interface, respectively.
- DBUS defines a device-unrelated wpa_supplicant
- service that can be accessed through D-Bus.
+ `DBUS` defines a device-unrelated {command}`wpa_supplicant`
+ service that can be accessed through `D-Bus`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/supybot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/supybot.nix
index 94b79c7e247..df7d92189a7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/supybot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/supybot.nix
@@ -16,7 +16,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable Supybot, an IRC bot (also known as Limnoria).";
+ description = lib.mdDoc "Enable Supybot, an IRC bot (also known as Limnoria).";
};
stateDir = mkOption {
@@ -25,12 +25,12 @@ in
then "/var/lib/supybot"
else "/home/supybot";
defaultText = literalExpression "/var/lib/supybot";
- description = "The root directory, logs and plugins are stored here";
+ description = lib.mdDoc "The root directory, logs and plugins are stored here";
};
configFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to initial supybot config file. This can be generated by
running supybot-wizard.
@@ -42,12 +42,12 @@ in
plugins = mkOption {
type = types.attrsOf types.path;
default = {};
- description = ''
+ description = lib.mdDoc ''
Attribute set of additional plugins that will be symlinked to the
- plugin subdirectory.
+ {file}`plugin` subdirectory.
Please note that you still need to add the plugins to the config
- file (or with !load) using their attribute name.
+ file (or with `!load`) using their attribute name.
'';
example = literalExpression ''
let
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncplay.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncplay.nix
index 7694b4bf990..726f6567107 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncplay.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncplay.nix
@@ -17,13 +17,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "If enabled, start the Syncplay server.";
+ description = lib.mdDoc "If enabled, start the Syncplay server.";
};
port = mkOption {
type = types.port;
default = 8999;
- description = ''
+ description = lib.mdDoc ''
TCP port to bind to.
'';
};
@@ -31,7 +31,7 @@ in
salt = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Salt to allow room operator passwords generated by this server
instance to still work when the server is restarted.
'';
@@ -40,16 +40,16 @@ in
certDir = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
TLS certificates directory to use for encryption. See
- .
+ .
'';
};
user = mkOption {
type = types.str;
default = "nobody";
- description = ''
+ description = lib.mdDoc ''
User to use when running Syncplay.
'';
};
@@ -57,7 +57,7 @@ in
group = mkOption {
type = types.str;
default = "nogroup";
- description = ''
+ description = lib.mdDoc ''
Group to use when running Syncplay.
'';
};
@@ -65,9 +65,9 @@ in
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the file that contains the server password. If
- null, the server doesn't require a password.
+ `null`, the server doesn't require a password.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncthing-relay.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncthing-relay.nix
index f5ca63e7893..e92557d6545 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncthing-relay.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncthing-relay.nix
@@ -28,7 +28,7 @@ in {
type = types.str;
default = "";
example = "1.2.3.4";
- description = ''
+ description = lib.mdDoc ''
Address to listen on for relay traffic.
'';
};
@@ -36,9 +36,9 @@ in {
port = mkOption {
type = types.port;
default = 22067;
- description = ''
+ description = lib.mdDoc ''
Port to listen on for relay traffic. This port should be added to
- networking.firewall.allowedTCPPorts.
+ `networking.firewall.allowedTCPPorts`.
'';
};
@@ -46,7 +46,7 @@ in {
type = types.str;
default = "";
example = "1.2.3.4";
- description = ''
+ description = lib.mdDoc ''
Address to listen on for serving the relay status API.
'';
};
@@ -54,16 +54,16 @@ in {
statusPort = mkOption {
type = types.port;
default = 22070;
- description = ''
+ description = lib.mdDoc ''
Port to listen on for serving the relay status API. This port should be
- added to networking.firewall.allowedTCPPorts.
+ added to `networking.firewall.allowedTCPPorts`.
'';
};
pools = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = ''
+ description = lib.mdDoc ''
Relay pools to join. If null, uses the default global pool.
'';
};
@@ -71,7 +71,7 @@ in {
providedBy = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Human-readable description of the provider of the relay (you).
'';
};
@@ -79,7 +79,7 @@ in {
globalRateBps = mkOption {
type = types.nullOr types.ints.positive;
default = null;
- description = ''
+ description = lib.mdDoc ''
Global bandwidth rate limit in bytes per second.
'';
};
@@ -87,7 +87,7 @@ in {
perSessionRateBps = mkOption {
type = types.nullOr types.ints.positive;
default = null;
- description = ''
+ description = lib.mdDoc ''
Per session bandwidth rate limit in bytes per second.
'';
};
@@ -95,7 +95,7 @@ in {
extraOptions = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra command line arguments to pass to strelaysrv.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncthing.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncthing.nix
index 0f697c0cc25..373fd03223d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncthing.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/syncthing.nix
@@ -30,15 +30,22 @@ let
updateConfig = pkgs.writers.writeDash "merge-syncthing-config" ''
set -efu
+ # be careful not to leak secrets in the filesystem or in process listings
+
+ umask 0077
+
# get the api key by parsing the config.xml
while
- ! api_key=$(${pkgs.libxml2}/bin/xmllint \
+ ! ${pkgs.libxml2}/bin/xmllint \
--xpath 'string(configuration/gui/apikey)' \
- ${cfg.configDir}/config.xml)
+ ${cfg.configDir}/config.xml \
+ >"$RUNTIME_DIRECTORY/api_key"
do sleep 1; done
+ (printf "X-API-Key: "; cat "$RUNTIME_DIRECTORY/api_key") >"$RUNTIME_DIRECTORY/headers"
+
curl() {
- ${pkgs.curl}/bin/curl -sSLk -H "X-API-Key: $api_key" \
+ ${pkgs.curl}/bin/curl -sSLk -H "@$RUNTIME_DIRECTORY/headers" \
--retry 1000 --retry-delay 1 --retry-all-errors \
"$@"
}
@@ -119,7 +126,7 @@ in {
name = mkOption {
type = types.str;
default = name;
- description = ''
+ description = lib.mdDoc ''
The name of the device.
'';
};
@@ -127,7 +134,7 @@ in {
addresses = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
The addresses used to connect to the device.
If this is left empty, dynamic configuration is attempted.
'';
@@ -197,7 +204,7 @@ in {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to share this folder.
This option is useful when you want to define all folders
in one place, but not every machine should share all folders.
@@ -207,7 +214,7 @@ in {
path = mkOption {
type = types.str;
default = name;
- description = ''
+ description = lib.mdDoc ''
The path to the folder which should be shared.
'';
};
@@ -215,7 +222,7 @@ in {
id = mkOption {
type = types.str;
default = name;
- description = ''
+ description = lib.mdDoc ''
The ID of the folder. Must be the same on all devices.
'';
};
@@ -223,7 +230,7 @@ in {
label = mkOption {
type = types.str;
default = name;
- description = ''
+ description = lib.mdDoc ''
The label of the folder.
'';
};
@@ -304,7 +311,7 @@ in {
rescanInterval = mkOption {
type = types.int;
default = 3600;
- description = ''
+ description = lib.mdDoc ''
How often the folder should be rescanned for changes.
'';
};
@@ -312,7 +319,7 @@ in {
type = mkOption {
type = types.enum [ "sendreceive" "sendonly" "receiveonly" ];
default = "sendreceive";
- description = ''
+ description = lib.mdDoc ''
Whether to only send changes for this folder, only receive them
or both.
'';
@@ -321,7 +328,7 @@ in {
watch = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the folder should be watched for changes by inotify.
'';
};
@@ -329,7 +336,7 @@ in {
watchDelay = mkOption {
type = types.int;
default = 10;
- description = ''
+ description = lib.mdDoc ''
The delay after an inotify event is triggered.
'';
};
@@ -337,7 +344,7 @@ in {
ignorePerms = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to ignore permission changes.
'';
};
@@ -370,7 +377,7 @@ in {
guiAddress = mkOption {
type = types.str;
default = "127.0.0.1:8384";
- description = ''
+ description = lib.mdDoc ''
The address to serve the web interface at.
'';
};
@@ -378,7 +385,7 @@ in {
systemService = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to auto-launch Syncthing as a system service.
'';
};
@@ -419,7 +426,7 @@ in {
type = types.path;
default = "/var/lib/syncthing";
example = "/home/yourUser";
- description = ''
+ description = lib.mdDoc ''
The path where synchronised directories will exist.
'';
};
@@ -428,7 +435,7 @@ in {
cond = versionAtLeast config.system.stateVersion "19.03";
in mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The path where the settings and keys will exist.
'';
default = cfg.dataDir + optionalString cond "/.config/syncthing";
@@ -446,7 +453,7 @@ in {
type = types.listOf types.str;
default = [];
example = [ "--reset-deltas" ];
- description = ''
+ description = lib.mdDoc ''
Extra flags passed to the syncthing command in the service definition.
'';
};
@@ -455,7 +462,7 @@ in {
type = types.bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Whether to open the default ports in the firewall: TCP/UDP 22000 for transfers
and UDP 21027 for discovery.
@@ -470,7 +477,7 @@ in {
type = types.package;
default = pkgs.syncthing;
defaultText = literalExpression "pkgs.syncthing";
- description = ''
+ description = lib.mdDoc ''
The Syncthing package to use.
'';
};
@@ -576,6 +583,7 @@ in {
serviceConfig = {
User = cfg.user;
RemainAfterExit = true;
+ RuntimeDirectory = "syncthing-init";
Type = "oneshot";
ExecStart = updateConfig;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tailscale.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tailscale.nix
index f84252289ab..12ac6d6da5a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tailscale.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tailscale.nix
@@ -17,26 +17,26 @@ in {
port = mkOption {
type = types.port;
default = 41641;
- description = "The port to listen on for tunnel traffic (0=autoselect).";
+ description = lib.mdDoc "The port to listen on for tunnel traffic (0=autoselect).";
};
interfaceName = mkOption {
type = types.str;
default = "tailscale0";
- description = ''The interface name for tunnel traffic. Use "userspace-networking" (beta) to not use TUN.'';
+ description = lib.mdDoc ''The interface name for tunnel traffic. Use "userspace-networking" (beta) to not use TUN.'';
};
permitCertUid = mkOption {
type = types.nullOr types.nonEmptyStr;
default = null;
- description = "Username or user ID of the user allowed to to fetch Tailscale TLS certificates for the node.";
+ description = lib.mdDoc "Username or user ID of the user allowed to to fetch Tailscale TLS certificates for the node.";
};
package = mkOption {
type = types.package;
default = pkgs.tailscale;
defaultText = literalExpression "pkgs.tailscale";
- description = "The package to use for tailscale";
+ description = lib.mdDoc "The package to use for tailscale";
};
};
@@ -47,7 +47,7 @@ in {
systemd.services.tailscaled = {
wantedBy = [ "multi-user.target" ];
path = [
- pkgs.openresolv # for configuring DNS in some configs
+ config.networking.resolvconf.package # for configuring DNS in some configs
pkgs.procps # for collecting running services (opt-in feature)
pkgs.glibc # for `getent` to look up user shells
];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tcpcrypt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tcpcrypt.nix
index 5a91054e166..f2115a6660c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tcpcrypt.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tcpcrypt.nix
@@ -17,7 +17,7 @@ in
networking.tcpcrypt.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable opportunistic TCP encryption. If the other end
speaks Tcpcrypt, then your traffic will be encrypted; otherwise
it will be sent in clear text. Thus, Tcpcrypt alone provides no
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/teamspeak3.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/teamspeak3.nix
index c0ed08282aa..3be9fb31ec7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/teamspeak3.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/teamspeak3.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run the Teamspeak3 voice communication server daemon.
'';
};
@@ -27,7 +27,7 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/teamspeak3-server";
- description = ''
+ description = lib.mdDoc ''
Directory to store TS3 database and other state/data files.
'';
};
@@ -35,7 +35,7 @@ in
logPath = mkOption {
type = types.path;
default = "/var/log/teamspeak3-server/";
- description = ''
+ description = lib.mdDoc ''
Directory to store log files in.
'';
};
@@ -44,7 +44,7 @@ in
type = types.nullOr types.str;
default = null;
example = "[::]";
- description = ''
+ description = lib.mdDoc ''
IP on which the server instance will listen for incoming voice connections. Defaults to any IP.
'';
};
@@ -52,7 +52,7 @@ in
defaultVoicePort = mkOption {
type = types.int;
default = 9987;
- description = ''
+ description = lib.mdDoc ''
Default UDP port for clients to connect to virtual servers - used for first virtual server, subsequent ones will open on incrementing port numbers by default.
'';
};
@@ -61,7 +61,7 @@ in
type = types.nullOr types.str;
default = null;
example = "[::]";
- description = ''
+ description = lib.mdDoc ''
IP on which the server instance will listen for incoming file transfer connections. Defaults to any IP.
'';
};
@@ -69,7 +69,7 @@ in
fileTransferPort = mkOption {
type = types.int;
default = 30033;
- description = ''
+ description = lib.mdDoc ''
TCP port opened for file transfers.
'';
};
@@ -78,7 +78,7 @@ in
type = types.nullOr types.str;
default = null;
example = "0.0.0.0";
- description = ''
+ description = lib.mdDoc ''
IP on which the server instance will listen for incoming ServerQuery connections. Defaults to any IP.
'';
};
@@ -86,7 +86,7 @@ in
queryPort = mkOption {
type = types.int;
default = 10011;
- description = ''
+ description = lib.mdDoc ''
TCP port opened for ServerQuery connections.
'';
};
@@ -94,13 +94,13 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the TeamSpeak3 server.";
+ description = lib.mdDoc "Open ports in the firewall for the TeamSpeak3 server.";
};
openFirewallServerQuery = mkOption {
type = types.bool;
default = false;
- description = "Open ports in the firewall for the TeamSpeak3 serverquery (administration) system. Requires openFirewall.";
+ description = lib.mdDoc "Open ports in the firewall for the TeamSpeak3 serverquery (administration) system. Requires openFirewall.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tedicross.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tedicross.nix
index c7830289dca..3d7f298efac 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tedicross.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tedicross.nix
@@ -57,9 +57,9 @@ in {
debug = false;
}
'';
- description = ''
- settings.yaml configuration as a Nix attribute set.
- Secret tokens should be specified using
+ description = lib.mdDoc ''
+ {file}`settings.yaml` configuration as a Nix attribute set.
+ Secret tokens should be specified using {option}`environmentFile`
instead of this world-readable file.
'';
};
@@ -67,10 +67,10 @@ in {
environmentFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing environment variables to be passed to the TediCross service,
in which secret tokens can be specified securely using the
- TELEGRAM_BOT_TOKEN and DISCORD_BOT_TOKEN
+ `TELEGRAM_BOT_TOKEN` and `DISCORD_BOT_TOKEN`
keys.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/teleport.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/teleport.nix
index 45479162180..d03648df34b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/teleport.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/teleport.nix
@@ -33,11 +33,11 @@ in
auth_service.enabled = false;
}
'';
- description = ''
- Contents of the teleport.yaml config file.
- The --config arguments will only be passed if this set is not empty.
+ description = lib.mdDoc ''
+ Contents of the `teleport.yaml` config file.
+ The `--config` arguments will only be passed if this set is not empty.
- See .
+ See .
'';
};
@@ -61,13 +61,13 @@ in
addr = mkOption {
type = str;
default = "127.0.0.1";
- description = "Metrics and diagnostics address.";
+ description = lib.mdDoc "Metrics and diagnostics address.";
};
port = mkOption {
type = int;
default = 3000;
- description = "Metrics and diagnostics port.";
+ description = lib.mdDoc "Metrics and diagnostics port.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tftpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tftpd.nix
index c9c0a2b321d..a4dc137daa4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tftpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tftpd.nix
@@ -11,7 +11,7 @@ with lib;
services.tftpd.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable tftpd, a Trivial File Transfer Protocol server.
The server will be run as an xinetd service.
'';
@@ -20,7 +20,7 @@ with lib;
services.tftpd.path = mkOption {
type = types.path;
default = "/srv/tftp";
- description = ''
+ description = lib.mdDoc ''
Where the tftp server files are stored.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/thelounge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/thelounge.nix
index a5118fd8b33..8db541d8072 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/thelounge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/thelounge.nix
@@ -28,11 +28,11 @@ in
public = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Make your The Lounge instance public.
- Setting this to false will require you to configure user
- accounts by using the (thelounge) command or by adding
- entries in ${dataDir}/users. You might need to restart
+ Setting this to `false` will require you to configure user
+ accounts by using the ({command}`thelounge`) command or by adding
+ entries in {file}`${dataDir}/users`. You might need to restart
The Lounge after making changes to the state directory.
'';
};
@@ -40,7 +40,7 @@ in
port = mkOption {
type = types.port;
default = 9000;
- description = "TCP port to listen on for http connections.";
+ description = lib.mdDoc "TCP port to listen on for http connections.";
};
extraConfig = mkOption {
@@ -54,14 +54,14 @@ in
port = 6697;
};
}'';
- description = ''
- The Lounge's config.js contents as attribute set (will be
+ description = lib.mdDoc ''
+ The Lounge's {file}`config.js` contents as attribute set (will be
converted to JSON to generate the configuration file).
The options defined here will be merged to the default configuration file.
- Note: In case of duplicate configuration, options from have priority.
+ Note: In case of duplicate configuration, options from {option}`extraConfig` have priority.
- Documentation:
+ Documentation:
'';
};
@@ -69,9 +69,9 @@ in
default = [ ];
type = types.listOf types.package;
example = literalExpression "[ pkgs.theLoungePlugins.themes.solarized ]";
- description = ''
+ description = lib.mdDoc ''
The Lounge plugins to install. Plugins can be found in
- pkgs.theLoungePlugins.plugins and pkgs.theLoungePlugins.themes.
+ `pkgs.theLoungePlugins.plugins` and `pkgs.theLoungePlugins.themes`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tinc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tinc.nix
index 31731b60d48..1f93d82f96e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tinc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tinc.nix
@@ -24,13 +24,13 @@ let
options = {
address = mkOption {
type = types.str;
- description = "The external IP address or hostname where the host can be reached.";
+ description = lib.mdDoc "The external IP address or hostname where the host can be reached.";
};
port = mkOption {
type = types.nullOr types.port;
default = null;
- description = ''
+ description = lib.mdDoc ''
The port where the host can be reached.
If no port is specified, the default Port is used.
@@ -43,7 +43,7 @@ let
options = {
address = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The subnet of this host.
Subnets can either be single MAC, IPv4 or IPv6 addresses, in which case
@@ -60,7 +60,7 @@ let
prefixLength = mkOption {
type = with types; nullOr (addCheck int (n: n >= 0 && n <= 128));
default = null;
- description = ''
+ description = lib.mdDoc ''
The prefix length of the subnet.
If null, a subnet consisting of only that single address is assumed.
@@ -72,7 +72,7 @@ let
weight = mkOption {
type = types.ints.unsigned;
default = 10;
- description = ''
+ description = lib.mdDoc ''
Indicates the priority over identical Subnets owned by different nodes.
Lower values indicate higher priority. Packets will be sent to the
@@ -89,9 +89,9 @@ let
addresses = mkOption {
type = types.listOf (types.submodule addressSubmodule);
default = [ ];
- description = ''
+ description = lib.mdDoc ''
The external address where the host can be reached. This will set this
- host's option.
+ host's {option}`settings.Address` option.
This variable is only required if you want to connect to this host.
'';
@@ -100,9 +100,9 @@ let
subnets = mkOption {
type = types.listOf (types.submodule subnetSubmodule);
default = [ ];
- description = ''
+ description = lib.mdDoc ''
The subnets which this tinc daemon will serve. This will set this
- host's option.
+ host's {option}`settings.Subnet` option.
Tinc tries to look up which other daemon it should send a packet to by
searching the appropriate subnet. If the packet matches a subnet, it
@@ -114,24 +114,24 @@ let
rsaPublicKey = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Legacy RSA public key of the host in PEM format, including start and
end markers.
This will be appended as-is in the host's configuration file.
The ed25519 public key can be specified using the
- option instead.
+ {option}`settings.Ed25519PublicKey` option instead.
'';
};
settings = mkOption {
default = { };
type = types.submodule { freeformType = tincConfType; };
- description = ''
+ description = lib.mdDoc ''
Configuration for this host.
- See
+ See
for supported values.
'';
};
@@ -167,10 +167,10 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra lines to add to the tinc service configuration file.
- Note that using the declarative
+ Note that using the declarative {option}`service.tinc.networks..settings`
option is preferred.
'';
};
@@ -178,7 +178,7 @@ in
name = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The name of the node which is used as an identifier when communicating
with the remote nodes in the mesh. If null then the hostname of the system
is used to derive a name (note that tinc may replace non-alphanumeric characters in
@@ -189,7 +189,7 @@ in
ed25519PrivateKeyFile = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path of the private ed25519 keyfile.
'';
};
@@ -197,7 +197,7 @@ in
rsaPrivateKeyFile = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path of the private RSA keyfile.
'';
};
@@ -205,9 +205,9 @@ in
debugLevel = mkOption {
default = 0;
type = types.addCheck types.int (l: l >= 0 && l <= 5);
- description = ''
+ description = lib.mdDoc ''
The amount of debugging information to add to the log. 0 means little
- logging while 5 is the most logging. man tincd for
+ logging while 5 is the most logging. {command}`man tincd` for
more details.
'';
};
@@ -215,11 +215,11 @@ in
hosts = mkOption {
default = { };
type = types.attrsOf types.lines;
- description = ''
+ description = lib.mdDoc ''
The name of the host in the network as well as the configuration for that host.
This name should only contain alphanumerics and underscores.
- Note that using the declarative
+ Note that using the declarative {option}`service.tinc.networks..hostSettings`
option is preferred.
'';
};
@@ -249,7 +249,7 @@ in
}
'';
type = types.attrsOf (types.submodule hostSubmodule);
- description = ''
+ description = lib.mdDoc ''
The name of the host in the network as well as the configuration for that host.
This name should only contain alphanumerics and underscores.
'';
@@ -258,7 +258,7 @@ in
interfaceType = mkOption {
default = "tun";
type = types.enum [ "tun" "tap" ];
- description = ''
+ description = lib.mdDoc ''
The type of virtual interface used for the network connection.
'';
};
@@ -266,7 +266,7 @@ in
listenAddress = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The ip address to listen on for incoming connections.
'';
};
@@ -274,7 +274,7 @@ in
bindToAddress = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The ip address to bind to (both listen on and send packets from).
'';
};
@@ -283,7 +283,7 @@ in
type = types.package;
default = pkgs.tinc_pre;
defaultText = literalExpression "pkgs.tinc_pre";
- description = ''
+ description = lib.mdDoc ''
The package to use for the tinc daemon's binary.
'';
};
@@ -291,7 +291,7 @@ in
chroot = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security.
The chroot is performed after all the initialization is done, after writing pid files and opening network sockets.
@@ -309,10 +309,10 @@ in
Mode = "switch";
}
'';
- description = ''
+ description = lib.mdDoc ''
Configuration of the Tinc daemon for this network.
- See
+ See
for supported values.
'';
};
@@ -337,7 +337,7 @@ in
};
}));
- description = ''
+ description = lib.mdDoc ''
Defines the tinc networks which will be started.
Each network invokes a different daemon.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tinydns.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tinydns.nix
index 2c44ad49296..ea91af5f196 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tinydns.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tinydns.nix
@@ -10,19 +10,19 @@ with lib;
enable = mkOption {
default = false;
type = types.bool;
- description = "Whether to run the tinydns dns server";
+ description = lib.mdDoc "Whether to run the tinydns dns server";
};
data = mkOption {
type = types.lines;
default = "";
- description = "The DNS data to serve, in the format described by tinydns-data(8)";
+ description = lib.mdDoc "The DNS data to serve, in the format described by tinydns-data(8)";
};
ip = mkOption {
default = "0.0.0.0";
type = types.str;
- description = "IP address on which to listen for connections";
+ description = lib.mdDoc "IP address on which to listen for connections";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tox-bootstrapd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tox-bootstrapd.nix
index 7c13724e084..e6dc36bf9ec 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tox-bootstrapd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tox-bootstrapd.nix
@@ -23,7 +23,7 @@ in
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Whether to enable the Tox DHT bootstrap daemon.
'';
};
@@ -31,23 +31,23 @@ in
port = mkOption {
type = types.int;
default = 33445;
- description = "Listening port (UDP).";
+ description = lib.mdDoc "Listening port (UDP).";
};
keysFile = mkOption {
type = types.str;
default = "${WorkingDirectory}/keys";
- description = "Node key file.";
+ description = lib.mdDoc "Node key file.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
description =
- ''
+ lib.mdDoc ''
Configuration for bootstrap daemon.
- See
- and .
+ See
+ and .
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tox-node.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tox-node.nix
index c6e5c2d6e81..9371066be8e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tox-node.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tox-node.nix
@@ -33,42 +33,42 @@ in {
logType = mkOption {
type = types.enum [ "Stderr" "Stdout" "Syslog" "None" ];
default = "Stderr";
- description = "Logging implementation.";
+ description = lib.mdDoc "Logging implementation.";
};
keysFile = mkOption {
type = types.str;
default = "${homeDir}/keys";
- description = "Path to the file where DHT keys are stored.";
+ description = lib.mdDoc "Path to the file where DHT keys are stored.";
};
udpAddress = mkOption {
type = types.str;
default = "0.0.0.0:33445";
- description = "UDP address to run DHT node.";
+ description = lib.mdDoc "UDP address to run DHT node.";
};
tcpAddresses = mkOption {
type = types.listOf types.str;
default = [ "0.0.0.0:33445" ];
- description = "TCP addresses to run TCP relay.";
+ description = lib.mdDoc "TCP addresses to run TCP relay.";
};
tcpConnectionLimit = mkOption {
type = types.int;
default = 8192;
- description = "Maximum number of active TCP connections relay can hold";
+ description = lib.mdDoc "Maximum number of active TCP connections relay can hold";
};
lanDiscovery = mkOption {
type = types.bool;
default = true;
- description = "Enable local network discovery.";
+ description = lib.mdDoc "Enable local network discovery.";
};
threads = mkOption {
type = types.int;
default = 1;
- description = "Number of threads for execution";
+ description = lib.mdDoc "Number of threads for execution";
};
motd = mkOption {
type = types.str;
default = "Hi from tox-rs! I'm up {{uptime}}. TCP: incoming {{tcp_packets_in}}, outgoing {{tcp_packets_out}}, UDP: incoming {{udp_packets_in}}, outgoing {{udp_packets_out}}";
- description = "Message of the day";
+ description = lib.mdDoc "Message of the day";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/toxvpn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/toxvpn.nix
index 18cf7672d5f..618726b0640 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/toxvpn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/toxvpn.nix
@@ -10,20 +10,20 @@ with lib;
localip = mkOption {
type = types.str;
default = "10.123.123.1";
- description = "your ip on the vpn";
+ description = lib.mdDoc "your ip on the vpn";
};
port = mkOption {
type = types.int;
default = 33445;
- description = "udp port for toxcore, port-forward to help with connectivity if you run many nodes behind one NAT";
+ description = lib.mdDoc "udp port for toxcore, port-forward to help with connectivity if you run many nodes behind one NAT";
};
auto_add_peers = mkOption {
type = types.listOf types.str;
default = [];
example = [ "toxid1" "toxid2" ];
- description = "peers to automatically connect to on startup";
+ description = lib.mdDoc "peers to automatically connect to on startup";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/trickster.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/trickster.nix
index ac260a14d9a..0b696e412b4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/trickster.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/trickster.nix
@@ -15,7 +15,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Trickster.
'';
};
@@ -24,7 +24,7 @@ in
type = types.package;
default = pkgs.trickster;
defaultText = literalExpression "pkgs.trickster";
- description = ''
+ description = lib.mdDoc ''
Package that should be used for trickster.
'';
};
@@ -32,7 +32,7 @@ in
configFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to configuration file.
'';
};
@@ -40,7 +40,7 @@ in
instance-id = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
Instance ID for when running multiple processes (default null).
'';
};
@@ -48,7 +48,7 @@ in
log-level = mkOption {
type = types.str;
default = "info";
- description = ''
+ description = lib.mdDoc ''
Level of Logging to use (debug, info, warn, error) (default "info").
'';
};
@@ -56,7 +56,7 @@ in
metrics-port = mkOption {
type = types.port;
default = 8082;
- description = ''
+ description = lib.mdDoc ''
Port that the /metrics endpoint will listen on.
'';
};
@@ -64,7 +64,7 @@ in
origin-type = mkOption {
type = types.enum [ "prometheus" "influxdb" ];
default = "prometheus";
- description = ''
+ description = lib.mdDoc ''
Type of origin (prometheus, influxdb)
'';
};
@@ -72,7 +72,7 @@ in
origin-url = mkOption {
type = types.str;
default = "http://prometheus:9090";
- description = ''
+ description = lib.mdDoc ''
URL to the Origin. Enter it like you would in grafana, e.g., http://prometheus:9090 (default http://prometheus:9090).
'';
};
@@ -80,7 +80,7 @@ in
profiler-port = mkOption {
type = types.nullOr types.port;
default = null;
- description = ''
+ description = lib.mdDoc ''
Port that the /debug/pprof endpoint will listen on.
'';
};
@@ -88,7 +88,7 @@ in
proxy-port = mkOption {
type = types.port;
default = 9090;
- description = ''
+ description = lib.mdDoc ''
Port that the Proxy server will listen on.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tvheadend.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tvheadend.nix
index 19a10a03bd9..dd5fa209be6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tvheadend.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/tvheadend.nix
@@ -13,13 +13,13 @@ in
httpPort = mkOption {
type = types.int;
default = 9981;
- description = "Port to bind HTTP to.";
+ description = lib.mdDoc "Port to bind HTTP to.";
};
htspPort = mkOption {
type = types.int;
default = 9982;
- description = "Port to bind HTSP to.";
+ description = lib.mdDoc "Port to bind HTSP to.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ucarp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ucarp.nix
index 189e4f99cef..7e8b1026db7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ucarp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/ucarp.nix
@@ -32,30 +32,30 @@ in {
interface = mkOption {
type = types.str;
- description = "Network interface to bind to.";
+ description = lib.mdDoc "Network interface to bind to.";
example = "eth0";
};
srcIp = mkOption {
type = types.str;
- description = "Source (real) IP address of this host.";
+ description = lib.mdDoc "Source (real) IP address of this host.";
};
vhId = mkOption {
type = types.ints.between 1 255;
- description = "Virtual IP identifier shared between CARP hosts.";
+ description = lib.mdDoc "Virtual IP identifier shared between CARP hosts.";
example = 1;
};
passwordFile = mkOption {
type = types.str;
- description = "File containing shared password between CARP hosts.";
+ description = lib.mdDoc "File containing shared password between CARP hosts.";
example = "/run/keys/ucarp-password";
};
preempt = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable preemptive failover.
Thus, this host becomes the CARP master as soon as possible.
'';
@@ -64,30 +64,30 @@ in {
neutral = mkOption {
type = types.bool;
- description = "Do not run downscript at start if the host is the backup.";
+ description = lib.mdDoc "Do not run downscript at start if the host is the backup.";
default = false;
};
addr = mkOption {
type = types.str;
- description = "Virtual shared IP address.";
+ description = lib.mdDoc "Virtual shared IP address.";
};
advBase = mkOption {
type = types.ints.unsigned;
- description = "Advertisement frequency in seconds.";
+ description = lib.mdDoc "Advertisement frequency in seconds.";
default = 1;
};
advSkew = mkOption {
type = types.ints.unsigned;
- description = "Advertisement skew in seconds.";
+ description = lib.mdDoc "Advertisement skew in seconds.";
default = 0;
};
upscript = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Command to run after become master, the interface name, virtual address
and optional extra parameters are passed as arguments.
'';
@@ -101,7 +101,7 @@ in {
downscript = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Command to run after become backup, the interface name, virtual address
and optional extra parameters are passed as arguments.
'';
@@ -115,37 +115,37 @@ in {
deadratio = mkOption {
type = types.ints.unsigned;
- description = "Ratio to consider a host as dead.";
+ description = lib.mdDoc "Ratio to consider a host as dead.";
default = 3;
};
shutdown = mkOption {
type = types.bool;
- description = "Call downscript at exit.";
+ description = lib.mdDoc "Call downscript at exit.";
default = false;
};
ignoreIfState = mkOption {
type = types.bool;
- description = "Ignore interface state, e.g., down or no carrier.";
+ description = lib.mdDoc "Ignore interface state, e.g., down or no carrier.";
default = false;
};
noMcast = mkOption {
type = types.bool;
- description = "Use broadcast instead of multicast advertisements.";
+ description = lib.mdDoc "Use broadcast instead of multicast advertisements.";
default = false;
};
extraParam = mkOption {
type = types.nullOr types.str;
- description = "Extra parameter to pass to the up/down scripts.";
+ description = lib.mdDoc "Extra parameter to pass to the up/down scripts.";
default = null;
};
package = mkOption {
type = types.package;
- description = ''
+ description = lib.mdDoc ''
Package that should be used for ucarp.
Please note that the default package, pkgs.ucarp, has not received any
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/unbound.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/unbound.nix
index 87873c8c1e8..7460ba3df7b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/unbound.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/unbound.nix
@@ -46,31 +46,31 @@ in {
type = types.package;
default = pkgs.unbound-with-systemd;
defaultText = literalExpression "pkgs.unbound-with-systemd";
- description = "The unbound package to use";
+ description = lib.mdDoc "The unbound package to use";
};
user = mkOption {
type = types.str;
default = "unbound";
- description = "User account under which unbound runs.";
+ description = lib.mdDoc "User account under which unbound runs.";
};
group = mkOption {
type = types.str;
default = "unbound";
- description = "Group under which unbound runs.";
+ description = lib.mdDoc "Group under which unbound runs.";
};
stateDir = mkOption {
type = types.path;
default = "/var/lib/unbound";
- description = "Directory holding all state for unbound to run.";
+ description = lib.mdDoc "Directory holding all state for unbound to run.";
};
resolveLocalQueries = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether unbound should resolve local queries (i.e. add 127.0.0.1 to
/etc/resolv.conf).
'';
@@ -79,7 +79,7 @@ in {
enableRootTrustAnchor = mkOption {
default = true;
type = types.bool;
- description = "Use and update root trust anchor for DNSSEC validation.";
+ description = lib.mdDoc "Use and update root trust anchor for DNSSEC validation.";
};
localControlSocketPath = mkOption {
@@ -90,16 +90,16 @@ in {
# but I haven't verified yet.
type = types.nullOr types.str;
example = "/run/unbound/unbound.ctl";
- description = ''
- When not set to null this option defines the path
+ description = lib.mdDoc ''
+ When not set to `null` this option defines the path
at which the unbound remote control socket should be created at. The
- socket will be owned by the unbound user (unbound)
- and group will be nogroup.
+ socket will be owned by the unbound user (`unbound`)
+ and group will be `nogroup`.
Users that should be permitted to access the socket must be in the
- config.services.unbound.group group.
+ `config.services.unbound.group` group.
- If this option is null remote control will not be
+ If this option is `null` remote control will not be
enabled. Unbounds default values apply.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/unifi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/unifi.nix
index e88daae1fbb..d30f7c89633 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/unifi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/unifi.nix
@@ -17,7 +17,7 @@ in
services.unifi.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether or not to enable the unifi controller service.
'';
};
@@ -26,7 +26,7 @@ in
type = types.package;
default = pkgs.jre8;
defaultText = literalExpression "pkgs.jre8";
- description = ''
+ description = lib.mdDoc ''
The JRE package to use. Check the release notes to ensure it is supported.
'';
};
@@ -35,7 +35,7 @@ in
type = types.package;
default = pkgs.unifiLTS;
defaultText = literalExpression "pkgs.unifiLTS";
- description = ''
+ description = lib.mdDoc ''
The unifi package to use.
'';
};
@@ -44,7 +44,7 @@ in
type = types.package;
default = pkgs.mongodb;
defaultText = literalExpression "pkgs.mongodb";
- description = ''
+ description = lib.mdDoc ''
The mongodb package to use.
'';
};
@@ -52,7 +52,7 @@ in
services.unifi.openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether or not to open the minimum required ports on the firewall.
This is necessary to allow firmware upgrades and device discovery to
@@ -65,7 +65,7 @@ in
type = types.nullOr types.int;
default = null;
example = 1024;
- description = ''
+ description = lib.mdDoc ''
Set the initial heap size for the JVM in MB. If this option isn't set, the
JVM will decide this value at runtime.
'';
@@ -75,7 +75,7 @@ in
type = types.nullOr types.int;
default = null;
example = 4096;
- description = ''
+ description = lib.mdDoc ''
Set the maximimum heap size for the JVM in MB. If this option isn't set, the
JVM will decide this value at runtime.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/uptermd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/uptermd.nix
index b845a00649e..387478de99e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/uptermd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/uptermd.nix
@@ -13,15 +13,15 @@ in
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to open the firewall for the port in .
+ description = lib.mdDoc ''
+ Whether to open the firewall for the port in {option}`services.uptermd.port`.
'';
};
port = mkOption {
type = types.port;
default = 2222;
- description = ''
+ description = lib.mdDoc ''
Port the server will listen on.
'';
};
@@ -30,7 +30,7 @@ in
type = types.str;
default = "[::]";
example = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Address the server will listen on.
'';
};
@@ -39,7 +39,7 @@ in
type = types.nullOr types.path;
default = null;
example = "/run/keys/upterm_host_ed25519_key";
- description = ''
+ description = lib.mdDoc ''
Path to SSH host key. If not defined, an ed25519 keypair is generated automatically.
'';
};
@@ -48,7 +48,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "--debug" ];
- description = ''
+ description = lib.mdDoc ''
Extra flags passed to the uptermd command.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/v2ray.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/v2ray.nix
index 95e8761ba5c..f063ddfed0a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/v2ray.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/v2ray.nix
@@ -9,10 +9,10 @@ with lib;
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to run v2ray server.
- Either configFile or config must be specified.
+ Either `configFile` or `config` must be specified.
'';
};
@@ -20,7 +20,7 @@ with lib;
type = types.package;
default = pkgs.v2ray;
defaultText = literalExpression "pkgs.v2ray";
- description = ''
+ description = lib.mdDoc ''
Which v2ray package to use.
'';
};
@@ -29,12 +29,12 @@ with lib;
type = types.nullOr types.str;
default = null;
example = "/etc/v2ray/config.json";
- description = ''
+ description = lib.mdDoc ''
The absolute path to the configuration file.
- Either configFile or config must be specified.
+ Either `configFile` or `config` must be specified.
- See .
+ See .
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/vsftpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/vsftpd.nix
index d205302051e..b26adbf8719 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/vsftpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/vsftpd.nix
@@ -154,18 +154,18 @@ in
userlist = mkOption {
default = [];
type = types.listOf types.str;
- description = "See .";
+ description = lib.mdDoc "See {option}`userlistFile`.";
};
userlistFile = mkOption {
type = types.path;
default = pkgs.writeText "userlist" (concatMapStrings (x: "${x}\n") cfg.userlist);
defaultText = literalExpression ''pkgs.writeText "userlist" (concatMapStrings (x: "''${x}\n") cfg.userlist)'';
- description = ''
- Newline separated list of names to be allowed/denied if
- is true. Meaning see .
+ description = lib.mdDoc ''
+ Newline separated list of names to be allowed/denied if {option}`userlistEnable`
+ is `true`. Meaning see {option}`userlistDeny`.
- The default is a file containing the users from .
+ The default is a file containing the users from {option}`userlist`.
If explicitely set to null userlist_file will not be set in vsftpd's config file.
'';
@@ -174,8 +174,8 @@ in
enableVirtualUsers = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to enable the pam_userdb-based
+ description = lib.mdDoc ''
+ Whether to enable the `pam_userdb`-based
virtual user system
'';
};
@@ -218,7 +218,7 @@ in
type = types.nullOr types.str;
default = null;
example = "/var/www/$USER";
- description = ''
+ description = lib.mdDoc ''
This option represents a directory which vsftpd will try to
change into after a local (i.e. non- anonymous) login.
@@ -229,7 +229,7 @@ in
anonymousUserHome = mkOption {
type = types.path;
default = "/home/ftp/";
- description = ''
+ description = lib.mdDoc ''
Directory to consider the HOME of the anonymous user.
'';
};
@@ -237,27 +237,27 @@ in
rsaCertFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "RSA certificate file.";
+ description = lib.mdDoc "RSA certificate file.";
};
rsaKeyFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "RSA private key file.";
+ description = lib.mdDoc "RSA private key file.";
};
anonymousUmask = mkOption {
type = types.str;
default = "077";
example = "002";
- description = "Anonymous write umask.";
+ description = lib.mdDoc "Anonymous write umask.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
example = "ftpd_banner=Hello";
- description = "Extra configuration to add at the bottom of the generated configuration file.";
+ description = lib.mdDoc "Extra configuration to add at the bottom of the generated configuration file.";
};
} // (listToAttrs (catAttrs "nixosOption" optionDescription));
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wasabibackend.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wasabibackend.nix
index b6dcd940915..00d772a718c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wasabibackend.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wasabibackend.nix
@@ -34,32 +34,32 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/lib/wasabibackend";
- description = "The data directory for the Wasabi backend node.";
+ description = lib.mdDoc "The data directory for the Wasabi backend node.";
};
customConfigFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Defines the path to a custom configuration file that is copied to the user's directory. Overrides any config options.";
+ description = lib.mdDoc "Defines the path to a custom configuration file that is copied to the user's directory. Overrides any config options.";
};
network = mkOption {
type = types.enum [ "mainnet" "testnet" "regtest" ];
default = "mainnet";
- description = "The network to use for the Wasabi backend service.";
+ description = lib.mdDoc "The network to use for the Wasabi backend service.";
};
endpoint = {
ip = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "IP address for P2P connection to bitcoind.";
+ description = lib.mdDoc "IP address for P2P connection to bitcoind.";
};
port = mkOption {
type = types.port;
default = 8333;
- description = "Port for P2P connection to bitcoind.";
+ description = lib.mdDoc "Port for P2P connection to bitcoind.";
};
};
@@ -67,45 +67,45 @@ in {
ip = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "IP address for RPC connection to bitcoind.";
+ description = lib.mdDoc "IP address for RPC connection to bitcoind.";
};
port = mkOption {
type = types.port;
default = 8332;
- description = "Port for RPC connection to bitcoind.";
+ description = lib.mdDoc "Port for RPC connection to bitcoind.";
};
user = mkOption {
type = types.str;
default = "bitcoin";
- description = "RPC user for the bitcoin endpoint.";
+ description = lib.mdDoc "RPC user for the bitcoin endpoint.";
};
password = mkOption {
type = types.str;
default = "password";
- description = "RPC password for the bitcoin endpoint. Warning: this is stored in cleartext in the Nix store! Use configFile or passwordFile if needed.";
+ description = lib.mdDoc "RPC password for the bitcoin endpoint. Warning: this is stored in cleartext in the Nix store! Use `configFile` or `passwordFile` if needed.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "File that contains the password of the RPC user.";
+ description = lib.mdDoc "File that contains the password of the RPC user.";
};
};
user = mkOption {
type = types.str;
default = "wasabibackend";
- description = "The user as which to run the wasabibackend node.";
+ description = lib.mdDoc "The user as which to run the wasabibackend node.";
};
group = mkOption {
type = types.str;
default = cfg.user;
defaultText = literalExpression "config.${opt.user}";
- description = "The group as which to run the wasabibackend node.";
+ description = lib.mdDoc "The group as which to run the wasabibackend node.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/websockify.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/websockify.nix
index f7e014e03ef..45a3487bd33 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/websockify.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/websockify.nix
@@ -6,7 +6,7 @@ let cfg = config.services.networking.websockify; in {
options = {
services.networking.websockify = {
enable = mkOption {
- description = "Whether to enable websockify to forward websocket connections to TCP connections.";
+ description = lib.mdDoc "Whether to enable websockify to forward websocket connections to TCP connections.";
default = false;
@@ -14,19 +14,19 @@ let cfg = config.services.networking.websockify; in {
};
sslCert = mkOption {
- description = "Path to the SSL certificate.";
+ description = lib.mdDoc "Path to the SSL certificate.";
type = types.path;
};
sslKey = mkOption {
- description = "Path to the SSL key.";
+ description = lib.mdDoc "Path to the SSL key.";
default = cfg.sslCert;
defaultText = literalExpression "config.services.networking.websockify.sslCert";
type = types.path;
};
portMap = mkOption {
- description = "Ports to map by default.";
+ description = lib.mdDoc "Ports to map by default.";
default = {};
type = types.attrsOf types.int;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wg-quick.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wg-quick.nix
index 236d3f452e7..b43c3e85132 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wg-quick.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wg-quick.nix
@@ -15,7 +15,7 @@ let
example = "/secret/wg0.conf";
default = null;
type = with types; nullOr str;
- description = ''
+ description = lib.mdDoc ''
wg-quick .conf file, describing the interface.
This overrides any other configuration interface configuration options.
See wg-quick manpage for more details.
@@ -26,11 +26,11 @@ let
example = [ "192.168.2.1/24" ];
default = [];
type = with types; listOf str;
- description = "The IP addresses of the interface.";
+ description = lib.mdDoc "The IP addresses of the interface.";
};
autostart = mkOption {
- description = "Whether to bring up this interface automatically during boot.";
+ description = lib.mdDoc "Whether to bring up this interface automatically during boot.";
default = true;
example = false;
type = types.bool;
@@ -40,15 +40,15 @@ let
example = [ "192.168.2.2" ];
default = [];
type = with types; listOf str;
- description = "The IP addresses of DNS servers to configure.";
+ description = lib.mdDoc "The IP addresses of DNS servers to configure.";
};
privateKey = mkOption {
example = "yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=";
type = with types; nullOr str;
default = null;
- description = ''
- Base64 private key generated by wg genkey.
+ description = lib.mdDoc ''
+ Base64 private key generated by {command}`wg genkey`.
Warning: Consider using privateKeyFile instead if you do not
want to store the key in the world-readable Nix store.
@@ -59,8 +59,8 @@ let
example = "/private/wireguard_key";
type = with types; nullOr str;
default = null;
- description = ''
- Private key file as generated by wg genkey.
+ description = lib.mdDoc ''
+ Private key file as generated by {command}`wg genkey`.
'';
};
@@ -68,7 +68,7 @@ let
default = null;
type = with types; nullOr int;
example = 51820;
- description = ''
+ description = lib.mdDoc ''
16-bit port for listening. Optional; if not specified,
automatically generated based on interface name.
'';
@@ -78,7 +78,7 @@ let
example = literalExpression ''"''${pkgs.iproute2}/bin/ip netns add foo"'';
default = "";
type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines;
- description = ''
+ description = lib.mdDoc ''
Commands called at the start of the interface setup.
'';
};
@@ -87,7 +87,7 @@ let
example = literalExpression ''"''${pkgs.iproute2}/bin/ip netns del foo"'';
default = "";
type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines;
- description = ''
+ description = lib.mdDoc ''
Command called before the interface is taken down.
'';
};
@@ -96,7 +96,7 @@ let
example = literalExpression ''"''${pkgs.iproute2}/bin/ip netns add foo"'';
default = "";
type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines;
- description = ''
+ description = lib.mdDoc ''
Commands called after the interface setup.
'';
};
@@ -105,7 +105,7 @@ let
example = literalExpression ''"''${pkgs.iproute2}/bin/ip netns del foo"'';
default = "";
type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines;
- description = ''
+ description = lib.mdDoc ''
Command called after the interface is taken down.
'';
};
@@ -114,7 +114,7 @@ let
example = "main";
default = null;
type = with types; nullOr str;
- description = ''
+ description = lib.mdDoc ''
The kernel routing table to add this interface's
associated routes to. Setting this is useful for e.g. policy routing
("ip rule") or virtual routing and forwarding ("ip vrf"). Both
@@ -127,7 +127,7 @@ let
example = 1248;
default = null;
type = with types; nullOr int;
- description = ''
+ description = lib.mdDoc ''
If not specified, the MTU is automatically determined
from the endpoint addresses or the system default route, which is usually
a sane choice. However, to manually specify an MTU to override this
@@ -137,7 +137,7 @@ let
peers = mkOption {
default = [];
- description = "Peers linked to the interface.";
+ description = lib.mdDoc "Peers linked to the interface.";
type = with types; listOf (submodule peerOpts);
};
};
@@ -150,15 +150,15 @@ let
publicKey = mkOption {
example = "xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=";
type = types.str;
- description = "The base64 public key to the peer.";
+ description = lib.mdDoc "The base64 public key to the peer.";
};
presharedKey = mkOption {
default = null;
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
type = with types; nullOr str;
- description = ''
- Base64 preshared key generated by wg genpsk.
+ description = lib.mdDoc ''
+ Base64 preshared key generated by {command}`wg genpsk`.
Optional, and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.
@@ -172,8 +172,8 @@ let
default = null;
example = "/private/wireguard_psk";
type = with types; nullOr str;
- description = ''
- File pointing to preshared key as generated by wg genpsk.
+ description = lib.mdDoc ''
+ File pointing to preshared key as generated by {command}`wg genpsk`.
Optional, and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.
@@ -183,7 +183,7 @@ let
allowedIPs = mkOption {
example = [ "10.192.122.3/32" "10.192.124.1/24" ];
type = with types; listOf str;
- description = ''List of IP (v4 or v6) addresses with CIDR masks from
+ description = lib.mdDoc ''List of IP (v4 or v6) addresses with CIDR masks from
which this peer is allowed to send incoming traffic and to which
outgoing traffic for this peer is directed. The catch-all 0.0.0.0/0 may
be specified for matching all IPv4 addresses, and ::/0 may be specified
@@ -194,7 +194,7 @@ let
default = null;
example = "demo.wireguard.io:12913";
type = with types; nullOr str;
- description = ''Endpoint IP or hostname of the peer, followed by a colon,
+ description = lib.mdDoc ''Endpoint IP or hostname of the peer, followed by a colon,
and then a port number of the peer.'';
};
@@ -202,7 +202,7 @@ let
default = null;
type = with types; nullOr int;
example = 25;
- description = ''This is optional and is by default off, because most
+ description = lib.mdDoc ''This is optional and is by default off, because most
users will not need it. It represents, in seconds, between 1 and 65535
inclusive, how often to send an authenticated empty packet to the peer,
for the purpose of keeping a stateful firewall or NAT mapping valid
@@ -273,7 +273,7 @@ let
after = [ "network.target" "network-online.target" ];
wantedBy = optional values.autostart "multi-user.target";
environment.DEVICE = name;
- path = [ pkgs.kmod pkgs.wireguard-tools ];
+ path = [ pkgs.kmod pkgs.wireguard-tools config.networking.resolvconf.package ];
serviceConfig = {
Type = "oneshot";
@@ -304,7 +304,7 @@ in {
options = {
networking.wg-quick = {
interfaces = mkOption {
- description = "Wireguard interfaces.";
+ description = lib.mdDoc "Wireguard interfaces.";
default = {};
example = {
wg0 = {
@@ -332,5 +332,11 @@ in {
# breaks the wg-quick routing because wireguard packets leave with a fwmark from wireguard.
networking.firewall.checkReversePath = false;
systemd.services = mapAttrs' generateUnit cfg.interfaces;
+
+ # Prevent networkd from clearing the rules set by wg-quick when restarted (e.g. when waking up from suspend).
+ systemd.network.config.networkConfig.ManageForeignRoutingPolicyRules = mkDefault false;
+
+ # WireGuard interfaces should be ignored in determining whether the network is online.
+ systemd.network.wait-online.ignoredInterfaces = builtins.attrNames cfg.interfaces;
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wireguard.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wireguard.nix
index a3c3c245f1d..412e9c921f5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wireguard.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wireguard.nix
@@ -19,15 +19,15 @@ let
example = [ "192.168.2.1/24" ];
default = [];
type = with types; listOf str;
- description = "The IP addresses of the interface.";
+ description = lib.mdDoc "The IP addresses of the interface.";
};
privateKey = mkOption {
example = "yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=";
type = with types; nullOr str;
default = null;
- description = ''
- Base64 private key generated by wg genkey.
+ description = lib.mdDoc ''
+ Base64 private key generated by {command}`wg genkey`.
Warning: Consider using privateKeyFile instead if you do not
want to store the key in the world-readable Nix store.
@@ -37,9 +37,9 @@ let
generatePrivateKeyFile = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Automatically generate a private key with
- wg genkey, at the privateKeyFile location.
+ {command}`wg genkey`, at the privateKeyFile location.
'';
};
@@ -47,8 +47,8 @@ let
example = "/private/wireguard_key";
type = with types; nullOr str;
default = null;
- description = ''
- Private key file as generated by wg genkey.
+ description = lib.mdDoc ''
+ Private key file as generated by {command}`wg genkey`.
'';
};
@@ -56,7 +56,7 @@ let
default = null;
type = with types; nullOr int;
example = 51820;
- description = ''
+ description = lib.mdDoc ''
16-bit port for listening. Optional; if not specified,
automatically generated based on interface name.
'';
@@ -66,7 +66,7 @@ let
example = literalExpression ''"''${pkgs.iproute2}/bin/ip netns add foo"'';
default = "";
type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines;
- description = ''
+ description = lib.mdDoc ''
Commands called at the start of the interface setup.
'';
};
@@ -77,20 +77,20 @@ let
'';
default = "";
type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines;
- description = "Commands called at the end of the interface setup.";
+ description = lib.mdDoc "Commands called at the end of the interface setup.";
};
postShutdown = mkOption {
example = literalExpression ''"''${pkgs.openresolv}/bin/resolvconf -d wg0"'';
default = "";
type = with types; coercedTo (listOf str) (concatStringsSep "\n") lines;
- description = "Commands called after shutting down the interface.";
+ description = lib.mdDoc "Commands called after shutting down the interface.";
};
table = mkOption {
default = "main";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The kernel routing table to add this interface's
associated routes to. Setting this is useful for e.g. policy routing
("ip rule") or virtual routing and forwarding ("ip vrf"). Both
@@ -101,7 +101,7 @@ let
peers = mkOption {
default = [];
- description = "Peers linked to the interface.";
+ description = lib.mdDoc "Peers linked to the interface.";
type = with types; listOf (submodule peerOpts);
};
@@ -109,7 +109,7 @@ let
example = false;
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Determines whether to add allowed IPs as routes or not.
'';
};
@@ -152,15 +152,15 @@ let
publicKey = mkOption {
example = "xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=";
type = types.str;
- description = "The base64 public key of the peer.";
+ description = lib.mdDoc "The base64 public key of the peer.";
};
presharedKey = mkOption {
default = null;
example = "rVXs/Ni9tu3oDBLS4hOyAUAa1qTWVA3loR8eL20os3I=";
type = with types; nullOr str;
- description = ''
- Base64 preshared key generated by wg genpsk.
+ description = lib.mdDoc ''
+ Base64 preshared key generated by {command}`wg genpsk`.
Optional, and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.
@@ -174,8 +174,8 @@ let
default = null;
example = "/private/wireguard_psk";
type = with types; nullOr str;
- description = ''
- File pointing to preshared key as generated by wg genpsk.
+ description = lib.mdDoc ''
+ File pointing to preshared key as generated by {command}`wg genpsk`.
Optional, and may be omitted. This option adds an additional layer of
symmetric-key cryptography to be mixed into the already existing
public-key cryptography, for post-quantum resistance.
@@ -185,7 +185,7 @@ let
allowedIPs = mkOption {
example = [ "10.192.122.3/32" "10.192.124.1/24" ];
type = with types; listOf str;
- description = ''List of IP (v4 or v6) addresses with CIDR masks from
+ description = lib.mdDoc ''List of IP (v4 or v6) addresses with CIDR masks from
which this peer is allowed to send incoming traffic and to which
outgoing traffic for this peer is directed. The catch-all 0.0.0.0/0 may
be specified for matching all IPv4 addresses, and ::/0 may be specified
@@ -216,12 +216,12 @@ let
default = 0;
example = 5;
type = with types; int;
- description = ''
- Periodically re-execute the wg utility every
+ description = lib.mdDoc ''
+ Periodically re-execute the `wg` utility every
this many seconds in order to let WireGuard notice DNS / hostname
changes.
- Setting this to 0 disables periodic reexecution.
+ Setting this to `0` disables periodic reexecution.
'';
};
@@ -229,7 +229,7 @@ let
default = null;
type = with types; nullOr int;
example = 25;
- description = ''This is optional and is by default off, because most
+ description = lib.mdDoc ''This is optional and is by default off, because most
users will not need it. It represents, in seconds, between 1 and 65535
inclusive, how often to send an authenticated empty packet to the peer,
for the purpose of keeping a stateful firewall or NAT mapping valid
@@ -437,7 +437,7 @@ in
networking.wireguard = {
enable = mkOption {
- description = "Whether to enable WireGuard.";
+ description = lib.mdDoc "Whether to enable WireGuard.";
type = types.bool;
# 2019-05-25: Backwards compatibility.
default = cfg.interfaces != {};
@@ -446,7 +446,7 @@ in
};
interfaces = mkOption {
- description = "WireGuard interfaces.";
+ description = lib.mdDoc "WireGuard interfaces.";
default = {};
example = {
wg0 = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wpa_supplicant.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wpa_supplicant.nix
index 5a7975ae178..e21c25e2f78 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wpa_supplicant.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/wpa_supplicant.nix
@@ -183,7 +183,7 @@ in {
driver = mkOption {
type = types.str;
default = "nl80211,wext";
- description = "Force a specific wpa_supplicant driver.";
+ description = lib.mdDoc "Force a specific wpa_supplicant driver.";
};
allowAuxiliaryImperativeNetworks = mkEnableOption "support for imperative & declarative networks" // {
@@ -199,7 +199,7 @@ in {
scanOnLowSignal = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to periodically scan for (better) networks when the signal of
the current one is low. This will make roaming between access points
faster, but will consume more power.
@@ -209,7 +209,7 @@ in {
fallbackToWPA2 = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to fall back to WPA2 authentication protocols if WPA3 failed.
This allows old wireless cards (that lack recent features required by
WPA3) to connect to mixed WPA2/WPA3 access points.
@@ -331,9 +331,9 @@ in {
"OWE"
"DPP"
]);
- description = ''
+ description = lib.mdDoc ''
The list of authentication protocols accepted by this network.
- This corresponds to the key_mgmt option in wpa_supplicant.
+ This corresponds to the `key_mgmt` option in wpa_supplicant.
'';
};
@@ -369,8 +369,8 @@ in {
hidden = mkOption {
type = types.bool;
default = false;
- description = ''
- Set this to true if the SSID of the network is hidden.
+ description = lib.mdDoc ''
+ Set this to `true` if the SSID of the network is hidden.
'';
example = literalExpression ''
{ echelon = {
@@ -384,7 +384,7 @@ in {
priority = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
By default, all networks will get same priority group (0). If some of the
networks are more desirable, this field can be used to change the order in
which wpa_supplicant goes through the networks when selecting a BSS. The
@@ -414,9 +414,9 @@ in {
};
});
- description = ''
+ description = lib.mdDoc ''
The network definitions to automatically connect to when
- wpa_supplicant is running. If this
+ {command}`wpa_supplicant` is running. If this
parameter is left empty wpa_supplicant will use
/etc/wpa_supplicant.conf as the configuration file.
'';
@@ -443,7 +443,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli.
This is useful for laptop users that switch networks a lot and don't want
to depend on a large package such as NetworkManager just to pick nearby
@@ -458,7 +458,7 @@ in {
type = types.str;
default = "wheel";
example = "network";
- description = "Members of this group can control wpa_supplicant.";
+ description = lib.mdDoc "Members of this group can control wpa_supplicant.";
};
};
@@ -466,7 +466,7 @@ in {
type = types.bool;
default = lib.length cfg.interfaces < 2;
defaultText = literalExpression "length config.${opt.interfaces} < 2";
- description = ''
+ description = lib.mdDoc ''
Whether to enable the DBus control interface.
This is only needed when using NetworkManager or connman.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/x2goserver.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/x2goserver.nix
index d4adf6c5650..3c2424b6f4f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/x2goserver.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/x2goserver.nix
@@ -42,7 +42,7 @@ in {
nxagentDefaultOptions = mkOption {
type = types.listOf types.str;
default = [ "-extension GLX" "-nolisten tcp" ];
- description = ''
+ description = lib.mdDoc ''
List of default nx agent options.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xandikos.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xandikos.nix
index 4bd45a76e67..649e9c7a668 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xandikos.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xandikos.nix
@@ -15,13 +15,13 @@ in
type = types.package;
default = pkgs.xandikos;
defaultText = literalExpression "pkgs.xandikos";
- description = "The Xandikos package to use.";
+ description = lib.mdDoc "The Xandikos package to use.";
};
address = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
The IP address on which Xandikos will listen.
By default listens on localhost.
'';
@@ -30,13 +30,13 @@ in
port = mkOption {
type = types.port;
default = 8080;
- description = "The port of the Xandikos web application";
+ description = lib.mdDoc "The port of the Xandikos web application";
};
routePrefix = mkOption {
type = types.str;
default = "/";
- description = ''
+ description = lib.mdDoc ''
Path to Xandikos.
Useful when Xandikos is behind a reverse proxy.
'';
@@ -52,14 +52,14 @@ in
"--dump-dav-xml"
]
'';
- description = ''
+ description = lib.mdDoc ''
Extra command line arguments to pass to xandikos.
'';
};
nginx = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
Configuration for nginx reverse proxy.
'';
@@ -68,14 +68,14 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Configure the nginx reverse proxy settings.
'';
};
hostName = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The hostname use to setup the virtualhost configuration
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xinetd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xinetd.nix
index 2f527ab156a..6c633d4ead1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xinetd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xinetd.nix
@@ -49,14 +49,14 @@ in
services.xinetd.extraDefaults = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Additional configuration lines added to the default section of xinetd's configuration.
'';
};
services.xinetd.services = mkOption {
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of services provided by xinetd.
'';
@@ -67,39 +67,39 @@ in
name = mkOption {
type = types.str;
example = "login";
- description = "Name of the service.";
+ description = lib.mdDoc "Name of the service.";
};
protocol = mkOption {
type = types.str;
default = "tcp";
description =
- "Protocol of the service. Usually tcp or udp.";
+ lib.mdDoc "Protocol of the service. Usually `tcp` or `udp`.";
};
port = mkOption {
type = types.int;
default = 0;
example = 123;
- description = "Port number of the service.";
+ description = lib.mdDoc "Port number of the service.";
};
user = mkOption {
type = types.str;
default = "nobody";
- description = "User account for the service";
+ description = lib.mdDoc "User account for the service";
};
server = mkOption {
type = types.str;
example = "/foo/bin/ftpd";
- description = "Path of the program that implements the service.";
+ description = lib.mdDoc "Path of the program that implements the service.";
};
serverArgs = mkOption {
type = types.separatedString " ";
default = "";
- description = "Command-line arguments for the server program.";
+ description = lib.mdDoc "Command-line arguments for the server program.";
};
flags = mkOption {
@@ -111,9 +111,9 @@ in
unlisted = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether this server is listed in
- /etc/services. If so, the port
+ {file}`/etc/services`. If so, the port
number can be omitted.
'';
};
@@ -121,7 +121,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Extra configuration-lines added to the section of the service.";
+ description = lib.mdDoc "Extra configuration-lines added to the section of the service.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xl2tpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xl2tpd.nix
index 9418488c1e9..c30a541d30e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xl2tpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xl2tpd.nix
@@ -9,25 +9,25 @@ with lib;
serverIp = mkOption {
type = types.str;
- description = "The server-side IP address.";
+ description = lib.mdDoc "The server-side IP address.";
default = "10.125.125.1";
};
clientIpRange = mkOption {
type = types.str;
- description = "The range from which client IPs are drawn.";
+ description = lib.mdDoc "The range from which client IPs are drawn.";
default = "10.125.125.2-11";
};
extraXl2tpOptions = mkOption {
type = types.lines;
- description = "Adds extra lines to the xl2tpd configuration file.";
+ description = lib.mdDoc "Adds extra lines to the xl2tpd configuration file.";
default = "";
};
extraPppdOptions = mkOption {
type = types.lines;
- description = "Adds extra lines to the pppd options file.";
+ description = lib.mdDoc "Adds extra lines to the pppd options file.";
default = "";
example = ''
ms-dns 8.8.8.8
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xrdp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xrdp.nix
index 747fb7a1f9c..17caeab2726 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xrdp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/xrdp.nix
@@ -48,7 +48,7 @@ in
type = types.package;
default = pkgs.xrdp;
defaultText = literalExpression "pkgs.xrdp";
- description = ''
+ description = lib.mdDoc ''
The package to use for the xrdp daemon's binary.
'';
};
@@ -56,7 +56,7 @@ in
port = mkOption {
type = types.int;
default = 3389;
- description = ''
+ description = lib.mdDoc ''
Specifies on which port the xrdp daemon listens.
'';
};
@@ -64,14 +64,14 @@ in
openFirewall = mkOption {
default = false;
type = types.bool;
- description = "Whether to open the firewall for the specified RDP port.";
+ description = lib.mdDoc "Whether to open the firewall for the specified RDP port.";
};
sslKey = mkOption {
type = types.str;
default = "/etc/xrdp/key.pem";
example = "/path/to/your/key.pem";
- description = ''
+ description = lib.mdDoc ''
ssl private key path
A self-signed certificate will be generated if file not exists.
'';
@@ -81,7 +81,7 @@ in
type = types.str;
default = "/etc/xrdp/cert.pem";
example = "/path/to/your/cert.pem";
- description = ''
+ description = lib.mdDoc ''
ssl certificate path
A self-signed certificate will be generated if file not exists.
'';
@@ -91,7 +91,7 @@ in
type = types.str;
default = "xterm";
example = "xfce4-session";
- description = ''
+ description = lib.mdDoc ''
The script to run when user log in, usually a window manager, e.g. "icewm", "xfce4-session"
This is per-user overridable, if file ~/startwm.sh exists it will be used instead.
'';
@@ -101,7 +101,7 @@ in
type = types.path;
default = confDir;
defaultText = literalDocBook "generated from configuration";
- description = "The location of the config files for xrdp.";
+ description = lib.mdDoc "The location of the config files for xrdp.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/yggdrasil.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/yggdrasil.nix
index 99c18ae6919..07b2e2a2daf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/yggdrasil.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/yggdrasil.nix
@@ -54,17 +54,17 @@ in {
type = nullOr path;
default = null;
example = "/run/keys/yggdrasil.conf";
- description = ''
+ description = lib.mdDoc ''
A file which contains JSON configuration for yggdrasil.
- See the option for more information.
+ See the {option}`config` option for more information.
'';
};
group = mkOption {
- type = types.str;
- default = "root";
+ type = types.nullOr types.str;
+ default = null;
example = "wheel";
- description = "Group to grant access to the Yggdrasil control socket.";
+ description = "Group to grant access to the Yggdrasil control socket. If null, only root can access the socket.";
};
openMulticastPort = mkOption {
@@ -86,7 +86,7 @@ in {
type = listOf str;
default = [];
example = [ "tap*" ];
- description = ''
+ description = lib.mdDoc ''
Disable the DHCP client for any interface whose name matches
any of the shell glob patterns in this list. Use this
option to prevent the DHCP client from broadcasting requests
@@ -100,7 +100,7 @@ in {
type = package;
default = pkgs.yggdrasil;
defaultText = literalExpression "pkgs.yggdrasil";
- description = "Yggdrasil package to use.";
+ description = lib.mdDoc "Yggdrasil package to use.";
};
persistentKeys = mkEnableOption ''
@@ -154,27 +154,16 @@ in {
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Restart = "always";
- Group = cfg.group;
+ DynamicUser = true;
+ StateDirectory = "yggdrasil";
RuntimeDirectory = "yggdrasil";
RuntimeDirectoryMode = "0750";
BindReadOnlyPaths = lib.optional configFileProvided cfg.configFile
++ lib.optional cfg.persistentKeys keysPath;
+ ReadWritePaths = "/run/yggdrasil";
- # TODO: as of yggdrasil 0.3.8 and systemd 243, yggdrasil fails
- # to set up the network adapter when DynamicUser is set. See
- # github.com/yggdrasil-network/yggdrasil-go/issues/557. The
- # following options are implied by DynamicUser according to
- # the systemd.exec documentation, and can be removed if the
- # upstream issue is fixed and DynamicUser is set to true:
- PrivateTmp = true;
- RemoveIPC = true;
- NoNewPrivileges = true;
- ProtectSystem = "strict";
- RestrictSUIDSGID = true;
- # End of list of options implied by DynamicUser.
-
- AmbientCapabilities = "CAP_NET_ADMIN";
- CapabilityBoundingSet = "CAP_NET_ADMIN";
+ AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
+ CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
MemoryDenyWriteExecute = true;
ProtectControlGroups = true;
ProtectHome = "tmpfs";
@@ -185,7 +174,9 @@ in {
RestrictRealtime = true;
SystemCallArchitectures = "native";
SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @resources";
- };
+ } // (if (cfg.group != null) then {
+ Group = cfg.group;
+ } else {});
};
networking.dhcpcd.denyInterfaces = cfg.denyDhcpcdInterfaces;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zerobin.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zerobin.nix
index 16db25d6230..0be694915cb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zerobin.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zerobin.nix
@@ -17,7 +17,7 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/zerobin";
- description = ''
+ description = lib.mdDoc ''
Path to the 0bin data directory
'';
};
@@ -25,7 +25,7 @@ in
user = mkOption {
type = types.str;
default = "zerobin";
- description = ''
+ description = lib.mdDoc ''
The user 0bin should run as
'';
};
@@ -33,7 +33,7 @@ in
group = mkOption {
type = types.str;
default = "zerobin";
- description = ''
+ description = lib.mdDoc ''
The group 0bin should run as
'';
};
@@ -42,7 +42,7 @@ in
type = types.int;
default = 8000;
example = 1357;
- description = ''
+ description = lib.mdDoc ''
The port zerobin should listen on
'';
};
@@ -51,7 +51,7 @@ in
type = types.str;
default = "localhost";
example = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The address zerobin should listen to
'';
};
@@ -65,7 +65,7 @@ in
)
COMPRESSED_STATIC_FILE = True
'';
- description = ''
+ description = lib.mdDoc ''
Extra configuration to be appended to the 0bin config file
(see https://0bin.readthedocs.org/en/latest/en/options.html)
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zeronet.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zeronet.nix
index 8be6692561d..2245204d455 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zeronet.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zeronet.nix
@@ -23,7 +23,7 @@ in with lib; {
type = types.package;
default = pkgs.zeronet;
defaultText = literalExpression "pkgs.zeronet";
- description = "ZeroNet package to use";
+ description = lib.mdDoc "ZeroNet package to use";
};
settings = mkOption {
@@ -31,9 +31,9 @@ in with lib; {
default = {};
example = literalExpression "{ global.tor = enable; }";
- description = ''
- zeronet.conf configuration. Refer to
-
+ description = lib.mdDoc ''
+ {file}`zeronet.conf` configuration. Refer to
+
for details on supported values;
'';
};
@@ -41,7 +41,7 @@ in with lib; {
port = mkOption {
type = types.port;
default = 43110;
- description = "Optional zeronet web UI port.";
+ description = lib.mdDoc "Optional zeronet web UI port.";
};
fileserverPort = mkOption {
@@ -49,19 +49,19 @@ in with lib; {
# read-only config file and crashes
type = types.port;
default = 12261;
- description = "Zeronet fileserver port.";
+ description = lib.mdDoc "Zeronet fileserver port.";
};
tor = mkOption {
type = types.bool;
default = false;
- description = "Use TOR for zeronet traffic where possible.";
+ description = lib.mdDoc "Use TOR for zeronet traffic where possible.";
};
torAlways = mkOption {
type = types.bool;
default = false;
- description = "Use TOR for all zeronet traffic.";
+ description = lib.mdDoc "Use TOR for all zeronet traffic.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zerotierone.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zerotierone.nix
index 3bc7d3ac0db..572ae2e929d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zerotierone.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/zerotierone.nix
@@ -12,7 +12,7 @@ in
default = [];
example = [ "a8a2c3c10c1a68de" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
List of ZeroTier Network IDs to join on startup
'';
};
@@ -20,7 +20,7 @@ in
options.services.zerotierone.port = mkOption {
default = 9993;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Network port used by ZeroTier.
'';
};
@@ -29,7 +29,7 @@ in
default = pkgs.zerotierone;
defaultText = literalExpression "pkgs.zerotierone";
type = types.package;
- description = ''
+ description = lib.mdDoc ''
ZeroTier One package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/znc/options.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/znc/options.nix
index 0db051126e8..830df809155 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/znc/options.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/networking/znc/options.nix
@@ -12,7 +12,7 @@ let
server = mkOption {
type = types.str;
example = "irc.libera.chat";
- description = ''
+ description = lib.mdDoc ''
IRC server address.
'';
};
@@ -20,7 +20,7 @@ let
port = mkOption {
type = types.ints.u16;
default = 6697;
- description = ''
+ description = lib.mdDoc ''
IRC server port.
'';
};
@@ -28,7 +28,7 @@ let
password = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
IRC server password, such as for a Slack gateway.
'';
};
@@ -36,7 +36,7 @@ let
useSSL = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to use SSL to connect to the IRC server.
'';
};
@@ -45,7 +45,7 @@ let
type = types.listOf types.str;
default = [ "simple_away" ];
example = literalExpression ''[ "simple_away" "sasl" ]'';
- description = ''
+ description = lib.mdDoc ''
ZNC network modules to load.
'';
};
@@ -54,7 +54,7 @@ let
type = types.listOf types.str;
default = [];
example = [ "nixos" ];
- description = ''
+ description = lib.mdDoc ''
IRC channels to join.
'';
};
@@ -62,7 +62,7 @@ let
hasBitlbeeControlChannel = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to add the special Bitlbee operations channel.
'';
};
@@ -79,9 +79,9 @@ let
JoinDelay = 0
Nick = johntron
'';
- description = ''
+ description = lib.mdDoc ''
Extra config for the network. Consider using
- instead.
+ {option}`services.znc.config` instead.
'';
};
};
@@ -137,7 +137,7 @@ in
default = "znc";
example = "johntron";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The user name used to log in to the ZNC web admin interface.
'';
};
@@ -145,7 +145,7 @@ in
networks = mkOption {
default = { };
type = with types; attrsOf (submodule networkOpts);
- description = ''
+ description = lib.mdDoc ''
IRC networks to connect the user to.
'';
example = literalExpression ''
@@ -164,7 +164,7 @@ in
default = "znc-user";
example = "john";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The IRC nick.
'';
};
@@ -190,7 +190,7 @@ in
port = mkOption {
default = 5000;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Specifies the port on which to listen.
'';
};
@@ -198,7 +198,7 @@ in
useSSL = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Indicates whether the ZNC server should use SSL when listening on
the specified port. A self-signed certificate will be generated.
'';
@@ -208,7 +208,7 @@ in
type = types.nullOr types.str;
default = null;
example = "/znc/";
- description = ''
+ description = lib.mdDoc ''
An optional URI prefix for the ZNC web interface. Can be
used to make ZNC available behind a reverse proxy.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/printing/cupsd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/printing/cupsd.nix
index 53091d8e2a0..8f1c3d9c525 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/printing/cupsd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/printing/cupsd.nix
@@ -129,7 +129,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable printing support through the CUPS daemon.
'';
};
@@ -137,7 +137,7 @@ in
startWhenNeeded = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
If set, CUPS is socket-activated; that is,
instead of having it permanently running as a daemon,
systemd will start it on the first incoming connection.
@@ -148,7 +148,7 @@ in
type = types.listOf types.str;
default = [ "localhost:631" ];
example = [ "*:631" ];
- description = ''
+ description = lib.mdDoc ''
A list of addresses and ports on which to listen.
'';
};
@@ -158,7 +158,7 @@ in
default = [ "localhost" ];
example = [ "all" ];
apply = concatMapStringsSep "\n" (x: "Allow ${x}");
- description = ''
+ description = lib.mdDoc ''
From which hosts to allow unconditional access.
'';
};
@@ -176,7 +176,7 @@ in
defaultShared = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Specifies whether local printers are shared by default.
'';
};
@@ -184,7 +184,7 @@ in
browsing = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Specifies whether shared printers are advertised.
'';
};
@@ -192,7 +192,7 @@ in
webInterface = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Specifies whether the web interface is enabled.
'';
};
@@ -201,7 +201,7 @@ in
type = types.str;
default = "info";
example = "debug";
- description = ''
+ description = lib.mdDoc ''
Specifies the cupsd logging verbosity.
'';
};
@@ -209,9 +209,9 @@ in
extraFilesConf = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra contents of the configuration file of the CUPS daemon
- (cups-files.conf).
+ ({file}`cups-files.conf`).
'';
};
@@ -223,9 +223,9 @@ in
BrowsePoll cups.example.com
MaxCopies 42
'';
- description = ''
+ description = lib.mdDoc ''
Extra contents of the configuration file of the CUPS daemon
- (cupsd.conf).
+ ({file}`cupsd.conf`).
'';
};
@@ -237,9 +237,9 @@ in
ServerName server.example.com
Encryption Never
'';
- description = ''
+ description = lib.mdDoc ''
The contents of the client configuration.
- (client.conf)
+ ({file}`client.conf`)
'';
};
@@ -250,9 +250,9 @@ in
''
BrowsePoll cups.example.com
'';
- description = ''
+ description = lib.mdDoc ''
The contents of the configuration. file of the CUPS Browsed daemon
- (cups-browsed.conf)
+ ({file}`cups-browsed.conf`)
'';
};
@@ -261,8 +261,8 @@ in
default = ''
Address @LOCAL
'';
- description = ''
- The contents of /etc/cups/snmp.conf. See "man
+ description = lib.mdDoc ''
+ The contents of {file}`/etc/cups/snmp.conf`. See "man
cups-snmp.conf" for a complete description.
'';
};
@@ -271,12 +271,12 @@ in
type = types.listOf types.path;
default = [];
example = literalExpression "with pkgs; [ gutenprint hplip splix ]";
- description = ''
+ description = lib.mdDoc ''
CUPS drivers to use. Drivers provided by CUPS, cups-filters,
Ghostscript and Samba are added unconditionally. If this list contains
Gutenprint (i.e. a derivation with
- meta.isGutenprint = true) the PPD files in
- /var/lib/cups/ppd will be updated automatically
+ `meta.isGutenprint = true`) the PPD files in
+ {file}`/var/lib/cups/ppd` will be updated automatically
to avoid errors due to incompatible versions.
'';
};
@@ -285,7 +285,7 @@ in
type = types.path;
default = "/tmp";
example = "/tmp/cups";
- description = ''
+ description = lib.mdDoc ''
CUPSd temporary directory.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/atd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/atd.nix
index 9bb0191ee46..235d4f348e5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/atd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/atd.nix
@@ -19,19 +19,19 @@ in
services.atd.enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to enable the at daemon, a command scheduler.
+ description = lib.mdDoc ''
+ Whether to enable the {command}`at` daemon, a command scheduler.
'';
};
services.atd.allowEveryone = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to make /var/spool/at{jobs,spool}
+ description = lib.mdDoc ''
+ Whether to make {file}`/var/spool/at{jobs,spool}`
writeable by everyone (and sticky). This is normally not
- needed since the at commands are
- setuid/setgid atd.
+ needed since the {command}`at` commands are
+ setuid/setgid `atd`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/cron.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/cron.nix
index 1fac54003cb..6e8fe5d9d03 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/cron.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/cron.nix
@@ -40,13 +40,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the Vixie cron daemon.";
+ description = lib.mdDoc "Whether to enable the Vixie cron daemon.";
};
mailto = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Email address to which job output will be mailed.";
+ description = lib.mdDoc "Email address to which job output will be mailed.";
};
systemCronJobs = mkOption {
@@ -57,11 +57,11 @@ in
"* * * * * eelco echo Hello World > /home/eelco/cronout"
]
'';
- description = ''
+ description = lib.mdDoc ''
A list of Cron jobs to be appended to the system-wide
crontab. See the manual page for crontab for the expected
format. If you want to get the results mailed you must setuid
- sendmail. See
+ sendmail. See {option}`security.wrappers`
If neither /var/cron/cron.deny nor /var/cron/cron.allow exist only root
is allowed to have its own crontab file. The /var/cron/cron.deny file
@@ -76,7 +76,7 @@ in
cronFiles = mkOption {
type = types.listOf types.path;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of extra crontab files that will be read and appended to the main
crontab file when the cron service starts.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/fcron.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/fcron.nix
index acaa995f739..f1d2f462a75 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/fcron.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/scheduling/fcron.nix
@@ -40,40 +40,40 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the fcron daemon.";
+ description = lib.mdDoc "Whether to enable the {command}`fcron` daemon.";
};
allow = mkOption {
type = types.listOf types.str;
default = [ "all" ];
- description = ''
+ description = lib.mdDoc ''
Users allowed to use fcrontab and fcrondyn (one name per
- line, all for everyone).
+ line, `all` for everyone).
'';
};
deny = mkOption {
type = types.listOf types.str;
default = [];
- description = "Users forbidden from using fcron.";
+ description = lib.mdDoc "Users forbidden from using fcron.";
};
maxSerialJobs = mkOption {
type = types.int;
default = 1;
- description = "Maximum number of serial jobs which can run simultaneously.";
+ description = lib.mdDoc "Maximum number of serial jobs which can run simultaneously.";
};
queuelen = mkOption {
type = types.nullOr types.int;
default = null;
- description = "Number of jobs the serial queue and the lavg queue can contain.";
+ description = lib.mdDoc "Number of jobs the serial queue and the lavg queue can contain.";
};
systab = mkOption {
type = types.lines;
default = "";
- description = ''The "system" crontab contents.'';
+ description = lib.mdDoc ''The "system" crontab contents.'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/elasticsearch-curator.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/elasticsearch-curator.nix
index bb2612322bb..da3b0dc9d71 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/elasticsearch-curator.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/elasticsearch-curator.nix
@@ -39,22 +39,22 @@ in {
enable = mkEnableOption "elasticsearch curator";
interval = mkOption {
- description = "The frequency to run curator, a systemd.time such as 'hourly'";
+ description = lib.mdDoc "The frequency to run curator, a systemd.time such as 'hourly'";
default = "hourly";
type = types.str;
};
hosts = mkOption {
- description = "a list of elasticsearch hosts to connect to";
+ description = lib.mdDoc "a list of elasticsearch hosts to connect to";
type = types.listOf types.str;
default = ["localhost"];
};
port = mkOption {
- description = "the port that elasticsearch is listening on";
+ description = lib.mdDoc "the port that elasticsearch is listening on";
type = types.int;
default = 9200;
};
actionYAML = mkOption {
- description = "curator action.yaml file contents, alternatively use curator-cli which takes a simple action command";
+ description = lib.mdDoc "curator action.yaml file contents, alternatively use curator-cli which takes a simple action command";
type = types.lines;
example = ''
---
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/elasticsearch.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/elasticsearch.nix
index 041d0b3c43f..4a9dd50310e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/elasticsearch.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/elasticsearch.nix
@@ -45,50 +45,50 @@ in
options.services.elasticsearch = {
enable = mkOption {
- description = "Whether to enable elasticsearch.";
+ description = lib.mdDoc "Whether to enable elasticsearch.";
default = false;
type = types.bool;
};
package = mkOption {
- description = "Elasticsearch package to use.";
+ description = lib.mdDoc "Elasticsearch package to use.";
default = pkgs.elasticsearch;
defaultText = literalExpression "pkgs.elasticsearch";
type = types.package;
};
listenAddress = mkOption {
- description = "Elasticsearch listen address.";
+ description = lib.mdDoc "Elasticsearch listen address.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
- description = "Elasticsearch port to listen for HTTP traffic.";
+ description = lib.mdDoc "Elasticsearch port to listen for HTTP traffic.";
default = 9200;
type = types.int;
};
tcp_port = mkOption {
- description = "Elasticsearch port for the node to node communication.";
+ description = lib.mdDoc "Elasticsearch port for the node to node communication.";
default = 9300;
type = types.int;
};
cluster_name = mkOption {
- description = "Elasticsearch name that identifies your cluster for auto-discovery.";
+ description = lib.mdDoc "Elasticsearch name that identifies your cluster for auto-discovery.";
default = "elasticsearch";
type = types.str;
};
single_node = mkOption {
- description = "Start a single-node cluster";
+ description = lib.mdDoc "Start a single-node cluster";
default = true;
type = types.bool;
};
extraConf = mkOption {
- description = "Extra configuration for elasticsearch.";
+ description = lib.mdDoc "Extra configuration for elasticsearch.";
default = "";
type = types.str;
example = ''
@@ -99,7 +99,7 @@ in
};
logging = mkOption {
- description = "Elasticsearch logging configuration.";
+ description = lib.mdDoc "Elasticsearch logging configuration.";
default = ''
logger.action.name = org.elasticsearch.action
logger.action.level = info
@@ -118,26 +118,26 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/elasticsearch";
- description = ''
+ description = lib.mdDoc ''
Data directory for elasticsearch.
'';
};
extraCmdLineOptions = mkOption {
- description = "Extra command line options for the elasticsearch launcher.";
+ description = lib.mdDoc "Extra command line options for the elasticsearch launcher.";
default = [ ];
type = types.listOf types.str;
};
extraJavaOptions = mkOption {
- description = "Extra command line options for Java.";
+ description = lib.mdDoc "Extra command line options for Java.";
default = [ ];
type = types.listOf types.str;
example = [ "-Djava.net.preferIPv4Stack=true" ];
};
plugins = mkOption {
- description = "Extra elasticsearch plugins";
+ description = lib.mdDoc "Extra elasticsearch plugins";
default = [ ];
type = types.listOf types.package;
example = lib.literalExpression "[ pkgs.elasticsearchPlugins.discovery-ec2 ]";
@@ -145,7 +145,7 @@ in
restartIfChanged = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Automatically restart the service on config change.
This can be set to false to defer restarts on a server or cluster.
Please consider the security implications of inadvertently running an older version,
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/hound.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/hound.nix
index ef62175b0a3..c81ceee5469 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/hound.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/hound.nix
@@ -8,7 +8,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the hound code search daemon.
'';
};
@@ -16,7 +16,7 @@ in {
user = mkOption {
default = "hound";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User the hound daemon should execute under.
'';
};
@@ -24,7 +24,7 @@ in {
group = mkOption {
default = "hound";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Group the hound daemon should execute under.
'';
};
@@ -33,7 +33,7 @@ in {
type = types.listOf types.str;
default = [ ];
example = [ "dialout" ];
- description = ''
+ description = lib.mdDoc ''
List of extra groups that the "hound" user should be a part of.
'';
};
@@ -41,7 +41,7 @@ in {
home = mkOption {
default = "/var/lib/hound";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The path to use as hound's $HOME. If the default user
"hound" is configured then this is the home of the "hound"
user.
@@ -52,14 +52,14 @@ in {
default = pkgs.hound;
defaultText = literalExpression "pkgs.hound";
type = types.package;
- description = ''
+ description = lib.mdDoc ''
Package for running hound.
'';
};
config = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The full configuration of the Hound daemon. Note the dbpath
should be an absolute path to a writable location on disk.
'';
@@ -82,7 +82,7 @@ in {
type = types.str;
default = "0.0.0.0:6080";
example = "127.0.0.1:6080 or just :6080";
- description = ''
+ description = lib.mdDoc ''
Listen on this IP:port / :port
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/kibana.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/kibana.nix
index e4ab85be9ef..c945ef4c89d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/kibana.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/kibana.nix
@@ -35,50 +35,50 @@ in {
enable = mkEnableOption "kibana service";
listenAddress = mkOption {
- description = "Kibana listening host";
+ description = lib.mdDoc "Kibana listening host";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
- description = "Kibana listening port";
+ description = lib.mdDoc "Kibana listening port";
default = 5601;
type = types.int;
};
cert = mkOption {
- description = "Kibana ssl certificate.";
+ description = lib.mdDoc "Kibana ssl certificate.";
default = null;
type = types.nullOr types.path;
};
key = mkOption {
- description = "Kibana ssl key.";
+ description = lib.mdDoc "Kibana ssl key.";
default = null;
type = types.nullOr types.path;
};
index = mkOption {
- description = "Elasticsearch index to use for saving kibana config.";
+ description = lib.mdDoc "Elasticsearch index to use for saving kibana config.";
default = ".kibana";
type = types.str;
};
defaultAppId = mkOption {
- description = "Elasticsearch default application id.";
+ description = lib.mdDoc "Elasticsearch default application id.";
default = "discover";
type = types.str;
};
elasticsearch = {
url = mkOption {
- description = ''
+ description = lib.mdDoc ''
Elasticsearch url.
- Defaults to "http://localhost:9200".
+ Defaults to `"http://localhost:9200"`.
Don't set this when using Kibana >= 7.0.0 because it will result in a
- configuration error. Use
+ configuration error. Use {option}`services.kibana.elasticsearch.hosts`
instead.
'';
default = null;
@@ -86,11 +86,11 @@ in {
};
hosts = mkOption {
- description = ''
+ description = lib.mdDoc ''
The URLs of the Elasticsearch instances to use for all your queries.
All nodes listed here must be on the same cluster.
- Defaults to [ "http://localhost:9200" ].
+ Defaults to `[ "http://localhost:9200" ]`.
This option is only valid when using kibana >= 6.6.
'';
@@ -99,22 +99,22 @@ in {
};
username = mkOption {
- description = "Username for elasticsearch basic auth.";
+ description = lib.mdDoc "Username for elasticsearch basic auth.";
default = null;
type = types.nullOr types.str;
};
password = mkOption {
- description = "Password for elasticsearch basic auth.";
+ description = lib.mdDoc "Password for elasticsearch basic auth.";
default = null;
type = types.nullOr types.str;
};
ca = mkOption {
- description = ''
+ description = lib.mdDoc ''
CA file to auth against elasticsearch.
- It's recommended to use the option
+ It's recommended to use the {option}`certificateAuthorities` option
when using kibana-5.4 or newer.
'';
default = null;
@@ -138,33 +138,33 @@ in {
};
cert = mkOption {
- description = "Certificate file to auth against elasticsearch.";
+ description = lib.mdDoc "Certificate file to auth against elasticsearch.";
default = null;
type = types.nullOr types.path;
};
key = mkOption {
- description = "Key file to auth against elasticsearch.";
+ description = lib.mdDoc "Key file to auth against elasticsearch.";
default = null;
type = types.nullOr types.path;
};
};
package = mkOption {
- description = "Kibana package to use";
+ description = lib.mdDoc "Kibana package to use";
default = pkgs.kibana;
defaultText = literalExpression "pkgs.kibana";
type = types.package;
};
dataDir = mkOption {
- description = "Kibana data directory";
+ description = lib.mdDoc "Kibana data directory";
default = "/var/lib/kibana";
type = types.path;
};
extraConf = mkOption {
- description = "Kibana extra configuration";
+ description = lib.mdDoc "Kibana extra configuration";
default = {};
type = types.attrs;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/meilisearch.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/meilisearch.nix
index f6210f6f16e..9a03fc1f715 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/meilisearch.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/meilisearch.nix
@@ -19,33 +19,33 @@ in
enable = mkEnableOption "MeiliSearch - a RESTful search API";
package = mkOption {
- description = "The package to use for meilisearch. Use this if you require specific features to be enabled. The default package has no features.";
+ description = lib.mdDoc "The package to use for meilisearch. Use this if you require specific features to be enabled. The default package has no features.";
default = pkgs.meilisearch;
defaultText = "pkgs.meilisearch";
type = types.package;
};
listenAddress = mkOption {
- description = "MeiliSearch listen address.";
+ description = lib.mdDoc "MeiliSearch listen address.";
default = "127.0.0.1";
type = types.str;
};
listenPort = mkOption {
- description = "MeiliSearch port to listen on.";
+ description = lib.mdDoc "MeiliSearch port to listen on.";
default = 7700;
type = types.port;
};
environment = mkOption {
- description = "Defines the running environment of MeiliSearch.";
+ description = lib.mdDoc "Defines the running environment of MeiliSearch.";
default = "development";
type = types.enum [ "development" "production" ];
};
# TODO change this to LoadCredentials once possible
masterKeyEnvironmentFile = mkOption {
- description = ''
+ description = lib.mdDoc ''
Path to file which contains the master key.
By doing so, all routes will be protected and will require a key to be accessed.
If no master key is provided, all routes can be accessed without requiring any key.
@@ -57,7 +57,7 @@ in
};
noAnalytics = mkOption {
- description = ''
+ description = lib.mdDoc ''
Deactivates analytics.
Analytics allow MeiliSearch to know how many users are using MeiliSearch,
which versions and which platforms are used.
@@ -82,7 +82,7 @@ in
};
maxIndexSize = mkOption {
- description = ''
+ description = lib.mdDoc ''
Sets the maximum size of the index.
Value must be given in bytes or explicitly stating a base unit.
For example, the default value can be written as 107374182400, '107.7Gb', or '107374 Mb'.
@@ -93,7 +93,7 @@ in
};
payloadSizeLimit = mkOption {
- description = ''
+ description = lib.mdDoc ''
Sets the maximum size of accepted JSON payloads.
Value must be given in bytes or explicitly stating a base unit.
For example, the default value can be written as 107374182400, '107.7Gb', or '107374 Mb'.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/solr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/solr.nix
index ea76bfc9298..ea8a2d6f927 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/solr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/search/solr.nix
@@ -17,37 +17,37 @@ in
type = types.package;
default = pkgs.solr;
defaultText = literalExpression "pkgs.solr";
- description = "Which Solr package to use.";
+ description = lib.mdDoc "Which Solr package to use.";
};
port = mkOption {
type = types.int;
default = 8983;
- description = "Port on which Solr is ran.";
+ description = lib.mdDoc "Port on which Solr is ran.";
};
stateDir = mkOption {
type = types.path;
default = "/var/lib/solr";
- description = "The solr home directory containing config, data, and logging files.";
+ description = lib.mdDoc "The solr home directory containing config, data, and logging files.";
};
extraJavaOptions = mkOption {
type = types.listOf types.str;
default = [];
- description = "Extra command line options given to the java process running Solr.";
+ description = lib.mdDoc "Extra command line options given to the java process running Solr.";
};
user = mkOption {
type = types.str;
default = "solr";
- description = "User under which Solr is ran.";
+ description = lib.mdDoc "User under which Solr is ran.";
};
group = mkOption {
type = types.str;
default = "solr";
- description = "Group under which Solr is ran.";
+ description = lib.mdDoc "Group under which Solr is ran.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/aesmd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/aesmd.nix
index 8268b034a15..2f7deb7c849 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/aesmd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/aesmd.nix
@@ -23,23 +23,23 @@ in
debug = mkOption {
type = types.bool;
default = false;
- description = "Whether to build the PSW package in debug mode.";
+ description = lib.mdDoc "Whether to build the PSW package in debug mode.";
};
settings = mkOption {
- description = "AESM configuration";
+ description = lib.mdDoc "AESM configuration";
default = { };
type = types.submodule {
options.whitelistUrl = mkOption {
type = with types; nullOr str;
default = null;
example = "http://whitelist.trustedservices.intel.com/SGX/LCWL/Linux/sgx_white_list_cert.bin";
- description = "URL to retrieve authorized Intel SGX enclave signers.";
+ description = lib.mdDoc "URL to retrieve authorized Intel SGX enclave signers.";
};
options.proxy = mkOption {
type = with types; nullOr str;
default = null;
example = "http://proxy_url:1234";
- description = "HTTP network proxy.";
+ description = lib.mdDoc "HTTP network proxy.";
};
options.proxyType = mkOption {
type = with types; nullOr (enum [ "default" "direct" "manual" ]);
@@ -48,18 +48,18 @@ in
if (config.${opt.settings}.proxy != null) then "manual" else null
'';
example = "default";
- description = ''
- Type of proxy to use. The default uses the system's default proxy.
- If direct is given, uses no proxy.
- A value of manual uses the proxy from
- .
+ description = lib.mdDoc ''
+ Type of proxy to use. The `default` uses the system's default proxy.
+ If `direct` is given, uses no proxy.
+ A value of `manual` uses the proxy from
+ {option}`services.aesmd.settings.proxy`.
'';
};
options.defaultQuotingType = mkOption {
type = with types; nullOr (enum [ "ecdsa_256" "epid_linkable" "epid_unlinkable" ]);
default = null;
example = "ecdsa_256";
- description = "Attestation quote type.";
+ description = lib.mdDoc "Attestation quote type.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/certmgr.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/certmgr.nix
index d302a4e0002..40a566bc960 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/certmgr.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/certmgr.nix
@@ -41,37 +41,37 @@ in
type = types.package;
default = pkgs.certmgr;
defaultText = literalExpression "pkgs.certmgr";
- description = "Which certmgr package to use in the service.";
+ description = lib.mdDoc "Which certmgr package to use in the service.";
};
defaultRemote = mkOption {
type = types.str;
default = "127.0.0.1:8888";
- description = "The default CA host:port to use.";
+ description = lib.mdDoc "The default CA host:port to use.";
};
validMin = mkOption {
default = "72h";
type = types.str;
- description = "The interval before a certificate expires to start attempting to renew it.";
+ description = lib.mdDoc "The interval before a certificate expires to start attempting to renew it.";
};
renewInterval = mkOption {
default = "30m";
type = types.str;
- description = "How often to check certificate expirations and how often to update the cert_next_expires metric.";
+ description = lib.mdDoc "How often to check certificate expirations and how often to update the cert_next_expires metric.";
};
metricsAddress = mkOption {
default = "127.0.0.1";
type = types.str;
- description = "The address for the Prometheus HTTP endpoint.";
+ description = lib.mdDoc "The address for the Prometheus HTTP endpoint.";
};
metricsPort = mkOption {
default = 9488;
type = types.ints.u16;
- description = "The port for the Prometheus HTTP endpoint.";
+ description = lib.mdDoc "The port for the Prometheus HTTP endpoint.";
};
specs = mkOption {
@@ -149,9 +149,9 @@ in
};
};
}));
- description = ''
+ description = lib.mdDoc ''
Certificate specs as described by:
-
+
These will be added to the Nix store, so they will be world readable.
'';
};
@@ -159,11 +159,11 @@ in
svcManager = mkOption {
default = "systemd";
type = types.enum [ "circus" "command" "dummy" "openrc" "systemd" "sysv" ];
- description = ''
+ description = lib.mdDoc ''
This specifies the service manager to use for restarting or reloading services.
- See: .
+ See: .
For how to use the "command" service manager in particular,
- see: .
+ see: .
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/cfssl.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/cfssl.nix
index 6df2343b84d..9408a602f13 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/cfssl.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/cfssl.nix
@@ -26,49 +26,49 @@ in {
address = mkOption {
default = "127.0.0.1";
type = types.str;
- description = "Address to bind.";
+ description = lib.mdDoc "Address to bind.";
};
port = mkOption {
default = 8888;
type = types.port;
- description = "Port to bind.";
+ description = lib.mdDoc "Port to bind.";
};
ca = mkOption {
defaultText = literalExpression ''"''${cfg.dataDir}/ca.pem"'';
type = types.str;
- description = "CA used to sign the new certificate -- accepts '[file:]fname' or 'env:varname'.";
+ description = lib.mdDoc "CA used to sign the new certificate -- accepts '[file:]fname' or 'env:varname'.";
};
caKey = mkOption {
defaultText = literalExpression ''"file:''${cfg.dataDir}/ca-key.pem"'';
type = types.str;
- description = "CA private key -- accepts '[file:]fname' or 'env:varname'.";
+ description = lib.mdDoc "CA private key -- accepts '[file:]fname' or 'env:varname'.";
};
caBundle = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Path to root certificate store.";
+ description = lib.mdDoc "Path to root certificate store.";
};
intBundle = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Path to intermediate certificate store.";
+ description = lib.mdDoc "Path to intermediate certificate store.";
};
intDir = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Intermediates directory.";
+ description = lib.mdDoc "Intermediates directory.";
};
metadata = mkOption {
default = null;
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Metadata file for root certificate presence.
The content of the file is a json dictionary (k,v): each key k is
a SHA-1 digest of a root certificate while value v is a list of key
@@ -79,79 +79,79 @@ in {
remote = mkOption {
default = null;
type = types.nullOr types.str;
- description = "Remote CFSSL server.";
+ description = lib.mdDoc "Remote CFSSL server.";
};
configFile = mkOption {
default = null;
type = types.nullOr types.str;
- description = "Path to configuration file. Do not put this in nix-store as it might contain secrets.";
+ description = lib.mdDoc "Path to configuration file. Do not put this in nix-store as it might contain secrets.";
};
responder = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Certificate for OCSP responder.";
+ description = lib.mdDoc "Certificate for OCSP responder.";
};
responderKey = mkOption {
default = null;
type = types.nullOr types.str;
- description = "Private key for OCSP responder certificate. Do not put this in nix-store.";
+ description = lib.mdDoc "Private key for OCSP responder certificate. Do not put this in nix-store.";
};
tlsKey = mkOption {
default = null;
type = types.nullOr types.str;
- description = "Other endpoint's CA private key. Do not put this in nix-store.";
+ description = lib.mdDoc "Other endpoint's CA private key. Do not put this in nix-store.";
};
tlsCert = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Other endpoint's CA to set up TLS protocol.";
+ description = lib.mdDoc "Other endpoint's CA to set up TLS protocol.";
};
mutualTlsCa = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Mutual TLS - require clients be signed by this CA.";
+ description = lib.mdDoc "Mutual TLS - require clients be signed by this CA.";
};
mutualTlsCn = mkOption {
default = null;
type = types.nullOr types.str;
- description = "Mutual TLS - regex for whitelist of allowed client CNs.";
+ description = lib.mdDoc "Mutual TLS - regex for whitelist of allowed client CNs.";
};
tlsRemoteCa = mkOption {
default = null;
type = types.nullOr types.path;
- description = "CAs to trust for remote TLS requests.";
+ description = lib.mdDoc "CAs to trust for remote TLS requests.";
};
mutualTlsClientCert = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Mutual TLS - client certificate to call remote instance requiring client certs.";
+ description = lib.mdDoc "Mutual TLS - client certificate to call remote instance requiring client certs.";
};
mutualTlsClientKey = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Mutual TLS - client key to call remote instance requiring client certs. Do not put this in nix-store.";
+ description = lib.mdDoc "Mutual TLS - client key to call remote instance requiring client certs. Do not put this in nix-store.";
};
dbConfig = mkOption {
default = null;
type = types.nullOr types.path;
- description = "Certificate db configuration file. Path must be writeable.";
+ description = lib.mdDoc "Certificate db configuration file. Path must be writeable.";
};
logLevel = mkOption {
default = 1;
type = types.enum [ 0 1 2 3 4 5 ];
- description = "Log level (0 = DEBUG, 5 = FATAL).";
+ description = lib.mdDoc "Log level (0 = DEBUG, 5 = FATAL).";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/clamav.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/clamav.nix
index 95a0ad8770e..1b1194d3113 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/clamav.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/clamav.nix
@@ -31,8 +31,8 @@ in
settings = mkOption {
type = with types; attrsOf (oneOf [ bool int str (listOf str) ]);
default = { };
- description = ''
- ClamAV configuration. Refer to ,
+ description = lib.mdDoc ''
+ ClamAV configuration. Refer to ,
for details on supported values.
'';
};
@@ -43,7 +43,7 @@ in
frequency = mkOption {
type = types.int;
default = 12;
- description = ''
+ description = lib.mdDoc ''
Number of database checks per day.
'';
};
@@ -51,7 +51,7 @@ in
interval = mkOption {
type = types.str;
default = "hourly";
- description = ''
+ description = lib.mdDoc ''
How often freshclam is invoked. See systemd.time(7) for more
information about the format.
'';
@@ -60,8 +60,8 @@ in
settings = mkOption {
type = with types; attrsOf (oneOf [ bool int str (listOf str) ]);
default = { };
- description = ''
- freshclam configuration. Refer to ,
+ description = lib.mdDoc ''
+ freshclam configuration. Refer to ,
for details on supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/fail2ban.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/fail2ban.nix
index 67e1026dcef..24c84151bc7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/fail2ban.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/fail2ban.nix
@@ -45,10 +45,10 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the fail2ban service.
- See the documentation of
+ See the documentation of {option}`services.fail2ban.jails`
for what jails are enabled by default.
'';
};
@@ -58,7 +58,7 @@ in
defaultText = literalExpression "pkgs.fail2ban";
type = types.package;
example = literalExpression "pkgs.fail2ban_0_11";
- description = "The fail2ban package to use for running the fail2ban service.";
+ description = lib.mdDoc "The fail2ban package to use for running the fail2ban service.";
};
packageFirewall = mkOption {
@@ -66,7 +66,7 @@ in
defaultText = literalExpression "pkgs.iptables";
type = types.package;
example = literalExpression "pkgs.nftables";
- description = "The firewall package used by fail2ban service.";
+ description = lib.mdDoc "The firewall package used by fail2ban service.";
};
extraPackages = mkOption {
@@ -82,14 +82,14 @@ in
maxretry = mkOption {
default = 3;
type = types.ints.unsigned;
- description = "Number of failures before a host gets banned.";
+ description = lib.mdDoc "Number of failures before a host gets banned.";
};
banaction = mkOption {
default = "iptables-multiport";
type = types.str;
example = "nftables-multiport";
- description = ''
+ description = lib.mdDoc ''
Default banning action (e.g. iptables, iptables-new, iptables-multiport,
shorewall, etc) It is used to define action_* variables. Can be overridden
globally or per section within jail.local file
@@ -100,7 +100,7 @@ in
default = "iptables-allport";
type = types.str;
example = "nftables-allport";
- description = ''
+ description = lib.mdDoc ''
Default banning action (e.g. iptables, iptables-new, iptables-multiport,
shorewall, etc) It is used to define action_* variables. Can be overridden
globally or per section within jail.local file
@@ -110,7 +110,7 @@ in
bantime-increment.enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Allows to use database for searching of previously banned ip's to increase
a default ban time using special formula, default it is banTime * 1, 2, 4, 8, 16, 32...
'';
@@ -120,7 +120,7 @@ in
default = "4m";
type = types.str;
example = "8m";
- description = ''
+ description = lib.mdDoc ''
"bantime-increment.rndtime" is the max number of seconds using for mixing with random time
to prevent "clever" botnets calculate exact time IP can be unbanned again
'';
@@ -130,7 +130,7 @@ in
default = "10h";
type = types.str;
example = "48h";
- description = ''
+ description = lib.mdDoc ''
"bantime-increment.maxtime" is the max number of seconds using the ban time can reach (don't grows further)
'';
};
@@ -139,7 +139,7 @@ in
default = "1";
type = types.str;
example = "4";
- description = ''
+ description = lib.mdDoc ''
"bantime-increment.factor" is a coefficient to calculate exponent growing of the formula or common multiplier,
default value of factor is 1 and with default value of formula, the ban time grows by 1, 2, 4, 8, 16 ...
'';
@@ -149,7 +149,7 @@ in
default = "ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * banFactor";
type = types.str;
example = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
- description = ''
+ description = lib.mdDoc ''
"bantime-increment.formula" used by default to calculate next value of ban time, default value bellow,
the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 32...
'';
@@ -159,7 +159,7 @@ in
default = "1 2 4 8 16 32 64";
type = types.str;
example = "2 4 16 128";
- description = ''
+ description = lib.mdDoc ''
"bantime-increment.multipliers" used to calculate next value of ban time instead of formula, coresponding
previously ban count and given "bantime.factor" (for multipliers default is 1);
following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban count greater as multipliers count,
@@ -171,7 +171,7 @@ in
default = false;
type = types.bool;
example = true;
- description = ''
+ description = lib.mdDoc ''
"bantime-increment.overalljails" (if true) specifies the search of IP in the database will be executed
cross over all jails, if false (dafault), only current jail of the ban IP will be searched
'';
@@ -181,7 +181,7 @@ in
default = [ ];
type = types.listOf types.str;
example = [ "192.168.0.0/16" "2001:DB8::42" ];
- description = ''
+ description = lib.mdDoc ''
"ignoreIP" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban will not ban a host which
matches an address in this list. Several addresses can be defined using space (and/or comma) separator.
'';
@@ -196,7 +196,7 @@ in
dbfile = /var/lib/fail2ban/fail2ban.sqlite3
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
The contents of Fail2ban's main configuration file. It's
generally not necessary to change it.
'';
@@ -219,22 +219,22 @@ in
}
'';
type = types.attrsOf types.lines;
- description = ''
+ description = lib.mdDoc ''
The configuration of each Fail2ban “jail”. A jail
consists of an action (such as blocking a port using
- iptables) that is triggered when a
+ {command}`iptables`) that is triggered when a
filter applied to a log file triggers more than a certain
number of times in a certain time period. Actions are
- defined in /etc/fail2ban/action.d,
+ defined in {file}`/etc/fail2ban/action.d`,
while filters are defined in
- /etc/fail2ban/filter.d.
+ {file}`/etc/fail2ban/filter.d`.
- NixOS comes with a default sshd jail;
+ NixOS comes with a default `sshd` jail;
for it to work well,
- should be set to
- "VERBOSE" or higher so that fail2ban
+ {option}`services.openssh.logLevel` should be set to
+ `"VERBOSE"` or higher so that fail2ban
can observe failed login attempts.
- This module sets it to "VERBOSE" if
+ This module sets it to `"VERBOSE"` if
not set otherwise, so enabling fail2ban can make SSH logs
more verbose.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/fprintd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/fprintd.nix
index 87c3f1f6f9e..45b370009c3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/fprintd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/fprintd.nix
@@ -24,7 +24,7 @@ in
type = types.package;
default = fprintdPkg;
defaultText = literalExpression "if config.services.fprintd.tod.enable then pkgs.fprintd-tod else pkgs.fprintd";
- description = ''
+ description = lib.mdDoc ''
fprintd package to use.
'';
};
@@ -36,7 +36,7 @@ in
driver = mkOption {
type = types.package;
example = literalExpression "pkgs.libfprint-2-tod1-goodix";
- description = ''
+ description = lib.mdDoc ''
Touch OEM Drivers (TOD) package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/haka.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/haka.nix
index 2cfc05f3033..10b7cef54d3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/haka.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/haka.nix
@@ -70,7 +70,7 @@ in
default = "empty.lua";
example = "/srv/haka/myfilter.lua";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specify which configuration file Haka uses.
It can be absolute path or a path relative to the sample directory of
the haka git repo.
@@ -81,7 +81,7 @@ in
default = [ "eth0" ];
example = [ "any" ];
type = with types; listOf str;
- description = ''
+ description = lib.mdDoc ''
Specify which interface(s) Haka listens to.
Use 'any' to listen to all interfaces.
'';
@@ -91,7 +91,7 @@ in
default = 0;
example = 4;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
The number of threads that will be used.
All system threads are used by default.
'';
@@ -100,7 +100,7 @@ in
pcap = mkOption {
default = true;
type = types.bool;
- description = "Whether to enable pcap";
+ description = lib.mdDoc "Whether to enable pcap";
};
nfqueue = mkEnableOption "nfqueue";
@@ -110,14 +110,14 @@ in
default = "/tmp/input.pcap";
example = "/path/to/file.pcap";
type = types.path;
- description = "Path to file where incoming packets are dumped";
+ description = lib.mdDoc "Path to file where incoming packets are dumped";
};
dump.output = mkOption {
default = "/tmp/output.pcap";
example = "/path/to/file.pcap";
type = types.path;
- description = "Path to file where outgoing packets are dumped";
+ description = lib.mdDoc "Path to file where outgoing packets are dumped";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/haveged.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/haveged.nix
index 57cef7e44d5..c65d5ab2923 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/haveged.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/haveged.nix
@@ -24,7 +24,7 @@ in
refill_threshold = mkOption {
type = types.int;
default = 1024;
- description = ''
+ description = lib.mdDoc ''
The number of bits of available entropy beneath which
haveged should refill the entropy pool.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hockeypuck.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hockeypuck.nix
index d0e152934f5..6fdad13f255 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hockeypuck.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hockeypuck.nix
@@ -12,7 +12,7 @@ in {
port = lib.mkOption {
default = 11371;
type = lib.types.port;
- description = "HKP port to listen on.";
+ description = lib.mdDoc "HKP port to listen on.";
};
settings = lib.mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hologram-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hologram-agent.nix
index e29267e5000..666d95b9b94 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hologram-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hologram-agent.nix
@@ -14,19 +14,19 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the Hologram agent for AWS instance credentials";
+ description = lib.mdDoc "Whether to enable the Hologram agent for AWS instance credentials";
};
dialAddress = mkOption {
type = types.str;
default = "localhost:3100";
- description = "Hologram server and port.";
+ description = lib.mdDoc "Hologram server and port.";
};
httpPort = mkOption {
type = types.str;
default = "80";
- description = "Port for metadata service to listen on.";
+ description = lib.mdDoc "Port for metadata service to listen on.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hologram-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hologram-server.nix
index 4acf6ae0e21..e995bc79b11 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hologram-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/hologram-server.nix
@@ -33,85 +33,85 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the Hologram server for AWS instance credentials";
+ description = lib.mdDoc "Whether to enable the Hologram server for AWS instance credentials";
};
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0:3100";
- description = "Address and port to listen on";
+ description = lib.mdDoc "Address and port to listen on";
};
ldapHost = mkOption {
type = types.str;
- description = "Address of the LDAP server to use";
+ description = lib.mdDoc "Address of the LDAP server to use";
};
ldapInsecure = mkOption {
type = types.bool;
default = false;
- description = "Whether to connect to LDAP over SSL or not";
+ description = lib.mdDoc "Whether to connect to LDAP over SSL or not";
};
ldapUserAttr = mkOption {
type = types.str;
default = "cn";
- description = "The LDAP attribute for usernames";
+ description = lib.mdDoc "The LDAP attribute for usernames";
};
ldapBaseDN = mkOption {
type = types.str;
- description = "The base DN for your Hologram users";
+ description = lib.mdDoc "The base DN for your Hologram users";
};
ldapBindDN = mkOption {
type = types.str;
- description = "DN of account to use to query the LDAP server";
+ description = lib.mdDoc "DN of account to use to query the LDAP server";
};
ldapBindPassword = mkOption {
type = types.str;
- description = "Password of account to use to query the LDAP server";
+ description = lib.mdDoc "Password of account to use to query the LDAP server";
};
enableLdapRoles = mkOption {
type = types.bool;
default = false;
- description = "Whether to assign user roles based on the user's LDAP group memberships";
+ description = lib.mdDoc "Whether to assign user roles based on the user's LDAP group memberships";
};
groupClassAttr = mkOption {
type = types.str;
default = "groupOfNames";
- description = "The objectclass attribute to search for groups when enableLdapRoles is true";
+ description = lib.mdDoc "The objectclass attribute to search for groups when enableLdapRoles is true";
};
roleAttr = mkOption {
type = types.str;
default = "businessCategory";
- description = "Which LDAP group attribute to search for authorized role ARNs";
+ description = lib.mdDoc "Which LDAP group attribute to search for authorized role ARNs";
};
awsAccount = mkOption {
type = types.str;
- description = "AWS account number";
+ description = lib.mdDoc "AWS account number";
};
awsDefaultRole = mkOption {
type = types.str;
- description = "AWS default role";
+ description = lib.mdDoc "AWS default role";
};
statsAddress = mkOption {
type = types.str;
default = "";
- description = "Address of statsd server";
+ description = lib.mdDoc "Address of statsd server";
};
cacheTimeoutSeconds = mkOption {
type = types.int;
default = 3600;
- description = "How often (in seconds) to refresh the LDAP cache";
+ description = lib.mdDoc "How often (in seconds) to refresh the LDAP cache";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/kanidm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/kanidm.nix
index a7c51b9a877..6429273705d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/kanidm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/kanidm.nix
@@ -63,60 +63,60 @@ in
options = {
bindaddress = lib.mkOption {
- description = "Address/port combination the webserver binds to.";
+ description = lib.mdDoc "Address/port combination the webserver binds to.";
example = "[::1]:8443";
type = lib.types.str;
};
# Should be optional but toml does not accept null
ldapbindaddress = lib.mkOption {
- description = ''
- Address and port the LDAP server is bound to. Setting this to null disables the LDAP interface.
+ description = lib.mdDoc ''
+ Address and port the LDAP server is bound to. Setting this to `null` disables the LDAP interface.
'';
example = "[::1]:636";
default = null;
type = lib.types.nullOr lib.types.str;
};
origin = lib.mkOption {
- description = "The origin of your Kanidm instance. Must have https as protocol.";
+ description = lib.mdDoc "The origin of your Kanidm instance. Must have https as protocol.";
example = "https://idm.example.org";
type = lib.types.strMatching "^https://.*";
};
domain = lib.mkOption {
- description = ''
- The domain that Kanidm manages. Must be below or equal to the domain
- specified in serverSettings.origin.
- This can be left at null, only if your instance has the role ReadOnlyReplica.
+ description = lib.mdDoc ''
+ The `domain` that Kanidm manages. Must be below or equal to the domain
+ specified in `serverSettings.origin`.
+ This can be left at `null`, only if your instance has the role `ReadOnlyReplica`.
While it is possible to change the domain later on, it requires extra steps!
Please consider the warnings and execute the steps described
- in the documentation.
+ [in the documentation](https://kanidm.github.io/kanidm/stable/administrivia.html#rename-the-domain).
'';
example = "example.org";
default = null;
type = lib.types.nullOr lib.types.str;
};
db_path = lib.mkOption {
- description = "Path to Kanidm database.";
+ description = lib.mdDoc "Path to Kanidm database.";
default = "/var/lib/kanidm/kanidm.db";
readOnly = true;
type = lib.types.path;
};
log_level = lib.mkOption {
- description = "Log level of the server.";
+ description = lib.mdDoc "Log level of the server.";
default = "default";
type = lib.types.enum [ "default" "verbose" "perfbasic" "perffull" ];
};
role = lib.mkOption {
- description = "The role of this server. This affects the replication relationship and thereby available features.";
+ description = lib.mdDoc "The role of this server. This affects the replication relationship and thereby available features.";
default = "WriteReplica";
type = lib.types.enum [ "WriteReplica" "WriteReplicaNoUI" "ReadOnlyReplica" ];
};
};
};
default = { };
- description = ''
+ description = lib.mdDoc ''
Settings for Kanidm, see
- the documentation
- and example configuration
+ [the documentation](https://github.com/kanidm/kanidm/blob/master/kanidm_book/src/server_configuration.md)
+ and [example configuration](https://github.com/kanidm/kanidm/blob/master/examples/server.toml)
for possible values.
'';
};
@@ -126,15 +126,15 @@ in
freeformType = settingsFormat.type;
options.uri = lib.mkOption {
- description = "Address of the Kanidm server.";
+ description = lib.mdDoc "Address of the Kanidm server.";
example = "http://127.0.0.1:8080";
type = lib.types.str;
};
};
- description = ''
+ description = lib.mdDoc ''
Configure Kanidm clients, needed for the PAM daemon. See
- the documentation
- and example configuration
+ [the documentation](https://github.com/kanidm/kanidm/blob/master/kanidm_book/src/client_tools.md#kanidm-configuration)
+ and [example configuration](https://github.com/kanidm/kanidm/blob/master/examples/config)
for possible values.
'';
};
@@ -144,15 +144,15 @@ in
freeformType = settingsFormat.type;
options.pam_allowed_login_groups = lib.mkOption {
- description = "Kanidm groups that are allowed to login using PAM.";
+ description = lib.mdDoc "Kanidm groups that are allowed to login using PAM.";
example = "my_pam_group";
type = lib.types.listOf lib.types.str;
};
};
- description = ''
+ description = lib.mdDoc ''
Configure Kanidm unix daemon.
- See the documentation
- and example configuration
+ See [the documentation](https://github.com/kanidm/kanidm/blob/master/kanidm_book/src/pam_and_nsswitch.md#the-unix-daemon)
+ and [example configuration](https://github.com/kanidm/kanidm/blob/master/examples/unixd)
for possible values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/munge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/munge.nix
index 89178886471..e2b0921b4bc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/munge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/munge.nix
@@ -20,7 +20,7 @@ in
password = mkOption {
default = "/etc/munge/munge.key";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The path to a daemon's secret key.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/nginx-sso.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/nginx-sso.nix
index b4de1d36edd..1c23c29781c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/nginx-sso.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/nginx-sso.nix
@@ -14,7 +14,7 @@ in {
type = types.package;
default = pkgs.nginx-sso;
defaultText = literalExpression "pkgs.nginx-sso";
- description = ''
+ description = lib.mdDoc ''
The nginx-sso package that should be used.
'';
};
@@ -40,9 +40,9 @@ in {
};
}
'';
- description = ''
+ description = lib.mdDoc ''
nginx-sso configuration
- (documentation)
+ ([documentation](https://github.com/Luzifer/nginx-sso/wiki/Main-Configuration))
as a Nix attribute set.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/oauth2_proxy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/oauth2_proxy.nix
index 5c89d587237..8b2c7fa2140 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/oauth2_proxy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/oauth2_proxy.nix
@@ -92,7 +92,7 @@ in
type = types.package;
default = pkgs.oauth2-proxy;
defaultText = literalExpression "pkgs.oauth2-proxy";
- description = ''
+ description = lib.mdDoc ''
The package that provides oauth2-proxy.
'';
};
@@ -118,7 +118,7 @@ in
"oidc"
];
default = "google";
- description = ''
+ description = lib.mdDoc ''
OAuth provider.
'';
};
@@ -126,14 +126,14 @@ in
approvalPrompt = mkOption {
type = types.enum ["force" "auto"];
default = "force";
- description = ''
+ description = lib.mdDoc ''
OAuth approval_prompt.
'';
};
clientID = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The OAuth Client ID.
'';
example = "123456.apps.googleusercontent.com";
@@ -141,7 +141,7 @@ in
clientSecret = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The OAuth Client Secret.
'';
};
@@ -149,7 +149,7 @@ in
skipAuthRegexes = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Skip authentication for requests matching any of these regular
expressions.
'';
@@ -169,7 +169,7 @@ in
addresses = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Line-separated email addresses that are allowed to authenticate.
'';
};
@@ -178,7 +178,7 @@ in
loginURL = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Authentication endpoint.
You only need to set this if you are using a self-hosted provider (e.g.
@@ -191,7 +191,7 @@ in
redeemURL = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Token redemption endpoint.
You only need to set this if you are using a self-hosted provider (e.g.
@@ -204,7 +204,7 @@ in
validateURL = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Access token validation endpoint.
You only need to set this if you are using a self-hosted provider (e.g.
@@ -219,7 +219,7 @@ in
# doesn't require it so making it optional.
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The OAuth2 redirect URL.
'';
example = "https://internalapp.yourcompany.com/oauth2/callback";
@@ -229,14 +229,14 @@ in
tenant = mkOption {
type = types.str;
default = "common";
- description = ''
+ description = lib.mdDoc ''
Go to a tenant-specific or common (tenant-independent) endpoint.
'';
};
resource = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The resource that is protected.
'';
};
@@ -245,28 +245,28 @@ in
google = {
adminEmail = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The Google Admin to impersonate for API calls.
Only users with access to the Admin APIs can access the Admin SDK
Directory API, thus the service account needs to impersonate one of
those users to access the Admin SDK Directory API.
- See .
+ See .
'';
};
groups = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Restrict logins to members of these Google groups.
'';
};
serviceAccountJSON = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
The path to the service account JSON credentials.
'';
};
@@ -276,7 +276,7 @@ in
org = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Restrict logins to members of this organisation.
'';
};
@@ -284,7 +284,7 @@ in
team = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Restrict logins to members of this team.
'';
};
@@ -296,8 +296,8 @@ in
upstream = mkOption {
type = with types; coercedTo str (x: [x]) (listOf str);
default = [];
- description = ''
- The http url(s) of the upstream endpoint or file://
+ description = lib.mdDoc ''
+ The http url(s) of the upstream endpoint or `file://`
paths for static files. Routing is based on the path.
'';
};
@@ -305,7 +305,7 @@ in
passAccessToken = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Pass OAuth access_token to upstream via X-Forwarded-Access-Token header.
'';
};
@@ -313,7 +313,7 @@ in
passBasicAuth = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Pass HTTP Basic Auth, X-Forwarded-User and X-Forwarded-Email information to upstream.
'';
};
@@ -321,7 +321,7 @@ in
basicAuthPassword = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The password to set when passing the HTTP Basic Auth header.
'';
};
@@ -329,7 +329,7 @@ in
passHostHeader = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Pass the request Host Header to upstream.
'';
};
@@ -337,7 +337,7 @@ in
signatureKey = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
GAP-Signature request signature key.
'';
example = "sha1:secret0";
@@ -358,7 +358,7 @@ in
expire = mkOption {
type = types.str;
default = "168h0m0s";
- description = ''
+ description = lib.mdDoc ''
Expire timeframe for cookie.
'';
};
@@ -366,7 +366,7 @@ in
httpOnly = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Set HttpOnly cookie flag.
'';
};
@@ -374,7 +374,7 @@ in
name = mkOption {
type = types.str;
default = "_oauth2_proxy";
- description = ''
+ description = lib.mdDoc ''
The name of the cookie that the oauth_proxy creates.
'';
};
@@ -383,7 +383,7 @@ in
# XXX: Unclear what the behavior is when this is not specified.
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Refresh the cookie after this duration; 0 to disable.
'';
example = "168h0m0s";
@@ -391,7 +391,7 @@ in
secret = mkOption {
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The seed string for secure cookies.
'';
};
@@ -399,7 +399,7 @@ in
secure = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Set secure (HTTPS) cookie flag.
'';
};
@@ -411,10 +411,10 @@ in
httpAddress = mkOption {
type = types.str;
default = "http://127.0.0.1:4180";
- description = ''
+ description = lib.mdDoc ''
HTTPS listening address. This module does not expose the port by
default. If you want this URL to be accessible to other machines, please
- add the port to networking.firewall.allowedTCPPorts.
+ add the port to `networking.firewall.allowedTCPPorts`.
'';
};
@@ -422,16 +422,16 @@ in
file = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Additionally authenticate against a htpasswd file. Entries must be
- created with htpasswd -s for SHA encryption.
+ created with `htpasswd -s` for SHA encryption.
'';
};
displayForm = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Display username / password login form if an htpasswd file is provided.
'';
};
@@ -440,7 +440,7 @@ in
customTemplatesDir = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to custom HTML templates.
'';
};
@@ -448,9 +448,9 @@ in
reverseProxy = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
In case when running behind a reverse proxy, controls whether headers
- like X-Real-Ip are accepted. Usage behind a reverse
+ like `X-Real-Ip` are accepted. Usage behind a reverse
proxy will require this flag to be set to avoid logging the reverse
proxy IP address.
'';
@@ -459,7 +459,7 @@ in
proxyPrefix = mkOption {
type = types.str;
default = "/oauth2";
- description = ''
+ description = lib.mdDoc ''
The url root path that this proxy should be nested under.
'';
};
@@ -468,21 +468,21 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to serve over TLS.
'';
};
certificate = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to certificate file.
'';
};
key = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to private key file.
'';
};
@@ -490,11 +490,11 @@ in
httpsAddress = mkOption {
type = types.str;
default = ":443";
- description = ''
- addr:port to listen on for HTTPS clients.
+ description = lib.mdDoc ''
+ `addr:port` to listen on for HTTPS clients.
- Remember to add port to
- allowedTCPPorts if you want other machines to be
+ Remember to add `port` to
+ `allowedTCPPorts` if you want other machines to be
able to connect to it.
'';
};
@@ -503,7 +503,7 @@ in
requestLogging = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Log requests to stdout.
'';
};
@@ -517,7 +517,7 @@ in
# doesn't require it so making it optional.
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
OAuth scope specification.
'';
};
@@ -525,7 +525,7 @@ in
profileURL = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Profile access endpoint.
'';
};
@@ -533,7 +533,7 @@ in
setXauthrequest = mkOption {
type = types.nullOr types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Set X-Auth-Request-User and X-Auth-Request-Email response headers (useful in Nginx auth_request mode). Setting this to 'null' means using the upstream default (false).
'';
};
@@ -541,7 +541,7 @@ in
extraConfig = mkOption {
default = {};
type = types.attrsOf types.anything;
- description = ''
+ description = lib.mdDoc ''
Extra config to pass to oauth2-proxy.
'';
};
@@ -549,7 +549,7 @@ in
keyFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
oauth2-proxy allows passing sensitive configuration via environment variables.
Make a file that contains lines like
OAUTH2_PROXY_CLIENT_SECRET=asdfasdfasdf.apps.googleuserscontent.com
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/oauth2_proxy_nginx.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/oauth2_proxy_nginx.nix
index 5853c5a123c..b8e45f67cf7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/oauth2_proxy_nginx.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/oauth2_proxy_nginx.nix
@@ -9,14 +9,14 @@ in
type = types.str;
default = config.services.oauth2_proxy.httpAddress;
defaultText = literalExpression "config.services.oauth2_proxy.httpAddress";
- description = ''
+ description = lib.mdDoc ''
The address of the reverse proxy endpoint for oauth2_proxy
'';
};
virtualHosts = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of nginx virtual hosts to put behind the oauth2 proxy
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/opensnitch.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/opensnitch.nix
index f9b4985e199..4558236339e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/opensnitch.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/opensnitch.nix
@@ -18,7 +18,7 @@ in {
Address = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Unix socket path (unix:///tmp/osui.sock, the "unix:///" part is
mandatory) or TCP socket (192.168.1.100:50051).
'';
@@ -26,7 +26,7 @@ in {
LogFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
File to write logs to (use /dev/stdout to write logs to standard
output).
'';
@@ -36,7 +36,7 @@ in {
DefaultAction = mkOption {
type = types.enum [ "allow" "deny" ];
- description = ''
+ description = lib.mdDoc ''
Default action whether to block or allow application internet
access.
'';
@@ -46,28 +46,28 @@ in {
type = types.enum [
"once" "always" "until restart" "30s" "5m" "15m" "30m" "1h"
];
- description = ''
+ description = lib.mdDoc ''
Default duration of firewall rule.
'';
};
InterceptUnknown = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Wheter to intercept spare connections.
'';
};
ProcMonitorMethod = mkOption {
type = types.enum [ "ebpf" "proc" "ftrace" "audit" ];
- description = ''
+ description = lib.mdDoc ''
Which process monitoring method to use.
'';
};
LogLevel = mkOption {
type = types.enum [ 0 1 2 3 4 ];
- description = ''
+ description = lib.mdDoc ''
Default log level from 0 to 4 (debug, info, important, warning,
error).
'';
@@ -75,7 +75,7 @@ in {
Firewall = mkOption {
type = types.enum [ "iptables" "nftables" ];
- description = ''
+ description = lib.mdDoc ''
Which firewall backend to use.
'';
};
@@ -84,14 +84,14 @@ in {
MaxEvents = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Max events to send to the GUI.
'';
};
MaxStats = mkOption {
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Max stats per item to keep in backlog.
'';
};
@@ -99,9 +99,9 @@ in {
};
};
};
- description = ''
+ description = lib.mdDoc ''
opensnitchd configuration. Refer to
-
+
for details on supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/pass-secret-service.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/pass-secret-service.nix
new file mode 100644
index 00000000000..611cea48ee6
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/pass-secret-service.nix
@@ -0,0 +1,27 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+ cfg = config.services.passSecretService;
+in
+{
+ options.services.passSecretService = {
+ enable = mkEnableOption "pass secret service";
+
+ package = mkOption {
+ type = types.package;
+ default = pkgs.pass-secret-service;
+ defaultText = literalExpression "pkgs.pass-secret-service";
+ description = lib.mdDoc "Which pass-secret-service package to use.";
+ example = literalExpression "pkgs.pass-secret-service.override { python3 = pkgs.python310 }";
+ };
+ };
+
+ config = mkIf cfg.enable {
+ systemd.packages = [ cfg.package ];
+ services.dbus.packages = [ cfg.package ];
+ };
+
+ meta.maintainers = with maintainers; [ aidalgol ];
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/physlock.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/physlock.nix
index 760e80f147f..3db9e0ac445 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/physlock.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/physlock.nix
@@ -17,15 +17,15 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to enable the physlock screen locking mechanism.
+ description = lib.mdDoc ''
+ Whether to enable the {command}`physlock` screen locking mechanism.
- Enable this and then run systemctl start physlock
+ Enable this and then run {command}`systemctl start physlock`
to securely lock the screen.
This will switch to a new virtual terminal, turn off console
switching and disable SysRq mechanism (when
- is set)
+ {option}`services.physlock.disableSysRq` is set)
until the root or user password is given.
'';
};
@@ -33,7 +33,7 @@ in
allowAnyUser = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to allow any user to lock the screen. This will install a
setuid wrapper to allow any user to start physlock as root, which
is a minor security risk. Call the physlock binary to use this instead
@@ -44,7 +44,7 @@ in
disableSysRq = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to disable SysRq when locked with physlock.
'';
};
@@ -52,7 +52,7 @@ in
lockMessage = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Message to show on physlock login terminal.
'';
};
@@ -62,7 +62,7 @@ in
suspend = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to lock screen with physlock just before suspend.
'';
};
@@ -70,7 +70,7 @@ in
hibernate = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to lock screen with physlock just before hibernate.
'';
};
@@ -79,11 +79,11 @@ in
type = types.listOf types.str;
default = [];
example = [ "display-manager.service" ];
- description = ''
+ description = lib.mdDoc ''
Other targets to lock the screen just before.
Useful if you want to e.g. both autologin to X11 so that
- your ~/.xsession gets executed and
+ your {file}`~/.xsession` gets executed and
still to have the screen locked so that the system can be
booted relatively unattended.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/privacyidea.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/privacyidea.nix
index b8e2d9a8b0d..599ade003c0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/privacyidea.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/privacyidea.nix
@@ -6,7 +6,7 @@ let
cfg = config.services.privacyidea;
opt = options.services.privacyidea;
- uwsgi = pkgs.uwsgi.override { plugins = [ "python3" ]; };
+ uwsgi = pkgs.uwsgi.override { plugins = [ "python3" ]; python3 = pkgs.python39; };
python = uwsgi.python3;
penv = python.withPackages (const [ pkgs.privacyidea ]);
logCfg = pkgs.writeText "privacyidea-log.cfg" ''
@@ -51,6 +51,16 @@ let
${cfg.extraConfig}
'';
+ renderValue = x:
+ if isList x then concatMapStringsSep "," (x: ''"${x}"'') x
+ else if isString x && hasInfix "," x then ''"${x}"''
+ else x;
+
+ ldapProxyConfig = pkgs.writeText "ldap-proxy.ini"
+ (generators.toINI {}
+ (flip mapAttrs cfg.ldap-proxy.settings
+ (const (mapAttrs (const renderValue)))));
+
in
{
@@ -81,7 +91,7 @@ in
stateDir = mkOption {
type = types.str;
default = "/var/lib/privacyidea";
- description = ''
+ description = lib.mdDoc ''
Directory where all PrivacyIDEA files will be placed by default.
'';
};
@@ -89,7 +99,7 @@ in
superuserRealm = mkOption {
type = types.listOf types.str;
default = [ "super" "administrators" ];
- description = ''
+ description = lib.mdDoc ''
The realm where users are allowed to login as administrators.
'';
};
@@ -97,7 +107,7 @@ in
secretKey = mkOption {
type = types.str;
example = "t0p s3cr3t";
- description = ''
+ description = lib.mdDoc ''
This is used to encrypt the auth_token.
'';
};
@@ -105,7 +115,7 @@ in
pepper = mkOption {
type = types.str;
example = "Never know...";
- description = ''
+ description = lib.mdDoc ''
This is used to encrypt the admin passwords.
'';
};
@@ -114,7 +124,7 @@ in
type = types.str;
default = "${cfg.stateDir}/enckey";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/enckey"'';
- description = ''
+ description = lib.mdDoc ''
This is used to encrypt the token data and token passwords
'';
};
@@ -123,7 +133,7 @@ in
type = types.str;
default = "${cfg.stateDir}/private.pem";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/private.pem"'';
- description = ''
+ description = lib.mdDoc ''
Private Key for signing the audit log.
'';
};
@@ -132,26 +142,26 @@ in
type = types.str;
default = "${cfg.stateDir}/public.pem";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/public.pem"'';
- description = ''
+ description = lib.mdDoc ''
Public key for checking signatures of the audit log.
'';
};
adminPasswordFile = mkOption {
type = types.path;
- description = "File containing password for the admin user";
+ description = lib.mdDoc "File containing password for the admin user";
};
adminEmail = mkOption {
type = types.str;
example = "admin@example.com";
- description = "Mail address for the admin user";
+ description = lib.mdDoc "Mail address for the admin user";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration options for pi.cfg.
'';
};
@@ -159,21 +169,22 @@ in
user = mkOption {
type = types.str;
default = "privacyidea";
- description = "User account under which PrivacyIDEA runs.";
+ description = lib.mdDoc "User account under which PrivacyIDEA runs.";
};
group = mkOption {
type = types.str;
default = "privacyidea";
- description = "Group account under which PrivacyIDEA runs.";
+ description = lib.mdDoc "Group account under which PrivacyIDEA runs.";
};
ldap-proxy = {
enable = mkEnableOption "PrivacyIDEA LDAP Proxy";
configFile = mkOption {
- type = types.path;
- description = ''
+ type = types.nullOr types.path;
+ default = null;
+ description = lib.mdDoc ''
Path to PrivacyIDEA LDAP Proxy configuration (proxy.ini).
'';
};
@@ -181,13 +192,33 @@ in
user = mkOption {
type = types.str;
default = "pi-ldap-proxy";
- description = "User account under which PrivacyIDEA LDAP proxy runs.";
+ description = lib.mdDoc "User account under which PrivacyIDEA LDAP proxy runs.";
};
group = mkOption {
type = types.str;
default = "pi-ldap-proxy";
- description = "Group account under which PrivacyIDEA LDAP proxy runs.";
+ description = lib.mdDoc "Group account under which PrivacyIDEA LDAP proxy runs.";
+ };
+
+ settings = mkOption {
+ type = with types; attrsOf (attrsOf (oneOf [ str bool int (listOf str) ]));
+ default = {};
+ description = ''
+ Attribute-set containing the settings for privacyidea-ldap-proxy.
+ It's possible to pass secrets using env-vars as substitutes and
+ use the option
+ to inject them via envsubst.
+ '';
+ };
+
+ environmentFile = mkOption {
+ default = null;
+ type = types.nullOr types.str;
+ description = ''
+ Environment file containing secrets to be substituted into
+ .
+ '';
};
};
};
@@ -276,6 +307,18 @@ in
(mkIf cfg.ldap-proxy.enable {
+ assertions = [
+ { assertion = let
+ xor = a: b: a && !b || !a && b;
+ in xor (cfg.ldap-proxy.settings == {}) (cfg.ldap-proxy.configFile == null);
+ message = "configFile & settings are mutually exclusive for services.privacyidea.ldap-proxy!";
+ }
+ ];
+
+ warnings = mkIf (cfg.ldap-proxy.configFile != null) [
+ "Using services.privacyidea.ldap-proxy.configFile is deprecated! Use the RFC42-style settings option instead!"
+ ];
+
systemd.services.privacyidea-ldap-proxy = let
ldap-proxy-env = pkgs.python3.withPackages (ps: [ ps.privacyidea-ldap-proxy ]);
in {
@@ -284,14 +327,28 @@ in
serviceConfig = {
User = cfg.ldap-proxy.user;
Group = cfg.ldap-proxy.group;
- ExecStart = ''
+ StateDirectory = "privacyidea-ldap-proxy";
+ EnvironmentFile = mkIf (cfg.ldap-proxy.environmentFile != null)
+ [ cfg.ldap-proxy.environmentFile ];
+ ExecStartPre =
+ "${pkgs.writeShellScript "substitute-secrets-ldap-proxy" ''
+ umask 0077
+ ${pkgs.envsubst}/bin/envsubst \
+ -i ${ldapProxyConfig} \
+ -o $STATE_DIRECTORY/ldap-proxy.ini
+ ''}";
+ ExecStart = let
+ configPath = if cfg.ldap-proxy.settings != {}
+ then "%S/privacyidea-ldap-proxy/ldap-proxy.ini"
+ else cfg.ldap-proxy.configFile;
+ in ''
${ldap-proxy-env}/bin/twistd \
--nodaemon \
--pidfile= \
-u ${cfg.ldap-proxy.user} \
-g ${cfg.ldap-proxy.group} \
ldap-proxy \
- -c ${cfg.ldap-proxy.configFile}
+ -c ${configPath}
'';
Restart = "always";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/shibboleth-sp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/shibboleth-sp.nix
index fea2a855e20..6626ea21362 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/shibboleth-sp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/shibboleth-sp.nix
@@ -9,31 +9,31 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the shibboleth service";
+ description = lib.mdDoc "Whether to enable the shibboleth service";
};
configFile = mkOption {
type = types.path;
example = literalExpression ''"''${pkgs.shibboleth-sp}/etc/shibboleth/shibboleth2.xml"'';
- description = "Path to shibboleth config file";
+ description = lib.mdDoc "Path to shibboleth config file";
};
fastcgi.enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to include the shibauthorizer and shibresponder FastCGI processes";
+ description = lib.mdDoc "Whether to include the shibauthorizer and shibresponder FastCGI processes";
};
fastcgi.shibAuthorizerPort = mkOption {
type = types.int;
default = 9100;
- description = "Port for shibauthorizer FastCGI proccess to bind to";
+ description = lib.mdDoc "Port for shibauthorizer FastCGI proccess to bind to";
};
fastcgi.shibResponderPort = mkOption {
type = types.int;
default = 9101;
- description = "Port for shibauthorizer FastCGI proccess to bind to";
+ description = lib.mdDoc "Port for shibauthorizer FastCGI proccess to bind to";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/sks.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/sks.nix
index f4911597564..e9205e4855e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/sks.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/sks.nix
@@ -25,7 +25,7 @@ in {
default = pkgs.sks;
defaultText = literalExpression "pkgs.sks";
type = types.package;
- description = "Which SKS derivation to use.";
+ description = lib.mdDoc "Which SKS derivation to use.";
};
dataDir = mkOption {
@@ -35,7 +35,7 @@ in {
# TODO: The default might change to "/var/lib/sks" as this is more
# common. There's also https://github.com/NixOS/nixpkgs/issues/26256
# and "/var/db" is not FHS compliant (seems to come from BSD).
- description = ''
+ description = lib.mdDoc ''
Data directory (-basedir) for SKS, where the database and all
configuration files are located (e.g. KDB, PTree, membership and
sksconf).
@@ -45,7 +45,7 @@ in {
extraDbConfig = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Set contents of the files "KDB/DB_CONFIG" and "PTree/DB_CONFIG" within
the ''${dataDir} directory. This is used to configure options for the
database for the sks key server.
@@ -59,7 +59,7 @@ in {
hkpAddress = mkOption {
default = [ "127.0.0.1" "::1" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Domain names, IPv4 and/or IPv6 addresses to listen on for HKP
requests.
'';
@@ -68,14 +68,14 @@ in {
hkpPort = mkOption {
default = 11371;
type = types.ints.u16;
- description = "HKP port to listen on.";
+ description = lib.mdDoc "HKP port to listen on.";
};
webroot = mkOption {
type = types.nullOr types.path;
default = "${sksPkg.webSamples}/OpenPKG";
defaultText = literalExpression ''"''${package.webSamples}/OpenPKG"'';
- description = ''
+ description = lib.mdDoc ''
Source directory (will be symlinked, if not null) for the files the
built-in webserver should serve. SKS (''${pkgs.sks.webSamples})
provides the following examples: "HTML5", "OpenPKG", and "XHTML+ES".
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/sshguard.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/sshguard.nix
index 3be0a8c700b..4e9d9571de5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/sshguard.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/sshguard.nix
@@ -30,13 +30,13 @@ in {
enable = mkOption {
default = false;
type = types.bool;
- description = "Whether to enable the sshguard service.";
+ description = lib.mdDoc "Whether to enable the sshguard service.";
};
attack_threshold = mkOption {
default = 30;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Block attackers when their cumulative attack score exceeds threshold. Most attacks have a score of 10.
'';
};
@@ -45,7 +45,7 @@ in {
default = null;
example = 120;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
Blacklist an attacker when its score exceeds threshold. Blacklisted addresses are loaded from and added to blacklist-file.
'';
};
@@ -53,7 +53,7 @@ in {
blacklist_file = mkOption {
default = "/var/lib/sshguard/blacklist.db";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Blacklist an attacker when its score exceeds threshold. Blacklisted addresses are loaded from and added to blacklist-file.
'';
};
@@ -61,7 +61,7 @@ in {
blocktime = mkOption {
default = 120;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Block attackers for initially blocktime seconds after exceeding threshold. Subsequent blocks increase by a factor of 1.5.
sshguard unblocks attacks at random intervals, so actual block times will be longer.
@@ -71,7 +71,7 @@ in {
detection_time = mkOption {
default = 1800;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Remember potential attackers for up to detection_time seconds before resetting their score.
'';
};
@@ -80,7 +80,7 @@ in {
default = [ ];
example = [ "198.51.100.56" "198.51.100.2" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Whitelist a list of addresses, hostnames, or address blocks.
'';
};
@@ -89,7 +89,7 @@ in {
default = [ "sshd" ];
example = [ "sshd" "exim" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Systemd services sshguard should receive logs of.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/step-ca.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/step-ca.nix
index 95183078d7b..9b9b53f1351 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/step-ca.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/step-ca.nix
@@ -14,22 +14,22 @@ in
type = lib.types.package;
default = pkgs.step-ca;
defaultText = lib.literalExpression "pkgs.step-ca";
- description = "Which step-ca package to use.";
+ description = lib.mdDoc "Which step-ca package to use.";
};
address = lib.mkOption {
type = lib.types.str;
example = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The address (without port) the certificate authority should listen at.
- This combined with overrides .
+ This combined with {option}`services.step-ca.port` overrides {option}`services.step-ca.settings.address`.
'';
};
port = lib.mkOption {
type = lib.types.port;
example = 8443;
- description = ''
+ description = lib.mdDoc ''
The port the certificate authority should listen on.
- This combined with overrides .
+ This combined with {option}`services.step-ca.address` overrides {option}`services.step-ca.settings.address`.
'';
};
settings = lib.mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/tor.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/tor.nix
index a5822c02794..f611fee6908 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/tor.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/tor.nix
@@ -234,7 +234,7 @@ in
type = types.package;
default = pkgs.tor;
defaultText = literalExpression "pkgs.tor";
- description = "Tor package to use.";
+ description = lib.mdDoc "Tor package to use.";
};
enableGeoIP = mkEnableOption ''use of GeoIP databases.
@@ -255,7 +255,7 @@ in
type = optionSOCKSPort false;
default = {addr = "127.0.0.1"; port = 9050; IsolateDestAddr = true;};
example = {addr = "192.168.0.1"; port = 9090; IsolateDestAddr = true;};
- description = ''
+ description = lib.mdDoc ''
Bind to this address to listen for connections from
Socks-speaking applications.
'';
@@ -442,20 +442,20 @@ in
type = types.attrsOf (types.submodule ({name, config, ...}: {
options.path = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path where to store the data files of the hidden service.
- If the is null
- this defaults to ${stateDir}/onion/$onion,
- otherwise to ${runDir}/onion/$onion.
+ If the {option}`secretKey` is null
+ this defaults to `${stateDir}/onion/$onion`,
+ otherwise to `${runDir}/onion/$onion`.
'';
};
options.secretKey = mkOption {
type = with types; nullOr path;
default = null;
example = "/run/keys/tor/onion/expyuzz4wqqyqhjn/hs_ed25519_secret_key";
- description = ''
+ description = lib.mdDoc ''
Secret key of the onion service.
- If null, Tor reuses any preexisting secret key (in )
+ If null, Tor reuses any preexisting secret key (in {option}`path`)
or generates a new one.
The associated public key and hostname are deterministically regenerated
from this file if they do not exist.
@@ -468,9 +468,9 @@ in
options = {
authType = mkOption {
type = types.enum [ "basic" "stealth" ];
- description = ''
- Either "basic" for a general-purpose authorization protocol
- or "stealth" for a less scalable protocol
+ description = lib.mdDoc ''
+ Either `"basic"` for a general-purpose authorization protocol
+ or `"stealth"` for a less scalable protocol
that also hides service activity from unauthorized clients.
'';
};
@@ -569,8 +569,8 @@ in
};
settings = mkOption {
- description = ''
- See torrc manual
+ description = lib.mdDoc ''
+ See [torrc manual](https://2019.www.torproject.org/docs/tor-manual.html.en)
for documentation.
'';
default = {};
@@ -716,12 +716,12 @@ in
options = {
onion = mkOption {
type = strMatching "[a-z2-7]{16}\\.onion";
- description = "Onion address.";
+ description = lib.mdDoc "Onion address.";
example = "xxxxxxxxxxxxxxxx.onion";
};
auth = mkOption {
type = strMatching "[A-Za-z0-9+/]{22}";
- description = "Authentication cookie.";
+ description = lib.mdDoc "Authentication cookie.";
};
};
})
@@ -783,13 +783,13 @@ in
type = with types; nullOr (submodule ({...}: {
options = {
transports = mkOption {
- description = "List of pluggable transports.";
+ description = lib.mdDoc "List of pluggable transports.";
type = listOf str;
example = ["obfs2" "obfs3" "obfs4" "scramblesuit"];
};
exec = mkOption {
type = types.str;
- description = "Command of pluggable transport.";
+ description = lib.mdDoc "Command of pluggable transport.";
};
};
}));
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/torify.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/torify.nix
index 39551190dd3..770e445d733 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/torify.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/torify.nix
@@ -44,7 +44,7 @@ in
type = types.str;
default = "localhost:9050";
example = "192.168.0.20";
- description = ''
+ description = lib.mdDoc ''
IP address of TOR client to use.
'';
};
@@ -52,7 +52,7 @@ in
config = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration. Contents will be added verbatim to TSocks
configuration file.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/torsocks.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/torsocks.nix
index fdd6ac32cc6..0647d7eb49b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/torsocks.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/torsocks.nix
@@ -38,8 +38,8 @@ in
type = types.bool;
default = config.services.tor.enable && config.services.tor.client.enable;
defaultText = literalExpression "config.services.tor.enable && config.services.tor.client.enable";
- description = ''
- Whether to build /etc/tor/torsocks.conf
+ description = lib.mdDoc ''
+ Whether to build `/etc/tor/torsocks.conf`
containing the specified global torsocks configuration.
'';
};
@@ -48,7 +48,7 @@ in
type = types.str;
default = "127.0.0.1:9050";
example = "192.168.0.20:1234";
- description = ''
+ description = lib.mdDoc ''
IP/Port of the Tor SOCKS server. Currently, hostnames are
NOT supported by torsocks.
'';
@@ -58,7 +58,7 @@ in
type = types.str;
default = "127.0.0.1:9063";
example = "192.168.0.20:1234";
- description = ''
+ description = lib.mdDoc ''
IP/Port of the Tor SOCKS server for torsocks-faster wrapper suitable for HTTP.
Currently, hostnames are NOT supported by torsocks.
'';
@@ -67,7 +67,7 @@ in
onionAddrRange = mkOption {
type = types.str;
default = "127.42.42.0/24";
- description = ''
+ description = lib.mdDoc ''
Tor hidden sites do not have real IP addresses. This
specifies what range of IP addresses will be handed to the
application as "cookies" for .onion names. Of course, you
@@ -81,8 +81,8 @@ in
type = types.nullOr types.str;
default = null;
example = "bob";
- description = ''
- SOCKS5 username. The TORSOCKS_USERNAME
+ description = lib.mdDoc ''
+ SOCKS5 username. The `TORSOCKS_USERNAME`
environment variable overrides this option if it is set.
'';
};
@@ -91,8 +91,8 @@ in
type = types.nullOr types.str;
default = null;
example = "sekret";
- description = ''
- SOCKS5 password. The TORSOCKS_PASSWORD
+ description = lib.mdDoc ''
+ SOCKS5 password. The `TORSOCKS_PASSWORD`
environment variable overrides this option if it is set.
'';
};
@@ -100,9 +100,9 @@ in
allowInbound = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Set Torsocks to accept inbound connections. If set to
- true, listen() and accept() will be
+ `true`, listen() and accept() will be
allowed to be used with non localhost address.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/usbguard.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/usbguard.nix
index 201b37f17ba..eb3c335d974 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/usbguard.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/usbguard.nix
@@ -45,9 +45,9 @@ in
type = types.package;
default = pkgs.usbguard;
defaultText = literalExpression "pkgs.usbguard";
- description = ''
+ description = lib.mdDoc ''
The usbguard package to use. If you do not need the Qt GUI, use
- pkgs.usbguard-nox to save disk space.
+ `pkgs.usbguard-nox` to save disk space.
'';
};
@@ -78,7 +78,7 @@ in
implictPolicyTarget = mkOption {
type = policy;
default = "block";
- description = ''
+ description = lib.mdDoc ''
How to treat USB devices that don't match any rule in the policy.
Target should be one of allow, block or reject (logically remove the
device node from the system).
@@ -88,7 +88,7 @@ in
presentDevicePolicy = mkOption {
type = policy;
default = "apply-policy";
- description = ''
+ description = lib.mdDoc ''
How to treat USB devices that are already connected when the daemon
starts. Policy should be one of allow, block, reject, keep (keep
whatever state the device is currently in) or apply-policy (evaluate
@@ -99,7 +99,7 @@ in
presentControllerPolicy = mkOption {
type = policy;
default = "keep";
- description = ''
+ description = lib.mdDoc ''
How to treat USB controller devices that are already connected when
the daemon starts. One of allow, block, reject, keep or apply-policy.
'';
@@ -108,7 +108,7 @@ in
insertedDevicePolicy = mkOption {
type = policy;
default = "apply-policy";
- description = ''
+ description = lib.mdDoc ''
How to treat USB devices that are already connected after the daemon
starts. One of block, reject, apply-policy.
'';
@@ -117,7 +117,7 @@ in
restoreControllerDeviceState = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
The USBGuard daemon modifies some attributes of controller
devices like the default authorization state of new child device
instances. Using this setting, you can controll whether the daemon
@@ -130,7 +130,7 @@ in
type = types.listOf types.str;
default = [ "root" ];
example = [ "root" "yourusername" ];
- description = ''
+ description = lib.mdDoc ''
A list of usernames that the daemon will accept IPC connections from.
'';
};
@@ -139,7 +139,7 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "wheel" ];
- description = ''
+ description = lib.mdDoc ''
A list of groupnames that the daemon will accept IPC connections
from.
'';
@@ -148,7 +148,7 @@ in
deviceRulesWithPort = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Generate device specific rules including the "via-port" attribute.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/vault.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/vault.nix
index d48bc472cb8..e4777910b6d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/vault.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/vault.nix
@@ -7,6 +7,8 @@ let
opt = options.services.vault;
configFile = pkgs.writeText "vault.hcl" ''
+ # vault in dev mode will refuse to start if its configuration sets listener
+ ${lib.optionalString (!cfg.dev) ''
listener "tcp" {
address = "${cfg.address}"
${if (cfg.tlsCertFile == null || cfg.tlsKeyFile == null) then ''
@@ -17,6 +19,7 @@ let
''}
${cfg.listenerExtraConfig}
}
+ ''}
storage "${cfg.storageBackend}" {
${optionalString (cfg.storagePath != null) ''path = "${cfg.storagePath}"''}
${optionalString (cfg.storageConfig != null) cfg.storageConfig}
@@ -30,8 +33,10 @@ let
'';
allConfigPaths = [configFile] ++ cfg.extraSettingsPaths;
-
- configOptions = escapeShellArgs (concatMap (p: ["-config" p]) allConfigPaths);
+ configOptions = escapeShellArgs
+ (lib.optional cfg.dev "-dev" ++
+ lib.optional (cfg.dev && cfg.devRootTokenID != null) "-dev-root-token-id=${cfg.devRootTokenID}"
+ ++ (concatMap (p: ["-config" p]) allConfigPaths));
in
@@ -44,27 +49,43 @@ in
type = types.package;
default = pkgs.vault;
defaultText = literalExpression "pkgs.vault";
- description = "This option specifies the vault package to use.";
+ description = lib.mdDoc "This option specifies the vault package to use.";
+ };
+
+ dev = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ In this mode, Vault runs in-memory and starts unsealed. This option is not meant production but for development and testing i.e. for nixos tests.
+ '';
+ };
+
+ devRootTokenID = mkOption {
+ type = types.str;
+ default = false;
+ description = lib.mdDoc ''
+ Initial root token. This only applies when {option}`services.vault.dev` is true
+ '';
};
address = mkOption {
type = types.str;
default = "127.0.0.1:8200";
- description = "The name of the ip interface to listen to";
+ description = lib.mdDoc "The name of the ip interface to listen to";
};
tlsCertFile = mkOption {
type = types.nullOr types.str;
default = null;
example = "/path/to/your/cert.pem";
- description = "TLS certificate file. TLS will be disabled unless this option is set";
+ description = lib.mdDoc "TLS certificate file. TLS will be disabled unless this option is set";
};
tlsKeyFile = mkOption {
type = types.nullOr types.str;
default = null;
example = "/path/to/your/key.pem";
- description = "TLS private key file. TLS will be disabled unless this option is set";
+ description = lib.mdDoc "TLS private key file. TLS will be disabled unless this option is set";
};
listenerExtraConfig = mkOption {
@@ -72,13 +93,13 @@ in
default = ''
tls_min_version = "tls12"
'';
- description = "Extra text appended to the listener section.";
+ description = lib.mdDoc "Extra text appended to the listener section.";
};
storageBackend = mkOption {
type = types.enum [ "inmem" "file" "consul" "zookeeper" "s3" "azure" "dynamodb" "etcd" "mssql" "mysql" "postgresql" "swift" "gcs" "raft" ];
default = "inmem";
- description = "The name of the type of storage backend";
+ description = lib.mdDoc "The name of the type of storage backend";
};
storagePath = mkOption {
@@ -89,7 +110,7 @@ in
then "/var/lib/vault"
else null
'';
- description = "Data directory for file backend";
+ description = lib.mdDoc "Data directory for file backend";
};
storageConfig = mkOption {
@@ -108,13 +129,13 @@ in
telemetryConfig = mkOption {
type = types.lines;
default = "";
- description = "Telemetry configuration";
+ description = lib.mdDoc "Telemetry configuration";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Extra text appended to vault.hcl.";
+ description = lib.mdDoc "Extra text appended to {file}`vault.hcl`.";
};
extraSettingsPaths = mkOption {
@@ -186,6 +207,9 @@ in
Group = "vault";
ExecStart = "${cfg.package}/bin/vault server ${configOptions}";
ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";
+ StateDirectory = "vault";
+ # In `dev` mode vault will put its token here
+ Environment = lib.optional (cfg.dev) "HOME=/var/lib/vault";
PrivateDevices = true;
PrivateTmp = true;
ProtectSystem = "full";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/vaultwarden/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/vaultwarden/default.nix
index 756e0ee93b2..7e5389d78f4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/vaultwarden/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/vaultwarden/default.nix
@@ -44,7 +44,7 @@ in {
dbBackend = mkOption {
type = enum [ "sqlite" "mysql" "postgresql" ];
default = "sqlite";
- description = ''
+ description = lib.mdDoc ''
Which database backend vaultwarden will be using.
'';
};
@@ -52,7 +52,7 @@ in {
backupDir = mkOption {
type = nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The directory under which vaultwarden will backup its persistent data.
'';
};
@@ -159,14 +159,14 @@ ADMIN_TOKEN=...copy-paste a unique generated secret token here...
type = package;
default = pkgs.vaultwarden;
defaultText = literalExpression "pkgs.vaultwarden";
- description = "Vaultwarden package to use.";
+ description = lib.mdDoc "Vaultwarden package to use.";
};
webVaultPackage = mkOption {
type = package;
default = pkgs.vaultwarden-vault;
defaultText = literalExpression "pkgs.vaultwarden-vault";
- description = "Web vault package to use.";
+ description = lib.mdDoc "Web vault package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/yubikey-agent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/yubikey-agent.nix
index 8be2457e1e2..c91ff3e69a0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/yubikey-agent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/security/yubikey-agent.nix
@@ -21,7 +21,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to start yubikey-agent when you log in. Also sets
SSH_AUTH_SOCK to point at yubikey-agent.
@@ -34,7 +34,7 @@ in
type = types.package;
default = pkgs.yubikey-agent;
defaultText = literalExpression "pkgs.yubikey-agent";
- description = ''
+ description = lib.mdDoc ''
The package used for the yubikey-agent daemon.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/cachix-agent/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/cachix-agent/default.nix
index f11d80d244d..b730118d46d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/cachix-agent/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/cachix-agent/default.nix
@@ -12,28 +12,34 @@ in {
name = mkOption {
type = types.str;
- description = "Agent name, usually same as the hostname";
+ description = lib.mdDoc "Agent name, usually same as the hostname";
default = config.networking.hostName;
defaultText = "config.networking.hostName";
};
+ verbose = mkOption {
+ type = types.bool;
+ description = lib.mdDoc "Enable verbose output";
+ default = false;
+ };
+
profile = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Profile name, defaults to 'system' (NixOS).";
+ description = lib.mdDoc "Profile name, defaults to 'system' (NixOS).";
};
package = mkOption {
type = types.package;
default = pkgs.cachix;
defaultText = literalExpression "pkgs.cachix";
- description = "Cachix Client package to use.";
+ description = lib.mdDoc "Cachix Client package to use.";
};
credentialsFile = mkOption {
type = types.path;
default = "/etc/cachix-agent.token";
- description = ''
+ description = lib.mdDoc ''
Required file that needs to contain CACHIX_AGENT_TOKEN=...
'';
};
@@ -45,13 +51,19 @@ in {
after = ["network-online.target"];
path = [ config.nix.package ];
wantedBy = [ "multi-user.target" ];
- # don't restart while changing
- reloadIfChanged = true;
+
+ # Cachix requires $USER to be set
environment.USER = "root";
+
+ # don't stop the service if the unit disappears
+ unitConfig.X-StopOnRemoval = false;
+
serviceConfig = {
+ # we don't want to kill children processes as those are deployments
+ KillMode = "process";
Restart = "on-failure";
EnvironmentFile = cfg.credentialsFile;
- ExecStart = "${cfg.package}/bin/cachix deploy agent ${cfg.name} ${if cfg.profile != null then profile else ""}";
+ ExecStart = "${cfg.package}/bin/cachix ${lib.optionalString cfg.verbose "--verbose"} deploy agent ${cfg.name} ${if cfg.profile != null then profile else ""}";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/cloud-init.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/cloud-init.nix
index 8c6a6e294eb..111cfa83c22 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/cloud-init.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/cloud-init.nix
@@ -20,7 +20,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the cloud-init service. This services reads
configuration metadata in a cloud environment and configures
the machine according to this metadata.
@@ -55,7 +55,7 @@ in
network.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow the cloud-init service to configure network interfaces
through systemd-networkd.
'';
@@ -109,7 +109,7 @@ in
- final-message
- power-state-change
'';
- description = "cloud-init configuration.";
+ description = lib.mdDoc "cloud-init configuration.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/dbus.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/dbus.nix
index d4cacb85694..c02e0905f1c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/dbus.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/dbus.nix
@@ -54,13 +54,13 @@ in
apparmor = mkOption {
type = types.enum [ "enabled" "disabled" "required" ];
- description = ''
+ description = lib.mdDoc ''
AppArmor mode for dbus.
- enabled enables mediation when it's
- supported in the kernel, disabled
+ `enabled` enables mediation when it's
+ supported in the kernel, `disabled`
always disables AppArmor even with kernel support, and
- required fails when AppArmor was not found
+ `required` fails when AppArmor was not found
in the kernel.
'';
default = "disabled";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/earlyoom.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/earlyoom.nix
index 62935855989..3e361fce00f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/earlyoom.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/earlyoom.nix
@@ -16,16 +16,16 @@ in
freeMemThreshold = mkOption {
type = types.ints.between 1 100;
default = 10;
- description = ''
+ description = lib.mdDoc ''
Minimum available memory (in percent).
If the available memory falls below this threshold (and the analog is true for
- ) the killing begins.
+ {option}`freeSwapThreshold`) the killing begins.
SIGTERM is sent first to the process that uses the most memory; then, if the available
- memory falls below (and the analog is true for
- ), SIGKILL is sent.
+ memory falls below {option}`freeMemKillThreshold` (and the analog is true for
+ {option}`freeSwapKillThreshold`), SIGKILL is sent.
- See README for details.
+ See [README](https://github.com/rfjakob/earlyoom#command-line-options) for details.
'';
};
@@ -64,7 +64,7 @@ in
enableDebugInfo = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable debugging messages.
'';
};
@@ -95,11 +95,11 @@ in
echo "Process $EARLYOOM_NAME ($EARLYOOM_PID) was killed" >> /path/to/log
'''
'';
- description = ''
+ description = lib.mdDoc ''
An absolute path to an executable to be run for each process killed.
Some environment variables are available, see
- README and
- the man page
+ [README](https://github.com/rfjakob/earlyoom#notifications) and
+ [the man page](https://github.com/rfjakob/earlyoom/blob/master/MANPAGE.md#-n-pathtoscript)
for details.
'';
};
@@ -108,14 +108,14 @@ in
type = types.int;
default = 3600;
example = 0;
- description = "Interval (in seconds) at which a memory report is printed (set to 0 to disable).";
+ description = lib.mdDoc "Interval (in seconds) at which a memory report is printed (set to 0 to disable).";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
example = [ "-g" "--prefer '(^|/)(java|chromium)$'" ];
- description = "Extra command-line arguments to be passed to earlyoom.";
+ description = lib.mdDoc "Extra command-line arguments to be passed to earlyoom.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/localtime.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/localtime.nix
index 689453375f5..c80fe366453 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/localtime.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/localtime.nix
@@ -12,8 +12,8 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Enable localtimed, a simple daemon for keeping the
+ description = lib.mdDoc ''
+ Enable `localtimed`, a simple daemon for keeping the
system timezone up-to-date based on the current location. It uses
geoclue2 to determine the current location.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/saslauthd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/saslauthd.nix
index 466b0ca60a7..c3fa7f7aefc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/saslauthd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/saslauthd.nix
@@ -22,19 +22,19 @@ in
default = pkgs.cyrus_sasl.bin;
defaultText = literalExpression "pkgs.cyrus_sasl.bin";
type = types.package;
- description = "Cyrus SASL package to use.";
+ description = lib.mdDoc "Cyrus SASL package to use.";
};
mechanism = mkOption {
type = types.str;
default = "pam";
- description = "Auth mechanism to use";
+ description = lib.mdDoc "Auth mechanism to use";
};
config = mkOption {
type = types.lines;
default = "";
- description = "Configuration to use for Cyrus SASL authentication daemon.";
+ description = lib.mdDoc "Configuration to use for Cyrus SASL authentication daemon.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/self-deploy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/self-deploy.nix
index d7130a13c73..ff56206573c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/self-deploy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/self-deploy.nix
@@ -30,7 +30,7 @@ in
default = "/default.nix";
- description = ''
+ description = lib.mdDoc ''
Path to nix file in repository. Leading '/' refers to root of
git repository.
'';
@@ -88,7 +88,7 @@ in
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to SSH private key used to fetch private repositories over
SSH.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/uptimed.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/uptimed.nix
index 67a03876e19..df08c0f26e9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/uptimed.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/system/uptimed.nix
@@ -12,8 +12,8 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
- Enable uptimed, allowing you to track
+ description = lib.mdDoc ''
+ Enable `uptimed`, allowing you to track
your highest uptimes.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/deluge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/deluge.nix
index cb0da9e83b4..3f4cd2ff6e0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/deluge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/deluge.nix
@@ -42,7 +42,7 @@ in {
openFilesLimit = mkOption {
default = openFilesLimit;
type = types.either types.int types.str;
- description = ''
+ description = lib.mdDoc ''
Number of files to allow deluged to open.
'';
};
@@ -60,12 +60,12 @@ in {
listen_ports = [ ${toString listenPortsDefault} ];
}
'';
- description = ''
+ description = lib.mdDoc ''
Deluge core configuration for the core.conf file. Only has an effect
- when is set to
- true. String values must be quoted, integer and
+ when {option}`services.deluge.declarative` is set to
+ `true`. String values must be quoted, integer and
boolean values must not. See
-
+
for the availaible options.
'';
};
@@ -73,12 +73,12 @@ in {
declarative = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use a declarative deluge configuration.
- Only if set to true, the options
- ,
- and
- will be
+ Only if set to `true`, the options
+ {option}`services.deluge.config`,
+ {option}`services.deluge.openFirewall` and
+ {option}`services.deluge.authFile` will be
applied.
'';
};
@@ -86,15 +86,15 @@ in {
openFirewall = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to open the firewall for the ports in
- . It only takes effet if
- is set to
- true.
+ {option}`services.deluge.config.listen_ports`. It only takes effet if
+ {option}`services.deluge.declarative` is set to
+ `true`.
It does NOT apply to the daemon port nor the web UI port. To access those
ports secuerly check the documentation
-
+
or use a VPN or configure certificates for deluge.
'';
};
@@ -102,7 +102,7 @@ in {
dataDir = mkOption {
type = types.path;
default = "/var/lib/deluge";
- description = ''
+ description = lib.mdDoc ''
The directory where deluge will create files.
'';
};
@@ -110,13 +110,13 @@ in {
authFile = mkOption {
type = types.path;
example = "/run/keys/deluge-auth";
- description = ''
+ description = lib.mdDoc ''
The file managing the authentication for deluge, the format of this
file is straightforward, each line contains a
username:password:level tuple in plaintext. It only has an effect
- when is set to
- true.
- See for
+ when {option}`services.deluge.declarative` is set to
+ `true`.
+ See for
more informations.
'';
};
@@ -124,7 +124,7 @@ in {
user = mkOption {
type = types.str;
default = "deluge";
- description = ''
+ description = lib.mdDoc ''
User account under which deluge runs.
'';
};
@@ -132,7 +132,7 @@ in {
group = mkOption {
type = types.str;
default = "deluge";
- description = ''
+ description = lib.mdDoc ''
Group under which deluge runs.
'';
};
@@ -140,7 +140,7 @@ in {
extraPackages = mkOption {
type = types.listOf types.package;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra packages available at runtime to enable Deluge's plugins. For example,
extraction utilities are required for the built-in "Extractor" plugin.
This always contains unzip, gnutar, xz and bzip2.
@@ -150,7 +150,7 @@ in {
package = mkOption {
type = types.package;
example = literalExpression "pkgs.deluge-2_x";
- description = ''
+ description = lib.mdDoc ''
Deluge package to use.
'';
};
@@ -162,7 +162,7 @@ in {
port = mkOption {
type = types.port;
default = 8112;
- description = ''
+ description = lib.mdDoc ''
Deluge web UI port.
'';
};
@@ -170,7 +170,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for deluge web daemon
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/flexget.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/flexget.nix
index e500e02d861..17d77bfae5f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/flexget.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/flexget.nix
@@ -20,34 +20,34 @@ in {
default = "deluge";
example = "some_user";
type = types.str;
- description = "The user under which to run flexget.";
+ description = lib.mdDoc "The user under which to run flexget.";
};
homeDir = mkOption {
default = "/var/lib/deluge";
example = "/home/flexget";
type = types.path;
- description = "Where files live.";
+ description = lib.mdDoc "Where files live.";
};
interval = mkOption {
default = "10m";
example = "1h";
type = types.str;
- description = "When to perform a flexget run. See man 7 systemd.time for the format.";
+ description = lib.mdDoc "When to perform a {command}`flexget` run. See {command}`man 7 systemd.time` for the format.";
};
systemScheduler = mkOption {
default = true;
example = false;
type = types.bool;
- description = "When true, execute the runs via the flexget-runner.timer. If false, you have to specify the settings yourself in the YML file.";
+ description = lib.mdDoc "When true, execute the runs via the flexget-runner.timer. If false, you have to specify the settings yourself in the YML file.";
};
config = mkOption {
default = "";
type = types.lines;
- description = "The YAML configuration for FlexGet.";
+ description = lib.mdDoc "The YAML configuration for FlexGet.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/magnetico.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/magnetico.nix
index 3dd7b1ece76..11f1c71e3f8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/magnetico.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/magnetico.nix
@@ -49,7 +49,7 @@ in {
type = types.str;
default = "0.0.0.0";
example = "1.2.3.4";
- description = ''
+ description = lib.mdDoc ''
Address to be used for indexing DHT nodes.
'';
};
@@ -57,17 +57,17 @@ in {
crawler.port = mkOption {
type = types.port;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Port to be used for indexing DHT nodes.
This port should be added to
- .
+ {option}`networking.firewall.allowedTCPPorts`.
'';
};
crawler.maxNeighbors = mkOption {
type = types.ints.positive;
default = 1000;
- description = ''
+ description = lib.mdDoc ''
Maximum number of simultaneous neighbors of an indexer.
Be careful changing this number: high values can very
easily cause your network to be congested or even crash
@@ -78,7 +78,7 @@ in {
crawler.maxLeeches = mkOption {
type = types.ints.positive;
default = 200;
- description = ''
+ description = lib.mdDoc ''
Maximum number of simultaneous leeches.
'';
};
@@ -86,7 +86,7 @@ in {
crawler.extraOptions = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra command line arguments to pass to magneticod.
'';
};
@@ -95,7 +95,7 @@ in {
type = types.str;
default = "localhost";
example = "1.2.3.4";
- description = ''
+ description = lib.mdDoc ''
Address the web interface will listen to.
'';
};
@@ -103,7 +103,7 @@ in {
web.port = mkOption {
type = types.port;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
Port the web interface will listen to.
'';
};
@@ -159,7 +159,7 @@ in {
web.extraOptions = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Extra command line arguments to pass to magneticow.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/opentracker.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/opentracker.nix
index d76d61dfe85..20b3d35a603 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/opentracker.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/opentracker.nix
@@ -9,7 +9,7 @@ in {
package = mkOption {
type = types.package;
- description = ''
+ description = lib.mdDoc ''
opentracker package to use
'';
default = pkgs.opentracker;
@@ -18,7 +18,7 @@ in {
extraOptions = mkOption {
type = types.separatedString " ";
- description = ''
+ description = lib.mdDoc ''
Configuration Arguments for opentracker
See https://erdgeist.org/arts/software/opentracker/ for all params
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/peerflix.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/peerflix.nix
index 821c829f6b4..ea74d0f8b9c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/peerflix.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/peerflix.nix
@@ -19,19 +19,19 @@ in {
options.services.peerflix = {
enable = mkOption {
- description = "Whether to enable peerflix service.";
+ description = lib.mdDoc "Whether to enable peerflix service.";
default = false;
type = types.bool;
};
stateDir = mkOption {
- description = "Peerflix state directory.";
+ description = lib.mdDoc "Peerflix state directory.";
default = "/var/lib/peerflix";
type = types.path;
};
downloadDir = mkOption {
- description = "Peerflix temporary download directory.";
+ description = lib.mdDoc "Peerflix temporary download directory.";
default = "${cfg.stateDir}/torrents";
defaultText = literalExpression ''"''${config.${opt.stateDir}}/torrents"'';
type = types.path;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/rtorrent.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/rtorrent.nix
index 759dcfe2e6c..a805e09923f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/rtorrent.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/rtorrent.nix
@@ -14,7 +14,7 @@ in {
dataDir = mkOption {
type = types.str;
default = "/var/lib/rtorrent";
- description = ''
+ description = lib.mdDoc ''
The directory where rtorrent stores its data files.
'';
};
@@ -23,7 +23,7 @@ in {
type = types.str;
default = "${cfg.dataDir}/download";
defaultText = literalExpression ''"''${config.${opt.dataDir}}/download"'';
- description = ''
+ description = lib.mdDoc ''
Where to put downloaded files.
'';
};
@@ -31,7 +31,7 @@ in {
user = mkOption {
type = types.str;
default = "rtorrent";
- description = ''
+ description = lib.mdDoc ''
User account under which rtorrent runs.
'';
};
@@ -39,7 +39,7 @@ in {
group = mkOption {
type = types.str;
default = "rtorrent";
- description = ''
+ description = lib.mdDoc ''
Group under which rtorrent runs.
'';
};
@@ -48,7 +48,7 @@ in {
type = types.package;
default = pkgs.rtorrent;
defaultText = literalExpression "pkgs.rtorrent";
- description = ''
+ description = lib.mdDoc ''
The rtorrent package to use.
'';
};
@@ -56,7 +56,7 @@ in {
port = mkOption {
type = types.port;
default = 50000;
- description = ''
+ description = lib.mdDoc ''
The rtorrent port.
'';
};
@@ -64,8 +64,8 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to open the firewall for the port in .
+ description = lib.mdDoc ''
+ Whether to open the firewall for the port in {option}`services.rtorrent.port`.
'';
};
@@ -73,7 +73,7 @@ in {
type = types.str;
readOnly = true;
default = "/run/rtorrent/rpc.sock";
- description = ''
+ description = lib.mdDoc ''
RPC socket path.
'';
};
@@ -81,8 +81,8 @@ in {
configText = mkOption {
type = types.lines;
default = "";
- description = ''
- The content of rtorrent.rc. The modernized configuration template with the values specified in this module will be prepended using mkBefore. You can use mkForce to overwrite the config completly.
+ description = lib.mdDoc ''
+ The content of {file}`rtorrent.rc`. The [modernized configuration template](https://rtorrent-docs.readthedocs.io/en/latest/cookbook.html#modernized-configuration-template) with the values specified in this module will be prepended using mkBefore. You can use mkForce to overwrite the config completly.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/transmission.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/transmission.nix
index d12d8aa2398..9777964386c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/transmission.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/torrent/transmission.nix
@@ -34,12 +34,12 @@ in
accessible to users in the "transmission" group'';
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Settings whose options overwrite fields in
- .config/transmission-daemon/settings.json
+ `.config/transmission-daemon/settings.json`
(each time the service starts).
- See Transmission's Wiki
+ See [Transmission's Wiki](https://github.com/transmission/transmission/wiki/Editing-Configuration-Files)
for documentation of settings not explicitely covered by this module.
'';
default = {};
@@ -49,7 +49,7 @@ in
type = types.path;
default = "${cfg.home}/${downloadsDir}";
defaultText = literalExpression ''"''${config.${opt.home}}/${downloadsDir}"'';
- description = "Directory where to download torrents.";
+ description = lib.mdDoc "Directory where to download torrents.";
};
options.incomplete-dir = mkOption {
type = types.path;
@@ -72,12 +72,12 @@ in
options.message-level = mkOption {
type = types.ints.between 0 3;
default = 2;
- description = "Set verbosity of transmission messages.";
+ description = lib.mdDoc "Set verbosity of transmission messages.";
};
options.peer-port = mkOption {
type = types.port;
default = 51413;
- description = "The peer port to listen for incoming connections.";
+ description = lib.mdDoc "The peer port to listen for incoming connections.";
};
options.peer-port-random-high = mkOption {
type = types.port;
@@ -98,7 +98,7 @@ in
options.peer-port-random-on-start = mkOption {
type = types.bool;
default = false;
- description = "Randomize the peer port.";
+ description = lib.mdDoc "Randomize the peer port.";
};
options.rpc-bind-address = mkOption {
type = types.str;
@@ -112,7 +112,7 @@ in
options.rpc-port = mkOption {
type = types.port;
default = 9091;
- description = "The RPC port to listen to.";
+ description = lib.mdDoc "The RPC port to listen to.";
};
options.script-torrent-done-enabled = mkOption {
type = types.bool;
@@ -126,12 +126,12 @@ in
options.script-torrent-done-filename = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Executable to be run at torrent completion.";
+ description = lib.mdDoc "Executable to be run at torrent completion.";
};
options.umask = mkOption {
type = types.int;
default = 2;
- description = ''
+ description = lib.mdDoc ''
Sets transmission's file mode creation mask.
See the umask(2) manpage for more information.
Users who want their saved torrents to be world-writable
@@ -143,15 +143,15 @@ in
options.utp-enabled = mkOption {
type = types.bool;
default = true;
- description = ''
- Whether to enable Micro Transport Protocol (µTP).
+ description = lib.mdDoc ''
+ Whether to enable [Micro Transport Protocol (µTP)](http://en.wikipedia.org/wiki/Micro_Transport_Protocol).
'';
};
options.watch-dir = mkOption {
type = types.path;
default = "${cfg.home}/${watchDir}";
defaultText = literalExpression ''"''${config.${opt.home}}/${watchDir}"'';
- description = "Watch a directory for torrent files and add them to transmission.";
+ description = lib.mdDoc "Watch a directory for torrent files and add them to transmission.";
};
options.watch-dir-enabled = mkOption {
type = types.bool;
@@ -200,13 +200,13 @@ in
user = mkOption {
type = types.str;
default = "transmission";
- description = "User account under which Transmission runs.";
+ description = lib.mdDoc "User account under which Transmission runs.";
};
group = mkOption {
type = types.str;
default = "transmission";
- description = "Group account under which Transmission runs.";
+ description = lib.mdDoc "Group account under which Transmission runs.";
};
credentialsFile = mkOption {
@@ -224,7 +224,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "--log-debug" ];
- description = ''
+ description = lib.mdDoc ''
Extra flags passed to the transmission command in the service definition.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/tracing/tempo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/tracing/tempo.nix
new file mode 100644
index 00000000000..201f850656d
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/tracing/tempo.nix
@@ -0,0 +1,68 @@
+{ config, lib, pkgs, ... }:
+
+let
+ inherit (lib) mkEnableOption mkIf mkOption types;
+
+ cfg = config.services.tempo;
+
+ settingsFormat = pkgs.formats.yaml {};
+in {
+ options.services.tempo = {
+ enable = mkEnableOption "Grafana Tempo";
+
+ settings = mkOption {
+ type = settingsFormat.type;
+ default = {};
+ description = lib.mdDoc ''
+ Specify the configuration for Tempo in Nix.
+
+ See https://grafana.com/docs/tempo/latest/configuration/ for available options.
+ '';
+ };
+
+ configFile = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ description = lib.mdDoc ''
+ Specify a path to a configuration file that Tempo should use.
+ '';
+ };
+ };
+
+ config = mkIf cfg.enable {
+ # for tempo-cli and friends
+ environment.systemPackages = [ pkgs.tempo ];
+
+ assertions = [{
+ assertion = (
+ (cfg.settings == {}) != (cfg.configFile == null)
+ );
+ message = ''
+ Please specify a configuration for Tempo with either
+ 'services.tempo.settings' or
+ 'services.tempo.configFile'.
+ '';
+ }];
+
+ systemd.services.tempo = {
+ description = "Grafana Tempo Service Daemon";
+ wantedBy = [ "multi-user.target" ];
+
+ serviceConfig = let
+ conf = if cfg.configFile == null
+ then settingsFormat.generate "config.yaml" cfg.settings
+ else cfg.configFile;
+ in
+ {
+ ExecStart = "${pkgs.tempo}/bin/tempo --config.file=${conf}";
+ DynamicUser = true;
+ Restart = "always";
+ ProtectSystem = "full";
+ DevicePolicy = "closed";
+ NoNewPrivileges = true;
+ WorkingDirectory = "/var/lib/tempo";
+ StateDirectory = "tempo";
+ };
+ };
+ };
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/getty.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/getty.nix
index 7021a2c80f8..d2bebb9c245 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/getty.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/getty.nix
@@ -34,7 +34,7 @@ in
autologinUser = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Username of the account that will be automatically logged in at the console.
If unspecified, a login prompt is shown as usual.
'';
@@ -44,7 +44,7 @@ in
type = types.path;
default = "${pkgs.shadow}/bin/login";
defaultText = literalExpression ''"''${pkgs.shadow}/bin/login"'';
- description = ''
+ description = lib.mdDoc ''
Path to the login binary executed by agetty.
'';
};
@@ -69,7 +69,7 @@ in
extraArgs = mkOption {
type = types.listOf types.str;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Additional arguments passed to agetty.
'';
example = [ "--nohostname" ];
@@ -77,7 +77,7 @@ in
greetingLine = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Welcome line printed by agetty.
The default shows current NixOS version label, machine type and tty.
'';
@@ -86,7 +86,7 @@ in
helpLine = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Help line printed by agetty below the welcome line.
Used by the installation CD to give some hints on
how to proceed.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/gpm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/gpm.nix
index 308a6d3643a..378f6b17732 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/gpm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/gpm.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable GPM, the General Purpose Mouse daemon,
which enables mouse support in virtual consoles.
'';
@@ -28,7 +28,7 @@ in
protocol = mkOption {
type = types.str;
default = "ps/2";
- description = "Mouse protocol to use.";
+ description = lib.mdDoc "Mouse protocol to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/kmscon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/kmscon.nix
index e02ab3cb6b3..f5a8d8b104d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/kmscon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/ttys/kmscon.nix
@@ -11,7 +11,7 @@ in {
options = {
services.kmscon = {
enable = mkOption {
- description = ''
+ description = lib.mdDoc ''
Use kmscon as the virtual console instead of gettys.
kmscon is a kms/dri-based userspace virtual terminal implementation.
It supports a richer feature set than the standard linux console VT,
@@ -23,33 +23,33 @@ in {
};
hwRender = mkOption {
- description = "Whether to use 3D hardware acceleration to render the console.";
+ description = lib.mdDoc "Whether to use 3D hardware acceleration to render the console.";
type = types.bool;
default = false;
};
fonts = mkOption {
- description = "Fonts used by kmscon, in order of priority.";
+ description = lib.mdDoc "Fonts used by kmscon, in order of priority.";
default = null;
example = lib.literalExpression ''[ { name = "Source Code Pro"; package = pkgs.source-code-pro; } ]'';
type = with types;
let fontType = submodule {
options = {
- name = mkOption { type = str; description = "Font name, as used by fontconfig."; };
- package = mkOption { type = package; description = "Package providing the font."; };
+ name = mkOption { type = str; description = lib.mdDoc "Font name, as used by fontconfig."; };
+ package = mkOption { type = package; description = lib.mdDoc "Package providing the font."; };
};
}; in nullOr (nonEmptyListOf fontType);
};
extraConfig = mkOption {
- description = "Extra contents of the kmscon.conf file.";
+ description = lib.mdDoc "Extra contents of the kmscon.conf file.";
type = types.lines;
default = "";
example = "font-size=14";
};
extraOptions = mkOption {
- description = "Extra flags to pass to kmscon.";
+ description = lib.mdDoc "Extra flags to pass to kmscon.";
type = types.separatedString " ";
default = "";
example = "--term xterm-256color";
@@ -58,7 +58,7 @@ in {
autologinUser = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Username of the account that will be automatically logged in at the console.
If unspecified, a login prompt is shown as usual.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/epgstation/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/epgstation/default.nix
index 191f6eb52e5..51f71389263 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/epgstation/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/epgstation/default.nix
@@ -84,17 +84,17 @@ in
default = pkgs.epgstation;
type = lib.types.package;
defaultText = lib.literalExpression "pkgs.epgstation";
- description = "epgstation package to use";
+ description = lib.mdDoc "epgstation package to use";
};
usePreconfiguredStreaming = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Use preconfigured default streaming options.
Upstream defaults:
-
+
'';
};
@@ -118,7 +118,7 @@ in
name = lib.mkOption {
type = lib.types.str;
default = "epgstation";
- description = ''
+ description = lib.mdDoc ''
Name of the MySQL database that holds EPGStation's data.
'';
};
@@ -126,9 +126,9 @@ in
passwordFile = lib.mkOption {
type = lib.types.path;
example = "/run/keys/epgstation-db-password";
- description = ''
+ description = lib.mdDoc ''
A file containing the password for the database named
- .
+ {option}`database.name`.
'';
};
};
@@ -144,11 +144,11 @@ in
# configure them according to their needs. In these cases, the value in the
# upstream template configuration should serve as a "good enough" default.
settings = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Options to add to config.yml.
Documentation:
-
+
'';
default = { };
@@ -163,7 +163,7 @@ in
options.port = lib.mkOption {
type = lib.types.port;
default = 20772;
- description = ''
+ description = lib.mdDoc ''
HTTP port for EPGStation to listen on.
'';
};
@@ -172,9 +172,9 @@ in
type = lib.types.port;
default = cfg.settings.port + 1;
defaultText = lib.literalExpression "config.${opt.settings}.port + 1";
- description = ''
+ description = lib.mdDoc ''
Socket.io port for EPGStation to listen on. It is valid to share
- ports with .
+ ports with {option}`${opt.settings}.port`.
'';
};
@@ -182,9 +182,9 @@ in
type = lib.types.port;
default = cfg.settings.socketioPort;
defaultText = lib.literalExpression "config.${opt.settings}.socketioPort";
- description = ''
+ description = lib.mdDoc ''
Socket.io port that the web client is going to connect to. This may
- be different from if
+ be different from {option}`${opt.settings}.socketioPort` if
EPGStation is hidden behind a reverse proxy.
'';
};
@@ -196,13 +196,13 @@ in
"http+unix://''${lib.replaceStrings ["/"] ["%2F"] config.${option}}"
'';
example = "http://localhost:40772";
- description = "URL to connect to Mirakurun.";
+ description = lib.mdDoc "URL to connect to Mirakurun.";
};
options.encodeProcessNum = lib.mkOption {
type = lib.types.ints.positive;
default = 4;
- description = ''
+ description = lib.mdDoc ''
The maximum number of processes that EPGStation would allow to run
at the same time for encoding or streaming videos.
'';
@@ -211,7 +211,7 @@ in
options.concurrentEncodeNum = lib.mkOption {
type = lib.types.ints.positive;
default = 1;
- description = ''
+ description = lib.mdDoc ''
The maximum number of encoding jobs that EPGStation would run at the
same time.
'';
@@ -219,7 +219,7 @@ in
options.encode = lib.mkOption {
type = with lib.types; listOf attrs;
- description = "Encoding presets for recorded videos.";
+ description = lib.mdDoc "Encoding presets for recorded videos.";
default = [
{
name = "H.264";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/mirakurun.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/mirakurun.nix
index 35303b2332c..90119361afa 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/mirakurun.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/mirakurun.nix
@@ -29,8 +29,8 @@ in
port = mkOption {
type = with types; nullOr port;
default = 40772;
- description = ''
- Port to listen on. If null, it won't listen on
+ description = lib.mdDoc ''
+ Port to listen on. If `null`, it won't listen on
any port.
'';
};
@@ -54,8 +54,8 @@ in
unixSocket = mkOption {
type = with types; nullOr path;
default = "/var/run/mirakurun/mirakurun.sock";
- description = ''
- Path to unix socket to listen on. If null, it
+ description = lib.mdDoc ''
+ Path to unix socket to listen on. If `null`, it
won't listen on any unix sockets.
'';
};
@@ -63,7 +63,7 @@ in
allowSmartCardAccess = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Install polkit rules to allow Mirakurun to access smart card readers
which is commonly used along with tuner devices.
'';
@@ -78,11 +78,11 @@ in
overflowTimeLimit = 30000;
};
'';
- description = ''
+ description = lib.mdDoc ''
Options for server.yml.
Documentation:
-
+
'';
};
@@ -98,12 +98,12 @@ in
}
];
'';
- description = ''
+ description = lib.mdDoc ''
Options which are added to tuners.yml. If none is specified, it will
automatically be generated at runtime.
Documentation:
-
+
'';
};
@@ -119,12 +119,12 @@ in
}
];
'';
- description = ''
+ description = lib.mdDoc ''
Options which are added to channels.yml. If none is specified, it
will automatically be generated at runtime.
Documentation:
-
+
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/replay-sorcery.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/replay-sorcery.nix
index abe7202a4a8..f3cecfc248c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/replay-sorcery.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/replay-sorcery.nix
@@ -19,13 +19,13 @@ in
autoStart = mkOption {
type = bool;
default = false;
- description = "Automatically start ReplaySorcery when graphical-session.target starts.";
+ description = lib.mdDoc "Automatically start ReplaySorcery when graphical-session.target starts.";
};
settings = mkOption {
type = attrsOf (oneOf [ str int ]);
default = {};
- description = "System-wide configuration for ReplaySorcery (/etc/replay-sorcery.conf).";
+ description = lib.mdDoc "System-wide configuration for ReplaySorcery (/etc/replay-sorcery.conf).";
example = literalExpression ''
{
videoInput = "hwaccel"; # requires `services.replay-sorcery.enableSysAdminCapability = true`
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/rtsp-simple-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/rtsp-simple-server.nix
index 644b1945a1e..db6f0441bbf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/rtsp-simple-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/rtsp-simple-server.nix
@@ -13,9 +13,9 @@ in
enable = mkEnableOption "RTSP Simple Server";
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Settings for rtsp-simple-server.
- Read more at
+ Read more at
'';
type = format.type;
@@ -40,7 +40,7 @@ in
env = mkOption {
type = with types; attrsOf anything;
- description = "Extra environment variables for RTSP Simple Server";
+ description = lib.mdDoc "Extra environment variables for RTSP Simple Server";
default = {};
example = {
RTSP_CONFKEY = "mykey";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/unifi-video.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/unifi-video.nix
index 11d9fe30547..fcc3cb02a1b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/unifi-video.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/video/unifi-video.nix
@@ -98,7 +98,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether or not to enable the unifi-video service.
'';
};
@@ -107,7 +107,7 @@ in
type = types.package;
default = pkgs.jre8;
defaultText = literalExpression "pkgs.jre8";
- description = ''
+ description = lib.mdDoc ''
The JRE package to use. Check the release notes to ensure it is supported.
'';
};
@@ -116,7 +116,7 @@ in
type = types.package;
default = pkgs.unifi-video;
defaultText = literalExpression "pkgs.unifi-video";
- description = ''
+ description = lib.mdDoc ''
The unifi-video package to use.
'';
};
@@ -125,7 +125,7 @@ in
type = types.package;
default = pkgs.mongodb-4_0;
defaultText = literalExpression "pkgs.mongodb";
- description = ''
+ description = lib.mdDoc ''
The mongodb package to use.
'';
};
@@ -133,7 +133,7 @@ in
logDir = mkOption {
type = types.str;
default = "${stateDir}/logs";
- description = ''
+ description = lib.mdDoc ''
Where to store the logs.
'';
};
@@ -141,7 +141,7 @@ in
dataDir = mkOption {
type = types.str;
default = "${stateDir}/data";
- description = ''
+ description = lib.mdDoc ''
Where to store the database and other data.
'';
};
@@ -149,7 +149,7 @@ in
openFirewall = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether or not to open the required ports on the firewall.
'';
};
@@ -158,7 +158,7 @@ in
type = types.nullOr types.int;
default = 1024;
example = 4096;
- description = ''
+ description = lib.mdDoc ''
Set the maximimum heap size for the JVM in MB.
'';
};
@@ -167,7 +167,7 @@ in
type = types.path;
default = "${cfg.dataDir}/unifi-video.pid";
defaultText = literalExpression ''"''${config.${opt.dataDir}}/unifi-video.pid"'';
- description = "Location of unifi-video pid file.";
+ description = lib.mdDoc "Location of unifi-video pid file.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/wayland/cage.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/wayland/cage.nix
index b818f5c463a..c7accc5f9e1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/wayland/cage.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/wayland/cage.nix
@@ -10,7 +10,7 @@ in {
options.services.cage.user = mkOption {
type = types.str;
default = "demo";
- description = ''
+ description = lib.mdDoc ''
User to log-in as.
'';
};
@@ -19,7 +19,7 @@ in {
type = types.listOf types.str;
default = [];
defaultText = literalExpression "[]";
- description = "Additional command line arguments to pass to Cage.";
+ description = lib.mdDoc "Additional command line arguments to pass to Cage.";
example = ["-d"];
};
@@ -27,7 +27,7 @@ in {
type = types.path;
default = "${pkgs.xterm}/bin/xterm";
defaultText = literalExpression ''"''${pkgs.xterm}/bin/xterm"'';
- description = ''
+ description = lib.mdDoc ''
Program to run in cage.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/confluence.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/confluence.nix
index 28491fb3a4e..6c5de3fbe4b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/confluence.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/confluence.nix
@@ -8,21 +8,22 @@ let
pkg = cfg.package.override (optionalAttrs cfg.sso.enable {
enableSSO = cfg.sso.enable;
- crowdProperties = ''
- application.name ${cfg.sso.applicationName}
- application.password ${cfg.sso.applicationPassword}
- application.login.url ${cfg.sso.crowd}/console/
-
- crowd.server.url ${cfg.sso.crowd}/services/
- crowd.base.url ${cfg.sso.crowd}/
-
- session.isauthenticated session.isauthenticated
- session.tokenkey session.tokenkey
- session.validationinterval ${toString cfg.sso.validationInterval}
- session.lastvalidation session.lastvalidation
- '';
});
+ crowdProperties = pkgs.writeText "crowd.properties" ''
+ application.name ${cfg.sso.applicationName}
+ application.password ${if cfg.sso.applicationPassword != null then cfg.sso.applicationPassword else "@NIXOS_CONFLUENCE_CROWD_SSO_PWD@"}
+ application.login.url ${cfg.sso.crowd}/console/
+
+ crowd.server.url ${cfg.sso.crowd}/services/
+ crowd.base.url ${cfg.sso.crowd}/
+
+ session.isauthenticated session.isauthenticated
+ session.tokenkey session.tokenkey
+ session.validationinterval ${toString cfg.sso.validationInterval}
+ session.lastvalidation session.lastvalidation
+ '';
+
in
{
@@ -33,38 +34,38 @@ in
user = mkOption {
type = types.str;
default = "confluence";
- description = "User which runs confluence.";
+ description = lib.mdDoc "User which runs confluence.";
};
group = mkOption {
type = types.str;
default = "confluence";
- description = "Group which runs confluence.";
+ description = lib.mdDoc "Group which runs confluence.";
};
home = mkOption {
type = types.str;
default = "/var/lib/confluence";
- description = "Home directory of the confluence instance.";
+ description = lib.mdDoc "Home directory of the confluence instance.";
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Address to listen on.";
+ description = lib.mdDoc "Address to listen on.";
};
listenPort = mkOption {
type = types.int;
default = 8090;
- description = "Port to listen on.";
+ description = lib.mdDoc "Port to listen on.";
};
catalinaOptions = mkOption {
type = types.listOf types.str;
default = [];
example = [ "-Xms1024m" "-Xmx2048m" "-Dconfluence.disable.peopledirectory.all=true" ];
- description = "Java options to pass to catalina/tomcat.";
+ description = lib.mdDoc "Java options to pass to catalina/tomcat.";
};
proxy = {
@@ -73,21 +74,21 @@ in
name = mkOption {
type = types.str;
example = "confluence.example.com";
- description = "Virtual hostname at the proxy";
+ description = lib.mdDoc "Virtual hostname at the proxy";
};
port = mkOption {
type = types.int;
default = 443;
example = 80;
- description = "Port used at the proxy";
+ description = lib.mdDoc "Port used at the proxy";
};
scheme = mkOption {
type = types.str;
default = "https";
example = "http";
- description = "Protocol used at the proxy.";
+ description = lib.mdDoc "Protocol used at the proxy.";
};
};
@@ -97,25 +98,32 @@ in
crowd = mkOption {
type = types.str;
example = "http://localhost:8095/crowd";
- description = "Crowd Base URL without trailing slash";
+ description = lib.mdDoc "Crowd Base URL without trailing slash";
};
applicationName = mkOption {
type = types.str;
example = "jira";
- description = "Exact name of this Confluence instance in Crowd";
+ description = lib.mdDoc "Exact name of this Confluence instance in Crowd";
};
applicationPassword = mkOption {
- type = types.str;
- description = "Application password of this Confluence instance in Crowd";
+ type = types.nullOr types.str;
+ default = null;
+ description = lib.mdDoc "Application password of this Confluence instance in Crowd";
+ };
+
+ applicationPasswordFile = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ description = lib.mdDoc "Path to the application password for Crowd of Confluence.";
};
validationInterval = mkOption {
type = types.int;
default = 2;
example = 0;
- description = ''
+ description = lib.mdDoc ''
Set to 0, if you want authentication checks to occur on each
request. Otherwise set to the number of minutes between request
to validate if the user is logged in or out of the Crowd SSO
@@ -129,14 +137,14 @@ in
type = types.package;
default = pkgs.atlassian-confluence;
defaultText = literalExpression "pkgs.atlassian-confluence";
- description = "Atlassian Confluence package to use.";
+ description = lib.mdDoc "Atlassian Confluence package to use.";
};
jrePackage = mkOption {
type = types.package;
default = pkgs.oraclejre8;
defaultText = literalExpression "pkgs.oraclejre8";
- description = "Note that Atlassian only support the Oracle JRE (JRASERVER-46152).";
+ description = lib.mdDoc "Note that Atlassian only support the Oracle JRE (JRASERVER-46152).";
};
};
};
@@ -147,6 +155,16 @@ in
group = cfg.group;
};
+ assertions = [
+ { assertion = cfg.sso.enable -> ((cfg.sso.applicationPassword == null) != (cfg.sso.applicationPasswordFile));
+ message = "Please set either applicationPassword or applicationPasswordFile";
+ }
+ ];
+
+ warnings = mkIf (cfg.sso.enable && cfg.sso.applicationPassword != null) [
+ "Using `services.confluence.sso.applicationPassword` is deprecated! Use `applicationPasswordFile` instead!"
+ ];
+
users.groups.${cfg.group} = {};
systemd.tmpfiles.rules = [
@@ -173,6 +191,7 @@ in
CONF_USER = cfg.user;
JAVA_HOME = "${cfg.jrePackage}";
CATALINA_OPTS = concatStringsSep " " cfg.catalinaOptions;
+ JAVA_OPTS = mkIf cfg.sso.enable "-Dcrowd.properties=${cfg.home}/crowd.properties";
};
preStart = ''
@@ -183,6 +202,16 @@ in
-e 's,protocol="org.apache.coyote.http11.Http11NioProtocol",protocol="org.apache.coyote.http11.Http11NioProtocol" proxyName="${cfg.proxy.name}" proxyPort="${toString cfg.proxy.port}" scheme="${cfg.proxy.scheme}",' \
'') + ''
${pkg}/conf/server.xml.dist > ${cfg.home}/server.xml
+
+ ${optionalString cfg.sso.enable ''
+ install -m660 ${crowdProperties} ${cfg.home}/crowd.properties
+ ${optionalString (cfg.sso.applicationPasswordFile != null) ''
+ ${pkgs.replace-secret}/bin/replace-secret \
+ '@NIXOS_CONFLUENCE_CROWD_SSO_PWD@' \
+ ${cfg.sso.applicationPasswordFile} \
+ ${cfg.home}/crowd.properties
+ ''}
+ ''}
'';
serviceConfig = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/crowd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/crowd.nix
index 79306541b85..abe3a8bdb22 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/crowd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/crowd.nix
@@ -14,6 +14,21 @@ let
proxyUrl = "${cfg.proxy.scheme}://${cfg.proxy.name}:${toString cfg.proxy.port}";
});
+ crowdPropertiesFile = pkgs.writeText "crowd.properties" ''
+ application.name crowd-openid-server
+ application.password @NIXOS_CROWD_OPENID_PW@
+ application.base.url http://localhost:${toString cfg.listenPort}/openidserver
+ application.login.url http://localhost:${toString cfg.listenPort}/openidserver
+ application.login.url.template http://localhost:${toString cfg.listenPort}/openidserver?returnToUrl=''${RETURN_TO_URL}
+
+ crowd.server.url http://localhost:${toString cfg.listenPort}/crowd/services/
+
+ session.isauthenticated session.isauthenticated
+ session.tokenkey session.tokenkey
+ session.validationinterval 0
+ session.lastvalidation session.lastvalidation
+ '';
+
in
{
@@ -24,43 +39,50 @@ in
user = mkOption {
type = types.str;
default = "crowd";
- description = "User which runs Crowd.";
+ description = lib.mdDoc "User which runs Crowd.";
};
group = mkOption {
type = types.str;
default = "crowd";
- description = "Group which runs Crowd.";
+ description = lib.mdDoc "Group which runs Crowd.";
};
home = mkOption {
type = types.str;
default = "/var/lib/crowd";
- description = "Home directory of the Crowd instance.";
+ description = lib.mdDoc "Home directory of the Crowd instance.";
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Address to listen on.";
+ description = lib.mdDoc "Address to listen on.";
};
listenPort = mkOption {
type = types.int;
default = 8092;
- description = "Port to listen on.";
+ description = lib.mdDoc "Port to listen on.";
};
openidPassword = mkOption {
type = types.str;
- description = "Application password for OpenID server.";
+ default = "WILL_NEVER_BE_SET";
+ description = lib.mdDoc "Application password for OpenID server.";
+ };
+
+ openidPasswordFile = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ description = lib.mdDoc "Path to the file containing the application password for OpenID server.";
};
catalinaOptions = mkOption {
type = types.listOf types.str;
default = [];
example = [ "-Xms1024m" "-Xmx2048m" ];
- description = "Java options to pass to catalina/tomcat.";
+ description = lib.mdDoc "Java options to pass to catalina/tomcat.";
};
proxy = {
@@ -69,27 +91,27 @@ in
name = mkOption {
type = types.str;
example = "crowd.example.com";
- description = "Virtual hostname at the proxy";
+ description = lib.mdDoc "Virtual hostname at the proxy";
};
port = mkOption {
type = types.int;
default = 443;
example = 80;
- description = "Port used at the proxy";
+ description = lib.mdDoc "Port used at the proxy";
};
scheme = mkOption {
type = types.str;
default = "https";
example = "http";
- description = "Protocol used at the proxy.";
+ description = lib.mdDoc "Protocol used at the proxy.";
};
secure = mkOption {
type = types.bool;
default = true;
- description = "Whether the connections to the proxy should be considered secure.";
+ description = lib.mdDoc "Whether the connections to the proxy should be considered secure.";
};
};
@@ -97,14 +119,14 @@ in
type = types.package;
default = pkgs.atlassian-crowd;
defaultText = literalExpression "pkgs.atlassian-crowd";
- description = "Atlassian Crowd package to use.";
+ description = lib.mdDoc "Atlassian Crowd package to use.";
};
jrePackage = mkOption {
type = types.package;
default = pkgs.oraclejre8;
defaultText = literalExpression "pkgs.oraclejre8";
- description = "Note that Atlassian only support the Oracle JRE (JRASERVER-46152).";
+ description = lib.mdDoc "Note that Atlassian only support the Oracle JRE (JRASERVER-46152).";
};
};
};
@@ -140,6 +162,7 @@ in
JAVA_HOME = "${cfg.jrePackage}";
CATALINA_OPTS = concatStringsSep " " cfg.catalinaOptions;
CATALINA_TMPDIR = "/tmp";
+ JAVA_OPTS = mkIf (cfg.openidPasswordFile != null) "-Dcrowd.properties=${cfg.home}/crowd.properties";
};
preStart = ''
@@ -151,6 +174,14 @@ in
-e 's,compression="on",compression="off" protocol="HTTP/1.1" proxyName="${cfg.proxy.name}" proxyPort="${toString cfg.proxy.port}" scheme="${cfg.proxy.scheme}" secure="${boolToString cfg.proxy.secure}",' \
'') + ''
${pkg}/apache-tomcat/conf/server.xml.dist > ${cfg.home}/server.xml
+
+ ${optionalString (cfg.openidPasswordFile != null) ''
+ install -m660 ${crowdPropertiesFile} ${cfg.home}/crowd.properties
+ ${pkgs.replace-secret}/bin/replace-secret \
+ '@NIXOS_CROWD_OPENID_PW@' \
+ ${cfg.openidPasswordFile} \
+ ${cfg.home}/crowd.properties
+ ''}
'';
serviceConfig = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/jira.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/jira.nix
index bc0bf43522e..5d62160ffb1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/jira.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/atlassian/jira.nix
@@ -8,21 +8,22 @@ let
pkg = cfg.package.override (optionalAttrs cfg.sso.enable {
enableSSO = cfg.sso.enable;
- crowdProperties = ''
- application.name ${cfg.sso.applicationName}
- application.password ${cfg.sso.applicationPassword}
- application.login.url ${cfg.sso.crowd}/console/
-
- crowd.server.url ${cfg.sso.crowd}/services/
- crowd.base.url ${cfg.sso.crowd}/
-
- session.isauthenticated session.isauthenticated
- session.tokenkey session.tokenkey
- session.validationinterval ${toString cfg.sso.validationInterval}
- session.lastvalidation session.lastvalidation
- '';
});
+ crowdProperties = pkgs.writeText "crowd.properties" ''
+ application.name ${cfg.sso.applicationName}
+ application.password @NIXOS_JIRA_CROWD_SSO_PWD@
+ application.login.url ${cfg.sso.crowd}/console/
+
+ crowd.server.url ${cfg.sso.crowd}/services/
+ crowd.base.url ${cfg.sso.crowd}/
+
+ session.isauthenticated session.isauthenticated
+ session.tokenkey session.tokenkey
+ session.validationinterval ${toString cfg.sso.validationInterval}
+ session.lastvalidation session.lastvalidation
+ '';
+
in
{
@@ -33,38 +34,38 @@ in
user = mkOption {
type = types.str;
default = "jira";
- description = "User which runs JIRA.";
+ description = lib.mdDoc "User which runs JIRA.";
};
group = mkOption {
type = types.str;
default = "jira";
- description = "Group which runs JIRA.";
+ description = lib.mdDoc "Group which runs JIRA.";
};
home = mkOption {
type = types.str;
default = "/var/lib/jira";
- description = "Home directory of the JIRA instance.";
+ description = lib.mdDoc "Home directory of the JIRA instance.";
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Address to listen on.";
+ description = lib.mdDoc "Address to listen on.";
};
listenPort = mkOption {
type = types.int;
default = 8091;
- description = "Port to listen on.";
+ description = lib.mdDoc "Port to listen on.";
};
catalinaOptions = mkOption {
type = types.listOf types.str;
default = [];
example = [ "-Xms1024m" "-Xmx2048m" ];
- description = "Java options to pass to catalina/tomcat.";
+ description = lib.mdDoc "Java options to pass to catalina/tomcat.";
};
proxy = {
@@ -73,27 +74,27 @@ in
name = mkOption {
type = types.str;
example = "jira.example.com";
- description = "Virtual hostname at the proxy";
+ description = lib.mdDoc "Virtual hostname at the proxy";
};
port = mkOption {
type = types.int;
default = 443;
example = 80;
- description = "Port used at the proxy";
+ description = lib.mdDoc "Port used at the proxy";
};
scheme = mkOption {
type = types.str;
default = "https";
example = "http";
- description = "Protocol used at the proxy.";
+ description = lib.mdDoc "Protocol used at the proxy.";
};
secure = mkOption {
type = types.bool;
default = true;
- description = "Whether the connections to the proxy should be considered secure.";
+ description = lib.mdDoc "Whether the connections to the proxy should be considered secure.";
};
};
@@ -103,25 +104,25 @@ in
crowd = mkOption {
type = types.str;
example = "http://localhost:8095/crowd";
- description = "Crowd Base URL without trailing slash";
+ description = lib.mdDoc "Crowd Base URL without trailing slash";
};
applicationName = mkOption {
type = types.str;
example = "jira";
- description = "Exact name of this JIRA instance in Crowd";
+ description = lib.mdDoc "Exact name of this JIRA instance in Crowd";
};
- applicationPassword = mkOption {
+ applicationPasswordFile = mkOption {
type = types.str;
- description = "Application password of this JIRA instance in Crowd";
+ description = lib.mdDoc "Path to the file containing the application password of this JIRA instance in Crowd";
};
validationInterval = mkOption {
type = types.int;
default = 2;
example = 0;
- description = ''
+ description = lib.mdDoc ''
Set to 0, if you want authentication checks to occur on each
request. Otherwise set to the number of minutes between request
to validate if the user is logged in or out of the Crowd SSO
@@ -135,14 +136,14 @@ in
type = types.package;
default = pkgs.atlassian-jira;
defaultText = literalExpression "pkgs.atlassian-jira";
- description = "Atlassian JIRA package to use.";
+ description = lib.mdDoc "Atlassian JIRA package to use.";
};
jrePackage = mkOption {
type = types.package;
default = pkgs.oraclejre8;
defaultText = literalExpression "pkgs.oraclejre8";
- description = "Note that Atlassian only support the Oracle JRE (JRASERVER-46152).";
+ description = lib.mdDoc "Note that Atlassian only support the Oracle JRE (JRASERVER-46152).";
};
};
};
@@ -181,6 +182,7 @@ in
JIRA_HOME = cfg.home;
JAVA_HOME = "${cfg.jrePackage}";
CATALINA_OPTS = concatStringsSep " " cfg.catalinaOptions;
+ JAVA_OPTS = mkIf cfg.sso.enable "-Dcrowd.properties=${cfg.home}/crowd.properties";
};
preStart = ''
@@ -191,6 +193,14 @@ in
-e 's,protocol="HTTP/1.1",protocol="HTTP/1.1" proxyName="${cfg.proxy.name}" proxyPort="${toString cfg.proxy.port}" scheme="${cfg.proxy.scheme}" secure="${toString cfg.proxy.secure}",' \
'') + ''
${pkg}/conf/server.xml.dist > ${cfg.home}/server.xml
+
+ ${optionalString cfg.sso.enable ''
+ install -m660 ${crowdProperties} ${cfg.home}/crowd.properties
+ ${pkgs.replace-secret}/bin/replace-secret \
+ '@NIXOS_JIRA_CROWD_SSO_PWD@' \
+ ${cfg.sso.applicationPasswordFile} \
+ ${cfg.home}/crowd.properties
+ ''}
'';
serviceConfig = {
@@ -204,4 +214,10 @@ in
};
};
};
+
+ imports = [
+ (mkRemovedOptionModule [ "services" "jira" "sso" "applicationPassword" ] ''
+ Use `applicationPasswordFile` instead!
+ '')
+ ];
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/baget.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/baget.nix
index 3007dd4fbb2..dd70d462d57 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/baget.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/baget.nix
@@ -58,7 +58,7 @@ in
apiKeyFile = mkOption {
type = types.path;
example = "/root/baget.key";
- description = ''
+ description = lib.mdDoc ''
Private API key for BaGet.
'';
};
@@ -112,8 +112,8 @@ in
};
}
'';
- description = ''
- Extra configuration options for BaGet. Refer to for details.
+ description = lib.mdDoc ''
+ Extra configuration options for BaGet. Refer to for details.
Default value is merged with values from here.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/calibre-web.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/calibre-web.nix
index 704cd2cfa8a..6bcf733452b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/calibre-web.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/calibre-web.nix
@@ -14,7 +14,7 @@ in
ip = mkOption {
type = types.str;
default = "::1";
- description = ''
+ description = lib.mdDoc ''
IP address that Calibre-Web should listen on.
'';
};
@@ -22,7 +22,7 @@ in
port = mkOption {
type = types.port;
default = 8083;
- description = ''
+ description = lib.mdDoc ''
Listen port for Calibre-Web.
'';
};
@@ -31,27 +31,27 @@ in
dataDir = mkOption {
type = types.str;
default = "calibre-web";
- description = ''
- The directory below /var/lib where Calibre-Web stores its data.
+ description = lib.mdDoc ''
+ The directory below {file}`/var/lib` where Calibre-Web stores its data.
'';
};
user = mkOption {
type = types.str;
default = "calibre-web";
- description = "User account under which Calibre-Web runs.";
+ description = lib.mdDoc "User account under which Calibre-Web runs.";
};
group = mkOption {
type = types.str;
default = "calibre-web";
- description = "Group account under which Calibre-Web runs.";
+ description = lib.mdDoc "Group account under which Calibre-Web runs.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the server.
'';
};
@@ -60,7 +60,7 @@ in
calibreLibrary = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to Calibre library.
'';
};
@@ -68,7 +68,7 @@ in
enableBookConversion = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Configure path to the Calibre's ebook-convert in the DB.
'';
};
@@ -76,7 +76,7 @@ in
enableBookUploading = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow books to be uploaded via Calibre-Web UI.
'';
};
@@ -85,7 +85,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable authorization using auth proxy.
'';
};
@@ -93,7 +93,7 @@ in
header = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Auth proxy header name.
'';
};
@@ -136,7 +136,7 @@ in
${pkgs.sqlite}/bin/sqlite3 ${appDb} "update settings set ${settings}"
'' + optionalString (cfg.options.calibreLibrary != null) ''
- test -f ${cfg.options.calibreLibrary}/metadata.db || { echo "Invalid Calibre library"; exit 1; }
+ test -f "${cfg.options.calibreLibrary}/metadata.db" || { echo "Invalid Calibre library"; exit 1; }
''
);
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/code-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/code-server.nix
index 474e9140ae8..84fc03deabf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/code-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/code-server.nix
@@ -16,13 +16,13 @@ in {
package = mkOption {
default = pkgs.code-server;
defaultText = "pkgs.code-server";
- description = "Which code-server derivation to use.";
+ description = lib.mdDoc "Which code-server derivation to use.";
type = types.package;
};
extraPackages = mkOption {
default = [ ];
- description = "Packages that are available in the PATH of code-server.";
+ description = lib.mdDoc "Packages that are available in the PATH of code-server.";
example = "[ pkgs.go ]";
type = types.listOf types.package;
};
@@ -30,49 +30,49 @@ in {
extraEnvironment = mkOption {
type = types.attrsOf types.str;
description =
- "Additional environment variables to passed to code-server.";
+ lib.mdDoc "Additional environment variables to passed to code-server.";
default = { };
example = { PKG_CONFIG_PATH = "/run/current-system/sw/lib/pkgconfig"; };
};
extraArguments = mkOption {
default = [ "--disable-telemetry" ];
- description = "Additional arguments that passed to code-server";
+ description = lib.mdDoc "Additional arguments that passed to code-server";
example = ''[ "--verbose" ]'';
type = types.listOf types.str;
};
host = mkOption {
default = "127.0.0.1";
- description = "The host-ip to bind to.";
+ description = lib.mdDoc "The host-ip to bind to.";
type = types.str;
};
port = mkOption {
default = 4444;
- description = "The port where code-server runs.";
+ description = lib.mdDoc "The port where code-server runs.";
type = types.port;
};
auth = mkOption {
default = "password";
- description = "The type of authentication to use.";
+ description = lib.mdDoc "The type of authentication to use.";
type = types.enum [ "none" "password" ];
};
hashedPassword = mkOption {
default = "";
description =
- "Create the password with: 'echo -n 'thisismypassword' | npx argon2-cli -e'.";
+ lib.mdDoc "Create the password with: 'echo -n 'thisismypassword' | npx argon2-cli -e'.";
type = types.str;
};
user = mkOption {
default = defaultUser;
example = "yourUser";
- description = ''
+ description = lib.mdDoc ''
The user to run code-server as.
- By default, a user named ${defaultUser} will be created.
+ By default, a user named `${defaultUser}` will be created.
'';
type = types.str;
};
@@ -80,9 +80,9 @@ in {
group = mkOption {
default = defaultGroup;
example = "yourGroup";
- description = ''
+ description = lib.mdDoc ''
The group to run code-server under.
- By default, a group named ${defaultGroup} will be created.
+ By default, a group named `${defaultGroup}` will be created.
'';
type = types.str;
};
@@ -90,7 +90,7 @@ in {
extraGroups = mkOption {
default = [ ];
description =
- "An array of additional groups for the ${defaultUser} user.";
+ lib.mdDoc "An array of additional groups for the `${defaultUser}` user.";
example = [ "docker" ];
type = types.listOf types.str;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/convos.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/convos.nix
index 8be11eec9f3..120481c6401 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/convos.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/convos.nix
@@ -12,21 +12,21 @@ in
type = types.port;
default = 3000;
example = 8080;
- description = "Port the web interface should listen on";
+ description = lib.mdDoc "Port the web interface should listen on";
};
listenAddress = mkOption {
type = types.str;
default = "*";
example = "127.0.0.1";
- description = "Address or host the web interface should listen on";
+ description = lib.mdDoc "Address or host the web interface should listen on";
};
reverseProxy = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables reverse proxy support. This will allow Convos to automatically
- pick up the X-Forwarded-For and
- X-Request-Base HTTP headers set in your reverse proxy
+ pick up the `X-Forwarded-For` and
+ `X-Request-Base` HTTP headers set in your reverse proxy
web server. Note that enabling this option without a reverse proxy in
front will be a security issue.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/cryptpad.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/cryptpad.nix
deleted file mode 100644
index e6772de768e..00000000000
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/cryptpad.nix
+++ /dev/null
@@ -1,54 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
- cfg = config.services.cryptpad;
-in
-{
- options.services.cryptpad = {
- enable = mkEnableOption "the Cryptpad service";
-
- package = mkOption {
- default = pkgs.cryptpad;
- defaultText = literalExpression "pkgs.cryptpad";
- type = types.package;
- description = "
- Cryptpad package to use.
- ";
- };
-
- configFile = mkOption {
- type = types.path;
- default = "${cfg.package}/lib/node_modules/cryptpad/config/config.example.js";
- defaultText = literalExpression ''"''${package}/lib/node_modules/cryptpad/config/config.example.js"'';
- description = ''
- Path to the JavaScript configuration file.
-
- See
- for a configuration example.
- '';
- };
- };
-
- config = mkIf cfg.enable {
- systemd.services.cryptpad = {
- description = "Cryptpad Service";
- wantedBy = [ "multi-user.target" ];
- after = [ "networking.target" ];
- serviceConfig = {
- DynamicUser = true;
- Environment = [
- "CRYPTPAD_CONFIG=${cfg.configFile}"
- "HOME=%S/cryptpad"
- ];
- ExecStart = "${cfg.package}/bin/cryptpad";
- PrivateTmp = true;
- Restart = "always";
- StateDirectory = "cryptpad";
- WorkingDirectory = "%S/cryptpad";
- };
- };
- };
-}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/dex.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/dex.nix
index 4d4689a4cf2..eebf4b740c7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/dex.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/dex.nix
@@ -45,9 +45,9 @@ in
];
}
'';
- description = ''
+ description = lib.mdDoc ''
The available options can be found in
- the example configuration.
+ [the example configuration](https://github.com/dexidp/dex/blob/v${pkgs.dex.version}/config.yaml.dist).
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/discourse.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/discourse.nix
index 7dbbf4a12fe..20ad653429a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/discourse.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/discourse.nix
@@ -35,7 +35,7 @@ in
plugins = lib.unique (p.enabledPlugins ++ cfg.plugins);
};
defaultText = lib.literalExpression "pkgs.discourse";
- description = ''
+ description = lib.mdDoc ''
The discourse package to use.
'';
};
@@ -48,7 +48,7 @@ in
config.networking.hostName;
defaultText = lib.literalExpression "config.networking.fqdn";
example = "discourse.example.com";
- description = ''
+ description = lib.mdDoc ''
The hostname to serve Discourse on.
'';
};
@@ -81,7 +81,7 @@ in
type = with lib.types; nullOr path;
default = null;
example = "/run/keys/ssl.cert";
- description = ''
+ description = lib.mdDoc ''
The path to the server SSL certificate. Set this to enable
SSL.
'';
@@ -91,7 +91,7 @@ in
type = with lib.types; nullOr path;
default = null;
example = "/run/keys/ssl.key";
- description = ''
+ description = lib.mdDoc ''
The path to the server SSL certificate key. Set this to
enable SSL.
'';
@@ -104,7 +104,7 @@ in
true, unless
and are set.
'';
- description = ''
+ description = lib.mdDoc ''
Whether an ACME certificate should be used to secure
connections to the server.
'';
@@ -151,26 +151,26 @@ in
};
};
'';
- description = ''
+ description = lib.mdDoc ''
Discourse site settings. These are the settings that can be
changed from the UI. This only defines their default values:
they can still be overridden from the UI.
Available settings can be found by looking in the
- site_settings.yml
+ [site_settings.yml](https://github.com/discourse/discourse/blob/master/config/site_settings.yml)
file of the upstream distribution. To find a setting's path,
you only need to care about the first two levels; i.e. its
category and name. See the example.
Settings containing secret data should be set to an
attribute set containing the attribute
- _secret - a string pointing to a file
+ `_secret` - a string pointing to a file
containing the value the option should be set to. See the
example to get a better picture of this: in the resulting
- config/nixos_site_settings.json file,
- the login.github_client_secret key will
+ {file}`config/nixos_site_settings.json` file,
+ the `login.github_client_secret` key will
be set to the contents of the
- /run/keys/discourse_github_client_secret
+ {file}`/run/keys/discourse_github_client_secret`
file.
'';
};
@@ -179,7 +179,7 @@ in
skipCreate = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Do not create the admin account, instead rely on other
existing admin accounts.
'';
@@ -188,7 +188,7 @@ in
email = lib.mkOption {
type = lib.types.str;
example = "admin@example.com";
- description = ''
+ description = lib.mdDoc ''
The admin user email address.
'';
};
@@ -196,21 +196,21 @@ in
username = lib.mkOption {
type = lib.types.str;
example = "admin";
- description = ''
+ description = lib.mdDoc ''
The admin user username.
'';
};
fullName = lib.mkOption {
type = lib.types.str;
- description = ''
+ description = lib.mdDoc ''
The admin user's full name.
'';
};
passwordFile = lib.mkOption {
type = lib.types.path;
- description = ''
+ description = lib.mdDoc ''
A path to a file containing the admin user's password.
This should be a string, not a nix path, since nix paths are
@@ -222,8 +222,8 @@ in
nginx.enable = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
- Whether an nginx virtual host should be
+ description = lib.mdDoc ''
+ Whether an `nginx` virtual host should be
set up to serve Discourse. Only disable if you're planning
to use a different web server, which is not recommended.
'';
@@ -233,7 +233,7 @@ in
pool = lib.mkOption {
type = lib.types.int;
default = 8;
- description = ''
+ description = lib.mdDoc ''
Database connection pool size.
'';
};
@@ -250,7 +250,7 @@ in
passwordFile = lib.mkOption {
type = with lib.types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing the Discourse database user password.
This should be a string, not a nix path, since nix paths are
@@ -261,18 +261,18 @@ in
createLocally = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether a database should be automatically created on the
- local host. Set this to false if you plan
+ local host. Set this to `false` if you plan
on provisioning a local database yourself. This has no effect
- if is customized.
+ if {option}`services.discourse.database.host` is customized.
'';
};
name = lib.mkOption {
type = lib.types.str;
default = "discourse";
- description = ''
+ description = lib.mdDoc ''
Discourse database name.
'';
};
@@ -280,7 +280,7 @@ in
username = lib.mkOption {
type = lib.types.str;
default = "discourse";
- description = ''
+ description = lib.mdDoc ''
Discourse database user.
'';
};
@@ -288,10 +288,10 @@ in
ignorePostgresqlVersion = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to allow other versions of PostgreSQL than the
recommended one. Only effective when
-
+ {option}`services.discourse.database.createLocally`
is enabled.
'';
};
@@ -301,7 +301,7 @@ in
host = lib.mkOption {
type = lib.types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Redis server hostname.
'';
};
@@ -309,7 +309,7 @@ in
passwordFile = lib.mkOption {
type = with lib.types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing the Redis password.
This should be a string, not a nix path, since nix paths are
@@ -320,7 +320,7 @@ in
dbNumber = lib.mkOption {
type = lib.types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Redis database number.
'';
};
@@ -329,7 +329,7 @@ in
type = lib.types.bool;
default = cfg.redis.host != "localhost";
defaultText = lib.literalExpression ''config.${opt.redis.host} != "localhost"'';
- description = ''
+ description = lib.mdDoc ''
Connect to Redis with SSL.
'';
};
@@ -342,8 +342,8 @@ in
defaultText = lib.literalExpression ''
"''${if config.services.discourse.mail.incoming.enable then "notifications" else "noreply"}@''${config.services.discourse.hostname}"
'';
- description = ''
- The from: email address used when
+ description = lib.mdDoc ''
+ The `from:` email address used when
sending all essential system emails. The domain specified
here must have SPF, DKIM and reverse PTR records set
correctly for email to arrive.
@@ -353,10 +353,10 @@ in
contactEmailAddress = lib.mkOption {
type = lib.types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Email address of key contact responsible for this
site. Used for critical notifications, as well as on the
- /about contact form for urgent matters.
+ `/about` contact form for urgent matters.
'';
};
@@ -364,7 +364,7 @@ in
serverAddress = lib.mkOption {
type = lib.types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
The address of the SMTP server Discourse should use to
send email.
'';
@@ -373,7 +373,7 @@ in
port = lib.mkOption {
type = lib.types.port;
default = 25;
- description = ''
+ description = lib.mdDoc ''
The port of the SMTP server Discourse should use to
send email.
'';
@@ -382,7 +382,7 @@ in
username = lib.mkOption {
type = with lib.types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The username of the SMTP server.
'';
};
@@ -390,7 +390,7 @@ in
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing the password of the SMTP server account.
This should be a string, not a nix path, since nix paths
@@ -402,7 +402,7 @@ in
type = lib.types.str;
default = cfg.hostname;
defaultText = lib.literalExpression "config.${opt.hostname}";
- description = ''
+ description = lib.mdDoc ''
HELO domain to use for outgoing mail.
'';
};
@@ -410,7 +410,7 @@ in
authentication = lib.mkOption {
type = with lib.types; nullOr (enum ["plain" "login" "cram_md5"]);
default = null;
- description = ''
+ description = lib.mdDoc ''
Authentication type to use, see http://api.rubyonrails.org/classes/ActionMailer/Base.html
'';
};
@@ -418,7 +418,7 @@ in
enableStartTLSAuto = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to try to use StartTLS.
'';
};
@@ -426,7 +426,7 @@ in
opensslVerifyMode = lib.mkOption {
type = lib.types.str;
default = "peer";
- description = ''
+ description = lib.mdDoc ''
How OpenSSL checks the certificate, see http://api.rubyonrails.org/classes/ActionMailer/Base.html
'';
};
@@ -434,7 +434,7 @@ in
forceTLS = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Force implicit TLS as per RFC 8314 3.3.
'';
};
@@ -444,7 +444,7 @@ in
enable = lib.mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to set up Postfix to receive incoming mail.
'';
};
@@ -453,7 +453,7 @@ in
type = lib.types.str;
default = "%{reply_key}@${cfg.hostname}";
defaultText = lib.literalExpression ''"%{reply_key}@''${config.services.discourse.hostname}"'';
- description = ''
+ description = lib.mdDoc ''
Template for reply by email incoming email address, for
example: %{reply_key}@reply.example.com or
replies+%{reply_key}@example.com
@@ -464,7 +464,7 @@ in
type = lib.types.package;
default = pkgs.discourse-mail-receiver;
defaultText = lib.literalExpression "pkgs.discourse-mail-receiver";
- description = ''
+ description = lib.mdDoc ''
The discourse-mail-receiver package to use.
'';
};
@@ -472,10 +472,10 @@ in
apiKeyFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file containing the Discourse API key used to add
posts and messages from mail. If left at its default
- value null, one will be automatically
+ value `null`, one will be automatically
generated.
This should be a string, not a nix path, since nix paths
@@ -504,7 +504,7 @@ in
sidekiqProcesses = lib.mkOption {
type = lib.types.int;
default = 1;
- description = ''
+ description = lib.mdDoc ''
How many Sidekiq processes should be spawned.
'';
};
@@ -512,7 +512,7 @@ in
unicornTimeout = lib.mkOption {
type = lib.types.int;
default = 30;
- description = ''
+ description = lib.mdDoc ''
Time in seconds before a request to Unicorn times out.
This can be raised if the system Discourse is running on is
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/documize.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/documize.nix
index 7f2ed82ee33..4353e3c2445 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/documize.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/documize.nix
@@ -17,8 +17,8 @@ in {
stateDirectoryName = mkOption {
type = types.str;
default = "documize";
- description = ''
- The name of the directory below /var/lib/private
+ description = lib.mdDoc ''
+ The name of the directory below {file}`/var/lib/private`
where documize runs in and stores, for example, backups.
'';
};
@@ -27,7 +27,7 @@ in {
type = types.package;
default = pkgs.documize-community;
defaultText = literalExpression "pkgs.documize-community";
- description = ''
+ description = lib.mdDoc ''
Which package to use for documize.
'';
};
@@ -36,7 +36,7 @@ in {
type = types.nullOr types.str;
default = null;
example = "3edIYV6c8B28b19fh";
- description = ''
+ description = lib.mdDoc ''
The salt string used to encode JWT tokens, if not set a random value will be generated.
'';
};
@@ -44,23 +44,23 @@ in {
cert = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
- The cert.pem file used for https.
+ description = lib.mdDoc ''
+ The {file}`cert.pem` file used for https.
'';
};
key = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
- The key.pem file used for https.
+ description = lib.mdDoc ''
+ The {file}`key.pem` file used for https.
'';
};
port = mkOption {
type = types.port;
default = 5001;
- description = ''
+ description = lib.mdDoc ''
The http/https port number.
'';
};
@@ -68,7 +68,7 @@ in {
forcesslport = mkOption {
type = types.nullOr types.port;
default = null;
- description = ''
+ description = lib.mdDoc ''
Redirect given http port number to TLS.
'';
};
@@ -76,8 +76,8 @@ in {
offline = mkOption {
type = types.bool;
default = false;
- description = ''
- Set true for offline mode.
+ description = lib.mdDoc ''
+ Set `true` for offline mode.
'';
apply = v: if true == v then 1 else 0;
};
@@ -122,7 +122,7 @@ in {
location = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
reserved
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/dokuwiki.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/dokuwiki.nix
index d8fc978774e..49865b962d1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/dokuwiki.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/dokuwiki.nix
@@ -66,21 +66,21 @@ let
type = types.package;
default = pkgs.dokuwiki;
defaultText = literalExpression "pkgs.dokuwiki";
- description = "Which DokuWiki package to use.";
+ description = lib.mdDoc "Which DokuWiki package to use.";
};
stateDir = mkOption {
type = types.path;
default = "/var/lib/dokuwiki/${name}/data";
- description = "Location of the DokuWiki state directory.";
+ description = lib.mdDoc "Location of the DokuWiki state directory.";
};
acl = mkOption {
type = types.nullOr types.lines;
default = null;
example = "* @ALL 8";
- description = ''
- Access Control Lists: see
+ description = lib.mdDoc ''
+ Access Control Lists: see
Mutually exclusive with services.dokuwiki.aclFile
Set this to a value other than null to take precedence over aclFile option.
@@ -92,11 +92,11 @@ let
aclFile = mkOption {
type = with types; nullOr str;
default = if (config.aclUse && config.acl == null) then "/var/lib/dokuwiki/${name}/acl.auth.php" else null;
- description = ''
+ description = lib.mdDoc ''
Location of the dokuwiki acl rules. Mutually exclusive with services.dokuwiki.acl
Mutually exclusive with services.dokuwiki.acl which is preferred.
- Consult documentation for further instructions.
- Example:
+ Consult documentation for further instructions.
+ Example:
'';
example = "/var/lib/dokuwiki/${name}/acl.auth.php";
};
@@ -104,7 +104,7 @@ let
aclUse = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Necessary for users to log in into the system.
Also limits anonymous users. When disabled,
everyone is able to create and edit content.
@@ -119,7 +119,7 @@ let
$plugins['authmysql'] = 0;
$plugins['authpgsql'] = 0;
'';
- description = ''
+ description = lib.mdDoc ''
List of the dokuwiki (un)loaded plugins.
'';
};
@@ -127,10 +127,10 @@ let
superUser = mkOption {
type = types.nullOr types.str;
default = "@admin";
- description = ''
+ description = lib.mdDoc ''
You can set either a username, a list of usernames (“admin1,admin2”),
or the name of a group by prepending an @ char to the groupname
- Consult documentation for further instructions.
+ Consult documentation for further instructions.
'';
};
@@ -150,9 +150,9 @@ let
type = types.nullOr types.str;
default = "";
example = "search,register";
- description = ''
+ description = lib.mdDoc ''
Disable individual action modes. Refer to
-
+
for details on supported values.
'';
};
@@ -222,8 +222,8 @@ let
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
- description = ''
- Options for the DokuWiki PHP pool. See the documentation on php-fpm.conf
+ description = lib.mdDoc ''
+ Options for the DokuWiki PHP pool. See the documentation on `php-fpm.conf`
for details on configuration directives.
'';
};
@@ -235,9 +235,9 @@ let
$conf['title'] = 'My Wiki';
$conf['userewrite'] = 1;
'';
- description = ''
+ description = lib.mdDoc ''
DokuWiki configuration. Refer to
-
+
for details on supported values.
'';
};
@@ -254,7 +254,7 @@ in
sites = mkOption {
type = types.attrsOf (types.submodule siteOpts);
default = {};
- description = "Specification of one or more DokuWiki sites to serve";
+ description = lib.mdDoc "Specification of one or more DokuWiki sites to serve";
};
webserver = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/engelsystem.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/engelsystem.nix
index 06c3c6dfc3d..f1d71f17447 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/engelsystem.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/engelsystem.nix
@@ -9,7 +9,7 @@ in {
enable = mkOption {
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable engelsystem, an online tool for coordinating volunteers
and shifts on large events.
'';
@@ -19,12 +19,12 @@ in {
domain = mkOption {
type = types.str;
example = "engelsystem.example.com";
- description = "Domain to serve on.";
+ description = lib.mdDoc "Domain to serve on.";
};
package = mkOption {
type = types.package;
- description = "Engelsystem package used for the service.";
+ description = lib.mdDoc "Engelsystem package used for the service.";
default = pkgs.engelsystem;
defaultText = literalExpression "pkgs.engelsystem";
};
@@ -32,9 +32,9 @@ in {
createDatabase = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to create a local database automatically.
- This will override every database setting in .
+ This will override every database setting in {option}`services.engelsystem.config`.
'';
};
};
@@ -70,7 +70,7 @@ in {
min_password_length = 6;
default_locale = "de_DE";
};
- description = ''
+ description = lib.mdDoc ''
Options to be added to config.php, as a nix attribute set. Options containing secret data
should be set to an attribute set containing the attribute _secret - a string pointing to a
file containing the value the option should be set to. See the example to get a better
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/ethercalc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/ethercalc.nix
index d74def59c6c..a5be86a34aa 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/ethercalc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/ethercalc.nix
@@ -10,11 +10,11 @@ in {
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
ethercalc, an online collaborative spreadsheet server.
Persistent state will be maintained under
- /var/lib/ethercalc. Upstream supports using a
+ {file}`/var/lib/ethercalc`. Upstream supports using a
redis server for storage and recommends the redis backend for
intensive use; however, the Nix module doesn't currently support
redis.
@@ -28,19 +28,19 @@ in {
default = pkgs.ethercalc;
defaultText = literalExpression "pkgs.ethercalc";
type = types.package;
- description = "Ethercalc package to use.";
+ description = lib.mdDoc "Ethercalc package to use.";
};
host = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "Address to listen on (use 0.0.0.0 to allow access from any address).";
+ description = lib.mdDoc "Address to listen on (use 0.0.0.0 to allow access from any address).";
};
port = mkOption {
type = types.port;
default = 8000;
- description = "Port to bind to.";
+ description = lib.mdDoc "Port to bind to.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/galene.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/galene.nix
index 38c3392014f..2fef43753d7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/galene.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/galene.nix
@@ -17,7 +17,7 @@ in
stateDir = mkOption {
default = defaultstateDir;
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The directory where Galene stores its internal state. If left as the default
value this directory will automatically be created before the Galene server
starts, otherwise the sysadmin is responsible for ensuring the directory
@@ -28,19 +28,19 @@ in
user = mkOption {
type = types.str;
default = "galene";
- description = "User account under which galene runs.";
+ description = lib.mdDoc "User account under which galene runs.";
};
group = mkOption {
type = types.str;
default = "galene";
- description = "Group under which galene runs.";
+ description = lib.mdDoc "Group under which galene runs.";
};
insecure = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether Galene should listen in http or in https. If left as the default
value (false), Galene needs to be fed a private key and a certificate.
'';
@@ -50,7 +50,7 @@ in
type = types.nullOr types.str;
default = null;
example = "/path/to/your/cert.pem";
- description = ''
+ description = lib.mdDoc ''
Path to the server's certificate. The file is copied at runtime to
Galene's data directory where it needs to reside.
'';
@@ -60,7 +60,7 @@ in
type = types.nullOr types.str;
default = null;
example = "/path/to/your/key.pem";
- description = ''
+ description = lib.mdDoc ''
Path to the server's private key. The file is copied at runtime to
Galene's data directory where it needs to reside.
'';
@@ -69,13 +69,13 @@ in
httpAddress = mkOption {
type = types.str;
default = "";
- description = "HTTP listen address for galene.";
+ description = lib.mdDoc "HTTP listen address for galene.";
};
httpPort = mkOption {
type = types.port;
default = 8443;
- description = "HTTP listen port.";
+ description = lib.mdDoc "HTTP listen port.";
};
staticDir = mkOption {
@@ -83,7 +83,7 @@ in
default = "${cfg.package.static}/static";
defaultText = literalExpression ''"''${package.static}/static"'';
example = "/var/lib/galene/static";
- description = "Web server directory.";
+ description = lib.mdDoc "Web server directory.";
};
recordingsDir = mkOption {
@@ -91,7 +91,7 @@ in
default = defaultrecordingsDir;
defaultText = literalExpression ''"''${config.${opt.stateDir}}/recordings"'';
example = "/var/lib/galene/recordings";
- description = "Recordings directory.";
+ description = lib.mdDoc "Recordings directory.";
};
dataDir = mkOption {
@@ -99,7 +99,7 @@ in
default = defaultdataDir;
defaultText = literalExpression ''"''${config.${opt.stateDir}}/data"'';
example = "/var/lib/galene/data";
- description = "Data directory.";
+ description = lib.mdDoc "Data directory.";
};
groupsDir = mkOption {
@@ -107,14 +107,14 @@ in
default = defaultgroupsDir;
defaultText = literalExpression ''"''${config.${opt.stateDir}}/groups"'';
example = "/var/lib/galene/groups";
- description = "Web server directory.";
+ description = lib.mdDoc "Web server directory.";
};
package = mkOption {
default = pkgs.galene;
defaultText = literalExpression "pkgs.galene";
type = types.package;
- description = ''
+ description = lib.mdDoc ''
Package for running Galene.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/gerrit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/gerrit.nix
index 6bfc67368dd..5b36204ff05 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/gerrit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/gerrit.nix
@@ -65,14 +65,14 @@ in
type = types.package;
default = pkgs.gerrit;
defaultText = literalExpression "pkgs.gerrit";
- description = "Gerrit package to use";
+ description = lib.mdDoc "Gerrit package to use";
};
jvmPackage = mkOption {
type = types.package;
default = pkgs.jre_headless;
defaultText = literalExpression "pkgs.jre_headless";
- description = "Java Runtime Environment package to use";
+ description = lib.mdDoc "Java Runtime Environment package to use";
};
jvmOpts = mkOption {
@@ -81,13 +81,13 @@ in
"-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
"-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
];
- description = "A list of JVM options to start gerrit with.";
+ description = lib.mdDoc "A list of JVM options to start gerrit with.";
};
jvmHeapLimit = mkOption {
type = types.str;
default = "1024m";
- description = ''
+ description = lib.mdDoc ''
How much memory to allocate to the JVM heap
'';
};
@@ -95,8 +95,8 @@ in
listenAddress = mkOption {
type = types.str;
default = "[::]:8080";
- description = ''
- hostname:port to listen for HTTP traffic.
+ description = lib.mdDoc ''
+ `hostname:port` to listen for HTTP traffic.
This is bound using the systemd socket activation.
'';
@@ -105,25 +105,25 @@ in
settings = mkOption {
type = gitIniType;
default = {};
- description = ''
+ description = lib.mdDoc ''
Gerrit configuration. This will be generated to the
- etc/gerrit.config file.
+ `etc/gerrit.config` file.
'';
};
replicationSettings = mkOption {
type = gitIniType;
default = {};
- description = ''
+ description = lib.mdDoc ''
Replication configuration. This will be generated to the
- etc/replication.config file.
+ `etc/replication.config` file.
'';
};
plugins = mkOption {
type = types.listOf types.package;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of plugins to add to Gerrit. Each derivation is a jar file
itself where the name of the derivation is the name of plugin.
'';
@@ -132,19 +132,19 @@ in
builtinPlugins = mkOption {
type = types.listOf (types.enum cfg.package.passthru.plugins);
default = [];
- description = ''
+ description = lib.mdDoc ''
List of builtins plugins to install. Those are shipped in the
- gerrit.war file.
+ `gerrit.war` file.
'';
};
serverId = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Set a UUID that uniquely identifies the server.
This can be generated with
- nix-shell -p util-linux --run uuidgen.
+ `nix-shell -p util-linux --run uuidgen`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/gotify-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/gotify-server.nix
index 03e01f46a94..9e278b41ad1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/gotify-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/gotify-server.nix
@@ -11,7 +11,7 @@ in {
port = mkOption {
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Port the server listens to.
'';
};
@@ -19,8 +19,8 @@ in {
stateDirectoryName = mkOption {
type = types.str;
default = "gotify-server";
- description = ''
- The name of the directory below /var/lib where
+ description = lib.mdDoc ''
+ The name of the directory below {file}`/var/lib` where
gotify stores its runtime data.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/grocy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/grocy.nix
index a77fddf1f2f..173dd63ddaa 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/grocy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/grocy.nix
@@ -10,7 +10,7 @@ in {
hostName = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
FQDN for the grocy instance.
'';
};
@@ -18,7 +18,7 @@ in {
nginx.enableSSL = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether or not to enable SSL (with ACME and let's encrypt)
for the grocy vhost.
'';
@@ -39,7 +39,7 @@ in {
"pm.max_requests" = "500";
};
- description = ''
+ description = lib.mdDoc ''
Options for grocy's PHPFPM pool.
'';
};
@@ -47,8 +47,8 @@ in {
dataDir = mkOption {
type = types.str;
default = "/var/lib/grocy";
- description = ''
- Home directory of the grocy user which contains
+ description = lib.mdDoc ''
+ Home directory of the `grocy` user which contains
the application's state.
'';
};
@@ -58,7 +58,7 @@ in {
type = types.str;
default = "USD";
example = "EUR";
- description = ''
+ description = lib.mdDoc ''
ISO 4217 code for the currency to display.
'';
};
@@ -66,7 +66,7 @@ in {
culture = mkOption {
type = types.enum [ "de" "en" "da" "en_GB" "es" "fr" "hu" "it" "nl" "no" "pl" "pt_BR" "ru" "sk_SK" "sv_SE" "tr" ];
default = "en";
- description = ''
+ description = lib.mdDoc ''
Display language of the frontend.
'';
};
@@ -75,14 +75,14 @@ in {
showWeekNumber = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Show the number of the weeks in the calendar views.
'';
};
firstDayOfWeek = mkOption {
default = null;
type = types.nullOr (types.enum (range 0 6));
- description = ''
+ description = lib.mdDoc ''
Which day of the week (0=Sunday, 1=Monday etc.) should be the
first day.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/healthchecks.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/healthchecks.nix
new file mode 100644
index 00000000000..e58cc6f202b
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/healthchecks.nix
@@ -0,0 +1,249 @@
+{ config, lib, pkgs, buildEnv, ... }:
+
+with lib;
+
+let
+ defaultUser = "healthchecks";
+ cfg = config.services.healthchecks;
+ pkg = cfg.package;
+ boolToPython = b: if b then "True" else "False";
+ environment = {
+ PYTHONPATH = pkg.pythonPath;
+ STATIC_ROOT = cfg.dataDir + "/static";
+ DB_NAME = "${cfg.dataDir}/healthchecks.sqlite";
+ } // cfg.settings;
+
+ environmentFile = pkgs.writeText "healthchecks-environment" (lib.generators.toKeyValue { } environment);
+
+ healthchecksManageScript = with pkgs; (writeShellScriptBin "healthchecks-manage" ''
+ if [[ "$USER" != "${cfg.user}" ]]; then
+ echo "please run as user 'healtchecks'." >/dev/stderr
+ exit 1
+ fi
+ export $(cat ${environmentFile} | xargs);
+ exec ${pkg}/opt/healthchecks/manage.py "$@"
+ '');
+in
+{
+ options.services.healthchecks = {
+ enable = mkEnableOption "healthchecks" // {
+ description = ''
+ Enable healthchecks.
+ It is expected to be run behind a HTTP reverse proxy.
+ '';
+ };
+
+ package = mkOption {
+ default = pkgs.healthchecks;
+ defaultText = literalExpression "pkgs.healthchecks";
+ type = types.package;
+ description = lib.mdDoc "healthchecks package to use.";
+ };
+
+ user = mkOption {
+ default = defaultUser;
+ type = types.str;
+ description = ''
+ User account under which healthchecks runs.
+
+
+ If left as the default value this user will automatically be created
+ on system activation, otherwise you are responsible for
+ ensuring the user exists before the healthchecks service starts.
+
+ '';
+ };
+
+ group = mkOption {
+ default = defaultUser;
+ type = types.str;
+ description = ''
+ Group account under which healthchecks runs.
+
+
+ If left as the default value this group will automatically be created
+ on system activation, otherwise you are responsible for
+ ensuring the group exists before the healthchecks service starts.
+
+ '';
+ };
+
+ listenAddress = mkOption {
+ type = types.str;
+ default = "localhost";
+ description = lib.mdDoc "Address the server will listen on.";
+ };
+
+ port = mkOption {
+ type = types.port;
+ default = 8000;
+ description = lib.mdDoc "Port the server will listen on.";
+ };
+
+ dataDir = mkOption {
+ type = types.str;
+ default = "/var/lib/healthchecks";
+ description = ''
+ The directory used to store all data for healthchecks.
+
+
+ If left as the default value this directory will automatically be created before
+ the healthchecks server starts, otherwise you are responsible for ensuring the
+ directory exists with appropriate ownership and permissions.
+
+ '';
+ };
+
+ settings = lib.mkOption {
+ description = ''
+ Environment variables which are read by healthchecks (local)_settings.py.
+
+ Settings which are explictly covered in options bewlow, are type-checked and/or transformed
+ before added to the environment, everything else is passed as a string.
+
+ See https://healthchecks.io/docs/self_hosted_configuration/
+ for a full documentation of settings.
+
+ We add two variables to this list inside the packages local_settings.py.
+ - STATIC_ROOT to set a state directory for dynamically generated static files.
+ - SECRET_KEY_FILE to read SECRET_KEY from a file at runtime and keep it out of /nix/store.
+ '';
+ type = types.submodule {
+ freeformType = types.attrsOf types.str;
+ options = {
+ ALLOWED_HOSTS = lib.mkOption {
+ type = types.listOf types.str;
+ default = [ "*" ];
+ description = lib.mdDoc "The host/domain names that this site can serve.";
+ apply = lib.concatStringsSep ",";
+ };
+
+ SECRET_KEY_FILE = mkOption {
+ type = types.path;
+ description = lib.mdDoc "Path to a file containing the secret key.";
+ };
+
+ DEBUG = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc "Enable debug mode.";
+ apply = boolToPython;
+ };
+
+ REGISTRATION_OPEN = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ A boolean that controls whether site visitors can create new accounts.
+ Set it to false if you are setting up a private Healthchecks instance,
+ but it needs to be publicly accessible (so, for example, your cloud
+ services can send pings to it).
+ If you close new user registration, you can still selectively invite
+ users to your team account.
+ '';
+ apply = boolToPython;
+ };
+ };
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ environment.systemPackages = [ healthchecksManageScript ];
+
+ systemd.targets.healthchecks = {
+ description = "Target for all Healthchecks services";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" "network-online.target" ];
+ };
+
+ systemd.services =
+ let
+ commonConfig = {
+ WorkingDirectory = cfg.dataDir;
+ User = cfg.user;
+ Group = cfg.group;
+ EnvironmentFile = environmentFile;
+ StateDirectory = mkIf (cfg.dataDir == "/var/lib/healthchecks") "healthchecks";
+ StateDirectoryMode = mkIf (cfg.dataDir == "/var/lib/healthchecks") "0750";
+ };
+ in
+ {
+ healthchecks-migration = {
+ description = "Healthchecks migrations";
+ wantedBy = [ "healthchecks.target" ];
+
+ serviceConfig = commonConfig // {
+ Restart = "on-failure";
+ Type = "oneshot";
+ ExecStart = ''
+ ${pkg}/opt/healthchecks/manage.py migrate
+ '';
+ };
+ };
+
+ healthchecks = {
+ description = "Healthchecks WSGI Service";
+ wantedBy = [ "healthchecks.target" ];
+ after = [ "healthchecks-migration.service" ];
+
+ preStart = ''
+ ${pkg}/opt/healthchecks/manage.py collectstatic --no-input
+ ${pkg}/opt/healthchecks/manage.py remove_stale_contenttypes --no-input
+ ${pkg}/opt/healthchecks/manage.py compress
+ '';
+
+ serviceConfig = commonConfig // {
+ Restart = "always";
+ ExecStart = ''
+ ${pkgs.python3Packages.gunicorn}/bin/gunicorn hc.wsgi \
+ --bind ${cfg.listenAddress}:${toString cfg.port} \
+ --pythonpath ${pkg}/opt/healthchecks
+ '';
+ };
+ };
+
+ healthchecks-sendalerts = {
+ description = "Healthchecks Alert Service";
+ wantedBy = [ "healthchecks.target" ];
+ after = [ "healthchecks.service" ];
+
+ serviceConfig = commonConfig // {
+ Restart = "always";
+ ExecStart = ''
+ ${pkg}/opt/healthchecks/manage.py sendalerts
+ '';
+ };
+ };
+
+ healthchecks-sendreports = {
+ description = "Healthchecks Reporting Service";
+ wantedBy = [ "healthchecks.target" ];
+ after = [ "healthchecks.service" ];
+
+ serviceConfig = commonConfig // {
+ Restart = "always";
+ ExecStart = ''
+ ${pkg}/opt/healthchecks/manage.py sendreports --loop
+ '';
+ };
+ };
+ };
+
+ users.users = optionalAttrs (cfg.user == defaultUser) {
+ ${defaultUser} =
+ {
+ description = "healthchecks service owner";
+ isSystemUser = true;
+ group = defaultUser;
+ };
+ };
+
+ users.groups = optionalAttrs (cfg.user == defaultUser) {
+ ${defaultUser} =
+ {
+ members = [ defaultUser ];
+ };
+ };
+ };
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/hedgedoc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/hedgedoc.nix
index 22270609dbc..b8d83984ca7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/hedgedoc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/hedgedoc.nix
@@ -13,17 +13,22 @@ let
then "hedgedoc"
else "codimd";
+ settingsFormat = pkgs.formats.json {};
+
prettyJSON = conf:
pkgs.runCommandLocal "hedgedoc-config.json" {
nativeBuildInputs = [ pkgs.jq ];
} ''
- echo '${builtins.toJSON conf}' | jq \
- '{production:del(.[]|nulls)|del(.[][]?|nulls)}' > $out
+ jq '{production:del(.[]|nulls)|del(.[][]?|nulls)}' \
+ < ${settingsFormat.generate "hedgedoc-ugly.json" cfg.settings} \
+ > $out
'';
in
{
imports = [
(mkRenamedOptionModule [ "services" "codimd" ] [ "services" "hedgedoc" ])
+ (mkRenamedOptionModule
+ [ "services" "hedgedoc" "configuration" ] [ "services" "hedgedoc" "settings" ])
];
options.services.hedgedoc = {
@@ -32,7 +37,7 @@ in
groups = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Groups to which the service user should be added.
'';
};
@@ -40,18 +45,18 @@ in
workDir = mkOption {
type = types.path;
default = "/var/lib/${name}";
- description = ''
+ description = lib.mdDoc ''
Working directory for the HedgeDoc service.
'';
};
- configuration = {
+ settings = let options = {
debug = mkEnableOption "debug mode";
domain = mkOption {
type = types.nullOr types.str;
default = null;
example = "hedgedoc.org";
- description = ''
+ description = lib.mdDoc ''
Domain name for the HedgeDoc instance.
'';
};
@@ -59,14 +64,14 @@ in
type = types.nullOr types.str;
default = null;
example = "/url/path/to/hedgedoc";
- description = ''
+ description = lib.mdDoc ''
Path under which HedgeDoc is accessible.
'';
};
host = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Address to listen on.
'';
};
@@ -74,7 +79,7 @@ in
type = types.int;
default = 3000;
example = 80;
- description = ''
+ description = lib.mdDoc ''
Port to listen on.
'';
};
@@ -82,7 +87,7 @@ in
type = types.nullOr types.str;
default = null;
example = "/run/hedgedoc.sock";
- description = ''
+ description = lib.mdDoc ''
Specify where a UNIX domain socket should be placed.
'';
};
@@ -90,44 +95,44 @@ in
type = types.listOf types.str;
default = [];
example = [ "localhost" "hedgedoc.org" ];
- description = ''
+ description = lib.mdDoc ''
List of domains to whitelist.
'';
};
useSSL = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable to use SSL server. This will also enable
- .
+ {option}`protocolUseSSL`.
'';
};
hsts = {
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable HSTS if HTTPS is also enabled.
'';
};
maxAgeSeconds = mkOption {
type = types.int;
default = 31536000;
- description = ''
+ description = lib.mdDoc ''
Max duration for clients to keep the HSTS status.
'';
};
includeSubdomains = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to include subdomains in HSTS.
'';
};
preload = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to allow preloading of the site's HSTS status.
'';
};
@@ -154,31 +159,31 @@ in
protocolUseSSL = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable to use TLS for resource paths.
- This only applies when is set.
+ This only applies when {option}`domain` is set.
'';
};
urlAddPort = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable to add the port to callback URLs.
- This only applies when is set
+ This only applies when {option}`domain` is set
and only for ports other than 80 and 443.
'';
};
useCDN = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use CDN resources or not.
'';
};
allowAnonymous = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to allow anonymous usage.
'';
};
@@ -193,21 +198,21 @@ in
allowFreeURL = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to allow note creation by accessing a nonexistent note URL.
'';
};
requireFreeURLAuthentication = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to require authentication for FreeURL mode style note creation.
'';
};
defaultPermission = mkOption {
type = types.enum [ "freely" "editable" "limited" "locked" "private" ];
default = "editable";
- description = ''
+ description = lib.mdDoc ''
Default permissions for notes.
This only applies for signed-in users.
'';
@@ -218,12 +223,12 @@ in
example = ''
postgres://user:pass@host:5432/dbname
'';
- description = ''
+ description = lib.mdDoc ''
Specify which database to use.
HedgeDoc supports mysql, postgres, sqlite and mssql.
- See
- https://sequelize.readthedocs.io/en/v3/ for more information.
- Note: This option overrides .
+ See [
+ https://sequelize.readthedocs.io/en/v3/](https://sequelize.readthedocs.io/en/v3/) for more information.
+ Note: This option overrides {option}`db`.
'';
};
db = mkOption {
@@ -235,52 +240,52 @@ in
storage = "/var/lib/${name}/db.${name}.sqlite";
}
'';
- description = ''
+ description = lib.mdDoc ''
Specify the configuration for sequelize.
HedgeDoc supports mysql, postgres, sqlite and mssql.
- See
- https://sequelize.readthedocs.io/en/v3/ for more information.
- Note: This option overrides .
+ See [
+ https://sequelize.readthedocs.io/en/v3/](https://sequelize.readthedocs.io/en/v3/) for more information.
+ Note: This option overrides {option}`db`.
'';
};
sslKeyPath= mkOption {
type = types.nullOr types.str;
default = null;
example = "/var/lib/hedgedoc/hedgedoc.key";
- description = ''
- Path to the SSL key. Needed when is enabled.
+ description = lib.mdDoc ''
+ Path to the SSL key. Needed when {option}`useSSL` is enabled.
'';
};
sslCertPath = mkOption {
type = types.nullOr types.str;
default = null;
example = "/var/lib/hedgedoc/hedgedoc.crt";
- description = ''
- Path to the SSL cert. Needed when is enabled.
+ description = lib.mdDoc ''
+ Path to the SSL cert. Needed when {option}`useSSL` is enabled.
'';
};
sslCAPath = mkOption {
type = types.listOf types.str;
default = [];
example = [ "/var/lib/hedgedoc/ca.crt" ];
- description = ''
- SSL ca chain. Needed when is enabled.
+ description = lib.mdDoc ''
+ SSL ca chain. Needed when {option}`useSSL` is enabled.
'';
};
dhParamPath = mkOption {
type = types.nullOr types.str;
default = null;
example = "/var/lib/hedgedoc/dhparam.pem";
- description = ''
- Path to the SSL dh params. Needed when is enabled.
+ description = lib.mdDoc ''
+ Path to the SSL dh params. Needed when {option}`useSSL` is enabled.
'';
};
tmpPath = mkOption {
type = types.str;
default = "/tmp";
- description = ''
+ description = lib.mdDoc ''
Path to the temp directory HedgeDoc should use.
- Note that is enabled for
+ Note that {option}`serviceConfig.PrivateTmp` is enabled for
the HedgeDoc systemd service by default.
(Non-canonical paths are relative to HedgeDoc's base directory)
'';
@@ -288,7 +293,7 @@ in
defaultNotePath = mkOption {
type = types.nullOr types.str;
default = "./public/default.md";
- description = ''
+ description = lib.mdDoc ''
Path to the default Note file.
(Non-canonical paths are relative to HedgeDoc's base directory)
'';
@@ -296,7 +301,7 @@ in
docsPath = mkOption {
type = types.nullOr types.str;
default = "./public/docs";
- description = ''
+ description = lib.mdDoc ''
Path to the docs directory.
(Non-canonical paths are relative to HedgeDoc's base directory)
'';
@@ -304,7 +309,7 @@ in
indexPath = mkOption {
type = types.nullOr types.str;
default = "./public/views/index.ejs";
- description = ''
+ description = lib.mdDoc ''
Path to the index template file.
(Non-canonical paths are relative to HedgeDoc's base directory)
'';
@@ -312,7 +317,7 @@ in
hackmdPath = mkOption {
type = types.nullOr types.str;
default = "./public/views/hackmd.ejs";
- description = ''
+ description = lib.mdDoc ''
Path to the hackmd template file.
(Non-canonical paths are relative to HedgeDoc's base directory)
'';
@@ -321,7 +326,7 @@ in
type = types.nullOr types.str;
default = null;
defaultText = literalExpression "./public/views/error.ejs";
- description = ''
+ description = lib.mdDoc ''
Path to the error template file.
(Non-canonical paths are relative to HedgeDoc's base directory)
'';
@@ -330,7 +335,7 @@ in
type = types.nullOr types.str;
default = null;
defaultText = literalExpression "./public/views/pretty.ejs";
- description = ''
+ description = lib.mdDoc ''
Path to the pretty template file.
(Non-canonical paths are relative to HedgeDoc's base directory)
'';
@@ -339,7 +344,7 @@ in
type = types.nullOr types.str;
default = null;
defaultText = literalExpression "./public/views/slide.hbs";
- description = ''
+ description = lib.mdDoc ''
Path to the slide template file.
(Non-canonical paths are relative to HedgeDoc's base directory)
'';
@@ -348,21 +353,21 @@ in
type = types.str;
default = "${cfg.workDir}/uploads";
defaultText = literalExpression "/var/lib/${name}/uploads";
- description = ''
+ description = lib.mdDoc ''
Path under which uploaded files are saved.
'';
};
sessionName = mkOption {
type = types.str;
default = "connect.sid";
- description = ''
+ description = lib.mdDoc ''
Specify the name of the session cookie.
'';
};
sessionSecret = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the secret used to sign the session cookie.
If unset, one will be generated on startup.
'';
@@ -370,56 +375,56 @@ in
sessionLife = mkOption {
type = types.int;
default = 1209600000;
- description = ''
+ description = lib.mdDoc ''
Session life time in milliseconds.
'';
};
heartbeatInterval = mkOption {
type = types.int;
default = 5000;
- description = ''
+ description = lib.mdDoc ''
Specify the socket.io heartbeat interval.
'';
};
heartbeatTimeout = mkOption {
type = types.int;
default = 10000;
- description = ''
+ description = lib.mdDoc ''
Specify the socket.io heartbeat timeout.
'';
};
documentMaxLength = mkOption {
type = types.int;
default = 100000;
- description = ''
+ description = lib.mdDoc ''
Specify the maximum document length.
'';
};
email = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable email sign-in.
'';
};
allowEmailRegister = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable email registration.
'';
};
allowGravatar = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to use gravatar as profile picture source.
'';
};
imageUploadType = mkOption {
type = types.enum [ "imgur" "s3" "minio" "filesystem" ];
default = "filesystem";
- description = ''
+ description = lib.mdDoc ''
Specify where to upload images.
'';
};
@@ -428,85 +433,85 @@ in
options = {
accessKey = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Minio access key.
'';
};
secretKey = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Minio secret key.
'';
};
endPoint = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Minio endpoint.
'';
};
port = mkOption {
type = types.int;
default = 9000;
- description = ''
+ description = lib.mdDoc ''
Minio listen port.
'';
};
secure = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to use HTTPS for Minio.
'';
};
};
});
default = null;
- description = "Configure the minio third-party integration.";
+ description = lib.mdDoc "Configure the minio third-party integration.";
};
s3 = mkOption {
type = types.nullOr (types.submodule {
options = {
accessKeyId = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
AWS access key id.
'';
};
secretAccessKey = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
AWS access key.
'';
};
region = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
AWS S3 region.
'';
};
};
});
default = null;
- description = "Configure the s3 third-party integration.";
+ description = lib.mdDoc "Configure the s3 third-party integration.";
};
s3bucket = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
- Specify the bucket name for upload types s3 and minio.
+ description = lib.mdDoc ''
+ Specify the bucket name for upload types `s3` and `minio`.
'';
};
allowPDFExport = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable PDF exports.
'';
};
imgur.clientId = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Imgur API client ID.
'';
};
@@ -515,13 +520,13 @@ in
options = {
connectionString = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Azure Blob Storage connection string.
'';
};
container = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Azure Blob Storage container name.
It will be created if non-existent.
'';
@@ -529,162 +534,162 @@ in
};
});
default = null;
- description = "Configure the azure third-party integration.";
+ description = lib.mdDoc "Configure the azure third-party integration.";
};
oauth2 = mkOption {
type = types.nullOr (types.submodule {
options = {
authorizationURL = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specify the OAuth authorization URL.
'';
};
tokenURL = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specify the OAuth token URL.
'';
};
baseURL = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the OAuth base URL.
'';
};
userProfileURL = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the OAuth userprofile URL.
'';
};
userProfileUsernameAttr = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the name of the attribute for the username from the claim.
'';
};
userProfileDisplayNameAttr = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the name of the attribute for the display name from the claim.
'';
};
userProfileEmailAttr = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the name of the attribute for the email from the claim.
'';
};
scope = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the OAuth scope.
'';
};
providerName = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the name to be displayed for this strategy.
'';
};
rolesClaim = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the role claim name.
'';
};
accessRole = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify role which should be included in the ID token roles claim to grant access
'';
};
clientID = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specify the OAuth client ID.
'';
};
clientSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specify the OAuth client secret.
'';
};
};
});
default = null;
- description = "Configure the OAuth integration.";
+ description = lib.mdDoc "Configure the OAuth integration.";
};
facebook = mkOption {
type = types.nullOr (types.submodule {
options = {
clientID = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Facebook API client ID.
'';
};
clientSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Facebook API client secret.
'';
};
};
});
default = null;
- description = "Configure the facebook third-party integration";
+ description = lib.mdDoc "Configure the facebook third-party integration";
};
twitter = mkOption {
type = types.nullOr (types.submodule {
options = {
consumerKey = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Twitter API consumer key.
'';
};
consumerSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Twitter API consumer secret.
'';
};
};
});
default = null;
- description = "Configure the Twitter third-party integration.";
+ description = lib.mdDoc "Configure the Twitter third-party integration.";
};
github = mkOption {
type = types.nullOr (types.submodule {
options = {
clientID = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
GitHub API client ID.
'';
};
clientSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Github API client secret.
'';
};
};
});
default = null;
- description = "Configure the GitHub third-party integration.";
+ description = lib.mdDoc "Configure the GitHub third-party integration.";
};
gitlab = mkOption {
type = types.nullOr (types.submodule {
@@ -692,27 +697,27 @@ in
baseURL = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
GitLab API authentication endpoint.
Only needed for other endpoints than gitlab.com.
'';
};
clientID = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
GitLab API client ID.
'';
};
clientSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
GitLab API client secret.
'';
};
scope = mkOption {
type = types.enum [ "api" "read_user" ];
default = "api";
- description = ''
+ description = lib.mdDoc ''
GitLab API requested scope.
GitLab snippet import/export requires api scope.
'';
@@ -720,79 +725,79 @@ in
};
});
default = null;
- description = "Configure the GitLab third-party integration.";
+ description = lib.mdDoc "Configure the GitLab third-party integration.";
};
mattermost = mkOption {
type = types.nullOr (types.submodule {
options = {
baseURL = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Mattermost authentication endpoint.
'';
};
clientID = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Mattermost API client ID.
'';
};
clientSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Mattermost API client secret.
'';
};
};
});
default = null;
- description = "Configure the Mattermost third-party integration.";
+ description = lib.mdDoc "Configure the Mattermost third-party integration.";
};
dropbox = mkOption {
type = types.nullOr (types.submodule {
options = {
clientID = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Dropbox API client ID.
'';
};
clientSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Dropbox API client secret.
'';
};
appKey = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Dropbox app key.
'';
};
};
});
default = null;
- description = "Configure the Dropbox third-party integration.";
+ description = lib.mdDoc "Configure the Dropbox third-party integration.";
};
google = mkOption {
type = types.nullOr (types.submodule {
options = {
clientID = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Google API client ID.
'';
};
clientSecret = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Google API client secret.
'';
};
};
});
default = null;
- description = "Configure the Google third-party integration.";
+ description = lib.mdDoc "Configure the Google third-party integration.";
};
ldap = mkOption {
type = types.nullOr (types.submodule {
@@ -800,76 +805,78 @@ in
providerName = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Optional name to be displayed at login form, indicating the LDAP provider.
'';
};
url = mkOption {
type = types.str;
example = "ldap://localhost";
- description = ''
+ description = lib.mdDoc ''
URL of LDAP server.
'';
};
bindDn = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Bind DN for LDAP access.
'';
};
bindCredentials = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Bind credentials for LDAP access.
'';
};
searchBase = mkOption {
type = types.str;
example = "o=users,dc=example,dc=com";
- description = ''
+ description = lib.mdDoc ''
LDAP directory to begin search from.
'';
};
searchFilter = mkOption {
type = types.str;
example = "(uid={{username}})";
- description = ''
+ description = lib.mdDoc ''
LDAP filter to search with.
'';
};
searchAttributes = mkOption {
- type = types.listOf types.str;
+ type = types.nullOr (types.listOf types.str);
+ default = null;
example = [ "displayName" "mail" ];
- description = ''
+ description = lib.mdDoc ''
LDAP attributes to search with.
'';
};
userNameField = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
LDAP field which is used as the username on HedgeDoc.
- By default is used.
+ By default {option}`useridField` is used.
'';
};
useridField = mkOption {
type = types.str;
example = "uid";
- description = ''
+ description = lib.mdDoc ''
LDAP field which is a unique identifier for users on HedgeDoc.
'';
};
tlsca = mkOption {
type = types.str;
+ default = "/etc/ssl/certs/ca-certificates.crt";
example = "server-cert.pem,root.pem";
- description = ''
+ description = lib.mdDoc ''
Root CA for LDAP TLS in PEM format.
'';
};
};
});
default = null;
- description = "Configure the LDAP integration.";
+ description = lib.mdDoc "Configure the LDAP integration.";
};
saml = mkOption {
type = types.nullOr (types.submodule {
@@ -877,21 +884,21 @@ in
idpSsoUrl = mkOption {
type = types.str;
example = "https://idp.example.com/sso";
- description = ''
+ description = lib.mdDoc ''
IdP authentication endpoint.
'';
};
idpCert = mkOption {
type = types.path;
example = "/path/to/cert.pem";
- description = ''
+ description = lib.mdDoc ''
Path to IdP certificate file in PEM format.
'';
};
issuer = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Optional identity of the service provider.
This defaults to the server URL.
'';
@@ -899,7 +906,7 @@ in
identifierFormat = mkOption {
type = types.str;
default = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress";
- description = ''
+ description = lib.mdDoc ''
Optional name identifier format.
'';
};
@@ -907,7 +914,7 @@ in
type = types.str;
default = "";
example = "memberOf";
- description = ''
+ description = lib.mdDoc ''
Optional attribute name for group list.
'';
};
@@ -915,7 +922,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "Temporary-staff" "External-users" ];
- description = ''
+ description = lib.mdDoc ''
Excluded group names.
'';
};
@@ -923,7 +930,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "Hedgedoc-Users" ];
- description = ''
+ description = lib.mdDoc ''
Required group names.
'';
};
@@ -958,8 +965,18 @@ in
};
});
default = null;
- description = "Configure the SAML integration.";
+ description = lib.mdDoc "Configure the SAML integration.";
+ };
+ }; in lib.mkOption {
+ type = lib.types.submodule {
+ freeformType = settingsFormat.type;
+ inherit options;
};
+ description = lib.mdDoc ''
+ HedgeDoc configuration, see
+
+ for documentation.
+ '';
};
environmentFile = mkOption {
@@ -996,16 +1013,17 @@ in
type = types.package;
default = pkgs.hedgedoc;
defaultText = literalExpression "pkgs.hedgedoc";
- description = ''
+ description = lib.mdDoc ''
Package that provides HedgeDoc.
'';
};
+
};
config = mkIf cfg.enable {
assertions = [
- { assertion = cfg.configuration.db == {} -> (
- cfg.configuration.dbURL != "" && cfg.configuration.dbURL != null
+ { assertion = cfg.settings.db == {} -> (
+ cfg.settings.dbURL != "" && cfg.settings.dbURL != null
);
message = "Database configuration for HedgeDoc missing."; }
];
@@ -1026,12 +1044,12 @@ in
preStart = ''
${pkgs.envsubst}/bin/envsubst \
-o ${cfg.workDir}/config.json \
- -i ${prettyJSON cfg.configuration}
- mkdir -p ${cfg.configuration.uploadsPath}
+ -i ${prettyJSON cfg.settings}
+ mkdir -p ${cfg.settings.uploadsPath}
'';
serviceConfig = {
WorkingDirectory = cfg.workDir;
- StateDirectory = [ cfg.workDir cfg.configuration.uploadsPath ];
+ StateDirectory = [ cfg.workDir cfg.settings.uploadsPath ];
ExecStart = "${cfg.package}/bin/hedgedoc";
EnvironmentFile = mkIf (cfg.environmentFile != null) [ cfg.environmentFile ];
Environment = [
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/hledger-web.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/hledger-web.nix
index 4f6a34e6d2f..4f02a637cdd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/hledger-web.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/hledger-web.nix
@@ -12,7 +12,7 @@ in {
host = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
Address to listen on.
'';
};
@@ -21,7 +21,7 @@ in {
type = types.port;
default = 5000;
example = 80;
- description = ''
+ description = lib.mdDoc ''
Port to listen on.
'';
};
@@ -30,21 +30,21 @@ in {
view = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Enable the view capability.
'';
};
add = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the add capability.
'';
};
manage = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable the manage capability.
'';
};
@@ -53,7 +53,7 @@ in {
stateDir = mkOption {
type = types.path;
default = "/var/lib/hledger-web";
- description = ''
+ description = lib.mdDoc ''
Path the service has access to. If left as the default value this
directory will automatically be created before the hledger-web server
starts, otherwise the sysadmin is responsible for ensuring the
@@ -64,8 +64,8 @@ in {
journalFiles = mkOption {
type = types.listOf types.str;
default = [ ".hledger.journal" ];
- description = ''
- Paths to journal files relative to .
+ description = lib.mdDoc ''
+ Paths to journal files relative to {option}`services.hledger-web.stateDir`.
'';
};
@@ -73,7 +73,7 @@ in {
type = with types; nullOr str;
default = null;
example = "https://example.org";
- description = ''
+ description = lib.mdDoc ''
Base URL, when sharing over a network.
'';
};
@@ -82,7 +82,7 @@ in {
type = types.listOf types.str;
default = [];
example = [ "--forecast" ];
- description = ''
+ description = lib.mdDoc ''
Extra command line arguments to pass to hledger-web.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
index b9761061aaa..b96baaec767 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix
@@ -17,7 +17,7 @@ in {
pool = mkOption {
type = str;
default = poolName;
- description = ''
+ description = lib.mdDoc ''
Name of existing PHP-FPM pool that is used to run Icingaweb2.
If not specified, a pool will automatically created with default values.
'';
@@ -26,7 +26,7 @@ in {
libraryPaths = mkOption {
type = attrsOf package;
default = { };
- description = ''
+ description = lib.mdDoc ''
Libraries to add to the Icingaweb2 library path.
The name of the attribute is the name of the library, the value
is the package to add.
@@ -36,7 +36,7 @@ in {
virtualHost = mkOption {
type = nullOr str;
default = "icingaweb2";
- description = ''
+ description = lib.mdDoc ''
Name of the nginx virtualhost to use and setup. If null, no virtualhost is set up.
'';
};
@@ -45,7 +45,7 @@ in {
type = str;
default = "UTC";
example = "Europe/Berlin";
- description = "PHP-compliant timezone specification";
+ description = lib.mdDoc "PHP-compliant timezone specification";
};
modules = {
@@ -64,7 +64,7 @@ in {
"snow" = icingaweb2Modules.theme-snow;
}
'';
- description = ''
+ description = lib.mdDoc ''
Name-package attrset of Icingaweb 2 modules packages to enable.
If you enable modules manually (e.g. via the web ui), they will not be touched.
@@ -84,7 +84,7 @@ in {
level = "CRITICAL";
};
};
- description = ''
+ description = lib.mdDoc ''
config.ini contents.
Will automatically be converted to a .ini file.
If you don't set global.module_path, the module will take care of it.
@@ -108,7 +108,7 @@ in {
dbname = "icingaweb2";
};
};
- description = ''
+ description = lib.mdDoc ''
resources.ini contents.
Will automatically be converted to a .ini file.
@@ -127,7 +127,7 @@ in {
resource = "icingaweb_db";
};
};
- description = ''
+ description = lib.mdDoc ''
authentication.ini contents.
Will automatically be converted to a .ini file.
@@ -145,7 +145,7 @@ in {
resource = "icingaweb_db";
};
};
- description = ''
+ description = lib.mdDoc ''
groups.ini contents.
Will automatically be converted to a .ini file.
@@ -163,7 +163,7 @@ in {
permissions = "*";
};
};
- description = ''
+ description = lib.mdDoc ''
roles.ini contents.
Will automatically be converted to a .ini file.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/icingaweb2/module-monitoring.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/icingaweb2/module-monitoring.nix
index e9c1d4ffe5e..0579c602216 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/icingaweb2/module-monitoring.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/icingaweb2/module-monitoring.nix
@@ -34,32 +34,32 @@ in {
enable = mkOption {
type = bool;
default = true;
- description = "Whether to enable the icingaweb2 monitoring module.";
+ description = lib.mdDoc "Whether to enable the icingaweb2 monitoring module.";
};
generalConfig = {
mutable = mkOption {
type = bool;
default = false;
- description = "Make config.ini of the monitoring module mutable (e.g. via the web interface).";
+ description = lib.mdDoc "Make config.ini of the monitoring module mutable (e.g. via the web interface).";
};
protectedVars = mkOption {
type = listOf str;
default = [ "*pw*" "*pass*" "community" ];
- description = "List of string patterns for custom variables which should be excluded from user’s view.";
+ description = lib.mdDoc "List of string patterns for custom variables which should be excluded from user’s view.";
};
};
mutableBackends = mkOption {
type = bool;
default = false;
- description = "Make backends.ini of the monitoring module mutable (e.g. via the web interface).";
+ description = lib.mdDoc "Make backends.ini of the monitoring module mutable (e.g. via the web interface).";
};
backends = mkOption {
default = { icinga = { resource = "icinga_ido"; }; };
- description = "Monitoring backends to define";
+ description = lib.mdDoc "Monitoring backends to define";
type = attrsOf (submodule ({ name, ... }: {
options = {
name = mkOption {
@@ -71,13 +71,13 @@ in {
resource = mkOption {
type = str;
- description = "Name of the IDO resource";
+ description = lib.mdDoc "Name of the IDO resource";
};
disabled = mkOption {
type = bool;
default = false;
- description = "Disable this backend";
+ description = lib.mdDoc "Disable this backend";
};
};
}));
@@ -86,12 +86,12 @@ in {
mutableTransports = mkOption {
type = bool;
default = true;
- description = "Make commandtransports.ini of the monitoring module mutable (e.g. via the web interface).";
+ description = lib.mdDoc "Make commandtransports.ini of the monitoring module mutable (e.g. via the web interface).";
};
transports = mkOption {
default = {};
- description = "Command transports to define";
+ description = lib.mdDoc "Command transports to define";
type = attrsOf (submodule ({ name, ... }: {
options = {
name = mkOption {
@@ -104,44 +104,44 @@ in {
type = mkOption {
type = enum [ "api" "local" "remote" ];
default = "api";
- description = "Type of this transport";
+ description = lib.mdDoc "Type of this transport";
};
instance = mkOption {
type = nullOr str;
default = null;
- description = "Assign a icinga instance to this transport";
+ description = lib.mdDoc "Assign a icinga instance to this transport";
};
path = mkOption {
type = str;
- description = "Path to the socket for local or remote transports";
+ description = lib.mdDoc "Path to the socket for local or remote transports";
};
host = mkOption {
type = str;
- description = "Host for the api or remote transport";
+ description = lib.mdDoc "Host for the api or remote transport";
};
port = mkOption {
type = nullOr str;
default = null;
- description = "Port to connect to for the api or remote transport";
+ description = lib.mdDoc "Port to connect to for the api or remote transport";
};
username = mkOption {
type = str;
- description = "Username for the api or remote transport";
+ description = lib.mdDoc "Username for the api or remote transport";
};
password = mkOption {
type = str;
- description = "Password for the api transport";
+ description = lib.mdDoc "Password for the api transport";
};
resource = mkOption {
type = str;
- description = "SSH identity resource for the remote transport";
+ description = lib.mdDoc "SSH identity resource for the remote transport";
};
};
}));
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/ihatemoney/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/ihatemoney/default.nix
index ad314c885ba..c771f0afa23 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/ihatemoney/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/ihatemoney/default.nix
@@ -51,42 +51,42 @@ in
backend = mkOption {
type = types.enum [ "sqlite" "postgresql" ];
default = "sqlite";
- description = ''
+ description = lib.mdDoc ''
The database engine to use for ihatemoney.
- If postgresql is selected, then a database called
- ${db} will be created. If you disable this option,
+ If `postgresql` is selected, then a database called
+ `${db}` will be created. If you disable this option,
it will however not be removed.
'';
};
adminHashedPassword = mkOption {
type = types.nullOr types.str;
default = null;
- description = "The hashed password of the administrator. To obtain it, run ihatemoney generate_password_hash";
+ description = lib.mdDoc "The hashed password of the administrator. To obtain it, run `ihatemoney generate_password_hash`";
};
uwsgiConfig = mkOption {
type = types.attrs;
example = {
http = ":8000";
};
- description = "Additionnal configuration of the UWSGI vassal running ihatemoney. It should notably specify on which interfaces and ports the vassal should listen.";
+ description = lib.mdDoc "Additionnal configuration of the UWSGI vassal running ihatemoney. It should notably specify on which interfaces and ports the vassal should listen.";
};
defaultSender = {
name = mkOption {
type = types.str;
default = "Budget manager";
- description = "The display name of the sender of ihatemoney emails";
+ description = lib.mdDoc "The display name of the sender of ihatemoney emails";
};
email = mkOption {
type = types.str;
default = "ihatemoney@${config.networking.hostName}";
defaultText = literalExpression ''"ihatemoney@''${config.networking.hostName}"'';
- description = "The email of the sender of ihatemoney emails";
+ description = lib.mdDoc "The email of the sender of ihatemoney emails";
};
};
secureCookie = mkOption {
type = types.bool;
default = true;
- description = "Use secure cookies. Disable this when ihatemoney is served via http instead of https";
+ description = lib.mdDoc "Use secure cookies. Disable this when ihatemoney is served via http instead of https";
};
enableDemoProject = mkEnableOption "access to the demo project in ihatemoney";
enablePublicProjectCreation = mkEnableOption "permission to create projects in ihatemoney by anyone";
@@ -95,12 +95,12 @@ in
legalLink = mkOption {
type = types.nullOr types.str;
default = null;
- description = "The URL to a page explaining legal statements about your service, eg. GDPR-related information.";
+ description = lib.mdDoc "The URL to a page explaining legal statements about your service, eg. GDPR-related information.";
};
extraConfig = mkOption {
type = types.str;
default = "";
- description = "Extra configuration appended to ihatemoney's configuration file. It is a python file, so pay attention to indentation.";
+ description = lib.mdDoc "Extra configuration appended to ihatemoney's configuration file. It is a python file, so pay attention to indentation.";
};
};
config = mkIf cfg.enable {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/invidious.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/invidious.nix
index 10b30bf1fd1..0b9d9b03c6a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/invidious.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/invidious.nix
@@ -152,27 +152,27 @@ in
type = types.package;
default = pkgs.invidious;
defaultText = "pkgs.invidious";
- description = "The Invidious package to use.";
+ description = lib.mdDoc "The Invidious package to use.";
};
settings = lib.mkOption {
type = settingsFormat.type;
default = { };
- description = ''
+ description = lib.mdDoc ''
The settings Invidious should use.
- See config.example.yml for a list of all possible options.
+ See [config.example.yml](https://github.com/iv-org/invidious/blob/master/config/config.example.yml) for a list of all possible options.
'';
};
extraSettingsFile = lib.mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
A file including Invidious settings.
- It gets merged with the setttings specified in
- and can be used to store secrets like hmac_key outside of the nix store.
+ It gets merged with the setttings specified in {option}`services.invidious.settings`
+ and can be used to store secrets like `hmac_key` outside of the nix store.
'';
};
@@ -182,7 +182,7 @@ in
domain = lib.mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The FQDN Invidious is reachable on.
This is used to configure nginx and for building absolute URLs.
@@ -193,12 +193,12 @@ in
type = types.port;
# Default from https://docs.invidious.io/Configuration.md
default = 3000;
- description = ''
+ description = lib.mdDoc ''
The port Invidious should listen on.
To allow access from outside,
- you can use either
- or add config.services.invidious.port to .
+ you can use either {option}`services.invidious.nginx`
+ or add `config.services.invidious.port` to {option}`networking.firewall.allowedTCPPorts`.
'';
};
@@ -206,7 +206,7 @@ in
createLocally = lib.mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to create a local database with PostgreSQL.
'';
};
@@ -214,10 +214,10 @@ in
host = lib.mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The database host Invidious should use.
- If null, the local unix socket is used. Otherwise
+ If `null`, the local unix socket is used. Otherwise
TCP is used.
'';
};
@@ -226,7 +226,7 @@ in
type = types.port;
default = options.services.postgresql.port.default;
defaultText = lib.literalExpression "options.services.postgresql.port.default";
- description = ''
+ description = lib.mdDoc ''
The port of the database Invidious should use.
Defaults to the the default postgresql port.
@@ -237,7 +237,7 @@ in
type = types.nullOr types.str;
apply = lib.mapNullable toString;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to file containing the database password.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/invoiceplane.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/invoiceplane.nix
index 527e248f65b..2a936027bd4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/invoiceplane.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/invoiceplane.nix
@@ -72,7 +72,7 @@ let
stateDir = mkOption {
type = types.path;
default = "/var/lib/invoiceplane/${name}";
- description = ''
+ description = lib.mdDoc ''
This directory is used for uploads of attachements and cache.
The directory passed here is automatically created and permissions
adjusted as required.
@@ -83,41 +83,41 @@ let
host = mkOption {
type = types.str;
default = "localhost";
- description = "Database host address.";
+ description = lib.mdDoc "Database host address.";
};
port = mkOption {
type = types.port;
default = 3306;
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = mkOption {
type = types.str;
default = "invoiceplane";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = mkOption {
type = types.str;
default = "invoiceplane";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/invoiceplane-dbpassword";
- description = ''
+ description = lib.mdDoc ''
A file containing the password corresponding to
- .
+ {option}`database.user`.
'';
};
createLocally = mkOption {
type = types.bool;
default = true;
- description = "Create the database and database user locally.";
+ description = lib.mdDoc "Create the database and database user locally.";
};
};
@@ -160,8 +160,8 @@ let
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
- description = ''
- Options for the InvoicePlane PHP pool. See the documentation on php-fpm.conf
+ description = lib.mdDoc ''
+ Options for the InvoicePlane PHP pool. See the documentation on `php-fpm.conf`
for details on configuration directives.
'';
};
@@ -174,9 +174,9 @@ let
DISABLE_SETUP=true
IP_URL=https://invoice.example.com
'';
- description = ''
+ description = lib.mdDoc ''
InvoicePlane configuration. Refer to
-
+
for details on supported values.
'';
};
@@ -194,20 +194,20 @@ in
options.sites = mkOption {
type = types.attrsOf (types.submodule siteOpts);
default = {};
- description = "Specification of one or more WordPress sites to serve";
+ description = lib.mdDoc "Specification of one or more WordPress sites to serve";
};
options.webserver = mkOption {
type = types.enum [ "caddy" ];
default = "caddy";
- description = ''
+ description = lib.mdDoc ''
Which webserver to use for virtual host management. Currently only
caddy is supported.
'';
};
};
default = {};
- description = "InvoicePlane configuration.";
+ description = lib.mdDoc "InvoicePlane configuration.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/jitsi-meet.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/jitsi-meet.nix
index be0b5b94fb2..b38a510bb87 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/jitsi-meet.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/jitsi-meet.nix
@@ -51,7 +51,7 @@ in
hostName = mkOption {
type = str;
example = "meet.example.org";
- description = ''
+ description = lib.mdDoc ''
FQDN of the Jitsi Meet instance.
'';
};
@@ -65,10 +65,10 @@ in
defaultLang = "fi";
}
'';
- description = ''
- Client-side web application settings that override the defaults in config.js.
+ description = lib.mdDoc ''
+ Client-side web application settings that override the defaults in {file}`config.js`.
- See for default
+ See for default
configuration with comments.
'';
};
@@ -76,8 +76,8 @@ in
extraConfig = mkOption {
type = lines;
default = "";
- description = ''
- Text to append to config.js web application config file.
+ description = lib.mdDoc ''
+ Text to append to {file}`config.js` web application config file.
Can be used to insert JavaScript logic to determine user's region in cascading bridges setup.
'';
@@ -92,10 +92,10 @@ in
SHOW_WATERMARK_FOR_GUESTS = false;
}
'';
- description = ''
- Client-side web-app interface settings that override the defaults in interface_config.js.
+ description = lib.mdDoc ''
+ Client-side web-app interface settings that override the defaults in {file}`interface_config.js`.
- See for
+ See for
default configuration with comments.
'';
};
@@ -104,10 +104,10 @@ in
enable = mkOption {
type = bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable Jitsi Videobridge instance and configure it to connect to Prosody.
- Additional configuration is possible with .
+ Additional configuration is possible with {option}`services.jitsi-videobridge`.
'';
};
@@ -115,10 +115,10 @@ in
type = nullOr str;
default = null;
example = "/run/keys/videobridge";
- description = ''
+ description = lib.mdDoc ''
File containing password to the Prosody account for videobridge.
- If null, a file with password will be generated automatically. Setting
+ If `null`, a file with password will be generated automatically. Setting
this option is useful if you plan to connect additional videobridges to the XMPP server.
'';
};
@@ -127,35 +127,35 @@ in
jicofo.enable = mkOption {
type = bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable JiCoFo instance and configure it to connect to Prosody.
- Additional configuration is possible with .
+ Additional configuration is possible with {option}`services.jicofo`.
'';
};
jibri.enable = mkOption {
type = bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable a Jibri instance and configure it to connect to Prosody.
- Additional configuration is possible with , and
- is especially useful.
+ Additional configuration is possible with {option}`services.jibri`, and
+ {option}`services.jibri.finalizeScript` is especially useful.
'';
};
nginx.enable = mkOption {
type = bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable nginx virtual host that will serve the javascript application and act as
a proxy for the XMPP server. Further nginx configuration can be done by adapting
- .
+ {option}`services.nginx.virtualHosts.`.
When this is enabled, ACME will be used to retrieve a TLS certificate by default. To disable
- this, set the to
- false and if appropriate do the same for
- .
+ this, set the {option}`services.nginx.virtualHosts..enableACME` to
+ `false` and if appropriate do the same for
+ {option}`services.nginx.virtualHosts..forceSSL`.
'';
};
@@ -164,7 +164,7 @@ in
prosody.enable = mkOption {
type = bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to configure Prosody to relay XMPP messages between Jitsi Meet components. Turn this
off if you want to configure it manually.
'';
@@ -253,9 +253,20 @@ in
'';
};
};
- systemd.services.prosody.serviceConfig = mkIf cfg.prosody.enable {
- EnvironmentFile = [ "/var/lib/jitsi-meet/secrets-env" ];
- SupplementaryGroups = [ "jitsi-meet" ];
+ systemd.services.prosody = mkIf cfg.prosody.enable {
+ preStart = let
+ videobridgeSecret = if cfg.videobridge.passwordFile != null then cfg.videobridge.passwordFile else "/var/lib/jitsi-meet/videobridge-secret";
+ in ''
+ ${config.services.prosody.package}/bin/prosodyctl register focus auth.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jicofo-user-secret)"
+ ${config.services.prosody.package}/bin/prosodyctl register jvb auth.${cfg.hostName} "$(cat ${videobridgeSecret})"
+ ${config.services.prosody.package}/bin/prosodyctl mod_roster_command subscribe focus.${cfg.hostName} focus@auth.${cfg.hostName}
+ ${config.services.prosody.package}/bin/prosodyctl register jibri auth.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jibri-auth-secret)"
+ ${config.services.prosody.package}/bin/prosodyctl register recorder recorder.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jibri-recorder-secret)"
+ '';
+ serviceConfig = {
+ EnvironmentFile = [ "/var/lib/jitsi-meet/secrets-env" ];
+ SupplementaryGroups = [ "jitsi-meet" ];
+ };
};
users.groups.jitsi-meet = {};
@@ -266,14 +277,12 @@ in
systemd.services.jitsi-meet-init-secrets = {
wantedBy = [ "multi-user.target" ];
before = [ "jicofo.service" "jitsi-videobridge2.service" ] ++ (optional cfg.prosody.enable "prosody.service");
- path = [ config.services.prosody.package ];
serviceConfig = {
Type = "oneshot";
};
script = let
secrets = [ "jicofo-component-secret" "jicofo-user-secret" "jibri-auth-secret" "jibri-recorder-secret" ] ++ (optional (cfg.videobridge.passwordFile == null) "videobridge-secret");
- videobridgeSecret = if cfg.videobridge.passwordFile != null then cfg.videobridge.passwordFile else "/var/lib/jitsi-meet/videobridge-secret";
in
''
cd /var/lib/jitsi-meet
@@ -291,12 +300,6 @@ in
chmod 640 secrets-env
''
+ optionalString cfg.prosody.enable ''
- prosodyctl register focus auth.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jicofo-user-secret)"
- prosodyctl register jvb auth.${cfg.hostName} "$(cat ${videobridgeSecret})"
- prosodyctl mod_roster_command subscribe focus.${cfg.hostName} focus@auth.${cfg.hostName}
- prosodyctl register jibri auth.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jibri-auth-secret)"
- prosodyctl register recorder recorder.${cfg.hostName} "$(cat /var/lib/jitsi-meet/jibri-recorder-secret)"
-
# generate self-signed certificates
if [ ! -f /var/lib/jitsi-meet.crt ]; then
${getBin pkgs.openssl}/bin/openssl req \
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/keycloak.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/keycloak.nix
index a1855e1c1a7..de76babbaed 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/keycloak.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/keycloak.nix
@@ -98,7 +98,7 @@ in
type = bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Keycloak identity and access management
server.
'';
@@ -109,7 +109,7 @@ in
default = null;
example = "/run/keys/ssl_cert";
apply = assertStringPath "sslCertificate";
- description = ''
+ description = lib.mdDoc ''
The path to a PEM formatted certificate to use for TLS/SSL
connections.
'';
@@ -120,7 +120,7 @@ in
default = null;
example = "/run/keys/ssl_key";
apply = assertStringPath "sslCertificateKey";
- description = ''
+ description = lib.mdDoc ''
The path to a PEM formatted private key to use for TLS/SSL
connections.
'';
@@ -129,10 +129,10 @@ in
plugins = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Keycloak plugin jar, ear files or derivations containing
them. Packaged plugins are available through
- pkgs.keycloak.plugins.
+ `pkgs.keycloak.plugins`.
'';
};
@@ -141,7 +141,7 @@ in
type = enum [ "mysql" "mariadb" "postgresql" ];
default = "postgresql";
example = "mariadb";
- description = ''
+ description = lib.mdDoc ''
The type of database Keycloak should connect to.
'';
};
@@ -149,7 +149,7 @@ in
host = mkOption {
type = str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Hostname of the database to connect to.
'';
};
@@ -166,7 +166,7 @@ in
type = port;
default = dbPorts.${cfg.database.type};
defaultText = literalDocBook "default port of selected database";
- description = ''
+ description = lib.mdDoc ''
Port of the database to connect to.
'';
};
@@ -175,7 +175,7 @@ in
type = bool;
default = cfg.database.host != "localhost";
defaultText = literalExpression ''config.${opt.database.host} != "localhost"'';
- description = ''
+ description = lib.mdDoc ''
Whether the database connection should be secured by SSL /
TLS.
'';
@@ -184,13 +184,13 @@ in
caCert = mkOption {
type = nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The SSL / TLS CA certificate that verifies the identity of the
database server.
Required when PostgreSQL is used and SSL is turned on.
- For MySQL, if left at null, the default
+ For MySQL, if left at `null`, the default
Java keystore is used, which should suffice if the server
certificate is issued by an official CA.
'';
@@ -199,7 +199,7 @@ in
createLocally = mkOption {
type = bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether a database should be automatically created on the
local host. Set this to false if you plan on provisioning a
local database yourself. This has no effect if
@@ -241,7 +241,7 @@ in
type = path;
example = "/run/keys/db_password";
apply = assertStringPath "passwordFile";
- description = ''
+ description = lib.mdDoc ''
The path to a file containing the database password.
'';
};
@@ -251,7 +251,7 @@ in
type = package;
default = pkgs.keycloak;
defaultText = literalExpression "pkgs.keycloak";
- description = ''
+ description = lib.mdDoc ''
Keycloak package to use.
'';
};
@@ -259,8 +259,8 @@ in
initialAdminPassword = mkOption {
type = str;
default = "changeme";
- description = ''
- Initial password set for the admin
+ description = lib.mdDoc ''
+ Initial password set for the `admin`
user. The password is not stored safely and should be changed
immediately in the admin panel.
'';
@@ -269,13 +269,13 @@ in
themes = mkOption {
type = attrsOf package;
default = { };
- description = ''
+ description = lib.mdDoc ''
Additional theme packages for Keycloak. Each theme is linked into
subdirectory with a corresponding attribute name.
Theme packages consist of several subdirectories which provide
- different theme types: for example, account,
- login etc. After adding a theme to this option you
+ different theme types: for example, `account`,
+ `login` etc. After adding a theme to this option you
can select it by its name in Keycloak administration console.
'';
};
@@ -289,7 +289,7 @@ in
type = str;
default = "0.0.0.0";
example = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
On which address Keycloak should accept new connections.
'';
};
@@ -298,7 +298,7 @@ in
type = port;
default = 80;
example = 8080;
- description = ''
+ description = lib.mdDoc ''
On which port Keycloak should listen for new HTTP connections.
'';
};
@@ -307,7 +307,7 @@ in
type = port;
default = 443;
example = 8443;
- description = ''
+ description = lib.mdDoc ''
On which port Keycloak should listen for new HTTPS connections.
'';
};
@@ -341,11 +341,11 @@ in
hostname = mkOption {
type = str;
example = "keycloak.example.com";
- description = ''
+ description = lib.mdDoc ''
The hostname part of the public URL used as base for
all frontend requests.
- See
+ See
for more information about hostname configuration.
'';
};
@@ -354,14 +354,14 @@ in
type = bool;
default = false;
example = true;
- description = ''
+ description = lib.mdDoc ''
Whether Keycloak should force all requests to go
through the frontend URL. By default, Keycloak allows
backend requests to instead use its local hostname or
IP address and may also advertise it to clients
through its OpenID Connect Discovery endpoint.
- See
+ See
for more information about hostname configuration.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/lemmy.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/lemmy.nix
index 7cd2357c455..3e726149e93 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/lemmy.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/lemmy.nix
@@ -16,14 +16,14 @@ in
jwtSecretPath = mkOption {
type = types.path;
- description = "Path to read the jwt secret from.";
+ description = lib.mdDoc "Path to read the jwt secret from.";
};
ui = {
port = mkOption {
type = types.port;
default = 1234;
- description = "Port where lemmy-ui should listen for incoming requests.";
+ description = lib.mdDoc "Port where lemmy-ui should listen for incoming requests.";
};
};
@@ -31,7 +31,7 @@ in
settings = mkOption {
default = { };
- description = "Lemmy configuration";
+ description = lib.mdDoc "Lemmy configuration";
type = types.submodule {
freeformType = settingsFormat.type;
@@ -39,13 +39,13 @@ in
options.hostname = mkOption {
type = types.str;
default = null;
- description = "The domain name of your instance (eg 'lemmy.ml').";
+ description = lib.mdDoc "The domain name of your instance (eg 'lemmy.ml').";
};
options.port = mkOption {
type = types.port;
default = 8536;
- description = "Port where lemmy should listen for incoming requests.";
+ description = lib.mdDoc "Port where lemmy should listen for incoming requests.";
};
options.federation = {
@@ -56,12 +56,12 @@ in
enabled = mkOption {
type = types.bool;
default = true;
- description = "Enable Captcha.";
+ description = lib.mdDoc "Enable Captcha.";
};
difficulty = mkOption {
type = types.enum [ "easy" "medium" "hard" ];
default = "medium";
- description = "The difficultly of the captcha to solve.";
+ description = lib.mdDoc "The difficultly of the captcha to solve.";
};
};
@@ -164,7 +164,7 @@ in
wantedBy = [ "multi-user.target" ];
- after = [ "pict-rs.service " ] ++ lib.optionals cfg.settings.database.createLocally [ "lemmy-postgresql.service" ];
+ after = [ "pict-rs.service" ] ++ lib.optionals cfg.settings.database.createLocally [ "lemmy-postgresql.service" ];
requires = lib.optionals cfg.settings.database.createLocally [ "lemmy-postgresql.service" ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/mastodon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/mastodon.nix
index 03adaadff93..f3f0fb7cb53 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/mastodon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/mastodon.nix
@@ -148,7 +148,7 @@ in {
};
group = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Group under which mastodon runs.
'';
type = lib.types.str;
@@ -156,12 +156,12 @@ in {
};
streamingPort = lib.mkOption {
- description = "TCP port used by the mastodon-streaming service.";
+ description = lib.mdDoc "TCP port used by the mastodon-streaming service.";
type = lib.types.port;
default = 55000;
};
streamingProcesses = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Processes used by the mastodon-streaming service.
Defaults to the number of CPU cores minus one.
'';
@@ -170,28 +170,28 @@ in {
};
webPort = lib.mkOption {
- description = "TCP port used by the mastodon-web service.";
+ description = lib.mdDoc "TCP port used by the mastodon-web service.";
type = lib.types.port;
default = 55001;
};
webProcesses = lib.mkOption {
- description = "Processes used by the mastodon-web service.";
+ description = lib.mdDoc "Processes used by the mastodon-web service.";
type = lib.types.int;
default = 2;
};
webThreads = lib.mkOption {
- description = "Threads per process used by the mastodon-web service.";
+ description = lib.mdDoc "Threads per process used by the mastodon-web service.";
type = lib.types.int;
default = 5;
};
sidekiqPort = lib.mkOption {
- description = "TCP port used by the mastodon-sidekiq service.";
+ description = lib.mdDoc "TCP port used by the mastodon-sidekiq service.";
type = lib.types.port;
default = 55002;
};
sidekiqThreads = lib.mkOption {
- description = "Worker threads used by the mastodon-sidekiq service.";
+ description = lib.mdDoc "Worker threads used by the mastodon-sidekiq service.";
type = lib.types.int;
default = 25;
};
@@ -212,7 +212,7 @@ in {
};
localDomain = lib.mkOption {
- description = "The domain serving your Mastodon instance.";
+ description = lib.mdDoc "The domain serving your Mastodon instance.";
example = "social.example.org";
type = lib.types.str;
};
@@ -259,7 +259,7 @@ in {
};
trustedProxy = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
You need to set it to the IP from which your reverse proxy sends requests to Mastodon's web process,
otherwise Mastodon will record the reverse proxy's own IP as the IP of all requests, which would be
bad because IP addresses are used for important rate limits and security functions.
@@ -269,7 +269,7 @@ in {
};
enableUnixSocket = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Instead of binding to an IP address like 127.0.0.1, you may bind to a Unix socket. This variable
is process-specific, e.g. you need different values for every process, and it works for both web (Puma)
processes and streaming API (Node.js) processes.
@@ -280,19 +280,19 @@ in {
redis = {
createLocally = lib.mkOption {
- description = "Configure local Redis server for Mastodon.";
+ description = lib.mdDoc "Configure local Redis server for Mastodon.";
type = lib.types.bool;
default = true;
};
host = lib.mkOption {
- description = "Redis host.";
+ description = lib.mdDoc "Redis host.";
type = lib.types.str;
default = "127.0.0.1";
};
port = lib.mkOption {
- description = "Redis port.";
+ description = lib.mdDoc "Redis port.";
type = lib.types.port;
default = 31637;
};
@@ -300,7 +300,7 @@ in {
database = {
createLocally = lib.mkOption {
- description = "Configure local PostgreSQL database server for Mastodon.";
+ description = lib.mdDoc "Configure local PostgreSQL database server for Mastodon.";
type = lib.types.bool;
default = true;
};
@@ -309,75 +309,75 @@ in {
type = lib.types.str;
default = "/run/postgresql";
example = "192.168.23.42";
- description = "Database host address or unix socket.";
+ description = lib.mdDoc "Database host address or unix socket.";
};
port = lib.mkOption {
type = lib.types.int;
default = 5432;
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = lib.mkOption {
type = lib.types.str;
default = "mastodon";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = lib.mkOption {
type = lib.types.str;
default = "mastodon";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = "/var/lib/mastodon/secrets/db-password";
example = "/run/keys/mastodon-db-password";
- description = ''
+ description = lib.mdDoc ''
A file containing the password corresponding to
- .
+ {option}`database.user`.
'';
};
};
smtp = {
createLocally = lib.mkOption {
- description = "Configure local Postfix SMTP server for Mastodon.";
+ description = lib.mdDoc "Configure local Postfix SMTP server for Mastodon.";
type = lib.types.bool;
default = true;
};
authenticate = lib.mkOption {
- description = "Authenticate with the SMTP server using username and password.";
+ description = lib.mdDoc "Authenticate with the SMTP server using username and password.";
type = lib.types.bool;
default = false;
};
host = lib.mkOption {
- description = "SMTP host used when sending emails to users.";
+ description = lib.mdDoc "SMTP host used when sending emails to users.";
type = lib.types.str;
default = "127.0.0.1";
};
port = lib.mkOption {
- description = "SMTP port used when sending emails to users.";
+ description = lib.mdDoc "SMTP port used when sending emails to users.";
type = lib.types.port;
default = 25;
};
fromAddress = lib.mkOption {
- description = ''"From" address used when sending Emails to users.'';
+ description = lib.mdDoc ''"From" address used when sending Emails to users.'';
type = lib.types.str;
};
user = lib.mkOption {
- description = "SMTP login name.";
+ description = lib.mdDoc "SMTP login name.";
type = lib.types.str;
};
passwordFile = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Path to file containing the SMTP password.
'';
default = "/var/lib/mastodon/secrets/smtp-password";
@@ -388,7 +388,7 @@ in {
elasticsearch = {
host = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Elasticsearch host.
If it is not null, Elasticsearch full text search will be enabled.
'';
@@ -397,7 +397,7 @@ in {
};
port = lib.mkOption {
- description = "Elasticsearch port.";
+ description = lib.mdDoc "Elasticsearch port.";
type = lib.types.port;
default = 9200;
};
@@ -407,13 +407,13 @@ in {
type = lib.types.package;
default = pkgs.mastodon;
defaultText = lib.literalExpression "pkgs.mastodon";
- description = "Mastodon package to use.";
+ description = lib.mdDoc "Mastodon package to use.";
};
extraConfig = lib.mkOption {
type = lib.types.attrs;
default = {};
- description = ''
+ description = lib.mdDoc ''
Extra environment variables to pass to all mastodon services.
'';
};
@@ -421,7 +421,7 @@ in {
automaticMigrations = lib.mkOption {
type = lib.types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Do automatic database migrations.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/mattermost.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/mattermost.nix
index 2901f307dc5..6e9e2abcaa8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/mattermost.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/mattermost.nix
@@ -107,19 +107,19 @@ in
type = types.package;
default = pkgs.mattermost;
defaultText = "pkgs.mattermost";
- description = "Mattermost derivation to use.";
+ description = lib.mdDoc "Mattermost derivation to use.";
};
statePath = mkOption {
type = types.str;
default = "/var/lib/mattermost";
- description = "Mattermost working directory";
+ description = lib.mdDoc "Mattermost working directory";
};
siteUrl = mkOption {
type = types.str;
example = "https://chat.example.com";
- description = ''
+ description = lib.mdDoc ''
URL this Mattermost instance is reachable under, without trailing slash.
'';
};
@@ -127,14 +127,14 @@ in
siteName = mkOption {
type = types.str;
default = "Mattermost";
- description = "Name of this Mattermost site.";
+ description = lib.mdDoc "Name of this Mattermost site.";
};
listenAddress = mkOption {
type = types.str;
default = ":8065";
example = "[::1]:8065";
- description = ''
+ description = lib.mdDoc ''
Address and port this Mattermost instance listens to.
'';
};
@@ -142,7 +142,7 @@ in
mutableConfig = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether the Mattermost config.json is writeable by Mattermost.
Most of the settings can be edited in the system console of
@@ -159,7 +159,7 @@ in
preferNixConfig = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If both mutableConfig and this option are set, the Nix configuration
will take precedence over any settings configured in the server
console.
@@ -169,7 +169,7 @@ in
extraConfig = mkOption {
type = types.attrs;
default = { };
- description = ''
+ description = lib.mdDoc ''
Addtional configuration options as Nix attribute set in config.json schema.
'';
};
@@ -178,7 +178,7 @@ in
type = types.listOf (types.oneOf [types.path types.package]);
default = [];
example = "[ ./com.github.moussetc.mattermost.plugin.giphy-2.0.0.tar.gz ]";
- description = ''
+ description = lib.mdDoc ''
Plugins to add to the configuration. Overrides any installed if non-null.
This is a list of paths to .tar.gz files or derivations evaluating to
.tar.gz files.
@@ -188,7 +188,7 @@ in
localDatabaseCreate = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Create a local PostgreSQL database for Mattermost automatically.
'';
};
@@ -196,7 +196,7 @@ in
localDatabaseName = mkOption {
type = types.str;
default = "mattermost";
- description = ''
+ description = lib.mdDoc ''
Local Mattermost database name.
'';
};
@@ -204,7 +204,7 @@ in
localDatabaseUser = mkOption {
type = types.str;
default = "mattermost";
- description = ''
+ description = lib.mdDoc ''
Local Mattermost database username.
'';
};
@@ -212,7 +212,7 @@ in
localDatabasePassword = mkOption {
type = types.str;
default = "mmpgsecret";
- description = ''
+ description = lib.mdDoc ''
Password for local Mattermost database user.
'';
};
@@ -220,7 +220,7 @@ in
user = mkOption {
type = types.str;
default = "mattermost";
- description = ''
+ description = lib.mdDoc ''
User which runs the Mattermost service.
'';
};
@@ -228,7 +228,7 @@ in
group = mkOption {
type = types.str;
default = "mattermost";
- description = ''
+ description = lib.mdDoc ''
Group which runs the Mattermost service.
'';
};
@@ -239,13 +239,13 @@ in
type = types.package;
default = pkgs.matterircd;
defaultText = "pkgs.matterircd";
- description = "matterircd derivation to use.";
+ description = lib.mdDoc "matterircd derivation to use.";
};
parameters = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "-mmserver chat.example.com" "-bind [::]:6667" ];
- description = ''
+ description = lib.mdDoc ''
Set commandline parameters to pass to matterircd. See
https://github.com/42wim/matterircd#usage for more information.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/miniflux.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/miniflux.nix
index 641c9be85d8..55e3664bee6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/miniflux.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/miniflux.nix
@@ -29,9 +29,9 @@ in
LISTEN_ADDR = "localhost:8080";
}
'';
- description = ''
+ description = lib.mdDoc ''
Configuration for Miniflux, refer to
-
+
for documentation on the supported values.
Correct configuration for the database is already provided.
@@ -41,7 +41,7 @@ in
adminCredentialsFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
File containing the ADMIN_USERNAME and
ADMIN_PASSWORD (length >= 6) in the format of
an EnvironmentFile=, as described by systemd.exec(5).
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/netbox.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/netbox.nix
index a7d8bede74b..2826e57f2c7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/netbox.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/netbox.nix
@@ -59,18 +59,18 @@ in {
enable = mkOption {
type = lib.types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Netbox.
- This module requires a reverse proxy that serves /static separately.
- See this example on how to configure this.
+ This module requires a reverse proxy that serves `/static` separately.
+ See this [example](https://github.com/netbox-community/netbox/blob/develop/contrib/nginx.conf/) on how to configure this.
'';
};
listenAddress = mkOption {
type = types.str;
default = "[::1]";
- description = ''
+ description = lib.mdDoc ''
Address the server will listen on.
'';
};
@@ -78,7 +78,7 @@ in {
port = mkOption {
type = types.port;
default = 8001;
- description = ''
+ description = lib.mdDoc ''
Port the server will listen on.
'';
};
@@ -89,7 +89,7 @@ in {
defaultText = literalExpression ''
python3Packages: with python3Packages; [];
'';
- description = ''
+ description = lib.mdDoc ''
List of plugin packages to install.
'';
};
@@ -97,14 +97,14 @@ in {
dataDir = mkOption {
type = types.str;
default = "/var/lib/netbox";
- description = ''
+ description = lib.mdDoc ''
Storage path of netbox.
'';
};
secretKeyFile = mkOption {
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Path to a file containing the secret key.
'';
};
@@ -112,28 +112,28 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
- Additional lines of configuration appended to the configuration.py.
- See the documentation for more possible options.
+ description = lib.mdDoc ''
+ Additional lines of configuration appended to the `configuration.py`.
+ See the [documentation](https://netbox.readthedocs.io/en/stable/configuration/optional-settings/) for more possible options.
'';
};
enableLdap = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable LDAP-Authentication for Netbox.
- This requires a configuration file being pass through ldapConfigPath.
+ This requires a configuration file being pass through `ldapConfigPath`.
'';
};
ldapConfigPath = mkOption {
type = types.path;
default = "";
- description = ''
- Path to the Configuration-File for LDAP-Authentification, will be loaded as ldap_config.py.
- See the documentation for possible options.
+ description = lib.mdDoc ''
+ Path to the Configuration-File for LDAP-Authentification, will be loaded as `ldap_config.py`.
+ See the [documentation](https://netbox.readthedocs.io/en/stable/installation/6-ldap/#configuration) for possible options.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nextcloud.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nextcloud.nix
index 2130ec252d9..618ad85b860 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nextcloud.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nextcloud.nix
@@ -6,6 +6,8 @@ let
cfg = config.services.nextcloud;
fpm = config.services.phpfpm.pools.nextcloud;
+ jsonFormat = pkgs.formats.json {};
+
inherit (cfg) datadir;
phpPackage = cfg.phpPackage.buildEnv {
@@ -80,12 +82,12 @@ in {
enable = mkEnableOption "nextcloud";
hostName = mkOption {
type = types.str;
- description = "FQDN for the nextcloud instance.";
+ description = lib.mdDoc "FQDN for the nextcloud instance.";
};
home = mkOption {
type = types.str;
default = "/var/lib/nextcloud";
- description = "Storage path of nextcloud.";
+ description = lib.mdDoc "Storage path of nextcloud.";
};
datadir = mkOption {
type = types.str;
@@ -144,23 +146,23 @@ in {
logLevel = mkOption {
type = types.ints.between 0 4;
default = 2;
- description = "Log level value between 0 (DEBUG) and 4 (FATAL).";
+ description = lib.mdDoc "Log level value between 0 (DEBUG) and 4 (FATAL).";
};
https = mkOption {
type = types.bool;
default = false;
- description = "Use https for generated links.";
+ description = lib.mdDoc "Use https for generated links.";
};
package = mkOption {
type = types.package;
- description = "Which package to use for the Nextcloud instance.";
+ description = lib.mdDoc "Which package to use for the Nextcloud instance.";
relatedPackages = [ "nextcloud23" "nextcloud24" ];
};
phpPackage = mkOption {
type = types.package;
relatedPackages = [ "php80" "php81" ];
defaultText = "pkgs.php";
- description = ''
+ description = lib.mdDoc ''
PHP package to use for Nextcloud.
'';
};
@@ -168,7 +170,7 @@ in {
maxUploadSize = mkOption {
default = "512M";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Defines the upload limit for files. This changes the relevant options
in php.ini and nginx if enabled.
'';
@@ -177,7 +179,7 @@ in {
skeletonDirectory = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The directory where the skeleton files are located. These files will be
copied to the data directory of new users. Leave empty to not copy any
skeleton files.
@@ -187,7 +189,7 @@ in {
webfinger = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable this option if you plan on using the webfinger plugin.
The appropriate nginx rewrite rules will be added to your configuration.
'';
@@ -197,7 +199,7 @@ in {
type = with types; functionTo (listOf package);
default = all: [];
defaultText = literalExpression "all: []";
- description = ''
+ description = lib.mdDoc ''
Additional PHP extensions to use for nextcloud.
By default, only extensions necessary for a vanilla nextcloud installation are enabled,
but you may choose from the list of available extensions and add further ones.
@@ -224,7 +226,7 @@ in {
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
catch_workers_output = "yes";
};
- description = ''
+ description = lib.mdDoc ''
Options for PHP's php.ini file for nextcloud.
'';
};
@@ -239,16 +241,16 @@ in {
"pm.max_spare_servers" = "4";
"pm.max_requests" = "500";
};
- description = ''
- Options for nextcloud's PHP pool. See the documentation on php-fpm.conf for details on configuration directives.
+ description = lib.mdDoc ''
+ Options for nextcloud's PHP pool. See the documentation on `php-fpm.conf` for details on configuration directives.
'';
};
poolConfig = mkOption {
type = types.nullOr types.lines;
default = null;
- description = ''
- Options for nextcloud's PHP pool. See the documentation on php-fpm.conf for details on configuration directives.
+ description = lib.mdDoc ''
+ Options for nextcloud's PHP pool. See the documentation on `php-fpm.conf` for details on configuration directives.
'';
};
@@ -257,7 +259,7 @@ in {
createLocally = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Create the database and database user locally. Only available for
mysql database.
Note that this option will use the latest version of MariaDB which
@@ -273,72 +275,72 @@ in {
dbtype = mkOption {
type = types.enum [ "sqlite" "pgsql" "mysql" ];
default = "sqlite";
- description = "Database type.";
+ description = lib.mdDoc "Database type.";
};
dbname = mkOption {
type = types.nullOr types.str;
default = "nextcloud";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
dbuser = mkOption {
type = types.nullOr types.str;
default = "nextcloud";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
dbpassFile = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The full path to a file that contains the database password.
'';
};
dbhost = mkOption {
type = types.nullOr types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Database host.
Note: for using Unix authentication with PostgreSQL, this should be
- set to /run/postgresql.
+ set to `/run/postgresql`.
'';
};
dbport = mkOption {
type = with types; nullOr (either int str);
default = null;
- description = "Database port.";
+ description = lib.mdDoc "Database port.";
};
dbtableprefix = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Table prefix in Nextcloud database.";
+ description = lib.mdDoc "Table prefix in Nextcloud database.";
};
adminuser = mkOption {
type = types.str;
default = "root";
- description = "Admin username.";
+ description = lib.mdDoc "Admin username.";
};
adminpassFile = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The full path to a file that contains the admin's password. Must be
- readable by user nextcloud.
+ readable by user `nextcloud`.
'';
};
extraTrustedDomains = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Trusted domains, from which the nextcloud installation will be
acessible. You don't need to add
- services.nextcloud.hostname here.
+ `services.nextcloud.hostname` here.
'';
};
trustedProxies = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Trusted proxies, to provide if the nextcloud installation is being
proxied to secure against e.g. spoofing.
'';
@@ -349,10 +351,10 @@ in {
default = null;
example = "https";
- description = ''
+ description = lib.mdDoc ''
Force Nextcloud to always use HTTPS i.e. for link generation. Nextcloud
uses the currently used protocol by default, but when behind a reverse-proxy,
- it may use http for everything although Nextcloud
+ it may use `http` for everything although Nextcloud
may be served via HTTPS.
'';
};
@@ -389,50 +391,50 @@ in {
bucket = mkOption {
type = types.str;
example = "nextcloud";
- description = ''
+ description = lib.mdDoc ''
The name of the S3 bucket.
'';
};
autocreate = mkOption {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Create the objectstore if it does not exist.
'';
};
key = mkOption {
type = types.str;
example = "EJ39ITYZEUH5BGWDRUFY";
- description = ''
+ description = lib.mdDoc ''
The access key for the S3 bucket.
'';
};
secretFile = mkOption {
type = types.str;
example = "/var/nextcloud-objectstore-s3-secret";
- description = ''
+ description = lib.mdDoc ''
The full path to a file that contains the access secret. Must be
- readable by user nextcloud.
+ readable by user `nextcloud`.
'';
};
hostname = mkOption {
type = types.nullOr types.str;
default = null;
example = "example.com";
- description = ''
+ description = lib.mdDoc ''
Required for some non-Amazon implementations.
'';
};
port = mkOption {
type = types.nullOr types.port;
default = null;
- description = ''
+ description = lib.mdDoc ''
Required for some non-Amazon implementations.
'';
};
useSsl = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Use SSL for objectstore access.
'';
};
@@ -440,20 +442,20 @@ in {
type = types.nullOr types.str;
default = null;
example = "REGION";
- description = ''
+ description = lib.mdDoc ''
Required for some non-Amazon implementations.
'';
};
usePathStyle = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Required for some non-Amazon S3 implementations.
Ordinarily, requests will be made with
- http://bucket.hostname.domain/, but with path style
+ `http://bucket.hostname.domain/`, but with path style
enabled requests are made with
- http://hostname.domain/bucket instead.
+ `http://hostname.domain/bucket` instead.
'';
};
};
@@ -474,14 +476,14 @@ in {
apcu = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to load the APCu module into PHP.
'';
};
redis = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to load the Redis module into PHP.
You still need to enable Redis in your config.php.
See https://docs.nextcloud.com/server/14/admin_manual/configuration_server/caching_configuration.html
@@ -490,7 +492,7 @@ in {
memcached = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to load the Memcached module into PHP.
You still need to enable Memcached in your config.php.
See https://docs.nextcloud.com/server/14/admin_manual/configuration_server/caching_configuration.html
@@ -501,7 +503,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Run regular auto update of all apps installed from the nextcloud app store.
'';
};
@@ -547,11 +549,38 @@ in {
'';
};
+ extraOptions = mkOption {
+ type = jsonFormat.type;
+ default = {};
+ description = lib.mdDoc ''
+ Extra options which should be appended to nextcloud's config.php file.
+ '';
+ example = literalExpression '' {
+ redis = {
+ host = "/run/redis/redis.sock";
+ port = 0;
+ dbindex = 0;
+ password = "secret";
+ timeout = 1.5;
+ };
+ } '';
+ };
+
+ secretFile = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ description = ''
+ Secret options which will be appended to nextcloud's config.php file (written as JSON, in the same
+ form as the option), for example
+ {"redis":{"password":"secret"}}.
+ '';
+ };
+
nginx = {
recommendedHttpHeaders = mkOption {
type = types.bool;
default = true;
- description = "Enable additional recommended HTTP response headers";
+ description = lib.mdDoc "Enable additional recommended HTTP response headers";
};
hstsMaxAge = mkOption {
type = types.ints.positive;
@@ -706,10 +735,20 @@ in {
$file
));
}
-
return trim(file_get_contents($file));
+ }''}
+ function nix_decode_json_file($file, $error) {
+ if (!file_exists($file)) {
+ throw new \RuntimeException(sprintf($error, $file));
}
- ''}
+ $decoded = json_decode(file_get_contents($file), true);
+
+ if (json_last_error() !== JSON_ERROR_NONE) {
+ throw new \RuntimeException(sprintf("Cannot decode %s, because: %s", $file, json_last_error_msg()));
+ }
+
+ return $decoded;
+ }
$CONFIG = [
'apps_paths' => [
${optionalString (cfg.extraApps != { }) "[ 'path' => '${cfg.home}/nix-apps', 'url' => '/nix-apps', 'writable' => false ],"}
@@ -728,7 +767,12 @@ in {
${optionalString (c.dbport != null) "'dbport' => '${toString c.dbport}',"}
${optionalString (c.dbuser != null) "'dbuser' => '${c.dbuser}',"}
${optionalString (c.dbtableprefix != null) "'dbtableprefix' => '${toString c.dbtableprefix}',"}
- ${optionalString (c.dbpassFile != null) "'dbpassword' => nix_read_secret('${c.dbpassFile}'),"}
+ ${optionalString (c.dbpassFile != null) ''
+ 'dbpassword' => nix_read_secret(
+ "${c.dbpassFile}"
+ ),
+ ''
+ }
'dbtype' => '${c.dbtype}',
'trusted_domains' => ${writePhpArrary ([ cfg.hostName ] ++ c.extraTrustedDomains)},
'trusted_proxies' => ${writePhpArrary (c.trustedProxies)},
@@ -736,6 +780,18 @@ in {
${optionalString (nextcloudGreaterOrEqualThan "23") "'profile.enabled' => ${boolToString cfg.globalProfiles},"}
${objectstoreConfig}
];
+
+ $CONFIG = array_replace_recursive($CONFIG, nix_decode_json_file(
+ "${jsonFormat.generate "nextcloud-extraOptions.json" cfg.extraOptions}",
+ "impossible: this should never happen (decoding generated extraOptions file %s failed)"
+ ));
+
+ ${optionalString (cfg.secretFile != null) ''
+ $CONFIG = array_replace_recursive($CONFIG, nix_decode_json_file(
+ "${cfg.secretFile}",
+ "Cannot start Nextcloud, secrets file %s set by NixOS doesn't exist!"
+ ));
+ ''}
'';
occInstallCmd = let
mkExport = { arg, value }: "export ${arg}=${value}";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nexus.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nexus.nix
index dc50a06705f..cfa137e77d2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nexus.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nexus.nix
@@ -17,37 +17,37 @@ in
type = types.package;
default = pkgs.nexus;
defaultText = literalExpression "pkgs.nexus";
- description = "Package which runs Nexus3";
+ description = lib.mdDoc "Package which runs Nexus3";
};
user = mkOption {
type = types.str;
default = "nexus";
- description = "User which runs Nexus3.";
+ description = lib.mdDoc "User which runs Nexus3.";
};
group = mkOption {
type = types.str;
default = "nexus";
- description = "Group which runs Nexus3.";
+ description = lib.mdDoc "Group which runs Nexus3.";
};
home = mkOption {
type = types.str;
default = "/var/lib/sonatype-work";
- description = "Home directory of the Nexus3 instance.";
+ description = lib.mdDoc "Home directory of the Nexus3 instance.";
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Address to listen on.";
+ description = lib.mdDoc "Address to listen on.";
};
listenPort = mkOption {
type = types.int;
default = 8081;
- description = "Port to listen on.";
+ description = lib.mdDoc "Port to listen on.";
};
jvmOpts = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nifi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nifi.nix
index 21a63127264..e3f30c710e0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nifi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/nifi.nix
@@ -33,25 +33,25 @@ in {
type = lib.types.package;
default = pkgs.nifi;
defaultText = lib.literalExpression "pkgs.nifi";
- description = "Apache NiFi package to use.";
+ description = lib.mdDoc "Apache NiFi package to use.";
};
user = lib.mkOption {
type = lib.types.str;
default = "nifi";
- description = "User account where Apache NiFi runs.";
+ description = lib.mdDoc "User account where Apache NiFi runs.";
};
group = lib.mkOption {
type = lib.types.str;
default = "nifi";
- description = "Group account where Apache NiFi runs.";
+ description = lib.mdDoc "Group account where Apache NiFi runs.";
};
enableHTTPS = lib.mkOption {
type = lib.types.bool;
default = true;
- description = "Enable HTTPS protocol. Don`t use in production.";
+ description = lib.mdDoc "Enable HTTPS protocol. Don`t use in production.";
};
listenHost = lib.mkOption {
@@ -62,7 +62,7 @@ in {
then "0.0.0.0"
else "127.0.0.1"
'';
- description = "Bind to an ip for Apache NiFi web-ui.";
+ description = lib.mdDoc "Bind to an ip for Apache NiFi web-ui.";
};
listenPort = lib.mkOption {
@@ -73,7 +73,7 @@ in {
then "8443"
else "8000"
'';
- description = "Bind to a port for Apache NiFi web-ui.";
+ description = lib.mdDoc "Bind to a port for Apache NiFi web-ui.";
};
proxyHost = lib.mkOption {
@@ -84,7 +84,7 @@ in {
then "0.0.0.0"
else null
'';
- description = "Allow requests from a specific host.";
+ description = lib.mdDoc "Allow requests from a specific host.";
};
proxyPort = lib.mkOption {
@@ -95,34 +95,34 @@ in {
then "8443"
else null
'';
- description = "Allow requests from a specific port.";
+ description = lib.mdDoc "Allow requests from a specific port.";
};
initUser = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
- description = "Initial user account for Apache NiFi. Username must be at least 4 characters.";
+ description = lib.mdDoc "Initial user account for Apache NiFi. Username must be at least 4 characters.";
};
initPasswordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/keys/nifi/password-nifi";
- description = "nitial password for Apache NiFi. Password must be at least 12 characters.";
+ description = lib.mdDoc "nitial password for Apache NiFi. Password must be at least 12 characters.";
};
initJavaHeapSize = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
example = 1024;
- description = "Set the initial heap size for the JVM in MB.";
+ description = lib.mdDoc "Set the initial heap size for the JVM in MB.";
};
maxJavaHeapSize = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
example = 2048;
- description = "Set the initial heap size for the JVM in MB.";
+ description = lib.mdDoc "Set the initial heap size for the JVM in MB.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/node-red.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/node-red.nix
index 4512907f027..1b9d14ecf4f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/node-red.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/node-red.nix
@@ -23,13 +23,13 @@ in
default = pkgs.nodePackages.node-red;
defaultText = literalExpression "pkgs.nodePackages.node-red";
type = types.package;
- description = "Node-RED package to use.";
+ description = lib.mdDoc "Node-RED package to use.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Open ports in the firewall for the server.
'';
};
@@ -37,7 +37,7 @@ in
withNpmAndGcc = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Give Node-RED access to NPM and GCC at runtime, so 'Nodes' can be
downloaded and managed imperatively via the 'Palette Manager'.
'';
@@ -58,13 +58,13 @@ in
port = mkOption {
type = types.port;
default = 1880;
- description = "Listening port.";
+ description = lib.mdDoc "Listening port.";
};
user = mkOption {
type = types.str;
default = defaultUser;
- description = ''
+ description = lib.mdDoc ''
User under which Node-RED runs.If left as the default value this user
will automatically be created on system activation, otherwise the
sysadmin is responsible for ensuring the user exists.
@@ -74,7 +74,7 @@ in
group = mkOption {
type = types.str;
default = defaultUser;
- description = ''
+ description = lib.mdDoc ''
Group under which Node-RED runs.If left as the default value this group
will automatically be created on system activation, otherwise the
sysadmin is responsible for ensuring the group exists.
@@ -84,7 +84,7 @@ in
userDir = mkOption {
type = types.path;
default = "/var/lib/node-red";
- description = ''
+ description = lib.mdDoc ''
The directory to store all user data, such as flow and credential files and all library data. If left
as the default value this directory will automatically be created before the node-red service starts,
otherwise the sysadmin is responsible for ensuring the directory exists with appropriate ownership
@@ -95,13 +95,13 @@ in
safe = mkOption {
type = types.bool;
default = false;
- description = "Whether to launch Node-RED in --safe mode.";
+ description = lib.mdDoc "Whether to launch Node-RED in --safe mode.";
};
define = mkOption {
type = types.attrs;
default = {};
- description = "List of settings.js overrides to pass via -D to Node-RED.";
+ description = lib.mdDoc "List of settings.js overrides to pass via -D to Node-RED.";
example = literalExpression ''
{
"logging.console.level" = "trace";
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/onlyoffice.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/onlyoffice.nix
new file mode 100644
index 00000000000..15fc3b03a83
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/onlyoffice.nix
@@ -0,0 +1,288 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+ cfg = config.services.onlyoffice;
+in
+{
+ options.services.onlyoffice = {
+ enable = mkEnableOption "OnlyOffice DocumentServer";
+
+ enableExampleServer = mkEnableOption "OnlyOffice example server";
+
+ hostname = mkOption {
+ type = types.str;
+ default = "localhost";
+ description = lib.mdDoc "FQDN for the onlyoffice instance.";
+ };
+
+ jwtSecretFile = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ description = lib.mdDoc ''
+ Path to a file that contains the secret to sign web requests using JSON Web Tokens.
+ If left at the default value null signing is disabled.
+ '';
+ };
+
+ package = mkOption {
+ type = types.package;
+ default = pkgs.onlyoffice-documentserver;
+ defaultText = "pkgs.onlyoffice-documentserver";
+ description = lib.mdDoc "Which package to use for the OnlyOffice instance.";
+ };
+
+ port = mkOption {
+ type = types.port;
+ default = 8000;
+ description = lib.mdDoc "Port the OnlyOffice DocumentServer should listens on.";
+ };
+
+ examplePort = mkOption {
+ type = types.port;
+ default = null;
+ description = lib.mdDoc "Port the OnlyOffice Example server should listens on.";
+ };
+
+ postgresHost = mkOption {
+ type = types.str;
+ default = "/run/postgresql";
+ description = lib.mdDoc "The Postgresql hostname or socket path OnlyOffice should connect to.";
+ };
+
+ postgresName = mkOption {
+ type = types.str;
+ default = "onlyoffice";
+ description = lib.mdDoc "The name of databse OnlyOffice should user.";
+ };
+
+ postgresPasswordFile = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ description = lib.mdDoc ''
+ Path to a file that contains the password OnlyOffice should use to connect to Postgresql.
+ Unused when using socket authentication.
+ '';
+ };
+
+ postgresUser = mkOption {
+ type = types.str;
+ default = "onlyoffice";
+ description = lib.mdDoc ''
+ The username OnlyOffice should use to connect to Postgresql.
+ Unused when using socket authentication.
+ '';
+ };
+
+ rabbitmqUrl = mkOption {
+ type = types.str;
+ default = "amqp://guest:guest@localhost:5672";
+ description = lib.mdDoc "The Rabbitmq in amqp URI style OnlyOffice should connect to.";
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ services = {
+ nginx = {
+ enable = mkDefault true;
+ # misses text/csv, font/ttf, application/x-font-ttf, application/rtf, application/wasm
+ recommendedGzipSettings = mkDefault true;
+ recommendedProxySettings = mkDefault true;
+
+ upstreams = {
+ # /etc/nginx/includes/http-common.conf
+ onlyoffice-docservice = {
+ servers = { "localhost:${toString cfg.port}" = { }; };
+ };
+ onlyoffice-example = lib.mkIf cfg.enableExampleServer {
+ servers = { "localhost:${toString cfg.examplePort}" = { }; };
+ };
+ };
+
+ virtualHosts.${cfg.hostname} = {
+ locations = {
+ # /etc/nginx/includes/ds-docservice.conf
+ "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(web-apps\/apps\/api\/documents\/api\.js)$".extraConfig = ''
+ expires -1;
+ alias ${cfg.package}/var/www/onlyoffice/documentserver/$2;
+ '';
+ "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(web-apps)(\/.*\.json)$".extraConfig = ''
+ expires 365d;
+ error_log /dev/null crit;
+ alias ${cfg.package}/var/www/onlyoffice/documentserver/$2$3;
+ '';
+ "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(sdkjs-plugins)(\/.*\.json)$".extraConfig = ''
+ expires 365d;
+ error_log /dev/null crit;
+ alias ${cfg.package}/var/www/onlyoffice/documentserver/$2$3;
+ '';
+ "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(web-apps|sdkjs|sdkjs-plugins|fonts)(\/.*)$".extraConfig = ''
+ expires 365d;
+ alias ${cfg.package}/var/www/onlyoffice/documentserver/$2$3;
+ '';
+ "~* ^(\/cache\/files.*)(\/.*)".extraConfig = ''
+ alias /var/lib/onlyoffice/documentserver/App_Data$1;
+ add_header Content-Disposition "attachment; filename*=UTF-8''$arg_filename";
+
+ set $secret_string verysecretstring;
+ secure_link $arg_md5,$arg_expires;
+ secure_link_md5 "$secure_link_expires$uri$secret_string";
+
+ if ($secure_link = "") {
+ return 403;
+ }
+
+ if ($secure_link = "0") {
+ return 410;
+ }
+ '';
+ "~* ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(internal)(\/.*)$".extraConfig = ''
+ allow 127.0.0.1;
+ deny all;
+ proxy_pass http://onlyoffice-docservice/$2$3;
+ '';
+ "~* ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(info)(\/.*)$".extraConfig = ''
+ allow 127.0.0.1;
+ deny all;
+ proxy_pass http://onlyoffice-docservice/$2$3;
+ '';
+ "/".extraConfig = ''
+ proxy_pass http://onlyoffice-docservice;
+ '';
+ "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?(\/doc\/.*)".extraConfig = ''
+ proxy_pass http://onlyoffice-docservice$2;
+ proxy_http_version 1.1;
+ '';
+ "/${cfg.package.version}/".extraConfig = ''
+ proxy_pass http://onlyoffice-docservice/;
+ '';
+ "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(dictionaries)(\/.*)$".extraConfig = ''
+ expires 365d;
+ alias ${cfg.package}/var/www/onlyoffice/documentserver/$2$3;
+ '';
+ # /etc/nginx/includes/ds-example.conf
+ "~ ^(\/welcome\/.*)$".extraConfig = ''
+ expires 365d;
+ alias ${cfg.package}/var/www/onlyoffice/documentserver-example$1;
+ index docker.html;
+ '';
+ "/example/".extraConfig = lib.mkIf cfg.enableExampleServer ''
+ proxy_pass http://onlyoffice-example/;
+ proxy_set_header X-Forwarded-Path /example;
+ '';
+ };
+ extraConfig = ''
+ rewrite ^/$ /welcome/ redirect;
+ rewrite ^\/OfficeWeb(\/apps\/.*)$ /${cfg.package.version}/web-apps$1 redirect;
+ rewrite ^(\/web-apps\/apps\/(?!api\/).*)$ /${cfg.package.version}$1 redirect;
+
+ # based on https://github.com/ONLYOFFICE/document-server-package/blob/master/common/documentserver/nginx/includes/http-common.conf.m4#L29-L34
+ # without variable indirection and correct variable names
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ # required for CSP to take effect
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ # required for websocket
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $connection_upgrade;
+ '';
+ };
+ };
+
+ rabbitmq.enable = lib.mkDefault true;
+
+ postgresql = {
+ enable = lib.mkDefault true;
+ ensureDatabases = [ "onlyoffice" ];
+ ensureUsers = [{
+ name = "onlyoffice";
+ ensurePermissions = { "DATABASE \"onlyoffice\"" = "ALL PRIVILEGES"; };
+ }];
+ };
+ };
+
+ systemd.services = {
+ onlyoffice-converter = {
+ description = "onlyoffice converter";
+ after = [ "network.target" "onlyoffice-docservice.service" "postgresql.service" ];
+ requires = [ "network.target" "onlyoffice-docservice.service" "postgresql.service" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ ExecStart = "${cfg.package.fhs}/bin/onlyoffice-wrapper FileConverter/converter /run/onlyoffice/config";
+ Group = "onlyoffice";
+ Restart = "always";
+ RuntimeDirectory = "onlyoffice";
+ StateDirectory = "onlyoffice";
+ Type = "simple";
+ User = "onlyoffice";
+ };
+ };
+
+ onlyoffice-docservice =
+ let
+ onlyoffice-prestart = pkgs.writeShellScript "onlyoffice-prestart" ''
+ PATH=$PATH:${lib.makeBinPath (with pkgs; [ jq moreutils config.services.postgresql.package ])}
+ umask 077
+ mkdir -p /run/onlyoffice/config/ /var/lib/onlyoffice/documentserver/sdkjs/{slide/themes,common}/ /var/lib/onlyoffice/documentserver/{fonts,server/FileConverter/bin}/
+ cp -r ${cfg.package}/etc/onlyoffice/documentserver/* /run/onlyoffice/config/
+ chmod u+w /run/onlyoffice/config/default.json
+
+ cp /run/onlyoffice/config/default.json{,.orig}
+
+ # for a mapping of environment variables from the docker container to json options see
+ # https://github.com/ONLYOFFICE/Docker-DocumentServer/blob/master/run-document-server.sh
+ jq '
+ .services.CoAuthoring.server.port = ${toString cfg.port} |
+ .services.CoAuthoring.sql.dbHost = "${cfg.postgresHost}" |
+ .services.CoAuthoring.sql.dbName = "${cfg.postgresName}" |
+ ${lib.optionalString (cfg.postgresPasswordFile != null) ''
+ .services.CoAuthoring.sql.dbPass = "'"$(cat ${cfg.postgresPasswordFile})"'" |
+ ''}
+ .services.CoAuthoring.sql.dbUser = "${cfg.postgresUser}" |
+ ${lib.optionalString (cfg.jwtSecretFile != null) ''
+ .services.CoAuthoring.token.enable.browser = true |
+ .services.CoAuthoring.token.enable.request.inbox = true |
+ .services.CoAuthoring.token.enable.request.outbox = true |
+ .services.CoAuthoring.secret.inbox.string = "'"$(cat ${cfg.jwtSecretFile})"'" |
+ .services.CoAuthoring.secret.outbox.string = "'"$(cat ${cfg.jwtSecretFile})"'" |
+ .services.CoAuthoring.secret.session.string = "'"$(cat ${cfg.jwtSecretFile})"'" |
+ ''}
+ .rabbitmq.url = "${cfg.rabbitmqUrl}"
+ ' /run/onlyoffice/config/default.json | sponge /run/onlyoffice/config/default.json
+
+ if ! psql -d onlyoffice -c "SELECT 'task_result'::regclass;" >/dev/null; then
+ psql -f ${cfg.package}/var/www/onlyoffice/documentserver/server/schema/postgresql/createdb.sql
+ fi
+ '';
+ in
+ {
+ description = "onlyoffice documentserver";
+ after = [ "network.target" "postgresql.service" ];
+ requires = [ "postgresql.service" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ ExecStart = "${cfg.package.fhs}/bin/onlyoffice-wrapper DocService/docservice /run/onlyoffice/config";
+ ExecStartPre = onlyoffice-prestart;
+ Group = "onlyoffice";
+ Restart = "always";
+ RuntimeDirectory = "onlyoffice";
+ StateDirectory = "onlyoffice";
+ Type = "simple";
+ User = "onlyoffice";
+ };
+ };
+ };
+
+ users.users = {
+ onlyoffice = {
+ description = "OnlyOffice Service";
+ group = "onlyoffice";
+ isSystemUser = true;
+ };
+ };
+
+ users.groups.onlyoffice = { };
+ };
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/openwebrx.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/openwebrx.nix
index c530a07610f..c409adbc710 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/openwebrx.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/openwebrx.nix
@@ -10,7 +10,7 @@ in
type = types.package;
default = pkgs.openwebrx;
defaultText = literalExpression "pkgs.openwebrx";
- description = "OpenWebRX package to use for the service";
+ description = lib.mdDoc "OpenWebRX package to use for the service";
};
};
@@ -20,6 +20,9 @@ in
path = with pkgs; [
csdr
digiham
+ codec2
+ js8call
+ m17-cxx-demod
alsaUtils
netcat
];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/peertube.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/peertube.nix
index e6b6aa273e7..2fb05209c5c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/peertube.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/peertube.nix
@@ -73,51 +73,51 @@ in {
user = lib.mkOption {
type = lib.types.str;
default = "peertube";
- description = "User account under which Peertube runs.";
+ description = lib.mdDoc "User account under which Peertube runs.";
};
group = lib.mkOption {
type = lib.types.str;
default = "peertube";
- description = "Group under which Peertube runs.";
+ description = lib.mdDoc "Group under which Peertube runs.";
};
localDomain = lib.mkOption {
type = lib.types.str;
example = "peertube.example.com";
- description = "The domain serving your PeerTube instance.";
+ description = lib.mdDoc "The domain serving your PeerTube instance.";
};
listenHttp = lib.mkOption {
type = lib.types.int;
default = 9000;
- description = "listen port for HTTP server.";
+ description = lib.mdDoc "listen port for HTTP server.";
};
listenWeb = lib.mkOption {
type = lib.types.int;
default = 9000;
- description = "listen port for WEB server.";
+ description = lib.mdDoc "listen port for WEB server.";
};
enableWebHttps = lib.mkOption {
type = lib.types.bool;
default = false;
- description = "Enable or disable HTTPS protocol.";
+ description = lib.mdDoc "Enable or disable HTTPS protocol.";
};
dataDirs = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [ ];
example = [ "/opt/peertube/storage" "/var/cache/peertube" ];
- description = "Allow access to custom data locations.";
+ description = lib.mdDoc "Allow access to custom data locations.";
};
serviceEnvironmentFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/keys/peertube/password-init-root";
- description = ''
+ description = lib.mdDoc ''
Set environment variables for the service. Mainly useful for setting the initial root password.
For example write to file:
PT_INITIAL_ROOT_PASSWORD=changeme
@@ -141,14 +141,14 @@ in {
};
}
'';
- description = "Configuration for peertube.";
+ description = lib.mdDoc "Configuration for peertube.";
};
database = {
createLocally = lib.mkOption {
type = lib.types.bool;
default = false;
- description = "Configure local PostgreSQL database server for PeerTube.";
+ description = lib.mdDoc "Configure local PostgreSQL database server for PeerTube.";
};
host = lib.mkOption {
@@ -160,32 +160,32 @@ in {
else null
'';
example = "192.168.15.47";
- description = "Database host address or unix socket.";
+ description = lib.mdDoc "Database host address or unix socket.";
};
port = lib.mkOption {
type = lib.types.int;
default = 5432;
- description = "Database host port.";
+ description = lib.mdDoc "Database host port.";
};
name = lib.mkOption {
type = lib.types.str;
default = "peertube";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
user = lib.mkOption {
type = lib.types.str;
default = "peertube";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/keys/peertube/password-posgressql-db";
- description = "Password for PostgreSQL database.";
+ description = lib.mdDoc "Password for PostgreSQL database.";
};
};
@@ -193,7 +193,7 @@ in {
createLocally = lib.mkOption {
type = lib.types.bool;
default = false;
- description = "Configure local Redis server for PeerTube.";
+ description = lib.mdDoc "Configure local Redis server for PeerTube.";
};
host = lib.mkOption {
@@ -204,7 +204,7 @@ in {
then "127.0.0.1"
else null
'';
- description = "Redis host.";
+ description = lib.mdDoc "Redis host.";
};
port = lib.mkOption {
@@ -215,21 +215,21 @@ in {
then null
else 6379
'';
- description = "Redis port.";
+ description = lib.mdDoc "Redis port.";
};
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/keys/peertube/password-redis-db";
- description = "Password for redis database.";
+ description = lib.mdDoc "Password for redis database.";
};
enableUnixSocket = lib.mkOption {
type = lib.types.bool;
default = cfg.redis.createLocally;
defaultText = lib.literalExpression "config.${opt.redis.createLocally}";
- description = "Use Unix socket.";
+ description = lib.mdDoc "Use Unix socket.";
};
};
@@ -237,14 +237,14 @@ in {
createLocally = lib.mkOption {
type = lib.types.bool;
default = false;
- description = "Configure local Postfix SMTP server for PeerTube.";
+ description = lib.mdDoc "Configure local Postfix SMTP server for PeerTube.";
};
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/run/keys/peertube/password-smtp";
- description = "Password for smtp server.";
+ description = lib.mdDoc "Password for smtp server.";
};
};
@@ -252,7 +252,7 @@ in {
type = lib.types.package;
default = pkgs.peertube;
defaultText = lib.literalExpression "pkgs.peertube";
- description = "Peertube package to use.";
+ description = lib.mdDoc "Peertube package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/phylactery.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/phylactery.nix
new file mode 100644
index 00000000000..d512b48539b
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/phylactery.nix
@@ -0,0 +1,51 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let cfg = config.services.phylactery;
+in {
+ options.services.phylactery = {
+ enable = mkEnableOption "Whether to enable Phylactery server";
+
+ host = mkOption {
+ type = types.str;
+ default = "localhost";
+ description = lib.mdDoc "Listen host for Phylactery";
+ };
+
+ port = mkOption {
+ type = types.port;
+ description = lib.mdDoc "Listen port for Phylactery";
+ };
+
+ library = mkOption {
+ type = types.path;
+ description = lib.mdDoc "Path to CBZ library";
+ };
+
+ package = mkOption {
+ type = types.package;
+ default = pkgs.phylactery;
+ defaultText = literalExpression "pkgs.phylactery";
+ description = lib.mdDoc "The Phylactery package to use";
+ };
+ };
+
+ config = mkIf cfg.enable {
+ systemd.services.phylactery = {
+ environment = {
+ PHYLACTERY_ADDRESS = "${cfg.host}:${toString cfg.port}";
+ PHYLACTERY_LIBRARY = "${cfg.library}";
+ };
+
+ wantedBy = [ "multi-user.target" ];
+
+ serviceConfig = {
+ ConditionPathExists = cfg.library;
+ DynamicUser = true;
+ ExecStart = "${cfg.package}/bin/phylactery";
+ };
+ };
+ };
+
+ meta.maintainers = with maintainers; [ McSinyx ];
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/pict-rs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/pict-rs.nix
index e1847fbd531..ab5a9ed0735 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/pict-rs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/pict-rs.nix
@@ -14,21 +14,21 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/pict-rs";
- description = ''
+ description = lib.mdDoc ''
The directory where to store the uploaded images.
'';
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The IPv4 address to deploy the service to.
'';
};
port = mkOption {
type = types.port;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
The port which to bind the service to.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/plantuml-server.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/plantuml-server.nix
index 9ea37b8a4ca..acd9292ceb4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/plantuml-server.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/plantuml-server.nix
@@ -17,7 +17,7 @@ in
type = types.package;
default = pkgs.plantuml-server;
defaultText = literalExpression "pkgs.plantuml-server";
- description = "PlantUML server package to use";
+ description = lib.mdDoc "PlantUML server package to use";
};
packages = {
@@ -25,75 +25,75 @@ in
type = types.package;
default = pkgs.jdk;
defaultText = literalExpression "pkgs.jdk";
- description = "JDK package to use for the server";
+ description = lib.mdDoc "JDK package to use for the server";
};
jetty = mkOption {
type = types.package;
default = pkgs.jetty;
defaultText = literalExpression "pkgs.jetty";
- description = "Jetty package to use for the server";
+ description = lib.mdDoc "Jetty package to use for the server";
};
};
user = mkOption {
type = types.str;
default = "plantuml";
- description = "User which runs PlantUML server.";
+ description = lib.mdDoc "User which runs PlantUML server.";
};
group = mkOption {
type = types.str;
default = "plantuml";
- description = "Group which runs PlantUML server.";
+ description = lib.mdDoc "Group which runs PlantUML server.";
};
home = mkOption {
type = types.str;
default = "/var/lib/plantuml";
- description = "Home directory of the PlantUML server instance.";
+ description = lib.mdDoc "Home directory of the PlantUML server instance.";
};
listenHost = mkOption {
type = types.str;
default = "127.0.0.1";
- description = "Host to listen on.";
+ description = lib.mdDoc "Host to listen on.";
};
listenPort = mkOption {
type = types.int;
default = 8080;
- description = "Port to listen on.";
+ description = lib.mdDoc "Port to listen on.";
};
plantumlLimitSize = mkOption {
type = types.int;
default = 4096;
- description = "Limits image width and height.";
+ description = lib.mdDoc "Limits image width and height.";
};
graphvizPackage = mkOption {
type = types.package;
default = pkgs.graphviz;
defaultText = literalExpression "pkgs.graphviz";
- description = "Package containing the dot executable.";
+ description = lib.mdDoc "Package containing the dot executable.";
};
plantumlStats = mkOption {
type = types.bool;
default = false;
- description = "Set it to on to enable statistics report (https://plantuml.com/statistics-report).";
+ description = lib.mdDoc "Set it to on to enable statistics report (https://plantuml.com/statistics-report).";
};
httpAuthorization = mkOption {
type = types.nullOr types.str;
default = null;
- description = "When calling the proxy endpoint, the value of HTTP_AUTHORIZATION will be used to set the HTTP Authorization header.";
+ description = lib.mdDoc "When calling the proxy endpoint, the value of HTTP_AUTHORIZATION will be used to set the HTTP Authorization header.";
};
allowPlantumlInclude = mkOption {
type = types.bool;
default = false;
- description = "Enables !include processing which can read files from the server into diagrams. Files are read relative to the current working directory.";
+ description = lib.mdDoc "Enables !include processing which can read files from the server into diagrams. Files are read relative to the current working directory.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/plausible.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/plausible.nix
index 5d550ae5ca8..6f098134c92 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/plausible.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/plausible.nix
@@ -11,7 +11,7 @@ in {
releaseCookiePath = mkOption {
type = with types; either str path;
- description = ''
+ description = lib.mdDoc ''
The path to the file with release cookie. (used for remote connection to the running node).
'';
};
@@ -20,7 +20,7 @@ in {
name = mkOption {
default = "admin";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the admin user that plausible will created on initial startup.
'';
};
@@ -28,14 +28,14 @@ in {
email = mkOption {
type = types.str;
example = "admin@localhost";
- description = ''
+ description = lib.mdDoc ''
Email-address of the admin-user.
'';
};
passwordFile = mkOption {
type = types.either types.str types.path;
- description = ''
+ description = lib.mdDoc ''
Path to the file which contains the password of the admin user.
'';
};
@@ -59,7 +59,7 @@ in {
dbname = mkOption {
default = "plausible";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the database to use.
'';
};
@@ -77,35 +77,35 @@ in {
disableRegistration = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to prohibit creating an account in plausible's UI.
'';
};
secretKeybaseFile = mkOption {
type = types.either types.path types.str;
- description = ''
- Path to the secret used by the phoenix-framework. Instructions
+ description = lib.mdDoc ''
+ Path to the secret used by the `phoenix`-framework. Instructions
how to generate one are documented in the
-
- framework docs.
+ [
+ framework docs](https://hexdocs.pm/phoenix/Mix.Tasks.Phx.Gen.Secret.html#content).
'';
};
port = mkOption {
default = 8000;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Port where the service should be available.
'';
};
baseUrl = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Public URL where plausible is available.
- Note that /path components are currently ignored:
-
+ Note that `/path` components are currently ignored:
+ [
https://github.com/plausible/analytics/issues/1182
- .
+ ](https://github.com/plausible/analytics/issues/1182).
'';
};
};
@@ -114,8 +114,8 @@ in {
email = mkOption {
default = "hello@plausible.local";
type = types.str;
- description = ''
- The email id to use for as from address of all communications
+ description = lib.mdDoc ''
+ The email id to use for as *from* address of all communications
from Plausible.
'';
};
@@ -123,28 +123,28 @@ in {
hostAddr = mkOption {
default = "localhost";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The host address of your smtp server.
'';
};
hostPort = mkOption {
default = 25;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
The port of your smtp server.
'';
};
user = mkOption {
default = null;
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The username/email in case SMTP auth is enabled.
'';
};
passwordFile = mkOption {
default = null;
type = with types; nullOr (either str path);
- description = ''
+ description = lib.mdDoc ''
The path to the file with the password in case SMTP auth is enabled.
'';
};
@@ -152,7 +152,7 @@ in {
retries = mkOption {
type = types.ints.unsigned;
default = 2;
- description = ''
+ description = lib.mdDoc ''
Number of retries to make until mailer gives up.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/powerdns-admin.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/powerdns-admin.nix
index 4661ba80c5d..c2d65f59e4d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/powerdns-admin.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/powerdns-admin.nix
@@ -27,7 +27,7 @@ in
example = literalExpression ''
[ "-b" "127.0.0.1:8000" ]
'';
- description = ''
+ description = lib.mdDoc ''
Extra arguments passed to powerdns-admin.
'';
};
@@ -40,9 +40,9 @@ in
PORT = 8000
SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin@/powerdnsadmin?host=/run/postgresql'
'';
- description = ''
+ description = lib.mdDoc ''
Configuration python file.
- See the example configuration
+ See [the example configuration](https://github.com/ngoduykhanh/PowerDNS-Admin/blob/v${pkgs.powerdns-admin.version}/configs/development.py)
for options.
'';
};
@@ -50,7 +50,7 @@ in
secretKeyFile = mkOption {
type = types.nullOr types.path;
example = "/etc/powerdns-admin/secret";
- description = ''
+ description = lib.mdDoc ''
The secret used to create cookies.
This needs to be set, otherwise the default is used and everyone can forge valid login cookies.
Set this to null to ignore this setting and configure it through another way.
@@ -60,7 +60,7 @@ in
saltFile = mkOption {
type = types.nullOr types.path;
example = "/etc/powerdns-admin/salt";
- description = ''
+ description = lib.mdDoc ''
The salt used for serialization.
This should be set, otherwise the default is used.
Set this to null to ignore this setting and configure it through another way.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/prosody-filer.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/prosody-filer.nix
index a901a95fd5f..1d40809c420 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/prosody-filer.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/prosody-filer.nix
@@ -14,9 +14,9 @@ in {
enable = mkEnableOption "Prosody Filer XMPP upload file server";
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
Configuration for Prosody Filer.
- Refer to for details on supported values.
+ Refer to for details on supported values.
'';
type = settingsFormat.type;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/restya-board.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/restya-board.nix
index 1a8199ab3b3..ae80a7866a1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/restya-board.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/restya-board.nix
@@ -30,7 +30,7 @@ in
dataDir = mkOption {
type = types.path;
default = "/var/lib/restya-board";
- description = ''
+ description = lib.mdDoc ''
Data of the application.
'';
};
@@ -38,7 +38,7 @@ in
user = mkOption {
type = types.str;
default = "restya-board";
- description = ''
+ description = lib.mdDoc ''
User account under which the web-application runs.
'';
};
@@ -46,7 +46,7 @@ in
group = mkOption {
type = types.str;
default = "nginx";
- description = ''
+ description = lib.mdDoc ''
Group account under which the web-application runs.
'';
};
@@ -55,7 +55,7 @@ in
serverName = mkOption {
type = types.str;
default = "restya.board";
- description = ''
+ description = lib.mdDoc ''
Name of the nginx virtualhost to use.
'';
};
@@ -63,7 +63,7 @@ in
listenHost = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Listen address for the virtualhost to use.
'';
};
@@ -71,7 +71,7 @@ in
listenPort = mkOption {
type = types.int;
default = 3000;
- description = ''
+ description = lib.mdDoc ''
Listen port for the virtualhost to use.
'';
};
@@ -81,7 +81,7 @@ in
host = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Host of the database. Leave 'null' to use a local PostgreSQL database.
A local PostgreSQL database is initialized automatically.
'';
@@ -90,7 +90,7 @@ in
port = mkOption {
type = types.nullOr types.int;
default = 5432;
- description = ''
+ description = lib.mdDoc ''
The database's port.
'';
};
@@ -98,7 +98,7 @@ in
name = mkOption {
type = types.str;
default = "restya_board";
- description = ''
+ description = lib.mdDoc ''
Name of the database. The database must exist.
'';
};
@@ -106,7 +106,7 @@ in
user = mkOption {
type = types.str;
default = "restya_board";
- description = ''
+ description = lib.mdDoc ''
The database user. The user must exist and have access to
the specified database.
'';
@@ -115,7 +115,7 @@ in
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The database user's password. 'null' if no password is set.
'';
};
@@ -126,7 +126,7 @@ in
type = types.nullOr types.str;
default = null;
example = "localhost";
- description = ''
+ description = lib.mdDoc ''
Hostname to send outgoing mail. Null to use the system MTA.
'';
};
@@ -134,7 +134,7 @@ in
port = mkOption {
type = types.int;
default = 25;
- description = ''
+ description = lib.mdDoc ''
Port used to connect to SMTP server.
'';
};
@@ -142,7 +142,7 @@ in
login = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
SMTP authentication login used when sending outgoing mail.
'';
};
@@ -150,7 +150,7 @@ in
password = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
SMTP authentication password used when sending outgoing mail.
ATTENTION: The password is stored world-readable in the nix-store!
@@ -161,7 +161,7 @@ in
timezone = mkOption {
type = types.lines;
default = "GMT";
- description = ''
+ description = lib.mdDoc ''
Timezone the web-app runs in.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/rss-bridge.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/rss-bridge.nix
index f2b6d955982..b1a3907d196 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/rss-bridge.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/rss-bridge.nix
@@ -16,7 +16,7 @@ in
user = mkOption {
type = types.str;
default = "nginx";
- description = ''
+ description = lib.mdDoc ''
User account under which both the service and the web-application run.
'';
};
@@ -24,7 +24,7 @@ in
group = mkOption {
type = types.str;
default = "nginx";
- description = ''
+ description = lib.mdDoc ''
Group under which the web-application run.
'';
};
@@ -32,7 +32,7 @@ in
pool = mkOption {
type = types.str;
default = poolName;
- description = ''
+ description = lib.mdDoc ''
Name of existing phpfpm pool that is used to run web-application.
If not specified a pool will be created automatically with
default values.
@@ -42,16 +42,16 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/rss-bridge";
- description = ''
+ description = lib.mdDoc ''
Location in which cache directory will be created.
- You can put config.ini.php in here.
+ You can put `config.ini.php` in here.
'';
};
virtualHost = mkOption {
type = types.nullOr types.str;
default = "rss-bridge";
- description = ''
+ description = lib.mdDoc ''
Name of the nginx virtualhost to use and setup. If null, do not setup any virtualhost.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/selfoss.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/selfoss.nix
index 899976ac696..016e053c802 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/selfoss.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/selfoss.nix
@@ -35,7 +35,7 @@ in
user = mkOption {
type = types.str;
default = "nginx";
- description = ''
+ description = lib.mdDoc ''
User account under which both the service and the web-application run.
'';
};
@@ -43,7 +43,7 @@ in
pool = mkOption {
type = types.str;
default = "${poolName}";
- description = ''
+ description = lib.mdDoc ''
Name of existing phpfpm pool that is used to run web-application.
If not specified a pool will be created automatically with
default values.
@@ -54,7 +54,7 @@ in
type = mkOption {
type = types.enum ["pgsql" "mysql" "sqlite"];
default = "sqlite";
- description = ''
+ description = lib.mdDoc ''
Database to store feeds. Supported are sqlite, pgsql and mysql.
'';
};
@@ -62,7 +62,7 @@ in
host = mkOption {
type = types.str;
default = "localhost";
- description = ''
+ description = lib.mdDoc ''
Host of the database (has no effect if type is "sqlite").
'';
};
@@ -70,7 +70,7 @@ in
name = mkOption {
type = types.str;
default = "tt_rss";
- description = ''
+ description = lib.mdDoc ''
Name of the existing database (has no effect if type is "sqlite").
'';
};
@@ -78,7 +78,7 @@ in
user = mkOption {
type = types.str;
default = "tt_rss";
- description = ''
+ description = lib.mdDoc ''
The database user. The user must exist and has access to
the specified database (has no effect if type is "sqlite").
'';
@@ -87,7 +87,7 @@ in
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The database user's password (has no effect if type is "sqlite").
'';
};
@@ -95,7 +95,7 @@ in
port = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The database's port. If not set, the default ports will be
provided (5432 and 3306 for pgsql and mysql respectively)
(has no effect if type is "sqlite").
@@ -105,7 +105,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration added to config.ini
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/shiori.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/shiori.nix
index bb2fc684e83..494f8587306 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/shiori.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/shiori.nix
@@ -12,13 +12,13 @@ in {
type = types.package;
default = pkgs.shiori;
defaultText = literalExpression "pkgs.shiori";
- description = "The Shiori package to use.";
+ description = lib.mdDoc "The Shiori package to use.";
};
address = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
The IP address on which Shiori will listen.
If empty, listens on all interfaces.
'';
@@ -27,7 +27,7 @@ in {
port = mkOption {
type = types.port;
default = 8080;
- description = "The port of the Shiori web application";
+ description = lib.mdDoc "The port of the Shiori web application";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/sogo.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/sogo.nix
index 4610bb96cb5..a134282de83 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/sogo.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/sogo.nix
@@ -21,31 +21,31 @@ in {
enable = mkEnableOption "SOGo groupware";
vhostName = mkOption {
- description = "Name of the nginx vhost";
+ description = lib.mdDoc "Name of the nginx vhost";
type = str;
default = "sogo";
};
timezone = mkOption {
- description = "Timezone of your SOGo instance";
+ description = lib.mdDoc "Timezone of your SOGo instance";
type = str;
example = "America/Montreal";
};
language = mkOption {
- description = "Language of SOGo";
+ description = lib.mdDoc "Language of SOGo";
type = str;
default = "English";
};
ealarmsCredFile = mkOption {
- description = "Optional path to a credentials file for email alarms";
+ description = lib.mdDoc "Optional path to a credentials file for email alarms";
type = nullOr str;
default = null;
};
configReplaces = mkOption {
- description = ''
+ description = lib.mdDoc ''
Replacement-filepath mapping for sogo.conf.
Every key is replaced with the contents of the file specified as value.
@@ -60,7 +60,7 @@ in {
};
extraConfig = mkOption {
- description = "Extra sogo.conf configuration lines";
+ description = lib.mdDoc "Extra sogo.conf configuration lines";
type = lines;
default = "";
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/trilium.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/trilium.nix
index 35383c992fe..75464b21fd4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/trilium.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/trilium.nix
@@ -10,6 +10,7 @@ let
# Disable automatically generating desktop icon
noDesktopIcon=true
noBackup=${lib.boolToString cfg.noBackup}
+ noAuthentication=${lib.boolToString cfg.noAuthentication}
[Network]
# host setting is relevant only for web deployments - set the host on which the server will listen
@@ -28,7 +29,7 @@ in
dataDir = mkOption {
type = types.str;
default = "/var/lib/trilium";
- description = ''
+ description = lib.mdDoc ''
The directory storing the notes database and the configuration.
'';
};
@@ -36,7 +37,7 @@ in
instanceName = mkOption {
type = types.str;
default = "Trilium";
- description = ''
+ description = lib.mdDoc ''
Instance name used to distinguish between different instances
'';
};
@@ -44,15 +45,23 @@ in
noBackup = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Disable periodic database backups.
'';
};
+ noAuthentication = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ If set to true, no password is required to access the web frontend.
+ '';
+ };
+
host = mkOption {
type = types.str;
default = "127.0.0.1";
- description = ''
+ description = lib.mdDoc ''
The host address to bind to (defaults to localhost).
'';
};
@@ -60,14 +69,14 @@ in
port = mkOption {
type = types.int;
default = 8080;
- description = ''
+ description = lib.mdDoc ''
The port number to bind to.
'';
};
nginx = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
Configuration for nginx reverse proxy.
'';
@@ -76,14 +85,14 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Configure the nginx reverse proxy settings.
'';
};
hostName = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The hostname use to setup the virtualhost configuration
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/tt-rss.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/tt-rss.nix
index c441a2a7764..f105b0aa3f7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/tt-rss.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/tt-rss.nix
@@ -126,7 +126,7 @@ let
root = mkOption {
type = types.path;
default = "/var/lib/tt-rss";
- description = ''
+ description = lib.mdDoc ''
Root of the application.
'';
};
@@ -134,7 +134,7 @@ let
user = mkOption {
type = types.str;
default = "tt_rss";
- description = ''
+ description = lib.mdDoc ''
User account under which both the update daemon and the web-application run.
'';
};
@@ -142,7 +142,7 @@ let
pool = mkOption {
type = types.str;
default = "${poolName}";
- description = ''
+ description = lib.mdDoc ''
Name of existing phpfpm pool that is used to run web-application.
If not specified a pool will be created automatically with
default values.
@@ -152,7 +152,7 @@ let
virtualHost = mkOption {
type = types.nullOr types.str;
default = "tt-rss";
- description = ''
+ description = lib.mdDoc ''
Name of the nginx virtualhost to use and setup. If null, do not setup any virtualhost.
'';
};
@@ -161,7 +161,7 @@ let
type = mkOption {
type = types.enum ["pgsql" "mysql"];
default = "pgsql";
- description = ''
+ description = lib.mdDoc ''
Database to store feeds. Supported are pgsql and mysql.
'';
};
@@ -169,7 +169,7 @@ let
host = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Host of the database. Leave null to use Unix domain socket.
'';
};
@@ -177,7 +177,7 @@ let
name = mkOption {
type = types.str;
default = "tt_rss";
- description = ''
+ description = lib.mdDoc ''
Name of the existing database.
'';
};
@@ -185,7 +185,7 @@ let
user = mkOption {
type = types.str;
default = "tt_rss";
- description = ''
+ description = lib.mdDoc ''
The database user. The user must exist and has access to
the specified database.
'';
@@ -194,7 +194,7 @@ let
password = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The database user's password.
'';
};
@@ -202,7 +202,7 @@ let
passwordFile = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The database user's password.
'';
};
@@ -210,7 +210,7 @@ let
port = mkOption {
type = types.nullOr types.int;
default = null;
- description = ''
+ description = lib.mdDoc ''
The database's port. If not set, the default ports will be provided (5432
and 3306 for pgsql and mysql respectively).
'';
@@ -219,7 +219,7 @@ let
createLocally = mkOption {
type = types.bool;
default = true;
- description = "Create the database and database user locally.";
+ description = lib.mdDoc "Create the database and database user locally.";
};
};
@@ -227,7 +227,7 @@ let
autoCreate = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Allow authentication modules to auto-create users in tt-rss internal
database when authenticated successfully.
'';
@@ -236,7 +236,7 @@ let
autoLogin = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Automatically login user on remote or other kind of externally supplied
authentication, otherwise redirect to login form as normal.
If set to true, users won't be able to set application language
@@ -249,7 +249,7 @@ let
hub = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
URL to a PubSubHubbub-compatible hub server. If defined, "Published
articles" generated feed would automatically become PUSH-enabled.
'';
@@ -258,7 +258,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable client PubSubHubbub support in tt-rss. When disabled, tt-rss
won't try to subscribe to PUSH feed updates.
'';
@@ -269,7 +269,7 @@ let
server = mkOption {
type = types.str;
default = "localhost:9312";
- description = ''
+ description = lib.mdDoc ''
Hostname:port combination for the Sphinx server.
'';
};
@@ -277,7 +277,7 @@ let
index = mkOption {
type = types.listOf types.str;
default = ["ttrss" "delta"];
- description = ''
+ description = lib.mdDoc ''
Index names in Sphinx configuration. Example configuration
files are available on tt-rss wiki.
'';
@@ -288,7 +288,7 @@ let
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Allow users to register themselves. Please be aware that allowing
random people to access your tt-rss installation is a security risk
and potentially might lead to data loss or server exploit. Disabled
@@ -299,7 +299,7 @@ let
notifyAddress = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Email address to send new user notifications to.
'';
};
@@ -307,7 +307,7 @@ let
maxUsers = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Maximum amount of users which will be allowed to register on this
system. 0 - no limit.
'';
@@ -319,7 +319,7 @@ let
type = types.str;
default = "";
example = "localhost:25";
- description = ''
+ description = lib.mdDoc ''
Hostname:port combination to send outgoing mail. Blank - use system
MTA.
'';
@@ -328,7 +328,7 @@ let
login = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
SMTP authentication login used when sending outgoing mail.
'';
};
@@ -336,7 +336,7 @@ let
password = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
SMTP authentication password used when sending outgoing mail.
'';
};
@@ -344,7 +344,7 @@ let
security = mkOption {
type = types.enum ["" "ssl" "tls"];
default = "";
- description = ''
+ description = lib.mdDoc ''
Used to select a secure SMTP connection. Allowed values: ssl, tls,
or empty.
'';
@@ -353,7 +353,7 @@ let
fromName = mkOption {
type = types.str;
default = "Tiny Tiny RSS";
- description = ''
+ description = lib.mdDoc ''
Name for sending outgoing mail. This applies to password reset
notifications, digest emails and any other mail.
'';
@@ -362,7 +362,7 @@ let
fromAddress = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Address for sending outgoing mail. This applies to password reset
notifications, digest emails and any other mail.
'';
@@ -371,7 +371,7 @@ let
digestSubject = mkOption {
type = types.str;
default = "[tt-rss] New headlines for last 24 hours";
- description = ''
+ description = lib.mdDoc ''
Subject line for email digests.
'';
};
@@ -380,7 +380,7 @@ let
sessionCookieLifetime = mkOption {
type = types.int;
default = 86400;
- description = ''
+ description = lib.mdDoc ''
Default lifetime of a session (e.g. login) cookie. In seconds,
0 means cookie will be deleted when browser closes.
'';
@@ -388,7 +388,7 @@ let
selfUrlPath = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Full URL of your tt-rss installation. This should be set to the
location of tt-rss directory, e.g. http://example.org/tt-rss/
You need to set this option correctly otherwise several features
@@ -400,7 +400,7 @@ let
feedCryptKey = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Key used for encryption of passwords for password-protected feeds
in the database. A string of 24 random characters. If left blank, encryption
is not used. Requires mcrypt functions.
@@ -413,7 +413,7 @@ let
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Operate in single user mode, disables all functionality related to
multiple users and authentication. Enabling this assumes you have
your tt-rss directory protected by other means (e.g. http auth).
@@ -423,7 +423,7 @@ let
simpleUpdateMode = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enables fallback update mode where tt-rss tries to update feeds in
background while tt-rss is open in your browser.
If you don't have a lot of feeds and don't want to or can't run
@@ -437,7 +437,7 @@ let
forceArticlePurge = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
When this option is not 0, users ability to control feed purging
intervals is disabled and all articles (which are not starred)
older than this amount of days are purged.
@@ -447,7 +447,7 @@ let
enableGZipOutput = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Selectively gzip output to improve wire performance. This requires
PHP Zlib extension on the server.
Enabling this can break tt-rss in several httpd/php configurations,
@@ -459,7 +459,7 @@ let
plugins = mkOption {
type = types.listOf types.str;
default = ["auth_internal" "note"];
- description = ''
+ description = lib.mdDoc ''
List of plugins to load automatically for all users.
System plugins have to be specified here. Please enable at least one
authentication plugin here (auth_*).
@@ -473,27 +473,27 @@ let
pluginPackages = mkOption {
type = types.listOf types.package;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of plugins to install. The list elements are expected to
be derivations. All elements in this derivation are automatically
- copied to the plugins.local directory.
+ copied to the `plugins.local` directory.
'';
};
themePackages = mkOption {
type = types.listOf types.package;
default = [];
- description = ''
+ description = lib.mdDoc ''
List of themes to install. The list elements are expected to
be derivations. All elements in this derivation are automatically
- copied to the themes.local directory.
+ copied to the `themes.local` directory.
'';
};
logDestination = mkOption {
type = types.enum ["" "sql" "syslog"];
default = "sql";
- description = ''
+ description = lib.mdDoc ''
Log destination to use. Possible values: sql (uses internal logging
you can read in Preferences -> System), syslog - logs to system log.
Setting this to blank uses PHP logging (usually to http server
@@ -504,8 +504,8 @@ let
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
- Additional lines to append to config.php.
+ description = lib.mdDoc ''
+ Additional lines to append to `config.php`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/vikunja.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/vikunja.nix
index 7575e96ca81..7db61015980 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/vikunja.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/vikunja.nix
@@ -15,18 +15,18 @@ in {
default = pkgs.vikunja-api;
type = types.package;
defaultText = literalExpression "pkgs.vikunja-api";
- description = "vikunja-api derivation to use.";
+ description = lib.mdDoc "vikunja-api derivation to use.";
};
package-frontend = mkOption {
default = pkgs.vikunja-frontend;
type = types.package;
defaultText = literalExpression "pkgs.vikunja-frontend";
- description = "vikunja-frontend derivation to use.";
+ description = lib.mdDoc "vikunja-frontend derivation to use.";
};
environmentFiles = mkOption {
type = types.listOf types.path;
default = [ ];
- description = ''
+ description = lib.mdDoc ''
List of environment files set in the vikunja systemd service.
For example passwords should be set in one of these files.
'';
@@ -35,34 +35,34 @@ in {
type = types.bool;
default = config.services.nginx.enable;
defaultText = literalExpression "config.services.nginx.enable";
- description = ''
+ description = lib.mdDoc ''
Whether to setup NGINX.
Further nginx configuration can be done by changing
- .
+ {option}`services.nginx.virtualHosts.`.
This does not enable TLS or ACME by default. To enable this, set the
- to
- true and if appropriate do the same for
- .
+ {option}`services.nginx.virtualHosts..enableACME` to
+ `true` and if appropriate do the same for
+ {option}`services.nginx.virtualHosts..forceSSL`.
'';
};
frontendScheme = mkOption {
type = types.enum [ "http" "https" ];
- description = ''
+ description = lib.mdDoc ''
Whether the site is available via http or https.
This does not configure https or ACME in nginx!
'';
};
frontendHostname = mkOption {
type = types.str;
- description = "The Hostname under which the frontend is running.";
+ description = lib.mdDoc "The Hostname under which the frontend is running.";
};
settings = mkOption {
type = format.type;
default = {};
- description = ''
+ description = lib.mdDoc ''
Vikunja configuration. Refer to
-
+
for details on supported values.
'';
};
@@ -71,27 +71,27 @@ in {
type = types.enum [ "sqlite" "mysql" "postgres" ];
example = "postgres";
default = "sqlite";
- description = "Database engine to use.";
+ description = lib.mdDoc "Database engine to use.";
};
host = mkOption {
type = types.str;
default = "localhost";
- description = "Database host address. Can also be a socket.";
+ description = lib.mdDoc "Database host address. Can also be a socket.";
};
user = mkOption {
type = types.str;
default = "vikunja";
- description = "Database user.";
+ description = lib.mdDoc "Database user.";
};
database = mkOption {
type = types.str;
default = "vikunja";
- description = "Database name.";
+ description = lib.mdDoc "Database name.";
};
path = mkOption {
type = types.str;
default = "/var/lib/vikunja/vikunja.db";
- description = "Path to the sqlite3 database file.";
+ description = lib.mdDoc "Path to the sqlite3 database file.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/virtlyst.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/virtlyst.nix
index 37bdbb0e3b4..5094367a493 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/virtlyst.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/virtlyst.nix
@@ -35,7 +35,7 @@ in
adminPassword = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Initial admin password with which the database will be seeded.
'';
};
@@ -43,7 +43,7 @@ in
httpSocket = mkOption {
type = types.str;
default = "localhost:3000";
- description = ''
+ description = lib.mdDoc ''
IP and/or port to which to bind the http socket.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/whitebophir.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/whitebophir.nix
index f9db6fe379b..c4dee3c6eec 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/whitebophir.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/whitebophir.nix
@@ -13,19 +13,19 @@ in {
default = pkgs.whitebophir;
defaultText = literalExpression "pkgs.whitebophir";
type = types.package;
- description = "Whitebophir package to use.";
+ description = lib.mdDoc "Whitebophir package to use.";
};
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0";
- description = "Address to listen on (use 0.0.0.0 to allow access from any address).";
+ description = lib.mdDoc "Address to listen on (use 0.0.0.0 to allow access from any address).";
};
port = mkOption {
type = types.port;
default = 5001;
- description = "Port to bind to.";
+ description = lib.mdDoc "Port to bind to.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/wiki-js.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/wiki-js.nix
index 1a6259dffee..474fbb8f13c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/wiki-js.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/wiki-js.nix
@@ -16,7 +16,7 @@ in {
type = types.nullOr types.path;
default = null;
example = "/root/wiki-js.env";
- description = ''
+ description = lib.mdDoc ''
Environment fiel to inject e.g. secrets into the configuration.
'';
};
@@ -24,8 +24,8 @@ in {
stateDirectoryName = mkOption {
default = "wiki-js";
type = types.str;
- description = ''
- Name of the directory in /var/lib.
+ description = lib.mdDoc ''
+ Name of the directory in {file}`/var/lib`.
'';
};
@@ -37,7 +37,7 @@ in {
port = mkOption {
type = types.port;
default = 3000;
- description = ''
+ description = lib.mdDoc ''
TCP port the process should listen to.
'';
};
@@ -45,7 +45,7 @@ in {
bindIP = mkOption {
default = "0.0.0.0";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
IPs the service should listen to.
'';
};
@@ -64,14 +64,14 @@ in {
host = mkOption {
type = types.str;
example = "/run/postgresql";
- description = ''
+ description = lib.mdDoc ''
Hostname or socket-path to connect to.
'';
};
db = mkOption {
default = "wiki";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of the database to use.
'';
};
@@ -80,7 +80,7 @@ in {
logLevel = mkOption {
default = "info";
type = types.enum [ "error" "warn" "info" "verbose" "debug" "silly" ];
- description = ''
+ description = lib.mdDoc ''
Define how much detail is supposed to be logged at runtime.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/youtrack.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/youtrack.nix
index b83265ffeab..789880d61f6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/youtrack.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-apps/youtrack.nix
@@ -24,7 +24,7 @@ in
enable = mkEnableOption "YouTrack service";
address = mkOption {
- description = ''
+ description = lib.mdDoc ''
The interface youtrack will listen on.
'';
default = "127.0.0.1";
@@ -32,7 +32,7 @@ in
};
baseUrl = mkOption {
- description = ''
+ description = lib.mdDoc ''
Base URL for youtrack. Will be auto-detected and stored in database.
'';
type = types.nullOr types.str;
@@ -41,7 +41,7 @@ in
extraParams = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
Extra parameters to pass to youtrack. See
https://www.jetbrains.com/help/youtrack/standalone/YouTrack-Java-Start-Parameters.html
for more information.
@@ -55,7 +55,7 @@ in
};
package = mkOption {
- description = ''
+ description = lib.mdDoc ''
Package to use.
'';
type = types.package;
@@ -64,7 +64,7 @@ in
};
port = mkOption {
- description = ''
+ description = lib.mdDoc ''
The port youtrack will listen on.
'';
default = 8080;
@@ -72,7 +72,7 @@ in
};
statePath = mkOption {
- description = ''
+ description = lib.mdDoc ''
Where to keep the youtrack database.
'';
type = types.path;
@@ -80,7 +80,7 @@ in
};
virtualHost = mkOption {
- description = ''
+ description = lib.mdDoc ''
Name of the nginx virtual host to use and setup.
If null, do not setup anything.
'';
@@ -89,7 +89,7 @@ in
};
jvmOpts = mkOption {
- description = ''
+ description = lib.mdDoc ''
Extra options to pass to the JVM.
See https://www.jetbrains.com/help/youtrack/standalone/Configure-JVM-Options.html
for more information.
@@ -100,7 +100,7 @@ in
};
maxMemory = mkOption {
- description = ''
+ description = lib.mdDoc ''
Maximum Java heap size
'';
type = types.str;
@@ -108,7 +108,7 @@ in
};
maxMetaspaceSize = mkOption {
- description = ''
+ description = lib.mdDoc ''
Maximum java Metaspace memory.
'';
type = types.str;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/agate.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/agate.nix
index 3afdb561c0b..3f7b298fa94 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/agate.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/agate.nix
@@ -14,13 +14,13 @@ in
type = types.package;
default = pkgs.agate;
defaultText = literalExpression "pkgs.agate";
- description = "The package to use";
+ description = lib.mdDoc "The package to use";
};
addresses = mkOption {
type = types.listOf types.str;
default = [ "0.0.0.0:1965" ];
- description = ''
+ description = lib.mdDoc ''
Addresses to listen on, IP:PORT, if you haven't disabled forwarding
only set IPv4.
'';
@@ -29,19 +29,19 @@ in
contentDir = mkOption {
default = "/var/lib/agate/content";
type = types.path;
- description = "Root of the content directory.";
+ description = lib.mdDoc "Root of the content directory.";
};
certificatesDir = mkOption {
default = "/var/lib/agate/certificates";
type = types.path;
- description = "Root of the certificate directory.";
+ description = lib.mdDoc "Root of the certificate directory.";
};
hostnames = mkOption {
default = [ ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Domain name of this Gemini server, enables checking hostname and port
in requests. (multiple occurences means basic vhosts)
'';
@@ -50,20 +50,20 @@ in
language = mkOption {
default = null;
type = types.nullOr types.str;
- description = "RFC 4646 Language code for text/gemini documents.";
+ description = lib.mdDoc "RFC 4646 Language code for text/gemini documents.";
};
onlyTls_1_3 = mkOption {
default = false;
type = types.bool;
- description = "Only use TLSv1.3 (default also allows TLSv1.2).";
+ description = lib.mdDoc "Only use TLSv1.3 (default also allows TLSv1.2).";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [ "" ];
example = [ "--log-ip" ];
- description = "Extra arguments to use running agate.";
+ description = lib.mdDoc "Extra arguments to use running agate.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/apache-httpd/location-options.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/apache-httpd/location-options.nix
index 8ea88f94f97..726ad2683d2 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/apache-httpd/location-options.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/apache-httpd/location-options.nix
@@ -9,8 +9,8 @@ in
type = with types; nullOr str;
default = null;
example = "http://www.example.org/";
- description = ''
- Sets up a simple reverse proxy as described by .
+ description = lib.mdDoc ''
+ Sets up a simple reverse proxy as described by .
'';
};
@@ -18,8 +18,8 @@ in
type = with types; nullOr str;
default = null;
example = "index.php index.html";
- description = ''
- Adds DirectoryIndex directive. See .
+ description = lib.mdDoc ''
+ Adds DirectoryIndex directive. See .
'';
};
@@ -27,15 +27,15 @@ in
type = with types; nullOr path;
default = null;
example = "/your/alias/directory";
- description = ''
- Alias directory for requests. See .
+ description = lib.mdDoc ''
+ Alias directory for requests. See .
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
These lines go to the end of the location verbatim.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/caddy/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/caddy/default.nix
index 2b8c6f2e308..b262313577f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/caddy/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/caddy/default.nix
@@ -299,7 +299,7 @@ in
# https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=
# If the empty string is assigned to this option, the list of commands to start is reset, prior assignments of this option will have no effect.
ExecStart = [ "" "${cfg.package}/bin/caddy run --config ${cfg.configFile} --adapter ${cfg.adapter} ${optionalString cfg.resume "--resume"}" ];
- ExecReload = [ "" "${cfg.package}/bin/caddy reload --config ${cfg.configFile} --adapter ${cfg.adapter}" ];
+ ExecReload = [ "" "${cfg.package}/bin/caddy reload --config ${cfg.configFile} --adapter ${cfg.adapter} --force" ];
ExecStartPre = "${cfg.package}/bin/caddy validate --config ${cfg.configFile} --adapter ${cfg.adapter}";
User = cfg.user;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/darkhttpd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/darkhttpd.nix
index f6b693139a1..5663e9ca9df 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/darkhttpd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/darkhttpd.nix
@@ -20,7 +20,7 @@ in {
port = mkOption {
default = 80;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
Port to listen on.
Pass 0 to let the system choose any free port for you.
'';
@@ -37,7 +37,7 @@ in {
rootDir = mkOption {
type = path;
- description = ''
+ description = lib.mdDoc ''
Path from which to serve files.
'';
};
@@ -45,7 +45,7 @@ in {
hideServerId = mkOption {
type = bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Don't identify the server type in headers or directory listings.
'';
};
@@ -53,7 +53,7 @@ in {
extraArgs = mkOption {
type = listOf str;
default = [];
- description = ''
+ description = lib.mdDoc ''
Additional configuration passed to the executable.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/fcgiwrap.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/fcgiwrap.nix
index a64a187255a..f9c91fb35db 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/fcgiwrap.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/fcgiwrap.nix
@@ -11,38 +11,38 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable fcgiwrap, a server for running CGI applications over FastCGI.";
+ description = lib.mdDoc "Whether to enable fcgiwrap, a server for running CGI applications over FastCGI.";
};
preforkProcesses = mkOption {
type = types.int;
default = 1;
- description = "Number of processes to prefork.";
+ description = lib.mdDoc "Number of processes to prefork.";
};
socketType = mkOption {
type = types.enum [ "unix" "tcp" "tcp6" ];
default = "unix";
- description = "Socket type: 'unix', 'tcp' or 'tcp6'.";
+ description = lib.mdDoc "Socket type: 'unix', 'tcp' or 'tcp6'.";
};
socketAddress = mkOption {
type = types.str;
default = "/run/fcgiwrap.sock";
example = "1.2.3.4:5678";
- description = "Socket address. In case of a UNIX socket, this should be its filesystem path.";
+ description = lib.mdDoc "Socket address. In case of a UNIX socket, this should be its filesystem path.";
};
user = mkOption {
type = types.nullOr types.str;
default = null;
- description = "User permissions for the socket.";
+ description = lib.mdDoc "User permissions for the socket.";
};
group = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Group permissions for the socket.";
+ description = lib.mdDoc "Group permissions for the socket.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/hitch/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/hitch/default.nix
index 1812f225b74..78bae140556 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/hitch/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/hitch/default.nix
@@ -21,7 +21,7 @@ with lib;
backend = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The host and port Hitch connects to when receiving
a connection in the form [HOST]:PORT
'';
@@ -30,7 +30,7 @@ with lib;
ciphers = mkOption {
type = types.str;
default = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
- description = "The list of ciphers to use";
+ description = lib.mdDoc "The list of ciphers to use";
};
frontend = mkOption {
@@ -46,33 +46,33 @@ with lib;
pem-files = mkOption {
type = types.listOf types.path;
default = [];
- description = "PEM files to use";
+ description = lib.mdDoc "PEM files to use";
};
ocsp-stapling = {
enabled = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable OCSP Stapling";
+ description = lib.mdDoc "Whether to enable OCSP Stapling";
};
};
user = mkOption {
type = types.str;
default = "hitch";
- description = "The user to run as";
+ description = lib.mdDoc "The user to run as";
};
group = mkOption {
type = types.str;
default = "hitch";
- description = "The group to run as";
+ description = lib.mdDoc "The group to run as";
};
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Additional configuration lines";
+ description = lib.mdDoc "Additional configuration lines";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/hydron.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/hydron.nix
index 46f62a9119f..046d527b2ab 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/hydron.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/hydron.nix
@@ -10,7 +10,7 @@ in with lib; {
type = types.path;
default = "/var/lib/hydron";
example = "/home/okina/hydron";
- description = "Location where hydron runs and stores data.";
+ description = lib.mdDoc "Location where hydron runs and stores data.";
};
interval = mkOption {
@@ -30,19 +30,19 @@ in with lib; {
type = types.str;
default = "hydron";
example = "dumbpass";
- description = "Password for the hydron database.";
+ description = lib.mdDoc "Password for the hydron database.";
};
passwordFile = mkOption {
type = types.path;
default = "/run/keys/hydron-password-file";
example = "/home/okina/hydron/keys/pass";
- description = "Password file for the hydron database.";
+ description = lib.mdDoc "Password file for the hydron database.";
};
postgresArgs = mkOption {
type = types.str;
- description = "Postgresql connection arguments.";
+ description = lib.mdDoc "Postgresql connection arguments.";
example = ''
{
"driver": "postgres",
@@ -55,27 +55,27 @@ in with lib; {
type = types.path;
default = "/run/keys/hydron-postgres-args";
example = "/home/okina/hydron/keys/postgres";
- description = "Postgresql connection arguments file.";
+ description = lib.mdDoc "Postgresql connection arguments file.";
};
listenAddress = mkOption {
type = types.nullOr types.str;
default = null;
example = "127.0.0.1:8010";
- description = "Listen on a specific IP address and port.";
+ description = lib.mdDoc "Listen on a specific IP address and port.";
};
importPaths = mkOption {
type = types.listOf types.path;
default = [];
example = [ "/home/okina/Pictures" ];
- description = "Paths that hydron will recursively import.";
+ description = lib.mdDoc "Paths that hydron will recursively import.";
};
fetchTags = mkOption {
type = types.bool;
default = true;
- description = "Fetch tags for imported images and webm from gelbooru.";
+ description = lib.mdDoc "Fetch tags for imported images and webm from gelbooru.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/jboss/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/jboss/default.nix
index d243e0f3f1b..05b354d567f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/jboss/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/jboss/default.nix
@@ -26,49 +26,49 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable JBoss. WARNING : this package is outdated and is known to have vulnerabilities.";
+ description = lib.mdDoc "Whether to enable JBoss. WARNING : this package is outdated and is known to have vulnerabilities.";
};
tempDir = mkOption {
default = "/tmp";
type = types.str;
- description = "Location where JBoss stores its temp files";
+ description = lib.mdDoc "Location where JBoss stores its temp files";
};
logDir = mkOption {
default = "/var/log/jboss";
type = types.str;
- description = "Location of the logfile directory of JBoss";
+ description = lib.mdDoc "Location of the logfile directory of JBoss";
};
serverDir = mkOption {
- description = "Location of the server instance files";
+ description = lib.mdDoc "Location of the server instance files";
default = "/var/jboss/server";
type = types.str;
};
deployDir = mkOption {
- description = "Location of the deployment files";
+ description = lib.mdDoc "Location of the deployment files";
default = "/nix/var/nix/profiles/default/server/default/deploy/";
type = types.str;
};
libUrl = mkOption {
default = "file:///nix/var/nix/profiles/default/server/default/lib";
- description = "Location where the shared library JARs are stored";
+ description = lib.mdDoc "Location where the shared library JARs are stored";
type = types.str;
};
user = mkOption {
default = "nobody";
- description = "User account under which jboss runs.";
+ description = lib.mdDoc "User account under which jboss runs.";
type = types.str;
};
useJK = mkOption {
type = types.bool;
default = false;
- description = "Whether to use to connector to the Apache HTTP server";
+ description = lib.mdDoc "Whether to use to connector to the Apache HTTP server";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/cgit.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/cgit.nix
index 8cd6d020940..5042fbf1f8f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/cgit.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/cgit.nix
@@ -23,7 +23,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If true, enable cgit (fast web interface for git repositories) as a
sub-service in lighttpd.
'';
@@ -33,7 +33,7 @@ in
default = "cgit";
example = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The subdirectory in which to serve cgit. The web application will be
accessible at http://yourserver/''${subdir}
'';
@@ -50,7 +50,7 @@ in
'''
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Verbatim contents of the cgit runtime configuration file. Documentation
(with cgitrc example file) is available in "man cgitrc". Or online:
http://git.zx2c4.com/cgit/tree/cgitrc.5.txt
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/collectd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/collectd.nix
index 5f091591daf..270517a4e2a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/collectd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/collectd.nix
@@ -33,7 +33,7 @@ in
defaultText = literalDocBook ''
config.${options.services.collectd.package} configured for lighttpd
'';
- description = ''
+ description = lib.mdDoc ''
Path to collection.cgi script from (collectd sources)/contrib/collection.cgi
This option allows to use a customized version
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/default.nix
index 05e897c8cc9..ec847495d74 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/default.nix
@@ -130,7 +130,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable the lighttpd web server.
'';
};
@@ -139,7 +139,7 @@ in
default = pkgs.lighttpd;
defaultText = "pkgs.lighttpd";
type = types.package;
- description = ''
+ description = lib.mdDoc ''
lighttpd package to use.
'';
};
@@ -147,7 +147,7 @@ in
port = mkOption {
default = 80;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
TCP port number for lighttpd to bind to.
'';
};
@@ -155,7 +155,7 @@ in
document-root = mkOption {
default = "/srv/www";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Document-root of the web server. Must be readable by the "lighttpd" user.
'';
};
@@ -163,7 +163,7 @@ in
mod_userdir = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If true, requests in the form /~user/page.html are rewritten to take
the file public_html/page.html from the home directory of the user.
'';
@@ -173,11 +173,11 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "mod_cgi" "mod_status" ];
- description = ''
+ description = lib.mdDoc ''
List of lighttpd modules to enable. Sub-services take care of
enabling modules as needed, so this option is mainly for when you
want to add custom stuff to
- that depends on a
+ {option}`services.lighttpd.extraConfig` that depends on a
certain module.
'';
};
@@ -185,18 +185,18 @@ in
enableUpstreamMimeTypes = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to include the list of mime types bundled with lighttpd
(upstream). If you disable this, no mime types will be added by
NixOS and you will have to add your own mime types in
- .
+ {option}`services.lighttpd.extraConfig`.
'';
};
mod_status = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Show server status overview at /server-status, statistics at
/server-statistics and list of loaded modules at /server-config.
'';
@@ -206,7 +206,7 @@ in
default = "";
type = types.lines;
example = "...verbatim config file contents...";
- description = ''
+ description = lib.mdDoc ''
Overridable config file contents to use for lighttpd. By default, use
the contents automatically generated by NixOS.
'';
@@ -215,10 +215,10 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
These configuration lines will be appended to the generated lighttpd
config file. Note that this mechanism does not work when the manual
- option is used.
+ {option}`configText` option is used.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/gitweb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/gitweb.nix
index c494d6966a7..e129e8bc166 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/gitweb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/lighttpd/gitweb.nix
@@ -16,7 +16,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If true, enable gitweb in lighttpd. Access it at http://yourserver/gitweb
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/mighttpd2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/mighttpd2.nix
index f9b1a8b6ccc..523b5de2d69 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/mighttpd2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/mighttpd2.nix
@@ -42,7 +42,7 @@ in {
Service: 0 # 0 is HTTP only, 1 is HTTPS only, 2 is both
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Verbatim config file to use
(see http://www.mew.org/~kazu/proj/mighttpd/en/config.html)
'';
@@ -76,7 +76,7 @@ in {
/ -> /export/www/
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Verbatim routing file to use
(see http://www.mew.org/~kazu/proj/mighttpd/en/config.html)
'';
@@ -85,7 +85,7 @@ in {
cores = mkOption {
default = null;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
How many cores to use.
If null it will be determined automatically
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/minio.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/minio.nix
index c345e3f2467..f4fca2275e7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/minio.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/minio.nix
@@ -19,51 +19,51 @@ in
listenAddress = mkOption {
default = ":9000";
type = types.str;
- description = "IP address and port of the server.";
+ description = lib.mdDoc "IP address and port of the server.";
};
consoleAddress = mkOption {
default = ":9001";
type = types.str;
- description = "IP address and port of the web UI (console).";
+ description = lib.mdDoc "IP address and port of the web UI (console).";
};
dataDir = mkOption {
default = [ "/var/lib/minio/data" ];
type = types.listOf types.path;
- description = "The list of data directories for storing the objects. Use one path for regular operation and the minimum of 4 endpoints for Erasure Code mode.";
+ description = lib.mdDoc "The list of data directories for storing the objects. Use one path for regular operation and the minimum of 4 endpoints for Erasure Code mode.";
};
configDir = mkOption {
default = "/var/lib/minio/config";
type = types.path;
- description = "The config directory, for the access keys and other settings.";
+ description = lib.mdDoc "The config directory, for the access keys and other settings.";
};
accessKey = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Access key of 5 to 20 characters in length that clients use to access the server.
This overrides the access key that is generated by minio on first startup and stored inside the
- configDir directory.
+ `configDir` directory.
'';
};
secretKey = mkOption {
default = "";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Specify the Secret key of 8 to 40 characters in length that clients use to access the server.
This overrides the secret key that is generated by minio on first startup and stored inside the
- configDir directory.
+ `configDir` directory.
'';
};
rootCredentialsFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
File containing the MINIO_ROOT_USER, default is "minioadmin", and
MINIO_ROOT_PASSWORD (length >= 8), default is "minioadmin"; in the format of
an EnvironmentFile=, as described by systemd.exec(5).
@@ -74,7 +74,7 @@ in
region = mkOption {
default = "us-east-1";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The physical location of the server. By default it is set to us-east-1, which is same as AWS S3's and Minio's default region.
'';
};
@@ -82,14 +82,14 @@ in
browser = mkOption {
default = true;
type = types.bool;
- description = "Enable or disable access to web UI.";
+ description = lib.mdDoc "Enable or disable access to web UI.";
};
package = mkOption {
default = pkgs.minio;
defaultText = literalExpression "pkgs.minio";
type = types.package;
- description = "Minio package to use.";
+ description = lib.mdDoc "Minio package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/molly-brown.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/molly-brown.nix
index 0bd8b3316cb..31a2e856db4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/molly-brown.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/molly-brown.nix
@@ -15,7 +15,7 @@ in {
port = mkOption {
default = 1965;
type = types.port;
- description = ''
+ description = lib.mdDoc ''
TCP port for molly-brown to bind to.
'';
};
@@ -24,7 +24,7 @@ in {
type = types.str;
default = config.networking.hostName;
defaultText = literalExpression "config.networking.hostName";
- description = ''
+ description = lib.mdDoc ''
The hostname to respond to requests for. Requests for URLs with
other hosts will result in a status 53 (PROXY REQUEST REFUSED)
response.
@@ -50,21 +50,21 @@ in {
keyPath = mkOption {
type = types.path;
example = "/var/lib/acme/example.com/key.pem";
- description = "Path to TLS key. See .";
+ description = lib.mdDoc "Path to TLS key. See {option}`CertPath`.";
};
docBase = mkOption {
type = types.path;
example = "/var/lib/molly-brown";
- description = "Base directory for Gemini content.";
+ description = lib.mdDoc "Base directory for Gemini content.";
};
settings = mkOption {
inherit (settingsFormat) type;
default = { };
- description = ''
+ description = lib.mdDoc ''
molly-brown configuration. Refer to
-
+
for details on supported values.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/nginx/gitweb.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/nginx/gitweb.nix
index db45577a46d..ec2c432ca57 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/nginx/gitweb.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/nginx/gitweb.nix
@@ -17,7 +17,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If true, enable gitweb in nginx.
'';
};
@@ -25,7 +25,7 @@ in
location = mkOption {
default = "/gitweb";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Location to serve gitweb on.
'';
};
@@ -33,7 +33,7 @@ in
user = mkOption {
default = "nginx";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Existing user that the CGI process will belong to. (Default almost surely will do.)
'';
};
@@ -41,15 +41,15 @@ in
group = mkOption {
default = "nginx";
type = types.str;
- description = ''
- Group that the CGI process will belong to. (Set to config.services.gitolite.group if you are using gitolite.)
+ description = lib.mdDoc ''
+ Group that the CGI process will belong to. (Set to `config.services.gitolite.group` if you are using gitolite.)
'';
};
virtualHost = mkOption {
default = "_";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
VirtualHost to serve gitweb on. Default is catch-all.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/nginx/vhost-options.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/nginx/vhost-options.nix
index a9929297a24..61eef9f7ac9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/nginx/vhost-options.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/nginx/vhost-options.nix
@@ -60,7 +60,7 @@ with lib;
Note: This option overrides enableIPv6
'';
default = [];
- example = [ "127.0.0.1" "::1" ];
+ example = [ "127.0.0.1" "[::1]" ];
};
enableACME = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/phpfpm/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/phpfpm/default.nix
index 87c68fa074a..e24c77d056a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/phpfpm/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/phpfpm/default.nix
@@ -51,7 +51,7 @@ let
type = types.str;
default = "";
example = "/path/to/unix/socket";
- description = ''
+ description = lib.mdDoc ''
The address on which to accept FastCGI requests.
'';
};
@@ -60,22 +60,22 @@ let
type = types.package;
default = cfg.phpPackage;
defaultText = literalExpression "config.services.phpfpm.phpPackage";
- description = ''
+ description = lib.mdDoc ''
The PHP package to use for running this PHP-FPM pool.
'';
};
phpOptions = mkOption {
type = types.lines;
- description = ''
- "Options appended to the PHP configuration file php.ini used for this PHP-FPM pool."
+ description = lib.mdDoc ''
+ "Options appended to the PHP configuration file {file}`php.ini` used for this PHP-FPM pool."
'';
};
phpEnv = lib.mkOption {
type = with types; attrsOf str;
default = {};
- description = ''
+ description = lib.mdDoc ''
Environment variables used for this PHP-FPM pool.
'';
example = literalExpression ''
@@ -90,22 +90,22 @@ let
user = mkOption {
type = types.str;
- description = "User account under which this pool runs.";
+ description = lib.mdDoc "User account under which this pool runs.";
};
group = mkOption {
type = types.str;
- description = "Group account under which this pool runs.";
+ description = lib.mdDoc "Group account under which this pool runs.";
};
settings = mkOption {
type = with types; attrsOf (oneOf [ str int bool ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
PHP-FPM pool directives. Refer to the "List of pool directives" section of
-
+
for details. Note that settings names must be enclosed in quotes (e.g.
- "pm.max_children" instead of pm.max_children).
+ `"pm.max_children"` instead of `pm.max_children`).
'';
example = literalExpression ''
{
@@ -122,9 +122,9 @@ let
extraConfig = mkOption {
type = with types; nullOr lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Extra lines that go into the pool configuration.
- See the documentation on php-fpm.conf for
+ See the documentation on `php-fpm.conf` for
details on configuration directives.
'';
};
@@ -154,24 +154,24 @@ in {
settings = mkOption {
type = with types; attrsOf (oneOf [ str int bool ]);
default = {};
- description = ''
+ description = lib.mdDoc ''
PHP-FPM global directives. Refer to the "List of global php-fpm.conf directives" section of
-
+
for details. Note that settings names must be enclosed in quotes (e.g.
- "pm.max_children" instead of pm.max_children).
- You need not specify the options error_log or
- daemonize here, since they are generated by NixOS.
+ `"pm.max_children"` instead of `pm.max_children`).
+ You need not specify the options `error_log` or
+ `daemonize` here, since they are generated by NixOS.
'';
};
extraConfig = mkOption {
type = with types; nullOr lines;
default = null;
- description = ''
+ description = lib.mdDoc ''
Extra configuration that should be put in the global section of
the PHP-FPM configuration file. Do not specify the options
- error_log or
- daemonize here, since they are generated by
+ `error_log` or
+ `daemonize` here, since they are generated by
NixOS.
'';
};
@@ -180,7 +180,7 @@ in {
type = types.package;
default = pkgs.php;
defaultText = literalExpression "pkgs.php";
- description = ''
+ description = lib.mdDoc ''
The PHP package to use for running the PHP-FPM service.
'';
};
@@ -192,8 +192,8 @@ in {
''
date.timezone = "CET"
'';
- description = ''
- Options appended to the PHP configuration file php.ini.
+ description = lib.mdDoc ''
+ Options appended to the PHP configuration file {file}`php.ini`.
'';
};
@@ -216,7 +216,7 @@ in {
};
}
}'';
- description = ''
+ description = lib.mdDoc ''
PHP-FPM pools. If no pools are defined, the PHP-FPM
service is disabled.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/pomerium.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/pomerium.nix
index 0b460755f50..209de55e36e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/pomerium.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/pomerium.nix
@@ -12,13 +12,13 @@ in
configFile = mkOption {
type = with types; nullOr path;
default = null;
- description = "Path to Pomerium config YAML. If set, overrides services.pomerium.settings.";
+ description = lib.mdDoc "Path to Pomerium config YAML. If set, overrides services.pomerium.settings.";
};
useACMEHost = mkOption {
type = with types; nullOr str;
default = null;
- description = ''
+ description = lib.mdDoc ''
If set, use a NixOS-generated ACME certificate with the specified name.
Note that this will require you to use a non-HTTP-based challenge, or
@@ -32,13 +32,13 @@ in
};
settings = mkOption {
- description = ''
+ description = lib.mdDoc ''
The contents of Pomerium's config.yaml, in Nix expressions.
Specifying configFile will override this in its entirety.
- See the Pomerium
- configuration reference for more information about what to put
+ See [the Pomerium
+ configuration reference](https://pomerium.io/reference/) for more information about what to put
here.
'';
default = {};
@@ -48,7 +48,7 @@ in
secretsFile = mkOption {
type = with types; nullOr path;
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to file containing secrets for Pomerium, in systemd
EnvironmentFile format. See the systemd.exec(5) man page.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/tomcat.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/tomcat.nix
index 877097cf378..ec7f46e25e9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/tomcat.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/tomcat.nix
@@ -26,7 +26,7 @@ in
default = pkgs.tomcat9;
defaultText = literalExpression "pkgs.tomcat9";
example = lib.literalExpression "pkgs.tomcat9";
- description = ''
+ description = lib.mdDoc ''
Which tomcat package to use.
'';
};
@@ -56,57 +56,57 @@ in
logDirs = mkOption {
default = [];
type = types.listOf types.path;
- description = "Directories to create in baseDir/logs/";
+ description = lib.mdDoc "Directories to create in baseDir/logs/";
};
extraConfigFiles = mkOption {
default = [];
type = types.listOf types.path;
- description = "Extra configuration files to pull into the tomcat conf directory";
+ description = lib.mdDoc "Extra configuration files to pull into the tomcat conf directory";
};
extraEnvironment = mkOption {
type = types.listOf types.str;
default = [];
example = [ "ENVIRONMENT=production" ];
- description = "Environment Variables to pass to the tomcat service";
+ description = lib.mdDoc "Environment Variables to pass to the tomcat service";
};
extraGroups = mkOption {
default = [];
type = types.listOf types.str;
example = [ "users" ];
- description = "Defines extra groups to which the tomcat user belongs.";
+ description = lib.mdDoc "Defines extra groups to which the tomcat user belongs.";
};
user = mkOption {
type = types.str;
default = "tomcat";
- description = "User account under which Apache Tomcat runs.";
+ description = lib.mdDoc "User account under which Apache Tomcat runs.";
};
group = mkOption {
type = types.str;
default = "tomcat";
- description = "Group account under which Apache Tomcat runs.";
+ description = lib.mdDoc "Group account under which Apache Tomcat runs.";
};
javaOpts = mkOption {
type = types.either (types.listOf types.str) types.str;
default = "";
- description = "Parameters to pass to the Java Virtual Machine which spawns Apache Tomcat";
+ description = lib.mdDoc "Parameters to pass to the Java Virtual Machine which spawns Apache Tomcat";
};
catalinaOpts = mkOption {
type = types.either (types.listOf types.str) types.str;
default = "";
- description = "Parameters to pass to the Java Virtual Machine which spawns the Catalina servlet container";
+ description = lib.mdDoc "Parameters to pass to the Java Virtual Machine which spawns the Catalina servlet container";
};
sharedLibs = mkOption {
type = types.listOf types.str;
default = [];
- description = "List containing JAR files or directories with JAR files which are libraries shared by the web applications";
+ description = lib.mdDoc "List containing JAR files or directories with JAR files which are libraries shared by the web applications";
};
serverXml = mkOption {
@@ -121,14 +121,14 @@ in
commonLibs = mkOption {
type = types.listOf types.str;
default = [];
- description = "List containing JAR files or directories with JAR files which are libraries shared by the web applications and the servlet container";
+ description = lib.mdDoc "List containing JAR files or directories with JAR files which are libraries shared by the web applications and the servlet container";
};
webapps = mkOption {
type = types.listOf types.path;
default = [ tomcat.webapps ];
defaultText = literalExpression "[ config.services.tomcat.package.webapps ]";
- description = "List containing WAR files or directories with WAR files which are web applications to be deployed on Tomcat";
+ description = lib.mdDoc "List containing WAR files or directories with WAR files which are web applications to be deployed on Tomcat";
};
virtualHosts = mkOption {
@@ -136,16 +136,16 @@ in
options = {
name = mkOption {
type = types.str;
- description = "name of the virtualhost";
+ description = lib.mdDoc "name of the virtualhost";
};
aliases = mkOption {
type = types.listOf types.str;
- description = "aliases of the virtualhost";
+ description = lib.mdDoc "aliases of the virtualhost";
default = [];
};
webapps = mkOption {
type = types.listOf types.path;
- description = ''
+ description = lib.mdDoc ''
List containing web application WAR files and/or directories containing
web applications and configuration files for the virtual host.
'';
@@ -154,20 +154,20 @@ in
};
});
default = [];
- description = "List consisting of a virtual host name and a list of web applications to deploy on each virtual host";
+ description = lib.mdDoc "List consisting of a virtual host name and a list of web applications to deploy on each virtual host";
};
logPerVirtualHost = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable logging per virtual host.";
+ description = lib.mdDoc "Whether to enable logging per virtual host.";
};
jdk = mkOption {
type = types.package;
default = pkgs.jdk;
defaultText = literalExpression "pkgs.jdk";
- description = "Which JDK to use.";
+ description = lib.mdDoc "Which JDK to use.";
};
axis2 = {
@@ -175,13 +175,13 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = "Whether to enable an Apache Axis2 container";
+ description = lib.mdDoc "Whether to enable an Apache Axis2 container";
};
services = mkOption {
default = [];
type = types.listOf types.str;
- description = "List containing AAR files or directories with AAR files which are web services to be deployed on Axis2";
+ description = lib.mdDoc "List containing AAR files or directories with AAR files which are web services to be deployed on Axis2";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/traefik.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/traefik.nix
index eb7fd0995de..abef963201e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/traefik.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/traefik.nix
@@ -56,14 +56,14 @@ in {
default = null;
example = literalExpression "/path/to/static_config.toml";
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path to traefik's static configuration to use.
- (Using that option has precedence over staticConfigOptions and dynamicConfigOptions)
+ (Using that option has precedence over `staticConfigOptions` and `dynamicConfigOptions`)
'';
};
staticConfigOptions = mkOption {
- description = ''
+ description = lib.mdDoc ''
Static configuration for Traefik.
'';
type = jsonValue;
@@ -80,14 +80,14 @@ in {
default = null;
example = literalExpression "/path/to/dynamic_config.toml";
type = types.nullOr types.path;
- description = ''
+ description = lib.mdDoc ''
Path to traefik's dynamic configuration to use.
- (Using that option has precedence over dynamicConfigOptions)
+ (Using that option has precedence over `dynamicConfigOptions`)
'';
};
dynamicConfigOptions = mkOption {
- description = ''
+ description = lib.mdDoc ''
Dynamic configuration for Traefik.
'';
type = jsonValue;
@@ -106,7 +106,7 @@ in {
dataDir = mkOption {
default = "/var/lib/traefik";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Location for any persistent data traefik creates, ie. acme
'';
};
@@ -115,9 +115,9 @@ in {
default = "traefik";
type = types.str;
example = "docker";
- description = ''
+ description = lib.mdDoc ''
Set the group that traefik runs under.
- For the docker backend this needs to be set to docker instead.
+ For the docker backend this needs to be set to `docker` instead.
'';
};
@@ -125,7 +125,7 @@ in {
default = pkgs.traefik;
defaultText = literalExpression "pkgs.traefik";
type = types.package;
- description = "Traefik package to use.";
+ description = lib.mdDoc "Traefik package to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/trafficserver/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/trafficserver/default.nix
index b52087fa038..beb5e437c5b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/trafficserver/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/trafficserver/default.nix
@@ -39,11 +39,11 @@ in
type = types.lines;
default = "";
example = "dest_domain=example.com suffix=js action=never-cache";
- description = ''
+ description = lib.mdDoc ''
Caching rules that overrule the origin's caching policy.
- Consult the upstream
- documentation for more details.
+ Consult the [upstream
+ documentation](${getManualUrl "cache.config"}) for more details.
'';
};
@@ -51,11 +51,11 @@ in
type = types.lines;
default = "";
example = "domain=example.com volume=1";
- description = ''
+ description = lib.mdDoc ''
Partition the cache according to origin server or domain
- Consult the
- upstream documentation for more details.
+ Consult the [
+ upstream documentation](${getManualUrl "hosting.config"}) for more details.
'';
};
@@ -73,12 +73,12 @@ in
}];
}
'';
- description = ''
+ description = lib.mdDoc ''
Control client access to Traffic Server and Traffic Server connections
to upstream servers.
- Consult the upstream
- documentation for more details.
+ Consult the [upstream
+ documentation](${getManualUrl "ip_allow.yaml"}) for more details.
'';
};
@@ -87,11 +87,11 @@ in
default = lib.importJSON ./logging.json;
defaultText = literalDocBook "upstream defaults";
example = { };
- description = ''
+ description = lib.mdDoc ''
Configure logs.
- Consult the upstream
- documentation for more details.
+ Consult the [upstream
+ documentation](${getManualUrl "logging.yaml"}) for more details.
'';
};
@@ -101,23 +101,23 @@ in
example = ''
dest_domain=. method=get parent="p1.example:8080; p2.example:8080" round_robin=true
'';
- description = ''
+ description = lib.mdDoc ''
Identify the parent proxies used in an cache hierarchy.
- Consult the upstream
- documentation for more details.
+ Consult the [upstream
+ documentation](${getManualUrl "parent.config"}) for more details.
'';
};
plugins = mkOption {
default = [ ];
- description = ''
+ description = lib.mdDoc ''
Controls run-time loadable plugins available to Traffic Server, as
well as their configuration.
- Consult the upstream
- documentation for more details.
+ Consult the [upstream
+ documentation](${getManualUrl "plugin.config"}) for more details.
'';
type = with types;
@@ -125,7 +125,7 @@ in
options.path = mkOption {
type = str;
example = "xdebug.so";
- description = ''
+ description = lib.mdDoc ''
Path to plugin. The path can either be absolute, or relative to
the plugin directory.
'';
@@ -134,7 +134,7 @@ in
type = str;
default = "";
example = "--header=ATS-My-Debug";
- description = "arguments to pass to the plugin";
+ description = lib.mdDoc "arguments to pass to the plugin";
};
});
};
@@ -148,11 +148,11 @@ in
valueType;
default = { };
example = { proxy.config.proxy_name = "my_server"; };
- description = ''
+ description = lib.mdDoc ''
List of configurable variables used by Traffic Server.
- Consult the
- upstream documentation for more details.
+ Consult the [
+ upstream documentation](${getManualUrl "records.config"}) for more details.
'';
};
@@ -160,11 +160,11 @@ in
type = types.lines;
default = "";
example = "map http://from.example http://origin.example";
- description = ''
+ description = lib.mdDoc ''
URL remapping rules used by Traffic Server.
- Consult the
- upstream documentation for more details.
+ Consult the [
+ upstream documentation](${getManualUrl "remap.config"}) for more details.
'';
};
@@ -175,12 +175,12 @@ in
dest_domain=internal.corp.example named="255.255.255.255:212 255.255.255.254" def_domain=corp.example search_list="corp.example corp1.example"
dest_domain=!internal.corp.example named=255.255.255.253
'';
- description = ''
+ description = lib.mdDoc ''
Specify the DNS server that Traffic Server should use under specific
conditions.
- Consult the
- upstream documentation for more details.
+ Consult the [
+ upstream documentation](${getManualUrl "splitdns.config"}) for more details.
'';
};
@@ -188,11 +188,11 @@ in
type = types.lines;
default = "";
example = "dest_ip=* ssl_cert_name=default.pem";
- description = ''
+ description = lib.mdDoc ''
Configure SSL server certificates to terminate the SSL sessions.
- Consult the
- upstream documentation for more details.
+ Consult the [
+ upstream documentation](${getManualUrl "ssl_multicert.config"}) for more details.
'';
};
@@ -207,12 +207,12 @@ in
}];
}
'';
- description = ''
+ description = lib.mdDoc ''
Configure aspects of TLS connection handling for both inbound and
outbound connections.
- Consult the upstream
- documentation for more details.
+ Consult the [upstream
+ documentation](${getManualUrl "sni.yaml"}) for more details.
'';
};
@@ -220,23 +220,23 @@ in
type = types.lines;
default = "/var/cache/trafficserver 256M";
example = "/dev/disk/by-id/XXXXX volume=1";
- description = ''
+ description = lib.mdDoc ''
List all the storage that make up the Traffic Server cache.
- Consult the
- upstream documentation for more details.
+ Consult the [
+ upstream documentation](${getManualUrl "storage.config"}) for more details.
'';
};
strategies = mkOption {
type = types.nullOr yaml.type;
default = null;
- description = ''
+ description = lib.mdDoc ''
Specify the next hop proxies used in an cache hierarchy and the
algorithms used to select the next proxy.
- Consult the
- upstream documentation for more details.
+ Consult the [
+ upstream documentation](${getManualUrl "strategies.yaml"}) for more details.
'';
};
@@ -244,12 +244,12 @@ in
type = types.nullOr yaml.type;
default = "";
example = "volume=1 scheme=http size=20%";
- description = ''
+ description = lib.mdDoc ''
Manage cache space more efficiently and restrict disk usage by
creating cache volumes of different sizes.
- Consult the
- upstream documentation for more details.
+ Consult the [
+ upstream documentation](${getManualUrl "volume.config"}) for more details.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/ttyd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/ttyd.nix
index 431509f7fd5..0c47d9583cd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/ttyd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/ttyd.nix
@@ -35,44 +35,44 @@ in
port = mkOption {
type = types.port;
default = 7681;
- description = "Port to listen on (use 0 for random port)";
+ description = lib.mdDoc "Port to listen on (use 0 for random port)";
};
socket = mkOption {
type = types.nullOr types.path;
default = null;
example = "/var/run/ttyd.sock";
- description = "UNIX domain socket path to bind.";
+ description = lib.mdDoc "UNIX domain socket path to bind.";
};
interface = mkOption {
type = types.nullOr types.str;
default = null;
example = "eth0";
- description = "Network interface to bind.";
+ description = lib.mdDoc "Network interface to bind.";
};
username = mkOption {
type = types.nullOr types.str;
default = null;
- description = "Username for basic authentication.";
+ description = lib.mdDoc "Username for basic authentication.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
apply = value: if value == null then null else toString value;
- description = ''
+ description = lib.mdDoc ''
File containing the password to use for basic authentication.
For insecurely putting the password in the globally readable store use
- pkgs.writeText "ttydpw" "MyPassword".
+ `pkgs.writeText "ttydpw" "MyPassword"`.
'';
};
signal = mkOption {
type = types.ints.u8;
default = 1;
- description = "Signal to send to the command on session close.";
+ description = lib.mdDoc "Signal to send to the command on session close.";
};
clientOptions = mkOption {
@@ -83,75 +83,75 @@ in
fontFamily = "Fira Code";
}'';
- description = ''
+ description = lib.mdDoc ''
Attribute set of client options for xtermjs.
-
+
'';
};
terminalType = mkOption {
type = types.str;
default = "xterm-256color";
- description = "Terminal type to report.";
+ description = lib.mdDoc "Terminal type to report.";
};
checkOrigin = mkOption {
type = types.bool;
default = false;
- description = "Whether to allow a websocket connection from a different origin.";
+ description = lib.mdDoc "Whether to allow a websocket connection from a different origin.";
};
maxClients = mkOption {
type = types.int;
default = 0;
- description = "Maximum clients to support (0, no limit)";
+ description = lib.mdDoc "Maximum clients to support (0, no limit)";
};
indexFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "Custom index.html path";
+ description = lib.mdDoc "Custom index.html path";
};
enableIPv6 = mkOption {
type = types.bool;
default = false;
- description = "Whether or not to enable IPv6 support.";
+ description = lib.mdDoc "Whether or not to enable IPv6 support.";
};
enableSSL = mkOption {
type = types.bool;
default = false;
- description = "Whether or not to enable SSL (https) support.";
+ description = lib.mdDoc "Whether or not to enable SSL (https) support.";
};
certFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "SSL certificate file path.";
+ description = lib.mdDoc "SSL certificate file path.";
};
keyFile = mkOption {
type = types.nullOr types.path;
default = null;
apply = value: if value == null then null else toString value;
- description = ''
+ description = lib.mdDoc ''
SSL key file path.
For insecurely putting the keyFile in the globally readable store use
- pkgs.writeText "ttydKeyFile" "SSLKEY".
+ `pkgs.writeText "ttydKeyFile" "SSLKEY"`.
'';
};
caFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = "SSL CA file path for client certificate verification.";
+ description = lib.mdDoc "SSL CA file path for client certificate verification.";
};
logLevel = mkOption {
type = types.int;
default = 7;
- description = "Set log level.";
+ description = lib.mdDoc "Set log level.";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/unit/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/unit/default.nix
index b2eecdbb53e..5ad4a240bec 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/unit/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/unit/default.nix
@@ -15,27 +15,27 @@ in {
type = types.package;
default = pkgs.unit;
defaultText = literalExpression "pkgs.unit";
- description = "Unit package to use.";
+ description = lib.mdDoc "Unit package to use.";
};
user = mkOption {
type = types.str;
default = "unit";
- description = "User account under which unit runs.";
+ description = lib.mdDoc "User account under which unit runs.";
};
group = mkOption {
type = types.str;
default = "unit";
- description = "Group account under which unit runs.";
+ description = lib.mdDoc "Group account under which unit runs.";
};
stateDir = mkOption {
type = types.path;
default = "/var/spool/unit";
- description = "Unit data directory.";
+ description = lib.mdDoc "Unit data directory.";
};
logDir = mkOption {
type = types.path;
default = "/var/log/unit";
- description = "Unit log directory.";
+ description = lib.mdDoc "Unit log directory.";
};
config = mkOption {
type = types.str;
@@ -75,7 +75,7 @@ in {
}
}
'';
- description = "Unit configuration in JSON format. More details here https://unit.nginx.org/configuration";
+ description = lib.mdDoc "Unit configuration in JSON format. More details here https://unit.nginx.org/configuration";
};
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/uwsgi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/uwsgi.nix
index 1b3474f2f52..c76eb795a9e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/uwsgi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/uwsgi.nix
@@ -75,13 +75,13 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable uWSGI";
+ description = lib.mdDoc "Enable uWSGI";
};
runDir = mkOption {
type = types.path;
default = "/run/uwsgi";
- description = "Where uWSGI communication sockets can live";
+ description = lib.mdDoc "Where uWSGI communication sockets can live";
};
package = mkOption {
@@ -124,37 +124,37 @@ in {
};
}
'';
- description = ''
- uWSGI configuration. It awaits an attribute type inside which can be either
- normal or emperor.
+ description = lib.mdDoc ''
+ uWSGI configuration. It awaits an attribute `type` inside which can be either
+ `normal` or `emperor`.
- For normal mode you can specify pythonPackages as a function
- from libraries set into a list of libraries. pythonpath will be set accordingly.
+ For `normal` mode you can specify `pythonPackages` as a function
+ from libraries set into a list of libraries. `pythonpath` will be set accordingly.
- For emperor mode, you should use vassals attribute
+ For `emperor` mode, you should use `vassals` attribute
which should be either a set of names and configurations or a path to a directory.
Other attributes will be used in configuration file as-is. Notice that you can redefine
- plugins setting here.
+ `plugins` setting here.
'';
};
plugins = mkOption {
type = types.listOf types.str;
default = [];
- description = "Plugins used with uWSGI";
+ description = lib.mdDoc "Plugins used with uWSGI";
};
user = mkOption {
type = types.str;
default = "uwsgi";
- description = "User account under which uWSGI runs.";
+ description = lib.mdDoc "User account under which uWSGI runs.";
};
group = mkOption {
type = types.str;
default = "uwsgi";
- description = "Group account under which uWSGI runs.";
+ description = lib.mdDoc "Group account under which uWSGI runs.";
};
capabilities = mkOption {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/varnish/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/varnish/default.nix
index fe817313a99..39ebe633872 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/varnish/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/varnish/default.nix
@@ -19,7 +19,7 @@ in
type = types.package;
default = pkgs.varnish;
defaultText = literalExpression "pkgs.varnish";
- description = ''
+ description = lib.mdDoc ''
The package to use
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/zope2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/zope2.nix
index 92210916022..a80fe882f1a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/zope2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/web-servers/zope2.nix
@@ -12,31 +12,31 @@ let
name = mkOption {
default = "${name}";
type = types.str;
- description = "The name of the zope2 instance. If undefined, the name of the attribute set will be used.";
+ description = lib.mdDoc "The name of the zope2 instance. If undefined, the name of the attribute set will be used.";
};
threads = mkOption {
default = 2;
type = types.int;
- description = "Specify the number of threads that Zope's ZServer web server will use to service requests. ";
+ description = lib.mdDoc "Specify the number of threads that Zope's ZServer web server will use to service requests. ";
};
http_address = mkOption {
default = "localhost:8080";
type = types.str;
- description = "Give a port and address for the HTTP server.";
+ description = lib.mdDoc "Give a port and address for the HTTP server.";
};
user = mkOption {
default = "zope2";
type = types.str;
- description = "The name of the effective user for the Zope process.";
+ description = lib.mdDoc "The name of the effective user for the Zope process.";
};
clientHome = mkOption {
default = "/var/lib/zope2/${name}";
type = types.path;
- description = "Home directory of zope2 instance.";
+ description = lib.mdDoc "Home directory of zope2 instance.";
};
extra = mkOption {
default =
@@ -53,12 +53,12 @@ let
'';
type = types.lines;
- description = "Extra zope.conf";
+ description = lib.mdDoc "Extra zope.conf";
};
packages = mkOption {
type = types.listOf types.package;
- description = "The list of packages you want to make available to the zope2 instance.";
+ description = lib.mdDoc "The list of packages you want to make available to the zope2 instance.";
};
};
@@ -95,7 +95,7 @@ in
};
}
'';
- description = "zope2 instances to be created automaticaly by the system.";
+ description = lib.mdDoc "zope2 instances to be created automaticaly by the system.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/clight.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/clight.nix
index d994a658cba..8a17b7e801e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/clight.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/clight.nix
@@ -31,7 +31,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable clight or not.
'';
};
@@ -40,17 +40,17 @@ in {
day = mkOption {
type = types.int;
default = 5500;
- description = ''
+ description = lib.mdDoc ''
Colour temperature to use during the day, between
- 1000 and 25000 K.
+ `1000` and `25000` K.
'';
};
night = mkOption {
type = types.int;
default = 3700;
- description = ''
+ description = lib.mdDoc ''
Colour temperature to use at night, between
- 1000 and 25000 K.
+ `1000` and `25000` K.
'';
};
};
@@ -62,9 +62,9 @@ in {
type = with types; attrsOf (nullOr (either collectionTypes (attrsOf collectionTypes)));
default = {};
example = { captures = 20; gamma_long_transition = true; ac_capture_timeouts = [ 120 300 60 ]; };
- description = ''
+ description = lib.mdDoc ''
Additional configuration to extend clight.conf. See
- for a
+ for a
sample configuration file.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/cde.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/cde.nix
index 6c7105729cf..05cf011f62c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/cde.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/cde.nix
@@ -19,7 +19,7 @@ in {
xclock bitmap xlsfonts xfd xrefresh xload xwininfo xdpyinfo xwd xwud
]
'';
- description = ''
+ description = lib.mdDoc ''
Extra packages to be installed system wide.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/cinnamon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/cinnamon.nix
index 705dbec5e74..d54f99c2cd5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/cinnamon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/cinnamon.nix
@@ -27,7 +27,7 @@ in
default = [];
type = types.listOf types.package;
example = literalExpression "[ pkgs.gnome.gpaste ]";
- description = ''
+ description = lib.mdDoc ''
Additional list of packages to be added to the session search path.
Useful for GSettings-conditional autostart.
@@ -38,13 +38,13 @@ in
extraGSettingsOverrides = mkOption {
default = "";
type = types.lines;
- description = "Additional gsettings overrides.";
+ description = lib.mdDoc "Additional gsettings overrides.";
};
extraGSettingsOverridePackages = mkOption {
default = [];
type = types.listOf types.path;
- description = "List of packages for which gsettings are overridden.";
+ description = lib.mdDoc "List of packages for which gsettings are overridden.";
};
};
@@ -52,7 +52,7 @@ in
default = [];
example = literalExpression "[ pkgs.cinnamon.blueberry ]";
type = types.listOf types.package;
- description = "Which packages cinnamon should exclude from the default environment";
+ description = lib.mdDoc "Which packages cinnamon should exclude from the default environment";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/default.nix
index 2c2f2cae4b7..ffdf7e9a86e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/default.nix
@@ -72,7 +72,9 @@ in
apply = map (d: d // {
manage = "desktop";
start = d.start
- + optionalString (needBGCond d) ''\n\n
+ # literal newline to ensure d.start's last line is not appended to
+ + optionalString (needBGCond d) ''
+
if [ -e $HOME/.background-image ]; then
${pkgs.feh}/bin/feh --bg-${cfg.wallpaper.mode} ${optionalString cfg.wallpaper.combineScreens "--no-xinerama"} $HOME/.background-image
fi
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/enlightenment.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/enlightenment.nix
index 991616bd192..2de5d845d68 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/enlightenment.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/enlightenment.nix
@@ -29,7 +29,7 @@ in
services.xserver.desktopManager.enlightenment.enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the Enlightenment desktop environment.";
+ description = lib.mdDoc "Enable the Enlightenment desktop environment.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/gnome.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/gnome.nix
index ff9d08ea997..bbecd2796ae 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/gnome.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/gnome.nix
@@ -176,14 +176,14 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable GNOME desktop manager.";
+ description = lib.mdDoc "Enable GNOME desktop manager.";
};
sessionPath = mkOption {
default = [];
type = types.listOf types.package;
example = literalExpression "[ pkgs.gnome.gpaste ]";
- description = ''
+ description = lib.mdDoc ''
Additional list of packages to be added to the session search path.
Useful for GNOME Shell extensions or GSettings-conditional autostart.
@@ -207,13 +207,13 @@ in
extraGSettingsOverrides = mkOption {
default = "";
type = types.lines;
- description = "Additional gsettings overrides.";
+ description = lib.mdDoc "Additional gsettings overrides.";
};
extraGSettingsOverridePackages = mkOption {
default = [];
type = types.listOf types.path;
- description = "List of packages for which gsettings are overridden.";
+ description = lib.mdDoc "List of packages for which gsettings are overridden.";
};
debug = mkEnableOption "gnome-session debug messages";
@@ -226,19 +226,19 @@ in
options = {
wmName = mkOption {
type = types.strMatching "[a-zA-Z0-9_-]+";
- description = "A unique identifier for the window manager.";
+ description = lib.mdDoc "A unique identifier for the window manager.";
example = "xmonad";
};
wmLabel = mkOption {
type = types.str;
- description = "The name of the window manager to show in the session chooser.";
+ description = lib.mdDoc "The name of the window manager to show in the session chooser.";
example = "XMonad";
};
wmCommand = mkOption {
type = types.str;
- description = "The executable of the window manager to use.";
+ description = lib.mdDoc "The executable of the window manager to use.";
example = literalExpression ''"''${pkgs.haskellPackages.xmonad}/bin/xmonad"'';
};
@@ -246,22 +246,22 @@ in
type = types.bool;
default = true;
example = false;
- description = "Whether to enable the GNOME panel in this session.";
+ description = lib.mdDoc "Whether to enable the GNOME panel in this session.";
};
};
});
default = [];
- description = "Other GNOME Flashback sessions to enable.";
+ description = lib.mdDoc "Other GNOME Flashback sessions to enable.";
};
panelModulePackages = mkOption {
default = [ pkgs.gnome.gnome-applets ];
defaultText = literalExpression "[ pkgs.gnome.gnome-applets ]";
type = types.listOf types.path;
- description = ''
- Packages containing modules that should be made available to gnome-panel (usually for applets).
+ description = lib.mdDoc ''
+ Packages containing modules that should be made available to `gnome-panel` (usually for applets).
- If you're packaging something to use here, please install the modules in $out/lib/gnome-panel/modules.
+ If you're packaging something to use here, please install the modules in `$out/lib/gnome-panel/modules`.
'';
};
};
@@ -271,7 +271,7 @@ in
default = [];
example = literalExpression "[ pkgs.gnome.totem ]";
type = types.listOf types.package;
- description = "Which packages gnome should exclude from the default environment";
+ description = lib.mdDoc "Which packages gnome should exclude from the default environment";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/kodi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/kodi.nix
index b853c94d6fd..43904cd00e8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/kodi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/kodi.nix
@@ -12,7 +12,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the kodi multimedia center.";
+ description = lib.mdDoc "Enable the kodi multimedia center.";
};
package = mkOption {
@@ -20,7 +20,7 @@ in
default = pkgs.kodi;
defaultText = literalExpression "pkgs.kodi";
example = literalExpression "pkgs.kodi.withPackages (p: with p; [ jellyfin pvr-iptvsimple vfs-sftp ])";
- description = ''
+ description = lib.mdDoc ''
Package that should be used for Kodi.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/lumina.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/lumina.nix
index faa83b8bc54..7b694106bf7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/lumina.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/lumina.nix
@@ -19,7 +19,7 @@ in
services.xserver.desktopManager.lumina.enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the Lumina desktop manager";
+ description = lib.mdDoc "Enable the Lumina desktop manager";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/lxqt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/lxqt.nix
index 46f35f11b4a..b69da41c9fc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/lxqt.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/lxqt.nix
@@ -18,14 +18,14 @@ in
services.xserver.desktopManager.lxqt.enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the LXQt desktop manager";
+ description = lib.mdDoc "Enable the LXQt desktop manager";
};
environment.lxqt.excludePackages = mkOption {
default = [];
example = literalExpression "[ pkgs.lxqt.qterminal ]";
type = types.listOf types.package;
- description = "Which LXQt packages to exclude from the default environment";
+ description = lib.mdDoc "Which LXQt packages to exclude from the default environment";
};
};
@@ -69,8 +69,7 @@ in
services.xserver.libinput.enable = mkDefault true;
- xdg.portal.enable = true;
- xdg.portal.extraPortals = [ pkgs.lxqt.xdg-desktop-portal-lxqt ];
+ xdg.portal.lxqt.enable = true;
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/mate.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/mate.nix
index b63510475ec..1ca47313adc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/mate.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/mate.nix
@@ -16,7 +16,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the MATE desktop environment";
+ description = lib.mdDoc "Enable the MATE desktop environment";
};
debug = mkEnableOption "mate-session debug messages";
@@ -26,7 +26,7 @@ in
default = [];
example = literalExpression "[ pkgs.mate.mate-terminal pkgs.mate.pluma ]";
type = types.listOf types.package;
- description = "Which MATE packages to exclude from the default environment";
+ description = lib.mdDoc "Which MATE packages to exclude from the default environment";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/pantheon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/pantheon.nix
index d04e565f7d3..2ada36c12a4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/pantheon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/pantheon.nix
@@ -37,14 +37,14 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the pantheon desktop manager";
+ description = lib.mdDoc "Enable the pantheon desktop manager";
};
sessionPath = mkOption {
default = [];
type = types.listOf types.package;
example = literalExpression "[ pkgs.gnome.gpaste ]";
- description = ''
+ description = lib.mdDoc ''
Additional list of packages to be added to the session search path.
Useful for GSettings-conditional autostart.
@@ -55,25 +55,25 @@ in
extraWingpanelIndicators = mkOption {
default = null;
type = with types; nullOr (listOf package);
- description = "Indicators to add to Wingpanel.";
+ description = lib.mdDoc "Indicators to add to Wingpanel.";
};
extraSwitchboardPlugs = mkOption {
default = null;
type = with types; nullOr (listOf package);
- description = "Plugs to add to Switchboard.";
+ description = lib.mdDoc "Plugs to add to Switchboard.";
};
extraGSettingsOverrides = mkOption {
default = "";
type = types.lines;
- description = "Additional gsettings overrides.";
+ description = lib.mdDoc "Additional gsettings overrides.";
};
extraGSettingsOverridePackages = mkOption {
default = [];
type = types.listOf types.path;
- description = "List of packages for which gsettings are overridden.";
+ description = lib.mdDoc "List of packages for which gsettings are overridden.";
};
debug = mkEnableOption "gnome-session debug messages";
@@ -84,7 +84,7 @@ in
default = [];
example = literalExpression "[ pkgs.pantheon.elementary-camera ]";
type = types.listOf types.package;
- description = "Which packages pantheon should exclude from the default environment";
+ description = lib.mdDoc "Which packages pantheon should exclude from the default environment";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/phosh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/phosh.nix
index 5efe645d8aa..0ff5d6fd1b1 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/phosh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/phosh.nix
@@ -132,7 +132,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the Phone Shell.";
+ description = lib.mdDoc "Enable the Phone Shell.";
};
package = mkOption {
@@ -140,25 +140,25 @@ in
default = pkgs.phosh;
defaultText = literalExpression "pkgs.phosh";
example = literalExpression "pkgs.phosh";
- description = ''
+ description = lib.mdDoc ''
Package that should be used for Phosh.
'';
};
user = mkOption {
- description = "The user to run the Phosh service.";
+ description = lib.mdDoc "The user to run the Phosh service.";
type = types.str;
example = "alice";
};
group = mkOption {
- description = "The group to run the Phosh service.";
+ description = lib.mdDoc "The group to run the Phosh service.";
type = types.str;
example = "users";
};
phocConfig = mkOption {
- description = ''
+ description = lib.mdDoc ''
Configurations for the Phoc compositor.
'';
type = types.oneOf [ types.lines types.path phocConfigType ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/plasma5.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/plasma5.nix
index 144cb00e480..0a599992316 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/plasma5.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/plasma5.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, utils, ... }:
let
xcfg = config.services.xserver;
@@ -30,7 +30,7 @@ let
inherit (libsForQt5) kdeGear kdeFrameworks plasma5;
inherit (pkgs) writeText;
inherit (lib)
- getBin optionalString
+ getBin optionalString literalExpression
mkRemovedOptionModule mkRenamedOptionModule
mkDefault mkIf mkMerge mkOption types;
@@ -157,14 +157,14 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the Plasma 5 (KDE 5) desktop environment.";
+ description = lib.mdDoc "Enable the Plasma 5 (KDE 5) desktop environment.";
};
phononBackend = mkOption {
type = types.enum [ "gstreamer" "vlc" ];
default = "gstreamer";
example = "vlc";
- description = "Phonon audio backend to install.";
+ description = lib.mdDoc "Phonon audio backend to install.";
};
supportDDC = mkOption {
@@ -183,15 +183,22 @@ in
useQtScaling = mkOption {
type = types.bool;
default = false;
- description = "Enable HiDPI scaling in Qt.";
+ description = lib.mdDoc "Enable HiDPI scaling in Qt.";
};
runUsingSystemd = mkOption {
- description = "Use systemd to manage the Plasma session";
+ description = lib.mdDoc "Use systemd to manage the Plasma session";
type = types.bool;
default = false;
};
+ excludePackages = mkOption {
+ description = lib.mdDoc "List of default packages to exclude from the configuration";
+ type = types.listOf types.package;
+ default = [];
+ example = literalExpression "[ pkgs.plasma5Packages.oxygen ]";
+ };
+
# Internally allows configuring kdeglobals globally
kdeglobals = mkOption {
internal = true;
@@ -209,7 +216,7 @@ in
mobile.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable support for running the Plasma Mobile shell.
'';
};
@@ -217,7 +224,7 @@ in
mobile.installRecommendedSoftware = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Installs software recommended for use with Plasma Mobile, but which
is not strictly required for Plasma Mobile to run.
'';
@@ -263,89 +270,95 @@ in
environment.systemPackages =
with libsForQt5;
with plasma5; with kdeGear; with kdeFrameworks;
- [
- frameworkintegration
- kactivities
- kauth
- kcmutils
- kconfig
- kconfigwidgets
- kcoreaddons
- kdoctools
- kdbusaddons
- kdeclarative
- kded
- kdesu
- kdnssd
- kemoticons
- kfilemetadata
- kglobalaccel
- kguiaddons
- kiconthemes
- kidletime
- kimageformats
- kinit
- kirigami2 # In system profile for SDDM theme. TODO: wrapper.
- kio
- kjobwidgets
- knewstuff
- knotifications
- knotifyconfig
- kpackage
- kparts
- kpeople
- krunner
- kservice
- ktextwidgets
- kwallet
- kwallet-pam
- kwalletmanager
- kwayland
- kwayland-integration
- kwidgetsaddons
- kxmlgui
- kxmlrpcclient
- plasma-framework
- solid
- sonnet
- threadweaver
-
- breeze-qt5
- kactivitymanagerd
- kde-cli-tools
- kdecoration
- kdeplasma-addons
- kgamma5
- khotkeys
- kscreen
- kscreenlocker
- kwayland
- kwin
- kwrited
- libkscreen
- libksysguard
- milou
- plasma-browser-integration
- plasma-integration
- polkit-kde-agent
-
- plasma-desktop
- plasma-workspace
- plasma-workspace-wallpapers
-
- konsole
- oxygen
-
- breeze-icons
- pkgs.hicolor-icon-theme
-
- kde-gtk-config
- breeze-gtk
-
- qtvirtualkeyboard
-
- pkgs.xdg-user-dirs # Update user dirs as described in https://freedesktop.org/wiki/Software/xdg-user-dirs/
- ]
+ let
+ requiredPackages = [
+ frameworkintegration
+ kactivities
+ kauth
+ kcmutils
+ kconfig
+ kconfigwidgets
+ kcoreaddons
+ kdoctools
+ kdbusaddons
+ kdeclarative
+ kded
+ kdesu
+ kdnssd
+ kemoticons
+ kfilemetadata
+ kglobalaccel
+ kguiaddons
+ kiconthemes
+ kidletime
+ kimageformats
+ kinit
+ kirigami2 # In system profile for SDDM theme. TODO: wrapper.
+ kio
+ kjobwidgets
+ knewstuff
+ knotifications
+ knotifyconfig
+ kpackage
+ kparts
+ kpeople
+ krunner
+ kservice
+ ktextwidgets
+ kwallet
+ kwallet-pam
+ kwalletmanager
+ kwayland
+ kwayland-integration
+ kwidgetsaddons
+ kxmlgui
+ kxmlrpcclient
+ plasma-framework
+ solid
+ sonnet
+ threadweaver
+
+ breeze-qt5
+ kactivitymanagerd
+ kde-cli-tools
+ kdecoration
+ kdeplasma-addons
+ kgamma5
+ khotkeys
+ kscreen
+ kscreenlocker
+ kwayland
+ kwin
+ kwrited
+ libkscreen
+ libksysguard
+ milou
+ plasma-integration
+ polkit-kde-agent
+
+ plasma-desktop
+ plasma-workspace
+ plasma-workspace-wallpapers
+
+ breeze-icons
+ pkgs.hicolor-icon-theme
+
+ kde-gtk-config
+ breeze-gtk
+
+ qtvirtualkeyboard
+
+ pkgs.xdg-user-dirs # Update user dirs as described in https://freedesktop.org/wiki/Software/xdg-user-dirs/
+ ];
+ optionalPackages = [
+ plasma-browser-integration
+ konsole
+ oxygen
+ (lib.getBin qttools) # Expose qdbus in PATH
+ ];
+ in
+ requiredPackages
+ ++ utils.removePackagesByName optionalPackages cfg.excludePackages
# Phonon audio backend
++ lib.optional (cfg.phononBackend == "gstreamer") libsForQt5.phonon-backend-gstreamer
@@ -387,9 +400,10 @@ in
services.accounts-daemon.enable = true;
# when changing an account picture the accounts-daemon reads a temporary file containing the image which systemsettings5 may place under /tmp
systemd.services.accounts-daemon.serviceConfig.PrivateTmp = false;
+ services.power-profiles-daemon.enable = mkDefault true;
+ services.system-config-printer.enable = mkIf config.services.printing.enable (mkDefault true);
services.udisks2.enable = true;
services.upower.enable = config.powerManagement.enable;
- services.system-config-printer.enable = mkIf config.services.printing.enable (mkDefault true);
services.xserver.libinput.enable = mkDefault true;
# Extra UDEV rules used by Solid
@@ -457,27 +471,29 @@ in
environment.systemPackages =
with libsForQt5;
with plasma5; with kdeGear; with kdeFrameworks;
- [
- ksystemstats
- kinfocenter
- kmenuedit
- plasma-systemmonitor
- spectacle
- systemsettings
-
- dolphin
- dolphin-plugins
- ffmpegthumbs
- kdegraphics-thumbnailers
- khelpcenter
- kio-extras
- print-manager
-
- elisa
- gwenview
- okular
- ]
- ;
+ let
+ requiredPackages = [
+ ksystemstats
+ kinfocenter
+ kmenuedit
+ plasma-systemmonitor
+ spectacle
+ systemsettings
+
+ dolphin
+ dolphin-plugins
+ ffmpegthumbs
+ kdegraphics-thumbnailers
+ kio-extras
+ ];
+ optionalPackages = [
+ elisa
+ gwenview
+ okular
+ khelpcenter
+ print-manager
+ ];
+ in requiredPackages ++ utils.removePackagesByName optionalPackages cfg.excludePackages;
systemd.user.services = {
plasma-run-with-systemd = {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/retroarch.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/retroarch.nix
index d471673d452..c5504e51491 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/retroarch.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/retroarch.nix
@@ -13,14 +13,14 @@ in {
default = pkgs.retroarch;
defaultText = literalExpression "pkgs.retroarch";
example = literalExpression "pkgs.retroarch-full";
- description = "RetroArch package to use.";
+ description = lib.mdDoc "RetroArch package to use.";
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "--verbose" "--host" ];
- description = "Extra arguments to pass to RetroArch.";
+ description = lib.mdDoc "Extra arguments to pass to RetroArch.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/surf-display.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/surf-display.nix
index 4b5a04f988b..7d2ad5a3f2b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/surf-display.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/surf-display.nix
@@ -52,14 +52,14 @@ in {
default = "${pkgs.surf-display}/share/surf-display/empty-page.html";
defaultText = literalExpression ''"''${pkgs.surf-display}/share/surf-display/empty-page.html"'';
example = "https://www.example.com/";
- description = "Default URI to display.";
+ description = lib.mdDoc "Default URI to display.";
};
inactivityInterval = mkOption {
type = types.int;
default = 300;
example = 0;
- description = ''
+ description = lib.mdDoc ''
Setting for internal inactivity timer to restart surf-display if the
user goes inactive/idle to get a fresh session for the next user of
the kiosk.
@@ -72,18 +72,18 @@ in {
screensaverSettings = mkOption {
type = types.separatedString " ";
default = "";
- description = ''
- Screensaver settings, see man 1 xset for possible options.
+ description = lib.mdDoc ''
+ Screensaver settings, see `man 1 xset` for possible options.
'';
};
pointerButtonMap = mkOption {
type = types.str;
default = "1 0 0 4 5 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0";
- description = ''
+ description = lib.mdDoc ''
Disable right and middle pointer device click in browser sessions
while keeping scrolling wheels' functionality intact. See pointer
- subcommand on man xmodmap for details.
+ subcommand on `man xmodmap` for details.
'';
};
@@ -91,7 +91,7 @@ in {
type = types.str;
default = "yes";
example = "no";
- description = "Hide idle mouse pointer.";
+ description = lib.mdDoc "Hide idle mouse pointer.";
};
extraConfig = mkOption {
@@ -111,8 +111,8 @@ in {
DISPLAYS['display-host-3']="www_uri=https://www.displayserver.comany.net/display-4/index.html"|res=1280x1024"
DISPLAYS['display-host-local-file']="www_uri=file:///usr/share/doc/surf-display/empty-page.html"
'';
- description = ''
- Extra configuration options to append to /etc/default/surf-display.
+ description = lib.mdDoc ''
+ Extra configuration options to append to `/etc/default/surf-display`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/xfce.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/xfce.nix
index 3c2dac386f5..eee1f63ebdc 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/xfce.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/xfce.nix
@@ -4,10 +4,9 @@ with lib;
let
cfg = config.services.xserver.desktopManager.xfce;
-in
+in
{
-
meta = {
maintainers = teams.xfce.members;
};
@@ -49,25 +48,25 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable the Xfce desktop environment.";
+ description = lib.mdDoc "Enable the Xfce desktop environment.";
};
noDesktop = mkOption {
type = types.bool;
default = false;
- description = "Don't install XFCE desktop components (xfdesktop and panel).";
+ description = lib.mdDoc "Don't install XFCE desktop components (xfdesktop and panel).";
};
enableXfwm = mkOption {
type = types.bool;
default = true;
- description = "Enable the XFWM (default) window manager.";
+ description = lib.mdDoc "Enable the XFWM (default) window manager.";
};
enableScreensaver = mkOption {
type = types.bool;
default = true;
- description = "Enable the XFCE screensaver.";
+ description = lib.mdDoc "Enable the XFCE screensaver.";
};
};
};
@@ -95,7 +94,6 @@ in
exo
garcon
libxfce4ui
- xfconf
mousepad
parole
@@ -125,6 +123,7 @@ in
xfdesktop
] ++ optional cfg.enableScreensaver xfce4-screensaver;
+ programs.xfconf.enable = true;
programs.thunar.enable = true;
environment.pathsToLink = [
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/xterm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/xterm.nix
index 3424ee1b0e1..2b439effabe 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/xterm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/desktop-managers/xterm.nix
@@ -16,7 +16,7 @@ in
type = types.bool;
default = versionOlder config.system.stateVersion "19.09" && xSessionEnabled;
defaultText = literalExpression ''versionOlder config.system.stateVersion "19.09" && config.services.xserver.enable;'';
- description = "Enable a xterm terminal as a desktop manager.";
+ description = lib.mdDoc "Enable a xterm terminal as a desktop manager.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/default.nix
index a5db3dd5dd4..cc94fe7c0be 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/default.nix
@@ -154,20 +154,20 @@ in
xserverBin = mkOption {
type = types.path;
- description = "Path to the X server used by display managers.";
+ description = lib.mdDoc "Path to the X server used by display managers.";
};
xserverArgs = mkOption {
type = types.listOf types.str;
default = [];
example = [ "-ac" "-logverbose" "-verbose" "-nolisten tcp" ];
- description = "List of arguments for the X server.";
+ description = lib.mdDoc "List of arguments for the X server.";
};
setupCommands = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Shell commands executed just after the X server has started.
This option is only effective for display managers for which this feature
@@ -182,7 +182,7 @@ in
''
xmessage "Hello World!" &
'';
- description = ''
+ description = lib.mdDoc ''
Shell commands executed just before the window or desktop manager is
started. These commands are not currently sourced for Wayland sessions.
'';
@@ -191,7 +191,7 @@ in
hiddenUsers = mkOption {
type = types.listOf types.str;
default = [ "nobody" ];
- description = ''
+ description = lib.mdDoc ''
A list of users which will not be shown in the display manager.
'';
};
@@ -212,7 +212,7 @@ in
'';
});
default = [];
- description = ''
+ description = lib.mdDoc ''
A list of packages containing x11 or wayland session files to be passed to the display manager.
'';
};
@@ -285,7 +285,7 @@ in
Taken from display manager settings or window manager settings, if either is set.
'';
example = "gnome";
- description = ''
+ description = lib.mdDoc ''
Graphical session to pre-select in the session chooser (only effective for GDM, LightDM and SDDM).
On GDM, LightDM and SDDM, it will also be used as a session for auto-login.
@@ -306,34 +306,34 @@ in
type = types.lines;
default = "";
example = "rm -f /var/log/my-display-manager.log";
- description = "Script executed before the display manager is started.";
+ description = lib.mdDoc "Script executed before the display manager is started.";
};
execCmd = mkOption {
type = types.str;
example = literalExpression ''"''${pkgs.lightdm}/bin/lightdm"'';
- description = "Command to start the display manager.";
+ description = lib.mdDoc "Command to start the display manager.";
};
environment = mkOption {
type = types.attrsOf types.unspecified;
default = {};
- description = "Additional environment variables needed by the display manager.";
+ description = lib.mdDoc "Additional environment variables needed by the display manager.";
};
logToFile = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether the display manager redirects the output of the
- session script to ~/.xsession-errors.
+ session script to {file}`~/.xsession-errors`.
'';
};
logToJournal = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether the display manager redirects the output of the
session script to the systemd journal.
'';
@@ -349,15 +349,15 @@ in
type = types.bool;
default = config.user != null;
defaultText = literalExpression "config.${options.user} != null";
- description = ''
- Automatically log in as .
+ description = lib.mdDoc ''
+ Automatically log in as {option}`autoLogin.user`.
'';
};
user = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
User to be used for the automatic login.
'';
};
@@ -365,7 +365,7 @@ in
});
default = {};
- description = ''
+ description = lib.mdDoc ''
Auto login configuration attrset.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/gdm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/gdm.nix
index 45e3d84afa4..025d572957e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/gdm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/gdm.nix
@@ -75,7 +75,7 @@ in
autoLogin.delay = mkOption {
type = types.int;
default = 0;
- description = ''
+ description = lib.mdDoc ''
Seconds of inactivity after which the autologin will be performed.
'';
};
@@ -83,14 +83,14 @@ in
wayland = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Allow GDM to run on Wayland instead of Xserver.
'';
};
autoSuspend = mkOption {
default = true;
- description = ''
+ description = lib.mdDoc ''
On the GNOME Display Manager login screen, suspend the machine after inactivity.
(Does not affect automatic suspend while logged in, or at lock screen.)
'';
@@ -103,9 +103,9 @@ in
example = {
debug.enable = true;
};
- description = ''
+ description = lib.mdDoc ''
Options passed to the gdm daemon.
- See here for supported options.
+ See [here](https://help.gnome.org/admin/gdm/stable/configuration.html.en#daemonconfig) for supported options.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/enso-os.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/enso-os.nix
index 930ee96b384..412bcc4091b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/enso-os.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/enso-os.nix
@@ -26,7 +26,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable enso-os-greeter as the lightdm greeter
'';
};
@@ -36,7 +36,7 @@ in {
type = types.package;
default = pkgs.gnome.gnome-themes-extra;
defaultText = literalExpression "pkgs.gnome.gnome-themes-extra";
- description = ''
+ description = lib.mdDoc ''
The package path that contains the theme given in the name option.
'';
};
@@ -44,7 +44,7 @@ in {
name = mkOption {
type = types.str;
default = "Adwaita";
- description = ''
+ description = lib.mdDoc ''
Name of the theme to use for the lightdm-enso-os-greeter
'';
};
@@ -55,7 +55,7 @@ in {
type = types.package;
default = pkgs.papirus-icon-theme;
defaultText = literalExpression "pkgs.papirus-icon-theme";
- description = ''
+ description = lib.mdDoc ''
The package path that contains the icon theme given in the name option.
'';
};
@@ -63,7 +63,7 @@ in {
name = mkOption {
type = types.str;
default = "ePapirus";
- description = ''
+ description = lib.mdDoc ''
Name of the icon theme to use for the lightdm-enso-os-greeter
'';
};
@@ -74,7 +74,7 @@ in {
type = types.package;
default = pkgs.capitaine-cursors;
defaultText = literalExpression "pkgs.capitaine-cursors";
- description = ''
+ description = lib.mdDoc ''
The package path that contains the cursor theme given in the name option.
'';
};
@@ -82,7 +82,7 @@ in {
name = mkOption {
type = types.str;
default = "capitane-cursors";
- description = ''
+ description = lib.mdDoc ''
Name of the cursor theme to use for the lightdm-enso-os-greeter
'';
};
@@ -91,7 +91,7 @@ in {
blur = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether or not to enable blur
'';
};
@@ -99,7 +99,7 @@ in {
brightness = mkOption {
type = types.int;
default = 7;
- description = ''
+ description = lib.mdDoc ''
Brightness
'';
};
@@ -107,7 +107,7 @@ in {
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration that should be put in the greeter.conf
configuration file
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix
index debd4b568bf..020bce8f719 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix
@@ -38,7 +38,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable lightdm-gtk-greeter as the lightdm greeter.
'';
};
@@ -49,7 +49,7 @@ in
type = types.package;
default = pkgs.gnome.gnome-themes-extra;
defaultText = literalExpression "pkgs.gnome.gnome-themes-extra";
- description = ''
+ description = lib.mdDoc ''
The package path that contains the theme given in the name option.
'';
};
@@ -57,7 +57,7 @@ in
name = mkOption {
type = types.str;
default = "Adwaita";
- description = ''
+ description = lib.mdDoc ''
Name of the theme to use for the lightdm-gtk-greeter.
'';
};
@@ -70,7 +70,7 @@ in
type = types.package;
default = pkgs.gnome.adwaita-icon-theme;
defaultText = literalExpression "pkgs.gnome.adwaita-icon-theme";
- description = ''
+ description = lib.mdDoc ''
The package path that contains the icon theme given in the name option.
'';
};
@@ -78,7 +78,7 @@ in
name = mkOption {
type = types.str;
default = "Adwaita";
- description = ''
+ description = lib.mdDoc ''
Name of the icon theme to use for the lightdm-gtk-greeter.
'';
};
@@ -91,7 +91,7 @@ in
type = types.package;
default = pkgs.gnome.adwaita-icon-theme;
defaultText = literalExpression "pkgs.gnome.adwaita-icon-theme";
- description = ''
+ description = lib.mdDoc ''
The package path that contains the cursor theme given in the name option.
'';
};
@@ -99,7 +99,7 @@ in
name = mkOption {
type = types.str;
default = "Adwaita";
- description = ''
+ description = lib.mdDoc ''
Name of the cursor theme to use for the lightdm-gtk-greeter.
'';
};
@@ -107,7 +107,7 @@ in
size = mkOption {
type = types.int;
default = 16;
- description = ''
+ description = lib.mdDoc ''
Size of the cursor theme to use for the lightdm-gtk-greeter.
'';
};
@@ -117,7 +117,7 @@ in
type = types.nullOr types.str;
default = null;
example = "%F";
- description = ''
+ description = lib.mdDoc ''
Clock format string (as expected by strftime, e.g. "%H:%M")
to use with the lightdm gtk greeter panel.
@@ -129,7 +129,7 @@ in
type = types.nullOr (types.listOf types.str);
default = null;
example = [ "~host" "~spacer" "~clock" "~spacer" "~session" "~language" "~a11y" "~power" ];
- description = ''
+ description = lib.mdDoc ''
List of allowed indicator modules to use for the lightdm gtk
greeter panel.
@@ -145,7 +145,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration that should be put in the lightdm-gtk-greeter.conf
configuration file.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/mini.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/mini.nix
index 16d7fdf15cf..00a47e7814f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/mini.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/mini.nix
@@ -67,7 +67,7 @@ in
user = mkOption {
type = types.str;
default = "root";
- description = ''
+ description = lib.mdDoc ''
The user to login as.
'';
};
@@ -75,7 +75,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Extra configuration that should be put in the lightdm-mini-greeter.conf
configuration file.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/pantheon.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/pantheon.nix
index f18e4a914e5..10707e001e8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/pantheon.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/pantheon.nix
@@ -21,7 +21,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable elementary-greeter as the lightdm greeter.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/tiny.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/tiny.nix
index a9ba8e6280d..e8f799e2729 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/tiny.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/lightdm-greeters/tiny.nix
@@ -30,7 +30,7 @@ in
user = mkOption {
type = types.str;
default = "Username";
- description = ''
+ description = lib.mdDoc ''
The string to represent the user_text label.
'';
};
@@ -38,7 +38,7 @@ in
pass = mkOption {
type = types.str;
default = "Password";
- description = ''
+ description = lib.mdDoc ''
The string to represent the pass_text label.
'';
};
@@ -48,7 +48,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
+ description = lib.mdDoc ''
Section to describe style and ui.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/sddm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/sddm.nix
index c44f24002e0..34239221315 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/sddm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/sddm.nix
@@ -100,7 +100,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable sddm as the display manager.
'';
};
@@ -108,7 +108,7 @@ in
enableHidpi = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to enable automatic HiDPI mode.
'';
};
@@ -122,7 +122,7 @@ in
Session = "plasma.desktop";
};
};
- description = ''
+ description = lib.mdDoc ''
Extra settings merged in and overwritting defaults in sddm.conf.
'';
};
@@ -130,7 +130,7 @@ in
theme = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
Greeter theme to use.
'';
};
@@ -138,7 +138,7 @@ in
autoNumlock = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable numlock at login.
'';
};
@@ -151,16 +151,16 @@ in
xrandr --setprovideroutputsource modesetting NVIDIA-0
xrandr --auto
'';
- description = ''
+ description = lib.mdDoc ''
A script to execute when starting the display server. DEPRECATED, please
- use .
+ use {option}`services.xserver.displayManager.setupCommands`.
'';
};
stopScript = mkOption {
type = types.str;
default = "";
- description = ''
+ description = lib.mdDoc ''
A script to execute when stopping the display server.
'';
};
@@ -170,7 +170,7 @@ in
relogin = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
If true automatic login will kick in again on session exit (logout), otherwise it
will only log in automatically when the display-manager is started.
'';
@@ -179,7 +179,7 @@ in
minimumUid = mkOption {
type = types.ints.u16;
default = 1000;
- description = ''
+ description = lib.mdDoc ''
Minimum user ID for auto-login user.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/startx.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/startx.nix
index a48566ae068..f4bb7a89d03 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/startx.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/startx.nix
@@ -17,7 +17,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the dummy "startx" pseudo-display manager,
which allows users to start X manually via the "startx" command
from a vt shell. The X server runs under the user's id, not as root.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/xpra.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/xpra.nix
index 1566e38da08..15b3f70d46e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/xpra.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/display-managers/xpra.nix
@@ -16,34 +16,34 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable xpra as display manager.";
+ description = lib.mdDoc "Whether to enable xpra as display manager.";
};
bindTcp = mkOption {
default = "127.0.0.1:10000";
example = "0.0.0.0:10000";
type = types.nullOr types.str;
- description = "Bind xpra to TCP";
+ description = lib.mdDoc "Bind xpra to TCP";
};
desktop = mkOption {
type = types.nullOr types.str;
default = null;
example = "gnome-shell";
- description = "Start a desktop environment instead of seamless mode";
+ description = lib.mdDoc "Start a desktop environment instead of seamless mode";
};
auth = mkOption {
type = types.str;
default = "pam";
example = "password:value=mysecret";
- description = "Authentication to use when connecting to xpra";
+ description = lib.mdDoc "Authentication to use when connecting to xpra";
};
pulseaudio = mkEnableOption "pulseaudio audio streaming";
extraOptions = mkOption {
- description = "Extra xpra options";
+ description = lib.mdDoc "Extra xpra options";
default = [];
type = types.listOf types.str;
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/extra-layouts.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/extra-layouts.nix
index 159bed63e13..574657a50c8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/extra-layouts.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/extra-layouts.nix
@@ -9,13 +9,13 @@ let
options = {
description = mkOption {
type = types.str;
- description = "A short description of the layout.";
+ description = lib.mdDoc "A short description of the layout.";
};
languages = mkOption {
type = types.listOf types.str;
description =
- ''
+ lib.mdDoc ''
A list of languages provided by the layout.
(Use ISO 639-2 codes, for example: "eng" for english)
'';
@@ -24,55 +24,55 @@ let
compatFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The path to the xkb compat file.
This file sets the compatibility state, used to preserve
compatibility with xkb-unaware programs.
- It must contain a xkb_compat "name" { ... } block.
+ It must contain a `xkb_compat "name" { ... }` block.
'';
};
geometryFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The path to the xkb geometry file.
This (completely optional) file describes the physical layout of
keyboard, which maybe be used by programs to depict it.
- It must contain a xkb_geometry "name" { ... } block.
+ It must contain a `xkb_geometry "name" { ... }` block.
'';
};
keycodesFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The path to the xkb keycodes file.
This file specifies the range and the interpretation of the raw
keycodes sent by the keyboard.
- It must contain a xkb_keycodes "name" { ... } block.
+ It must contain a `xkb_keycodes "name" { ... }` block.
'';
};
symbolsFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The path to the xkb symbols file.
This is the most important file: it defines which symbol or action
maps to each key and must contain a
- xkb_symbols "name" { ... } block.
+ `xkb_symbols "name" { ... }` block.
'';
};
typesFile = mkOption {
type = types.nullOr types.path;
default = null;
- description = ''
+ description = lib.mdDoc ''
The path to the xkb types file.
This file specifies the key types that can be associated with
the various keyboard keys.
- It must contain a xkb_types "name" { ... } block.
+ It must contain a `xkb_types "name" { ... }` block.
'';
};
@@ -103,12 +103,12 @@ in
};
}
'';
- description = ''
+ description = lib.mdDoc ''
Extra custom layouts that will be included in the xkb configuration.
Information on how to create a new layout can be found here:
- .
+ [](https://www.x.org/releases/current/doc/xorg-docs/input/XKB-Enhancing.html#Defining_New_Layouts).
For more examples see
-
+ [](https://wiki.archlinux.org/index.php/X_KeyBoard_extension#Basic_examples)
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/fractalart.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/fractalart.nix
index 448248a5879..f7fc1ec9622 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/fractalart.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/fractalart.nix
@@ -8,21 +8,21 @@ in {
type = types.bool;
default = false;
example = true;
- description = "Enable FractalArt for generating colorful wallpapers on login";
+ description = lib.mdDoc "Enable FractalArt for generating colorful wallpapers on login";
};
width = mkOption {
type = types.nullOr types.int;
default = null;
example = 1920;
- description = "Screen width";
+ description = lib.mdDoc "Screen width";
};
height = mkOption {
type = types.nullOr types.int;
default = null;
example = 1080;
- description = "Screen height";
+ description = lib.mdDoc "Screen height";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/gdk-pixbuf.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/gdk-pixbuf.nix
index 3fd6fed91e1..c80e2b22792 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/gdk-pixbuf.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/gdk-pixbuf.nix
@@ -30,7 +30,7 @@ in
services.xserver.gdk-pixbuf.modulePackages = mkOption {
type = types.listOf types.package;
default = [ ];
- description = "Packages providing GDK-Pixbuf modules, for cache generation.";
+ description = lib.mdDoc "Packages providing GDK-Pixbuf modules, for cache generation.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/cmt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/cmt.nix
index 5ac824c5e41..a44221141c3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/cmt.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/cmt.nix
@@ -15,14 +15,14 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Enable chrome multitouch input (cmt). Touchpad drivers that are configured for chromebooks.";
+ description = lib.mdDoc "Enable chrome multitouch input (cmt). Touchpad drivers that are configured for chromebooks.";
};
models = mkOption {
type = types.enum [ "atlas" "banjo" "candy" "caroline" "cave" "celes" "clapper" "cyan" "daisy" "elan" "elm" "enguarde" "eve" "expresso" "falco" "gandof" "glimmer" "gnawty" "heli" "kevin" "kip" "leon" "lulu" "orco" "pbody" "peppy" "pi" "pit" "puppy" "quawks" "rambi" "samus" "snappy" "spring" "squawks" "swanky" "winky" "wolf" "auron_paine" "auron_yuna" "daisy_skate" "nyan_big" "nyan_blaze" "veyron_jaq" "veyron_jerry" "veyron_mighty" "veyron_minnie" "veyron_speedy" ];
example = "banjo";
- description = ''
+ description = lib.mdDoc ''
Which models to enable cmt for. Enter the Code Name for your Chromebook.
- Code Name can be found at .
+ Code Name can be found at .
'';
};
}; #closes services
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/libinput.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/libinput.nix
index efdb7c61dfa..6603498eeaf 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/libinput.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/libinput.nix
@@ -12,8 +12,8 @@ let cfg = config.services.xserver.libinput;
default = null;
example = "/dev/input/event0";
description =
- ''
- Path for ${deviceType} device. Set to null to apply to any
+ lib.mdDoc ''
+ Path for ${deviceType} device. Set to `null` to apply to any
auto-detected ${deviceType}.
'';
};
@@ -23,14 +23,14 @@ let cfg = config.services.xserver.libinput;
default = "adaptive";
example = "flat";
description =
- ''
+ lib.mdDoc ''
Sets the pointer acceleration profile to the given profile.
- Permitted values are adaptive, flat.
+ Permitted values are `adaptive`, `flat`.
Not all devices support this option or all profiles.
If a profile is unsupported, the default profile for this is used.
- flat: Pointer motion is accelerated by a constant
+ `flat`: Pointer motion is accelerated by a constant
(device-specific) factor, depending on the current speed.
- adaptive: Pointer acceleration depends on the input speed.
+ `adaptive`: Pointer acceleration depends on the input speed.
This is the default profile for most devices.
'';
};
@@ -39,7 +39,7 @@ let cfg = config.services.xserver.libinput;
type = types.nullOr types.str;
default = null;
example = "-0.5";
- description = "Cursor acceleration (how fast speed increases from minSpeed to maxSpeed).";
+ description = lib.mdDoc "Cursor acceleration (how fast speed increases from minSpeed to maxSpeed).";
};
buttonMapping = mkOption {
@@ -47,7 +47,7 @@ let cfg = config.services.xserver.libinput;
default = null;
example = "1 6 3 4 5 0 7";
description =
- ''
+ lib.mdDoc ''
Sets the logical button mapping for this device, see XSetPointerMapping(3). The string must
be a space-separated list of button mappings in the order of the logical buttons on the
device, starting with button 1. The default mapping is "1 2 3 ... 32". A mapping of 0 deac‐
@@ -62,7 +62,7 @@ let cfg = config.services.xserver.libinput;
default = null;
example = "0.5 0 0 0 0.8 0.1 0 0 1";
description =
- ''
+ lib.mdDoc ''
A string of 9 space-separated floating point numbers. Sets the calibration matrix to the
3x3 matrix where the first row is (abc), the second row is (def) and the third row is (ghi).
'';
@@ -73,9 +73,9 @@ let cfg = config.services.xserver.libinput;
default = null;
example = "buttonareas";
description =
- ''
- Enables a click method. Permitted values are none,
- buttonareas, clickfinger.
+ lib.mdDoc ''
+ Enables a click method. Permitted values are `none`,
+ `buttonareas`, `clickfinger`.
Not all devices support all methods, if an option is unsupported,
the default click method for this device is used.
'';
@@ -84,14 +84,14 @@ let cfg = config.services.xserver.libinput;
leftHanded = mkOption {
type = types.bool;
default = false;
- description = "Enables left-handed button orientation, i.e. swapping left and right buttons.";
+ description = lib.mdDoc "Enables left-handed button orientation, i.e. swapping left and right buttons.";
};
middleEmulation = mkOption {
type = types.bool;
default = true;
description =
- ''
+ lib.mdDoc ''
Enables middle button emulation. When enabled, pressing the left and right buttons
simultaneously produces a middle mouse button click.
'';
@@ -100,7 +100,7 @@ let cfg = config.services.xserver.libinput;
naturalScrolling = mkOption {
type = types.bool;
default = false;
- description = "Enables or disables natural scrolling behavior.";
+ description = lib.mdDoc "Enables or disables natural scrolling behavior.";
};
scrollButton = mkOption {
@@ -108,7 +108,7 @@ let cfg = config.services.xserver.libinput;
default = null;
example = 1;
description =
- ''
+ lib.mdDoc ''
Designates a button as scroll button. If the ScrollMethod is button and the button is logically
held down, x/y axis movement is converted into scroll events.
'';
@@ -119,9 +119,9 @@ let cfg = config.services.xserver.libinput;
default = "twofinger";
example = "edge";
description =
- ''
- Specify the scrolling method: twofinger, edge,
- button, or none
+ lib.mdDoc ''
+ Specify the scrolling method: `twofinger`, `edge`,
+ `button`, or `none`
'';
};
@@ -129,7 +129,7 @@ let cfg = config.services.xserver.libinput;
type = types.bool;
default = true;
description =
- ''
+ lib.mdDoc ''
Disables horizontal scrolling. When disabled, this driver will discard any horizontal scroll
events from libinput. Note that this does not disable horizontal scrolling, it merely
discards the horizontal axis from any scroll events.
@@ -141,9 +141,9 @@ let cfg = config.services.xserver.libinput;
default = "enabled";
example = "disabled";
description =
- ''
- Sets the send events mode to disabled, enabled,
- or disabled-on-external-mouse
+ lib.mdDoc ''
+ Sets the send events mode to `disabled`, `enabled`,
+ or `disabled-on-external-mouse`
'';
};
@@ -151,7 +151,7 @@ let cfg = config.services.xserver.libinput;
type = types.bool;
default = true;
description =
- ''
+ lib.mdDoc ''
Enables or disables tap-to-click behavior.
'';
};
@@ -160,7 +160,7 @@ let cfg = config.services.xserver.libinput;
type = types.bool;
default = true;
description =
- ''
+ lib.mdDoc ''
Enables or disables drag lock during tapping behavior. When enabled, a finger up during tap-
and-drag will not immediately release the button. If the finger is set down again within the
timeout, the draging process continues.
@@ -171,7 +171,7 @@ let cfg = config.services.xserver.libinput;
type = types.nullOr types.str;
default = null;
example = "0.5 0 0 0 0.8 0.1 0 0 1";
- description = ''
+ description = lib.mdDoc ''
A string of 9 space-separated floating point numbers. Sets the transformation matrix to
the 3x3 matrix where the first row is (abc), the second row is (def) and the third row is (ghi).
'';
@@ -181,7 +181,7 @@ let cfg = config.services.xserver.libinput;
type = types.bool;
default = false;
description =
- ''
+ lib.mdDoc ''
Disable input method while typing.
'';
};
@@ -193,9 +193,9 @@ let cfg = config.services.xserver.libinput;
''
Option "DragLockButtons" "L1 B1 L2 B2"
'';
- description = ''
+ description = lib.mdDoc ''
Additional options for libinput ${deviceType} driver. See
- libinput4
+ {manpage}`libinput(4)`
for available options.";
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/synaptics.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/synaptics.nix
index 93dd560bca4..7b45222ac64 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/synaptics.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/synaptics.nix
@@ -30,7 +30,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable touchpad support. Deprecated: Consider services.xserver.libinput.enable.";
+ description = lib.mdDoc "Whether to enable touchpad support. Deprecated: Consider services.xserver.libinput.enable.";
};
dev = mkOption {
@@ -38,7 +38,7 @@ in {
default = null;
example = "/dev/input/event0";
description =
- ''
+ lib.mdDoc ''
Path for touchpad device. Set to null to apply to any
auto-detected touchpad.
'';
@@ -47,73 +47,73 @@ in {
accelFactor = mkOption {
type = types.nullOr types.str;
default = "0.001";
- description = "Cursor acceleration (how fast speed increases from minSpeed to maxSpeed).";
+ description = lib.mdDoc "Cursor acceleration (how fast speed increases from minSpeed to maxSpeed).";
};
minSpeed = mkOption {
type = types.nullOr types.str;
default = "0.6";
- description = "Cursor speed factor for precision finger motion.";
+ description = lib.mdDoc "Cursor speed factor for precision finger motion.";
};
maxSpeed = mkOption {
type = types.nullOr types.str;
default = "1.0";
- description = "Cursor speed factor for highest-speed finger motion.";
+ description = lib.mdDoc "Cursor speed factor for highest-speed finger motion.";
};
scrollDelta = mkOption {
type = types.nullOr types.int;
default = null;
example = 75;
- description = "Move distance of the finger for a scroll event.";
+ description = lib.mdDoc "Move distance of the finger for a scroll event.";
};
twoFingerScroll = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable two-finger drag-scrolling. Overridden by horizTwoFingerScroll and vertTwoFingerScroll.";
+ description = lib.mdDoc "Whether to enable two-finger drag-scrolling. Overridden by horizTwoFingerScroll and vertTwoFingerScroll.";
};
horizTwoFingerScroll = mkOption {
type = types.bool;
default = cfg.twoFingerScroll;
defaultText = literalExpression "config.${opt.twoFingerScroll}";
- description = "Whether to enable horizontal two-finger drag-scrolling.";
+ description = lib.mdDoc "Whether to enable horizontal two-finger drag-scrolling.";
};
vertTwoFingerScroll = mkOption {
type = types.bool;
default = cfg.twoFingerScroll;
defaultText = literalExpression "config.${opt.twoFingerScroll}";
- description = "Whether to enable vertical two-finger drag-scrolling.";
+ description = lib.mdDoc "Whether to enable vertical two-finger drag-scrolling.";
};
horizEdgeScroll = mkOption {
type = types.bool;
default = ! cfg.horizTwoFingerScroll;
defaultText = literalExpression "! config.${opt.horizTwoFingerScroll}";
- description = "Whether to enable horizontal edge drag-scrolling.";
+ description = lib.mdDoc "Whether to enable horizontal edge drag-scrolling.";
};
vertEdgeScroll = mkOption {
type = types.bool;
default = ! cfg.vertTwoFingerScroll;
defaultText = literalExpression "! config.${opt.vertTwoFingerScroll}";
- description = "Whether to enable vertical edge drag-scrolling.";
+ description = lib.mdDoc "Whether to enable vertical edge drag-scrolling.";
};
tapButtons = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable tap buttons.";
+ description = lib.mdDoc "Whether to enable tap buttons.";
};
buttonsMap = mkOption {
type = types.listOf types.int;
default = [1 2 3];
example = [1 3 2];
- description = "Remap touchpad buttons.";
+ description = lib.mdDoc "Remap touchpad buttons.";
apply = map toString;
};
@@ -121,34 +121,34 @@ in {
type = types.listOf types.int;
default = [1 2 3];
example = [1 3 2];
- description = "Remap several-fingers taps.";
+ description = lib.mdDoc "Remap several-fingers taps.";
apply = map toString;
};
palmDetect = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable palm detection (hardware support required)";
+ description = lib.mdDoc "Whether to enable palm detection (hardware support required)";
};
palmMinWidth = mkOption {
type = types.nullOr types.int;
default = null;
example = 5;
- description = "Minimum finger width at which touch is considered a palm";
+ description = lib.mdDoc "Minimum finger width at which touch is considered a palm";
};
palmMinZ = mkOption {
type = types.nullOr types.int;
default = null;
example = 20;
- description = "Minimum finger pressure at which touch is considered a palm";
+ description = lib.mdDoc "Minimum finger pressure at which touch is considered a palm";
};
horizontalScroll = mkOption {
type = types.bool;
default = true;
- description = "Whether to enable horizontal scrolling (on touchpad)";
+ description = lib.mdDoc "Whether to enable horizontal scrolling (on touchpad)";
};
additionalOptions = mkOption {
@@ -158,7 +158,7 @@ in {
Option "RTCornerButton" "2"
Option "RBCornerButton" "3"
'';
- description = ''
+ description = lib.mdDoc ''
Additional options for synaptics touchpad driver.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/wacom.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/wacom.nix
index dad2b308d1b..4994e5c1a2c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/wacom.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/hardware/wacom.nix
@@ -17,13 +17,13 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the Wacom touchscreen/digitizer/tablet.
If you ever have any issues such as, try switching to terminal (ctrl-alt-F1) and back
which will make Xorg reconfigure the device ?
If you're not satisfied by the default behaviour you can override
- in
+ {option}`environment.etc."X11/xorg.conf.d/70-wacom.conf"` in
configuration.nix easily.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/imwheel.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/imwheel.nix
index ae990141a50..9f4fc7e90c4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/imwheel.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/imwheel.nix
@@ -12,9 +12,9 @@ in
type = types.listOf types.str;
default = [ "--buttons=45" ];
example = [ "--debug" ];
- description = ''
+ description = lib.mdDoc ''
Additional command-line arguments to pass to
- imwheel.
+ {command}`imwheel`.
'';
};
@@ -33,11 +33,11 @@ in
''';
}
'';
- description = ''
+ description = lib.mdDoc ''
Window class translation rules.
/etc/X11/imwheelrc is generated based on this config
which means this config is global for all users.
- See offical man pages
+ See [offical man pages](http://imwheel.sourceforge.net/imwheel.1.html)
for more informations.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/picom.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/picom.nix
index 2eef71f71fc..99bde5e1f0c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/picom.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/picom.nix
@@ -62,7 +62,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether or not to enable Picom as the X.org composite manager.
'';
};
@@ -70,7 +70,7 @@ in {
experimentalBackends = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to use the unstable new reimplementation of the backends.
'';
};
@@ -78,7 +78,7 @@ in {
fade = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Fade windows in and out.
'';
};
@@ -87,7 +87,7 @@ in {
type = types.ints.positive;
default = 10;
example = 5;
- description = ''
+ description = lib.mdDoc ''
Time between fade animation step (in ms).
'';
};
@@ -96,7 +96,7 @@ in {
type = pairOf (floatBetween 0.01 1);
default = [ 0.028 0.03 ];
example = [ 0.04 0.04 ];
- description = ''
+ description = lib.mdDoc ''
Opacity change between fade steps (in and out).
'';
};
@@ -109,16 +109,16 @@ in {
"name ~= 'Firefox$'"
"focused = 1"
];
- description = ''
+ description = lib.mdDoc ''
List of conditions of windows that should not be faded.
- See picom(1) man page for more examples.
+ See `picom(1)` man page for more examples.
'';
};
shadow = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Draw window shadows.
'';
};
@@ -127,7 +127,7 @@ in {
type = pairOf types.int;
default = [ (-15) (-15) ];
example = [ (-10) (-15) ];
- description = ''
+ description = lib.mdDoc ''
Left and right offset for shadows (in pixels).
'';
};
@@ -136,7 +136,7 @@ in {
type = floatBetween 0 1;
default = 0.75;
example = 0.8;
- description = ''
+ description = lib.mdDoc ''
Window shadows opacity.
'';
};
@@ -149,9 +149,9 @@ in {
"name ~= 'Firefox$'"
"focused = 1"
];
- description = ''
+ description = lib.mdDoc ''
List of conditions of windows that should have no shadow.
- See picom(1) man page for more examples.
+ See `picom(1)` man page for more examples.
'';
};
@@ -159,7 +159,7 @@ in {
type = floatBetween 0 1;
default = 1.0;
example = 0.8;
- description = ''
+ description = lib.mdDoc ''
Opacity of active windows.
'';
};
@@ -168,7 +168,7 @@ in {
type = floatBetween 0.1 1;
default = 1.0;
example = 0.8;
- description = ''
+ description = lib.mdDoc ''
Opacity of inactive windows.
'';
};
@@ -177,7 +177,7 @@ in {
type = floatBetween 0 1;
default = 1.0;
example = 0.8;
- description = ''
+ description = lib.mdDoc ''
Opacity of dropdown and popup menu.
'';
};
@@ -195,7 +195,7 @@ in {
}
'';
example = {};
- description = ''
+ description = lib.mdDoc ''
Rules for specific window types.
'';
};
@@ -207,7 +207,7 @@ in {
"95:class_g = 'URxvt' && !_NET_WM_STATE@:32a"
"0:_NET_WM_STATE@:32a *= '_NET_WM_STATE_HIDDEN'"
];
- description = ''
+ description = lib.mdDoc ''
Rules that control the opacity of windows, in format PERCENT:PATTERN.
'';
};
@@ -215,8 +215,8 @@ in {
backend = mkOption {
type = types.enum [ "glx" "xrender" "xr_glx_hybrid" ];
default = "xrender";
- description = ''
- Backend to use: glx, xrender or xr_glx_hybrid.
+ description = lib.mdDoc ''
+ Backend to use: `glx`, `xrender` or `xr_glx_hybrid`.
'';
};
@@ -233,7 +233,7 @@ in {
if isBool x then x
else warn msg res;
- description = ''
+ description = lib.mdDoc ''
Enable vertical synchronization. Chooses the best method
(drm, opengl, opengl-oml, opengl-swc, opengl-mswc) automatically.
The bool value should be used, the others are just for backwards compatibility.
@@ -267,10 +267,10 @@ in {
deviation = 5.0;
};
'';
- description = ''
+ description = lib.mdDoc ''
Picom settings. Use this option to configure Picom settings not exposed
in a NixOS option or to bypass one. For the available options see the
- CONFIGURATION FILES section at picom(1).
+ CONFIGURATION FILES section at `picom(1)`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/redshift.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/redshift.nix
index cc9f964754f..3eb9e28edae 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/redshift.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/redshift.nix
@@ -29,7 +29,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable Redshift to change your screen's colour temperature depending on
the time of day.
'';
@@ -39,17 +39,17 @@ in {
day = mkOption {
type = types.int;
default = 5500;
- description = ''
+ description = lib.mdDoc ''
Colour temperature to use during the day, between
- 1000 and 25000 K.
+ `1000` and `25000` K.
'';
};
night = mkOption {
type = types.int;
default = 3700;
- description = ''
+ description = lib.mdDoc ''
Colour temperature to use at night, between
- 1000 and 25000 K.
+ `1000` and `25000` K.
'';
};
};
@@ -58,17 +58,17 @@ in {
day = mkOption {
type = types.str;
default = "1";
- description = ''
+ description = lib.mdDoc ''
Screen brightness to apply during the day,
- between 0.1 and 1.0.
+ between `0.1` and `1.0`.
'';
};
night = mkOption {
type = types.str;
default = "1";
- description = ''
+ description = lib.mdDoc ''
Screen brightness to apply during the night,
- between 0.1 and 1.0.
+ between `0.1` and `1.0`.
'';
};
};
@@ -77,7 +77,7 @@ in {
type = types.package;
default = pkgs.redshift;
defaultText = literalExpression "pkgs.redshift";
- description = ''
+ description = lib.mdDoc ''
redshift derivation to use.
'';
};
@@ -86,7 +86,7 @@ in {
type = types.str;
default = "/bin/redshift";
example = "/bin/redshift-gtk";
- description = ''
+ description = lib.mdDoc ''
Redshift executable to use within the package.
'';
};
@@ -95,9 +95,9 @@ in {
type = types.listOf types.str;
default = [];
example = [ "-v" "-m randr" ];
- description = ''
+ description = lib.mdDoc ''
Additional command-line arguments to pass to
- redshift.
+ {command}`redshift`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/touchegg.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/touchegg.nix
index 9d3678e7696..905e8521cf7 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/touchegg.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/touchegg.nix
@@ -17,7 +17,7 @@ in {
type = types.package;
default = pkgs.touchegg;
defaultText = literalExpression "pkgs.touchegg";
- description = "touchegg derivation to use.";
+ description = lib.mdDoc "touchegg derivation to use.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/unclutter-xfixes.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/unclutter-xfixes.nix
index 0b4d06f640d..4a35176c583 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/unclutter-xfixes.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/unclutter-xfixes.nix
@@ -8,32 +8,32 @@ in {
options.services.unclutter-xfixes = {
enable = mkOption {
- description = "Enable unclutter-xfixes to hide your mouse cursor when inactive.";
+ description = lib.mdDoc "Enable unclutter-xfixes to hide your mouse cursor when inactive.";
type = types.bool;
default = false;
};
package = mkOption {
- description = "unclutter-xfixes derivation to use.";
+ description = lib.mdDoc "unclutter-xfixes derivation to use.";
type = types.package;
default = pkgs.unclutter-xfixes;
defaultText = literalExpression "pkgs.unclutter-xfixes";
};
timeout = mkOption {
- description = "Number of seconds before the cursor is marked inactive.";
+ description = lib.mdDoc "Number of seconds before the cursor is marked inactive.";
type = types.int;
default = 1;
};
threshold = mkOption {
- description = "Minimum number of pixels considered cursor movement.";
+ description = lib.mdDoc "Minimum number of pixels considered cursor movement.";
type = types.int;
default = 1;
};
extraOptions = mkOption {
- description = "More arguments to pass to the unclutter-xfixes command.";
+ description = lib.mdDoc "More arguments to pass to the unclutter-xfixes command.";
type = types.listOf types.str;
default = [];
example = [ "exclude-root" "ignore-scrolling" "fork" ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/unclutter.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/unclutter.nix
index bdb5fa7b50c..039214a575a 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/unclutter.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/unclutter.nix
@@ -8,7 +8,7 @@ in {
options.services.unclutter = {
enable = mkOption {
- description = "Enable unclutter to hide your mouse cursor when inactive";
+ description = lib.mdDoc "Enable unclutter to hide your mouse cursor when inactive";
type = types.bool;
default = false;
};
@@ -17,36 +17,36 @@ in {
type = types.package;
default = pkgs.unclutter;
defaultText = literalExpression "pkgs.unclutter";
- description = "unclutter derivation to use.";
+ description = lib.mdDoc "unclutter derivation to use.";
};
keystroke = mkOption {
- description = "Wait for a keystroke before hiding the cursor";
+ description = lib.mdDoc "Wait for a keystroke before hiding the cursor";
type = types.bool;
default = false;
};
timeout = mkOption {
- description = "Number of seconds before the cursor is marked inactive";
+ description = lib.mdDoc "Number of seconds before the cursor is marked inactive";
type = types.int;
default = 1;
};
threshold = mkOption {
- description = "Minimum number of pixels considered cursor movement";
+ description = lib.mdDoc "Minimum number of pixels considered cursor movement";
type = types.int;
default = 1;
};
excluded = mkOption {
- description = "Names of windows where unclutter should not apply";
+ description = lib.mdDoc "Names of windows where unclutter should not apply";
type = types.listOf types.str;
default = [];
example = [ "" ];
};
extraOptions = mkOption {
- description = "More arguments to pass to the unclutter command";
+ description = lib.mdDoc "More arguments to pass to the unclutter command";
type = types.listOf types.str;
default = [];
example = [ "noevent" "grab" ];
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/urxvtd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/urxvtd.nix
index 0a0df447f4e..fedcb6c7293 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/urxvtd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/urxvtd.nix
@@ -11,7 +11,7 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Enable urxvtd, the urxvt terminal daemon. To use urxvtd, run
"urxvtc".
'';
@@ -20,7 +20,7 @@ in {
package = mkOption {
default = pkgs.rxvt-unicode;
defaultText = literalExpression "pkgs.rxvt-unicode";
- description = ''
+ description = lib.mdDoc ''
Package to install. Usually pkgs.rxvt-unicode.
'';
type = types.package;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/awesome.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/awesome.nix
index c6c0c934f9a..8db7d86c72c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/awesome.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/awesome.nix
@@ -26,21 +26,21 @@ in
luaModules = mkOption {
default = [];
type = types.listOf types.package;
- description = "List of lua packages available for being used in the Awesome configuration.";
+ description = lib.mdDoc "List of lua packages available for being used in the Awesome configuration.";
example = literalExpression "[ pkgs.luaPackages.vicious ]";
};
package = mkOption {
default = null;
type = types.nullOr types.package;
- description = "Package to use for running the Awesome WM.";
+ description = lib.mdDoc "Package to use for running the Awesome WM.";
apply = pkg: if pkg == null then pkgs.awesome else pkg;
};
noArgb = mkOption {
default = false;
type = types.bool;
- description = "Disable client transparency support, which can be greatly detrimental to performance in some setups";
+ description = lib.mdDoc "Disable client transparency support, which can be greatly detrimental to performance in some setups";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/bspwm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/bspwm.nix
index ade24061a06..4fcd2b7c720 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/bspwm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/bspwm.nix
@@ -16,7 +16,7 @@ in
default = pkgs.bspwm;
defaultText = literalExpression "pkgs.bspwm";
example = literalExpression "pkgs.bspwm-unstable";
- description = ''
+ description = lib.mdDoc ''
bspwm package to use.
'';
};
@@ -24,7 +24,7 @@ in
type = with types; nullOr path;
example = literalExpression ''"''${pkgs.bspwm}/share/doc/bspwm/examples/bspwmrc"'';
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the bspwm configuration file.
If null, $HOME/.config/bspwm/bspwmrc will be used.
'';
@@ -36,7 +36,7 @@ in
default = pkgs.sxhkd;
defaultText = literalExpression "pkgs.sxhkd";
example = literalExpression "pkgs.sxhkd-unstable";
- description = ''
+ description = lib.mdDoc ''
sxhkd package to use.
'';
};
@@ -44,7 +44,7 @@ in
type = with types; nullOr path;
example = literalExpression ''"''${pkgs.bspwm}/share/doc/bspwm/examples/sxhkdrc"'';
default = null;
- description = ''
+ description = lib.mdDoc ''
Path to the sxhkd configuration file.
If null, $HOME/.config/sxhkd/sxhkdrc will be used.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/clfswm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/clfswm.nix
index 78772c79974..cf8eec249c6 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/clfswm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/clfswm.nix
@@ -14,7 +14,7 @@ in
type = types.package;
default = pkgs.lispPackages.clfswm;
defaultText = literalExpression "pkgs.lispPackages.clfswm";
- description = ''
+ description = lib.mdDoc ''
clfswm package to use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/default.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/default.nix
index d71738ea633..4e56b393e2e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/default.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/default.nix
@@ -19,7 +19,8 @@ in
./evilwm.nix
./exwm.nix
./fluxbox.nix
- ./fvwm.nix
+ ./fvwm2.nix
+ ./fvwm3.nix
./herbstluftwm.nix
./i3.nix
./jwm.nix
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/exwm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/exwm.nix
index b505f720f04..5b0a15804ef 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/exwm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/exwm.nix
@@ -26,7 +26,7 @@ in
(require 'exwm)
(exwm-enable)
'';
- description = ''
+ description = lib.mdDoc ''
Emacs lisp code to be run after loading the user's init
file. If enableDefaultConfig is true, this will be run
before loading the default config.
@@ -35,7 +35,7 @@ in
enableDefaultConfig = mkOption {
default = true;
type = lib.types.bool;
- description = "Enable an uncustomised exwm configuration.";
+ description = lib.mdDoc "Enable an uncustomised exwm configuration.";
};
extraPackages = mkOption {
type = types.functionTo (types.listOf types.package);
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm.nix
deleted file mode 100644
index e283886ecc4..00000000000
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
- cfg = config.services.xserver.windowManager.fvwm;
- fvwm = pkgs.fvwm.override { enableGestures = cfg.gestures; };
-in
-
-{
-
- ###### interface
-
- options = {
- services.xserver.windowManager.fvwm = {
- enable = mkEnableOption "Fvwm window manager";
-
- gestures = mkOption {
- default = false;
- type = types.bool;
- description = "Whether or not to enable libstroke for gesture support";
- };
- };
- };
-
-
- ###### implementation
-
- config = mkIf cfg.enable {
- services.xserver.windowManager.session = singleton
- { name = "fvwm";
- start =
- ''
- ${fvwm}/bin/fvwm &
- waitPID=$!
- '';
- };
-
- environment.systemPackages = [ fvwm ];
- };
-}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm2.nix
new file mode 100644
index 00000000000..909b3a475a9
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm2.nix
@@ -0,0 +1,47 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+ cfg = config.services.xserver.windowManager.fvwm2;
+ fvwm2 = pkgs.fvwm2.override { enableGestures = cfg.gestures; };
+in
+
+{
+
+ imports = [
+ (mkRenamedOptionModule
+ [ "services" "xserver" "windowManager" "fvwm" ]
+ [ "services" "xserver" "windowManager" "fvwm2" ])
+ ];
+
+ ###### interface
+
+ options = {
+ services.xserver.windowManager.fvwm2 = {
+ enable = mkEnableOption "Fvwm2 window manager";
+
+ gestures = mkOption {
+ default = false;
+ type = types.bool;
+ description = "Whether or not to enable libstroke for gesture support";
+ };
+ };
+ };
+
+
+ ###### implementation
+
+ config = mkIf cfg.enable {
+ services.xserver.windowManager.session = singleton
+ { name = "fvwm2";
+ start =
+ ''
+ ${fvwm2}/bin/fvwm &
+ waitPID=$!
+ '';
+ };
+
+ environment.systemPackages = [ fvwm2 ];
+ };
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm3.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm3.nix
new file mode 100644
index 00000000000..43111f917d4
--- /dev/null
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/fvwm3.nix
@@ -0,0 +1,35 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+ cfg = config.services.xserver.windowManager.fvwm3;
+ inherit (pkgs) fvwm3;
+in
+
+{
+
+ ###### interface
+
+ options = {
+ services.xserver.windowManager.fvwm3 = {
+ enable = mkEnableOption "Fvwm3 window manager";
+ };
+ };
+
+
+ ###### implementation
+
+ config = mkIf cfg.enable {
+ services.xserver.windowManager.session = singleton
+ { name = "fvwm3";
+ start =
+ ''
+ ${fvwm3}/bin/fvwm3 &
+ waitPID=$!
+ '';
+ };
+
+ environment.systemPackages = [ fvwm3 ];
+ };
+}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/herbstluftwm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/herbstluftwm.nix
index 354d70c695c..af077c4d228 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/herbstluftwm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/herbstluftwm.nix
@@ -15,7 +15,7 @@ in
type = types.package;
default = pkgs.herbstluftwm;
defaultText = literalExpression "pkgs.herbstluftwm";
- description = ''
+ description = lib.mdDoc ''
Herbstluftwm package to use.
'';
};
@@ -23,7 +23,7 @@ in
configFile = mkOption {
default = null;
type = with types; nullOr path;
- description = ''
+ description = lib.mdDoc ''
Path to the herbstluftwm configuration file. If left at the
default value, $XDG_CONFIG_HOME/herbstluftwm/autostart will
be used.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/i3.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/i3.nix
index 99f9997024f..87479f2ac45 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/i3.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/i3.nix
@@ -13,7 +13,7 @@ in
configFile = mkOption {
default = null;
type = with types; nullOr path;
- description = ''
+ description = lib.mdDoc ''
Path to the i3 configuration file.
If left at the default value, $HOME/.i3/config will be used.
'';
@@ -22,7 +22,7 @@ in
extraSessionCommands = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands executed just before i3 is started.
'';
};
@@ -32,7 +32,7 @@ in
default = pkgs.i3;
defaultText = literalExpression "pkgs.i3";
example = literalExpression "pkgs.i3-gaps";
- description = ''
+ description = lib.mdDoc ''
i3 package to use.
'';
};
@@ -47,7 +47,7 @@ in
i3lock
]
'';
- description = ''
+ description = lib.mdDoc ''
Extra packages to be installed system wide.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/mlvwm.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/mlvwm.nix
index 08dd0402029..0ee1d7b097e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/mlvwm.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/mlvwm.nix
@@ -13,7 +13,7 @@ in
configFile = mkOption {
default = null;
type = with types; nullOr path;
- description = ''
+ description = lib.mdDoc ''
Path to the mlvwm configuration file.
If left at the default value, $HOME/.mlvwmrc will be used.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/wmderland.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/wmderland.nix
index 56b69220965..835c1b30281 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/wmderland.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/wmderland.nix
@@ -13,7 +13,7 @@ in
extraSessionCommands = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands executed just before wmderland is started.
'';
};
@@ -38,7 +38,7 @@ in
rxvt-unicode
]
'';
- description = ''
+ description = lib.mdDoc ''
Extra packages to be installed system wide.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/xmonad.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/xmonad.nix
index 66d11131391..476621bad77 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/xmonad.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/window-managers/xmonad.nix
@@ -76,13 +76,13 @@ in {
enableContribAndExtras = mkOption {
default = false;
type = lib.types.bool;
- description = "Enable xmonad-{contrib,extras} in Xmonad.";
+ description = lib.mdDoc "Enable xmonad-{contrib,extras} in Xmonad.";
};
config = mkOption {
default = null;
type = with lib.types; nullOr (either path str);
- description = ''
+ description = lib.mdDoc ''
Configuration from which XMonad gets compiled. If no value is
specified, a vanilla xmonad binary is put in PATH, which will
attempt to recompile and exec your xmonad config from $HOME/.xmonad.
@@ -94,17 +94,17 @@ in {
"mod+q" restart key binding dysfunctional though, because that attempts
to call your binary with the "--restart" command line option, unless
you implement that yourself. You way mant to bind "mod+q" to
- (restart "xmonad" True) instead, which will just restart
+ `(restart "xmonad" True)` instead, which will just restart
xmonad from PATH. This allows e.g. switching to the new xmonad binary
after rebuilding your system with nixos-rebuild.
For the same reason, ghc is not added to the environment when this
- option is set, unless is
- set to true.
+ option is set, unless {option}`enableConfiguredRecompile` is
+ set to `true`.
If you actually want to run xmonad with a config specified here, but
also be able to recompile and restart it from a copy of that source in
- $HOME/.xmonad on the fly, set
- to true and implement something like "compileRestart"
+ $HOME/.xmonad on the fly, set {option}`enableConfiguredRecompile`
+ to `true` and implement something like "compileRestart"
from the example.
This should allow you to switch at will between the local xmonad and
the one NixOS puts in your PATH.
@@ -162,8 +162,8 @@ in {
enableConfiguredRecompile = mkOption {
default = false;
type = lib.types.bool;
- description = ''
- Enable recompilation even if is set to a
+ description = lib.mdDoc ''
+ Enable recompilation even if {option}`config` is set to a
non-null value. This adds the necessary Haskell dependencies (GHC with
packages) to the xmonad binary's environment.
'';
@@ -172,7 +172,7 @@ in {
xmonadCliArgs = mkOption {
default = [];
type = with lib.types; listOf str;
- description = ''
+ description = lib.mdDoc ''
Command line arguments passed to the xmonad binary.
'';
};
@@ -180,7 +180,7 @@ in {
ghcArgs = mkOption {
default = [];
type = with lib.types; listOf str;
- description = ''
+ description = lib.mdDoc ''
Command line arguments passed to the compiler (ghc)
invocation when xmonad.config is set.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xautolock.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xautolock.nix
index 947d8f4edfb..ca3909d7b80 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xautolock.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xautolock.nix
@@ -20,7 +20,7 @@ in
default = 15;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Idle time (in minutes) to wait until xautolock locks the computer.
'';
};
@@ -31,7 +31,7 @@ in
example = literalExpression ''"''${pkgs.i3lock}/bin/i3lock -i /path/to/img"'';
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The script to use when automatically locking the computer.
'';
};
@@ -41,8 +41,8 @@ in
example = literalExpression ''"''${pkgs.i3lock}/bin/i3lock -i /path/to/img"'';
type = types.nullOr types.str;
- description = ''
- The script to use when manually locking the computer with xautolock -locknow.
+ description = lib.mdDoc ''
+ The script to use when manually locking the computer with {command}`xautolock -locknow`.
'';
};
@@ -50,7 +50,7 @@ in
default = 10;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Time (in seconds) before the actual lock when the notification about the pending lock should be published.
'';
};
@@ -60,7 +60,7 @@ in
example = literalExpression ''"''${pkgs.libnotify}/bin/notify-send 'Locking in 10 seconds'"'';
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
Notification script to be used to warn about the pending autolock.
'';
};
@@ -70,8 +70,8 @@ in
example = "/run/current-system/systemd/bin/systemctl suspend";
type = types.nullOr types.str;
- description = ''
- The script to use when nothing has happend for as long as
+ description = lib.mdDoc ''
+ The script to use when nothing has happend for as long as {option}`killtime`
'';
};
@@ -79,8 +79,8 @@ in
default = 20; # default according to `man xautolock`
type = types.int;
- description = ''
- Minutes xautolock waits until it executes the script specified in
+ description = lib.mdDoc ''
+ Minutes xautolock waits until it executes the script specified in {option}`killer`
(Has to be at least 10 minutes)
'';
};
@@ -89,9 +89,9 @@ in
type = types.listOf types.str;
default = [ ];
example = [ "-detectsleep" ];
- description = ''
+ description = lib.mdDoc ''
Additional command-line arguments to pass to
- xautolock.
+ {command}`xautolock`.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xbanish.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xbanish.nix
index b95fac68f16..f494f2054a4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xbanish.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xbanish.nix
@@ -10,7 +10,7 @@ in {
enable = mkEnableOption "xbanish";
arguments = mkOption {
- description = "Arguments to pass to xbanish command";
+ description = lib.mdDoc "Arguments to pass to xbanish command";
default = "";
example = "-d -i shift";
type = types.str;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xfs.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xfs.nix
index ea7cfa1aa43..591bf461496 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xfs.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/services/x11/xfs.nix
@@ -19,7 +19,7 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = "Whether to enable the X Font Server.";
+ description = lib.mdDoc "Whether to enable the X Font Server.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/activation/activation-script.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/activation/activation-script.nix
index c04d0fc16b2..88b3ac1d18e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/activation/activation-script.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/activation/activation-script.nix
@@ -123,12 +123,12 @@ in
}
'';
- description = ''
+ description = lib.mdDoc ''
A set of shell script fragments that are executed when a NixOS
system configuration is activated. Examples are updating
/etc, creating accounts, and so on. Since these are executed
every time you boot the system or run
- nixos-rebuild, it's important that they are
+ {command}`nixos-rebuild`, it's important that they are
idempotent and fast.
'';
@@ -159,12 +159,12 @@ in
}
'';
- description = ''
+ description = lib.mdDoc ''
A set of shell script fragments that are executed by a systemd user
service when a NixOS system configuration is activated. Examples are
rebuilding the .desktop file cache for showing applications in the menu.
Since these are executed every time you run
- nixos-rebuild, it's important that they are
+ {command}`nixos-rebuild`, it's important that they are
idempotent and fast.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/binfmt.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/binfmt.nix
index 33748358e45..4d95af61ac9 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/binfmt.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/binfmt.nix
@@ -153,7 +153,7 @@ in {
registrations = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
Extra binary formats to register with the kernel.
See https://www.kernel.org/doc/html/latest/admin-guide/binfmt-misc.html for more details.
'';
@@ -162,30 +162,30 @@ in {
options = {
recognitionType = mkOption {
default = "magic";
- description = "Whether to recognize executables by magic number or extension.";
+ description = lib.mdDoc "Whether to recognize executables by magic number or extension.";
type = types.enum [ "magic" "extension" ];
};
offset = mkOption {
default = null;
- description = "The byte offset of the magic number used for recognition.";
+ description = lib.mdDoc "The byte offset of the magic number used for recognition.";
type = types.nullOr types.int;
};
magicOrExtension = mkOption {
- description = "The magic number or extension to match on.";
+ description = lib.mdDoc "The magic number or extension to match on.";
type = types.str;
};
mask = mkOption {
default = null;
description =
- "A mask to be ANDed with the byte sequence of the file before matching";
+ lib.mdDoc "A mask to be ANDed with the byte sequence of the file before matching";
type = types.nullOr types.str;
};
interpreter = mkOption {
- description = ''
+ description = lib.mdDoc ''
The interpreter to invoke to run the program.
Note that the actual registration will point to
@@ -197,7 +197,7 @@ in {
preserveArgvZero = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to pass the original argv[0] to the interpreter.
See the description of the 'P' flag in the kernel docs
@@ -208,7 +208,7 @@ in {
openBinary = mkOption {
default = config.matchCredentials;
- description = ''
+ description = lib.mdDoc ''
Whether to pass the binary to the interpreter as an open
file descriptor, instead of a path.
'';
@@ -217,7 +217,7 @@ in {
matchCredentials = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to launch with the credentials and security
token of the binary, not the interpreter (e.g. setuid
bit).
@@ -232,7 +232,7 @@ in {
fixBinary = mkOption {
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to open the interpreter file as soon as the
registration is loaded, rather than waiting for a
relevant file to be invoked.
@@ -245,7 +245,7 @@ in {
wrapInterpreterInShell = mkOption {
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to wrap the interpreter in a shell script.
This allows a shell command to be set as the interpreter.
@@ -268,7 +268,7 @@ in {
emulatedSystems = mkOption {
default = [];
example = [ "wasm32-wasi" "x86_64-windows" "aarch64-linux" ];
- description = ''
+ description = lib.mdDoc ''
List of systems to emulate. Will also configure Nix to
support your new systems.
Warning: the builder can execute all emulated systems within the same build, which introduces impurities in the case of cross compilation.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/emergency-mode.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/emergency-mode.nix
index ec697bcee26..a2163aa5ffb 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/emergency-mode.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/emergency-mode.nix
@@ -11,9 +11,9 @@ with lib;
systemd.enableEmergencyMode = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable emergency mode, which is an
- sulogin shell started on the console if
+ {command}`sulogin` shell started on the console if
mounting a filesystem fails. Since some machines (like EC2
instances) have no console of any kind, emergency mode doesn't
make sense, and it's better to continue with the boot insofar
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-network.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-network.nix
index 2a7417ed371..43327fdd9da 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-network.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-network.nix
@@ -69,7 +69,7 @@ in
boot.initrd.network.flushBeforeStage2 = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether to clear the configuration of the interfaces that were set up in
the initrd right before stage 2 takes over. Stage 2 will do the regular network
configuration based on the NixOS networking options.
@@ -79,9 +79,9 @@ in
boot.initrd.network.udhcpc.extraArgs = mkOption {
default = [];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Additional command-line arguments passed verbatim to udhcpc if
- and
+ {option}`boot.initrd.network.enable` and {option}`networking.useDHCP`
are enabled.
'';
};
@@ -89,7 +89,7 @@ in
boot.initrd.network.postCommands = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to be executed after stage 1 of the
boot has initialised the network.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-openvpn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-openvpn.nix
index 9b52d4bbdb1..9f476e07208 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-openvpn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-openvpn.nix
@@ -15,10 +15,10 @@ in
boot.initrd.network.openvpn.enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Starts an OpenVPN client during initrd boot. It can be used to e.g.
remotely accessing the SSH service controlled by
- or other network services
+ {option}`boot.initrd.network.ssh` or other network services
included. Service is killed when stage-1 boot is finished.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-ssh.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-ssh.nix
index 0999142de86..265399e562f 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-ssh.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/initrd-ssh.nix
@@ -14,20 +14,20 @@ in
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Start SSH service during initrd boot. It can be used to debug failing
boot on a remote server, enter pasphrase for an encrypted partition etc.
Service is killed when stage-1 boot is finished.
The sshd configuration is largely inherited from
- .
+ {option}`services.openssh`.
'';
};
port = mkOption {
type = types.int;
default = 22;
- description = ''
+ description = lib.mdDoc ''
Port on which SSH initrd service should listen.
'';
};
@@ -35,7 +35,7 @@ in
shell = mkOption {
type = types.str;
default = "/bin/ash";
- description = ''
+ description = lib.mdDoc ''
Login shell of the remote user. Can be used to limit actions user can do.
'';
};
@@ -79,7 +79,7 @@ in
type = types.listOf types.str;
default = config.users.users.root.openssh.authorizedKeys.keys;
defaultText = literalExpression "config.users.users.root.openssh.authorizedKeys.keys";
- description = ''
+ description = lib.mdDoc ''
Authorized keys for the root user on initrd.
'';
};
@@ -87,7 +87,7 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = "Verbatim contents of sshd_config.";
+ description = lib.mdDoc "Verbatim contents of {file}`sshd_config`.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/kernel.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/kernel.nix
index b2c92a85f7a..33e9eca62b0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/kernel.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/kernel.nix
@@ -66,7 +66,7 @@ in
type = types.listOf types.attrs;
default = [];
example = literalExpression "[ pkgs.kernelPatches.ubuntu_fan_4_4 ]";
- description = "A list of additional patches to apply to the kernel.";
+ description = lib.mdDoc "A list of additional patches to apply to the kernel.";
};
boot.kernel.randstructSeed = mkOption {
@@ -88,14 +88,14 @@ in
description = "string, with spaces inside double quotes";
});
default = [ ];
- description = "Parameters added to the kernel command line.";
+ description = lib.mdDoc "Parameters added to the kernel command line.";
};
boot.consoleLogLevel = mkOption {
type = types.int;
default = 4;
- description = ''
- The kernel console loglevel. All Kernel Messages with a log level smaller
+ description = lib.mdDoc ''
+ The kernel console `loglevel`. All Kernel Messages with a log level smaller
than this setting will be printed to the console.
'';
};
@@ -103,11 +103,11 @@ in
boot.vesa = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
(Deprecated) This option, if set, activates the VESA 800x600 video
mode on boot and disables kernel modesetting. It is equivalent to
- specifying [ "vga=0x317" "nomodeset" ] in the
- option. This option is
+ specifying `[ "vga=0x317" "nomodeset" ]` in the
+ {option}`boot.kernelParams` option. This option is
deprecated as of 2020: Xorg now works better with modesetting, and
you might want a different VESA vga setting, anyway.
'';
@@ -117,18 +117,18 @@ in
type = types.listOf types.package;
default = [];
example = literalExpression "[ config.boot.kernelPackages.nvidia_x11 ]";
- description = "A list of additional packages supplying kernel modules.";
+ description = lib.mdDoc "A list of additional packages supplying kernel modules.";
};
boot.kernelModules = mkOption {
type = types.listOf types.str;
default = [];
- description = ''
+ description = lib.mdDoc ''
The set of kernel modules to be loaded in the second stage of
the boot process. Note that modules that are needed to
mount the root file system should be added to
- or
- .
+ {option}`boot.initrd.availableKernelModules` or
+ {option}`boot.initrd.kernelModules`.
'';
};
@@ -136,7 +136,7 @@ in
type = types.listOf types.str;
default = [];
example = [ "sata_nv" "ext3" ];
- description = ''
+ description = lib.mdDoc ''
The set of kernel modules in the initial ramdisk used during the
boot process. This set must include all modules necessary for
mounting the root device. That is, it should include modules
@@ -149,23 +149,23 @@ in
loaded automatically when an ext3 filesystem is mounted, and
modules for PCI devices are loaded when they match the PCI ID
of a device in your system). To force a module to be loaded,
- include it in .
+ include it in {option}`boot.initrd.kernelModules`.
'';
};
boot.initrd.kernelModules = mkOption {
type = types.listOf types.str;
default = [];
- description = "List of modules that are always loaded by the initrd.";
+ description = lib.mdDoc "List of modules that are always loaded by the initrd.";
};
boot.initrd.includeDefaultModules = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
This option, if set, adds a collection of default kernel modules
- to and
- .
+ to {option}`boot.initrd.availableKernelModules` and
+ {option}`boot.initrd.kernelModules`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/kernel_config.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/kernel_config.nix
index 495fe74bc21..448835c3e62 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/kernel_config.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/kernel_config.nix
@@ -25,7 +25,7 @@ let
};
default = null;
example = ''MMC_BLOCK_MINORS.freeform = "32";'';
- description = ''
+ description = lib.mdDoc ''
Freeform description of a kernel configuration item value.
'';
};
@@ -33,7 +33,7 @@ let
optional = mkOption {
type = types.bool // { merge = mergeFalseByDefault; };
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether option should generate a failure when unused.
Upon merging values, mandatory wins over optional.
'';
@@ -105,7 +105,7 @@ in
USB = option yes;
MMC_BLOCK_MINORS = freeform "32";
}'';
- description = ''
+ description = lib.mdDoc ''
Structured kernel configuration.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/efi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/efi.nix
index 6043c904c45..2661f362249 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/efi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/efi.nix
@@ -8,13 +8,13 @@ with lib;
canTouchEfiVariables = mkOption {
default = false;
type = types.bool;
- description = "Whether the installation process is allowed to modify EFI boot variables.";
+ description = lib.mdDoc "Whether the installation process is allowed to modify EFI boot variables.";
};
efiSysMountPoint = mkOption {
default = "/boot";
type = types.str;
- description = "Where the EFI System Partition is mounted.";
+ description = lib.mdDoc "Where the EFI System Partition is mounted.";
};
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix
index 1437ab38770..5ace5dd06fd 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix
@@ -22,11 +22,11 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to create symlinks to the system generations under
- /boot. When enabled,
- /boot/default/kernel,
- /boot/default/initrd, etc., are updated to
+ `/boot`. When enabled,
+ `/boot/default/kernel`,
+ `/boot/default/initrd`, etc., are updated to
point to the current generation's kernel image, initial RAM
disk, and other bootstrap files.
@@ -41,7 +41,7 @@ in
copyKernels = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether copy the necessary boot files into /boot, so
/nix/store is not needed by the boot loader.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/grub.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/grub.nix
index 1f915d1f419..00ec3d237d5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/grub.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/grub.nix
@@ -103,7 +103,7 @@ in
default = !config.boot.isContainer;
defaultText = literalExpression "!config.boot.isContainer";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the GNU GRUB boot loader.
'';
};
@@ -112,9 +112,9 @@ in
default = 2;
example = 1;
type = types.int;
- description = ''
- The version of GRUB to use: 1 for GRUB
- Legacy (versions 0.9x), or 2 (the
+ description = lib.mdDoc ''
+ The version of GRUB to use: `1` for GRUB
+ Legacy (versions 0.9x), or `2` (the
default) for GRUB 2.
'';
};
@@ -123,12 +123,12 @@ in
default = "";
example = "/dev/disk/by-id/wwn-0x500001234567890a";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The device on which the GRUB boot loader will be installed.
- The special value nodev means that a GRUB
+ The special value `nodev` means that a GRUB
boot menu will be generated, but GRUB itself will not
actually be installed. To install GRUB on multiple devices,
- use boot.loader.grub.devices.
+ use `boot.loader.grub.devices`.
'';
};
@@ -136,9 +136,9 @@ in
default = [];
example = [ "/dev/disk/by-id/wwn-0x500001234567890a" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The devices on which the boot loader, GRUB, will be
- installed. Can be used instead of device to
+ installed. Can be used instead of `device` to
install GRUB onto multiple devices.
'';
};
@@ -148,7 +148,7 @@ in
example = {
root = { hashedPasswordFile = "/path/to/file"; };
};
- description = ''
+ description = lib.mdDoc ''
User accounts for GRUB. When specified, the GRUB command line and
all boot options except the default are password-protected.
All passwords and hashes provided will be stored in /boot/grub/grub.cfg,
@@ -163,7 +163,7 @@ in
example = "/path/to/file";
default = null;
type = with types; uniq (nullOr str);
- description = ''
+ description = lib.mdDoc ''
Specifies the path to a file containing the password hash
for the account, generated with grub-mkpasswd-pbkdf2.
This hash will be stored in /boot/grub/grub.cfg, and will
@@ -174,7 +174,7 @@ in
example = "grub.pbkdf2.sha512.10000.674DFFDEF76E13EA...2CC972B102CF4355";
default = null;
type = with types; uniq (nullOr str);
- description = ''
+ description = lib.mdDoc ''
Specifies the password hash for the account,
generated with grub-mkpasswd-pbkdf2.
This hash will be copied to the Nix store, and will be visible to all local users.
@@ -184,7 +184,7 @@ in
example = "/path/to/file";
default = null;
type = with types; uniq (nullOr str);
- description = ''
+ description = lib.mdDoc ''
Specifies the path to a file containing the
clear text password for the account.
This password will be stored in /boot/grub/grub.cfg, and will
@@ -195,7 +195,7 @@ in
example = "Pa$$w0rd!";
default = null;
type = with types; uniq (nullOr str);
- description = ''
+ description = lib.mdDoc ''
Specifies the clear text password for the account.
This password will be copied to the Nix store, and will be visible to all local users.
'';
@@ -210,7 +210,7 @@ in
{ path = "/boot1"; devices = [ "/dev/disk/by-id/wwn-0x500001234567890a" ]; }
{ path = "/boot2"; devices = [ "/dev/disk/by-id/wwn-0x500009876543210a" ]; }
];
- description = ''
+ description = lib.mdDoc ''
Mirror the boot configuration to multiple partitions and install grub
to the respective devices corresponding to those partitions.
'';
@@ -221,7 +221,7 @@ in
path = mkOption {
example = "/boot1";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The path to the boot directory where GRUB will be written. Generally
this boot path should double as an EFI path.
'';
@@ -231,7 +231,7 @@ in
default = null;
example = "/boot1/efi";
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The path to the efi system mount point. Usually this is the same
partition as the above path and can be left as null.
'';
@@ -241,10 +241,10 @@ in
default = null;
example = "NixOS-fsid";
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The id of the bootloader to store in efi nvram.
The default is to name it NixOS and append the path or efiSysMountPoint.
- This is only used if boot.loader.efi.canTouchEfiVariables is true.
+ This is only used if `boot.loader.efi.canTouchEfiVariables` is true.
'';
};
@@ -252,7 +252,7 @@ in
default = [ ];
example = [ "/dev/disk/by-id/wwn-0x500001234567890a" "/dev/disk/by-id/wwn-0x500009876543210a" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The path to the devices which will have the GRUB MBR written.
Note these are typically device paths and not paths to partitions.
'';
@@ -266,7 +266,7 @@ in
default = "";
example = "Stable 2.6.21";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
GRUB entry name instead of default.
'';
};
@@ -274,7 +274,7 @@ in
storePath = mkOption {
default = "/nix/store";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Path to the Nix store when looking for kernels at boot.
Only makes sense when copyKernels is false.
'';
@@ -283,7 +283,7 @@ in
extraPrepareConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Additional bash commands to be run at the script that
prepares the GRUB menu entries.
'';
@@ -297,7 +297,7 @@ in
terminal_output --append serial
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Additional GRUB commands inserted in the configuration file
just before the menu entries.
'';
@@ -307,26 +307,26 @@ in
default = [ ];
example = [ "--modules=nativedisk ahci pata part_gpt part_msdos diskfilter mdraid1x lvm ext2" ];
type = types.listOf types.str;
- description = ''
- Additional arguments passed to grub-install.
+ description = lib.mdDoc ''
+ Additional arguments passed to `grub-install`.
A use case for this is to build specific GRUB2 modules
directly into the GRUB2 kernel image, so that they are available
- and activated even in the grub rescue shell.
+ and activated even in the `grub rescue` shell.
They are also necessary when the BIOS/UEFI is bugged and cannot
correctly read large disks (e.g. above 2 TB), so GRUB2's own
- nativedisk and related modules can be used
+ `nativedisk` and related modules can be used
to use its own disk drivers. The example shows one such case.
This is also useful for booting from USB.
See the
-
+ [
GRUB source code
-
+ ](http://git.savannah.gnu.org/cgit/grub.git/tree/grub-core/commands/nativedisk.c?h=grub-2.04#n326)
for which disk modules are available.
- The list elements are passed directly as argv
- arguments to the grub-install program, in order.
+ The list elements are passed directly as `argv`
+ arguments to the `grub-install` program, in order.
'';
};
@@ -344,7 +344,7 @@ in
export GNUPGHOME=$old_gpg_home
'';
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Additional shell commands inserted in the bootloader installer
script after generating menu entries.
'';
@@ -354,7 +354,7 @@ in
default = "";
example = "root (hd0)";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Additional GRUB commands inserted in the configuration file
at the start of each NixOS menu entry.
'';
@@ -379,7 +379,7 @@ in
chainloader /efi/fedora/grubx64.efi
}
'';
- description = ''
+ description = lib.mdDoc ''
Any additional entries you want added to the GRUB boot menu.
'';
};
@@ -387,7 +387,7 @@ in
extraEntriesBeforeNixOS = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether extraEntries are included before the default option.
'';
};
@@ -398,10 +398,10 @@ in
example = literalExpression ''
{ "memtest.bin" = "''${pkgs.memtest86plus}/memtest.bin"; }
'';
- description = ''
- A set of files to be copied to /boot.
+ description = lib.mdDoc ''
+ A set of files to be copied to {file}`/boot`.
Each attribute name denotes the destination file name in
- /boot, while the corresponding
+ {file}`/boot`, while the corresponding
attribute value specifies the source file.
'';
};
@@ -409,7 +409,7 @@ in
useOSProber = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set to true, append entries for other OSs detected by os-prober.
'';
};
@@ -503,7 +503,7 @@ in
type = types.nullOr types.path;
default = "${realGrub}/share/grub/unicode.pf2";
defaultText = literalExpression ''"''${pkgs.grub2}/share/grub/unicode.pf2"'';
- description = ''
+ description = lib.mdDoc ''
Path to a TrueType, OpenType, or pf2 font to be used by Grub.
'';
};
@@ -512,8 +512,8 @@ in
type = types.nullOr types.int;
example = 16;
default = null;
- description = ''
- Font size for the grub menu. Ignored unless font
+ description = lib.mdDoc ''
+ Font size for the grub menu. Ignored unless `font`
is set to a ttf or otf font.
'';
};
@@ -522,7 +522,7 @@ in
default = "auto";
example = "1024x768";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The gfxmode to pass to GRUB when loading a graphical boot interface under EFI.
'';
};
@@ -531,7 +531,7 @@ in
default = "1024x768";
example = "auto";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The gfxmode to pass to GRUB when loading a graphical boot interface under BIOS.
'';
};
@@ -540,7 +540,7 @@ in
default = "keep";
example = "text";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The gfxpayload to pass to GRUB when loading a graphical boot interface under EFI.
'';
};
@@ -549,7 +549,7 @@ in
default = "text";
example = "keep";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The gfxpayload to pass to GRUB when loading a graphical boot interface under BIOS.
'';
};
@@ -558,7 +558,7 @@ in
default = 100;
example = 120;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Maximum of configurations in boot menu. GRUB has problems when
there are too many entries.
'';
@@ -567,7 +567,7 @@ in
copyKernels = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether the GRUB menu builder should copy kernels and initial
ramdisks to /boot. This is done automatically if /boot is
on a different partition than /.
@@ -578,7 +578,7 @@ in
default = "0";
type = types.either types.int types.str;
apply = toString;
- description = ''
+ description = lib.mdDoc ''
Index of the default menu item to be booted.
Can also be set to "saved", which will make GRUB select
the menu item that was used at the last boot.
@@ -588,13 +588,13 @@ in
fsIdentifier = mkOption {
default = "uuid";
type = types.enum [ "uuid" "label" "provided" ];
- description = ''
+ description = lib.mdDoc ''
Determines how GRUB will identify devices when generating the
configuration file. A value of uuid / label signifies that grub
will always resolve the uuid or label of the device before using
it in the configuration. A value of provided means that GRUB will
- use the device name as show in df or
- mount. Note, zfs zpools / datasets are ignored
+ use the device name as show in {command}`df` or
+ {command}`mount`. Note, zfs zpools / datasets are ignored
and will always be mounted using their labels.
'';
};
@@ -602,7 +602,7 @@ in
zfsSupport = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether GRUB should be built against libzfs.
ZFS support is only available for GRUB v2.
This option is ignored for GRUB v1.
@@ -612,7 +612,7 @@ in
efiSupport = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether GRUB should be built with EFI support.
EFI support is only available for GRUB v2.
This option is ignored for GRUB v1.
@@ -659,7 +659,7 @@ in
enableCryptodisk = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable support for encrypted partitions. GRUB should automatically
unlock the correct encrypted partition and look for filesystems.
'';
@@ -668,7 +668,7 @@ in
forceInstall = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to try and forcibly install GRUB even if problems are
detected. It is not recommended to enable this unless you know what
you are doing.
@@ -678,7 +678,7 @@ in
forcei686 = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to force the use of a ia32 boot loader on x64 systems. Required
to install and run NixOS on 64bit x86 systems with 32bit (U)EFI.
'';
@@ -689,7 +689,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable trusted boot. GRUB will measure all critical components during
the boot process to offer TCG (TPM) support.
'';
@@ -699,7 +699,7 @@ in
default = "";
example = "YES_TPM_is_activated";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Assertion that the target system has an activated TPM. It is a safety
check before allowing the activation of 'trustedBoot.enable'. TrustedBoot
WILL FAIL TO BOOT YOUR SYSTEM if no TPM is available.
@@ -709,7 +709,7 @@ in
isHPLaptop = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Use a special version of TrustedGRUB that is needed by some HP laptops
and works only for the HP laptops.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/ipxe.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/ipxe.nix
index ef8595592f4..adddcbee016 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/ipxe.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/ipxe.nix
@@ -28,7 +28,7 @@ in
{ boot.loader.grub.ipxe = mkOption {
type = types.attrsOf (types.either types.path types.str);
description =
- ''
+ lib.mdDoc ''
Set of iPXE scripts available for
booting from the GRUB boot menu.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/memtest.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/memtest.nix
index 71e50dd0577..150068e0e95 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/memtest.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/grub/memtest.nix
@@ -18,12 +18,12 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Make Memtest86+ (or MemTest86 if EFI support is enabled),
a memory testing program, available from the
GRUB boot menu. MemTest86 is an unfree program, so
- this requires allowUnfree to be set to
- true.
+ this requires `allowUnfree` to be set to
+ `true`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/init-script/init-script.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/init-script/init-script.nix
index 374d9524ff1..8287131d321 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/init-script/init-script.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/init-script/init-script.nix
@@ -24,7 +24,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Some systems require a /sbin/init script which is started.
Or having it makes starting NixOS easier.
This applies to some kind of hosting services and user mode linux.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/loader.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/loader.nix
index 01475f79b9c..0e33264271b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/loader.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/loader.nix
@@ -12,7 +12,7 @@ with lib;
boot.loader.timeout = mkOption {
default = 5;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
Timeout (in seconds) until loader boots the default menu item. Use null if the loader menu should be displayed indefinitely.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix
index 1023361f0b1..426aa021c8b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix
@@ -48,10 +48,10 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to create files with the system generations in
- /boot.
- /boot/old will hold files from old generations.
+ `/boot`.
+ `/boot/old` will hold files from old generations.
'';
};
@@ -65,7 +65,7 @@ in
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enable using uboot as bootmanager for the raspberry pi.
'';
};
@@ -74,7 +74,7 @@ in
default = 20;
example = 10;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Maximum number of configurations in the boot menu.
'';
};
@@ -84,9 +84,9 @@ in
firmwareConfig = mkOption {
default = null;
type = types.nullOr types.lines;
- description = ''
- Extra options that will be appended to /boot/config.txt file.
- For possible values, see: https://www.raspberrypi.org/documentation/configuration/config-txt/
+ description = lib.mdDoc ''
+ Extra options that will be appended to `/boot/config.txt` file.
+ For possible values, see: https://www.raspberrypi.com/documentation/computers/config_txt.html
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py
index aca6a1ca2cc..77280a9680e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py
@@ -264,8 +264,6 @@ def main() -> None:
if installed_version < available_version:
print("updating systemd-boot from %s to %s" % (installed_version, available_version))
subprocess.check_call(["@systemd@/bin/bootctl", "--path=@efiSysMountPoint@", "update"])
- else:
- print("leaving systemd-boot %s in place (%s is not newer)" % (installed_version, available_version))
mkdir_p("@efiSysMountPoint@/efi/nixos")
mkdir_p("@efiSysMountPoint@/loader/entries")
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
index 1a1dcaea9c8..baf0a9fe9c4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
@@ -69,7 +69,7 @@ in {
type = types.bool;
- description = "Whether to enable the systemd-boot (formerly gummiboot) EFI boot manager";
+ description = lib.mdDoc "Whether to enable the systemd-boot (formerly gummiboot) EFI boot manager";
};
editor = mkOption {
@@ -77,7 +77,7 @@ in {
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to allow editing the kernel command-line before
boot. It is recommended to set this to false, as it allows
gaining root access by passing init=/bin/sh as a kernel
@@ -90,11 +90,11 @@ in {
default = null;
example = 120;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
Maximum number of latest generations in the boot menu.
Useful to prevent boot partition running out of disk space.
- null means no limit i.e. all generations
+ `null` means no limit i.e. all generations
that were not garbage collected yet.
'';
};
@@ -134,21 +134,21 @@ in {
enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Make MemTest86 available from the systemd-boot menu. MemTest86 is a
program for testing memory. MemTest86 is an unfree program, so
- this requires allowUnfree to be set to
- true.
+ this requires `allowUnfree` to be set to
+ `true`.
'';
};
entryFilename = mkOption {
default = "memtest86.conf";
type = types.str;
- description = ''
- systemd-boot orders the menu entries by the config file names,
+ description = lib.mdDoc ''
+ `systemd-boot` orders the menu entries by the config file names,
so if you want something to appear after all the NixOS entries,
- it should start with o or onwards.
+ it should start with {file}`o` or onwards.
'';
};
};
@@ -157,9 +157,9 @@ in {
enable = mkOption {
default = false;
type = types.bool;
- description = ''
- Make netboot.xyz available from the
- systemd-boot menu. netboot.xyz
+ description = lib.mdDoc ''
+ Make `netboot.xyz` available from the
+ `systemd-boot` menu. `netboot.xyz`
is a menu system that allows you to boot OS installers and
utilities over the network.
'';
@@ -168,10 +168,10 @@ in {
entryFilename = mkOption {
default = "o_netbootxyz.conf";
type = types.str;
- description = ''
- systemd-boot orders the menu entries by the config file names,
+ description = lib.mdDoc ''
+ `systemd-boot` orders the menu entries by the config file names,
so if you want something to appear after all the NixOS entries,
- it should start with o or onwards.
+ it should start with {file}`o` or onwards.
'';
};
};
@@ -185,15 +185,15 @@ in {
efi /efi/memtest86/memtest86.efi
'''; }
'';
- description = ''
- Any additional entries you want added to the systemd-boot menu.
- These entries will be copied to /boot/loader/entries.
+ description = lib.mdDoc ''
+ Any additional entries you want added to the `systemd-boot` menu.
+ These entries will be copied to {file}`/boot/loader/entries`.
Each attribute name denotes the destination file name,
and the corresponding attribute value is the contents of the entry.
- systemd-boot orders the menu entries by the config file names,
+ `systemd-boot` orders the menu entries by the config file names,
so if you want something to appear after all the NixOS entries,
- it should start with o or onwards.
+ it should start with {file}`o` or onwards.
'';
};
@@ -203,10 +203,10 @@ in {
example = literalExpression ''
{ "efi/memtest86/memtest86.efi" = "''${pkgs.memtest86-efi}/BOOTX64.efi"; }
'';
- description = ''
- A set of files to be copied to /boot.
+ description = lib.mdDoc ''
+ A set of files to be copied to {file}`/boot`.
Each attribute name denotes the destination file name in
- /boot, while the corresponding
+ {file}`/boot`, while the corresponding
attribute value specifies the source file.
'';
};
@@ -216,13 +216,13 @@ in {
type = types.bool;
- description = ''
- Invoke bootctl install with the --graceful option,
+ description = lib.mdDoc ''
+ Invoke `bootctl install` with the `--graceful` option,
which ignores errors when EFI variables cannot be written or when the EFI System Partition
cannot be found. Currently only applies to random seed operations.
- Only enable this option if systemd-boot otherwise fails to install, as the
- scope or implication of the --graceful option may change in the future.
+ Only enable this option if `systemd-boot` otherwise fails to install, as the
+ scope or implication of the `--graceful` option may change in the future.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/luksroot.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/luksroot.nix
index 4103a7af57c..95556710bde 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/luksroot.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/luksroot.nix
@@ -496,10 +496,10 @@ in
boot.initrd.luks.mitigateDMAAttacks = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Unless enabled, encryption keys can be easily recovered by an attacker with physical
access to any machine with PCMCIA, ExpressCard, ThunderBolt or FireWire port.
- More information is available at .
+ More information is available at .
This option blacklists FireWire drivers, but doesn't remove them. You can manually
load the drivers if you need to use a FireWire device, but don't forget to unload them!
@@ -513,7 +513,7 @@ in
"serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512"
"af_alg" "algif_skcipher"
];
- description = ''
+ description = lib.mdDoc ''
A list of cryptographic kernel modules needed to decrypt the root device(s).
The default includes all common modules.
'';
@@ -569,14 +569,14 @@ in
device = mkOption {
example = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08";
type = types.str;
- description = "Path of the underlying encrypted block device.";
+ description = lib.mdDoc "Path of the underlying encrypted block device.";
};
header = mkOption {
default = null;
example = "/root/header.img";
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The name of the file or block device that
should be used as header for the encrypted device.
'';
@@ -586,7 +586,7 @@ in
default = null;
example = "/dev/sdb1";
type = types.nullOr types.str;
- description = ''
+ description = lib.mdDoc ''
The name of the file (can be a raw device or a partition) that
should be used as the decryption key for the encrypted device. If
not specified, you will be prompted for a passphrase instead.
@@ -597,12 +597,12 @@ in
default = null;
example = 4096;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
The size of the key file. Use this if only the beginning of the
key file should be used as a key (often the case if a raw device
or partition is used as key file). If not specified, the whole
- keyFile will be used decryption, instead of just
- the first keyFileSize bytes.
+ `keyFile` will be used decryption, instead of just
+ the first `keyFileSize` bytes.
'';
};
@@ -610,12 +610,12 @@ in
default = null;
example = 4096;
type = types.nullOr types.int;
- description = ''
+ description = lib.mdDoc ''
The offset of the key file. Use this in combination with
- keyFileSize to use part of a file as key file
+ `keyFileSize` to use part of a file as key file
(often the case if a raw device or partition is used as a key file).
If not specified, the key begins at the first byte of
- keyFile.
+ `keyFile`.
'';
};
@@ -623,13 +623,13 @@ in
preLVM = mkOption {
default = true;
type = types.bool;
- description = "Whether the luksOpen will be attempted before LVM scan or after it.";
+ description = lib.mdDoc "Whether the luksOpen will be attempted before LVM scan or after it.";
};
allowDiscards = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to allow TRIM requests to the underlying device. This option
has security implications; please read the LUKS documentation before
activating it.
@@ -641,10 +641,10 @@ in
bypassWorkqueues = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to bypass dm-crypt's internal read and write workqueues.
Enabling this should improve performance on SSDs; see
- here
+ [here](https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Disable_workqueue_for_increased_solid_state_drive_(SSD)_performance)
for more information. Needs Linux 5.9 or later.
'';
};
@@ -652,7 +652,7 @@ in
fallbackToPassword = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to fallback to interactive passphrase prompt if the keyfile
cannot be found. This will prevent unattended boot should the keyfile
go missing.
@@ -661,7 +661,7 @@ in
gpgCard = mkOption {
default = null;
- description = ''
+ description = lib.mdDoc ''
The option to use this LUKS device with a GPG encrypted luks password by the GPG Smartcard.
If null (the default), GPG-Smartcard will be disabled for this device.
'';
@@ -671,17 +671,17 @@ in
gracePeriod = mkOption {
default = 10;
type = types.int;
- description = "Time in seconds to wait for the GPG Smartcard.";
+ description = lib.mdDoc "Time in seconds to wait for the GPG Smartcard.";
};
encryptedPass = mkOption {
type = types.path;
- description = "Path to the GPG encrypted passphrase.";
+ description = lib.mdDoc "Path to the GPG encrypted passphrase.";
};
publicKey = mkOption {
type = types.path;
- description = "Path to the Public Key.";
+ description = lib.mdDoc "Path to the Public Key.";
};
};
});
@@ -692,29 +692,29 @@ in
default = null;
example = "f1d00200d8dc783f7fb1e10ace8da27f8312d72692abfca2f7e4960a73f48e82e1f7571f6ebfcee9fb434f9886ccc8fcc52a6614d8d2";
type = types.nullOr types.str;
- description = "The FIDO2 credential ID.";
+ description = lib.mdDoc "The FIDO2 credential ID.";
};
gracePeriod = mkOption {
default = 10;
type = types.int;
- description = "Time in seconds to wait for the FIDO2 key.";
+ description = lib.mdDoc "Time in seconds to wait for the FIDO2 key.";
};
passwordLess = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Defines whatever to use an empty string as a default salt.
- Enable only when your device is PIN protected, such as Trezor.
+ Enable only when your device is PIN protected, such as [Trezor](https://trezor.io/).
'';
};
};
yubikey = mkOption {
default = null;
- description = ''
+ description = lib.mdDoc ''
The options to use for this LUKS device in YubiKey-PBA.
If null (the default), YubiKey-PBA will be disabled for this device.
'';
@@ -724,37 +724,37 @@ in
twoFactor = mkOption {
default = true;
type = types.bool;
- description = "Whether to use a passphrase and a YubiKey (true), or only a YubiKey (false).";
+ description = lib.mdDoc "Whether to use a passphrase and a YubiKey (true), or only a YubiKey (false).";
};
slot = mkOption {
default = 2;
type = types.int;
- description = "Which slot on the YubiKey to challenge.";
+ description = lib.mdDoc "Which slot on the YubiKey to challenge.";
};
saltLength = mkOption {
default = 16;
type = types.int;
- description = "Length of the new salt in byte (64 is the effective maximum).";
+ description = lib.mdDoc "Length of the new salt in byte (64 is the effective maximum).";
};
keyLength = mkOption {
default = 64;
type = types.int;
- description = "Length of the LUKS slot key derived with PBKDF2 in byte.";
+ description = lib.mdDoc "Length of the LUKS slot key derived with PBKDF2 in byte.";
};
iterationStep = mkOption {
default = 0;
type = types.int;
- description = "How much the iteration count for PBKDF2 is increased at each successful authentication.";
+ description = lib.mdDoc "How much the iteration count for PBKDF2 is increased at each successful authentication.";
};
gracePeriod = mkOption {
default = 10;
type = types.int;
- description = "Time in seconds to wait for the YubiKey.";
+ description = lib.mdDoc "Time in seconds to wait for the YubiKey.";
};
/* TODO: Add to the documentation of the current module:
@@ -765,7 +765,7 @@ in
device = mkOption {
default = "/dev/sda1";
type = types.path;
- description = ''
+ description = lib.mdDoc ''
An unencrypted device that will temporarily be mounted in stage-1.
Must contain the current salt to create the challenge for this LUKS device.
'';
@@ -774,13 +774,13 @@ in
fsType = mkOption {
default = "vfat";
type = types.str;
- description = "The filesystem of the unencrypted device.";
+ description = lib.mdDoc "The filesystem of the unencrypted device.";
};
path = mkOption {
default = "/crypt-storage/default";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Absolute path of the salt on the unencrypted device with
that device's root directory as "/".
'';
@@ -797,7 +797,7 @@ in
mkdir -p /tmp/persistent
mount -t zfs rpool/safe/persistent /tmp/persistent
'';
- description = ''
+ description = lib.mdDoc ''
Commands that should be run right before we try to mount our LUKS device.
This can be useful, if the keys needed to open the drive is on another partion.
'';
@@ -809,7 +809,7 @@ in
example = ''
umount /tmp/persistent
'';
- description = ''
+ description = lib.mdDoc ''
Commands that should be run right after we have mounted our LUKS device.
'';
};
@@ -832,7 +832,7 @@ in
boot.initrd.luks.gpgSupport = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enables support for authenticating with a GPG encrypted password.
'';
};
@@ -840,7 +840,7 @@ in
boot.initrd.luks.yubikeySupport = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enables support for authenticating with a YubiKey on LUKS devices.
See the NixOS wiki for information on how to properly setup a LUKS device
and a YubiKey to work with this feature.
@@ -850,7 +850,7 @@ in
boot.initrd.luks.fido2Support = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enables support for authenticating with FIDO2 devices.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/modprobe.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/modprobe.nix
index 21be18ef866..4438afe4b3d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/modprobe.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/modprobe.nix
@@ -12,7 +12,7 @@ with lib;
type = types.listOf types.str;
default = [];
example = [ "cirrusfb" "i2c_piix4" ];
- description = ''
+ description = lib.mdDoc ''
List of names of kernel modules that should not be loaded
automatically by the hardware probing code.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/networkd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/networkd.nix
index 0336930b3ab..3511351443b 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/networkd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/networkd.nix
@@ -452,6 +452,7 @@ let
"AllMulticast"
"Unmanaged"
"RequiredForOnline"
+ "RequiredFamilyForOnline"
"ActivationPolicy"
])
(assertMacAddress "MACAddress")
@@ -471,6 +472,12 @@ let
"enslaved"
"routable"
]))
+ (assertValueOneOf "RequiredFamilyForOnline" [
+ "ipv4"
+ "ipv6"
+ "both"
+ "any"
+ ])
(assertValueOneOf "ActivationPolicy" ([
"up"
"always-up"
@@ -876,8 +883,8 @@ let
enable = mkOption {
default = true;
type = types.bool;
- description = ''
- Whether to manage network configuration using systemd-network.
+ description = lib.mdDoc ''
+ Whether to manage network configuration using {command}`systemd-network`.
'';
};
@@ -885,12 +892,12 @@ let
default = {};
example = { Name = "eth0"; };
type = types.attrsOf unitOption;
- description = ''
+ description = lib.mdDoc ''
Each attribute in this set specifies an option in the
- [Match] section of the unit. See
- systemd.link5
- systemd.netdev5
- systemd.network5
+ `[Match]` section of the unit. See
+ {manpage}`systemd.link(5)`
+ {manpage}`systemd.netdev(5)`
+ {manpage}`systemd.network(5)`
for details.
'';
};
@@ -898,7 +905,7 @@ let
extraConfig = mkOption {
default = "";
type = types.lines;
- description = "Extra configuration append to unit";
+ description = lib.mdDoc "Extra configuration append to unit";
};
};
@@ -945,8 +952,8 @@ let
enable = mkOption {
default = true;
type = types.bool;
- description = ''
- Whether to enable this .link unit. It's handled by udev no matter if systemd-networkd is enabled or not
+ description = lib.mdDoc ''
+ Whether to enable this .link unit. It's handled by udev no matter if {command}`systemd-networkd` is enabled or not
'';
};
@@ -1402,7 +1409,7 @@ let
name = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
The name of the network interface to match against.
'';
};
@@ -1410,7 +1417,7 @@ let
DHCP = mkOption {
type = types.nullOr types.str;
default = null;
- description = ''
+ description = lib.mdDoc ''
Whether to enable DHCP on the interfaces matched.
'';
};
@@ -1418,7 +1425,7 @@ let
domains = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
- description = ''
+ description = lib.mdDoc ''
A list of domains to pass to the network config.
'';
};
@@ -1605,7 +1612,7 @@ let
default = true;
example = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If true and routeTables are set, then the specified route tables
will also be installed into /etc/iproute2/rt_tables.
'';
@@ -1825,7 +1832,7 @@ in
systemd.network.enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable networkd or not.
'';
};
@@ -1833,25 +1840,25 @@ in
systemd.network.links = mkOption {
default = {};
type = with types; attrsOf (submodule [ { options = linkOptions; } ]);
- description = "Definition of systemd network links.";
+ description = lib.mdDoc "Definition of systemd network links.";
};
systemd.network.netdevs = mkOption {
default = {};
type = with types; attrsOf (submodule [ { options = netdevOptions; } ]);
- description = "Definition of systemd network devices.";
+ description = lib.mdDoc "Definition of systemd network devices.";
};
systemd.network.networks = mkOption {
default = {};
type = with types; attrsOf (submodule [ { options = networkOptions; } networkConfig ]);
- description = "Definition of systemd networks.";
+ description = lib.mdDoc "Definition of systemd networks.";
};
systemd.network.config = mkOption {
default = {};
type = with types; submodule [ { options = networkdOptions; } networkdConfig ];
- description = "Definition of global systemd network config.";
+ description = lib.mdDoc "Definition of global systemd network config.";
};
systemd.network.units = mkOption {
@@ -1869,7 +1876,7 @@ in
systemd.network.wait-online = {
anyInterface = mkOption {
- description = ''
+ description = lib.mdDoc ''
Whether to consider the network online when any interface is online, as opposed to all of them.
This is useful on portable machines with a wired and a wireless interface, for example.
'';
@@ -1878,7 +1885,7 @@ in
};
ignoredInterfaces = mkOption {
- description = ''
+ description = lib.mdDoc ''
Network interfaces to be ignored when deciding if the system is online.
'';
type = with types; listOf str;
@@ -1887,7 +1894,7 @@ in
};
timeout = mkOption {
- description = ''
+ description = lib.mdDoc ''
Time to wait for the network to come online, in seconds. Set to 0 to disable.
'';
type = types.ints.unsigned;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/plymouth.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/plymouth.nix
index 59037d4e6b4..366d6ee4328 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/plymouth.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/plymouth.nix
@@ -68,7 +68,7 @@ in
default = "${pkgs.dejavu_fonts.minimal}/share/fonts/truetype/DejaVuSans.ttf";
defaultText = literalExpression ''"''${pkgs.dejavu_fonts.minimal}/share/fonts/truetype/DejaVuSans.ttf"'';
type = types.path;
- description = ''
+ description = lib.mdDoc ''
Font file made available for displaying text on the splash screen.
'';
};
@@ -81,7 +81,7 @@ in
[ ].
'';
type = types.listOf types.package;
- description = ''
+ description = lib.mdDoc ''
Extra theme packages for plymouth.
'';
};
@@ -89,7 +89,7 @@ in
theme = mkOption {
default = "bgrt";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Splash screen theme.
'';
};
@@ -102,7 +102,7 @@ in
url = "https://nixos.org/logo/nixos-hires.png";
sha256 = "1ivzgd7iz0i06y36p8m5w48fd8pjqwxhdaavc0pxs7w1g7mcy5si";
}'';
- description = ''
+ description = lib.mdDoc ''
Logo which is displayed on the splash screen.
'';
};
@@ -110,8 +110,8 @@ in
extraConfig = mkOption {
type = types.lines;
default = "";
- description = ''
- Literal string to append to configFile
+ description = lib.mdDoc ''
+ Literal string to append to `configFile`
and the config file generated by the plymouth module.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/resolved.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/resolved.nix
index 21d3fab2f35..0ab2a875975 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/resolved.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/resolved.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
with lib;
let
@@ -15,7 +15,7 @@ in
services.resolved.enable = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the systemd DNS resolver daemon.
'';
};
@@ -24,7 +24,7 @@ in
default = [ ];
example = [ "8.8.8.8" "2001:4860:4860::8844" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
A list of IPv4 and IPv6 addresses to use as the fallback DNS servers.
If this option is empty, a compiled-in list of DNS servers is used instead.
'';
@@ -35,7 +35,7 @@ in
defaultText = literalExpression "config.networking.search";
example = [ "example.com" ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
A list of domains. These domains are used as search suffixes
when resolving single-label host names (domain names which
contain no dot), in order to qualify them into fully-qualified
@@ -43,7 +43,7 @@ in
For compatibility reasons, if this setting is not specified,
the search domains listed in
- /etc/resolv.conf are used instead, if
+ {file}`/etc/resolv.conf` are used instead, if
that file exists and any domains are configured in it.
'';
};
@@ -52,32 +52,14 @@ in
default = "true";
example = "false";
type = types.enum [ "true" "resolve" "false" ];
- description = ''
+ description = lib.mdDoc ''
Controls Link-Local Multicast Name Resolution support
(RFC 4795) on the local host.
If set to
-
-
-
- "true"
-
- Enables full LLMNR responder and resolver support.
-
-
-
- "false"
-
- Disables both.
-
-
-
- "resolve"
-
- Only resolution support is enabled, but responding is disabled.
-
-
-
+ - `"true"`: Enables full LLMNR responder and resolver support.
+ - `"false"`: Disables both.
+ - `"resolve"`: Only resolution support is enabled, but responding is disabled.
'';
};
@@ -85,21 +67,14 @@ in
default = "allow-downgrade";
example = "true";
type = types.enum [ "true" "allow-downgrade" "false" ];
- description = ''
+ description = lib.mdDoc ''
If set to
-
-
- "true"
-
+ - `"true"`:
all DNS lookups are DNSSEC-validated locally (excluding
LLMNR and Multicast DNS). Note that this mode requires a
DNS server that supports DNSSEC. If the DNS server does
not properly support DNSSEC all validations will fail.
-
-
-
- "allow-downgrade"
-
+ - `"allow-downgrade"`:
DNSSEC validation is attempted, but if the server does not
support DNSSEC properly, DNSSEC mode is automatically
disabled. Note that this mode makes DNSSEC validation
@@ -107,22 +82,14 @@ in
be able to trigger a downgrade to non-DNSSEC mode by
synthesizing a DNS response that suggests DNSSEC was not
supported.
-
-
-
- "false"
-
- DNS lookups are not DNSSEC validated.
-
-
-
+ - `"false"`: DNS lookups are not DNSSEC validated.
'';
};
services.resolved.extraConfig = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Extra config to append to resolved.conf.
'';
};
@@ -178,6 +145,8 @@ in
# If networkmanager is enabled, ask it to interface with resolved.
networking.networkmanager.dns = "systemd-resolved";
+ networking.resolvconf.package = pkgs.systemd;
+
};
}
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/stage-1.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/stage-1.nix
index e35ccff2907..f3b9d798f61 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/stage-1.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/stage-1.nix
@@ -488,7 +488,7 @@ in
type = types.bool;
default = !config.boot.isContainer;
defaultText = literalExpression "!config.boot.isContainer";
- description = ''
+ description = lib.mdDoc ''
Whether to enable the NixOS initial RAM disk (initrd). This may be
needed to perform some initialisation tasks (like mounting
network/encrypted file systems) before continuing the boot process.
@@ -502,11 +502,11 @@ in
options = {
source = mkOption {
type = types.package;
- description = "The object to make available inside the initrd.";
+ description = lib.mdDoc "The object to make available inside the initrd.";
};
};
});
- description = ''
+ description = lib.mdDoc ''
Extra files to link and copy in to the initrd.
'';
};
@@ -514,7 +514,7 @@ in
boot.initrd.prepend = mkOption {
default = [ ];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Other initrd files to prepend to the final initrd we are building.
'';
};
@@ -522,15 +522,15 @@ in
boot.initrd.checkJournalingFS = mkOption {
default = true;
type = types.bool;
- description = ''
- Whether to run fsck on journaling filesystems such as ext3.
+ description = lib.mdDoc ''
+ Whether to run {command}`fsck` on journaling filesystems such as ext3.
'';
};
boot.initrd.preLVMCommands = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to be executed immediately before LVM discovery.
'';
};
@@ -538,7 +538,7 @@ in
boot.initrd.preDeviceCommands = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to be executed before udev is started to create
device nodes.
'';
@@ -547,17 +547,17 @@ in
boot.initrd.postDeviceCommands = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to be executed immediately after stage 1 of the
boot has loaded kernel modules and created device nodes in
- /dev.
+ {file}`/dev`.
'';
};
boot.initrd.postMountCommands = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to be executed immediately after the stage 1
filesystems have been mounted.
'';
@@ -566,7 +566,7 @@ in
boot.initrd.preFailCommands = mkOption {
default = "";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to be executed before the failure prompt is shown.
'';
};
@@ -630,14 +630,14 @@ in
boot.initrd.compressorArgs = mkOption {
default = null;
type = types.nullOr (types.listOf types.str);
- description = "Arguments to pass to the compressor for the initrd image, or null to use the compressor's defaults.";
+ description = lib.mdDoc "Arguments to pass to the compressor for the initrd image, or null to use the compressor's defaults.";
};
boot.initrd.secrets = mkOption
{ default = {};
type = types.attrsOf (types.nullOr types.path);
description =
- ''
+ lib.mdDoc ''
Secrets to append to the initrd. The attribute name is the
path the secret should have inside the initrd, the value
is the path it should be copied from (or null for the same
@@ -655,7 +655,7 @@ in
default = [ ];
example = [ "btrfs" ];
type = types.listOf types.str;
- description = "Names of supported filesystem types in the initial ramdisk.";
+ description = lib.mdDoc "Names of supported filesystem types in the initial ramdisk.";
};
boot.initrd.verbose = mkOption {
@@ -692,12 +692,12 @@ in
options.neededForBoot = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
If set, this file system will be mounted in the initial ramdisk.
Note that the file system will always be mounted in the initial
ramdisk if its mount point is one of the following:
${concatStringsSep ", " (
- forEach utils.pathsNeededForBoot (i: "${i}")
+ forEach utils.pathsNeededForBoot (i: "{file}`${i}`")
)}.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/stage-2.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/stage-2.nix
index f6461daf311..6b4193ea296 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/stage-2.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/stage-2.nix
@@ -37,7 +37,7 @@ in
default = "";
example = "rm -f /var/log/messages";
type = types.lines;
- description = ''
+ description = lib.mdDoc ''
Shell commands to be executed just before systemd is started.
'';
};
@@ -45,7 +45,7 @@ in
systemdExecutable = mkOption {
default = "/run/current-system/systemd/lib/systemd/systemd";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
The program to execute to start systemd.
'';
};
@@ -53,7 +53,7 @@ in
extraSystemdUnitPaths = mkOption {
default = [];
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
Additional paths that get appended to the SYSTEMD_UNIT_PATH environment variable
that can contain mutable unit files.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd.nix
index 645fbc2b713..c7b62871eb4 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd.nix
@@ -177,11 +177,11 @@ in
default = pkgs.systemd;
defaultText = literalExpression "pkgs.systemd";
type = types.package;
- description = "The systemd package.";
+ description = lib.mdDoc "The systemd package.";
};
systemd.units = mkOption {
- description = "Definition of systemd units.";
+ description = lib.mdDoc "Definition of systemd units.";
default = {};
type = systemdUtils.types.units;
};
@@ -190,43 +190,43 @@ in
default = [];
type = types.listOf types.package;
example = literalExpression "[ pkgs.systemd-cryptsetup-generator ]";
- description = "Packages providing systemd units and hooks.";
+ description = lib.mdDoc "Packages providing systemd units and hooks.";
};
systemd.targets = mkOption {
default = {};
type = systemdUtils.types.targets;
- description = "Definition of systemd target units.";
+ description = lib.mdDoc "Definition of systemd target units.";
};
systemd.services = mkOption {
default = {};
type = systemdUtils.types.services;
- description = "Definition of systemd service units.";
+ description = lib.mdDoc "Definition of systemd service units.";
};
systemd.sockets = mkOption {
default = {};
type = systemdUtils.types.sockets;
- description = "Definition of systemd socket units.";
+ description = lib.mdDoc "Definition of systemd socket units.";
};
systemd.timers = mkOption {
default = {};
type = systemdUtils.types.timers;
- description = "Definition of systemd timer units.";
+ description = lib.mdDoc "Definition of systemd timer units.";
};
systemd.paths = mkOption {
default = {};
type = systemdUtils.types.paths;
- description = "Definition of systemd path units.";
+ description = lib.mdDoc "Definition of systemd path units.";
};
systemd.mounts = mkOption {
default = [];
type = systemdUtils.types.mounts;
- description = ''
+ description = lib.mdDoc ''
Definition of systemd mount units.
This is a list instead of an attrSet, because systemd mandates the names to be derived from
the 'where' attribute.
@@ -236,7 +236,7 @@ in
systemd.automounts = mkOption {
default = [];
type = systemdUtils.types.automounts;
- description = ''
+ description = lib.mdDoc ''
Definition of systemd automount units.
This is a list instead of an attrSet, because systemd mandates the names to be derived from
the 'where' attribute.
@@ -246,41 +246,41 @@ in
systemd.slices = mkOption {
default = {};
type = systemdUtils.types.slices;
- description = "Definition of slice configurations.";
+ description = lib.mdDoc "Definition of slice configurations.";
};
systemd.generators = mkOption {
type = types.attrsOf types.path;
default = {};
example = { systemd-gpt-auto-generator = "/dev/null"; };
- description = ''
+ description = lib.mdDoc ''
Definition of systemd generators.
- For each NAME = VALUE pair of the attrSet, a link is generated from
- /etc/systemd/system-generators/NAME to VALUE.
+ For each `NAME = VALUE` pair of the attrSet, a link is generated from
+ `/etc/systemd/system-generators/NAME` to `VALUE`.
'';
};
systemd.shutdown = mkOption {
type = types.attrsOf types.path;
default = {};
- description = ''
+ description = lib.mdDoc ''
Definition of systemd shutdown executables.
- For each NAME = VALUE pair of the attrSet, a link is generated from
- /etc/systemd/system-shutdown/NAME to VALUE.
+ For each `NAME = VALUE` pair of the attrSet, a link is generated from
+ `/etc/systemd/system-shutdown/NAME` to `VALUE`.
'';
};
systemd.defaultUnit = mkOption {
default = "multi-user.target";
type = types.str;
- description = "Default unit started when the system boots.";
+ description = lib.mdDoc "Default unit started when the system boots.";
};
systemd.ctrlAltDelUnit = mkOption {
default = "reboot.target";
type = types.str;
example = "poweroff.target";
- description = ''
+ description = lib.mdDoc ''
Target that should be started when Ctrl-Alt-Delete is pressed.
'';
};
@@ -289,8 +289,8 @@ in
type = with types; attrsOf (nullOr (oneOf [ str path package ]));
default = {};
example = { TZ = "CET"; };
- description = ''
- Environment variables passed to all systemd units.
+ description = lib.mdDoc ''
+ Environment variables passed to *all* systemd units.
'';
};
@@ -298,16 +298,16 @@ in
type = with types; attrsOf (nullOr (oneOf [ str path package ]));
default = {};
example = { SYSTEMD_LOG_LEVEL = "debug"; };
- description = ''
+ description = lib.mdDoc ''
Environment variables of PID 1. These variables are
- not passed to started units.
+ *not* passed to started units.
'';
};
systemd.enableCgroupAccounting = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable cgroup accounting.
'';
};
@@ -315,7 +315,7 @@ in
systemd.enableUnifiedCgroupHierarchy = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the unified cgroup hierarchy (cgroupsv2).
'';
};
@@ -324,7 +324,7 @@ in
default = "";
type = types.lines;
example = "DefaultLimitCORE=infinity";
- description = ''
+ description = lib.mdDoc ''
Extra config options for systemd. See man systemd-system.conf for
available options.
'';
@@ -334,7 +334,7 @@ in
default = "";
type = types.lines;
example = "HibernateDelaySec=1h";
- description = ''
+ description = lib.mdDoc ''
Extra config options for systemd sleep state logic.
See sleep.conf.d(5) man page for available options.
'';
@@ -344,7 +344,7 @@ in
default = [ ];
type = types.listOf types.str;
example = [ "debug-shell.service" "systemd-quotacheck.service" ];
- description = ''
+ description = lib.mdDoc ''
Additional units shipped with systemd that shall be enabled.
'';
};
@@ -353,10 +353,10 @@ in
default = [ ];
type = types.listOf types.str;
example = [ "systemd-backlight@.service" ];
- description = ''
+ description = lib.mdDoc ''
A list of units to skip when generating system systemd configuration directory. This has
- priority over upstream units, , and
- . The main purpose of this is to
+ priority over upstream units, {option}`systemd.units`, and
+ {option}`systemd.additionalUpstreamSystemUnits`. The main purpose of this is to
prevent a upstream systemd unit from being added to the initrd with any modifications made to it
by other NixOS modules.
'';
@@ -366,7 +366,7 @@ in
type = types.nullOr types.path;
default = null;
example = "/dev/watchdog";
- description = ''
+ description = lib.mdDoc ''
The path to a hardware watchdog device which will be managed by systemd.
If not specified, systemd will default to /dev/watchdog.
'';
@@ -376,7 +376,7 @@ in
type = types.nullOr types.str;
default = null;
example = "30s";
- description = ''
+ description = lib.mdDoc ''
The amount of time which can elapse before a watchdog hardware device
will automatically reboot the system. Valid time units include "ms",
"s", "min", "h", "d", and "w".
@@ -387,7 +387,7 @@ in
type = types.nullOr types.str;
default = null;
example = "10m";
- description = ''
+ description = lib.mdDoc ''
The amount of time which can elapse after a reboot has been triggered
before a watchdog hardware device will automatically reboot the system.
Valid time units include "ms", "s", "min", "h", "d", and "w".
@@ -398,7 +398,7 @@ in
type = types.nullOr types.str;
default = null;
example = "10m";
- description = ''
+ description = lib.mdDoc ''
The amount of time which can elapse when kexec is being executed before
a watchdog hardware device will automatically reboot the system. This
option should only be enabled if reloadTime is also enabled. Valid
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/coredump.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/coredump.nix
index b6ee2cff1f9..ea4f9f79b8d 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/coredump.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/coredump.nix
@@ -10,9 +10,9 @@ in {
systemd.coredump.enable = mkOption {
default = true;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether core dumps should be processed by
- systemd-coredump. If disabled, core dumps
+ {command}`systemd-coredump`. If disabled, core dumps
appear in the current directory of the crashing process.
'';
};
@@ -21,7 +21,7 @@ in {
default = "";
type = types.lines;
example = "Storage=journal";
- description = ''
+ description = lib.mdDoc ''
Extra config options for systemd-coredump. See coredump.conf(5) man page
for available options.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/initrd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/initrd.nix
index cdec7f53291..88e2bf9ac70 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/initrd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/initrd.nix
@@ -150,7 +150,7 @@ in {
};
contents = mkOption {
- description = "Set of files that have to be linked into the initrd";
+ description = lib.mdDoc "Set of files that have to be linked into the initrd";
example = literalExpression ''
{
"/etc/hostname".text = "mymachine";
@@ -162,7 +162,7 @@ in {
};
storePaths = mkOption {
- description = ''
+ description = lib.mdDoc ''
Store paths to copy into the initrd as well.
'';
type = with types; listOf (oneOf [ singleLineStr package ]);
@@ -170,7 +170,7 @@ in {
};
extraBin = mkOption {
- description = ''
+ description = lib.mdDoc ''
Tools to add to /bin
'';
example = literalExpression ''
@@ -183,7 +183,7 @@ in {
};
suppressedStorePaths = mkOption {
- description = ''
+ description = lib.mdDoc ''
Store paths specified in the storePaths option that
should not be copied.
'';
@@ -192,9 +192,9 @@ in {
};
emergencyAccess = mkOption {
- type = with types; oneOf [ bool singleLineStr ];
+ type = with types; oneOf [ bool (nullOr (passwdEntry str)) ];
visible = false;
- description = ''
+ description = lib.mdDoc ''
Set to true for unauthenticated emergency access, and false for
no emergency access.
@@ -208,7 +208,7 @@ in {
type = types.listOf types.package;
default = [];
visible = false;
- description = ''
+ description = lib.mdDoc ''
Packages to include in /bin for the stage 1 emergency shell.
'';
};
@@ -218,7 +218,7 @@ in {
type = types.listOf types.str;
visible = false;
example = [ "debug-shell.service" "systemd-quotacheck.service" ];
- description = ''
+ description = lib.mdDoc ''
Additional units shipped with systemd that shall be enabled.
'';
};
@@ -228,17 +228,17 @@ in {
type = types.listOf types.str;
example = [ "systemd-backlight@.service" ];
visible = false;
- description = ''
+ description = lib.mdDoc ''
A list of units to skip when generating system systemd configuration directory. This has
- priority over upstream units, , and
- . The main purpose of this is to
+ priority over upstream units, {option}`boot.initrd.systemd.units`, and
+ {option}`boot.initrd.systemd.additionalUpstreamUnits`. The main purpose of this is to
prevent a upstream systemd unit from being added to the initrd with any modifications made to it
by other NixOS modules.
'';
};
units = mkOption {
- description = "Definition of systemd units.";
+ description = lib.mdDoc "Definition of systemd units.";
default = {};
visible = false;
type = systemdUtils.types.units;
@@ -249,49 +249,49 @@ in {
visible = false;
type = types.listOf types.package;
example = literalExpression "[ pkgs.systemd-cryptsetup-generator ]";
- description = "Packages providing systemd units and hooks.";
+ description = lib.mdDoc "Packages providing systemd units and hooks.";
};
targets = mkOption {
default = {};
visible = false;
type = systemdUtils.types.initrdTargets;
- description = "Definition of systemd target units.";
+ description = lib.mdDoc "Definition of systemd target units.";
};
services = mkOption {
default = {};
type = systemdUtils.types.initrdServices;
visible = false;
- description = "Definition of systemd service units.";
+ description = lib.mdDoc "Definition of systemd service units.";
};
sockets = mkOption {
default = {};
type = systemdUtils.types.initrdSockets;
visible = false;
- description = "Definition of systemd socket units.";
+ description = lib.mdDoc "Definition of systemd socket units.";
};
timers = mkOption {
default = {};
type = systemdUtils.types.initrdTimers;
visible = false;
- description = "Definition of systemd timer units.";
+ description = lib.mdDoc "Definition of systemd timer units.";
};
paths = mkOption {
default = {};
type = systemdUtils.types.initrdPaths;
visible = false;
- description = "Definition of systemd path units.";
+ description = lib.mdDoc "Definition of systemd path units.";
};
mounts = mkOption {
default = [];
type = systemdUtils.types.initrdMounts;
visible = false;
- description = ''
+ description = lib.mdDoc ''
Definition of systemd mount units.
This is a list instead of an attrSet, because systemd mandates the names to be derived from
the 'where' attribute.
@@ -302,7 +302,7 @@ in {
default = [];
type = systemdUtils.types.automounts;
visible = false;
- description = ''
+ description = lib.mdDoc ''
Definition of systemd automount units.
This is a list instead of an attrSet, because systemd mandates the names to be derived from
the 'where' attribute.
@@ -313,7 +313,7 @@ in {
default = {};
type = systemdUtils.types.slices;
visible = false;
- description = "Definition of slice configurations.";
+ description = lib.mdDoc "Definition of slice configurations.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/journald.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/journald.nix
index 7e14c8ae407..773163bbcb8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/journald.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/journald.nix
@@ -9,13 +9,13 @@ in {
services.journald.console = mkOption {
default = "";
type = types.str;
- description = "If non-empty, write log messages to the specified TTY device.";
+ description = lib.mdDoc "If non-empty, write log messages to the specified TTY device.";
};
services.journald.rateLimitInterval = mkOption {
default = "30s";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Configures the rate limiting interval that is applied to all
messages generated on the system. This rate limiting is applied
per-service, so that two services which log do not interfere with
@@ -23,7 +23,7 @@ in {
units: s, min, h, ms, us. To turn off any kind of rate limiting,
set either value to 0.
- See for important
+ See {option}`services.journald.rateLimitBurst` for important
considerations when setting this value.
'';
};
@@ -31,7 +31,7 @@ in {
services.journald.rateLimitBurst = mkOption {
default = 10000;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
Configures the rate limiting burst limit (number of messages per
interval) that is applied to all messages generated on the system.
This rate limiting is applied per-service, so that two services
@@ -39,11 +39,11 @@ in {
Note that the effective rate limit is multiplied by a factor derived
from the available free disk space for the journal as described on
-
- journald.conf(5).
+ [
+ journald.conf(5)](https://www.freedesktop.org/software/systemd/man/journald.conf.html).
Note that the total amount of logs stored is limited by journald settings
- such as SystemMaxUse, which defaults to a 4 GB cap.
+ such as `SystemMaxUse`, which defaults to a 4 GB cap.
It is thus recommended to compute what period of time that you will be
able to store logs for when an application logs at full burst rate.
@@ -56,7 +56,7 @@ in {
default = "";
type = types.lines;
example = "Storage=volatile";
- description = ''
+ description = lib.mdDoc ''
Extra config options for systemd-journald. See man journald.conf
for available options.
'';
@@ -65,7 +65,7 @@ in {
services.journald.enableHttpGateway = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to enable the HTTP gateway to the journal.
'';
};
@@ -74,7 +74,7 @@ in {
default = config.services.rsyslogd.enable || config.services.syslog-ng.enable;
defaultText = literalExpression "services.rsyslogd.enable || services.syslog-ng.enable";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Whether to forward log messages to syslog.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/logind.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/logind.nix
index 97ac588bce1..cb8fc448a9e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/logind.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/logind.nix
@@ -16,10 +16,10 @@ in
default = "";
type = types.lines;
example = "IdleAction=lock";
- description = ''
+ description = lib.mdDoc ''
Extra config options for systemd-logind. See
-
- logind.conf(5) for available options.
+ [
+ logind.conf(5)](https://www.freedesktop.org/software/systemd/man/logind.conf.html) for available options.
'';
};
@@ -46,7 +46,7 @@ in
example = "ignore";
type = logindHandlerType;
- description = ''
+ description = lib.mdDoc ''
Specifies what to be done when the laptop lid is closed.
'';
};
@@ -56,7 +56,7 @@ in
example = "suspend";
type = logindHandlerType;
- description = ''
+ description = lib.mdDoc ''
Specifies what to be done when the laptop lid is closed
and another screen is added.
'';
@@ -68,7 +68,7 @@ in
example = "ignore";
type = logindHandlerType;
- description = ''
+ description = lib.mdDoc ''
Specifies what to do when the laptop lid is closed and the system is
on external power. By default use the same action as specified in
services.logind.lidSwitch.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/nspawn.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/nspawn.nix
index da03c60db52..c17dc951cc5 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/nspawn.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/nspawn.nix
@@ -107,7 +107,7 @@ in {
systemd.nspawn = mkOption {
default = {};
type = with types; attrsOf (submodule instanceOptions);
- description = "Definition of systemd-nspawn configurations.";
+ description = lib.mdDoc "Definition of systemd-nspawn configurations.";
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/shutdown.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/shutdown.nix
index ca4cdf827d9..cb257dce6f0 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/shutdown.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/shutdown.nix
@@ -11,7 +11,7 @@ in {
options.systemd.shutdownRamfs = {
enable = lib.mkEnableOption "pivoting back to an initramfs for shutdown" // { default = true; };
contents = lib.mkOption {
- description = "Set of files that have to be linked into the shutdown ramfs";
+ description = lib.mdDoc "Set of files that have to be linked into the shutdown ramfs";
example = lib.literalExpression ''
{
"/lib/systemd/system-shutdown/zpool-sync-shutdown".source = writeShellScript "zpool" "exec ''${zfs}/bin/zpool sync"
@@ -21,7 +21,7 @@ in {
};
storePaths = lib.mkOption {
- description = ''
+ description = lib.mdDoc ''
Store paths to copy into the shutdown ramfs as well.
'';
type = lib.types.listOf lib.types.singleLineStr;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/tmpfiles.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/tmpfiles.nix
index 97d60e9d652..eaa0ddf6387 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/tmpfiles.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/tmpfiles.nix
@@ -12,10 +12,10 @@ in
type = types.listOf types.str;
default = [];
example = [ "d /tmp 1777 root root 10d" ];
- description = ''
+ description = lib.mdDoc ''
Rules for creation, deletion and cleaning of volatile and temporary files
automatically. See
- tmpfiles.d5
+ {manpage}`tmpfiles.d(5)`
for the exact format.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/user.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/user.nix
index 4951aef9558..3200a58d73c 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/user.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/systemd/user.nix
@@ -14,6 +14,7 @@ let
generateUnits
targetToUnit
serviceToUnit
+ sliceToUnit
socketToUnit
timerToUnit
pathToUnit;
@@ -44,14 +45,14 @@ in {
default = "";
type = types.lines;
example = "DefaultCPUAccounting=yes";
- description = ''
+ description = lib.mdDoc ''
Extra config options for systemd user instances. See man systemd-user.conf for
available options.
'';
};
systemd.user.units = mkOption {
- description = "Definition of systemd per-user units.";
+ description = lib.mdDoc "Definition of systemd per-user units.";
default = {};
type = systemdUtils.types.units;
};
@@ -59,37 +60,37 @@ in {
systemd.user.paths = mkOption {
default = {};
type = systemdUtils.types.paths;
- description = "Definition of systemd per-user path units.";
+ description = lib.mdDoc "Definition of systemd per-user path units.";
};
systemd.user.services = mkOption {
default = {};
type = systemdUtils.types.services;
- description = "Definition of systemd per-user service units.";
+ description = lib.mdDoc "Definition of systemd per-user service units.";
};
systemd.user.slices = mkOption {
default = {};
type = systemdUtils.types.slices;
- description = "Definition of systemd per-user slice units.";
+ description = lib.mdDoc "Definition of systemd per-user slice units.";
};
systemd.user.sockets = mkOption {
default = {};
type = systemdUtils.types.sockets;
- description = "Definition of systemd per-user socket units.";
+ description = lib.mdDoc "Definition of systemd per-user socket units.";
};
systemd.user.targets = mkOption {
default = {};
type = systemdUtils.types.targets;
- description = "Definition of systemd per-user target units.";
+ description = lib.mdDoc "Definition of systemd per-user target units.";
};
systemd.user.timers = mkOption {
default = {};
type = systemdUtils.types.timers;
- description = "Definition of systemd per-user timer units.";
+ description = lib.mdDoc "Definition of systemd per-user timer units.";
};
systemd.additionalUpstreamUserUnits = mkOption {
@@ -144,6 +145,10 @@ in {
{ # Ensure that pam_systemd gets included. This is special-cased
# in systemd to provide XDG_RUNTIME_DIR.
startSession = true;
+ # Disable pam_mount in systemd-user to prevent it from being called
+ # multiple times during login, because it will prevent pam_mount from
+ # unmounting the previously mounted volumes.
+ pamMount = false;
};
# Some overrides to upstream units.
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/timesyncd.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/timesyncd.nix
index 6279957fcd6..a6604802c38 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/timesyncd.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/timesyncd.nix
@@ -11,7 +11,7 @@ with lib;
default = !config.boot.isContainer;
defaultText = literalExpression "!config.boot.isContainer";
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Enables the systemd NTP client daemon.
'';
};
@@ -19,7 +19,7 @@ with lib;
default = config.networking.timeServers;
defaultText = literalExpression "config.networking.timeServers";
type = types.listOf types.str;
- description = ''
+ description = lib.mdDoc ''
The set of NTP servers from which to synchronise.
'';
};
@@ -29,10 +29,10 @@ with lib;
example = ''
PollIntervalMaxSec=180
'';
- description = ''
+ description = lib.mdDoc ''
Extra config options for systemd-timesyncd. See
-
- timesyncd.conf(5) for available options.
+ [
+ timesyncd.conf(5)](https://www.freedesktop.org/software/systemd/man/timesyncd.conf.html) for available options.
'';
};
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/tmp.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/tmp.nix
index cf6d19eb5f0..1f9431710ae 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/tmp.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/boot/tmp.nix
@@ -14,23 +14,23 @@ in
boot.cleanTmpDir = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to delete all files in /tmp during boot.
+ description = lib.mdDoc ''
+ Whether to delete all files in {file}`/tmp` during boot.
'';
};
boot.tmpOnTmpfs = mkOption {
type = types.bool;
default = false;
- description = ''
- Whether to mount a tmpfs on /tmp during boot.
+ description = lib.mdDoc ''
+ Whether to mount a tmpfs on {file}`/tmp` during boot.
'';
};
boot.tmpOnTmpfsSize = mkOption {
type = types.oneOf [ types.str types.types.ints.positive ];
default = "50%";
- description = ''
+ description = lib.mdDoc ''
Size of tmpfs in percentage.
Percentage is defined by systemd.
'';
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/build.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/build.nix
index 58dc3f0d411..41c0258a5a3 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/build.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/build.nix
@@ -7,7 +7,7 @@ in
system.build = mkOption {
default = {};
- description = ''
+ description = lib.mdDoc ''
Attribute set of derivations used to set up the system.
'';
type = types.submoduleWith {
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/etc/etc.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/etc/etc.nix
index ed552fecec5..cfb9c39458e 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/system/etc/etc.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/system/etc/etc.nix
@@ -82,8 +82,8 @@ in
"default/useradd".text = "GROUP=100 ...";
}
'';
- description = ''
- Set of files that have to be linked in /etc.
+ description = lib.mdDoc ''
+ Set of files that have to be linked in {file}`/etc`.
'';
type = with types; attrsOf (submodule (
@@ -93,7 +93,7 @@ in
enable = mkOption {
type = types.bool;
default = true;
- description = ''
+ description = lib.mdDoc ''
Whether this /etc file should be generated. This
option allows specific /etc files to be disabled.
'';
@@ -101,9 +101,9 @@ in
target = mkOption {
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Name of symlink (relative to
- /etc). Defaults to the attribute
+ {file}`/etc`). Defaults to the attribute
name.
'';
};
@@ -111,20 +111,20 @@ in
text = mkOption {
default = null;
type = types.nullOr types.lines;
- description = "Text of the file.";
+ description = lib.mdDoc "Text of the file.";
};
source = mkOption {
type = types.path;
- description = "Path of the source file.";
+ description = lib.mdDoc "Path of the source file.";
};
mode = mkOption {
type = types.str;
default = "symlink";
example = "0600";
- description = ''
- If set to something else than symlink,
+ description = lib.mdDoc ''
+ If set to something else than `symlink`,
the file is copied instead of symlinked, with the given
file mode.
'';
@@ -133,7 +133,7 @@ in
uid = mkOption {
default = 0;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
UID of created file. Only takes effect when the file is
copied (that is, the mode is not 'symlink').
'';
@@ -142,7 +142,7 @@ in
gid = mkOption {
default = 0;
type = types.int;
- description = ''
+ description = lib.mdDoc ''
GID of created file. Only takes effect when the file is
copied (that is, the mode is not 'symlink').
'';
@@ -151,20 +151,20 @@ in
user = mkOption {
default = "+${toString config.uid}";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
User name of created file.
Only takes effect when the file is copied (that is, the mode is not 'symlink').
- Changing this option takes precedence over uid.
+ Changing this option takes precedence over `uid`.
'';
};
group = mkOption {
default = "+${toString config.gid}";
type = types.str;
- description = ''
+ description = lib.mdDoc ''
Group name of created file.
Only takes effect when the file is copied (that is, the mode is not 'symlink').
- Changing this option takes precedence over gid.
+ Changing this option takes precedence over `gid`.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/auto-upgrade.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/auto-upgrade.nix
index 21a25cbfa96..46a30c53ea8 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/auto-upgrade.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/auto-upgrade.nix
@@ -13,21 +13,32 @@ in {
enable = mkOption {
type = types.bool;
default = false;
- description = ''
+ description = lib.mdDoc ''
Whether to periodically upgrade NixOS to the latest
version. If enabled, a systemd timer will run
- nixos-rebuild switch --upgrade once a
+ `nixos-rebuild switch --upgrade` once a
day.
'';
};
+ operation = mkOption {
+ type = types.enum ["switch" "boot"];
+ default = "switch";
+ example = "boot";
+ description = ''
+ Whether to run
+ nixos-rebuild switch --upgrade or run
+ nixos-rebuild boot --upgrade
+ '';
+ };
+
flake = mkOption {
type = types.nullOr types.str;
default = null;
example = "github:kloenk/nix";
- description = ''
+ description = lib.mdDoc ''
The Flake URI of the NixOS configuration to build.
- Disables the option .
+ Disables the option {option}`system.autoUpgrade.channel`.
'';
};
@@ -53,11 +64,11 @@ in {
"extra-binary-caches"
"http://my-cache.example.org/"
];
- description = ''
- Any additional flags passed to nixos-rebuild.
+ description = lib.mdDoc ''
+ Any additional flags passed to {command}`nixos-rebuild`.
If you are using flakes and use a local repo you can add
- [ "--update-input" "nixpkgs" "--commit-lock-file" ]
+ {command}`[ "--update-input" "nixpkgs" "--commit-lock-file" ]`
to update nixpkgs.
'';
};
@@ -79,11 +90,11 @@ in {
allowReboot = mkOption {
default = false;
type = types.bool;
- description = ''
+ description = lib.mdDoc ''
Reboot the system into the new generation instead of a switch
if the new generation uses a different kernel, kernel modules
or initrd than the booted system.
- See for configuring the times at which a reboot is allowed.
+ See {option}`rebootWindow` for configuring the times at which a reboot is allowed.
'';
};
@@ -101,24 +112,24 @@ in {
};
rebootWindow = mkOption {
- description = ''
+ description = lib.mdDoc ''
Define a lower and upper time value (in HH:MM format) which
constitute a time window during which reboots are allowed after an upgrade.
- This option only has an effect when is enabled.
- The default value of null means that reboots are allowed at any time.
+ This option only has an effect when {option}`allowReboot` is enabled.
+ The default value of `null` means that reboots are allowed at any time.
'';
default = null;
example = { lower = "01:00"; upper = "05:00"; };
type = with types; nullOr (submodule {
options = {
lower = mkOption {
- description = "Lower limit of the reboot window";
+ description = lib.mdDoc "Lower limit of the reboot window";
type = types.strMatching "[[:digit:]]{2}:[[:digit:]]{2}";
example = "01:00";
};
upper = mkOption {
- description = "Upper limit of the reboot window";
+ description = lib.mdDoc "Upper limit of the reboot window";
type = types.strMatching "[[:digit:]]{2}:[[:digit:]]{2}";
example = "05:00";
};
@@ -130,7 +141,7 @@ in {
default = true;
type = types.bool;
example = false;
- description = ''
+ description = lib.mdDoc ''
Takes a boolean argument. If true, the time when the service
unit was last triggered is stored on disk. When the timer is
activated, the service unit is triggered immediately if it
@@ -223,7 +234,7 @@ in {
''}
if [ "''${booted}" = "''${built}" ]; then
- ${nixos-rebuild} switch ${toString cfg.flags}
+ ${nixos-rebuild} ${cfg.operation} ${toString cfg.flags}
${optionalString (cfg.rebootWindow != null) ''
elif [ "''${do_reboot}" != true ]; then
echo "Outside of configured reboot window, skipping."
@@ -232,7 +243,7 @@ in {
${shutdown} -r +1
fi
'' else ''
- ${nixos-rebuild} switch ${toString (cfg.flags ++ upgradeFlag)}
+ ${nixos-rebuild} ${cfg.operation} ${toString (cfg.flags ++ upgradeFlag)}
'';
startAt = cfg.dates;
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/cpu-freq.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/cpu-freq.nix
index f1219c07c50..6869ef8b791 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/cpu-freq.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/cpu-freq.nix
@@ -18,7 +18,7 @@ in
type = types.nullOr types.str;
default = null;
example = "ondemand";
- description = ''
+ description = lib.mdDoc ''
Configure the governor used to regulate the frequency of the
available CPUs. By default, the kernel configures the
performance governor, although this may be overwritten in your
@@ -34,7 +34,7 @@ in
type = types.nullOr types.ints.unsigned;
default = null;
example = 2200000;
- description = ''
+ description = lib.mdDoc ''
The maximum frequency the CPU will use. Defaults to the maximum possible.
'';
};
@@ -43,7 +43,7 @@ in
type = types.nullOr types.ints.unsigned;
default = null;
example = 800000;
- description = ''
+ description = lib.mdDoc ''
The minimum frequency the CPU will use.
'';
};
diff --git a/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/encrypted-devices.nix b/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/encrypted-devices.nix
index 06117d19af4..7837a34b498 100644
--- a/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/encrypted-devices.nix
+++ b/infra/libkookie/nixpkgs/unstable/nixos/modules/tasks/encrypted-devices.nix
@@ -16,33 +16,33 @@ let
enable = mkOption {
default = false;
type = types.bool;
- description = "The block device is backed by an encrypted one, adds this device as a initrd luks entry.";
+ description = lib.mdDoc "The block device is backed by an encrypted one, adds this device as a initrd luks entry.";
};
blkDev = mkOption {
default = null;
example = "/dev/sda1";
type = types.nullOr types.str;
- description = "Location of the backing encrypted device.";
+ description = lib.mdDoc "Location of the backing encrypted device.";
};
label = mkOption {
default = null;
example = "rootfs";
type = types.nullOr types.str;
- description = "Label of the unlocked encrypted device. Set fileSystems.<name?>.device to /dev/mapper/<label> to mount the unlocked device.";
+ description = lib.mdDoc "Label of the unlocked encrypted device. Set `fileSystems..device` to `/dev/mapper/