diff --git a/nixos/doc/manual/administration/service-mgmt.chapter.md b/nixos/doc/manual/administration/service-mgmt.chapter.md index 8b64e4823c6e..375e4dc7d504 100644 --- a/nixos/doc/manual/administration/service-mgmt.chapter.md +++ b/nixos/doc/manual/administration/service-mgmt.chapter.md @@ -126,17 +126,19 @@ in turn will not make the service / timer start on login. You can define services by adding them to `systemd.services`: ```nix -systemd.services.myservice = { - after = [ "network-online.target" ]; - requires = [ "network-online.target" ]; +{ + systemd.services.myservice = { + after = [ "network-online.target" ]; + requires = [ "network-online.target" ]; - before = [ "multi-user.target" ]; - wantedBy = [ "multi-user.target" ]; + before = [ "multi-user.target" ]; + wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "..."; + serviceConfig = { + ExecStart = "..."; + }; }; -}; +} ``` If you want to specify a multi-line script for `ExecStart`, diff --git a/nixos/doc/manual/configuration/adding-custom-packages.section.md b/nixos/doc/manual/configuration/adding-custom-packages.section.md index f2012d9c2462..abb2f9cc31ea 100644 --- a/nixos/doc/manual/configuration/adding-custom-packages.section.md +++ b/nixos/doc/manual/configuration/adding-custom-packages.section.md @@ -111,7 +111,7 @@ If there are shared libraries missing add them with extraPkgs = pkgs: [ # missing libraries here, e.g.: `pkgs.libepoxy` ]; - } + }; } ``` diff --git a/nixos/doc/manual/configuration/mattermost.chapter.md b/nixos/doc/manual/configuration/mattermost.chapter.md index f247134ce49a..801475ce5a15 100644 --- a/nixos/doc/manual/configuration/mattermost.chapter.md +++ b/nixos/doc/manual/configuration/mattermost.chapter.md @@ -33,7 +33,7 @@ To enable Mattermost using Postgres, use a config like this: # For example, to disable auto-installation of prepackaged plugins. settings.PluginSettings.AutomaticPrepackagedPlugins = false; - } + }; } ``` diff --git a/nixos/doc/manual/configuration/user-mgmt.chapter.md b/nixos/doc/manual/configuration/user-mgmt.chapter.md index 89604941bf11..3f490bb68d26 100644 --- a/nixos/doc/manual/configuration/user-mgmt.chapter.md +++ b/nixos/doc/manual/configuration/user-mgmt.chapter.md @@ -137,7 +137,9 @@ the Perl script. It aims to eventually replace the Perl script by default. You can enable Userborn via: ```nix -services.userborn.enable = true; +{ + services.userborn.enable = true; +} ``` You can configure Userborn to store the password files @@ -145,7 +147,9 @@ You can configure Userborn to store the password files location to `/etc`: ```nix -services.userborn.passwordFilesLocation = "/persistent/etc"; +{ + services.userborn.passwordFilesLocation = "/persistent/etc"; +} ``` This is useful when you store `/etc` on a `tmpfs` or if `/etc` is immutable diff --git a/nixos/doc/manual/development/testing-hardware-features.section.md b/nixos/doc/manual/development/testing-hardware-features.section.md index aaf652d731f7..f90880830a9a 100644 --- a/nixos/doc/manual/development/testing-hardware-features.section.md +++ b/nixos/doc/manual/development/testing-hardware-features.section.md @@ -22,25 +22,27 @@ You can run `vwifi-ctrl` on this node to control characteristics of the simulate physical layer. ```nix -airgap = - { config, ... }: - { - networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ - { - address = "192.168.1.2"; - prefixLength = 24; - } - ]; - services.vwifi = { - server = { - enable = true; - ports.tcp = 8212; - # uncomment if you want to enable monitor mode on another node - # ports.spy = 8213; - openFirewall = true; +{ + airgap = + { config, ... }: + { + networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ + { + address = "192.168.1.2"; + prefixLength = 24; + } + ]; + services.vwifi = { + server = { + enable = true; + ports.tcp = 8212; + # uncomment if you want to enable monitor mode on another node + # ports.spy = 8213; + openFirewall = true; + }; }; }; - }; +} ``` ### AP {#sec-nixos-test-wifi-ap} @@ -48,40 +50,42 @@ airgap = A node like this will act as a wireless access point in infrastructure mode. ```nix -ap = - { config, ... }: - { - networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ - { - address = "192.168.1.3"; - prefixLength = 24; - } - ]; - services.hostapd = { - enable = true; - radios.wlan0 = { - channel = 1; - networks.wlan0 = { - ssid = "NixOS Test Wi-Fi Network"; - authentication = { - mode = "wpa3-sae"; - saePasswords = [ { password = "supersecret"; } ]; - enableRecommendedPairwiseCiphers = true; +{ + ap = + { config, ... }: + { + networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ + { + address = "192.168.1.3"; + prefixLength = 24; + } + ]; + services.hostapd = { + enable = true; + radios.wlan0 = { + channel = 1; + networks.wlan0 = { + ssid = "NixOS Test Wi-Fi Network"; + authentication = { + mode = "wpa3-sae"; + saePasswords = [ { password = "supersecret"; } ]; + enableRecommendedPairwiseCiphers = true; + }; }; }; }; - }; - services.vwifi = { - module = { - enable = true; - macPrefix = "74:F8:F6:00:01"; - }; - client = { - enable = true; - serverAddress = "192.168.1.2"; + services.vwifi = { + module = { + enable = true; + macPrefix = "74:F8:F6:00:01"; + }; + client = { + enable = true; + serverAddress = "192.168.1.2"; + }; }; }; - }; +} ``` ### Station {#sec-nixos-test-wifi-station} @@ -89,37 +93,39 @@ ap = A node like this acts as a wireless client. ```nix -station = - { config, ... }: - { - networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ - { - address = "192.168.1.3"; - prefixLength = 24; - } - ]; - networking.wireless = { - # No, really, we want it enabled! - enable = lib.mkOverride 0 true; - interfaces = [ "wlan0" ]; - networks = { - "NixOS Test Wi-Fi Network" = { - psk = "supersecret"; - authProtocols = [ "SAE" ]; +{ + station = + { config, ... }: + { + networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ + { + address = "192.168.1.3"; + prefixLength = 24; + } + ]; + networking.wireless = { + # No, really, we want it enabled! + enable = lib.mkOverride 0 true; + interfaces = [ "wlan0" ]; + networks = { + "NixOS Test Wi-Fi Network" = { + psk = "supersecret"; + authProtocols = [ "SAE" ]; + }; + }; + }; + services.vwifi = { + module = { + enable = true; + macPrefix = "74:F8:F6:00:02"; + }; + client = { + enable = true; + serverAddress = "192.168.1.2"; }; }; }; - services.vwifi = { - module = { - enable = true; - macPrefix = "74:F8:F6:00:02"; - }; - client = { - enable = true; - serverAddress = "192.168.1.2"; - }; - }; - }; +} ``` ### Monitor {#sec-nixos-test-wifi-monitor} @@ -128,25 +134,28 @@ When the monitor mode interface is enabled, this node will receive all packets broadcast by all other nodes through the spy interface. ```nix -monitor = - { config, ... }: - { - networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ - { - address = "192.168.1.4"; - prefixLength = 24; - } - ]; +{ + monitor = + { config, ... }: + { + networking.interfaces.eth1.ipv4.addresses = lib.mkForce [ + { + address = "192.168.1.4"; + prefixLength = 24; + } + ]; - services.vwifi = { - module = { - enable = true; - macPrefix = "74:F8:F6:00:03"; - }; - client = { - enable = true; - spy = true; - serverAddress = "192.168.1.2"; + services.vwifi = { + module = { + enable = true; + macPrefix = "74:F8:F6:00:03"; + }; + client = { + enable = true; + spy = true; + serverAddress = "192.168.1.2"; + }; }; }; +} ``` diff --git a/nixos/doc/manual/installation/building-images-via-nixos-rebuild-build-image.chapter.md b/nixos/doc/manual/installation/building-images-via-nixos-rebuild-build-image.chapter.md index 075a8fca3bbb..9b18bf895ad1 100644 --- a/nixos/doc/manual/installation/building-images-via-nixos-rebuild-build-image.chapter.md +++ b/nixos/doc/manual/installation/building-images-via-nixos-rebuild-build-image.chapter.md @@ -25,7 +25,9 @@ The `image.modules` option can be used to set specific options per image variant E.g. images for the cloud provider Linode use `grub2` as a bootloader by default. If you are using `systemd-boot` on other platforms and want to disable it for Linode only, you could use the following options: ``` nix +{ image.modules.linode = { boot.loader.systemd-boot.enable = lib.mkForce false; }; +} ``` diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index b11f36719035..799d9eb62a74 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -243,9 +243,11 @@ The pre-existing `services.ankisyncd` has been marked deprecated and will be dro - `azure-cli` now has extension support. For example, to install the `aks-preview` extension, use ```nix - environment.systemPackages = [ - (azure-cli.withExtensions [ azure-cli.extensions.aks-preview ]) - ]; + { + environment.systemPackages = [ + (azure-cli.withExtensions [ azure-cli.extensions.aks-preview ]) + ]; + } ``` To make the `azure-cli` immutable and prevent clashes in case `azure-cli` is also installed via other package managers, some configuration files were moved into the derivation. This can be disabled by overriding `withImmutableConfig = false` when building `azure-cli`. diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md index fc335a19f4ef..3361b46d5e64 100644 --- a/nixos/doc/manual/release-notes/rl-2411.section.md +++ b/nixos/doc/manual/release-notes/rl-2411.section.md @@ -615,8 +615,10 @@ Then, follow the instructions on the [upstream release notes](https://github.com/majewsky/portunus/releases/tag/v2.0.0) to upgrade all existing user accounts to strong password hashes. If you need to upgrade to 24.11 without having completed the migration, consider the security implications of weak password hashes on your user accounts, and add the following to your configuration: ```nix - services.portunus.package = pkgs.portunus.override { libxcrypt = pkgs.libxcrypt-legacy; }; - services.portunus.ldap.package = pkgs.openldap.override { libxcrypt = pkgs.libxcrypt-legacy; }; + { + services.portunus.package = pkgs.portunus.override { libxcrypt = pkgs.libxcrypt-legacy; }; + services.portunus.ldap.package = pkgs.openldap.override { libxcrypt = pkgs.libxcrypt-legacy; }; + } ``` - The default value of `services.kubernetes.kubelet.hostname` is now lowercased. @@ -956,24 +958,26 @@ If you set `sound.mediaKeys` in your configuration: - If you want to maintain the exact behavior of the option, use the following snippet ```nix -services.actkbd = let - volumeStep = "1%"; -in { - enable = true; - bindings = [ - # "Mute" media key - { keys = [ 113 ]; events = [ "key" ]; command = "${alsa-utils}/bin/amixer -q set Master toggle"; } +{ + services.actkbd = let + volumeStep = "1%"; + in { + enable = true; + bindings = [ + # "Mute" media key + { keys = [ 113 ]; events = [ "key" ]; command = "${alsa-utils}/bin/amixer -q set Master toggle"; } - # "Lower Volume" media key - { keys = [ 114 ]; events = [ "key" "rep" ]; command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}- unmute"; } + # "Lower Volume" media key + { keys = [ 114 ]; events = [ "key" "rep" ]; command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}- unmute"; } - # "Raise Volume" media key - { keys = [ 115 ]; events = [ "key" "rep" ]; command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}+ unmute"; } + # "Raise Volume" media key + { keys = [ 115 ]; events = [ "key" "rep" ]; command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}+ unmute"; } - # "Mic Mute" media key - { keys = [ 190 ]; events = [ "key" ]; command = "${alsa-utils}/bin/amixer -q set Capture toggle"; } - ]; -}; + # "Mic Mute" media key + { keys = [ 190 ]; events = [ "key" ]; command = "${alsa-utils}/bin/amixer -q set Capture toggle"; } + ]; + }; +} ``` ### `hardware.deviceTree.overlays` compatible string matching {#sec-release-24.11-migration-dto-compatible} diff --git a/nixos/doc/manual/release-notes/rl-2505.section.md b/nixos/doc/manual/release-notes/rl-2505.section.md index 694c8caadb2c..ede104f80212 100644 --- a/nixos/doc/manual/release-notes/rl-2505.section.md +++ b/nixos/doc/manual/release-notes/rl-2505.section.md @@ -355,10 +355,12 @@ Alongside many enhancements to NixOS modules and general system improvements, th - To avoid delaying user logins unnecessarily the `multi-user.target` is no longer ordered after `network-online.target`. System services requiring a connection to start correctly must explicitly state so, i.e. ```nix - systemd.services. = { - wants = [ "network-online.target" ]; - after = [ "network-online.target" ]; - }; + { + systemd.services."" = { + wants = [ "network-online.target" ]; + after = [ "network-online.target" ]; + }; + } ``` This changed follows a deprecation period of one year started in NixOS 24.05 (see [PR #283818](https://github.com/NixOS/nixpkgs/pull/283818)). @@ -457,15 +459,17 @@ Alongside many enhancements to NixOS modules and general system improvements, th Example: ```nix - services.mysql = { - enable = true; - galeraCluster = { + { + services.mysql = { enable = true; - localName = "Node 1"; - localAddress = "galera_01"; - nodeAddresses = [ "galera_01" "galera_02" "galera_03"]; + galeraCluster = { + enable = true; + localName = "Node 1"; + localAddress = "galera_01"; + nodeAddresses = [ "galera_01" "galera_02" "galera_03"]; + }; }; - }; + } ``` - systemd's {manpage}`systemd-ssh-generator(8)` now works out of the box on NixOS. diff --git a/nixos/modules/services/databases/postgresql.md b/nixos/modules/services/databases/postgresql.md index fbff43290529..4bbddf1bbc42 100644 --- a/nixos/modules/services/databases/postgresql.md +++ b/nixos/modules/services/databases/postgresql.md @@ -94,13 +94,13 @@ database migrations. `ensureUsers` is run in `postgresql-setup`, so this is where `postStart` must be added to: ```nix - { - systemd.services.postgresql-setup.postStart = '' - psql service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' - psql service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' - # .... - ''; - } +{ + systemd.services.postgresql-setup.postStart = '' + psql service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' + psql service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' + # .... + ''; +} ``` #### in intermediate oneshot service {#module-services-postgres-initializing-extra-permissions-superuser-oneshot} @@ -114,22 +114,22 @@ They differ in two aspects: Both can lead to unexpected errors either during initial database creation or restore, when using `postgresql.service`. ```nix - { - systemd.services."migrate-service1-db1" = { - serviceConfig.Type = "oneshot"; - requiredBy = "service1.service"; - before = "service1.service"; - after = "postgresql.target"; - serviceConfig.User = "postgres"; - environment.PGPORT = toString services.postgresql.settings.port; - path = [ postgresql ]; - script = '' - psql service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' - psql service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' - # .... - ''; - }; - } +{ + systemd.services."migrate-service1-db1" = { + serviceConfig.Type = "oneshot"; + requiredBy = "service1.service"; + before = "service1.service"; + after = "postgresql.target"; + serviceConfig.User = "postgres"; + environment.PGPORT = toString services.postgresql.settings.port; + path = [ postgresql ]; + script = '' + psql service1 -c 'GRANT SELECT ON ALL TABLES IN SCHEMA public TO "extraUser1"' + psql service1 -c 'GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "extraUser1"' + # .... + ''; + }; +} ``` ## Authentication {#module-services-postgres-authentication} @@ -147,13 +147,15 @@ Assume that your app creates a role `admin` and you want the `root` user to be a You can then use [](#opt-services.postgresql.identMap) to define the map and [](#opt-services.postgresql.authentication) to enable it: ```nix -services.postgresql = { - identMap = '' - admin root admin - ''; - authentication = '' - local all admin peer map=admin - ''; +{ + services.postgresql = { + identMap = '' + admin root admin + ''; + authentication = '' + local all admin peer map=admin + ''; + }; } ``` diff --git a/nixos/modules/services/misc/paisa.md b/nixos/modules/services/misc/paisa.md index 3d9878dd50af..e16b52cbcdb6 100644 --- a/nixos/modules/services/misc/paisa.md +++ b/nixos/modules/services/misc/paisa.md @@ -21,7 +21,9 @@ configure this in the module, but you can e.g. use systemd to give the unit access to the command at runtime. ```nix -systemd.services.paisa.path = [ pkgs.hledger ]; +{ + systemd.services.paisa.path = [ pkgs.hledger ]; +} ``` ::: {.note} diff --git a/nixos/modules/services/monitoring/glances.md b/nixos/modules/services/monitoring/glances.md index 69554b6bc5e4..071b2480ec2c 100644 --- a/nixos/modules/services/monitoring/glances.md +++ b/nixos/modules/services/monitoring/glances.md @@ -16,5 +16,5 @@ Use the following configuration to start a public instance of Glances locally: enable = true; openFirewall = true; }; -}; +} ``` diff --git a/nixos/modules/services/networking/crab-hole.md b/nixos/modules/services/networking/crab-hole.md index a89a62fa0509..52a452b91545 100644 --- a/nixos/modules/services/networking/crab-hole.md +++ b/nixos/modules/services/networking/crab-hole.md @@ -103,7 +103,7 @@ Additionally you can set an optional timeout value. certificate = ./dns.example.com.crt; key = "/dns.example.com.key"; # optional (default = 3000) - timeout_ms = 3000 + timeout_ms = 3000; } ]; } diff --git a/nixos/modules/services/networking/jotta-cli.md b/nixos/modules/services/networking/jotta-cli.md index 335e5c8e3856..d5629465377d 100644 --- a/nixos/modules/services/networking/jotta-cli.md +++ b/nixos/modules/services/networking/jotta-cli.md @@ -15,11 +15,13 @@ This adds `jotta-cli` to `environment.systemPackages` and starts a user service ## Example Configuration {#module-services-jotta-cli-example-configuration} ```nix -services.jotta-cli = { - enable = true; - options = [ "slow" ]; - package = pkgs.jotta-cli; -}; +{ + services.jotta-cli = { + enable = true; + options = [ "slow" ]; + package = pkgs.jotta-cli; + }; +} ``` This uses `jotta-cli` and `jottad` from the `pkgs.jotta-cli` package and starts `jottad` in low memory mode. diff --git a/nixos/modules/services/networking/netbird/server.md b/nixos/modules/services/networking/netbird/server.md index 3649e97b379e..1de251b80109 100644 --- a/nixos/modules/services/networking/netbird/server.md +++ b/nixos/modules/services/networking/netbird/server.md @@ -9,34 +9,36 @@ To fully setup Netbird as a self-hosted server, we need both a Coturn server and There are quite a few settings that need to be passed to Netbird for it to function, and a minimal config looks like : ```nix -services.netbird.server = { - enable = true; - - domain = "netbird.example.selfhosted"; - - enableNginx = true; - - coturn = { +{ + services.netbird.server = { enable = true; - passwordFile = "/path/to/a/secret/password"; - }; + domain = "netbird.example.selfhosted"; - management = { - oidcConfigEndpoint = "https://sso.example.selfhosted/oauth2/openid/netbird/.well-known/openid-configuration"; + enableNginx = true; - settings = { - TURNConfig = { - Turns = [ - { - Proto = "udp"; - URI = "turn:netbird.example.selfhosted:3478"; - Username = "netbird"; - Password._secret = "/path/to/a/secret/password"; - } - ]; + coturn = { + enable = true; + + passwordFile = "/path/to/a/secret/password"; + }; + + management = { + oidcConfigEndpoint = "https://sso.example.selfhosted/oauth2/openid/netbird/.well-known/openid-configuration"; + + settings = { + TURNConfig = { + Turns = [ + { + Proto = "udp"; + URI = "turn:netbird.example.selfhosted:3478"; + Username = "netbird"; + Password._secret = "/path/to/a/secret/password"; + } + ]; + }; }; }; }; -}; +} ``` diff --git a/nixos/modules/services/networking/pihole-ftl.md b/nixos/modules/services/networking/pihole-ftl.md index 0f79fd6101c4..3d49f640c805 100644 --- a/nixos/modules/services/networking/pihole-ftl.md +++ b/nixos/modules/services/networking/pihole-ftl.md @@ -99,17 +99,16 @@ to configure additional interfaces with different configuration, use { services.pihole-ftl = { settings.misc.dnsmasq_lines = [ - # Specify the secondary interface - "interface=enp1s0" - # A different device is the router on this network, e.g. the one - # provided by your ISP - "dhcp-option=enp1s0,option:router,192.168.0.1" - # Specify the IPv4 ranges to allocate, with a 1-day lease time - "dhcp-range=enp1s0,192.168.0.10,192.168.0.253,1d" - # Enable IPv6 - "dhcp-range=::f,::ff,constructor:enp1s0,ra-names,ra-stateless" - ]; - }; + # Specify the secondary interface + "interface=enp1s0" + # A different device is the router on this network, e.g. the one + # provided by your ISP + "dhcp-option=enp1s0,option:router,192.168.0.1" + # Specify the IPv4 ranges to allocate, with a 1-day lease time + "dhcp-range=enp1s0,192.168.0.10,192.168.0.253,1d" + # Enable IPv6 + "dhcp-range=::f,::ff,constructor:enp1s0,ra-names,ra-stateless" + ]; }; } ``` diff --git a/nixos/modules/services/system/kerberos/kerberos-server.md b/nixos/modules/services/system/kerberos/kerberos-server.md index 80c71be1541e..ba3b1057f382 100644 --- a/nixos/modules/services/system/kerberos/kerberos-server.md +++ b/nixos/modules/services/system/kerberos/kerberos-server.md @@ -24,7 +24,7 @@ To enable a Kerberos server: admin_server = "kerberos.example.com"; }; }; - } + }; services.kerberos-server = { enable = true; diff --git a/nixos/modules/services/web-apps/nextcloud.md b/nixos/modules/services/web-apps/nextcloud.md index b497562224a0..3ae19e1f8ad5 100644 --- a/nixos/modules/services/web-apps/nextcloud.md +++ b/nixos/modules/services/web-apps/nextcloud.md @@ -208,7 +208,9 @@ release notes when upgrading. the cache size to zero: ```nix - services.nextcloud.phpOptions."realpath_cache_size" = "0"; + { + services.nextcloud.phpOptions."realpath_cache_size" = "0"; + } ``` - **Empty Files on chunked uploads** @@ -286,9 +288,9 @@ that are managed by Nix: ```nix { config, pkgs, ... }: { - services.nextcloud.extraApps = with config.services.nextcloud.package.packages.apps; [ + services.nextcloud.extraApps = with config.services.nextcloud.package.packages.apps; { inherit user_oidc calendar contacts; - ]; + }; } ``` diff --git a/nixos/modules/services/web-apps/szurubooru.md b/nixos/modules/services/web-apps/szurubooru.md index 368fe608d450..29c5caf42895 100644 --- a/nixos/modules/services/web-apps/szurubooru.md +++ b/nixos/modules/services/web-apps/szurubooru.md @@ -40,10 +40,10 @@ The prefered method to run this service is behind a reverse proxy not to expose server = { port = 8080; - ... + # ... }; - ... + # ... }; services.nginx.virtualHosts."szurubooru.domain.tld" = { diff --git a/pkgs/applications/networking/cluster/k3s/docs/examples/EXTERNAL_CONTAINERD.md b/pkgs/applications/networking/cluster/k3s/docs/examples/EXTERNAL_CONTAINERD.md index 7a6d9859ee50..3839d5c0ec75 100644 --- a/pkgs/applications/networking/cluster/k3s/docs/examples/EXTERNAL_CONTAINERD.md +++ b/pkgs/applications/networking/cluster/k3s/docs/examples/EXTERNAL_CONTAINERD.md @@ -6,26 +6,30 @@ containerd. This can be done in a few lines of configuration. ## Configure Containerd ```nix -virtualisation.containerd = { - enable = true; - settings.plugins."io.containerd.grpc.v1.cri".cni = { - bin_dir = "/var/lib/rancher/k3s/data/current/bin"; - conf_dir = "/var/lib/rancher/k3s/agent/etc/cni/net.d"; +{ + virtualisation.containerd = { + enable = true; + settings.plugins."io.containerd.grpc.v1.cri".cni = { + bin_dir = "/var/lib/rancher/k3s/data/current/bin"; + conf_dir = "/var/lib/rancher/k3s/agent/etc/cni/net.d"; + }; + # Optionally, configure containerd to use the k3s pause image + settings.plugins."io.containerd.grpc.v1.cri" = { + sandbox_image = "docker.io/rancher/mirrored-pause:3.6"; + }; }; - # Optionally, configure containerd to use the k3s pause image - settings.plugins."io.containerd.grpc.v1.cri" = { - sandbox_image = "docker.io/rancher/mirrored-pause:3.6"; - }; -}; +} ``` ## Configure k3s ```nix -services.k3s = { - enable = true; - extraFlags = [ "--container-runtime-endpoint unix:///run/containerd/containerd.sock" ]; -}; +{ + services.k3s = { + enable = true; + extraFlags = [ "--container-runtime-endpoint unix:///run/containerd/containerd.sock" ]; + }; +} ``` ## Importing Container Images diff --git a/pkgs/by-name/README.md b/pkgs/by-name/README.md index 1b6e81110d0a..6853407a9a8d 100644 --- a/pkgs/by-name/README.md +++ b/pkgs/by-name/README.md @@ -99,9 +99,14 @@ Definitions like the following however, _can_ be transitioned: ```nix # all-packages.nix -fooWithBaz = foo.override { - bar = baz; -}; +{ + fooWithBaz = foo.override { + bar = baz; + }; +} +``` + +```nix # turned into pkgs/by-name/fo/fooWithBaz/package.nix with: { foo, diff --git a/pkgs/by-name/az/azure-cli/README.md b/pkgs/by-name/az/azure-cli/README.md index 5907f1916f8f..29964f91948b 100644 --- a/pkgs/by-name/az/azure-cli/README.md +++ b/pkgs/by-name/az/azure-cli/README.md @@ -56,6 +56,7 @@ The output should look something like this: Based on this, you can add an attribute to `extensions-manual.nix`: ```nix +{ azure-devops = mkAzExtension { pname = "azure-devops"; version = "1.0.0"; @@ -67,6 +68,7 @@ Based on this, you can add an attribute to `extensions-manual.nix`: ]; meta.maintainers = with lib.maintainers; [ katexochen ]; }; +} ``` * The attribute name should be the same as `pname`. @@ -113,5 +115,7 @@ If extensions are removed upstream, an alias is added to the end of `extensions- this example: ```nix -blockchain = throw "The 'blockchain' extension for azure-cli was deprecated upstream"; # Added 2024-04-26 +{ + blockchain = throw "The 'blockchain' extension for azure-cli was deprecated upstream"; # Added 2024-04-26 +} ``` diff --git a/pkgs/servers/home-assistant/custom-components/README.md b/pkgs/servers/home-assistant/custom-components/README.md index b4115c63d061..c51e6512538e 100644 --- a/pkgs/servers/home-assistant/custom-components/README.md +++ b/pkgs/servers/home-assistant/custom-components/README.md @@ -80,6 +80,7 @@ needs to be. Instead of applying brittle substitutions the version constraint can be ignored on a per requirement basis. ```nix +{ dependencies = [ pyemvue ]; @@ -88,5 +89,5 @@ can be ignored on a per requirement basis. ignoreVersionRequirement = [ "pyemvue" ]; +} ``` -`