nixos docs: format =)

25 files changed, 1051 insertions, 1161 deletions

diff --git a/nixos/doc/manual/configuration/abstractions.xml b/nixos/doc/manual/configuration/abstractions.xml
index f794085295c..5bf0635cc1a 100644
--- a/nixos/doc/manual/configuration/abstractions.xml
+++ b/nixos/doc/manual/configuration/abstractions.xml
@@ -3,12 +3,11 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-module-abstractions">
+ <title>Abstractions</title>
 
-<title>Abstractions</title>
-
-<para>If you find yourself repeating yourself over and over, it’s time
-to abstract.  Take, for instance, this Apache HTTP Server configuration:
-
+ <para>
+  If you find yourself repeating yourself over and over, it’s time to
+  abstract. Take, for instance, this Apache HTTP Server configuration:
 <programlisting>
 {
   <xref linkend="opt-services.httpd.virtualHosts"/> =
@@ -28,11 +27,9 @@ to abstract.  Take, for instance, this Apache HTTP Server configuration:
     ];
 }
 </programlisting>
-
-It defines two virtual hosts with nearly identical configuration; the
-only difference is that the second one has SSL enabled.  To prevent
-this duplication, we can use a <literal>let</literal>:
-
+  It defines two virtual hosts with nearly identical configuration; the only
+  difference is that the second one has SSL enabled. To prevent this
+  duplication, we can use a <literal>let</literal>:
 <programlisting>
 let
   exampleOrgCommon =
@@ -53,17 +50,16 @@ in
     ];
 }
 </programlisting>
-
-The <literal>let exampleOrgCommon =
-<replaceable>...</replaceable></literal> defines a variable named
-<literal>exampleOrgCommon</literal>.  The <literal>//</literal>
-operator merges two attribute sets, so the configuration of the second
-virtual host is the set <literal>exampleOrgCommon</literal> extended
-with the SSL options.</para>
-
-<para>You can write a <literal>let</literal> wherever an expression is
-allowed.  Thus, you also could have written:
-
+  The <literal>let exampleOrgCommon = <replaceable>...</replaceable></literal>
+  defines a variable named <literal>exampleOrgCommon</literal>. The
+  <literal>//</literal> operator merges two attribute sets, so the
+  configuration of the second virtual host is the set
+  <literal>exampleOrgCommon</literal> extended with the SSL options.
+ </para>
+
+ <para>
+  You can write a <literal>let</literal> wherever an expression is allowed.
+  Thus, you also could have written:
 <programlisting>
 {
   <xref linkend="opt-services.httpd.virtualHosts"/> =
@@ -73,17 +69,16 @@ allowed.  Thus, you also could have written:
     ];
 }
 </programlisting>
-
-but not <literal>{ let exampleOrgCommon =
-<replaceable>...</replaceable>; in <replaceable>...</replaceable>;
-}</literal> since attributes (as opposed to attribute values) are not
-expressions.</para>
-
-<para><emphasis>Functions</emphasis> provide another method of
-abstraction.  For instance, suppose that we want to generate lots of
-different virtual hosts, all with identical configuration except for
-the host name.  This can be done as follows:
-
+  but not <literal>{ let exampleOrgCommon = <replaceable>...</replaceable>; in
+  <replaceable>...</replaceable>; }</literal> since attributes (as opposed to
+  attribute values) are not expressions.
+ </para>
+
+ <para>
+  <emphasis>Functions</emphasis> provide another method of abstraction. For
+  instance, suppose that we want to generate lots of different virtual hosts,
+  all with identical configuration except for the host name. This can be done
+  as follows:
 <programlisting>
 {
   <xref linkend="opt-services.httpd.virtualHosts"/> =
@@ -101,16 +96,15 @@ the host name.  This can be done as follows:
       ];
 }
 </programlisting>
-
-Here, <varname>makeVirtualHost</varname> is a function that takes a
-single argument <literal>name</literal> and returns the configuration
-for a virtual host.  That function is then called for several names to
-produce the list of virtual host configurations.</para>
-
-<para>We can further improve on this by using the function
-<varname>map</varname>, which applies another function to every
-element in a list:
-
+  Here, <varname>makeVirtualHost</varname> is a function that takes a single
+  argument <literal>name</literal> and returns the configuration for a virtual
+  host. That function is then called for several names to produce the list of
+  virtual host configurations.
+ </para>
+
+ <para>
+  We can further improve on this by using the function <varname>map</varname>,
+  which applies another function to every element in a list:
 <programlisting>
 {
   <xref linkend="opt-services.httpd.virtualHosts"/> =
@@ -120,16 +114,15 @@ element in a list:
       [ "example.org" "example.com" "example.gov" "example.nl" ];
 }
 </programlisting>
-
-(The function <literal>map</literal> is called a
-<emphasis>higher-order function</emphasis> because it takes another
-function as an argument.)</para>
-
-<para>What if you need more than one argument, for instance, if we
-want to use a different <literal>documentRoot</literal> for each
-virtual host?  Then we can make <varname>makeVirtualHost</varname> a
-function that takes a <emphasis>set</emphasis> as its argument, like this:
-
+  (The function <literal>map</literal> is called a <emphasis>higher-order
+  function</emphasis> because it takes another function as an argument.)
+ </para>
+
+ <para>
+  What if you need more than one argument, for instance, if we want to use a
+  different <literal>documentRoot</literal> for each virtual host? Then we can
+  make <varname>makeVirtualHost</varname> a function that takes a
+  <emphasis>set</emphasis> as its argument, like this:
 <programlisting>
 {
   <xref linkend="opt-services.httpd.virtualHosts"/> =
@@ -147,10 +140,9 @@ function that takes a <emphasis>set</emphasis> as its argument, like this:
       ];
 }
 </programlisting>
-
-But in this case (where every root is a subdirectory of
-<filename>/sites</filename> named after the virtual host), it would
-have been shorter to define <varname>makeVirtualHost</varname> as
+  But in this case (where every root is a subdirectory of
+  <filename>/sites</filename> named after the virtual host), it would have been
+  shorter to define <varname>makeVirtualHost</varname> as
 <programlisting>
 makeVirtualHost = name:
   { hostName = name;
@@ -158,9 +150,7 @@ makeVirtualHost = name:
     adminAddr = "alice@example.org";
   };
 </programlisting>
-
-Here, the construct
-<literal>${<replaceable>...</replaceable>}</literal> allows the result
-of an expression to be spliced into a string.</para>
-
+  Here, the construct <literal>${<replaceable>...</replaceable>}</literal>
+  allows the result of an expression to be spliced into a string.
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/ad-hoc-network-config.xml b/nixos/doc/manual/configuration/ad-hoc-network-config.xml
index c53b9598109..00e595c7cb7 100644
--- a/nixos/doc/manual/configuration/ad-hoc-network-config.xml
+++ b/nixos/doc/manual/configuration/ad-hoc-network-config.xml
@@ -3,22 +3,18 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="ad-hoc-network-config">
+ <title>Ad-Hoc Configuration</title>
 
-<title>Ad-Hoc Configuration</title>
-
-<para>You can use <xref linkend="opt-networking.localCommands"/> to specify
-shell commands to be run at the end of
-<literal>network-setup.service</literal>.  This is useful for doing
-network configuration not covered by the existing NixOS modules.  For
-instance, to statically configure an IPv6 address:
-
+ <para>
+  You can use <xref linkend="opt-networking.localCommands"/> to specify shell
+  commands to be run at the end of <literal>network-setup.service</literal>.
+  This is useful for doing network configuration not covered by the existing
+  NixOS modules. For instance, to statically configure an IPv6 address:
 <programlisting>
 <xref linkend="opt-networking.localCommands"/> =
   ''
     ip -6 addr add 2001:610:685:1::1/64 dev eth0
   '';
 </programlisting>
-
-</para>
-
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/ad-hoc-packages.xml b/nixos/doc/manual/configuration/ad-hoc-packages.xml
index a147291c4f3..19159d8db5b 100644
--- a/nixos/doc/manual/configuration/ad-hoc-packages.xml
+++ b/nixos/doc/manual/configuration/ad-hoc-packages.xml
@@ -3,61 +3,59 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-ad-hoc-packages">
+ <title>Ad-Hoc Package Management</title>
 
-<title>Ad-Hoc Package Management</title>
-
-<para>With the command <command>nix-env</command>, you can install and
-uninstall packages from the command line.  For instance, to install
-Mozilla Thunderbird:
-
+ <para>
+  With the command <command>nix-env</command>, you can install and uninstall
+  packages from the command line. For instance, to install Mozilla Thunderbird:
 <screen>
 $ nix-env -iA nixos.thunderbird</screen>
-
-If you invoke this as root, the package is installed in the Nix
-profile <filename>/nix/var/nix/profiles/default</filename> and visible
-to all users of the system; otherwise, the package ends up in
-<filename>/nix/var/nix/profiles/per-user/<replaceable>username</replaceable>/profile</filename>
-and is not visible to other users.  The <option>-A</option> flag
-specifies the package by its attribute name; without it, the package
-is installed by matching against its package name
-(e.g. <literal>thunderbird</literal>).  The latter is slower because
-it requires matching against all available Nix packages, and is
-ambiguous if there are multiple matching packages.</para>
-
-<para>Packages come from the NixOS channel.  You typically upgrade a
-package by updating to the latest version of the NixOS channel:
+  If you invoke this as root, the package is installed in the Nix profile
+  <filename>/nix/var/nix/profiles/default</filename> and visible to all users
+  of the system; otherwise, the package ends up in
+  <filename>/nix/var/nix/profiles/per-user/<replaceable>username</replaceable>/profile</filename>
+  and is not visible to other users. The <option>-A</option> flag specifies the
+  package by its attribute name; without it, the package is installed by
+  matching against its package name (e.g. <literal>thunderbird</literal>). The
+  latter is slower because it requires matching against all available Nix
+  packages, and is ambiguous if there are multiple matching packages.
+ </para>
+
+ <para>
+  Packages come from the NixOS channel. You typically upgrade a package by
+  updating to the latest version of the NixOS channel:
 <screen>
 $ nix-channel --update nixos
 </screen>
-and then running <literal>nix-env -i</literal> again.  Other packages
-in the profile are <emphasis>not</emphasis> affected; this is the
-crucial difference with the declarative style of package management,
-where running <command>nixos-rebuild switch</command> causes all
-packages to be updated to their current versions in the NixOS channel.
-You can however upgrade all packages for which there is a newer
-version by doing:
+  and then running <literal>nix-env -i</literal> again. Other packages in the
+  profile are <emphasis>not</emphasis> affected; this is the crucial difference
+  with the declarative style of package management, where running
+  <command>nixos-rebuild switch</command> causes all packages to be updated to
+  their current versions in the NixOS channel. You can however upgrade all
+  packages for which there is a newer version by doing:
 <screen>
 $ nix-env -u '*'
 </screen>
-</para>
+ </para>
 
-<para>A package can be uninstalled using the <option>-e</option>
-flag:
+ <para>
+  A package can be uninstalled using the <option>-e</option> flag:
 <screen>
 $ nix-env -e thunderbird
 </screen>
-</para>
+ </para>
 
-<para>Finally, you can roll back an undesirable
-<command>nix-env</command> action:
+ <para>
+  Finally, you can roll back an undesirable <command>nix-env</command> action:
 <screen>
 $ nix-env --rollback
 </screen>
-</para>
-
-<para><command>nix-env</command> has many more flags.  For details,
-see the
-<citerefentry><refentrytitle>nix-env</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-manpage or the Nix manual.</para>
-
+ </para>
+
+ <para>
+  <command>nix-env</command> has many more flags. For details, see the
+  <citerefentry>
+  <refentrytitle>nix-env</refentrytitle>
+  <manvolnum>1</manvolnum></citerefentry> manpage or the Nix manual.
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/adding-custom-packages.xml b/nixos/doc/manual/configuration/adding-custom-packages.xml
index ae58f61d73e..b59287a622e 100644
--- a/nixos/doc/manual/configuration/adding-custom-packages.xml
+++ b/nixos/doc/manual/configuration/adding-custom-packages.xml
@@ -3,43 +3,36 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-custom-packages">
+ <title>Adding Custom Packages</title>
 
-<title>Adding Custom Packages</title>
-
-<para>It’s possible that a package you need is not available in NixOS.
-In that case, you can do two things.  First, you can clone the Nixpkgs
-repository, add the package to your clone, and (optionally) submit a
-patch or pull request to have it accepted into the main Nixpkgs
-repository.  This is described in detail in the <link
-xlink:href="http://nixos.org/nixpkgs/manual">Nixpkgs manual</link>.
-In short, you clone Nixpkgs:
-
+ <para>
+  It’s possible that a package you need is not available in NixOS. In that
+  case, you can do two things. First, you can clone the Nixpkgs repository, add
+  the package to your clone, and (optionally) submit a patch or pull request to
+  have it accepted into the main Nixpkgs repository. This is described in
+  detail in the <link
+xlink:href="http://nixos.org/nixpkgs/manual">Nixpkgs
+  manual</link>. In short, you clone Nixpkgs:
 <screen>
 $ git clone git://github.com/NixOS/nixpkgs.git
 $ cd nixpkgs
 </screen>
-
-Then you write and test the package as described in the Nixpkgs
-manual.  Finally, you add it to
-<literal>environment.systemPackages</literal>, e.g.
-
+  Then you write and test the package as described in the Nixpkgs manual.
+  Finally, you add it to <literal>environment.systemPackages</literal>, e.g.
 <programlisting>
 <xref linkend="opt-environment.systemPackages"/> = [ pkgs.my-package ];
 </programlisting>
-
-and you run <command>nixos-rebuild</command>, specifying your own
-Nixpkgs tree:
-
+  and you run <command>nixos-rebuild</command>, specifying your own Nixpkgs
+  tree:
 <screen>
 # nixos-rebuild switch -I nixpkgs=/path/to/my/nixpkgs</screen>
+ </para>
 
-</para>
-
-<para>The second possibility is to add the package outside of the
-Nixpkgs tree.  For instance, here is how you specify a build of the
-<link xlink:href="http://www.gnu.org/software/hello/">GNU Hello</link>
-package directly in <filename>configuration.nix</filename>:
-
+ <para>
+  The second possibility is to add the package outside of the Nixpkgs tree. For
+  instance, here is how you specify a build of the
+  <link xlink:href="http://www.gnu.org/software/hello/">GNU Hello</link>
+  package directly in <filename>configuration.nix</filename>:
 <programlisting>
 <xref linkend="opt-environment.systemPackages"/> =
   let
@@ -53,13 +46,12 @@ package directly in <filename>configuration.nix</filename>:
   in
   [ my-hello ];
 </programlisting>
-
-Of course, you can also move the definition of
-<literal>my-hello</literal> into a separate Nix expression, e.g.
+  Of course, you can also move the definition of <literal>my-hello</literal>
+  into a separate Nix expression, e.g.
 <programlisting>
 <xref linkend="opt-environment.systemPackages"/> = [ (import ./my-hello.nix) ];
 </programlisting>
-where <filename>my-hello.nix</filename> contains:
+  where <filename>my-hello.nix</filename> contains:
 <programlisting>
 with import &lt;nixpkgs> {}; # bring all of Nixpkgs into scope
 
@@ -71,14 +63,11 @@ stdenv.mkDerivation rec {
   };
 }
 </programlisting>
-
-This allows testing the package easily:
+  This allows testing the package easily:
 <screen>
 $ nix-build my-hello.nix
 $ ./result/bin/hello
 Hello, world!
 </screen>
-
-</para>
-
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/config-file.xml b/nixos/doc/manual/configuration/config-file.xml
index d4ca15bb3e7..a9420b3fc92 100644
--- a/nixos/doc/manual/configuration/config-file.xml
+++ b/nixos/doc/manual/configuration/config-file.xml
@@ -3,28 +3,25 @@
     xmlns:xi="http://www.w3.org/2001/XInclude"
     version="5.0"
     xml:id="sec-configuration-file">
+ <title>NixOS Configuration File</title>
 
-<title>NixOS Configuration File</title>
-
-<para>The NixOS configuration file generally looks like this:
-
+ <para>
+  The NixOS configuration file generally looks like this:
 <programlisting>
 { config, pkgs, ... }:
 
 { <replaceable>option definitions</replaceable>
 }
 </programlisting>
-
-The first line (<literal>{ config, pkgs, ... }:</literal>) denotes
-that this is actually a function that takes at least the two arguments
- <varname>config</varname> and <varname>pkgs</varname>.  (These are
-explained later.)  The function returns a <emphasis>set</emphasis> of
-option definitions (<literal>{ <replaceable>...</replaceable> }</literal>).  These definitions have the
-form <literal><replaceable>name</replaceable> =
-<replaceable>value</replaceable></literal>, where
-<replaceable>name</replaceable> is the name of an option and
-<replaceable>value</replaceable> is its value.  For example,
-
+  The first line (<literal>{ config, pkgs, ... }:</literal>) denotes that this
+  is actually a function that takes at least the two arguments
+  <varname>config</varname> and <varname>pkgs</varname>. (These are explained
+  later.) The function returns a <emphasis>set</emphasis> of option definitions
+  (<literal>{ <replaceable>...</replaceable> }</literal>). These definitions
+  have the form <literal><replaceable>name</replaceable> =
+  <replaceable>value</replaceable></literal>, where
+  <replaceable>name</replaceable> is the name of an option and
+  <replaceable>value</replaceable> is its value. For example,
 <programlisting>
 { config, pkgs, ... }:
 
@@ -33,19 +30,19 @@ form <literal><replaceable>name</replaceable> =
   <xref linkend="opt-services.httpd.documentRoot"/> = "/webroot";
 }
 </programlisting>
-
-defines a configuration with three option definitions that together
-enable the Apache HTTP Server with <filename>/webroot</filename> as
-the document root.</para>
-
-<para>Sets can be nested, and in fact dots in option names are
-shorthand for defining a set containing another set.  For instance,
-<xref linkend="opt-services.httpd.enable"/> defines a set named
-<varname>services</varname> that contains a set named
-<varname>httpd</varname>, which in turn contains an option definition
-named <varname>enable</varname> with value <literal>true</literal>.
-This means that the example above can also be written as:
-
+  defines a configuration with three option definitions that together enable
+  the Apache HTTP Server with <filename>/webroot</filename> as the document
+  root.
+ </para>
+
+ <para>
+  Sets can be nested, and in fact dots in option names are shorthand for
+  defining a set containing another set. For instance,
+  <xref linkend="opt-services.httpd.enable"/> defines a set named
+  <varname>services</varname> that contains a set named
+  <varname>httpd</varname>, which in turn contains an option definition named
+  <varname>enable</varname> with value <literal>true</literal>. This means that
+  the example above can also be written as:
 <programlisting>
 { config, pkgs, ... }:
 
@@ -58,46 +55,44 @@ This means that the example above can also be written as:
   };
 }
 </programlisting>
-
-which may be more convenient if you have lots of option definitions
-that share the same prefix (such as
-<literal>services.httpd</literal>).</para>
-
-<para>NixOS checks your option definitions for correctness.  For
-instance, if you try to define an option that doesn’t exist (that is,
-doesn’t have a corresponding <emphasis>option declaration</emphasis>),
-<command>nixos-rebuild</command> will give an error like:
+  which may be more convenient if you have lots of option definitions that
+  share the same prefix (such as <literal>services.httpd</literal>).
+ </para>
+
+ <para>
+  NixOS checks your option definitions for correctness. For instance, if you
+  try to define an option that doesn’t exist (that is, doesn’t have a
+  corresponding <emphasis>option declaration</emphasis>),
+  <command>nixos-rebuild</command> will give an error like:
 <screen>
 The option `services.httpd.enable' defined in `/etc/nixos/configuration.nix' does not exist.
 </screen>
-Likewise, values in option definitions must have a correct type.  For
-instance, <option>services.httpd.enable</option> must be a Boolean
-(<literal>true</literal> or <literal>false</literal>).  Trying to give
-it a value of another type, such as a string, will cause an error:
+  Likewise, values in option definitions must have a correct type. For
+  instance, <option>services.httpd.enable</option> must be a Boolean
+  (<literal>true</literal> or <literal>false</literal>). Trying to give it a
+  value of another type, such as a string, will cause an error:
 <screen>
 The option value `services.httpd.enable' in `/etc/nixos/configuration.nix' is not a boolean.
 </screen>
+ </para>
 
-</para>
-
-<para>Options have various types of values.  The most important are:
-
-<variablelist>
-  <varlistentry>
+ <para>
+  Options have various types of values. The most important are:
+  <variablelist>
+   <varlistentry>
     <term>Strings</term>
     <listitem>
-      <para>Strings are enclosed in double quotes, e.g.
-
+     <para>
+      Strings are enclosed in double quotes, e.g.
 <programlisting>
 <xref linkend="opt-networking.hostName"/> = "dexter";
 </programlisting>
-
-      Special characters can be escaped by prefixing them with a
-      backslash (e.g. <literal>\"</literal>).</para>
-
-      <para>Multi-line strings can be enclosed in <emphasis>double
-      single quotes</emphasis>, e.g.
-
+      Special characters can be escaped by prefixing them with a backslash
+      (e.g. <literal>\"</literal>).
+     </para>
+     <para>
+      Multi-line strings can be enclosed in <emphasis>double single
+      quotes</emphasis>, e.g.
 <programlisting>
 <xref linkend="opt-networking.extraHosts"/> =
   ''
@@ -105,58 +100,52 @@ The option value `services.httpd.enable' in `/etc/nixos/configuration.nix' is no
     10.0.0.1 server
   '';
 </programlisting>
-
-      The main difference is that it strips from each line
-      a number of spaces equal to the minimal indentation of
-      the string as a whole (disregarding the indentation of
-      empty lines), and that characters like
-      <literal>"</literal> and <literal>\</literal> are not special
-      (making it more convenient for including things like shell
-      code).
-      See more info about this in the Nix manual <link
-      xlink:href="https://nixos.org/nix/manual/#ssec-values">here</link>.</para>
+      The main difference is that it strips from each line a number of spaces
+      equal to the minimal indentation of the string as a whole (disregarding
+      the indentation of empty lines), and that characters like
+      <literal>"</literal> and <literal>\</literal> are not special (making it
+      more convenient for including things like shell code). See more info
+      about this in the Nix manual
+      <link
+      xlink:href="https://nixos.org/nix/manual/#ssec-values">here</link>.
+     </para>
     </listitem>
-  </varlistentry>
-
-  <varlistentry>
+   </varlistentry>
+   <varlistentry>
     <term>Booleans</term>
     <listitem>
-      <para>These can be <literal>true</literal> or
-      <literal>false</literal>, e.g.
-
+     <para>
+      These can be <literal>true</literal> or <literal>false</literal>, e.g.
 <programlisting>
 <xref linkend="opt-networking.firewall.enable"/> = true;
 <xref linkend="opt-networking.firewall.allowPing"/> = false;
 </programlisting>
-      </para>
+     </para>
     </listitem>
-  </varlistentry>
-
-  <varlistentry>
+   </varlistentry>
+   <varlistentry>
     <term>Integers</term>
     <listitem>
-      <para>For example,
-
+     <para>
+      For example,
 <programlisting>
 <xref linkend="opt-boot.kernel.sysctl"/>."net.ipv4.tcp_keepalive_time" = 60;
 </programlisting>
-
       (Note that here the attribute name
-      <literal>net.ipv4.tcp_keepalive_time</literal> is enclosed in
-      quotes to prevent it from being interpreted as a set named
-      <literal>net</literal> containing a set named
-      <literal>ipv4</literal>, and so on.  This is because it’s not a
-      NixOS option but the literal name of a Linux kernel
-      setting.)</para>
+      <literal>net.ipv4.tcp_keepalive_time</literal> is enclosed in quotes to
+      prevent it from being interpreted as a set named <literal>net</literal>
+      containing a set named <literal>ipv4</literal>, and so on. This is
+      because it’s not a NixOS option but the literal name of a Linux kernel
+      setting.)
+     </para>
     </listitem>
-  </varlistentry>
-
-  <varlistentry>
+   </varlistentry>
+   <varlistentry>
     <term>Sets</term>
     <listitem>
-      <para>Sets were introduced above.  They are name/value pairs
-      enclosed in braces, as in the option definition
-
+     <para>
+      Sets were introduced above. They are name/value pairs enclosed in braces,
+      as in the option definition
 <programlisting>
 <xref linkend="opt-fileSystems"/>."/boot" =
   { device = "/dev/sda1";
@@ -164,36 +153,32 @@ The option value `services.httpd.enable' in `/etc/nixos/configuration.nix' is no
     options = [ "rw" "data=ordered" "relatime" ];
   };
 </programlisting>
-      </para>
+     </para>
     </listitem>
-  </varlistentry>
-
-  <varlistentry>
+   </varlistentry>
+   <varlistentry>
     <term>Lists</term>
     <listitem>
-      <para>The important thing to note about lists is that list
-      elements are separated by whitespace, like this:
-
+     <para>
+      The important thing to note about lists is that list elements are
+      separated by whitespace, like this:
 <programlisting>
 <xref linkend="opt-boot.kernelModules"/> = [ "fuse" "kvm-intel" "coretemp" ];
 </programlisting>
-
       List elements can be any other type, e.g. sets:
-
 <programlisting>
 swapDevices = [ { device = "/dev/disk/by-label/swap"; } ];
 </programlisting>
-      </para>
+     </para>
     </listitem>
-  </varlistentry>
-
-  <varlistentry>
+   </varlistentry>
+   <varlistentry>
     <term>Packages</term>
     <listitem>
-      <para>Usually, the packages you need are already part of the Nix
-      Packages collection, which is a set that can be accessed through
-      the function argument <varname>pkgs</varname>.  Typical uses:
-
+     <para>
+      Usually, the packages you need are already part of the Nix Packages
+      collection, which is a set that can be accessed through the function
+      argument <varname>pkgs</varname>. Typical uses:
 <programlisting>
 <xref linkend="opt-environment.systemPackages"/> =
   [ pkgs.thunderbird
@@ -202,16 +187,12 @@ swapDevices = [ { device = "/dev/disk/by-label/swap"; } ];
 
 <xref linkend="opt-services.postgresql.package"/> = pkgs.postgresql90;
 </programlisting>
-
-      The latter option definition changes the default PostgreSQL
-      package used by NixOS’s PostgreSQL service to 9.0.  For more
-      information on packages, including how to add new ones, see
-      <xref linkend="sec-custom-packages"/>.</para>
+      The latter option definition changes the default PostgreSQL package used
+      by NixOS’s PostgreSQL service to 9.0. For more information on packages,
+      including how to add new ones, see <xref linkend="sec-custom-packages"/>.
+     </para>
     </listitem>
-  </varlistentry>
-
-</variablelist>
-
-</para>
-
+   </varlistentry>
+  </variablelist>
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/config-syntax.xml b/nixos/doc/manual/configuration/config-syntax.xml
index 87847f8451e..5ef498cf9ae 100644
--- a/nixos/doc/manual/configuration/config-syntax.xml
+++ b/nixos/doc/manual/configuration/config-syntax.xml
@@ -3,25 +3,23 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-configuration-syntax">
-
-<title>Configuration Syntax</title>
-
-<para>The NixOS configuration file
-<filename>/etc/nixos/configuration.nix</filename> is actually a
-<emphasis>Nix expression</emphasis>, which is the Nix package
-manager’s purely functional language for describing how to build
-packages and configurations.  This means you have all the expressive
-power of that language at your disposal, including the ability to
-abstract over common patterns, which is very useful when managing
-complex systems.  The syntax and semantics of the Nix language are
-fully described in the <link
+ <title>Configuration Syntax</title>
+ <para>
+  The NixOS configuration file
+  <filename>/etc/nixos/configuration.nix</filename> is actually a <emphasis>Nix
+  expression</emphasis>, which is the Nix package manager’s purely functional
+  language for describing how to build packages and configurations. This means
+  you have all the expressive power of that language at your disposal,
+  including the ability to abstract over common patterns, which is very useful
+  when managing complex systems. The syntax and semantics of the Nix language
+  are fully described in the
+  <link
 xlink:href="http://nixos.org/nix/manual/#chap-writing-nix-expressions">Nix
-manual</link>, but here we give a short overview of the most important
-constructs useful in NixOS configuration files.</para>
-
-<xi:include href="config-file.xml" />
-<xi:include href="abstractions.xml" />
-<xi:include href="modularity.xml" />
-<xi:include href="summary.xml" />
-
+  manual</link>, but here we give a short overview of the most important
+  constructs useful in NixOS configuration files.
+ </para>
+ <xi:include href="config-file.xml" />
+ <xi:include href="abstractions.xml" />
+ <xi:include href="modularity.xml" />
+ <xi:include href="summary.xml" />
 </chapter>
diff --git a/nixos/doc/manual/configuration/configuration.xml b/nixos/doc/manual/configuration/configuration.xml
index f092c7e207f..8d05dcd34b4 100644
--- a/nixos/doc/manual/configuration/configuration.xml
+++ b/nixos/doc/manual/configuration/configuration.xml
@@ -3,30 +3,24 @@
       xmlns:xi="http://www.w3.org/2001/XInclude"
       version="5.0"
       xml:id="ch-configuration">
-
-<title>Configuration</title>
-
-<partintro>
-
-<para>This chapter describes how to configure various aspects of a
-NixOS machine through the configuration file
-<filename>/etc/nixos/configuration.nix</filename>.  As described in
-<xref linkend="sec-changing-config" />, changes to this file only take
-effect after you run <command>nixos-rebuild</command>.</para>
-
-</partintro>
-
-<xi:include href="config-syntax.xml" />
-<xi:include href="package-mgmt.xml" />
-<xi:include href="user-mgmt.xml" />
-<xi:include href="file-systems.xml" />
-<xi:include href="x-windows.xml" />
-<xi:include href="xfce.xml" />
-<xi:include href="networking.xml" />
-<xi:include href="linux-kernel.xml" />
-
-<xi:include href="../generated/modules.xml" xpointer="xpointer(//section[@id='modules']/*)" />
-
+ <title>Configuration</title>
+ <partintro>
+  <para>
+   This chapter describes how to configure various aspects of a NixOS machine
+   through the configuration file
+   <filename>/etc/nixos/configuration.nix</filename>. As described in
+   <xref linkend="sec-changing-config" />, changes to this file only take
+   effect after you run <command>nixos-rebuild</command>.
+  </para>
+ </partintro>
+ <xi:include href="config-syntax.xml" />
+ <xi:include href="package-mgmt.xml" />
+ <xi:include href="user-mgmt.xml" />
+ <xi:include href="file-systems.xml" />
+ <xi:include href="x-windows.xml" />
+ <xi:include href="xfce.xml" />
+ <xi:include href="networking.xml" />
+ <xi:include href="linux-kernel.xml" />
+ <xi:include href="../generated/modules.xml" xpointer="xpointer(//section[@id='modules']/*)" />
 <!-- Apache; libvirtd virtualisation -->
-
 </part>
diff --git a/nixos/doc/manual/configuration/customizing-packages.xml b/nixos/doc/manual/configuration/customizing-packages.xml
index 8b7654e9b42..03b5bb53197 100644
--- a/nixos/doc/manual/configuration/customizing-packages.xml
+++ b/nixos/doc/manual/configuration/customizing-packages.xml
@@ -3,53 +3,50 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-customising-packages">
+ <title>Customising Packages</title>
 
-<title>Customising Packages</title>
+ <para>
+  Some packages in Nixpkgs have options to enable or disable optional
+  functionality or change other aspects of the package. For instance, the
+  Firefox wrapper package (which provides Firefox with a set of plugins such as
+  the Adobe Flash player) has an option to enable the Google Talk plugin. It
+  can be set in <filename>configuration.nix</filename> as follows: <filename>
+  nixpkgs.config.firefox.enableGoogleTalkPlugin = true; </filename>
+ </para>
 
-<para>Some packages in Nixpkgs have options to enable or disable
-optional functionality or change other aspects of the package.  For
-instance, the Firefox wrapper package (which provides Firefox with a
-set of plugins such as the Adobe Flash player) has an option to enable
-the Google Talk plugin.  It can be set in
-<filename>configuration.nix</filename> as follows:
-
-<filename>
-nixpkgs.config.firefox.enableGoogleTalkPlugin = true;
-</filename>
-</para>
-
-<warning><para>Unfortunately, Nixpkgs currently lacks a way to query
-available configuration options.</para></warning>
-
-<para>Apart from high-level options, it’s possible to tweak a package
-in almost arbitrary ways, such as changing or disabling dependencies
-of a package.  For instance, the Emacs package in Nixpkgs by default
-has a dependency on GTK+ 2.  If you want to build it against GTK+ 3,
-you can specify that as follows:
+ <warning>
+  <para>
+   Unfortunately, Nixpkgs currently lacks a way to query available
+   configuration options.
+  </para>
+ </warning>
 
+ <para>
+  Apart from high-level options, it’s possible to tweak a package in almost
+  arbitrary ways, such as changing or disabling dependencies of a package. For
+  instance, the Emacs package in Nixpkgs by default has a dependency on GTK+ 2.
+  If you want to build it against GTK+ 3, you can specify that as follows:
 <programlisting>
 <xref linkend="opt-environment.systemPackages"/> = [ (pkgs.emacs.override { gtk = pkgs.gtk3; }) ];
 </programlisting>
+  The function <varname>override</varname> performs the call to the Nix
+  function that produces Emacs, with the original arguments amended by the set
+  of arguments specified by you. So here the function argument
+  <varname>gtk</varname> gets the value <literal>pkgs.gtk3</literal>, causing
+  Emacs to depend on GTK+ 3. (The parentheses are necessary because in Nix,
+  function application binds more weakly than list construction, so without
+  them, <xref linkend="opt-environment.systemPackages"/> would be a list with
+  two elements.)
+ </para>
 
-The function <varname>override</varname> performs the call to the Nix
-function that produces Emacs, with the original arguments amended by
-the set of arguments specified by you.  So here the function argument
-<varname>gtk</varname> gets the value <literal>pkgs.gtk3</literal>,
-causing Emacs to depend on GTK+ 3.  (The parentheses are necessary
-because in Nix, function application binds more weakly than list
-construction, so without them,
-<xref linkend="opt-environment.systemPackages"/> would be a list with two
-elements.)</para>
-
-<para>Even greater customisation is possible using the function
-<varname>overrideAttrs</varname>.  While the
-<varname>override</varname> mechanism above overrides the arguments of
-a package function, <varname>overrideAttrs</varname> allows
-changing the <emphasis>attributes</emphasis> passed to <literal>mkDerivation</literal>.
-This permits changing any aspect of the package, such as the source code.
-For instance, if you want to override the source code of Emacs, you
-can say:
-
+ <para>
+  Even greater customisation is possible using the function
+  <varname>overrideAttrs</varname>. While the <varname>override</varname>
+  mechanism above overrides the arguments of a package function,
+  <varname>overrideAttrs</varname> allows changing the
+  <emphasis>attributes</emphasis> passed to <literal>mkDerivation</literal>.
+  This permits changing any aspect of the package, such as the source code. For
+  instance, if you want to override the source code of Emacs, you can say:
 <programlisting>
 <xref linkend="opt-environment.systemPackages"/> = [
   (pkgs.emacs.overrideAttrs (oldAttrs: {
@@ -58,36 +55,32 @@ can say:
   }))
 ];
 </programlisting>
+  Here, <varname>overrideAttrs</varname> takes the Nix derivation specified by
+  <varname>pkgs.emacs</varname> and produces a new derivation in which the
+  original’s <literal>name</literal> and <literal>src</literal> attribute
+  have been replaced by the given values by re-calling
+  <literal>stdenv.mkDerivation</literal>. The original attributes are
+  accessible via the function argument, which is conventionally named
+  <varname>oldAttrs</varname>.
+ </para>
 
-Here, <varname>overrideAttrs</varname> takes the Nix derivation
-specified by <varname>pkgs.emacs</varname> and produces a new
-derivation in which the original’s <literal>name</literal> and
-<literal>src</literal> attribute have been replaced by the given
-values by re-calling <literal>stdenv.mkDerivation</literal>.
-The original attributes are accessible via the function argument,
-which is conventionally named <varname>oldAttrs</varname>.</para>
-
-<para>The overrides shown above are not global.  They do not affect
-the original package; other packages in Nixpkgs continue to depend on
-the original rather than the customised package.  This means that if
-another package in your system depends on the original package, you
-end up with two instances of the package.  If you want to have
-everything depend on your customised instance, you can apply a
-<emphasis>global</emphasis> override as follows:
-
+ <para>
+  The overrides shown above are not global. They do not affect the original
+  package; other packages in Nixpkgs continue to depend on the original rather
+  than the customised package. This means that if another package in your
+  system depends on the original package, you end up with two instances of the
+  package. If you want to have everything depend on your customised instance,
+  you can apply a <emphasis>global</emphasis> override as follows:
 <screen>
 nixpkgs.config.packageOverrides = pkgs:
   { emacs = pkgs.emacs.override { gtk = pkgs.gtk3; };
   };
 </screen>
-
-The effect of this definition is essentially equivalent to modifying
-the <literal>emacs</literal> attribute in the Nixpkgs source tree.
-Any package in Nixpkgs that depends on <literal>emacs</literal> will
-be passed your customised instance.  (However, the value
-<literal>pkgs.emacs</literal> in
-<varname>nixpkgs.config.packageOverrides</varname> refers to the
-original rather than overridden instance, to prevent an infinite
-recursion.)</para>
-
+  The effect of this definition is essentially equivalent to modifying the
+  <literal>emacs</literal> attribute in the Nixpkgs source tree. Any package in
+  Nixpkgs that depends on <literal>emacs</literal> will be passed your
+  customised instance. (However, the value <literal>pkgs.emacs</literal> in
+  <varname>nixpkgs.config.packageOverrides</varname> refers to the original
+  rather than overridden instance, to prevent an infinite recursion.)
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/declarative-packages.xml b/nixos/doc/manual/configuration/declarative-packages.xml
index 4c875e6f037..be9884fe9dc 100644
--- a/nixos/doc/manual/configuration/declarative-packages.xml
+++ b/nixos/doc/manual/configuration/declarative-packages.xml
@@ -3,41 +3,41 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-declarative-package-mgmt">
-
-<title>Declarative Package Management</title>
-
-<para>With declarative package management, you specify which packages
-you want on your system by setting the option
-<xref linkend="opt-environment.systemPackages"/>.  For instance, adding the
-following line to <filename>configuration.nix</filename> enables the
-Mozilla Thunderbird email application:
-
+ <title>Declarative Package Management</title>
+
+ <para>
+  With declarative package management, you specify which packages you want on
+  your system by setting the option
+  <xref linkend="opt-environment.systemPackages"/>. For instance, adding the
+  following line to <filename>configuration.nix</filename> enables the Mozilla
+  Thunderbird email application:
 <programlisting>
 <xref linkend="opt-environment.systemPackages"/> = [ pkgs.thunderbird ];
 </programlisting>
+  The effect of this specification is that the Thunderbird package from Nixpkgs
+  will be built or downloaded as part of the system when you run
+  <command>nixos-rebuild switch</command>.
+ </para>
 
-The effect of this specification is that the Thunderbird package from
-Nixpkgs will be built or downloaded as part of the system when you run
-<command>nixos-rebuild switch</command>.</para>
-
-<para>You can get a list of the available packages as follows:
+ <para>
+  You can get a list of the available packages as follows:
 <screen>
 $ nix-env -qaP '*' --description
 nixos.firefox   firefox-23.0   Mozilla Firefox - the browser, reloaded
 <replaceable>...</replaceable>
 </screen>
+  The first column in the output is the <emphasis>attribute name</emphasis>,
+  such as <literal>nixos.thunderbird</literal>. (The <literal>nixos</literal>
+  prefix allows distinguishing between different channels that you might have.)
+ </para>
 
-The first column in the output is the <emphasis>attribute
-name</emphasis>, such as
-<literal>nixos.thunderbird</literal>. (The
-<literal>nixos</literal> prefix allows distinguishing between
-different channels that you might have.)</para>
-
-<para>To “uninstall” a package, simply remove it from
-<xref linkend="opt-environment.systemPackages"/> and run
-<command>nixos-rebuild switch</command>.</para>
+ <para>
+  To “uninstall” a package, simply remove it from
+  <xref linkend="opt-environment.systemPackages"/> and run
+  <command>nixos-rebuild switch</command>.
+ </para>
 
-<xi:include href="customizing-packages.xml" />
-<xi:include href="adding-custom-packages.xml" />
+ <xi:include href="customizing-packages.xml" />
 
+ <xi:include href="adding-custom-packages.xml" />
 </section>
diff --git a/nixos/doc/manual/configuration/file-systems.xml b/nixos/doc/manual/configuration/file-systems.xml
index 0ff37c38d8b..e4c03de71b7 100644
--- a/nixos/doc/manual/configuration/file-systems.xml
+++ b/nixos/doc/manual/configuration/file-systems.xml
@@ -3,44 +3,44 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="ch-file-systems">
-
-<title>File Systems</title>
-
-<para>You can define file systems using the
-<option>fileSystems</option> configuration option.  For instance, the
-following definition causes NixOS to mount the Ext4 file system on
-device <filename>/dev/disk/by-label/data</filename> onto the mount
-point <filename>/data</filename>:
-
+ <title>File Systems</title>
+ <para>
+  You can define file systems using the <option>fileSystems</option>
+  configuration option. For instance, the following definition causes NixOS to
+  mount the Ext4 file system on device
+  <filename>/dev/disk/by-label/data</filename> onto the mount point
+  <filename>/data</filename>:
 <programlisting>
 <xref linkend="opt-fileSystems"/>."/data" =
   { device = "/dev/disk/by-label/data";
     fsType = "ext4";
   };
 </programlisting>
-
-Mount points are created automatically if they don’t already exist.
-For <option><link linkend="opt-fileSystems._name__.device">device</link></option>, it’s best to use the topology-independent
-device aliases in <filename>/dev/disk/by-label</filename> and
-<filename>/dev/disk/by-uuid</filename>, as these don’t change if the
-topology changes (e.g. if a disk is moved to another IDE
-controller).</para>
-
-<para>You can usually omit the file system type
-(<option><link linkend="opt-fileSystems._name__.fsType">fsType</link></option>), since <command>mount</command> can usually
-detect the type and load the necessary kernel module automatically.
-However, if the file system is needed at early boot (in the initial
-ramdisk) and is not <literal>ext2</literal>, <literal>ext3</literal>
-or <literal>ext4</literal>, then it’s best to specify
-<option>fsType</option> to ensure that the kernel module is
-available.</para>
-
-<note><para>System startup will fail if any of the filesystems fails to mount,
-dropping you to the emergency shell.
-You can make a mount asynchronous and non-critical by adding
-<literal><link linkend="opt-fileSystems._name__.options">options</link> = [ "nofail" ];</literal>.
-</para></note>
-
-<xi:include href="luks-file-systems.xml" />
-
+  Mount points are created automatically if they don’t already exist. For
+  <option><link linkend="opt-fileSystems._name__.device">device</link></option>,
+  it’s best to use the topology-independent device aliases in
+  <filename>/dev/disk/by-label</filename> and
+  <filename>/dev/disk/by-uuid</filename>, as these don’t change if the
+  topology changes (e.g. if a disk is moved to another IDE controller).
+ </para>
+ <para>
+  You can usually omit the file system type
+  (<option><link linkend="opt-fileSystems._name__.fsType">fsType</link></option>),
+  since <command>mount</command> can usually detect the type and load the
+  necessary kernel module automatically. However, if the file system is needed
+  at early boot (in the initial ramdisk) and is not <literal>ext2</literal>,
+  <literal>ext3</literal> or <literal>ext4</literal>, then it’s best to
+  specify <option>fsType</option> to ensure that the kernel module is
+  available.
+ </para>
+ <note>
+  <para>
+   System startup will fail if any of the filesystems fails to mount, dropping
+   you to the emergency shell. You can make a mount asynchronous and
+   non-critical by adding
+   <literal><link linkend="opt-fileSystems._name__.options">options</link> = [
+   "nofail" ];</literal>.
+  </para>
+ </note>
+ <xi:include href="luks-file-systems.xml" />
 </chapter>
diff --git a/nixos/doc/manual/configuration/firewall.xml b/nixos/doc/manual/configuration/firewall.xml
index ecc21a3bdf5..b66adcedce6 100644
--- a/nixos/doc/manual/configuration/firewall.xml
+++ b/nixos/doc/manual/configuration/firewall.xml
@@ -3,49 +3,44 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-firewall">
+ <title>Firewall</title>
 
-<title>Firewall</title>
-
-<para>NixOS has a simple stateful firewall that blocks incoming
-connections and other unexpected packets.  The firewall applies to
-both IPv4 and IPv6 traffic. It is enabled by default. It can be
-disabled as follows:
-
+ <para>
+  NixOS has a simple stateful firewall that blocks incoming connections and
+  other unexpected packets. The firewall applies to both IPv4 and IPv6 traffic.
+  It is enabled by default. It can be disabled as follows:
 <programlisting>
 <xref linkend="opt-networking.firewall.enable"/> = false;
 </programlisting>
-
-If the firewall is enabled, you can open specific TCP ports to the
-outside world:
-
+  If the firewall is enabled, you can open specific TCP ports to the outside
+  world:
 <programlisting>
 <xref linkend="opt-networking.firewall.allowedTCPPorts"/> = [ 80 443 ];
 </programlisting>
-
-Note that TCP port 22 (ssh) is opened automatically if the SSH daemon
-is enabled (<option><xref linkend="opt-services.openssh.enable"/> = true</option>). UDP
-ports can be opened through
-<xref linkend="opt-networking.firewall.allowedUDPPorts"/>.</para>
-
-<para>To open ranges of TCP ports:
-
+  Note that TCP port 22 (ssh) is opened automatically if the SSH daemon is
+  enabled (<option><xref linkend="opt-services.openssh.enable"/> =
+  true</option>). UDP ports can be opened through
+  <xref linkend="opt-networking.firewall.allowedUDPPorts"/>.
+ </para>
+
+ <para>
+  To open ranges of TCP ports:
 <programlisting>
 <xref linkend="opt-networking.firewall.allowedTCPPortRanges"/> = [
   { from = 4000; to = 4007; }
   { from = 8000; to = 8010; }
 ];
 </programlisting>
+  Similarly, UDP port ranges can be opened through
+  <xref linkend="opt-networking.firewall.allowedUDPPortRanges"/>.
+ </para>
 
-Similarly, UDP port ranges can be opened through
-<xref linkend="opt-networking.firewall.allowedUDPPortRanges"/>.</para>
-
-<para>Also of interest is
-
+ <para>
+  Also of interest is
 <programlisting>
 <xref linkend="opt-networking.firewall.allowPing"/> = true;
 </programlisting>
-
-to allow the machine to respond to ping requests.  (ICMPv6 pings are
-always allowed.)</para>
-
+  to allow the machine to respond to ping requests. (ICMPv6 pings are always
+  allowed.)
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/ipv4-config.xml b/nixos/doc/manual/configuration/ipv4-config.xml
index fbc9695c601..71ddf41491b 100644
--- a/nixos/doc/manual/configuration/ipv4-config.xml
+++ b/nixos/doc/manual/configuration/ipv4-config.xml
@@ -3,45 +3,41 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-ipv4">
+ <title>IPv4 Configuration</title>
 
-<title>IPv4 Configuration</title>
-
-<para>By default, NixOS uses DHCP (specifically,
-<command>dhcpcd</command>) to automatically configure network
-interfaces.  However, you can configure an interface manually as
-follows:
-
+ <para>
+  By default, NixOS uses DHCP (specifically, <command>dhcpcd</command>) to
+  automatically configure network interfaces. However, you can configure an
+  interface manually as follows:
 <programlisting>
 <link linkend="opt-networking.interfaces._name__.ipv4.addresses">networking.interfaces.eth0.ipv4.addresses</link> = [ {
   address = "192.168.1.2";
   prefixLength = 24;
 } ];
 </programlisting>
-
-Typically you’ll also want to set a default gateway and set of name
-servers:
-
+  Typically you’ll also want to set a default gateway and set of name
+  servers:
 <programlisting>
 <xref linkend="opt-networking.defaultGateway"/> = "192.168.1.1";
 <xref linkend="opt-networking.nameservers"/> = [ "8.8.8.8" ];
 </programlisting>
-
-</para>
-
-<note><para>Statically configured interfaces are set up by the systemd
-service
-<replaceable>interface-name</replaceable><literal>-cfg.service</literal>.
-The default gateway and name server configuration is performed by
-<literal>network-setup.service</literal>.</para></note>
-
-<para>The host name is set using <xref linkend="opt-networking.hostName"/>:
-
+ </para>
+
+ <note>
+  <para>
+   Statically configured interfaces are set up by the systemd service
+   <replaceable>interface-name</replaceable><literal>-cfg.service</literal>.
+   The default gateway and name server configuration is performed by
+   <literal>network-setup.service</literal>.
+  </para>
+ </note>
+
+ <para>
+  The host name is set using <xref linkend="opt-networking.hostName"/>:
 <programlisting>
 <xref linkend="opt-networking.hostName"/> = "cartman";
 </programlisting>
-
-The default host name is <literal>nixos</literal>.  Set it to the
-empty string (<literal>""</literal>) to allow the DHCP server to
-provide the host name.</para>
-
+  The default host name is <literal>nixos</literal>. Set it to the empty string
+  (<literal>""</literal>) to allow the DHCP server to provide the host name.
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/ipv6-config.xml b/nixos/doc/manual/configuration/ipv6-config.xml
index e8960dc8930..e9ab7cce4eb 100644
--- a/nixos/doc/manual/configuration/ipv6-config.xml
+++ b/nixos/doc/manual/configuration/ipv6-config.xml
@@ -3,47 +3,48 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-ipv6">
+ <title>IPv6 Configuration</title>
 
-<title>IPv6 Configuration</title>
-
-<para>IPv6 is enabled by default.  Stateless address autoconfiguration
-is used to automatically assign IPv6 addresses to all interfaces.  You
-can disable IPv6 support globally by setting:
-
+ <para>
+  IPv6 is enabled by default. Stateless address autoconfiguration is used to
+  automatically assign IPv6 addresses to all interfaces. You can disable IPv6
+  support globally by setting:
 <programlisting>
 <xref linkend="opt-networking.enableIPv6"/> = false;
-</programlisting></para>
-
-<para>You can disable IPv6 on a single interface using a normal sysctl (in this
-example, we use interface <varname>eth0</varname>):
+</programlisting>
+ </para>
 
+ <para>
+  You can disable IPv6 on a single interface using a normal sysctl (in this
+  example, we use interface <varname>eth0</varname>):
 <programlisting>
 <xref linkend="opt-boot.kernel.sysctl"/>."net.ipv6.conf.eth0.disable_ipv6" = true;
 </programlisting>
-</para>
-
-<para>As with IPv4 networking interfaces are automatically configured via
-DHCPv6. You can configure an interface manually:
+ </para>
 
+ <para>
+  As with IPv4 networking interfaces are automatically configured via DHCPv6.
+  You can configure an interface manually:
 <programlisting>
 <link linkend="opt-networking.interfaces._name__.ipv6.addresses">networking.interfaces.eth0.ipv6.addresses</link> = [ {
   address = "fe00:aa:bb:cc::2";
   prefixLength = 64;
 } ];
 </programlisting>
-</para>
-
-<para>For configuring a gateway, optionally with explicitly specified interface:
+ </para>
 
+ <para>
+  For configuring a gateway, optionally with explicitly specified interface:
 <programlisting>
 <xref linkend="opt-networking.defaultGateway6"/> = {
   address = "fe00::1";
   interface = "enp0s3";
 }
 </programlisting>
-</para>
-
-<para>See <xref linkend='sec-ipv4' /> for similar examples and additional information.
-</para>
+ </para>
 
+ <para>
+  See <xref linkend='sec-ipv4' /> for similar examples and additional
+  information.
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/linux-kernel.xml b/nixos/doc/manual/configuration/linux-kernel.xml
index b9325629256..0990e9d932b 100644
--- a/nixos/doc/manual/configuration/linux-kernel.xml
+++ b/nixos/doc/manual/configuration/linux-kernel.xml
@@ -3,29 +3,29 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-kernel-config">
-
-<title>Linux Kernel</title>
-
-<para>You can override the Linux kernel and associated packages using
-the option <option>boot.kernelPackages</option>.  For instance, this
-selects the Linux 3.10 kernel:
+ <title>Linux Kernel</title>
+ <para>
+  You can override the Linux kernel and associated packages using the option
+  <option>boot.kernelPackages</option>. For instance, this selects the Linux
+  3.10 kernel:
 <programlisting>
 <xref linkend="opt-boot.kernelPackages"/> = pkgs.linuxPackages_3_10;
 </programlisting>
-Note that this not only replaces the kernel, but also packages that
-are specific to the kernel version, such as the NVIDIA video drivers.
-This ensures that driver packages are consistent with the
-kernel.</para>
-
-<para>The default Linux kernel configuration should be fine for most users. You can see the configuration of your current kernel with the following command:
+  Note that this not only replaces the kernel, but also packages that are
+  specific to the kernel version, such as the NVIDIA video drivers. This
+  ensures that driver packages are consistent with the kernel.
+ </para>
+ <para>
+  The default Linux kernel configuration should be fine for most users. You can
+  see the configuration of your current kernel with the following command:
 <programlisting>
 zcat /proc/config.gz
 </programlisting>
-If you want to change the kernel configuration, you can use the
-<option>packageOverrides</option> feature (see <xref
-linkend="sec-customising-packages" />).  For instance, to enable
-support for the kernel debugger KGDB:
-
+  If you want to change the kernel configuration, you can use the
+  <option>packageOverrides</option> feature (see
+  <xref
+linkend="sec-customising-packages" />). For instance, to enable support
+  for the kernel debugger KGDB:
 <programlisting>
 nixpkgs.config.packageOverrides = pkgs:
   { linux_3_4 = pkgs.linux_3_4.override {
@@ -36,47 +36,46 @@ nixpkgs.config.packageOverrides = pkgs:
     };
   };
 </programlisting>
-
-<varname>extraConfig</varname> takes a list of Linux kernel
-configuration options, one per line.  The name of the option should
-not include the prefix <literal>CONFIG_</literal>.  The option value
-is typically <literal>y</literal>, <literal>n</literal> or
-<literal>m</literal> (to build something as a kernel module).</para>
-
-<para>Kernel modules for hardware devices are generally loaded
-automatically by <command>udev</command>.  You can force a module to
-be loaded via <xref linkend="opt-boot.kernelModules"/>, e.g.
+  <varname>extraConfig</varname> takes a list of Linux kernel configuration
+  options, one per line. The name of the option should not include the prefix
+  <literal>CONFIG_</literal>. The option value is typically
+  <literal>y</literal>, <literal>n</literal> or <literal>m</literal> (to build
+  something as a kernel module).
+ </para>
+ <para>
+  Kernel modules for hardware devices are generally loaded automatically by
+  <command>udev</command>. You can force a module to be loaded via
+  <xref linkend="opt-boot.kernelModules"/>, e.g.
 <programlisting>
 <xref linkend="opt-boot.kernelModules"/> = [ "fuse" "kvm-intel" "coretemp" ];
 </programlisting>
-If the module is required early during the boot (e.g. to mount the
-root file system), you can use
-<xref linkend="opt-boot.initrd.extraKernelModules"/>:
+  If the module is required early during the boot (e.g. to mount the root file
+  system), you can use <xref linkend="opt-boot.initrd.extraKernelModules"/>:
 <programlisting>
 <xref linkend="opt-boot.initrd.extraKernelModules"/> = [ "cifs" ];
 </programlisting>
-This causes the specified modules and their dependencies to be added
-to the initial ramdisk.</para>
-
-<para>Kernel runtime parameters can be set through
-<xref linkend="opt-boot.kernel.sysctl"/>, e.g.
+  This causes the specified modules and their dependencies to be added to the
+  initial ramdisk.
+ </para>
+ <para>
+  Kernel runtime parameters can be set through
+  <xref linkend="opt-boot.kernel.sysctl"/>, e.g.
 <programlisting>
 <xref linkend="opt-boot.kernel.sysctl"/>."net.ipv4.tcp_keepalive_time" = 120;
 </programlisting>
-sets the kernel’s TCP keepalive time to 120 seconds.  To see the
-available parameters, run <command>sysctl -a</command>.</para>
-
-<section>
+  sets the kernel’s TCP keepalive time to 120 seconds. To see the available
+  parameters, run <command>sysctl -a</command>.
+ </para>
+ <section>
   <title>Developing kernel modules</title>
 
-  <para>When developing kernel modules it's often convenient to run
-  edit-compile-run loop as quickly as possible.
-
-  See below snippet as an example of developing <literal>mellanox</literal>
-  drivers.
+  <para>
+   When developing kernel modules it's often convenient to run edit-compile-run
+   loop as quickly as possible. See below snippet as an example of developing
+   <literal>mellanox</literal> drivers.
   </para>
 
-  <screen><![CDATA[
+<screen><![CDATA[
 $ nix-build '<nixpkgs>' -A linuxPackages.kernel.dev
 $ nix-shell '<nixpkgs>' -A linuxPackages.kernel
 $ unpackPhase
@@ -84,7 +83,5 @@ $ cd linux-*
 $ make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules
 # insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko
 ]]></screen>
-
-</section>
-
+ </section>
 </chapter>
diff --git a/nixos/doc/manual/configuration/luks-file-systems.xml b/nixos/doc/manual/configuration/luks-file-systems.xml
index 6c2b4cc60b5..8a2b107e0ee 100644
--- a/nixos/doc/manual/configuration/luks-file-systems.xml
+++ b/nixos/doc/manual/configuration/luks-file-systems.xml
@@ -3,14 +3,13 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-luks-file-systems">
+ <title>LUKS-Encrypted File Systems</title>
 
-<title>LUKS-Encrypted File Systems</title>
-
-<para>NixOS supports file systems that are encrypted using
-<emphasis>LUKS</emphasis> (Linux Unified Key Setup).  For example,
-here is how you create an encrypted Ext4 file system on the device
-<filename>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</filename>:
-
+ <para>
+  NixOS supports file systems that are encrypted using
+  <emphasis>LUKS</emphasis> (Linux Unified Key Setup). For example, here is how
+  you create an encrypted Ext4 file system on the device
+  <filename>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</filename>:
 <screen>
 # cryptsetup luksFormat /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d
 
@@ -27,20 +26,15 @@ Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: ***
 
 # mkfs.ext4 /dev/mapper/crypted
 </screen>
-
-To ensure that this file system is automatically mounted at boot time
-as <filename>/</filename>, add the following to
-<filename>configuration.nix</filename>:
-
+  To ensure that this file system is automatically mounted at boot time as
+  <filename>/</filename>, add the following to
+  <filename>configuration.nix</filename>:
 <programlisting>
 <link linkend="opt-boot.initrd.luks.devices._name__.device">boot.initrd.luks.devices.crypted.device</link> = "/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d";
 <xref linkend="opt-fileSystems"/>."/".device = "/dev/mapper/crypted";
 </programlisting>
-
-Should grub be used as bootloader, and <filename>/boot</filename> is located
-on an encrypted partition, it is necessary to add the following grub option:
+  Should grub be used as bootloader, and <filename>/boot</filename> is located
+  on an encrypted partition, it is necessary to add the following grub option:
 <programlisting><xref linkend="opt-boot.loader.grub.enableCryptodisk"/> = true;</programlisting>
-
-</para>
-
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/modularity.xml b/nixos/doc/manual/configuration/modularity.xml
index 2f76459a24e..3ff96f719ec 100644
--- a/nixos/doc/manual/configuration/modularity.xml
+++ b/nixos/doc/manual/configuration/modularity.xml
@@ -3,21 +3,21 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-modularity">
-
-<title>Modularity</title>
-
-<para>The NixOS configuration mechanism is modular.  If your
-<filename>configuration.nix</filename> becomes too big, you can split
-it into multiple files.  Likewise, if you have multiple NixOS
-configurations (e.g. for different computers) with some commonality,
-you can move the common configuration into a shared file.</para>
-
-<para>Modules have exactly the same syntax as
-<filename>configuration.nix</filename>.  In fact,
-<filename>configuration.nix</filename> is itself a module.  You can
-use other modules by including them from
-<filename>configuration.nix</filename>, e.g.:
-
+ <title>Modularity</title>
+
+ <para>
+  The NixOS configuration mechanism is modular. If your
+  <filename>configuration.nix</filename> becomes too big, you can split it into
+  multiple files. Likewise, if you have multiple NixOS configurations (e.g. for
+  different computers) with some commonality, you can move the common
+  configuration into a shared file.
+ </para>
+
+ <para>
+  Modules have exactly the same syntax as
+  <filename>configuration.nix</filename>. In fact,
+  <filename>configuration.nix</filename> is itself a module. You can use other
+  modules by including them from <filename>configuration.nix</filename>, e.g.:
 <programlisting>
 { config, pkgs, ... }:
 
@@ -27,11 +27,9 @@ use other modules by including them from
   <replaceable>...</replaceable>
 }
 </programlisting>
-
-Here, we include two modules from the same directory,
-<filename>vpn.nix</filename> and <filename>kde.nix</filename>.  The
-latter might look like this:
-
+  Here, we include two modules from the same directory,
+  <filename>vpn.nix</filename> and <filename>kde.nix</filename>. The latter
+  might look like this:
 <programlisting>
 { config, pkgs, ... }:
 
@@ -40,59 +38,55 @@ latter might look like this:
   <xref linkend="opt-services.xserver.desktopManager.plasma5.enable"/> = true;
 }
 </programlisting>
-
-Note that both <filename>configuration.nix</filename> and
-<filename>kde.nix</filename> define the option
-<xref linkend="opt-environment.systemPackages"/>.  When multiple modules
-define an option, NixOS will try to <emphasis>merge</emphasis> the
-definitions.  In the case of
-<xref linkend="opt-environment.systemPackages"/>, that’s easy: the lists of
-packages can simply be concatenated.  The value in
-<filename>configuration.nix</filename> is merged last, so for
-list-type options, it will appear at the end of the merged list. If
-you want it to appear first, you can use <varname>mkBefore</varname>:
-
+  Note that both <filename>configuration.nix</filename> and
+  <filename>kde.nix</filename> define the option
+  <xref linkend="opt-environment.systemPackages"/>. When multiple modules
+  define an option, NixOS will try to <emphasis>merge</emphasis> the
+  definitions. In the case of <xref linkend="opt-environment.systemPackages"/>,
+  that’s easy: the lists of packages can simply be concatenated. The value in
+  <filename>configuration.nix</filename> is merged last, so for list-type
+  options, it will appear at the end of the merged list. If you want it to
+  appear first, you can use <varname>mkBefore</varname>:
 <programlisting>
 <xref linkend="opt-boot.kernelModules"/> = mkBefore [ "kvm-intel" ];
 </programlisting>
-
-This causes the <literal>kvm-intel</literal> kernel module to be
-loaded before any other kernel modules.</para>
-
-<para>For other types of options, a merge may not be possible. For
-instance, if two modules define
-<xref linkend="opt-services.httpd.adminAddr"/>,
-<command>nixos-rebuild</command> will give an error:
-
+  This causes the <literal>kvm-intel</literal> kernel module to be loaded
+  before any other kernel modules.
+ </para>
+
+ <para>
+  For other types of options, a merge may not be possible. For instance, if two
+  modules define <xref linkend="opt-services.httpd.adminAddr"/>,
+  <command>nixos-rebuild</command> will give an error:
 <screen>
 The unique option `services.httpd.adminAddr' is defined multiple times, in `/etc/nixos/httpd.nix' and `/etc/nixos/configuration.nix'.
 </screen>
-
-When that happens, it’s possible to force one definition take
-precedence over the others:
-
+  When that happens, it’s possible to force one definition take precedence
+  over the others:
 <programlisting>
 <xref linkend="opt-services.httpd.adminAddr"/> = pkgs.lib.mkForce "bob@example.org";
 </programlisting>
-
-</para>
-
-<para>When using multiple modules, you may need to access
-configuration values defined in other modules.  This is what the
-<varname>config</varname> function argument is for: it contains the
-complete, merged system configuration.  That is,
-<varname>config</varname> is the result of combining the
-configurations returned by every module<footnote><para>If you’re
-wondering how it’s possible that the (indirect)
-<emphasis>result</emphasis> of a function is passed as an
-<emphasis>input</emphasis> to that same function: that’s because Nix
-is a “lazy” language — it only computes values when they are needed.
-This works as long as no individual configuration value depends on
-itself.</para></footnote>.  For example, here is a module that adds
-some packages to <xref linkend="opt-environment.systemPackages"/> only if
-<xref linkend="opt-services.xserver.enable"/> is set to
-<literal>true</literal> somewhere else:
-
+ </para>
+
+ <para>
+  When using multiple modules, you may need to access configuration values
+  defined in other modules. This is what the <varname>config</varname> function
+  argument is for: it contains the complete, merged system configuration. That
+  is, <varname>config</varname> is the result of combining the configurations
+  returned by every module
+  <footnote>
+   <para>
+    If you’re wondering how it’s possible that the (indirect)
+    <emphasis>result</emphasis> of a function is passed as an
+    <emphasis>input</emphasis> to that same function: that’s because Nix is a
+    “lazy” language — it only computes values when they are needed. This
+    works as long as no individual configuration value depends on itself.
+   </para>
+  </footnote>
+  . For example, here is a module that adds some packages to
+  <xref linkend="opt-environment.systemPackages"/> only if
+  <xref linkend="opt-services.xserver.enable"/> is set to
+  <literal>true</literal> somewhere else:
 <programlisting>
 { config, pkgs, ... }:
 
@@ -105,13 +99,12 @@ some packages to <xref linkend="opt-environment.systemPackages"/> only if
       [ ];
 }
 </programlisting>
+ </para>
 
-</para>
-
-<para>With multiple modules, it may not be obvious what the final
-value of a configuration option is.  The command
-<option>nixos-option</option> allows you to find out:
-
+ <para>
+  With multiple modules, it may not be obvious what the final value of a
+  configuration option is. The command <option>nixos-option</option> allows you
+  to find out:
 <screen>
 $ nixos-option <xref linkend="opt-services.xserver.enable"/>
 true
@@ -119,14 +112,11 @@ true
 $ nixos-option <xref linkend="opt-boot.kernelModules"/>
 [ "tun" "ipv6" "loop" <replaceable>...</replaceable> ]
 </screen>
-
-Interactive exploration of the configuration is possible using
-<command
+  Interactive exploration of the configuration is possible using
+  <command
 xlink:href="https://github.com/edolstra/nix-repl">nix-repl</command>,
-a read-eval-print loop for Nix expressions.  It’s not installed by
-default; run <literal>nix-env -i nix-repl</literal> to get it.  A
-typical use:
-
+  a read-eval-print loop for Nix expressions. It’s not installed by default;
+  run <literal>nix-env -i nix-repl</literal> to get it. A typical use:
 <screen>
 $ nix-repl '&lt;nixpkgs/nixos>'
 
@@ -136,7 +126,5 @@ nix-repl> config.<xref linkend="opt-networking.hostName"/>
 nix-repl> map (x: x.hostName) config.<xref linkend="opt-services.httpd.virtualHosts"/>
 [ "example.org" "example.gov" ]
 </screen>
-
-</para>
-
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/network-manager.xml b/nixos/doc/manual/configuration/network-manager.xml
index bbbee3a52ed..e217a99148b 100644
--- a/nixos/doc/manual/configuration/network-manager.xml
+++ b/nixos/doc/manual/configuration/network-manager.xml
@@ -3,39 +3,42 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-networkmanager">
+ <title>NetworkManager</title>
 
-<title>NetworkManager</title>
-
-<para>To facilitate network configuration, some desktop environments
-use NetworkManager. You can enable NetworkManager by setting:
-
+ <para>
+  To facilitate network configuration, some desktop environments use
+  NetworkManager. You can enable NetworkManager by setting:
 <programlisting>
 <xref linkend="opt-networking.networkmanager.enable"/> = true;
 </programlisting>
+  some desktop managers (e.g., GNOME) enable NetworkManager automatically for
+  you.
+ </para>
 
-some desktop managers (e.g., GNOME) enable NetworkManager
-automatically for you.</para>
-
-<para>All users that should have permission to change network settings must
-belong to the <code>networkmanager</code> group:
-
+ <para>
+  All users that should have permission to change network settings must belong
+  to the <code>networkmanager</code> group:
 <programlisting>
 <link linkend="opt-users.users._name__.extraGroups">users.extraUsers.youruser.extraGroups</link> = [ "networkmanager" ];
 </programlisting>
-</para>
-
-<para>NetworkManager is controlled using either <command>nmcli</command> or
-<command>nmtui</command> (curses-based terminal user interface). See their
-manual pages for details on their usage. Some desktop environments (GNOME, KDE)
-have their own configuration tools for NetworkManager. On XFCE, there is no
-configuration tool for NetworkManager by default: by adding
-<code>networkmanagerapplet</code> to the list of system packages, the graphical
-applet will be installed and will launch automatically when XFCE is starting
-(and will show in the status tray).</para>
-
-<note><para><code>networking.networkmanager</code> and
-<code>networking.wireless</code> (WPA Supplicant) cannot be enabled at the same
-time: you can still connect to the wireless networks using
-NetworkManager.</para></note>
-
+ </para>
+
+ <para>
+  NetworkManager is controlled using either <command>nmcli</command> or
+  <command>nmtui</command> (curses-based terminal user interface). See their
+  manual pages for details on their usage. Some desktop environments (GNOME,
+  KDE) have their own configuration tools for NetworkManager. On XFCE, there is
+  no configuration tool for NetworkManager by default: by adding
+  <code>networkmanagerapplet</code> to the list of system packages, the
+  graphical applet will be installed and will launch automatically when XFCE is
+  starting (and will show in the status tray).
+ </para>
+
+ <note>
+  <para>
+   <code>networking.networkmanager</code> and <code>networking.wireless</code>
+   (WPA Supplicant) cannot be enabled at the same time: you can still connect
+   to the wireless networks using NetworkManager.
+  </para>
+ </note>
 </section>
diff --git a/nixos/doc/manual/configuration/networking.xml b/nixos/doc/manual/configuration/networking.xml
index 5f08bc1f127..02cf811e0bd 100644
--- a/nixos/doc/manual/configuration/networking.xml
+++ b/nixos/doc/manual/configuration/networking.xml
@@ -3,20 +3,17 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-networking">
-
-<title>Networking</title>
-
-<para>This section describes how to configure networking components on
-your NixOS machine.</para>
-
-<xi:include href="network-manager.xml" />
-<xi:include href="ssh.xml" />
-<xi:include href="ipv4-config.xml" />
-<xi:include href="ipv6-config.xml" />
-<xi:include href="firewall.xml" />
-<xi:include href="wireless.xml" />
-<xi:include href="ad-hoc-network-config.xml" />
-
+ <title>Networking</title>
+ <para>
+  This section describes how to configure networking components on your NixOS
+  machine.
+ </para>
+ <xi:include href="network-manager.xml" />
+ <xi:include href="ssh.xml" />
+ <xi:include href="ipv4-config.xml" />
+ <xi:include href="ipv6-config.xml" />
+ <xi:include href="firewall.xml" />
+ <xi:include href="wireless.xml" />
+ <xi:include href="ad-hoc-network-config.xml" />
 <!-- TODO: OpenVPN, NAT -->
-
 </chapter>
diff --git a/nixos/doc/manual/configuration/package-mgmt.xml b/nixos/doc/manual/configuration/package-mgmt.xml
index 73c1722da02..e8ac5d0681a 100644
--- a/nixos/doc/manual/configuration/package-mgmt.xml
+++ b/nixos/doc/manual/configuration/package-mgmt.xml
@@ -3,32 +3,29 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-package-management">
-
-<title>Package Management</title>
-
-<para>This section describes how to add additional packages to your
-system.  NixOS has two distinct styles of package management:
-
-<itemizedlist>
-
-  <listitem><para><emphasis>Declarative</emphasis>, where you declare
-  what packages you want in your
-  <filename>configuration.nix</filename>.  Every time you run
-  <command>nixos-rebuild</command>, NixOS will ensure that you get a
-  consistent set of binaries corresponding to your
-  specification.</para></listitem>
-
-  <listitem><para><emphasis>Ad hoc</emphasis>, where you install,
-  upgrade and uninstall packages via the <command>nix-env</command>
-  command.  This style allows mixing packages from different Nixpkgs
-  versions.  It’s the only choice for non-root
-  users.</para></listitem>
-
-</itemizedlist>
-
-</para>
-
-<xi:include href="declarative-packages.xml" />
-<xi:include href="ad-hoc-packages.xml" />
-
+ <title>Package Management</title>
+ <para>
+  This section describes how to add additional packages to your system. NixOS
+  has two distinct styles of package management:
+  <itemizedlist>
+   <listitem>
+    <para>
+     <emphasis>Declarative</emphasis>, where you declare what packages you want
+     in your <filename>configuration.nix</filename>. Every time you run
+     <command>nixos-rebuild</command>, NixOS will ensure that you get a
+     consistent set of binaries corresponding to your specification.
+    </para>
+   </listitem>
+   <listitem>
+    <para>
+     <emphasis>Ad hoc</emphasis>, where you install, upgrade and uninstall
+     packages via the <command>nix-env</command> command. This style allows
+     mixing packages from different Nixpkgs versions. It’s the only choice
+     for non-root users.
+    </para>
+   </listitem>
+  </itemizedlist>
+ </para>
+ <xi:include href="declarative-packages.xml" />
+ <xi:include href="ad-hoc-packages.xml" />
 </chapter>
diff --git a/nixos/doc/manual/configuration/ssh.xml b/nixos/doc/manual/configuration/ssh.xml
index 7dbe598cffe..6e883e3fbbc 100644
--- a/nixos/doc/manual/configuration/ssh.xml
+++ b/nixos/doc/manual/configuration/ssh.xml
@@ -3,30 +3,25 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-ssh">
+ <title>Secure Shell Access</title>
 
-<title>Secure Shell Access</title>
-
-<para>Secure shell (SSH) access to your machine can be enabled by
-setting:
-
+ <para>
+  Secure shell (SSH) access to your machine can be enabled by setting:
 <programlisting>
 <xref linkend="opt-services.openssh.enable"/> = true;
 </programlisting>
-
-By default, root logins using a password are disallowed.  They can be
-disabled entirely by setting
-<xref linkend="opt-services.openssh.permitRootLogin"/> to
-<literal>"no"</literal>.</para>
-
-<para>You can declaratively specify authorised RSA/DSA public keys for
-a user as follows:
-
+  By default, root logins using a password are disallowed. They can be disabled
+  entirely by setting <xref linkend="opt-services.openssh.permitRootLogin"/> to
+  <literal>"no"</literal>.
+ </para>
+
+ <para>
+  You can declaratively specify authorised RSA/DSA public keys for a user as
+  follows:
 <!-- FIXME: this might not work if the user is unmanaged. -->
 <programlisting>
 <link linkend="opt-users.users._name__.openssh.authorizedKeys.keys">users.extraUsers.alice.openssh.authorizedKeys.keys</link> =
   [ "ssh-dss AAAAB3NzaC1kc3MAAACBAPIkGWVEt4..." ];
 </programlisting>
-
-</para>
-
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/summary.xml b/nixos/doc/manual/configuration/summary.xml
index 38032c5d9dc..ea980254a8f 100644
--- a/nixos/doc/manual/configuration/summary.xml
+++ b/nixos/doc/manual/configuration/summary.xml
@@ -3,190 +3,225 @@
     xmlns:xi="http://www.w3.org/2001/XInclude"
     version="5.0"
     xml:id="sec-nix-syntax-summary">
+ <title>Syntax Summary</title>
 
-<title>Syntax Summary</title>
-
-<para>Below is a summary of the most important syntactic constructs in
-the Nix expression language.  It’s not complete.  In particular, there
-are many other built-in functions.  See the <link
+ <para>
+  Below is a summary of the most important syntactic constructs in the Nix
+  expression language. It’s not complete. In particular, there are many other
+  built-in functions. See the
+  <link
 xlink:href="http://nixos.org/nix/manual/#chap-writing-nix-expressions">Nix
-manual</link> for the rest.</para>
+  manual</link> for the rest.
+ </para>
 
-<informaltable frame='none'>
+ <informaltable frame='none'>
   <tgroup cols='2'>
-    <colspec colname='c1' rowsep='1' colsep='1' />
-    <colspec colname='c2' rowsep='1' />
-    <thead>
-      <row>
-        <entry>Example</entry>
-        <entry>Description</entry>
-      </row>
-    </thead>
-    <tbody>
-
-      <row>
-        <entry namest="c1" nameend="c2"><emphasis>Basic values</emphasis></entry>
-      </row>
-      <row>
-        <entry><literal>"Hello world"</literal></entry>
-        <entry>A string</entry>
-      </row>
-      <row>
-        <entry><literal>"${pkgs.bash}/bin/sh"</literal></entry>
-        <entry>A string containing an expression (expands to <literal>"/nix/store/<replaceable>hash</replaceable>-bash-<replaceable>version</replaceable>/bin/sh"</literal>)</entry>
-      </row>
-      <row>
-        <entry><literal>true</literal>, <literal>false</literal></entry>
-        <entry>Booleans</entry>
-      </row>
-      <row>
-        <entry><literal>123</literal></entry>
-        <entry>An integer</entry>
-      </row>
-      <row>
-        <entry><literal>./foo.png</literal></entry>
-        <entry>A path (relative to the containing Nix expression)</entry>
-      </row>
-
-      <row>
-        <entry namest="c1" nameend="c2"><emphasis>Compound values</emphasis></entry>
-      </row>
-      <row>
-        <entry><literal>{ x = 1; y = 2; }</literal></entry>
-        <entry>A set with attributes named <literal>x</literal> and <literal>y</literal></entry>
-      </row>
-      <row>
-        <entry><literal>{ foo.bar = 1; }</literal></entry>
-        <entry>A nested set, equivalent to <literal>{ foo = { bar = 1; }; }</literal></entry>
-      </row>
-      <row>
-        <entry><literal>rec { x = "foo"; y = x + "bar"; }</literal></entry>
-        <entry>A recursive set, equivalent to <literal>{ x = "foo"; y = "foobar"; }</literal></entry>
-      </row>
-      <row>
-        <entry><literal>[ "foo" "bar" ]</literal></entry>
-        <entry>A list with two elements</entry>
-      </row>
-
-      <row>
-        <entry namest="c1" nameend="c2"><emphasis>Operators</emphasis></entry>
-      </row>
-      <row>
-        <entry><literal>"foo" + "bar"</literal></entry>
-        <entry>String concatenation</entry>
-      </row>
-      <row>
-        <entry><literal>1 + 2</literal></entry>
-        <entry>Integer addition</entry>
-      </row>
-      <row>
-        <entry><literal>"foo" == "f" + "oo"</literal></entry>
-        <entry>Equality test (evaluates to <literal>true</literal>)</entry>
-      </row>
-      <row>
-        <entry><literal>"foo" != "bar"</literal></entry>
-        <entry>Inequality test (evaluates to <literal>true</literal>)</entry>
-      </row>
-      <row>
-        <entry><literal>!true</literal></entry>
-        <entry>Boolean negation</entry>
-      </row>
-      <row>
-        <entry><literal>{ x = 1; y = 2; }.x</literal></entry>
-        <entry>Attribute selection (evaluates to <literal>1</literal>)</entry>
-      </row>
-      <row>
-        <entry><literal>{ x = 1; y = 2; }.z or 3</literal></entry>
-        <entry>Attribute selection with default (evaluates to <literal>3</literal>)</entry>
-      </row>
-      <row>
-        <entry><literal>{ x = 1; y = 2; } // { z = 3; }</literal></entry>
-        <entry>Merge two sets (attributes in the right-hand set taking precedence)</entry>
-      </row>
-
-      <row>
-        <entry namest="c1" nameend="c2"><emphasis>Control structures</emphasis></entry>
-      </row>
-      <row>
-        <entry><literal>if 1 + 1 == 2 then "yes!" else "no!"</literal></entry>
-        <entry>Conditional expression</entry>
-      </row>
-      <row>
-        <entry><literal>assert 1 + 1 == 2; "yes!"</literal></entry>
-        <entry>Assertion check (evaluates to <literal>"yes!"</literal>). See <xref
+   <colspec colname='c1' rowsep='1' colsep='1' />
+   <colspec colname='c2' rowsep='1' />
+   <thead>
+    <row>
+     <entry>Example</entry>
+     <entry>Description</entry>
+    </row>
+   </thead>
+   <tbody>
+    <row>
+     <entry namest="c1" nameend="c2"><emphasis>Basic values</emphasis>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>"Hello world"</literal>
+     </entry>
+     <entry>A string</entry>
+    </row>
+    <row>
+     <entry><literal>"${pkgs.bash}/bin/sh"</literal>
+     </entry>
+     <entry>A string containing an expression (expands to <literal>"/nix/store/<replaceable>hash</replaceable>-bash-<replaceable>version</replaceable>/bin/sh"</literal>)</entry>
+    </row>
+    <row>
+     <entry><literal>true</literal>, <literal>false</literal>
+     </entry>
+     <entry>Booleans</entry>
+    </row>
+    <row>
+     <entry><literal>123</literal>
+     </entry>
+     <entry>An integer</entry>
+    </row>
+    <row>
+     <entry><literal>./foo.png</literal>
+     </entry>
+     <entry>A path (relative to the containing Nix expression)</entry>
+    </row>
+    <row>
+     <entry namest="c1" nameend="c2"><emphasis>Compound values</emphasis>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>{ x = 1; y = 2; }</literal>
+     </entry>
+     <entry>A set with attributes named <literal>x</literal> and <literal>y</literal>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>{ foo.bar = 1; }</literal>
+     </entry>
+     <entry>A nested set, equivalent to <literal>{ foo = { bar = 1; }; }</literal>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>rec { x = "foo"; y = x + "bar"; }</literal>
+     </entry>
+     <entry>A recursive set, equivalent to <literal>{ x = "foo"; y = "foobar"; }</literal>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>[ "foo" "bar" ]</literal>
+     </entry>
+     <entry>A list with two elements</entry>
+    </row>
+    <row>
+     <entry namest="c1" nameend="c2"><emphasis>Operators</emphasis>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>"foo" + "bar"</literal>
+     </entry>
+     <entry>String concatenation</entry>
+    </row>
+    <row>
+     <entry><literal>1 + 2</literal>
+     </entry>
+     <entry>Integer addition</entry>
+    </row>
+    <row>
+     <entry><literal>"foo" == "f" + "oo"</literal>
+     </entry>
+     <entry>Equality test (evaluates to <literal>true</literal>)</entry>
+    </row>
+    <row>
+     <entry><literal>"foo" != "bar"</literal>
+     </entry>
+     <entry>Inequality test (evaluates to <literal>true</literal>)</entry>
+    </row>
+    <row>
+     <entry><literal>!true</literal>
+     </entry>
+     <entry>Boolean negation</entry>
+    </row>
+    <row>
+     <entry><literal>{ x = 1; y = 2; }.x</literal>
+     </entry>
+     <entry>Attribute selection (evaluates to <literal>1</literal>)</entry>
+    </row>
+    <row>
+     <entry><literal>{ x = 1; y = 2; }.z or 3</literal>
+     </entry>
+     <entry>Attribute selection with default (evaluates to <literal>3</literal>)</entry>
+    </row>
+    <row>
+     <entry><literal>{ x = 1; y = 2; } // { z = 3; }</literal>
+     </entry>
+     <entry>Merge two sets (attributes in the right-hand set taking precedence)</entry>
+    </row>
+    <row>
+     <entry namest="c1" nameend="c2"><emphasis>Control structures</emphasis>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>if 1 + 1 == 2 then "yes!" else "no!"</literal>
+     </entry>
+     <entry>Conditional expression</entry>
+    </row>
+    <row>
+     <entry><literal>assert 1 + 1 == 2; "yes!"</literal>
+     </entry>
+     <entry>Assertion check (evaluates to <literal>"yes!"</literal>). See <xref
     linkend="sec-assertions"/> for using assertions in modules</entry>
-      </row>
-      <row>
-        <entry><literal>let x = "foo"; y = "bar"; in x + y</literal></entry>
-        <entry>Variable definition</entry>
-      </row>
-      <row>
-        <entry><literal>with pkgs.lib; head [ 1 2 3 ]</literal></entry>
-        <entry>Add all attributes from the given set to the scope
+    </row>
+    <row>
+     <entry><literal>let x = "foo"; y = "bar"; in x + y</literal>
+     </entry>
+     <entry>Variable definition</entry>
+    </row>
+    <row>
+     <entry><literal>with pkgs.lib; head [ 1 2 3 ]</literal>
+     </entry>
+     <entry>Add all attributes from the given set to the scope
         (evaluates to <literal>1</literal>)</entry>
-      </row>
-
-      <row>
-        <entry namest="c1" nameend="c2"><emphasis>Functions (lambdas)</emphasis></entry>
-      </row>
-      <row>
-        <entry><literal>x: x + 1</literal></entry>
-        <entry>A function that expects an integer and returns it increased by 1</entry>
-      </row>
-      <row>
-        <entry><literal>(x: x + 1) 100</literal></entry>
-        <entry>A function call (evaluates to 101)</entry>
-      </row>
-      <row>
-        <entry><literal>let inc = x: x + 1; in inc (inc (inc 100))</literal></entry>
-        <entry>A function bound to a variable and subsequently called by name (evaluates to 103)</entry>
-      </row>
-      <row>
-        <entry><literal>{ x, y }: x + y</literal></entry>
-        <entry>A function that expects a set with required attributes
+    </row>
+    <row>
+     <entry namest="c1" nameend="c2"><emphasis>Functions (lambdas)</emphasis>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>x: x + 1</literal>
+     </entry>
+     <entry>A function that expects an integer and returns it increased by 1</entry>
+    </row>
+    <row>
+     <entry><literal>(x: x + 1) 100</literal>
+     </entry>
+     <entry>A function call (evaluates to 101)</entry>
+    </row>
+    <row>
+     <entry><literal>let inc = x: x + 1; in inc (inc (inc 100))</literal>
+     </entry>
+     <entry>A function bound to a variable and subsequently called by name (evaluates to 103)</entry>
+    </row>
+    <row>
+     <entry><literal>{ x, y }: x + y</literal>
+     </entry>
+     <entry>A function that expects a set with required attributes
         <literal>x</literal> and <literal>y</literal> and concatenates
         them</entry>
-      </row>
-      <row>
-        <entry><literal>{ x, y ? "bar" }: x + y</literal></entry>
-        <entry>A function that expects a set with required attribute
+    </row>
+    <row>
+     <entry><literal>{ x, y ? "bar" }: x + y</literal>
+     </entry>
+     <entry>A function that expects a set with required attribute
         <literal>x</literal> and optional <literal>y</literal>, using
         <literal>"bar"</literal> as default value for
-        <literal>y</literal></entry>
-      </row>
-      <row>
-        <entry><literal>{ x, y, ... }: x + y</literal></entry>
-        <entry>A function that expects a set with required attributes
+        <literal>y</literal>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>{ x, y, ... }: x + y</literal>
+     </entry>
+     <entry>A function that expects a set with required attributes
         <literal>x</literal> and <literal>y</literal> and ignores any
         other attributes</entry>
-      </row>
-      <row>
-        <entry><literal>{ x, y } @ args: x + y</literal></entry>
-        <entry>A function that expects a set with required attributes
+    </row>
+    <row>
+     <entry><literal>{ x, y } @ args: x + y</literal>
+     </entry>
+     <entry>A function that expects a set with required attributes
         <literal>x</literal> and <literal>y</literal>, and binds the
-        whole set to <literal>args</literal></entry>
-      </row>
-
-      <row>
-        <entry namest="c1" nameend="c2"><emphasis>Built-in functions</emphasis></entry>
-      </row>
-      <row>
-        <entry><literal>import ./foo.nix</literal></entry>
-        <entry>Load and return Nix expression in given file</entry>
-      </row>
-      <row>
-        <entry><literal>map (x: x + x) [ 1 2 3 ]</literal></entry>
-        <entry>Apply a function to every element of a list (evaluates to <literal>[ 2 4 6 ]</literal>)</entry>
-      </row>
-      <!--
+        whole set to <literal>args</literal>
+     </entry>
+    </row>
+    <row>
+     <entry namest="c1" nameend="c2"><emphasis>Built-in functions</emphasis>
+     </entry>
+    </row>
+    <row>
+     <entry><literal>import ./foo.nix</literal>
+     </entry>
+     <entry>Load and return Nix expression in given file</entry>
+    </row>
+    <row>
+     <entry><literal>map (x: x + x) [ 1 2 3 ]</literal>
+     </entry>
+     <entry>Apply a function to every element of a list (evaluates to <literal>[ 2 4 6 ]</literal>)</entry>
+    </row>
+<!--
       <row>
         <entry><literal>throw "Urgh"</literal></entry>
         <entry>Raise an error condition</entry>
       </row>
       -->
-
-    </tbody>
+   </tbody>
   </tgroup>
-</informaltable>
-
+ </informaltable>
 </section>
diff --git a/nixos/doc/manual/configuration/user-mgmt.xml b/nixos/doc/manual/configuration/user-mgmt.xml
index 1456a589411..66c1c6eb3a1 100644
--- a/nixos/doc/manual/configuration/user-mgmt.xml
+++ b/nixos/doc/manual/configuration/user-mgmt.xml
@@ -3,14 +3,12 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-user-management">
-
-<title>User Management</title>
-
-<para>NixOS supports both declarative and imperative styles of user
-management.  In the declarative style, users are specified in
-<filename>configuration.nix</filename>.  For instance, the following
-states that a user account named <literal>alice</literal> shall exist:
-
+ <title>User Management</title>
+ <para>
+  NixOS supports both declarative and imperative styles of user management. In
+  the declarative style, users are specified in
+  <filename>configuration.nix</filename>. For instance, the following states
+  that a user account named <literal>alice</literal> shall exist:
 <programlisting>
 <xref linkend="opt-users.users"/>.alice = {
   <link linkend="opt-users.users._name__.isNormalUser">isNormalUser</link> = true;
@@ -20,81 +18,71 @@ states that a user account named <literal>alice</literal> shall exist:
   <link linkend="opt-users.users._name__.openssh.authorizedKeys.keys">openssh.authorizedKeys.keys</link> = [ "ssh-dss AAAAB3Nza... alice@foobar" ];
 };
 </programlisting>
-
-Note that <literal>alice</literal> is a member of the
-<literal>wheel</literal> and <literal>networkmanager</literal> groups,
-which allows her to use <command>sudo</command> to execute commands as
-<literal>root</literal> and to configure the network, respectively.
-Also note the SSH public key that allows remote logins with the
-corresponding private key. Users created in this way do not have a
-password by default, so they cannot log in via mechanisms that require
-a password. However, you can use the <command>passwd</command> program
-to set a password, which is retained across invocations of
-<command>nixos-rebuild</command>.</para>
-
-<para>If you set <xref linkend="opt-users.mutableUsers"/> to false, then the contents of
-<literal>/etc/passwd</literal> and <literal>/etc/group</literal> will be congruent to
-your NixOS configuration. For instance, if you remove a user from <xref linkend="opt-users.users"/>
-and run nixos-rebuild, the user account will cease to exist. Also, imperative commands for managing users
-and groups, such as useradd, are no longer available. Passwords may still be
-assigned by setting the user's <link linkend="opt-users.users._name__.hashedPassword">hashedPassword</link>
-option. A hashed password can be generated using <command>mkpasswd -m sha-512</command>
-after installing the <literal>mkpasswd</literal> package.</para>
-
-<para>A user ID (uid) is assigned automatically.  You can also specify
-a uid manually by adding
-
+  Note that <literal>alice</literal> is a member of the
+  <literal>wheel</literal> and <literal>networkmanager</literal> groups, which
+  allows her to use <command>sudo</command> to execute commands as
+  <literal>root</literal> and to configure the network, respectively. Also note
+  the SSH public key that allows remote logins with the corresponding private
+  key. Users created in this way do not have a password by default, so they
+  cannot log in via mechanisms that require a password. However, you can use
+  the <command>passwd</command> program to set a password, which is retained
+  across invocations of <command>nixos-rebuild</command>.
+ </para>
+ <para>
+  If you set <xref linkend="opt-users.mutableUsers"/> to false, then the
+  contents of <literal>/etc/passwd</literal> and <literal>/etc/group</literal>
+  will be congruent to your NixOS configuration. For instance, if you remove a
+  user from <xref linkend="opt-users.users"/> and run nixos-rebuild, the user
+  account will cease to exist. Also, imperative commands for managing users and
+  groups, such as useradd, are no longer available. Passwords may still be
+  assigned by setting the user's
+  <link linkend="opt-users.users._name__.hashedPassword">hashedPassword</link>
+  option. A hashed password can be generated using <command>mkpasswd -m
+  sha-512</command> after installing the <literal>mkpasswd</literal> package.
+ </para>
+ <para>
+  A user ID (uid) is assigned automatically. You can also specify a uid
+  manually by adding
 <programlisting>
     uid = 1000;
 </programlisting>
-
-to the user specification.</para>
-
-<para>Groups can be specified similarly.  The following states that a
-group named <literal>students</literal> shall exist:
-
+  to the user specification.
+ </para>
+ <para>
+  Groups can be specified similarly. The following states that a group named
+  <literal>students</literal> shall exist:
 <programlisting>
 <xref linkend="opt-users.groups"/>.students.gid = 1000;
 </programlisting>
-
-As with users, the group ID (gid) is optional and will be assigned
-automatically if it’s missing.</para>
-
-<para>In the imperative style, users and groups are managed by
-commands such as <command>useradd</command>,
-<command>groupmod</command> and so on.  For instance, to create a user
-account named <literal>alice</literal>:
-
+  As with users, the group ID (gid) is optional and will be assigned
+  automatically if it’s missing.
+ </para>
+ <para>
+  In the imperative style, users and groups are managed by commands such as
+  <command>useradd</command>, <command>groupmod</command> and so on. For
+  instance, to create a user account named <literal>alice</literal>:
 <screen>
 # useradd -m alice</screen>
-
-To make all nix tools available to this new user use `su - USER` which
-opens a login shell (==shell that loads the profile) for given user.
-This will create the ~/.nix-defexpr symlink. So run:
-
+  To make all nix tools available to this new user use `su - USER` which opens
+  a login shell (==shell that loads the profile) for given user. This will
+  create the ~/.nix-defexpr symlink. So run:
 <screen>
 # su - alice -c "true"</screen>
-
-
-The flag <option>-m</option> causes the creation of a home directory
-for the new user, which is generally what you want.  The user does not
-have an initial password and therefore cannot log in.  A password can
-be set using the <command>passwd</command> utility:
-
+  The flag <option>-m</option> causes the creation of a home directory for the
+  new user, which is generally what you want. The user does not have an initial
+  password and therefore cannot log in. A password can be set using the
+  <command>passwd</command> utility:
 <screen>
 # passwd alice
 Enter new UNIX password: ***
 Retype new UNIX password: ***
 </screen>
-
-A user can be deleted using <command>userdel</command>:
-
+  A user can be deleted using <command>userdel</command>:
 <screen>
 # userdel -r alice</screen>
-
-The flag <option>-r</option> deletes the user’s home directory.
-Accounts can be modified using <command>usermod</command>.  Unix
-groups can be managed using <command>groupadd</command>,
-<command>groupmod</command> and <command>groupdel</command>.</para>
-
+  The flag <option>-r</option> deletes the user’s home directory. Accounts
+  can be modified using <command>usermod</command>. Unix groups can be managed
+  using <command>groupadd</command>, <command>groupmod</command> and
+  <command>groupdel</command>.
+ </para>
 </chapter>
diff --git a/nixos/doc/manual/configuration/wireless.xml b/nixos/doc/manual/configuration/wireless.xml
index 6ce43a43700..999447234ad 100644
--- a/nixos/doc/manual/configuration/wireless.xml
+++ b/nixos/doc/manual/configuration/wireless.xml
@@ -3,22 +3,20 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-wireless">
+ <title>Wireless Networks</title>
 
-<title>Wireless Networks</title>
-
-<para>For a desktop installation using NetworkManager (e.g., GNOME),
-you just have to make sure the user is in the
-<code>networkmanager</code> group and you can skip the rest of this
-section on wireless networks.</para>
-
-<para>
-NixOS will start wpa_supplicant for you if you enable this setting:
+ <para>
+  For a desktop installation using NetworkManager (e.g., GNOME), you just have
+  to make sure the user is in the <code>networkmanager</code> group and you can
+  skip the rest of this section on wireless networks.
+ </para>
 
+ <para>
+  NixOS will start wpa_supplicant for you if you enable this setting:
 <programlisting>
 <xref linkend="opt-networking.wireless.enable"/> = true;
 </programlisting>
-
-NixOS lets you specify networks for wpa_supplicant declaratively:
+  NixOS lets you specify networks for wpa_supplicant declaratively:
 <programlisting>
 <xref linkend="opt-networking.wireless.networks"/> = {
   echelon = {
@@ -27,27 +25,21 @@ NixOS lets you specify networks for wpa_supplicant declaratively:
   "free.wifi" = {};
 }
 </programlisting>
-
-Be aware that keys will be written to the nix store in plaintext!
-
-When no networks are set, it will default to using a configuration file at
-<literal>/etc/wpa_supplicant.conf</literal>. You should edit this file
-yourself to define wireless networks, WPA keys and so on (see
-wpa_supplicant.conf(5)).
-</para>
-
-<para>
-If you are using WPA2 the <command>wpa_passphrase</command> tool might be useful
-to generate the <literal>wpa_supplicant.conf</literal>.
-
+  Be aware that keys will be written to the nix store in plaintext! When no
+  networks are set, it will default to using a configuration file at
+  <literal>/etc/wpa_supplicant.conf</literal>. You should edit this file
+  yourself to define wireless networks, WPA keys and so on (see
+  wpa_supplicant.conf(5)).
+ </para>
+
+ <para>
+  If you are using WPA2 the <command>wpa_passphrase</command> tool might be
+  useful to generate the <literal>wpa_supplicant.conf</literal>.
 <screen>
 # wpa_passphrase ESSID PSK > /etc/wpa_supplicant.conf</screen>
-
-After you have edited the <literal>wpa_supplicant.conf</literal>,
-you need to restart the wpa_supplicant service.
-
+  After you have edited the <literal>wpa_supplicant.conf</literal>, you need to
+  restart the wpa_supplicant service.
 <screen>
 # systemctl restart wpa_supplicant.service</screen>
-</para>
-
+ </para>
 </section>
diff --git a/nixos/doc/manual/configuration/x-windows.xml b/nixos/doc/manual/configuration/x-windows.xml
index fd0daf6c6e5..9a0969ad635 100644
--- a/nixos/doc/manual/configuration/x-windows.xml
+++ b/nixos/doc/manual/configuration/x-windows.xml
@@ -3,27 +3,25 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-x11">
-
-<title>X Window System</title>
-
-<para>The X Window System (X11) provides the basis of NixOS’ graphical
-user interface.  It can be enabled as follows:
+ <title>X Window System</title>
+ <para>
+  The X Window System (X11) provides the basis of NixOS’ graphical user
+  interface. It can be enabled as follows:
 <programlisting>
 <xref linkend="opt-services.xserver.enable"/> = true;
 </programlisting>
-The X server will automatically detect and use the appropriate video
-driver from a set of X.org drivers (such as <literal>vesa</literal>
-and <literal>intel</literal>).  You can also specify a driver
-manually, e.g.
+  The X server will automatically detect and use the appropriate video driver
+  from a set of X.org drivers (such as <literal>vesa</literal> and
+  <literal>intel</literal>). You can also specify a driver manually, e.g.
 <programlisting>
 <xref linkend="opt-services.xserver.videoDrivers"/> = [ "r128" ];
 </programlisting>
-to enable X.org’s <literal>xf86-video-r128</literal> driver.</para>
-
-<para>You also need to enable at least one desktop or window manager.
-Otherwise, you can only log into a plain undecorated
-<command>xterm</command> window.  Thus you should pick one or more of
-the following lines:
+  to enable X.org’s <literal>xf86-video-r128</literal> driver.
+ </para>
+ <para>
+  You also need to enable at least one desktop or window manager. Otherwise,
+  you can only log into a plain undecorated <command>xterm</command> window.
+  Thus you should pick one or more of the following lines:
 <programlisting>
 <xref linkend="opt-services.xserver.desktopManager.plasma5.enable"/> = true;
 <xref linkend="opt-services.xserver.desktopManager.xfce.enable"/> = true;
@@ -33,108 +31,105 @@ the following lines:
 <xref linkend="opt-services.xserver.windowManager.icewm.enable"/> = true;
 <xref linkend="opt-services.xserver.windowManager.i3.enable"/> = true;
 </programlisting>
-</para>
-
-<para>NixOS’s default <emphasis>display manager</emphasis> (the
-program that provides a graphical login prompt and manages the X
-server) is SLiM. You can select an alternative one by picking one
-of the following lines:
+ </para>
+ <para>
+  NixOS’s default <emphasis>display manager</emphasis> (the program that
+  provides a graphical login prompt and manages the X server) is SLiM. You can
+  select an alternative one by picking one of the following lines:
 <programlisting>
 <xref linkend="opt-services.xserver.displayManager.sddm.enable"/> = true;
 <xref linkend="opt-services.xserver.displayManager.lightdm.enable"/> = true;
 </programlisting>
-</para>
-
-<para>You can set the keyboard layout (and optionally the layout variant):
+ </para>
+ <para>
+  You can set the keyboard layout (and optionally the layout variant):
 <programlisting>
 <xref linkend="opt-services.xserver.layout"/> = "de";
 <xref linkend="opt-services.xserver.xkbVariant"/> = "neo";
 </programlisting>
-</para>
-
-<para>The X server is started automatically at boot time.  If you
-don’t want this to happen, you can set:
+ </para>
+ <para>
+  The X server is started automatically at boot time. If you don’t want this
+  to happen, you can set:
 <programlisting>
 <xref linkend="opt-services.xserver.autorun"/> = false;
 </programlisting>
-The X server can then be started manually:
+  The X server can then be started manually:
 <screen>
 # systemctl start display-manager.service
 </screen>
-</para>
-
-
-<simplesect><title>NVIDIA Graphics Cards</title>
-
-<para>NVIDIA provides a proprietary driver for its graphics cards that
-has better 3D performance than the X.org drivers.  It is not enabled
-by default because it’s not free software.  You can enable it as follows:
+ </para>
+ <simplesect>
+  <title>NVIDIA Graphics Cards</title>
+  <para>
+   NVIDIA provides a proprietary driver for its graphics cards that has better
+   3D performance than the X.org drivers. It is not enabled by default because
+   it’s not free software. You can enable it as follows:
 <programlisting>
 <xref linkend="opt-services.xserver.videoDrivers"/> = [ "nvidia" ];
 </programlisting>
-Or if you have an older card, you may have to use one of the legacy drivers:
+   Or if you have an older card, you may have to use one of the legacy drivers:
 <programlisting>
 <xref linkend="opt-services.xserver.videoDrivers"/> = [ "nvidiaLegacy340" ];
 <xref linkend="opt-services.xserver.videoDrivers"/> = [ "nvidiaLegacy304" ];
 <xref linkend="opt-services.xserver.videoDrivers"/> = [ "nvidiaLegacy173" ];
 </programlisting>
-You may need to reboot after enabling this driver to prevent a clash
-with other kernel modules.</para>
-
-<para>On 64-bit systems, if you want full acceleration for 32-bit
-programs such as Wine, you should also set the following:
+   You may need to reboot after enabling this driver to prevent a clash with
+   other kernel modules.
+  </para>
+  <para>
+   On 64-bit systems, if you want full acceleration for 32-bit programs such as
+   Wine, you should also set the following:
 <programlisting>
 <xref linkend="opt-hardware.opengl.driSupport32Bit"/> = true;
 </programlisting>
-</para>
-
-</simplesect>
-
-<simplesect><title>AMD Graphics Cards</title>
-
-<para>AMD provides a proprietary driver for its graphics cards that
-has better 3D performance than the X.org drivers.  It is not enabled
-by default because it’s not free software.  You can enable it as follows:
+  </para>
+ </simplesect>
+ <simplesect>
+  <title>AMD Graphics Cards</title>
+  <para>
+   AMD provides a proprietary driver for its graphics cards that has better 3D
+   performance than the X.org drivers. It is not enabled by default because
+   it’s not free software. You can enable it as follows:
 <programlisting>
 <xref linkend="opt-services.xserver.videoDrivers"/> = [ "ati_unfree" ];
 </programlisting>
-You will need to reboot after enabling this driver to prevent a clash
-with other kernel modules.</para>
-
-<para>On 64-bit systems, if you want full acceleration for 32-bit
-programs such as Wine, you should also set the following:
+   You will need to reboot after enabling this driver to prevent a clash with
+   other kernel modules.
+  </para>
+  <para>
+   On 64-bit systems, if you want full acceleration for 32-bit programs such as
+   Wine, you should also set the following:
 <programlisting>
 <xref linkend="opt-hardware.opengl.driSupport32Bit"/> = true;
 </programlisting>
-</para>
-
-</simplesect>
-
-<simplesect><title>Touchpads</title>
-
-<para>Support for Synaptics touchpads (found in many laptops such as
-the Dell Latitude series) can be enabled as follows:
+  </para>
+ </simplesect>
+ <simplesect>
+  <title>Touchpads</title>
+  <para>
+   Support for Synaptics touchpads (found in many laptops such as the Dell
+   Latitude series) can be enabled as follows:
 <programlisting>
 <xref linkend="opt-services.xserver.libinput.enable"/> = true;
 </programlisting>
-The driver has many options (see <xref linkend="ch-options"/>).  For
-instance, the following disables tap-to-click behavior:
+   The driver has many options (see <xref linkend="ch-options"/>). For
+   instance, the following disables tap-to-click behavior:
 <programlisting>
 <xref linkend="opt-services.xserver.libinput.tapping"/> = false;
 </programlisting>
-Note: the use of <literal>services.xserver.synaptics</literal> is deprecated since NixOS 17.09.
-</para>
-
-</simplesect>
-
-<simplesect><title>GTK/Qt themes</title>
-
-<para>GTK themes can be installed either to user profile or system-wide (via
-<literal>environment.systemPackages</literal>). To make Qt 5 applications look similar
-to GTK2 ones, you can install <literal>qt5.qtbase.gtk</literal> package into your
-system environment. It should work for all Qt 5 library versions.
-</para>
-
-</simplesect>
-
+   Note: the use of <literal>services.xserver.synaptics</literal> is deprecated
+   since NixOS 17.09.
+  </para>
+ </simplesect>
+ <simplesect>
+  <title>GTK/Qt themes</title>
+  <para>
+   GTK themes can be installed either to user profile or system-wide (via
+   <literal>environment.systemPackages</literal>). To make Qt 5 applications
+   look similar to GTK2 ones, you can install <literal>qt5.qtbase.gtk</literal>
+   package into your system environment. It should work for all Qt 5 library
+   versions.
+  </para>
+ </simplesect>
 </chapter>
diff --git a/nixos/doc/manual/configuration/xfce.xml b/nixos/doc/manual/configuration/xfce.xml
index 8cb592faed5..40e61d2bd69 100644
--- a/nixos/doc/manual/configuration/xfce.xml
+++ b/nixos/doc/manual/configuration/xfce.xml
@@ -3,23 +3,20 @@
          xmlns:xi="http://www.w3.org/2001/XInclude"
          version="5.0"
          xml:id="sec-xfce">
-
-    <title>Xfce Desktop Environment</title>
-
-    <para>
-        To enable the Xfce Desktop Environment, set
-        <programlisting>
+ <title>Xfce Desktop Environment</title>
+ <para>
+  To enable the Xfce Desktop Environment, set
+<programlisting>
 <link linkend="opt-services.xserver.desktopManager.default">services.xserver.desktopManager</link> = {
   <link linkend="opt-services.xserver.desktopManager.xfce.enable">xfce.enable</link> = true;
   <link linkend="opt-services.xserver.desktopManager.default">default</link> = "xfce";
 };
         </programlisting>
-    </para>
-
-    <para>
-        Optionally, <emphasis>compton</emphasis>
-        can be enabled for nice graphical effects, some example settings:
-        <programlisting>
+ </para>
+ <para>
+  Optionally, <emphasis>compton</emphasis> can be enabled for nice graphical
+  effects, some example settings:
+<programlisting>
 <link linkend="opt-services.compton.enable">services.compton</link> = {
   <link linkend="opt-services.compton.enable">enable</link>          = true;
   <link linkend="opt-services.compton.fade">fade</link>            = true;
@@ -28,67 +25,48 @@
   <link linkend="opt-services.compton.fadeDelta">fadeDelta</link>       = 4;
 };
         </programlisting>
-    </para>
-
-    <para>
-        Some Xfce programs are not installed automatically.
-        To install them manually (system wide), put them into your
-        <xref linkend="opt-environment.systemPackages"/>.
-    </para>
-
-    <simplesect>
-        <title>Thunar Volume Support</title>
-
-        <para>
-            To enable
-            <emphasis>Thunar</emphasis>
-            volume support, put
-            <programlisting>
+ </para>
+ <para>
+  Some Xfce programs are not installed automatically. To install them manually
+  (system wide), put them into your
+  <xref linkend="opt-environment.systemPackages"/>.
+ </para>
+ <simplesect>
+  <title>Thunar Volume Support</title>
+  <para>
+   To enable <emphasis>Thunar</emphasis> volume support, put
+<programlisting>
 <xref linkend="opt-services.xserver.desktopManager.xfce.enable"/> = true;
             </programlisting>
-            into your <emphasis>configuration.nix</emphasis>.
-        </para>
-
-    </simplesect>
-
-    <simplesect>
-        <title>Polkit Authentication Agent</title>
-
-        <para>
-            There is no authentication agent automatically installed alongside
-            Xfce. To allow mounting of local (non-removable) filesystems, you
-            will need to install one.
-
-            Installing <emphasis>polkit_gnome</emphasis>, a rebuild, logout and
-            login did the trick.
-        </para>
-
-    </simplesect>
-
-    <simplesect>
-        <title>Troubleshooting</title>
-
-        <para>
-            Even after enabling udisks2, volume management might not work.
-            Thunar and/or the desktop takes time to show up.
-
-            Thunar will spit out this kind of message on start
-            (look at <command>journalctl --user -b</command>).
-
-            <programlisting>
+   into your <emphasis>configuration.nix</emphasis>.
+  </para>
+ </simplesect>
+ <simplesect>
+  <title>Polkit Authentication Agent</title>
+  <para>
+   There is no authentication agent automatically installed alongside Xfce. To
+   allow mounting of local (non-removable) filesystems, you will need to
+   install one. Installing <emphasis>polkit_gnome</emphasis>, a rebuild, logout
+   and login did the trick.
+  </para>
+ </simplesect>
+ <simplesect>
+  <title>Troubleshooting</title>
+  <para>
+   Even after enabling udisks2, volume management might not work. Thunar and/or
+   the desktop takes time to show up. Thunar will spit out this kind of message
+   on start (look at <command>journalctl --user -b</command>).
+<programlisting>
 Thunar:2410): GVFS-RemoteVolumeMonitor-WARNING **: remote volume monitor with dbus name org.gtk.Private.UDisks2VolumeMonitor is not supported
             </programlisting>
-
-            This is caused by some needed GNOME services not running.
-            This is all fixed by enabling "Launch GNOME services on startup" in
-            the Advanced tab of the Session and Startup settings panel.
-            Alternatively, you can run this command to do the same thing.
-            <programlisting>
+   This is caused by some needed GNOME services not running. This is all fixed
+   by enabling "Launch GNOME services on startup" in the Advanced tab of the
+   Session and Startup settings panel. Alternatively, you can run this command
+   to do the same thing.
+<programlisting>
 $ xfconf-query -c xfce4-session -p /compat/LaunchGNOME -s true
             </programlisting>
-            A log-out and re-log will be needed for this to take effect.
-        </para>
-
-    </simplesect>
-
+   A log-out and re-log will be needed for this to take effect.
+  </para>
+ </simplesect>
 </chapter>