diff options
author | Bobby Rong <rjl931189261@126.com> | 2021-06-30 17:43:06 +0800 |
---|---|---|
committer | Bobby Rong <rjl931189261@126.com> | 2021-06-30 17:45:29 +0800 |
commit | 9c1623cbe45600298c152250e2a41342131aa7bd (patch) | |
tree | 064c46071363c9079f2afc931a3a4d7a4e9e80ea /nixos/doc/manual/from_md/configuration/profiles | |
parent | cd3ed54f6ea1c13d45c6772b4752ae6d2ff35997 (diff) | |
download | nixpkgs-9c1623cbe45600298c152250e2a41342131aa7bd.tar nixpkgs-9c1623cbe45600298c152250e2a41342131aa7bd.tar.gz nixpkgs-9c1623cbe45600298c152250e2a41342131aa7bd.tar.bz2 nixpkgs-9c1623cbe45600298c152250e2a41342131aa7bd.tar.lz nixpkgs-9c1623cbe45600298c152250e2a41342131aa7bd.tar.xz nixpkgs-9c1623cbe45600298c152250e2a41342131aa7bd.tar.zst nixpkgs-9c1623cbe45600298c152250e2a41342131aa7bd.zip |
nixos: nixos/doc/configuration/profiles/*.xml to CommonMark
Diffstat (limited to 'nixos/doc/manual/from_md/configuration/profiles')
11 files changed, 184 insertions, 0 deletions
diff --git a/nixos/doc/manual/from_md/configuration/profiles/all-hardware.section.xml b/nixos/doc/manual/from_md/configuration/profiles/all-hardware.section.xml new file mode 100644 index 00000000000..e355ffb752d --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/all-hardware.section.xml @@ -0,0 +1,16 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-all-hardware"> + <title>All Hardware</title> + <para> + Enables all hardware supported by NixOS: i.e., all firmware is + included, and all devices from which one may boot are enabled in the + initrd. Its primary use is in the NixOS installation CDs. + </para> + <para> + The enabled kernel modules include support for SATA and PATA, SCSI + (partially), USB, Firewire (untested), Virtio (QEMU, KVM, etc.), + VMware, and Hyper-V. Additionally, + <link xlink:href="options.html#opt-hardware.enableAllFirmware"><literal>hardware.enableAllFirmware</literal></link> + is enabled, and the firmware for the ZyDAS ZD1211 chipset is + specifically installed. + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/base.section.xml b/nixos/doc/manual/from_md/configuration/profiles/base.section.xml new file mode 100644 index 00000000000..83d35bd2867 --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/base.section.xml @@ -0,0 +1,10 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-base"> + <title>Base</title> + <para> + Defines the software packages included in the <quote>minimal</quote> + installation CD. It installs several utilities useful in a simple + recovery or install media, such as a text-mode web browser, and + tools for manipulating block devices, networking, hardware + diagnostics, and filesystems (with their respective kernel modules). + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/clone-config.section.xml b/nixos/doc/manual/from_md/configuration/profiles/clone-config.section.xml new file mode 100644 index 00000000000..9430b49ea33 --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/clone-config.section.xml @@ -0,0 +1,16 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-clone-config"> + <title>Clone Config</title> + <para> + This profile is used in installer images. It provides an editable + configuration.nix that imports all the modules that were also used + when creating the image in the first place. As a result it allows + users to edit and rebuild the live-system. + </para> + <para> + On images where the installation media also becomes an installation + target, copying over <literal>configuration.nix</literal> should be + disabled by setting <literal>installer.cloneConfig</literal> to + <literal>false</literal>. For example, this is done in + <literal>sd-image-aarch64-installer.nix</literal>. + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/demo.section.xml b/nixos/doc/manual/from_md/configuration/profiles/demo.section.xml new file mode 100644 index 00000000000..8b8c09118d9 --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/demo.section.xml @@ -0,0 +1,10 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-demo"> + <title>Demo</title> + <para> + This profile just enables a <literal>demo</literal> user, with + password <literal>demo</literal>, uid <literal>1000</literal>, + <literal>wheel</literal> group and + <link xlink:href="options.html#opt-services.xserver.displayManager.autoLogin">autologin + in the SDDM display manager</link>. + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/docker-container.section.xml b/nixos/doc/manual/from_md/configuration/profiles/docker-container.section.xml new file mode 100644 index 00000000000..28dcd2b1a2d --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/docker-container.section.xml @@ -0,0 +1,12 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-docker-container"> + <title>Docker Container</title> + <para> + This is the profile from which the Docker images are generated. It + prepares a working system by importing the + <link linkend="sec-profile-minimal">Minimal</link> and + <link linkend="sec-profile-clone-config">Clone Config</link> + profiles, and setting appropriate configuration options that are + useful inside a container context, like + <link xlink:href="options.html#opt-boot.isContainer"><literal>boot.isContainer</literal></link>. + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/graphical.section.xml b/nixos/doc/manual/from_md/configuration/profiles/graphical.section.xml new file mode 100644 index 00000000000..644a8ea590b --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/graphical.section.xml @@ -0,0 +1,17 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-graphical"> + <title>Graphical</title> + <para> + Defines a NixOS configuration with the Plasma 5 desktop. It’s used + by the graphical installation CD. + </para> + <para> + It sets + <link xlink:href="options.html#opt-services.xserver.enable"><literal>services.xserver.enable</literal></link>, + <link xlink:href="options.html#opt-services.xserver.displayManager.sddm.enable"><literal>services.xserver.displayManager.sddm.enable</literal></link>, + <link xlink:href="options.html#opt-services.xserver.desktopManager.plasma5.enable"><literal>services.xserver.desktopManager.plasma5.enable</literal></link>, + and + <link xlink:href="options.html#opt-services.xserver.libinput.enable"><literal>services.xserver.libinput.enable</literal></link> + to true. It also includes glxinfo and firefox in the system packages + list. + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/hardened.section.xml b/nixos/doc/manual/from_md/configuration/profiles/hardened.section.xml new file mode 100644 index 00000000000..a08bc843230 --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/hardened.section.xml @@ -0,0 +1,26 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-hardened"> + <title>Hardened</title> + <para> + A profile with most (vanilla) hardening options enabled by default, + potentially at the cost of stability, features and performance. + </para> + <para> + This includes a hardened kernel, and limiting the system information + available to processes through the <literal>/sys</literal> and + <literal>/proc</literal> filesystems. It also disables the User + Namespaces feature of the kernel, which stops Nix from being able to + build anything (this particular setting can be overriden via + <link xlink:href="options.html#opt-security.allowUserNamespaces"><literal>security.allowUserNamespaces</literal></link>). + See the + <link xlink:href="https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix">profile + source</link> for further detail on which settings are altered. + </para> + <warning> + <para> + This profile enables options that are known to affect system + stability. If you experience any stability issues when using the + profile, try disabling it. If you report an issue and use this + profile, always mention that you do. + </para> + </warning> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/headless.section.xml b/nixos/doc/manual/from_md/configuration/profiles/headless.section.xml new file mode 100644 index 00000000000..a89551abd41 --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/headless.section.xml @@ -0,0 +1,18 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-headless"> + <title>Headless</title> + <para> + Common configuration for headless machines (e.g., Amazon EC2 + instances). + </para> + <para> + Disables + <link xlink:href="options.html#opt-sound.enable">sound</link>, + <link xlink:href="options.html#opt-boot.vesa">vesa</link>, serial + consoles, + <link xlink:href="options.html#opt-systemd.enableEmergencyMode">emergency + mode</link>, + <link xlink:href="options.html#opt-boot.loader.grub.splashImage">grub + splash images</link> and configures the kernel to reboot + automatically on panic. + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/installation-device.section.xml b/nixos/doc/manual/from_md/configuration/profiles/installation-device.section.xml new file mode 100644 index 00000000000..8a8265c03c0 --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/installation-device.section.xml @@ -0,0 +1,33 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-installation-device"> + <title>Installation Device</title> + <para> + Provides a basic configuration for installation devices like CDs. + This enables redistributable firmware, includes the + <link linkend="sec-profile-clone-config">Clone Config profile</link> + and a copy of the Nixpkgs channel, so + <literal>nixos-install</literal> works out of the box. + </para> + <para> + Documentation for + <link xlink:href="options.html#opt-documentation.enable">Nixpkgs</link> + and + <link xlink:href="options.html#opt-documentation.nixos.enable">NixOS</link> + are forcefully enabled (to override the + <link linkend="sec-profile-minimal">Minimal profile</link> + preference); the NixOS manual is shown automatically on TTY 8, + udisks is disabled. Autologin is enabled as <literal>nixos</literal> + user, while passwordless login as both <literal>root</literal> and + <literal>nixos</literal> is possible. Passwordless + <literal>sudo</literal> is enabled too. + <link xlink:href="options.html#opt-networking.wireless.enable">wpa_supplicant</link> + is enabled, but configured to not autostart. + </para> + <para> + It is explained how to login, start the ssh server, and if + available, how to start the display manager. + </para> + <para> + Several settings are tweaked so that the installer has a better + chance of succeeding under low-memory environments. + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/minimal.section.xml b/nixos/doc/manual/from_md/configuration/profiles/minimal.section.xml new file mode 100644 index 00000000000..5653b3f01c3 --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/minimal.section.xml @@ -0,0 +1,15 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-minimal"> + <title>Minimal</title> + <para> + This profile defines a small NixOS configuration. It does not + contain any graphical stuff. It’s a very short file that enables + <link xlink:href="options.html#opt-environment.noXlibs">noXlibs</link>, + sets + <link xlink:href="options.html#opt-i18n.supportedLocales"><literal>i18n.supportedLocales</literal></link> + to only support the user-selected locale, + <link xlink:href="options.html#opt-documentation.enable">disables + packages’ documentation</link>, and + <link xlink:href="options.html#opt-sound.enable">disables + sound</link>. + </para> +</section> diff --git a/nixos/doc/manual/from_md/configuration/profiles/qemu-guest.section.xml b/nixos/doc/manual/from_md/configuration/profiles/qemu-guest.section.xml new file mode 100644 index 00000000000..f33464f9db4 --- /dev/null +++ b/nixos/doc/manual/from_md/configuration/profiles/qemu-guest.section.xml @@ -0,0 +1,11 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-profile-qemu-guest"> + <title>QEMU Guest</title> + <para> + This profile contains common configuration for virtual machines + running under QEMU (using virtio). + </para> + <para> + It makes virtio modules available on the initrd and sets the system + time from the hardware clock to work around a bug in qemu-kvm. + </para> +</section> |