Merge pull request #38831 from rdnetto/improve-cross-refs

Improve cross referencing in NixOS Manual

2 files changed, 17 insertions, 17 deletions

diff --git a/nixos/modules/security/acme.xml b/nixos/modules/security/acme.xml
index 6130ed82ed3..7cdc554989e 100644
--- a/nixos/modules/security/acme.xml
+++ b/nixos/modules/security/acme.xml
@@ -48,9 +48,9 @@ http {
 <filename>configuration.nix</filename>:
 
 <programlisting>
-security.acme.certs."foo.example.com" = {
-  webroot = "/var/www/challenges";
-  email = "foo@example.com";
+<xref linkend="opt-security.acme.certs"/>."foo.example.com" = {
+  <link linkend="opt-security.acme.certs._name_.webroot">webroot</link> = "/var/www/challenges";
+  <link linkend="opt-security.acme.certs._name_.email">email</link> = "foo@example.com";
 };
 </programlisting>
 </para>
@@ -58,17 +58,17 @@ security.acme.certs."foo.example.com" = {
 <para>The private key <filename>key.pem</filename> and certificate
 <filename>fullchain.pem</filename> will be put into
 <filename>/var/lib/acme/foo.example.com</filename>. The target directory can
-be configured with the option <literal>security.acme.directory</literal>.
+be configured with the option <xref linkend="opt-security.acme.directory"/>.
 </para>
 
 <para>Refer to <xref linkend="ch-options" /> for all available configuration
-options for the <literal>security.acme</literal> module.</para>
+options for the <link linkend="opt-security.acme.certs">security.acme</link> module.</para>
 
 </section>
 
 <section><title>Using ACME certificates in Nginx</title>
 <para>NixOS supports fetching ACME certificates for you by setting
-<literal>enableACME = true;</literal> in a virtualHost config. We
+  <literal><link linkend="opt-services.nginx.virtualHosts._name_.enableACME">enableACME</link> = true;</literal> in a virtualHost config. We
 first create self-signed placeholder certificates in place of the
 real ACME certs. The placeholder certs are overwritten when the ACME
 certs arrive. For <literal>foo.example.com</literal> the config would
@@ -77,13 +77,13 @@ look like.
 
 <programlisting>
 services.nginx = {
-  enable = true;
-  virtualHosts = {
+  <link linkend="opt-services.nginx.enable">enable = true;</link>
+  <link linkend="opt-services.nginx.virtualHosts">virtualHosts</link> = {
     "foo.example.com" = {
-      forceSSL = true;
-      enableACME = true;
+      <link linkend="opt-services.nginx.virtualHosts._name_.forceSSL">forceSSL</link> = true;
+      <link linkend="opt-services.nginx.virtualHosts._name_.enableACME">enableACME</link> = true;
       locations."/" = {
-        root = "/var/www";
+        <link linkend="opt-services.nginx.virtualHosts._name_.locations._name_.root">root</link> = "/var/www";
       };
     };
   };
diff --git a/nixos/modules/security/hidepid.xml b/nixos/modules/security/hidepid.xml
index 5715ee7ac16..d69341eb3cd 100644
--- a/nixos/modules/security/hidepid.xml
+++ b/nixos/modules/security/hidepid.xml
@@ -8,9 +8,9 @@
 
   <para>
     Setting
-    <programlisting>
-      security.hideProcessInformation = true;
-    </programlisting>
+<programlisting>
+<xref linkend="opt-security.hideProcessInformation"/> = true;
+</programlisting>
     ensures that access to process information is restricted to the
     owning user.  This implies, among other things, that command-line
     arguments remain private.  Unless your deployment relies on unprivileged
@@ -25,9 +25,9 @@
 
   <para>
     To allow a service <replaceable>foo</replaceable> to run without process information hiding, set
-    <programlisting>
-      systemd.services.<replaceable>foo</replaceable>.serviceConfig.SupplementaryGroups = [ "proc" ];
-    </programlisting>
+<programlisting>
+<link linkend="opt-systemd.services._name_.serviceConfig">systemd.services.<replaceable>foo</replaceable>.serviceConfig</link>.SupplementaryGroups = [ "proc" ];
+</programlisting>
   </para>
 
 </chapter>