diff options
34 files changed, 120 insertions, 120 deletions
diff --git a/nixos/modules/config/resolvconf.nix b/nixos/modules/config/resolvconf.nix index cdc40d2c810..ef291ce5aaf 100644 --- a/nixos/modules/config/resolvconf.nix +++ b/nixos/modules/config/resolvconf.nix @@ -84,8 +84,8 @@ in type = types.bool; default = true; description = '' - Enable the <code>edns0</code> option in <filename>resolv.conf</filename>. With - that option set, <code>glibc</code> supports use of the extension mechanisms for + Enable the <literal>edns0</literal> option in <filename>resolv.conf</filename>. With + that option set, <literal>glibc</literal> supports use of the extension mechanisms for DNS (EDNS) specified in RFC 2671. The most popular user of that feature is DNSSEC, which does not work without it. ''; diff --git a/nixos/modules/config/shells-environment.nix b/nixos/modules/config/shells-environment.nix index 660b2e1fa4b..3dc202327c2 100644 --- a/nixos/modules/config/shells-environment.nix +++ b/nixos/modules/config/shells-environment.nix @@ -113,7 +113,7 @@ in An attribute set that maps aliases (the top level attribute names in this option) to command strings or directly to build outputs. The aliases are added to all users' shells. - Aliases mapped to <code>null</code> are ignored. + Aliases mapped to <literal>null</literal> are ignored. ''; type = with types; attrsOf (nullOr (either str path)); }; diff --git a/nixos/modules/config/system-environment.nix b/nixos/modules/config/system-environment.nix index d2a66b8d932..a299fdceaf1 100644 --- a/nixos/modules/config/system-environment.nix +++ b/nixos/modules/config/system-environment.nix @@ -30,7 +30,7 @@ in Also, these variables are merged into <xref linkend="opt-environment.variables"/> and it is therefore not possible to use PAM style variables such as - <code>@{HOME}</code>. + <literal>@{HOME}</literal>. ''; type = with types; attrsOf (either str (listOf str)); apply = mapAttrs (n: v: if isList v then concatStringsSep ":" v else v); @@ -58,7 +58,7 @@ in Also, these variables are merged into <xref linkend="opt-environment.profileRelativeEnvVars"/> and it is therefore not possible to use PAM style variables such as - <code>@{HOME}</code>. + <literal>@{HOME}</literal>. ''; }; diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index 466e3f6138a..1b63dc52d6e 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -154,8 +154,8 @@ let description = '' Attributes for user's entry in <filename>pam_mount.conf.xml</filename>. - Useful attributes might include <code>path</code>, - <code>options</code>, <code>fstype</code>, and <code>server</code>. + Useful attributes might include <literal>path</literal>, + <literal>options</literal>, <literal>fstype</literal>, and <literal>server</literal>. See <link xlink:href="http://pam-mount.sourceforge.net/pam_mount.conf.5.html" /> for more information. @@ -172,7 +172,7 @@ let like <literal>pkgs.bashInteractive</literal>. Don’t forget to enable your shell in <literal>programs</literal> if necessary, - like <code>programs.zsh.enable = true;</code>. + like <literal>programs.zsh.enable = true;</literal>. ''; }; diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index e991ff42028..bb21e31ec97 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -119,11 +119,11 @@ in example = literalExpression "import <nixpkgs> {}"; description = '' If set, the pkgs argument to all NixOS modules is the value of - this option, extended with <code>nixpkgs.overlays</code>, if - that is also set. Either <code>nixpkgs.crossSystem</code> or - <code>nixpkgs.localSystem</code> will be used in an assertion + this option, extended with <literal>nixpkgs.overlays</literal>, if + that is also set. Either <literal>nixpkgs.crossSystem</literal> or + <literal>nixpkgs.localSystem</literal> will be used in an assertion to check that the NixOS and Nixpkgs architectures match. Any - other options in <code>nixpkgs.*</code>, notably <code>config</code>, + other options in <literal>nixpkgs.*</literal>, notably <literal>config</literal>, will be ignored. If unset, the pkgs argument to all NixOS modules is determined @@ -132,18 +132,18 @@ in The default value imports the Nixpkgs source files relative to the location of this NixOS module, because NixOS and Nixpkgs are distributed together for consistency, - so the <code>nixos</code> in the default value is in fact a - relative path. The <code>config</code>, <code>overlays</code>, - <code>localSystem</code>, and <code>crossSystem</code> come + so the <literal>nixos</literal> in the default value is in fact a + relative path. The <literal>config</literal>, <literal>overlays</literal>, + <literal>localSystem</literal>, and <literal>crossSystem</literal> come from this option's siblings. This option can be used by applications like NixOps to increase the performance of evaluation, or to create packages that depend on a container that should be built with the exact same evaluation of Nixpkgs, for example. Applications like this should set - their default value using <code>lib.mkDefault</code>, so + their default value using <literal>lib.mkDefault</literal>, so user-provided configuration can override it without using - <code>lib</code>. + <literal>lib</literal>. Note that using a distinct version of Nixpkgs with NixOS may be an unexpected source of problems. Use this option with care. @@ -162,7 +162,7 @@ in details, see the Nixpkgs documentation.) It allows you to set package configuration options. - Ignored when <code>nixpkgs.pkgs</code> is set. + Ignored when <literal>nixpkgs.pkgs</literal> is set. ''; }; @@ -188,9 +188,9 @@ in The first argument should be used for finding dependencies, and the second should be used for overriding recipes. - If <code>nixpkgs.pkgs</code> is set, overlays specified here + If <literal>nixpkgs.pkgs</literal> is set, overlays specified here will be applied after the overlays that were already present - in <code>nixpkgs.pkgs</code>. + in <literal>nixpkgs.pkgs</literal>. ''; }; @@ -205,9 +205,9 @@ in description = '' Specifies the platform where the NixOS configuration will run. - To cross-compile, set also <code>nixpkgs.buildPlatform</code>. + To cross-compile, set also <literal>nixpkgs.buildPlatform</literal>. - Ignored when <code>nixpkgs.pkgs</code> is set. + Ignored when <literal>nixpkgs.pkgs</literal> is set. ''; }; @@ -230,7 +230,7 @@ in or if you're building machines, you can set this to match your development system and/or build farm. - Ignored when <code>nixpkgs.pkgs</code> is set. + Ignored when <literal>nixpkgs.pkgs</literal> is set. ''; }; @@ -253,7 +253,7 @@ in use the old options. Specifies the platform on which NixOS should be built. When - <code>nixpkgs.crossSystem</code> is unset, it also specifies + <literal>nixpkgs.crossSystem</literal> is unset, it also specifies the platform <emphasis>for</emphasis> which NixOS should be built. If this option is unset, it defaults to the platform type of the machine where evaluation happens. Specifying this @@ -261,7 +261,7 @@ in deployment, or when building virtual machines. See its description in the Nixpkgs manual for more details. - Ignored when <code>nixpkgs.pkgs</code> or <code>hostPlatform</code> is set. + Ignored when <literal>nixpkgs.pkgs</literal> or <literal>hostPlatform</literal> is set. ''; }; @@ -279,13 +279,13 @@ in Specifies the platform for which NixOS should be built. Specify this only if it is different from - <code>nixpkgs.localSystem</code>, the platform + <literal>nixpkgs.localSystem</literal>, the platform <emphasis>on</emphasis> which NixOS should be built. In other words, specify this to cross-compile NixOS. Otherwise it should be set as null, the default. See its description in the Nixpkgs manual for more details. - Ignored when <code>nixpkgs.pkgs</code> or <code>hostPlatform</code> is set. + Ignored when <literal>nixpkgs.pkgs</literal> or <literal>hostPlatform</literal> is set. ''; }; @@ -316,7 +316,7 @@ in with a recently generated <literal>hardware-configuration.nix</literal>. Specifies the Nix platform type on which NixOS should be built. - It is better to specify <code>nixpkgs.localSystem</code> instead. + It is better to specify <literal>nixpkgs.localSystem</literal> instead. <programlisting> { nixpkgs.system = ..; @@ -328,9 +328,9 @@ in nixpkgs.localSystem.system = ..; } </programlisting> - See <code>nixpkgs.localSystem</code> for more information. + See <literal>nixpkgs.localSystem</literal> for more information. - Ignored when <code>nixpkgs.pkgs</code>, <code>nixpkgs.localSystem</code> or <code>nixpkgs.hostPlatform</code> is set. + Ignored when <literal>nixpkgs.pkgs</literal>, <literal>nixpkgs.localSystem</literal> or <literal>nixpkgs.hostPlatform</literal> is set. ''; }; }; diff --git a/nixos/modules/programs/adb.nix b/nixos/modules/programs/adb.nix index 9e9e37f92a8..63403193920 100644 --- a/nixos/modules/programs/adb.nix +++ b/nixos/modules/programs/adb.nix @@ -14,7 +14,7 @@ with lib; description = '' Whether to configure system to use Android Debug Bridge (adb). To grant access to a user, it must be part of adbusers group: - <code>users.users.alice.extraGroups = ["adbusers"];</code> + <literal>users.users.alice.extraGroups = ["adbusers"];</literal> ''; }; }; diff --git a/nixos/modules/programs/firejail.nix b/nixos/modules/programs/firejail.nix index e014aea626c..b9a0f9a6911 100644 --- a/nixos/modules/programs/firejail.nix +++ b/nixos/modules/programs/firejail.nix @@ -74,7 +74,7 @@ in { You will get file collisions if you put the actual application binary in the global environment (such as by adding the application package to - <code>environment.systemPackages</code>), and applications started via + <literal>environment.systemPackages</literal>), and applications started via .desktop files are not wrapped if they specify the absolute path to the binary. ''; diff --git a/nixos/modules/programs/gphoto2.nix b/nixos/modules/programs/gphoto2.nix index 93923ff3133..373b53495f7 100644 --- a/nixos/modules/programs/gphoto2.nix +++ b/nixos/modules/programs/gphoto2.nix @@ -15,7 +15,7 @@ with lib; Whether to configure system to use gphoto2. To grant digital camera access to a user, the user must be part of the camera group: - <code>users.users.alice.extraGroups = ["camera"];</code> + <literal>users.users.alice.extraGroups = ["camera"];</literal> ''; }; }; diff --git a/nixos/modules/programs/kdeconnect.nix b/nixos/modules/programs/kdeconnect.nix index aa4302404ad..1f326c9e921 100644 --- a/nixos/modules/programs/kdeconnect.nix +++ b/nixos/modules/programs/kdeconnect.nix @@ -8,7 +8,7 @@ with lib; Note that it will open the TCP and UDP port from 1714 to 1764 as they are needed for it to function properly. You can use the <option>package</option> to use - <code>gnomeExtensions.gsconnect</code> as an alternative + <literal>gnomeExtensions.gsconnect</literal> as an alternative implementation if you use Gnome. ''; package = mkOption { diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index e0da6ef3b3a..9c4a95ef22c 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -95,7 +95,7 @@ in default = ""; description = '' Extra configuration text prepended to <filename>ssh_config</filename>. Other generated - options will be added after a <code>Host *</code> pattern. + options will be added after a <literal>Host *</literal> pattern. See <citerefentry><refentrytitle>ssh_config</refentrytitle><manvolnum>5</manvolnum></citerefentry> for help. ''; diff --git a/nixos/modules/programs/turbovnc.nix b/nixos/modules/programs/turbovnc.nix index e6f8836aa36..eb09c554290 100644 --- a/nixos/modules/programs/turbovnc.nix +++ b/nixos/modules/programs/turbovnc.nix @@ -22,7 +22,7 @@ in This will enable <option>hardware.opengl.enable</option> so that OpenGL programs can find Mesa's llvmpipe drivers. - Setting this option to <code>false</code> does not mean that software + Setting this option to <literal>false</literal> does not mean that software OpenGL won't work; it may still work depending on your system configuration. diff --git a/nixos/modules/security/acme/default.nix b/nixos/modules/security/acme/default.nix index 54b44dcab62..5f4344d451c 100644 --- a/nixos/modules/security/acme/default.nix +++ b/nixos/modules/security/acme/default.nix @@ -505,7 +505,7 @@ let type = types.listOf types.str; inherit (defaultAndText "reloadServices" []) default defaultText; description = '' - The list of systemd services to call <code>systemctl try-reload-or-restart</code> + The list of systemd services to call <literal>systemctl try-reload-or-restart</literal> on. ''; }; diff --git a/nixos/modules/security/doas.nix b/nixos/modules/security/doas.nix index d4b51b406e2..2641548221a 100644 --- a/nixos/modules/security/doas.nix +++ b/nixos/modules/security/doas.nix @@ -63,7 +63,7 @@ in type = with types; bool; default = true; description = '' - Whether users of the <code>wheel</code> group must provide a password to + Whether users of the <literal>wheel</literal> group must provide a password to run commands as super user via <command>doas</command>. ''; }; @@ -74,7 +74,7 @@ in Define specific rules to be set in the <filename>/etc/doas.conf</filename> file. More specific rules should come after more general ones in order to yield the expected behavior. - You can use <code>mkBefore</code> and/or <code>mkAfter</code> to ensure + You can use <literal>mkBefore</literal> and/or <literal>mkAfter</literal> to ensure this is the case when configuration options are merged. ''; example = literalExpression '' @@ -114,7 +114,7 @@ in type = with types; bool; default = false; description = '' - If <code>true</code>, the user is not required to enter a + If <literal>true</literal>, the user is not required to enter a password. ''; }; @@ -123,7 +123,7 @@ in type = with types; bool; default = false; description = '' - If <code>true</code>, successful executions will not be logged + If <literal>true</literal>, successful executions will not be logged to <citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. ''; @@ -133,7 +133,7 @@ in type = with types; bool; default = false; description = '' - If <code>true</code>, do not ask for a password again for some + If <literal>true</literal>, do not ask for a password again for some time after the user successfully authenticates. ''; }; @@ -142,7 +142,7 @@ in type = with types; bool; default = false; description = '' - If <code>true</code>, environment variables other than those + If <literal>true</literal>, environment variables other than those listed in <citerefentry><refentrytitle>doas</refentrytitle><manvolnum>1</manvolnum></citerefentry> are kept when creating the environment for the new process. @@ -155,15 +155,15 @@ in description = '' Keep or set the specified variables. Variables may also be removed with a leading '-' or set using - <code>variable=value</code>. If the first character of - <code>value</code> is a '$', the value to be set is taken from + <literal>variable=value</literal>. If the first character of + <literal>value</literal> is a '$', the value to be set is taken from the existing environment variable of the indicated name. This option is processed after the default environment has been created. - NOTE: All rules have <code>setenv { SSH_AUTH_SOCK }</code> by - default. To prevent <code>SSH_AUTH_SOCK</code> from being - inherited, add <code>"-SSH_AUTH_SOCK"</code> anywhere in this + NOTE: All rules have <literal>setenv { SSH_AUTH_SOCK }</literal> by + default. To prevent <literal>SSH_AUTH_SOCK</literal> from being + inherited, add <literal>"-SSH_AUTH_SOCK"</literal> anywhere in this list. ''; }; @@ -185,12 +185,12 @@ in default = null; description = '' Which user or group the specified command is allowed to run as. - When set to <code>null</code> (the default), all users are + When set to <literal>null</literal> (the default), all users are allowed. A user can be specified using just the username: - <code>"foo"</code>. It is also possible to only allow running as - a specific group with <code>":bar"</code>. + <literal>"foo"</literal>. It is also possible to only allow running as + a specific group with <literal>":bar"</literal>. ''; }; @@ -199,7 +199,7 @@ in default = null; description = '' The command the user is allowed to run. When set to - <code>null</code> (the default), all commands are allowed. + <literal>null</literal> (the default), all commands are allowed. NOTE: It is best practice to specify absolute paths. If a relative path is specified, only a restricted PATH will be @@ -212,7 +212,7 @@ in default = null; description = '' Arguments that must be provided to the command. When set to - <code>[]</code>, the command must be run without any arguments. + <literal>[]</literal>, the command must be run without any arguments. ''; }; }; diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix index 2e30a8915d8..c1a69aedde4 100644 --- a/nixos/modules/security/sudo.nix +++ b/nixos/modules/security/sudo.nix @@ -56,7 +56,7 @@ in default = true; description = '' - Whether users of the <code>wheel</code> group must + Whether users of the <literal>wheel</literal> group must provide a password to run commands as super user via <command>sudo</command>. ''; }; @@ -65,9 +65,9 @@ in type = types.bool; default = false; description = '' - Only allow members of the <code>wheel</code> group to execute sudo by + Only allow members of the <literal>wheel</literal> group to execute sudo by setting the executable's permissions accordingly. - This prevents users that are not members of <code>wheel</code> from + This prevents users that are not members of <literal>wheel</literal> from exploiting vulnerabilities in sudo such as CVE-2021-3156. ''; }; @@ -142,9 +142,9 @@ in description = '' Under which user/group the specified command is allowed to run. - A user can be specified using just the username: <code>"foo"</code>. - It is also possible to specify a user/group combination using <code>"foo:bar"</code> - or to only allow running as a specific group with <code>":bar"</code>. + A user can be specified using just the username: <literal>"foo"</literal>. + It is also possible to specify a user/group combination using <literal>"foo:bar"</literal> + or to only allow running as a specific group with <literal>":bar"</literal>. ''; }; @@ -159,7 +159,7 @@ in type = with types; str; description = '' A command being either just a path to a binary to allow any arguments, - the full command with arguments pre-set or with <code>""</code> used as the argument, + the full command with arguments pre-set or with <literal>""</literal> used as the argument, not allowing arguments to the command at all. ''; }; diff --git a/nixos/modules/services/databases/firebird.nix b/nixos/modules/services/databases/firebird.nix index 3a7ebd6bbd0..a26f1ff8258 100644 --- a/nixos/modules/services/databases/firebird.nix +++ b/nixos/modules/services/databases/firebird.nix @@ -48,8 +48,8 @@ in type = types.package; example = literalExpression "pkgs.firebird_3"; description = '' - Which Firebird package to be installed: <code>pkgs.firebird_3</code> - For SuperServer use override: <code>pkgs.firebird_3.override { superServer = true; };</code> + Which Firebird package to be installed: <literal>pkgs.firebird_3</literal> + For SuperServer use override: <literal>pkgs.firebird_3.override { superServer = true; };</literal> ''; }; diff --git a/nixos/modules/services/databases/mysql.nix b/nixos/modules/services/databases/mysql.nix index b7a55900c12..1e6a6b844a3 100644 --- a/nixos/modules/services/databases/mysql.nix +++ b/nixos/modules/services/databases/mysql.nix @@ -211,7 +211,7 @@ in For more information on how to specify the target and on which privileges exist, see the <link xlink:href="https://mariadb.com/kb/en/library/grant/">GRANT syntax</link>. - The attributes are used as <code>GRANT ''${attrName} ON ''${attrValue}</code>. + The attributes are used as <literal>GRANT ''${attrName} ON ''${attrValue}</literal>. ''; example = literalExpression '' { diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index e27f4518dfa..a054a6d7a12 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -159,7 +159,7 @@ in For more information on how to specify the target and on which privileges exist, see the <link xlink:href="https://www.postgresql.org/docs/current/sql-grant.html">GRANT syntax</link>. - The attributes are used as <code>GRANT ''${attrValue} ON ''${attrName}</code>. + The attributes are used as <literal>GRANT ''${attrValue} ON ''${attrName}</literal>. ''; example = literalExpression '' { diff --git a/nixos/modules/services/mail/nullmailer.nix b/nixos/modules/services/mail/nullmailer.nix index 59329667f7a..c37001e35bf 100644 --- a/nixos/modules/services/mail/nullmailer.nix +++ b/nixos/modules/services/mail/nullmailer.nix @@ -39,10 +39,10 @@ with lib; type = types.nullOr types.str; default = null; description = '' - Path to the <code>remotes</code> control file. This file contains a + Path to the <literal>remotes</literal> control file. This file contains a list of remote servers to which to send each message. - See <code>man 8 nullmailer-send</code> for syntax and available + See <literal>man 8 nullmailer-send</literal> for syntax and available options. ''; }; @@ -158,12 +158,12 @@ with lib; contains a remote host name or address followed by an optional protocol string, separated by white space. - See <code>man 8 nullmailer-send</code> for syntax and available + See <literal>man 8 nullmailer-send</literal> for syntax and available options. WARNING: This is stored world-readable in the nix store. If you need to specify any secret credentials here, consider using the - <code>remotesFile</code> option instead. + <literal>remotesFile</literal> option instead. ''; }; diff --git a/nixos/modules/services/mail/public-inbox.nix b/nixos/modules/services/mail/public-inbox.nix index bb835881ba0..6f33283b548 100644 --- a/nixos/modules/services/mail/public-inbox.nix +++ b/nixos/modules/services/mail/public-inbox.nix @@ -26,7 +26,7 @@ let description = '' Listening port. Beware that public-inbox uses well-known ports number to decide whether to enable TLS or not. - Set to null and use <code>systemd.sockets.public-inbox-${proto}d.listenStreams</code> + Set to null and use <literal>systemd.sockets.public-inbox-${proto}d.listenStreams</literal> if you need a more advanced listening. ''; }; @@ -242,8 +242,8 @@ in description = '' Listening port or systemd's ListenStream= entry to be used as a reverse proxy, eg. in nginx: - <code>locations."/inbox".proxyPass = "http://unix:''${config.services.public-inbox.http.port}:/inbox";</code> - Set to null and use <code>systemd.sockets.public-inbox-httpd.listenStreams</code> + <literal>locations."/inbox".proxyPass = "http://unix:''${config.services.public-inbox.http.port}:/inbox";</literal> + Set to null and use <literal>systemd.sockets.public-inbox-httpd.listenStreams</literal> if you need a more advanced listening. ''; }; diff --git a/nixos/modules/services/misc/autorandr.nix b/nixos/modules/services/misc/autorandr.nix index 9a0530866b5..a77535cca49 100644 --- a/nixos/modules/services/misc/autorandr.nix +++ b/nixos/modules/services/misc/autorandr.nix @@ -29,7 +29,7 @@ let type = types.attrsOf types.str; description = '' Output name to EDID mapping. - Use <code>autorandr --fingerprint</code> to get current setup values. + Use <literal>autorandr --fingerprint</literal> to get current setup values. ''; default = { }; }; diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 3ff2837900e..de04797a800 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -180,7 +180,7 @@ in network-key = mkOption { description = '' An absolute file path (which should be outside the Nix-store) - to a secret key to encrypt internal messages with. Use <code>srht-keygen network</code> to + to a secret key to encrypt internal messages with. Use <literal>srht-keygen network</literal> to generate this key. It must be consistent between all services and nodes. ''; type = types.path; @@ -209,7 +209,7 @@ in service-key = mkOption { description = '' An absolute file path (which should be outside the Nix-store) - to a key used for encrypting session cookies. Use <code>srht-keygen service</code> to + to a key used for encrypting session cookies. Use <literal>srht-keygen service</literal> to generate the service key. This must be shared between each node of the same service (e.g. git1.sr.ht and git2.sr.ht), but different services may use different keys. If you configure all of your services with the same @@ -252,8 +252,8 @@ in Your PGP key information (DO NOT mix up pub and priv here) You must remove the password from your secret key, if present. - You can do this with <code>gpg --edit-key [key-id]</code>, - then use the <code>passwd</code> command and do not enter a new password. + You can do this with <literal>gpg --edit-key [key-id]</literal>, + then use the <literal>passwd</literal> command and do not enter a new password. ''; }; pgp-pubkey = mkOption { @@ -294,7 +294,7 @@ in This should be consistent for all *.sr.ht sites, as this key will be used to verify signatures from other sites in your network. - Use the <code>srht-keygen webhook</code> command to generate a key. + Use the <literal>srht-keygen webhook</literal> command to generate a key. ''; type = types.path; apply = s: "<" + toString s; diff --git a/nixos/modules/services/networking/bird.nix b/nixos/modules/services/networking/bird.nix index d409f060228..b166209fa96 100644 --- a/nixos/modules/services/networking/bird.nix +++ b/nixos/modules/services/networking/bird.nix @@ -24,7 +24,7 @@ in description = '' Whether the config should be checked at build time. When the config can't be checked during build time, for example when it includes - other files, either disable this option or use <code>preCheckConfig</code> to create + other files, either disable this option or use <literal>preCheckConfig</literal> to create the included files before checking. ''; }; @@ -36,7 +36,7 @@ in ''; description = '' Commands to execute before the config file check. The file to be checked will be - available as <code>bird2.conf</code> in the current directory. + available as <literal>bird2.conf</literal> in the current directory. Files created with this option will not be available at service runtime, only during build time checking. diff --git a/nixos/modules/services/networking/ghostunnel.nix b/nixos/modules/services/networking/ghostunnel.nix index 6cac6a69b06..ce5d386edc3 100644 --- a/nixos/modules/services/networking/ghostunnel.nix +++ b/nixos/modules/services/networking/ghostunnel.nix @@ -40,9 +40,9 @@ let description = '' Path to keystore (combined PEM with cert/key, or PKCS12 keystore). - NB: storepass is not supported because it would expose credentials via <code>/proc/*/cmdline</code>. + NB: storepass is not supported because it would expose credentials via <literal>/proc/*/cmdline</literal>. - Specify this or <code>cert</code> and <code>key</code>. + Specify this or <literal>cert</literal> and <literal>key</literal>. ''; type = types.nullOr types.str; default = null; @@ -52,7 +52,7 @@ let description = '' Path to certificate (PEM with certificate chain). - Not required if <code>keystore</code> is set. + Not required if <literal>keystore</literal> is set. ''; type = types.nullOr types.str; default = null; @@ -62,7 +62,7 @@ let description = '' Path to certificate private key (PEM with private key). - Not required if <code>keystore</code> is set. + Not required if <literal>keystore</literal> is set. ''; type = types.nullOr types.str; default = null; @@ -70,7 +70,7 @@ let cacert = mkOption { description = '' - Path to CA bundle file (PEM/X509). Uses system trust store if <code>null</code>. + Path to CA bundle file (PEM/X509). Uses system trust store if <literal>null</literal>. ''; type = types.nullOr types.str; }; @@ -124,7 +124,7 @@ let }; extraArguments = mkOption { - description = "Extra arguments to pass to <code>ghostunnel server</code>"; + description = "Extra arguments to pass to <literal>ghostunnel server</literal>"; type = types.separatedString " "; default = ""; }; diff --git a/nixos/modules/services/networking/nntp-proxy.nix b/nixos/modules/services/networking/nntp-proxy.nix index 618ed0a93f1..1a776aae617 100644 --- a/nixos/modules/services/networking/nntp-proxy.nix +++ b/nixos/modules/services/networking/nntp-proxy.nix @@ -169,7 +169,7 @@ in example = "$6$GtzE7FrpE$wwuVgFYU.TZH4Rz.Snjxk9XGua89IeVwPQ/fEUD8eujr40q5Y021yhn0aNcsQ2Ifw.BLclyzvzgegopgKcneL0"; description = '' SHA-512 password hash (can be generated by - <code>mkpasswd -m sha-512 <password></code>) + <literal>mkpasswd -m sha-512 <password></literal>) ''; }; diff --git a/nixos/modules/services/networking/nsd.nix b/nixos/modules/services/networking/nsd.nix index 1102fc85d40..a372d3b207c 100644 --- a/nixos/modules/services/networking/nsd.nix +++ b/nixos/modules/services/networking/nsd.nix @@ -393,7 +393,7 @@ let type = types.listOf types.str; default = []; description = '' - Format: <code>[AXFR|UDP] <ip-address> <key-name | NOKEY></code> + Format: <literal>[AXFR|UDP] <ip-address> <key-name | NOKEY></literal> ''; }; diff --git a/nixos/modules/services/networking/openconnect.nix b/nixos/modules/services/networking/openconnect.nix index c5313bb305a..c7294145975 100644 --- a/nixos/modules/services/networking/openconnect.nix +++ b/nixos/modules/services/networking/openconnect.nix @@ -40,8 +40,8 @@ let passwordFile = mkOption { description = '' File containing the password to authenticate with. This - is passed to <code>openconnect</code> via the - <code>--passwd-on-stdin</code> option. + is passed to <literal>openconnect</literal> via the + <literal>--passwd-on-stdin</literal> option. ''; default = null; example = "/var/lib/secrets/openconnect-passwd"; @@ -66,10 +66,10 @@ let description = '' Extra config to be appended to the interface config. It should contain long-format options as would be accepted on the command - line by <code>openconnect</code> + line by <literal>openconnect</literal> (see https://www.infradead.org/openconnect/manual.html). - Non-key-value options like <code>deflate</code> can be used by - declaring them as booleans, i. e. <code>deflate = true;</code>. + Non-key-value options like <literal>deflate</literal> can be used by + declaring them as booleans, i. e. <literal>deflate = true;</literal>. ''; default = { }; example = { diff --git a/nixos/modules/services/networking/yggdrasil.nix b/nixos/modules/services/networking/yggdrasil.nix index 07b2e2a2daf..e99f31b0eaa 100644 --- a/nixos/modules/services/networking/yggdrasil.nix +++ b/nixos/modules/services/networking/yggdrasil.nix @@ -44,8 +44,8 @@ in { are supplied, they will be combined, with values from <option>configFile</option> taking precedence. - You can use the command <code>nix-shell -p yggdrasil --run - "yggdrasil -genconf"</code> to generate default + You can use the command <literal>nix-shell -p yggdrasil --run + "yggdrasil -genconf"</literal> to generate default configuration values with documentation. ''; }; @@ -64,7 +64,7 @@ in { type = types.nullOr types.str; default = null; example = "wheel"; - description = "Group to grant access to the Yggdrasil control socket. If <code>null</code>, only root can access the socket."; + description = "Group to grant access to the Yggdrasil control socket. If <literal>null</literal>, only root can access the socket."; }; openMulticastPort = mkOption { @@ -74,7 +74,7 @@ in { Whether to open the UDP port used for multicast peer discovery. The NixOS firewall blocks link-local communication, so in order to make local peering work you - will also need to set <code>LinkLocalTCPPort</code> in your + will also need to set <literal>LinkLocalTCPPort</literal> in your yggdrasil configuration (<option>config</option> or <option>configFile</option>) to a port number other than 0, and then add that port to diff --git a/nixos/modules/services/torrent/transmission.nix b/nixos/modules/services/torrent/transmission.nix index 9777964386c..1641f1ad184 100644 --- a/nixos/modules/services/torrent/transmission.nix +++ b/nixos/modules/services/torrent/transmission.nix @@ -175,7 +175,7 @@ in default = null; example = "770"; description = '' - If not <code>null</code>, is used as the permissions + If not <literal>null</literal>, is used as the permissions set by <literal>systemd.activationScripts.transmission-daemon</literal> on the directories <xref linkend="opt-services.transmission.settings.download-dir"/>, <xref linkend="opt-services.transmission.settings.incomplete-dir"/>. @@ -214,7 +214,7 @@ in description = '' Path to a JSON file to be merged with the settings. Useful to merge a file which is better kept out of the Nix store - to set secret config parameters like <code>rpc-password</code>. + to set secret config parameters like <literal>rpc-password</literal>. ''; default = "/dev/null"; example = "/var/lib/secrets/transmission/settings.json"; @@ -237,7 +237,7 @@ in to open many more connections at the same time. Note that you may also want to increase - <code>peer-limit-global"</code>. + <literal>peer-limit-global"</literal>. And be aware that these settings are quite aggressive and might not suite your regular desktop use. For instance, SSH sessions may time out more easily''; diff --git a/nixos/modules/services/web-apps/bookstack.nix b/nixos/modules/services/web-apps/bookstack.nix index 64a2767fab6..5d22a3b9a8d 100644 --- a/nixos/modules/services/web-apps/bookstack.nix +++ b/nixos/modules/services/web-apps/bookstack.nix @@ -52,7 +52,7 @@ in { description = '' A file containing the Laravel APP_KEY - a 32 character long, base64 encoded key used for encryption where needed. Can be - generated with <code>head -c 32 /dev/urandom | base64</code>. + generated with <literal>head -c 32 /dev/urandom | base64</literal>. ''; example = "/run/keys/bookstack-appkey"; type = types.path; @@ -74,7 +74,7 @@ in { appURL = mkOption { description = '' The root URL that you want to host BookStack on. All URLs in BookStack will be generated using this value. - If you change this in the future you may need to run a command to update stored URLs in the database. Command example: <code>php artisan bookstack:update-url https://old.example.com https://new.example.com</code> + If you change this in the future you may need to run a command to update stored URLs in the database. Command example: <literal>php artisan bookstack:update-url https://old.example.com https://new.example.com</literal> ''; default = "http${lib.optionalString tlsEnabled "s"}://${cfg.hostname}"; defaultText = ''http''${lib.optionalString tlsEnabled "s"}://''${cfg.hostname}''; diff --git a/nixos/modules/services/web-apps/mastodon.nix b/nixos/modules/services/web-apps/mastodon.nix index f3f0fb7cb53..00c30d73bb6 100644 --- a/nixos/modules/services/web-apps/mastodon.nix +++ b/nixos/modules/services/web-apps/mastodon.nix @@ -113,17 +113,17 @@ in { affect other virtualHosts running on your nginx instance, if any. Alternatively you can configure a reverse-proxy of your choice to serve these paths: - <code>/ -> $(nix-instantiate --eval '<nixpkgs>' -A mastodon.outPath)/public</code> + <literal>/ -> $(nix-instantiate --eval '<nixpkgs>' -A mastodon.outPath)/public</literal> - <code>/ -> 127.0.0.1:{{ webPort }} </code>(If there was no file in the directory above.) + <literal>/ -> 127.0.0.1:{{ webPort }} </literal>(If there was no file in the directory above.) - <code>/system/ -> /var/lib/mastodon/public-system/</code> + <literal>/system/ -> /var/lib/mastodon/public-system/</literal> - <code>/api/v1/streaming/ -> 127.0.0.1:{{ streamingPort }}</code> + <literal>/api/v1/streaming/ -> 127.0.0.1:{{ streamingPort }}</literal> Make sure that websockets are forwarded properly. You might want to set up caching of some requests. Take a look at mastodon's provided nginx configuration at - <code>https://github.com/mastodon/mastodon/blob/master/dist/nginx.conf</code>. + <literal>https://github.com/mastodon/mastodon/blob/master/dist/nginx.conf</literal>. ''; type = lib.types.bool; default = false; @@ -135,13 +135,13 @@ in { that user will be created, otherwise it should be set to the name of a user created elsewhere. In both cases, <package>mastodon</package> and a package containing only - the shell script <code>mastodon-env</code> will be added to + the shell script <literal>mastodon-env</literal> will be added to the user's package set. To run a command from - <package>mastodon</package> such as <code>tootctl</code> + <package>mastodon</package> such as <literal>tootctl</literal> with the environment configured by this module use - <code>mastodon-env</code>, as in: + <literal>mastodon-env</literal>, as in: - <code>mastodon-env tootctl accounts create newuser --email newuser@example.com</code> + <literal>mastodon-env tootctl accounts create newuser --email newuser@example.com</literal> ''; type = lib.types.str; default = "mastodon"; @@ -202,7 +202,7 @@ in { Voluntary Application Server Identification. A new keypair can be generated by running: - <code>nix build -f '<nixpkgs>' mastodon; cd result; bin/rake webpush:generate_keys</code> + <literal>nix build -f '<nixpkgs>' mastodon; cd result; bin/rake webpush:generate_keys</literal> If <option>mastodon.vapidPrivateKeyFile</option>does not exist, it and this file will be created with a new keypair. @@ -222,7 +222,7 @@ in { Path to file containing the secret key base. A new secret key base can be generated by running: - <code>nix build -f '<nixpkgs>' mastodon; cd result; bin/rake secret</code> + <literal>nix build -f '<nixpkgs>' mastodon; cd result; bin/rake secret</literal> If this file does not exist, it will be created with a new secret key base. ''; @@ -235,7 +235,7 @@ in { Path to file containing the OTP secret. A new OTP secret can be generated by running: - <code>nix build -f '<nixpkgs>' mastodon; cd result; bin/rake secret</code> + <literal>nix build -f '<nixpkgs>' mastodon; cd result; bin/rake secret</literal> If this file does not exist, it will be created with a new OTP secret. ''; @@ -249,7 +249,7 @@ in { Voluntary Application Server Identification. A new keypair can be generated by running: - <code>nix build -f '<nixpkgs>' mastodon; cd result; bin/rake webpush:generate_keys</code> + <literal>nix build -f '<nixpkgs>' mastodon; cd result; bin/rake webpush:generate_keys</literal> If this file does not exist, it will be created with a new private key. diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix index 618ad85b860..08083b7a443 100644 --- a/nixos/modules/services/web-apps/nextcloud.nix +++ b/nixos/modules/services/web-apps/nextcloud.nix @@ -586,8 +586,8 @@ in { type = types.ints.positive; default = 15552000; description = '' - Value for the <code>max-age</code> directive of the HTTP - <code>Strict-Transport-Security</code> header. + Value for the <literal>max-age</literal> directive of the HTTP + <literal>Strict-Transport-Security</literal> header. See section 6.1.1 of IETF RFC 6797 for detailed information on this directive and header. diff --git a/nixos/modules/services/web-apps/snipe-it.nix b/nixos/modules/services/web-apps/snipe-it.nix index 842e0715c02..3059e67cb43 100644 --- a/nixos/modules/services/web-apps/snipe-it.nix +++ b/nixos/modules/services/web-apps/snipe-it.nix @@ -46,7 +46,7 @@ in { description = '' A file containing the Laravel APP_KEY - a 32 character long, base64 encoded key used for encryption where needed. Can be - generated with <code>head -c 32 /dev/urandom | base64</code>. + generated with <literal>head -c 32 /dev/urandom | base64</literal>. ''; example = "/run/keys/snipe-it/appkey"; type = types.path; @@ -69,7 +69,7 @@ in { description = '' The root URL that you want to host Snipe-IT on. All URLs in Snipe-IT will be generated using this value. If you change this in the future you may need to run a command to update stored URLs in the database. - Command example: <code>snipe-it snipe-it:update-url https://old.example.com https://new.example.com</code> + Command example: <literal>snipe-it snipe-it:update-url https://old.example.com https://new.example.com</literal> ''; default = "http${lib.optionalString tlsEnabled "s"}://${cfg.hostName}"; defaultText = '' diff --git a/nixos/modules/virtualisation/podman/default.nix b/nixos/modules/virtualisation/podman/default.nix index 361caeff70b..1e2f8a7fae6 100644 --- a/nixos/modules/virtualisation/podman/default.nix +++ b/nixos/modules/virtualisation/podman/default.nix @@ -74,7 +74,7 @@ in Podman implements the Docker API. - Users must be in the <code>podman</code> group in order to connect. As + Users must be in the <literal>podman</literal> group in order to connect. As with Docker, members of this group can gain root access. ''; }; diff --git a/nixos/modules/virtualisation/podman/network-socket.nix b/nixos/modules/virtualisation/podman/network-socket.nix index 94d8da9d2b6..5f6ce493558 100644 --- a/nixos/modules/virtualisation/podman/network-socket.nix +++ b/nixos/modules/virtualisation/podman/network-socket.nix @@ -22,7 +22,7 @@ in with TLS client certificate authentication. This allows Docker clients to connect with the equivalents of the Docker - CLI <code>-H</code> and <code>--tls*</code> family of options. + CLI <literal>-H</literal> and <literal>--tls*</literal> family of options. For certificate setup, see https://docs.docker.com/engine/security/protect-access/ |