diff options
31 files changed, 154 insertions, 145 deletions
diff --git a/nixos/modules/services/backup/znapzend.nix b/nixos/modules/services/backup/znapzend.nix index 23e18beede6..f8d741e3ad9 100644 --- a/nixos/modules/services/backup/znapzend.nix +++ b/nixos/modules/services/backup/znapzend.nix @@ -12,19 +12,19 @@ let backups. It consists of a series of retention periodes to interval associations: - <literal> + ``` retA=>intA,retB=>intB,... - </literal> + ``` Both intervals and retention periods are expressed in standard units of time or multiples of them. You can use both the full name or a shortcut according to the following listing: - <literal> + ``` second|sec|s, minute|min, hour|h, day|d, week|w, month|mon|m, year|y - </literal> + ``` - See <citerefentry><refentrytitle>znapzendzetup</refentrytitle><manvolnum>1</manvolnum></citerefentry> for more info. + See {manpage}`znapzendzetup(1)` for more info. ''; planExample = "1h=>10min,1d=>1h,1w=>1d,1m=>1w,1y=>1m"; @@ -57,7 +57,7 @@ let plan = mkOption { type = str; - description = planDescription; + description = lib.mdDoc planDescription; example = planExample; }; @@ -209,7 +209,7 @@ let plan = mkOption { type = str; - description = planDescription; + description = lib.mdDoc planDescription; example = planExample; }; diff --git a/nixos/modules/services/development/zammad.nix b/nixos/modules/services/development/zammad.nix index 23f2e501903..7de11b08b7e 100644 --- a/nixos/modules/services/development/zammad.nix +++ b/nixos/modules/services/development/zammad.nix @@ -137,9 +137,9 @@ in { } ''; - description = '' - The <filename>database.yml</filename> configuration file as key value set. - See <link xlink:href="TODO"/> + description = lib.mdDoc '' + The {file}`database.yml` configuration file as key value set. + See \<TODO\> for list of configuration parameters. ''; }; diff --git a/nixos/modules/services/games/teeworlds.nix b/nixos/modules/services/games/teeworlds.nix index 6c920a0df05..083ab3ba94e 100644 --- a/nixos/modules/services/games/teeworlds.nix +++ b/nixos/modules/services/games/teeworlds.nix @@ -80,8 +80,8 @@ in extraOptions = mkOption { type = types.listOf types.str; default = []; - description = '' - Extra configuration lines for the <filename>teeworlds.cfg</filename>. See <link xlink:href="https://www.teeworlds.com/?page=docs&wiki=server_settings">Teeworlds Documentation</link>. + description = lib.mdDoc '' + Extra configuration lines for the {file}`teeworlds.cfg`. See [Teeworlds Documentation](https://www.teeworlds.com/?page=docs&wiki=server_settings). ''; example = [ "sv_map dm1" "sv_gametype dm" ]; }; diff --git a/nixos/modules/services/mail/pfix-srsd.nix b/nixos/modules/services/mail/pfix-srsd.nix index d46447a480a..237f36945e4 100644 --- a/nixos/modules/services/mail/pfix-srsd.nix +++ b/nixos/modules/services/mail/pfix-srsd.nix @@ -22,10 +22,10 @@ with lib; }; secretsFile = mkOption { - description = '' + description = lib.mdDoc '' The secret data used to encode the SRS address. to generate, use a command like: - <literal>for n in $(seq 5); do dd if=/dev/urandom count=1 bs=1024 status=none | sha256sum | sed 's/ -$//' | sed 's/^/ /'; done</literal> + `for n in $(seq 5); do dd if=/dev/urandom count=1 bs=1024 status=none | sha256sum | sed 's/ -$//' | sed 's/^/ /'; done` ''; type = types.path; default = "/var/lib/pfix-srsd/secrets"; diff --git a/nixos/modules/services/mail/spamassassin.nix b/nixos/modules/services/mail/spamassassin.nix index 6c6b63b515b..49d1d931598 100644 --- a/nixos/modules/services/mail/spamassassin.nix +++ b/nixos/modules/services/mail/spamassassin.nix @@ -22,23 +22,26 @@ in config = mkOption { type = types.lines; - description = '' + description = lib.mdDoc '' The SpamAssassin local.cf config If you are using this configuration: - add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_ + + add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_ Then you can Use this sieve filter: - require ["fileinto", "reject", "envelope"]; - if header :contains "X-Spam-Flag" "YES" { - fileinto "spam"; - } + require ["fileinto", "reject", "envelope"]; + + if header :contains "X-Spam-Flag" "YES" { + fileinto "spam"; + } Or this procmail filter: - :0: - * ^X-Spam-Flag: YES - /var/vpopmail/domains/lastlog.de/js/.maildir/.spam/new + + :0: + * ^X-Spam-Flag: YES + /var/vpopmail/domains/lastlog.de/js/.maildir/.spam/new To filter your messages based on the additional mail headers added by spamassassin. ''; diff --git a/nixos/modules/services/misc/autorandr.nix b/nixos/modules/services/misc/autorandr.nix index f97a71b45b5..365fdd5fcc3 100644 --- a/nixos/modules/services/misc/autorandr.nix +++ b/nixos/modules/services/misc/autorandr.nix @@ -149,15 +149,15 @@ let }; }; }); - description = '' + description = lib.mdDoc '' Output scale configuration. Either configure by pixels or a scaling factor. When using pixel method the - <citerefentry><refentrytitle>xrandr</refentrytitle><manvolnum>1</manvolnum></citerefentry> + {manpage}`xrandr(1)` option - <parameter class="command">--scale-from</parameter> + `--scale-from` will be used; when using factor method the option - <parameter class="command">--scale</parameter> + `--scale` will be used. This option is a shortcut version of the transform option and they are mutually diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix index f96b4fb6dd5..d9dece3343f 100644 --- a/nixos/modules/services/misc/gitea.nix +++ b/nixos/modules/services/misc/gitea.nix @@ -322,14 +322,14 @@ in }; service = { - DISABLE_REGISTRATION = mkEnableOption "the registration lock" // { - description = '' - By default any user can create an account on this <literal>gitea</literal> instance. + DISABLE_REGISTRATION = mkEnableOption (lib.mdDoc "the registration lock") // { + description = lib.mdDoc '' + By default any user can create an account on this `gitea` instance. This can be disabled by using this option. - <emphasis>Note:</emphasis> please keep in mind that this should be added after the initial - deploy unless <link linkend="opt-services.gitea.useWizard">services.gitea.useWizard</link> - is <literal>true</literal> as the first registered user will be the administrator if + *Note:* please keep in mind that this should be added after the initial + deploy unless [](#opt-services.gitea.useWizard) + is `true` as the first registered user will be the administrator if no install wizard is used. ''; }; diff --git a/nixos/modules/services/misc/gitit.nix b/nixos/modules/services/misc/gitit.nix index c958e05370a..0fafa76b548 100644 --- a/nixos/modules/services/misc/gitit.nix +++ b/nixos/modules/services/misc/gitit.nix @@ -211,7 +211,7 @@ let templatesDir = mkOption { type = types.path; default = gititShared + "/data/templates"; - description = '' + description = lib.mdDoc '' Specifies the path of the directory containing page templates. If it does not exist, gitit will create it with default templates. Users may wish to edit the templates to customize the appearance of their @@ -490,10 +490,10 @@ let absoluteUrls = mkOption { type = types.bool; default = false; - description = '' + description = lib.mdDoc '' Make wikilinks absolute with respect to the base-url. So, for example, in a wiki served at the base URL '/wiki', on a page - Sub/Page, the wikilink '[Cactus]()' will produce a link to + Sub/Page, the wikilink `[Cactus]()` will produce a link to '/wiki/Cactus' if absoluteUrls is true, and a relative link to 'Cactus' (referring to '/wiki/Sub/Cactus') if absolute-urls is 'no'. ''; diff --git a/nixos/modules/services/misc/nix-daemon.nix b/nixos/modules/services/misc/nix-daemon.nix index f03d4900a79..e8d2bccdbf9 100644 --- a/nixos/modules/services/misc/nix-daemon.nix +++ b/nixos/modules/services/misc/nix-daemon.nix @@ -628,17 +628,17 @@ in sandbox-paths = { "/bin/sh" = "''${pkgs.busybox-sandbox-shell.out}/bin/busybox"; }; } ''; - description = '' + description = lib.mdDoc '' Configuration for Nix, see - <link xlink:href="https://nixos.org/manual/nix/stable/#sec-conf-file"/> or - <citerefentry><refentrytitle>nix.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> for avalaible options. + <https://nixos.org/manual/nix/stable/#sec-conf-file> or + {manpage}`nix.conf(5)` for avalaible options. The value declared here will be translated directly to the key-value pairs Nix expects. - You can use <command>nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.nix.settings</command> + You can use {command}`nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.nix.settings` to view the current value. By default it is empty. - Nix configurations defined under <option>nix.*</option> will be translated and applied to this - option. In addition, configuration specified in <option>nix.extraOptions</option> which will be appended + Nix configurations defined under {option}`nix.*` will be translated and applied to this + option. In addition, configuration specified in {option}`nix.extraOptions` which will be appended verbatim to the resulting config file. ''; }; diff --git a/nixos/modules/services/misc/persistent-evdev.nix b/nixos/modules/services/misc/persistent-evdev.nix index 24af4c9a02f..b1f367fec7f 100644 --- a/nixos/modules/services/misc/persistent-evdev.nix +++ b/nixos/modules/services/misc/persistent-evdev.nix @@ -16,16 +16,16 @@ in devices = lib.mkOption { default = {}; type = with lib.types; attrsOf str; - description = '' + description = lib.mdDoc '' A set of virtual proxy device labels with backing physical device ids. - Physical devices should already exist in <filename class="devicefile">/dev/input/by-id/</filename>. - Proxy devices will be automatically given a <literal>uinput-</literal> prefix. + Physical devices should already exist in {file}`/dev/input/by-id/`. + Proxy devices will be automatically given a `uinput-` prefix. - See the <link xlink:href="https://github.com/aiberia/persistent-evdev#example-usage-with-libvirt">project page</link> + See the [project page](https://github.com/aiberia/persistent-evdev#example-usage-with-libvirt) for example configuration of virtual devices with libvirt - and remember to add <literal>uinput-*</literal> devices to the qemu - <literal>cgroup_device_acl</literal> list (see <xref linkend="opt-virtualisation.libvirtd.qemu.verbatimConfig"/>). + and remember to add `uinput-*` devices to the qemu + `cgroup_device_acl` list (see [](#opt-virtualisation.libvirtd.qemu.verbatimConfig)). ''; example = lib.literalExpression '' { diff --git a/nixos/modules/services/monitoring/prometheus/exporters.nix b/nixos/modules/services/monitoring/prometheus/exporters.nix index 98e517d9c20..3447fe1bd2e 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters.nix @@ -115,10 +115,10 @@ let example = literalExpression '' "-i eth0 -p tcp -m tcp --dport ${toString port}" ''; - description = '' + description = lib.mdDoc '' Specify a filter for iptables to use when - <option>services.prometheus.exporters.${name}.openFirewall</option> - is true. It is used as `ip46tables -I nixos-fw <option>firewallFilter</option> -j nixos-fw-accept`. + {option}`services.prometheus.exporters.${name}.openFirewall` + is true. It is used as `ip46tables -I nixos-fw firewallFilter -j nixos-fw-accept`. ''; }; user = mkOption { diff --git a/nixos/modules/services/monitoring/smartd.nix b/nixos/modules/services/monitoring/smartd.nix index b3ea014139d..cfebb4b9798 100644 --- a/nixos/modules/services/monitoring/smartd.nix +++ b/nixos/modules/services/monitoring/smartd.nix @@ -135,9 +135,9 @@ in default = "root"; example = "example@domain.tld"; type = types.str; - description = '' + description = lib.mdDoc '' Sender of the notification messages. - Acts as the value of <literal>email</literal> in the emails' <literal>From: ... </literal> field. + Acts as the value of `email` in the emails' `From: ...` field. ''; }; diff --git a/nixos/modules/services/networking/3proxy.nix b/nixos/modules/services/networking/3proxy.nix index 1b2eb6a318a..e643ed94131 100644 --- a/nixos/modules/services/networking/3proxy.nix +++ b/nixos/modules/services/networking/3proxy.nix @@ -155,10 +155,10 @@ in { type = types.listOf types.str; default = [ ]; example = [ "127.0.0.1" "192.168.1.0/24" ]; - description = '' + description = lib.mdDoc '' List of target IP ranges, use empty list for any. May also contain host names instead of addresses. - It's possible to use wildmask in the begginning and in the the end of hostname, e.g. *badsite.com or *badcontent*. + It's possible to use wildmask in the begginning and in the the end of hostname, e.g. `*badsite.com` or `*badcontent*`. Hostname is only checked if hostname presents in request. ''; }; diff --git a/nixos/modules/services/networking/networkmanager.nix b/nixos/modules/services/networking/networkmanager.nix index c9e54f9b922..0aa301251bb 100644 --- a/nixos/modules/services/networking/networkmanager.nix +++ b/nixos/modules/services/networking/networkmanager.nix @@ -327,9 +327,9 @@ in { type = mkOption { type = types.enum (attrNames dispatcherTypesSubdirMap); default = "basic"; - description = '' + description = lib.mdDoc '' Dispatcher hook type. Look up the hooks described at - <link xlink:href="https://developer.gnome.org/NetworkManager/stable/NetworkManager.html">https://developer.gnome.org/NetworkManager/stable/NetworkManager.html</link> + [https://developer.gnome.org/NetworkManager/stable/NetworkManager.html](https://developer.gnome.org/NetworkManager/stable/NetworkManager.html) and choose the type depending on the output folder. You should then filter the event type (e.g., "up"/"down") from within your script. ''; diff --git a/nixos/modules/services/networking/wireguard.nix b/nixos/modules/services/networking/wireguard.nix index 9017c53f4e5..23b3008f02d 100644 --- a/nixos/modules/services/networking/wireguard.nix +++ b/nixos/modules/services/networking/wireguard.nix @@ -194,19 +194,20 @@ let default = null; example = "demo.wireguard.io:12913"; type = with types; nullOr str; - description = ''Endpoint IP or hostname of the peer, followed by a colon, - and then a port number of the peer. - - Warning for endpoints with changing IPs: - The WireGuard kernel side cannot perform DNS resolution. - Thus DNS resolution is done once by the <literal>wg</literal> userspace - utility, when setting up WireGuard. Consequently, if the IP address - behind the name changes, WireGuard will not notice. - This is especially common for dynamic-DNS setups, but also applies to - any other DNS-based setup. - If you do not use IP endpoints, you likely want to set - <option>networking.wireguard.dynamicEndpointRefreshSeconds</option> - to refresh the IPs periodically. + description = lib.mdDoc '' + Endpoint IP or hostname of the peer, followed by a colon, + and then a port number of the peer. + + Warning for endpoints with changing IPs: + The WireGuard kernel side cannot perform DNS resolution. + Thus DNS resolution is done once by the `wg` userspace + utility, when setting up WireGuard. Consequently, if the IP address + behind the name changes, WireGuard will not notice. + This is especially common for dynamic-DNS setups, but also applies to + any other DNS-based setup. + If you do not use IP endpoints, you likely want to set + {option}`networking.wireguard.dynamicEndpointRefreshSeconds` + to refresh the IPs periodically. ''; }; diff --git a/nixos/modules/services/networking/znc/default.nix b/nixos/modules/services/networking/znc/default.nix index 6b662152e64..2befab373ba 100644 --- a/nixos/modules/services/networking/znc/default.nix +++ b/nixos/modules/services/networking/znc/default.nix @@ -149,27 +149,27 @@ in }; } ''; - description = '' + description = lib.mdDoc '' Configuration for ZNC, see - <link xlink:href="https://wiki.znc.in/Configuration"/> for details. The + <https://wiki.znc.in/Configuration> for details. The Nix value declared here will be translated directly to the xml-like format ZNC expects. This is much more flexible than the legacy options - under <option>services.znc.confOptions.*</option>, but also can't do + under {option}`services.znc.confOptions.*`, but also can't do any type checking. - You can use <command>nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.services.znc.config</command> + You can use {command}`nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.services.znc.config` to view the current value. By default it contains a listener for port 5000 with SSL enabled. - Nix attributes called <literal>extraConfig</literal> will be inserted + Nix attributes called `extraConfig` will be inserted verbatim into the resulting config file. - If <option>services.znc.useLegacyConfig</option> is turned on, the - option values in <option>services.znc.confOptions.*</option> will be + If {option}`services.znc.useLegacyConfig` is turned on, the + option values in {option}`services.znc.confOptions.*` will be gracefully be applied to this option. If you intend to update the configuration through this option, be sure - to enable <option>services.znc.mutable</option>, otherwise none of the + to enable {option}`services.znc.mutable`, otherwise none of the changes here will be applied after the initial deploy. ''; }; diff --git a/nixos/modules/services/networking/znc/options.nix b/nixos/modules/services/networking/znc/options.nix index 9d472abdf48..ce8e7a89a4d 100644 --- a/nixos/modules/services/networking/znc/options.nix +++ b/nixos/modules/services/networking/znc/options.nix @@ -97,18 +97,18 @@ in useLegacyConfig = mkOption { default = true; type = types.bool; - description = '' + description = lib.mdDoc '' Whether to propagate the legacy options under - <option>services.znc.confOptions.*</option> to the znc config. If this + {option}`services.znc.confOptions.*` to the znc config. If this is turned on, the znc config will contain a user with the default name "znc", global modules "webadmin" and "adminlog" will be enabled by default, and more, all controlled through the - <option>services.znc.confOptions.*</option> options. - You can use <command>nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.services.znc.config</command> + {option}`services.znc.confOptions.*` options. + You can use {command}`nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.services.znc.config` to view the current value of the config. In any case, if you need more flexibility, - <option>services.znc.config</option> can be used to override/add to + {option}`services.znc.config` can be used to override/add to all of the legacy options. ''; }; @@ -177,11 +177,11 @@ in </Pass> ''; type = types.str; - description = '' - Generate with <command>nix-shell -p znc --command "znc --makepass"</command>. + description = lib.mdDoc '' + Generate with {command}`nix-shell -p znc --command "znc --makepass"`. This is the password used to log in to the ZNC web admin interface. You can also set this through - <option>services.znc.config.User.<username>.Pass.Method</option> + {option}`services.znc.config.User.<username>.Pass.Method` and co. ''; }; diff --git a/nixos/modules/services/security/tor.nix b/nixos/modules/services/security/tor.nix index de82e32f496..730802d92cf 100644 --- a/nixos/modules/services/security/tor.nix +++ b/nixos/modules/services/security/tor.nix @@ -288,17 +288,17 @@ in }; relay = { - enable = mkEnableOption "tor relaying" // { - description = '' + enable = mkEnableOption (lib.mdDoc "tor relaying") // { + description = lib.mdDoc '' Whether to enable relaying of Tor traffic for others. - See <link xlink:href="https://www.torproject.org/docs/tor-doc-relay"/> + See <https://www.torproject.org/docs/tor-doc-relay> for details. Setting this to true requires setting - <option>services.tor.relay.role</option> + {option}`services.tor.relay.role` and - <option>services.tor.settings.ORPort</option> + {option}`services.tor.settings.ORPort` options. ''; }; diff --git a/nixos/modules/services/security/vaultwarden/default.nix b/nixos/modules/services/security/vaultwarden/default.nix index 59983de1a5a..0df0e5d211b 100644 --- a/nixos/modules/services/security/vaultwarden/default.nix +++ b/nixos/modules/services/security/vaultwarden/default.nix @@ -97,26 +97,26 @@ in { SMTP_FROM_NAME = "example.com Bitwarden server"; } ''; - description = '' + description = lib.mdDoc '' The configuration of vaultwarden is done through environment variables, - therefore it is recommended to use upper snake case (e.g. <envar>DISABLE_2FA_REMEMBER</envar>). + therefore it is recommended to use upper snake case (e.g. {env}`DISABLE_2FA_REMEMBER`). - However, camel case (e.g. <literal>disable2FARemember</literal>) is also supported: + However, camel case (e.g. `disable2FARemember`) is also supported: The NixOS module will convert it automatically to - upper case snake case (e.g. <envar>DISABLE_2FA_REMEMBER</envar>). + upper case snake case (e.g. {env}`DISABLE_2FA_REMEMBER`). In this conversion digits (0-9) are handled just like upper case characters, - so <literal>foo2</literal> would be converted to <envar>FOO_2</envar>. - Names already in this format remain unchanged, so <literal>FOO2</literal> remains <literal>FOO2</literal> if passed as such, - even though <literal>foo2</literal> would have been converted to <envar>FOO_2</envar>. + so `foo2` would be converted to {env}`FOO_2`. + Names already in this format remain unchanged, so `FOO2` remains `FOO2` if passed as such, + even though `foo2` would have been converted to {env}`FOO_2`. This allows working around any potential future conflicting naming conventions. Based on the attributes passed to this config option an environment file will be generated that is passed to vaultwarden's systemd service. The available configuration options can be found in - <link xlink:href="https://github.com/dani-garcia/vaultwarden/blob/${vaultwarden.version}/.env.template">the environment template file</link>. + [the environment template file](https://github.com/dani-garcia/vaultwarden/blob/${vaultwarden.version}/.env.template). - See <xref linkend="opt-services.vaultwarden.environmentFile"/> for how + See ()[#opt-services.vaultwarden.environmentFile) for how to set up access to the Admin UI to invite initial users. ''; }; diff --git a/nixos/modules/services/torrent/transmission.nix b/nixos/modules/services/torrent/transmission.nix index c18ac89cfbd..5e0d13211bc 100644 --- a/nixos/modules/services/torrent/transmission.nix +++ b/nixos/modules/services/torrent/transmission.nix @@ -24,15 +24,15 @@ in ]; options = { services.transmission = { - enable = mkEnableOption "transmission" // { - description = '' + enable = mkEnableOption (lib.mdDoc "transmission") // { + description = lib.mdDoc '' Whether to enable the headless Transmission BitTorrent daemon. Transmission daemon can be controlled via the RPC interface using transmission-remote, the WebUI (http://127.0.0.1:9091/ by default), or other clients like stig or tremc. - Torrents are downloaded to <xref linkend="opt-services.transmission.home"/>/${downloadsDir} by default and are + Torrents are downloaded to [](#opt-services.transmission.home)/${downloadsDir} by default and are accessible to users in the "transmission" group. ''; }; @@ -237,13 +237,13 @@ in openRPCPort = mkEnableOption (lib.mdDoc "opening of the RPC port in the firewall"); - performanceNetParameters = mkEnableOption "performance tweaks" // { - description = '' + performanceNetParameters = mkEnableOption (lib.mdDoc "performance tweaks") // { + description = lib.mdDoc '' Whether to enable tweaking of kernel parameters to open many more connections at the same time. Note that you may also want to increase - <literal>peer-limit-global"</literal>. + `peer-limit-global`. And be aware that these settings are quite aggressive and might not suite your regular desktop use. For instance, SSH sessions may time out more easily. diff --git a/nixos/modules/services/web-apps/dokuwiki.nix b/nixos/modules/services/web-apps/dokuwiki.nix index e719d11e4d2..c7165c17fd7 100644 --- a/nixos/modules/services/web-apps/dokuwiki.nix +++ b/nixos/modules/services/web-apps/dokuwiki.nix @@ -137,11 +137,16 @@ let usersFile = mkOption { type = with types; nullOr str; default = if config.aclUse then "/var/lib/dokuwiki/${name}/users.auth.php" else null; - description = '' + description = lib.mdDoc '' Location of the dokuwiki users file. List of users. Format: - login:passwordhash:Real Name:email:groups,comma,separated - Create passwordHash easily by using:$ mkpasswd -5 password `pwgen 8 1` - Example: <link xlink:href="https://github.com/splitbrain/dokuwiki/blob/master/conf/users.auth.php.dist"/> + + login:passwordhash:Real Name:email:groups,comma,separated + + Create passwordHash easily by using: + + mkpasswd -5 password `pwgen 8 1` + + Example: <https://github.com/splitbrain/dokuwiki/blob/master/conf/users.auth.php.dist> ''; example = "/var/lib/dokuwiki/${name}/users.auth.php"; }; diff --git a/nixos/modules/services/web-apps/jirafeau.nix b/nixos/modules/services/web-apps/jirafeau.nix index 0ec20495a93..293cbb3af42 100644 --- a/nixos/modules/services/web-apps/jirafeau.nix +++ b/nixos/modules/services/web-apps/jirafeau.nix @@ -45,12 +45,12 @@ in $cfg['style'] = 'courgette'; $cfg['organisation'] = 'ACME'; ''; - description = let + description = let documentationLink = "https://gitlab.com/mojo42/Jirafeau/-/blob/${cfg.package.version}/lib/config.original.php"; in - '' - Jirefeau configuration. Refer to <link xlink:href="${documentationLink}"/> for supported + lib.mdDoc '' + Jirefeau configuration. Refer to <${documentationLink}> for supported values. ''; }; @@ -73,10 +73,10 @@ in description = let nginxCoreDocumentation = "http://nginx.org/en/docs/http/ngx_http_core_module.html"; in - '' + lib.mdDoc '' Timeout for reading client request bodies and headers. Refer to - <link xlink:href="${nginxCoreDocumentation}#client_body_timeout"/> and - <link xlink:href="${nginxCoreDocumentation}#client_header_timeout"/> for accepted values. + <${nginxCoreDocumentation}#client_body_timeout> and + <${nginxCoreDocumentation}#client_header_timeout> for accepted values. ''; }; diff --git a/nixos/modules/services/web-apps/mastodon.nix b/nixos/modules/services/web-apps/mastodon.nix index e1e63cdfe1a..779e7d4ad44 100644 --- a/nixos/modules/services/web-apps/mastodon.nix +++ b/nixos/modules/services/web-apps/mastodon.nix @@ -107,23 +107,23 @@ in { enable = lib.mkEnableOption (lib.mdDoc "Mastodon, a federated social network server"); configureNginx = lib.mkOption { - description = '' + description = lib.mdDoc '' Configure nginx as a reverse proxy for mastodon. Note that this makes some assumptions on your setup, and sets settings that will affect other virtualHosts running on your nginx instance, if any. Alternatively you can configure a reverse-proxy of your choice to serve these paths: - <literal>/ -> $(nix-instantiate --eval '<nixpkgs>' -A mastodon.outPath)/public</literal> + `/ -> $(nix-instantiate --eval '<nixpkgs>' -A mastodon.outPath)/public` - <literal>/ -> 127.0.0.1:{{ webPort }} </literal>(If there was no file in the directory above.) + `/ -> 127.0.0.1:{{ webPort }} `(If there was no file in the directory above.) - <literal>/system/ -> /var/lib/mastodon/public-system/</literal> + `/system/ -> /var/lib/mastodon/public-system/` - <literal>/api/v1/streaming/ -> 127.0.0.1:{{ streamingPort }}</literal> + `/api/v1/streaming/ -> 127.0.0.1:{{ streamingPort }}` Make sure that websockets are forwarded properly. You might want to set up caching of some requests. Take a look at mastodon's provided nginx configuration at - <literal>https://github.com/mastodon/mastodon/blob/master/dist/nginx.conf</literal>. + `https://github.com/mastodon/mastodon/blob/master/dist/nginx.conf`. ''; type = lib.types.bool; default = false; diff --git a/nixos/modules/services/web-apps/matomo.nix b/nixos/modules/services/web-apps/matomo.nix index f9927992a86..9e8d85161da 100644 --- a/nixos/modules/services/web-apps/matomo.nix +++ b/nixos/modules/services/web-apps/matomo.nix @@ -53,11 +53,11 @@ in { type = types.nullOr types.str; default = null; example = "lighttpd"; - description = '' - Name of the web server user that forwards requests to <option>services.phpfpm.pools.<name>.socket</option> the fastcgi socket for Matomo if the nginx + description = lib.mdDoc '' + Name of the web server user that forwards requests to {option}`services.phpfpm.pools.<name>.socket` the fastcgi socket for Matomo if the nginx option is not used. Either this option or the nginx option is mandatory. If you want to use another webserver than nginx, you need to set this to that server's user - and pass fastcgi requests to <literal>index.php</literal>, <literal>matomo.php</literal> and <literal>piwik.php</literal> (legacy name) to this socket. + and pass fastcgi requests to `index.php`, `matomo.php` and `piwik.php` (legacy name) to this socket. ''; }; diff --git a/nixos/modules/services/web-apps/wiki-js.nix b/nixos/modules/services/web-apps/wiki-js.nix index 91b1d266302..9cdbe989a35 100644 --- a/nixos/modules/services/web-apps/wiki-js.nix +++ b/nixos/modules/services/web-apps/wiki-js.nix @@ -85,10 +85,10 @@ in { ''; }; - offline = mkEnableOption "offline mode" // { - description = '' + offline = mkEnableOption (lib.mdDoc "offline mode") // { + description = lib.mdDoc '' Disable latest file updates and enable - <link xlink:href="https://docs.requarks.io/install/sideload">sideloading</link>. + [sideloading](https://docs.requarks.io/install/sideload). ''; }; }; diff --git a/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix b/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix index 5b7b752884e..0d60d533c99 100644 --- a/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix +++ b/nixos/modules/services/web-servers/apache-httpd/vhost-options.nix @@ -116,12 +116,12 @@ in useACMEHost = mkOption { type = types.nullOr types.str; default = null; - description = '' + description = lib.mdDoc '' A host of an existing Let's Encrypt certificate to use. This is useful if you have many subdomains and want to avoid hitting the - <link xlink:href="https://letsencrypt.org/docs/rate-limits/">rate limit</link>. - Alternately, you can generate a certificate through <option>enableACME</option>. - <emphasis>Note that this option does not create any certificates, nor it does add subdomains to existing ones – you will need to create them manually using <xref linkend="opt-security.acme.certs"/>.</emphasis> + [rate limit](https://letsencrypt.org/docs/rate-limits). + Alternately, you can generate a certificate through {option}`enableACME`. + *Note that this option does not create any certificates, nor it does add subdomains to existing ones – you will need to create them manually using [](#opt-security.acme.certs).* ''; }; diff --git a/nixos/modules/services/web-servers/hitch/default.nix b/nixos/modules/services/web-servers/hitch/default.nix index cd9774dc4d4..6c8b3cda5f7 100644 --- a/nixos/modules/services/web-servers/hitch/default.nix +++ b/nixos/modules/services/web-servers/hitch/default.nix @@ -36,9 +36,9 @@ with lib; frontend = mkOption { type = types.either types.str (types.listOf types.str); default = "[127.0.0.1]:443"; - description = '' + description = lib.mdDoc '' The port and interface of the listen endpoint in the -+ form [HOST]:PORT[+CERT]. + form [HOST]:PORT[+CERT]. ''; apply = toList; }; diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix index 96006f88758..ccf8804943a 100644 --- a/nixos/modules/services/web-servers/nginx/vhost-options.nix +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -75,12 +75,12 @@ with lib; useACMEHost = mkOption { type = types.nullOr types.str; default = null; - description = '' + description = lib.mdDoc '' A host of an existing Let's Encrypt certificate to use. This is useful if you have many subdomains and want to avoid hitting the - <link xlink:href="https://letsencrypt.org/docs/rate-limits/">rate limit</link>. - Alternately, you can generate a certificate through <option>enableACME</option>. - <emphasis>Note that this option does not create any certificates, nor it does add subdomains to existing ones – you will need to create them manually using <xref linkend="opt-security.acme.certs"/>.</emphasis> + [rate limit](https://letsencrypt.org/docs/rate-limits). + Alternately, you can generate a certificate through {option}`enableACME`. + *Note that this option does not create any certificates, nor it does add subdomains to existing ones – you will need to create them manually using [](#opt-security.acme.certs).* ''; }; diff --git a/nixos/modules/system/activation/activation-script.nix b/nixos/modules/system/activation/activation-script.nix index f2c5775eeaf..ddb165a76cc 100644 --- a/nixos/modules/system/activation/activation-script.nix +++ b/nixos/modules/system/activation/activation-script.nix @@ -88,11 +88,11 @@ let supportsDryActivation = mkOption { type = types.bool; default = false; - description = '' + description = lib.mdDoc '' Whether this activation script supports being dry-activated. These activation scripts will also be executed on dry-activate activations with the environment variable - <literal>NIXOS_ACTION</literal> being set to <literal>dry-activate</literal>. + `NIXOS_ACTION` being set to `dry-activate`. it's important that these activation scripts don't modify anything about the system when the variable is set. ''; diff --git a/nixos/modules/system/boot/systemd/initrd.nix b/nixos/modules/system/boot/systemd/initrd.nix index 6b4e6834c7b..e843214f855 100644 --- a/nixos/modules/system/boot/systemd/initrd.nix +++ b/nixos/modules/system/boot/systemd/initrd.nix @@ -132,8 +132,8 @@ let in { options.boot.initrd.systemd = { - enable = mkEnableOption "systemd in initrd" // { - description = '' + enable = mkEnableOption (lib.mdDoc "systemd in initrd") // { + description = lib.mdDoc '' Whether to enable systemd in initrd. Note: This is in very early development and is highly diff --git a/nixos/modules/virtualisation/kvmgt.nix b/nixos/modules/virtualisation/kvmgt.nix index 5671e5b66db..1e02636f81f 100644 --- a/nixos/modules/virtualisation/kvmgt.nix +++ b/nixos/modules/virtualisation/kvmgt.nix @@ -17,11 +17,11 @@ let in { options = { virtualisation.kvmgt = { - enable = mkEnableOption '' + enable = mkEnableOption (lib.mdDoc '' KVMGT (iGVT-g) VGPU support. Allows Qemu/KVM guests to share host's Intel integrated graphics card. Currently only one graphical device can be shared. To allow users to access the device without root add them - to the kvm group: <literal>users.extraUsers.<yourusername>.extraGroups = [ "kvm" ];</literal> - ''; + to the kvm group: `users.extraUsers.<yourusername>.extraGroups = [ "kvm" ];` + ''); # multi GPU support is under the question device = mkOption { type = types.str; |