summary refs log tree commit diff
path: root/nixos/doc/manual/configuration/profiles
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/doc/manual/configuration/profiles')
-rw-r--r--nixos/doc/manual/configuration/profiles/all-hardware.section.md11
-rw-r--r--nixos/doc/manual/configuration/profiles/base.section.md7
-rw-r--r--nixos/doc/manual/configuration/profiles/clone-config.section.md11
-rw-r--r--nixos/doc/manual/configuration/profiles/demo.section.md4
-rw-r--r--nixos/doc/manual/configuration/profiles/docker-container.section.md7
-rw-r--r--nixos/doc/manual/configuration/profiles/graphical.section.md10
-rw-r--r--nixos/doc/manual/configuration/profiles/hardened.section.md20
-rw-r--r--nixos/doc/manual/configuration/profiles/headless.section.md9
-rw-r--r--nixos/doc/manual/configuration/profiles/installation-device.section.md24
-rw-r--r--nixos/doc/manual/configuration/profiles/minimal.section.md9
-rw-r--r--nixos/doc/manual/configuration/profiles/qemu-guest.section.md7
11 files changed, 119 insertions, 0 deletions
diff --git a/nixos/doc/manual/configuration/profiles/all-hardware.section.md b/nixos/doc/manual/configuration/profiles/all-hardware.section.md
new file mode 100644
index 00000000000..e2dd7c76089
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/all-hardware.section.md
@@ -0,0 +1,11 @@
+# All Hardware {#sec-profile-all-hardware}
+
+Enables all hardware supported by NixOS: i.e., all firmware is included, and
+all devices from which one may boot are enabled in the initrd. Its primary
+use is in the NixOS installation CDs.
+
+The enabled kernel modules include support for SATA and PATA, SCSI
+(partially), USB, Firewire (untested), Virtio (QEMU, KVM, etc.), VMware, and
+Hyper-V. Additionally, [](#opt-hardware.enableAllFirmware) is
+enabled, and the firmware for the ZyDAS ZD1211 chipset is specifically
+installed.
diff --git a/nixos/doc/manual/configuration/profiles/base.section.md b/nixos/doc/manual/configuration/profiles/base.section.md
new file mode 100644
index 00000000000..59b3068fda3
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/base.section.md
@@ -0,0 +1,7 @@
+# Base {#sec-profile-base}
+
+Defines the software packages included in the "minimal" installation CD. It
+installs several utilities useful in a simple recovery or install media, such
+as a text-mode web browser, and tools for manipulating block devices,
+networking, hardware diagnostics, and filesystems (with their respective
+kernel modules).
diff --git a/nixos/doc/manual/configuration/profiles/clone-config.section.md b/nixos/doc/manual/configuration/profiles/clone-config.section.md
new file mode 100644
index 00000000000..e2583715e51
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/clone-config.section.md
@@ -0,0 +1,11 @@
+# Clone Config {#sec-profile-clone-config}
+
+This profile is used in installer images. It provides an editable
+configuration.nix that imports all the modules that were also used when
+creating the image in the first place. As a result it allows users to edit
+and rebuild the live-system.
+
+On images where the installation media also becomes an installation target,
+copying over `configuration.nix` should be disabled by
+setting `installer.cloneConfig` to `false`.
+For example, this is done in `sd-image-aarch64-installer.nix`.
diff --git a/nixos/doc/manual/configuration/profiles/demo.section.md b/nixos/doc/manual/configuration/profiles/demo.section.md
new file mode 100644
index 00000000000..0a0df483c12
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/demo.section.md
@@ -0,0 +1,4 @@
+# Demo {#sec-profile-demo}
+
+This profile just enables a `demo` user, with password `demo`, uid `1000`, `wheel` group and
+[autologin in the SDDM display manager](#opt-services.xserver.displayManager.autoLogin).
diff --git a/nixos/doc/manual/configuration/profiles/docker-container.section.md b/nixos/doc/manual/configuration/profiles/docker-container.section.md
new file mode 100644
index 00000000000..f3e29b92f5e
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/docker-container.section.md
@@ -0,0 +1,7 @@
+# Docker Container {#sec-profile-docker-container}
+
+This is the profile from which the Docker images are generated. It prepares a
+working system by importing the [Minimal](#sec-profile-minimal) and
+[Clone Config](#sec-profile-clone-config) profiles, and
+setting appropriate configuration options that are useful inside a container
+context, like [](#opt-boot.isContainer).
diff --git a/nixos/doc/manual/configuration/profiles/graphical.section.md b/nixos/doc/manual/configuration/profiles/graphical.section.md
new file mode 100644
index 00000000000..aaea5c8c028
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/graphical.section.md
@@ -0,0 +1,10 @@
+# Graphical {#sec-profile-graphical}
+
+Defines a NixOS configuration with the Plasma 5 desktop. It's used by the
+graphical installation CD.
+
+It sets [](#opt-services.xserver.enable),
+[](#opt-services.xserver.displayManager.sddm.enable),
+[](#opt-services.xserver.desktopManager.plasma5.enable),
+and [](#opt-services.xserver.libinput.enable) to true. It also
+includes glxinfo and firefox in the system packages list.
diff --git a/nixos/doc/manual/configuration/profiles/hardened.section.md b/nixos/doc/manual/configuration/profiles/hardened.section.md
new file mode 100644
index 00000000000..9fb5e18c384
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/hardened.section.md
@@ -0,0 +1,20 @@
+# Hardened {#sec-profile-hardened}
+
+A profile with most (vanilla) hardening options enabled by default,
+potentially at the cost of stability, features and performance.
+
+This includes a hardened kernel, and limiting the system information
+available to processes through the `/sys` and
+`/proc` filesystems. It also disables the User Namespaces
+feature of the kernel, which stops Nix from being able to build anything
+(this particular setting can be overriden via
+[](#opt-security.allowUserNamespaces)). See the
+[profile source](https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix)
+for further detail on which settings are altered.
+
+::: {.warning}
+This profile enables options that are known to affect system
+stability. If you experience any stability issues when using the
+profile, try disabling it. If you report an issue and use this
+profile, always mention that you do.
+:::
diff --git a/nixos/doc/manual/configuration/profiles/headless.section.md b/nixos/doc/manual/configuration/profiles/headless.section.md
new file mode 100644
index 00000000000..d185a9a774b
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/headless.section.md
@@ -0,0 +1,9 @@
+# Headless {#sec-profile-headless}
+
+Common configuration for headless machines (e.g., Amazon EC2 instances).
+
+Disables [sound](#opt-sound.enable),
+[vesa](#opt-boot.vesa), serial consoles,
+[emergency mode](#opt-systemd.enableEmergencyMode),
+[grub splash images](#opt-boot.loader.grub.splashImage)
+and configures the kernel to reboot automatically on panic.
diff --git a/nixos/doc/manual/configuration/profiles/installation-device.section.md b/nixos/doc/manual/configuration/profiles/installation-device.section.md
new file mode 100644
index 00000000000..ae9f8fa7757
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/installation-device.section.md
@@ -0,0 +1,24 @@
+# Installation Device {#sec-profile-installation-device}
+
+Provides a basic configuration for installation devices like CDs.
+This enables redistributable firmware, includes the
+[Clone Config profile](#sec-profile-clone-config)
+and a copy of the Nixpkgs channel, so `nixos-install`
+works out of the box.
+
+Documentation for [Nixpkgs](#opt-documentation.enable)
+and [NixOS](#opt-documentation.nixos.enable) are
+forcefully enabled (to override the
+[Minimal profile](#sec-profile-minimal) preference); the
+NixOS manual is shown automatically on TTY 8, udisks is disabled.
+Autologin is enabled as `nixos` user, while passwordless
+login as both `root` and `nixos` is possible.
+Passwordless `sudo` is enabled too.
+[wpa_supplicant](#opt-networking.wireless.enable) is
+enabled, but configured to not autostart.
+
+It is explained how to login, start the ssh server, and if available,
+how to start the display manager.
+
+Several settings are tweaked so that the installer has a better chance of
+succeeding under low-memory environments.
diff --git a/nixos/doc/manual/configuration/profiles/minimal.section.md b/nixos/doc/manual/configuration/profiles/minimal.section.md
new file mode 100644
index 00000000000..02a3b65ae42
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/minimal.section.md
@@ -0,0 +1,9 @@
+# Minimal {#sec-profile-minimal}
+
+This profile defines a small NixOS configuration. It does not contain any
+graphical stuff. It's a very short file that enables
+[noXlibs](#opt-environment.noXlibs), sets
+[](#opt-i18n.supportedLocales) to
+only support the user-selected locale,
+[disables packages' documentation](#opt-documentation.enable),
+and [disables sound](#opt-sound.enable).
diff --git a/nixos/doc/manual/configuration/profiles/qemu-guest.section.md b/nixos/doc/manual/configuration/profiles/qemu-guest.section.md
new file mode 100644
index 00000000000..d7e3cae9cb0
--- /dev/null
+++ b/nixos/doc/manual/configuration/profiles/qemu-guest.section.md
@@ -0,0 +1,7 @@
+# QEMU Guest {#sec-profile-qemu-guest}
+
+This profile contains common configuration for virtual machines running under
+QEMU (using virtio).
+
+It makes virtio modules available on the initrd and sets the system time from
+the hardware clock to work around a bug in qemu-kvm.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-04-27 06:41:30 +0000