From 62fe01651911043bd3db0add920af3d2935d9869 Mon Sep 17 00:00:00 2001 From: Wolfgang Walther Date: Tue, 22 Jul 2025 16:14:50 +0200 Subject: [PATCH] treewide: run treefmt with mdcr/nixfmt --- CONTRIBUTING.md | 50 ++++---- .../fixed-point-arguments.chapter.md | 5 +- .../images/appimagetools.section.md | 8 +- .../images/binarycache.section.md | 5 +- .../images/dockertools.section.md | 4 +- doc/build-helpers/images/ocitools.section.md | 4 +- .../special/checkpoint-build.section.md | 31 ++--- doc/build-helpers/testers.chapter.md | 12 +- .../trivial-build-helpers.chapter.md | 13 +- doc/functions/generators.section.md | 2 +- doc/functions/nix-gitignore.section.md | 21 +++- doc/hooks/breakpoint.section.md | 4 +- doc/hooks/memcached-test-hook.section.md | 14 +-- doc/hooks/patch-rc-path-hooks.section.md | 4 +- doc/hooks/redis-test-hook.section.md | 8 +- doc/hooks/tauri.section.md | 22 ++-- doc/hooks/udevCheckHook.section.md | 4 +- doc/hooks/versionCheckHook.section.md | 4 +- doc/hooks/zig.section.md | 4 +- doc/interoperability/cyclonedx.md | 4 +- doc/languages-frameworks/agda.section.md | 4 +- doc/languages-frameworks/android.section.md | 18 +-- doc/languages-frameworks/beam.section.md | 14 +-- doc/languages-frameworks/chicken.section.md | 4 +- doc/languages-frameworks/coq.section.md | 8 +- doc/languages-frameworks/cuda.section.md | 8 +- doc/languages-frameworks/dhall.section.md | 4 +- doc/languages-frameworks/dotnet.section.md | 8 +- .../emscripten.section.md | 107 ++++++++-------- doc/languages-frameworks/factor.section.md | 5 +- doc/languages-frameworks/gnome.section.md | 4 +- doc/languages-frameworks/go.section.md | 8 +- doc/languages-frameworks/haskell.section.md | 12 +- doc/languages-frameworks/ios.section.md | 16 +-- doc/languages-frameworks/java.section.md | 6 +- .../javascript.section.md | 24 ++-- doc/languages-frameworks/lisp.section.md | 10 +- doc/languages-frameworks/neovim.section.md | 4 +- doc/languages-frameworks/nim.section.md | 4 +- doc/languages-frameworks/octave.section.md | 4 +- doc/languages-frameworks/php.section.md | 8 +- doc/languages-frameworks/python.section.md | 115 ++++-------------- doc/languages-frameworks/qt.section.md | 2 +- doc/languages-frameworks/ruby.section.md | 8 +- doc/languages-frameworks/rust.section.md | 16 +-- doc/languages-frameworks/scheme.section.md | 1 - doc/languages-frameworks/swift.section.md | 14 +-- doc/languages-frameworks/texlive.section.md | 42 +++---- doc/languages-frameworks/typst.section.md | 9 +- doc/packages/cataclysm-dda.section.md | 16 +-- doc/packages/inkscape.section.md | 4 +- doc/packages/kakoune.section.md | 4 +- doc/packages/urxvt.section.md | 4 +- doc/release-notes/rl-2505.section.md | 2 +- doc/stdenv/cross-compilation.chapter.md | 22 +--- doc/stdenv/meta.chapter.md | 8 +- doc/stdenv/stdenv.chapter.md | 22 +--- doc/using/configuration.chapter.md | 30 +---- doc/using/overlays.chapter.md | 24 +--- doc/using/overrides.chapter.md | 16 +-- maintainers/README.md | 6 +- .../container-networking.section.md | 6 +- .../administration/control-groups.chapter.md | 8 +- .../declarative-containers.section.md | 13 +- .../administration/service-mgmt.chapter.md | 4 +- .../configuration/abstractions.section.md | 88 ++++++++------ .../ad-hoc-network-config.section.md | 7 +- .../adding-custom-packages.section.md | 24 ++-- .../configuration/config-file.section.md | 9 +- .../customizing-packages.section.md | 26 ++-- .../declarative-packages.section.md | 4 +- .../configuration/file-systems.chapter.md | 8 +- .../manual/configuration/firewall.section.md | 19 ++- .../manual/configuration/gpu-accel.chapter.md | 35 ++---- .../configuration/ipv4-config.section.md | 14 +-- .../configuration/ipv6-config.section.md | 18 ++- .../configuration/kubernetes.chapter.md | 13 +- .../configuration/linux-kernel.chapter.md | 36 +++--- .../luks-file-systems.section.md | 11 +- .../configuration/mattermost.chapter.md | 8 +- .../configuration/modularity.section.md | 37 +++--- .../configuration/network-manager.section.md | 12 +- .../manual/configuration/profiles.chapter.md | 6 +- nixos/doc/manual/configuration/ssh.section.md | 7 +- .../sshfs-file-systems.section.md | 37 +++--- .../configuration/subversion.chapter.md | 47 ++++--- .../manual/configuration/user-mgmt.chapter.md | 25 ++-- .../manual/configuration/wayland.chapter.md | 4 +- .../manual/configuration/wireless.section.md | 15 +-- .../manual/configuration/x-windows.chapter.md | 46 +++---- .../manual/development/assertions.section.md | 25 ++-- .../manual/development/bootspec.chapter.md | 3 +- .../manual/development/etc-overlay.section.md | 8 +- .../development/freeform-modules.section.md | 3 +- .../development/importing-modules.section.md | 17 ++- .../development/meta-attributes.section.md | 7 +- .../non-switchable-systems.section.md | 3 +- .../option-declarations.section.md | 95 ++++++++------- .../manual/development/option-def.section.md | 83 ++++++++----- .../development/option-types.section.md | 74 +++++------ .../development/replace-modules.section.md | 26 ++-- ...nning-nixos-tests-interactively.section.md | 4 +- .../development/settings-options.section.md | 21 +++- .../development/writing-modules.chapter.md | 97 +++++++++------ .../writing-nixos-tests.section.md | 62 +++++----- ...lding-images-via-systemd-repart.chapter.md | 68 ++++++----- .../installation/building-nixos.chapter.md | 5 +- .../installation/changing-config.chapter.md | 4 +- .../installing-from-other-distro.section.md | 4 +- .../installation/installing-kexec.section.md | 11 +- .../installing-virtualbox-guest.section.md | 15 ++- .../manual/installation/upgrading.chapter.md | 4 +- .../manual/release-notes/rl-1404.section.md | 12 +- .../manual/release-notes/rl-1412.section.md | 4 +- .../manual/release-notes/rl-1509.section.md | 37 +++--- .../manual/release-notes/rl-1603.section.md | 33 +++-- .../manual/release-notes/rl-1609.section.md | 4 +- .../manual/release-notes/rl-1703.section.md | 18 ++- .../manual/release-notes/rl-1709.section.md | 3 +- .../manual/release-notes/rl-1803.section.md | 6 +- .../manual/release-notes/rl-1809.section.md | 16 ++- .../manual/release-notes/rl-1903.section.md | 53 ++++---- .../manual/release-notes/rl-2003.section.md | 55 +++++---- .../manual/release-notes/rl-2009.section.md | 43 +++---- .../manual/release-notes/rl-2105.section.md | 52 ++++---- .../manual/release-notes/rl-2111.section.md | 2 +- .../manual/release-notes/rl-2205.section.md | 75 +++++++----- .../manual/release-notes/rl-2211.section.md | 14 +-- .../manual/release-notes/rl-2305.section.md | 28 ++--- .../manual/release-notes/rl-2311.section.md | 12 +- .../manual/release-notes/rl-2405.section.md | 7 +- .../manual/release-notes/rl-2411.section.md | 64 ++++++---- .../manual/release-notes/rl-2505.section.md | 6 +- nixos/modules/i18n/input-method/default.md | 17 ++- .../modules/programs/digitalbitbox/default.md | 18 +-- nixos/modules/programs/plotinus.md | 4 +- nixos/modules/programs/zsh/oh-my-zsh.md | 10 +- nixos/modules/security/acme/default.md | 56 +++++---- nixos/modules/services/backup/borgbackup.md | 37 +++--- .../services/databases/foundationdb.md | 8 +- .../modules/services/databases/postgresql.md | 99 ++++++++------- .../modules/services/databases/tigerbeetle.md | 4 +- .../services/desktop-managers/gnome.md | 16 +-- nixos/modules/services/desktops/flatpak.md | 4 +- nixos/modules/services/development/athens.md | 18 ++- .../modules/services/development/blackfire.md | 7 +- .../modules/services/development/livebook.md | 5 +- nixos/modules/services/editors/emacs.md | 99 ++++++++------- nixos/modules/services/hardware/display.md | 81 ++++++------ nixos/modules/services/mail/mailman.md | 20 +-- nixos/modules/services/matrix/maubot.md | 4 +- nixos/modules/services/matrix/mjolnir.md | 14 +-- nixos/modules/services/matrix/synapse.md | 39 +++--- .../modules/services/misc/anki-sync-server.md | 4 +- nixos/modules/services/misc/dump1090-fa.md | 4 +- nixos/modules/services/misc/forgejo.md | 4 +- nixos/modules/services/misc/gitlab.md | 4 +- nixos/modules/services/misc/paisa.md | 4 +- .../modules/services/monitoring/parsedmarc.md | 4 +- .../monitoring/prometheus/exporters.md | 46 ++++--- .../network-filesystems/litestream/default.md | 34 +++--- .../services/network-filesystems/samba.md | 4 +- nixos/modules/services/networking/anubis.md | 7 +- nixos/modules/services/networking/atalkd.md | 2 +- .../modules/services/networking/crab-hole.md | 4 +- .../modules/services/networking/doh-server.md | 5 +- .../modules/services/networking/jotta-cli.md | 4 +- .../modules/services/networking/mosquitto.md | 56 +++++---- nixos/modules/services/networking/netbird.md | 4 +- nixos/modules/services/networking/pleroma.md | 44 +++---- nixos/modules/services/networking/prosody.md | 19 +-- .../modules/services/networking/yggdrasil.md | 78 +++++++----- nixos/modules/services/search/meilisearch.md | 4 +- .../system/kerberos/kerberos-server.md | 10 +- .../services/system/systemd-lock-handler.md | 10 +- nixos/modules/services/web-apps/akkoma.md | 78 ++++++------ .../services/web-apps/c2fmzq-server.md | 4 +- nixos/modules/services/web-apps/castopod.md | 5 +- nixos/modules/services/web-apps/filesender.md | 7 +- nixos/modules/services/web-apps/gotosocial.md | 5 +- nixos/modules/services/web-apps/jitsi-meet.md | 10 +- nixos/modules/services/web-apps/keycloak.md | 2 +- nixos/modules/services/web-apps/nextcloud.md | 30 +++-- nixos/modules/services/web-apps/pict-rs.md | 4 +- nixos/modules/services/web-servers/garage.md | 2 +- .../services/x11/desktop-managers/pantheon.md | 19 +-- nixos/modules/system/boot/clevis.md | 8 +- .../system/boot/loader/external/external.md | 3 +- pkgs/README.md | 100 +++++++++------ .../applications/emulators/libretro/README.md | 18 +-- pkgs/by-name/README.md | 41 +++---- pkgs/by-name/az/azure-cli/README.md | 4 +- .../development/tcl-modules/by-name/README.md | 9 +- .../custom-components/README.md | 15 +-- .../custom-lovelace-modules/README.md | 4 +- 195 files changed, 1919 insertions(+), 2002 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 17c8c8e48fd5..f3dfae0563b3 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -567,7 +567,12 @@ If you have any problems with formatting, please ping the [formatting team](http That is, write ```nix - { stdenv, fetchurl, perl }: <...> + { + stdenv, + fetchurl, + perl, + }: + <...> ``` instead of @@ -579,17 +584,25 @@ If you have any problems with formatting, please ping the [formatting team](http or ```nix - { stdenv, fetchurl, perl, ... }: <...> + { + stdenv, + fetchurl, + perl, + ... + }: + <...> ``` For functions that are truly generic in the number of arguments, but have some required arguments, you should write them using an `@`-pattern: ```nix - { stdenv, doCoverageAnalysis ? false, ... } @ args: + { + stdenv, + doCoverageAnalysis ? false, + ... + }@args: - stdenv.mkDerivation (args // { - foo = if doCoverageAnalysis then "bla" else ""; - }) + stdenv.mkDerivation (args // { foo = if doCoverageAnalysis then "bla" else ""; }) ``` instead of @@ -597,42 +610,37 @@ If you have any problems with formatting, please ping the [formatting team](http ```nix args: - args.stdenv.mkDerivation (args // { - foo = if args ? doCoverageAnalysis && args.doCoverageAnalysis then "bla" else ""; - }) + args.stdenv.mkDerivation ( + args + // { + foo = if args ? doCoverageAnalysis && args.doCoverageAnalysis then "bla" else ""; + } + ) ``` - Unnecessary string conversions should be avoided. Do ```nix - { - rev = version; - } + { rev = version; } ``` instead of ```nix - { - rev = "${version}"; - } + { rev = "${version}"; } ``` - Building lists conditionally _should_ be done with `lib.optional(s)` instead of using `if cond then [ ... ] else null` or `if cond then [ ... ] else [ ]`. ```nix - { - buildInputs = lib.optional stdenv.hostPlatform.isDarwin iconv; - } + { buildInputs = lib.optional stdenv.hostPlatform.isDarwin iconv; } ``` instead of ```nix - { - buildInputs = if stdenv.hostPlatform.isDarwin then [ iconv ] else null; - } + { buildInputs = if stdenv.hostPlatform.isDarwin then [ iconv ] else null; } ``` As an exception, an explicit conditional expression with null can be used when fixing a important bug without triggering a mass rebuild. diff --git a/doc/build-helpers/fixed-point-arguments.chapter.md b/doc/build-helpers/fixed-point-arguments.chapter.md index 8e5d985ce858..4506d716b4c1 100644 --- a/doc/build-helpers/fixed-point-arguments.chapter.md +++ b/doc/build-helpers/fixed-point-arguments.chapter.md @@ -60,10 +60,7 @@ lib.extendMkDerivation { }@args: { # Arguments to pass - inherit - preferLocalBuild - allowSubstitute - ; + inherit preferLocalBuild allowSubstitute; # Some expressions involving specialArg greeting = if specialArg "hi" then "hi" else "hello"; }; diff --git a/doc/build-helpers/images/appimagetools.section.md b/doc/build-helpers/images/appimagetools.section.md index 7bfc45287d1f..c469124c3bd5 100644 --- a/doc/build-helpers/images/appimagetools.section.md +++ b/doc/build-helpers/images/appimagetools.section.md @@ -37,9 +37,7 @@ let hash = "sha256-he1uGC1M/nFcKpMM9JKY4oeexJcnzV0ZRxhTjtJz6xw="; }; in -appimageTools.wrapType2 { - inherit pname version src; -} +appimageTools.wrapType2 { inherit pname version src; } ``` ::: @@ -104,9 +102,7 @@ let hash = "sha256-/hMPvYdnVB1XjKgU2v47HnVvW4+uC3rhRjbucqin4iI="; }; - appimageContents = appimageTools.extract { - inherit pname version src; - }; + appimageContents = appimageTools.extract { inherit pname version src; }; in appimageTools.wrapType2 { inherit pname version src; diff --git a/doc/build-helpers/images/binarycache.section.md b/doc/build-helpers/images/binarycache.section.md index 46b43bd4f65a..348b8c49a2a2 100644 --- a/doc/build-helpers/images/binarycache.section.md +++ b/doc/build-helpers/images/binarycache.section.md @@ -33,10 +33,7 @@ You may also want to consider [dockerTools](#sec-pkgs-dockerTools) for your cont The following derivation will construct a flat-file binary cache containing the closure of `hello`. ```nix -{ mkBinaryCache, hello }: -mkBinaryCache { - rootPaths = [ hello ]; -} +{ mkBinaryCache, hello }: mkBinaryCache { rootPaths = [ hello ]; } ``` Build the cache on a machine. diff --git a/doc/build-helpers/images/dockertools.section.md b/doc/build-helpers/images/dockertools.section.md index 135bf8833dd2..d9e7bac95d50 100644 --- a/doc/build-helpers/images/dockertools.section.md +++ b/doc/build-helpers/images/dockertools.section.md @@ -1577,9 +1577,7 @@ This example uses [](#ex-dockerTools-streamNixShellImage-hello) as a starting po dockerTools.streamNixShellImage { tag = "latest"; drv = hello.overrideAttrs (old: { - nativeBuildInputs = old.nativeBuildInputs or [ ] ++ [ - cowsay - ]; + nativeBuildInputs = old.nativeBuildInputs or [ ] ++ [ cowsay ]; }); } ``` diff --git a/doc/build-helpers/images/ocitools.section.md b/doc/build-helpers/images/ocitools.section.md index 5101dd81715b..88011bda79e1 100644 --- a/doc/build-helpers/images/ocitools.section.md +++ b/doc/build-helpers/images/ocitools.section.md @@ -82,9 +82,7 @@ This example uses `ociTools.buildContainer` to create a simple container that ru bash, }: ociTools.buildContainer { - args = [ - (lib.getExe bash) - ]; + args = [ (lib.getExe bash) ]; readonly = false; } diff --git a/doc/build-helpers/special/checkpoint-build.section.md b/doc/build-helpers/special/checkpoint-build.section.md index 3960a64dfc8e..bc4616cd2486 100644 --- a/doc/build-helpers/special/checkpoint-build.section.md +++ b/doc/build-helpers/special/checkpoint-build.section.md @@ -7,20 +7,18 @@ For hermeticity, Nix derivations do not allow any state to be carried over betwe However, we can tell Nix explicitly what the previous build state was, by representing that previous state as a derivation output. This allows the passed build state to be used for an incremental build. To change a normal derivation to a checkpoint based build, these steps must be taken: - - apply `prepareCheckpointBuild` on the desired derivation, e.g. -```nix -{ - checkpointArtifacts = (pkgs.checkpointBuildTools.prepareCheckpointBuild pkgs.virtualbox); -} -``` - - change something you want in the sources of the package, e.g. use a source override: -```nix -{ - changedVBox = pkgs.virtualbox.overrideAttrs (old: { - src = path/to/vbox/sources; - }); -} -``` + ```nix + { + checkpointArtifacts = (pkgs.checkpointBuildTools.prepareCheckpointBuild pkgs.virtualbox); + } + ``` + ```nix + { + changedVBox = pkgs.virtualbox.overrideAttrs (old: { + src = path/to/vbox/sources; + }); + } + ``` - use `mkCheckpointBuild changedVBox checkpointArtifacts` - enjoy shorter build times @@ -30,10 +28,7 @@ To change a normal derivation to a checkpoint based build, these steps must be t pkgs ? import { }, }: let - inherit (pkgs.checkpointBuildTools) - prepareCheckpointBuild - mkCheckpointBuild - ; + inherit (pkgs.checkpointBuildTools) prepareCheckpointBuild mkCheckpointBuild; helloCheckpoint = prepareCheckpointBuild pkgs.hello; changedHello = pkgs.hello.overrideAttrs (_: { doCheck = false; diff --git a/doc/build-helpers/testers.chapter.md b/doc/build-helpers/testers.chapter.md index 7f7e6bd7d3e7..344f4dc75dfd 100644 --- a/doc/build-helpers/testers.chapter.md +++ b/doc/build-helpers/testers.chapter.md @@ -15,9 +15,7 @@ If the `moduleNames` argument is omitted, `hasPkgConfigModules` will use `meta.p ```nix { - passthru.tests.pkg-config = testers.hasPkgConfigModules { - package = finalAttrs.finalPackage; - }; + passthru.tests.pkg-config = testers.hasPkgConfigModules { package = finalAttrs.finalPackage; }; meta.pkgConfigModules = [ "libfoo" ]; } @@ -74,9 +72,7 @@ If you have a static site that can be built with Nix, you can use `lycheeLinkChe # Check hyperlinks in the `nix` documentation ```nix -testers.lycheeLinkCheck { - site = nix.doc + "/share/doc/nix/manual"; -} +testers.lycheeLinkCheck { site = nix.doc + "/share/doc/nix/manual"; } ``` ::: @@ -269,9 +265,7 @@ The default argument to the command is `--version`, and the version to be checke This example will run the command `hello --version`, and then check that the version of the `hello` package is in the output of the command. ```nix -{ - passthru.tests.version = testers.testVersion { package = hello; }; -} +{ passthru.tests.version = testers.testVersion { package = hello; }; } ``` ::: diff --git a/doc/build-helpers/trivial-build-helpers.chapter.md b/doc/build-helpers/trivial-build-helpers.chapter.md index 48ed99b2fa36..1b6bc3311869 100644 --- a/doc/build-helpers/trivial-build-helpers.chapter.md +++ b/doc/build-helpers/trivial-build-helpers.chapter.md @@ -152,9 +152,7 @@ runCommandWith { Likewise, `runCommandCC name derivationArgs buildCommand` is equivalent to ```nix -runCommandWith { - inherit name derivationArgs; -} buildCommand +runCommandWith { inherit name derivationArgs; } buildCommand ``` ::: @@ -713,7 +711,10 @@ concatTextFile # Writes contents of files to /nix/store/ concatText "my-file" - [ file1 file2 ] + [ + file1 + file2 + ] # Writes contents of files to /nix/store/ concatScript @@ -790,7 +791,7 @@ The result is equivalent to the output of `nix-store -q --requisites`. For example, ```nix -writeClosure [ (writeScriptBin "hi" ''${hello}/bin/hello'') ] +writeClosure [ (writeScriptBin "hi" "${hello}/bin/hello") ] ``` produces an output path `/nix/store/-runtime-deps` containing @@ -816,7 +817,7 @@ This produces the equivalent of `nix-store -q --references`. For example, ```nix -writeDirectReferencesToFile (writeScriptBin "hi" ''${hello}/bin/hello'') +writeDirectReferencesToFile (writeScriptBin "hi" "${hello}/bin/hello") ``` produces an output path `/nix/store/-runtime-references` containing diff --git a/doc/functions/generators.section.md b/doc/functions/generators.section.md index 0b073c641e53..f636d00cc258 100644 --- a/doc/functions/generators.section.md +++ b/doc/functions/generators.section.md @@ -27,8 +27,8 @@ let } ":"; }; + # the INI file can now be given as plain old nix values in -# the INI file can now be given as plain old nix values customToINI { main = { pushinfo = true; diff --git a/doc/functions/nix-gitignore.section.md b/doc/functions/nix-gitignore.section.md index 416b5435fa58..e4962e200220 100644 --- a/doc/functions/nix-gitignore.section.md +++ b/doc/functions/nix-gitignore.section.md @@ -15,13 +15,24 @@ src = nix-gitignore.gitignoreSource [ ] ./source; # Simplest version - src = nix-gitignore.gitignoreSource "supplemental-ignores\n" ./source; + src = nix-gitignore.gitignoreSource '' + supplemental-ignores + '' ./source; # This one reads the ./source/.gitignore and concats the auxiliary ignores - src = nix-gitignore.gitignoreSourcePure "ignore-this\nignore-that\n" ./source; + src = nix-gitignore.gitignoreSourcePure '' + ignore-this + ignore-that + '' ./source; # Use this string as gitignore, don't read ./source/.gitignore. - src = nix-gitignore.gitignoreSourcePure [ "ignore-this\nignore-that\n" ~/.gitignore ] ./source; + src = nix-gitignore.gitignoreSourcePure [ + '' + ignore-this + ignore-that + '' + ~/.gitignore + ] ./source; # It also accepts a list (of strings and paths) that will be concatenated # once the paths are turned to strings via readFile. } @@ -41,9 +52,7 @@ Those filter functions accept the same arguments the `builtins.filterSource` fun If you want to make your own filter from scratch, you may use ```nix -{ - gitignoreFilter = ign: root: filterPattern (gitignoreToPatterns ign) root; -} +{ gitignoreFilter = ign: root: filterPattern (gitignoreToPatterns ign) root; } ``` ## gitignore files in subdirectories {#sec-pkgs-nix-gitignore-usage-recursive} diff --git a/doc/hooks/breakpoint.section.md b/doc/hooks/breakpoint.section.md index cbc93b0fb988..c8c1ad26173a 100644 --- a/doc/hooks/breakpoint.section.md +++ b/doc/hooks/breakpoint.section.md @@ -3,9 +3,7 @@ This hook makes a build pause instead of stopping when a failure occurs. It prevents Nix from cleaning up the build environment immediately and allows the user to attach to the build environment. Upon a build error, it will print instructions that can be used to enter the environment for debugging. breakpointHook is only available on Linux. To use it, add `breakpointHook` to `nativeBuildInputs` in the package to be inspected. ```nix -{ - nativeBuildInputs = [ breakpointHook ]; -} +{ nativeBuildInputs = [ breakpointHook ]; } ``` When a build failure occurs, an instruction will be printed showing how to attach to the build sandbox. diff --git a/doc/hooks/memcached-test-hook.section.md b/doc/hooks/memcached-test-hook.section.md index 03fc91ab4bf0..6575d33b7e05 100644 --- a/doc/hooks/memcached-test-hook.section.md +++ b/doc/hooks/memcached-test-hook.section.md @@ -4,17 +4,12 @@ This hook starts a Memcached server during `checkPhase`. Example: ```nix -{ - stdenv, - memcachedTestHook, -}: +{ stdenv, memcachedTestHook }: stdenv.mkDerivation { # ... - nativeCheckInputs = [ - memcachedTestHook - ]; + nativeCheckInputs = [ memcachedTestHook ]; } ``` @@ -45,11 +40,10 @@ stdenv.mkDerivation { # ... - nativeCheckInputs = [ - memcachedTestHook - ]; + nativeCheckInputs = [ memcachedTestHook ]; preCheck = '' memcachedTestPort=1234; ''; } +``` diff --git a/doc/hooks/patch-rc-path-hooks.section.md b/doc/hooks/patch-rc-path-hooks.section.md index 080a03da72d6..61bcb276c4ee 100644 --- a/doc/hooks/patch-rc-path-hooks.section.md +++ b/doc/hooks/patch-rc-path-hooks.section.md @@ -38,9 +38,7 @@ stdenv.mkDerivation { # ... - nativeBuildInputs = [ - patchRcPathFish - ]; + nativeBuildInputs = [ patchRcPathFish ]; postFixup = '' patchRcPathFish $out/bin/this-foo.fish ${ diff --git a/doc/hooks/redis-test-hook.section.md b/doc/hooks/redis-test-hook.section.md index 7971b29fa10a..383f8b5c29ce 100644 --- a/doc/hooks/redis-test-hook.section.md +++ b/doc/hooks/redis-test-hook.section.md @@ -13,9 +13,7 @@ stdenv.mkDerivation { # ... - nativeCheckInputs = [ - redisTestHook - ]; + nativeCheckInputs = [ redisTestHook ]; } ``` @@ -56,9 +54,7 @@ stdenv.mkDerivation { # ... - nativeCheckInputs = [ - redisTestHook - ]; + nativeCheckInputs = [ redisTestHook ]; preCheck = '' redisTestPort=6390; diff --git a/doc/hooks/tauri.section.md b/doc/hooks/tauri.section.md index 290bc3a1d781..32881813d42d 100644 --- a/doc/hooks/tauri.section.md +++ b/doc/hooks/tauri.section.md @@ -35,21 +35,17 @@ rustPlatform.buildRustPackage (finalAttrs: { hash = "..."; }; - nativeBuildInputs = - [ - # Pull in our main hook - cargo-tauri.hook + nativeBuildInputs = [ + # Pull in our main hook + cargo-tauri.hook - # Setup npm - nodejs - npmHooks.npmConfigHook + # Setup npm + nodejs + npmHooks.npmConfigHook - # Make sure we can find our libraries - pkg-config - ] - ++ lib.optionals stdenv.hostPlatform.isLinux [ - wrapGAppsHook4 - ]; + # Make sure we can find our libraries + pkg-config + ] ++ lib.optionals stdenv.hostPlatform.isLinux [ wrapGAppsHook4 ]; buildInputs = lib.optionals stdenv.hostPlatform.isLinux [ glib-networking # Most Tauri apps need networking diff --git a/doc/hooks/udevCheckHook.section.md b/doc/hooks/udevCheckHook.section.md index 1e84a1ee33d8..79b8f26b03d4 100644 --- a/doc/hooks/udevCheckHook.section.md +++ b/doc/hooks/udevCheckHook.section.md @@ -16,9 +16,7 @@ The hook runs in `installCheckPhase`, requiring `doInstallCheck` is enabled for stdenv.mkDerivation (finalAttrs: { # ... - nativeInstallCheckInputs = [ - udevCheckHook - ]; + nativeInstallCheckInputs = [ udevCheckHook ]; doInstallCheck = true; # ... diff --git a/doc/hooks/versionCheckHook.section.md b/doc/hooks/versionCheckHook.section.md index c97911fb349f..229aebc538a5 100644 --- a/doc/hooks/versionCheckHook.section.md +++ b/doc/hooks/versionCheckHook.section.md @@ -15,9 +15,7 @@ You use it like this: stdenv.mkDerivation (finalAttrs: { # ... - nativeInstallCheckInputs = [ - versionCheckHook - ]; + nativeInstallCheckInputs = [ versionCheckHook ]; doInstallCheck = true; # ... diff --git a/doc/hooks/zig.section.md b/doc/hooks/zig.section.md index 1c52e9827b41..58515087c59a 100644 --- a/doc/hooks/zig.section.md +++ b/doc/hooks/zig.section.md @@ -16,9 +16,7 @@ In Nixpkgs, `zig.hook` overrides the default build, check and install phases. stdenv.mkDerivation { # . . . - nativeBuildInputs = [ - zig.hook - ]; + nativeBuildInputs = [ zig.hook ]; zigBuildFlags = [ "-Dman-pages=true" ]; diff --git a/doc/interoperability/cyclonedx.md b/doc/interoperability/cyclonedx.md index 3c141b86d9f9..95c51e8a5df0 100644 --- a/doc/interoperability/cyclonedx.md +++ b/doc/interoperability/cyclonedx.md @@ -79,9 +79,7 @@ let sha256, ... }: - pkgs.fetchzip { - inherit name url sha256; - }; + pkgs.fetchzip { inherit name url sha256; }; }; in diff --git a/doc/languages-frameworks/agda.section.md b/doc/languages-frameworks/agda.section.md index d5a1c6ef08a3..ae126b16cad7 100644 --- a/doc/languages-frameworks/agda.section.md +++ b/doc/languages-frameworks/agda.section.md @@ -144,9 +144,7 @@ agdaPackages.mkDerivation { version = "1.0"; pname = "my-agda-lib"; src = ./.; - buildInputs = [ - agdaPackages.standard-library - ]; + buildInputs = [ agdaPackages.standard-library ]; } ``` diff --git a/doc/languages-frameworks/android.section.md b/doc/languages-frameworks/android.section.md index 9e93d4eda36d..b47874df1820 100644 --- a/doc/languages-frameworks/android.section.md +++ b/doc/languages-frameworks/android.section.md @@ -8,17 +8,13 @@ supporting features. Use the `android-studio-full` attribute for a very complete Android SDK, including system images: ```nix -{ - buildInputs = [ android-studio-full ]; -} +{ buildInputs = [ android-studio-full ]; } ``` This is identical to: ```nix -{ - buildInputs = [ androidStudioPackages.stable.full ]; -} +{ buildInputs = [ androidStudioPackages.stable.full ]; } ``` Alternatively, you can pass composeAndroidPackages to the `withSdk` passthru: @@ -26,11 +22,7 @@ Alternatively, you can pass composeAndroidPackages to the `withSdk` passthru: ```nix { buildInputs = [ - (android-studio.withSdk - (androidenv.composeAndroidPackages { - includeNDK = true; - }).androidsdk - ) + (android-studio.withSdk (androidenv.composeAndroidPackages { includeNDK = true; }).androidsdk) ]; } ``` @@ -58,9 +50,7 @@ let "arm64-v8a" ]; includeNDK = true; - includeExtras = [ - "extras;google;auto" - ]; + includeExtras = [ "extras;google;auto" ]; }; in androidComposition.androidsdk diff --git a/doc/languages-frameworks/beam.section.md b/doc/languages-frameworks/beam.section.md index a6c22f46d912..9e5233e87dcb 100644 --- a/doc/languages-frameworks/beam.section.md +++ b/doc/languages-frameworks/beam.section.md @@ -65,9 +65,7 @@ let overlays = [ ]; }; in -pkgs.mkShell { - packages = [ pkgs.beamPackages.rebar3 ]; -} +pkgs.mkShell { packages = [ pkgs.beamPackages.rebar3 ]; } ``` ::: @@ -324,9 +322,7 @@ with pkgs; let elixir = beam.packages.erlang_27.elixir_1_18; in -mkShell { - buildInputs = [ elixir ]; -} +mkShell { buildInputs = [ elixir ]; } ``` ### Using an overlay {#beam-using-overlays} @@ -348,11 +344,7 @@ let pkgs = import { overlays = [ elixir_1_18_1_overlay ]; }; in with pkgs; -mkShell { - buildInputs = [ - elixir_1_18 - ]; -} +mkShell { buildInputs = [ elixir_1_18 ]; } ``` #### Elixir - Phoenix project {#elixir---phoenix-project} diff --git a/doc/languages-frameworks/chicken.section.md b/doc/languages-frameworks/chicken.section.md index 78a4469a8e1d..c0c36d692327 100644 --- a/doc/languages-frameworks/chicken.section.md +++ b/doc/languages-frameworks/chicken.section.md @@ -77,8 +77,8 @@ let ); } ); + # Here, `myChickenPackages.chickenEggs.json-rpc`, which depends on `srfi-180` will use + # the local copy of `srfi-180`. in -# Here, `myChickenPackages.chickenEggs.json-rpc`, which depends on `srfi-180` will use -# the local copy of `srfi-180`. <...> ``` diff --git a/doc/languages-frameworks/coq.section.md b/doc/languages-frameworks/coq.section.md index c08ed2bc6f43..5da705964fa8 100644 --- a/doc/languages-frameworks/coq.section.md +++ b/doc/languages-frameworks/coq.section.md @@ -145,17 +145,13 @@ There are three distinct ways of changing a Coq package by overriding one of its For example, assuming you have a special `mathcomp` dependency you want to use, here is how you could override the `mathcomp` dependency: ```nix -multinomials.override { - mathcomp = my-special-mathcomp; -} +multinomials.override { mathcomp = my-special-mathcomp; } ``` In Nixpkgs, all Coq derivations take a `version` argument. This can be overridden in order to easily use a different version: ```nix -coqPackages.multinomials.override { - version = "1.5.1"; -} +coqPackages.multinomials.override { version = "1.5.1"; } ``` Refer to [](#coq-packages-attribute-sets-coqpackages) for all the different formats that you can potentially pass to `version`, as well as the restrictions. diff --git a/doc/languages-frameworks/cuda.section.md b/doc/languages-frameworks/cuda.section.md index e045bb43b78c..8699594e1d6d 100644 --- a/doc/languages-frameworks/cuda.section.md +++ b/doc/languages-frameworks/cuda.section.md @@ -146,9 +146,7 @@ These settings ensure that the CUDA setup hooks function as intended. When using `callPackage`, you can choose to pass in a different variant, e.g. when a package requires a specific version of CUDA: ```nix -{ - mypkg = callPackage { cudaPackages = cudaPackages_12_2; }; -} +{ mypkg = callPackage { cudaPackages = cudaPackages_12_2; }; } ``` ::: {.caution} @@ -208,9 +206,7 @@ It is possible to run Docker or Podman containers with CUDA support. The recomme The NVIDIA Container Toolkit can be enabled in NixOS like follows: ```nix -{ - hardware.nvidia-container-toolkit.enable = true; -} +{ hardware.nvidia-container-toolkit.enable = true; } ``` This will automatically enable a service that generates a CDI specification (located at `/var/run/cdi/nvidia-container-toolkit.json`) based on the auto-detected hardware of your machine. You can check this service by running: diff --git a/doc/languages-frameworks/dhall.section.md b/doc/languages-frameworks/dhall.section.md index 469f1a4fe3d1..1e86e263089d 100644 --- a/doc/languages-frameworks/dhall.section.md +++ b/doc/languages-frameworks/dhall.section.md @@ -94,9 +94,7 @@ let hash = "sha256-B4Q3c6IvTLg3Q92qYa8y+i4uTaphtFdjp+Ir3QQjdN0="; }; - dhallOverlay = self: super: { - true = self.callPackage ./true.nix { }; - }; + dhallOverlay = self: super: { true = self.callPackage ./true.nix { }; }; overlay = self: super: { dhallPackages = super.dhallPackages.override (old: { diff --git a/doc/languages-frameworks/dotnet.section.md b/doc/languages-frameworks/dotnet.section.md index ea3448542f5d..396177da9d47 100644 --- a/doc/languages-frameworks/dotnet.section.md +++ b/doc/languages-frameworks/dotnet.section.md @@ -10,9 +10,7 @@ with import { }; mkShell { name = "dotnet-env"; - packages = [ - dotnet-sdk - ]; + packages = [ dotnet-sdk ]; } ``` @@ -161,7 +159,9 @@ buildDotnetModule rec { projectFile = "src/project.sln"; nugetDeps = ./deps.json; # see "Generating and updating NuGet dependencies" section for details - buildInputs = [ referencedProject ]; # `referencedProject` must contain `nupkg` in the folder structure. + buildInputs = [ + referencedProject + ]; # `referencedProject` must contain `nupkg` in the folder structure. dotnet-sdk = dotnetCorePackages.sdk_8_0; dotnet-runtime = dotnetCorePackages.runtime_8_0; diff --git a/doc/languages-frameworks/emscripten.section.md b/doc/languages-frameworks/emscripten.section.md index b36ec5fc32a5..be0fe41ad340 100644 --- a/doc/languages-frameworks/emscripten.section.md +++ b/doc/languages-frameworks/emscripten.section.md @@ -38,78 +38,75 @@ One advantage is that when `pkgs.zlib` is updated, it will automatically update ```nix -(pkgs.zlib.override { - stdenv = pkgs.emscriptenStdenv; -}).overrideAttrs - (old: { - buildInputs = old.buildInputs ++ [ pkg-config ]; - # we need to reset this setting! - env = (old.env or { }) // { - NIX_CFLAGS_COMPILE = ""; - }; +(pkgs.zlib.override { stdenv = pkgs.emscriptenStdenv; }).overrideAttrs (old: { + buildInputs = old.buildInputs ++ [ pkg-config ]; + # we need to reset this setting! + env = (old.env or { }) // { + NIX_CFLAGS_COMPILE = ""; + }; - configurePhase = '' - # FIXME: Some tests require writing at $HOME - HOME=$TMPDIR - runHook preConfigure + configurePhase = '' + # FIXME: Some tests require writing at $HOME + HOME=$TMPDIR + runHook preConfigure - #export EMCC_DEBUG=2 - emconfigure ./configure --prefix=$out --shared + #export EMCC_DEBUG=2 + emconfigure ./configure --prefix=$out --shared - runHook postConfigure - ''; + runHook postConfigure + ''; - dontStrip = true; - outputs = [ "out" ]; + dontStrip = true; + outputs = [ "out" ]; - buildPhase = '' - runHook preBuild + buildPhase = '' + runHook preBuild - emmake make + emmake make - runHook postBuild - ''; + runHook postBuild + ''; - installPhase = '' - runHook preInstall + installPhase = '' + runHook preInstall - emmake make install + emmake make install - runHook postInstall - ''; + runHook postInstall + ''; - checkPhase = '' - runHook preCheck + checkPhase = '' + runHook preCheck - echo "================= testing zlib using node =================" + echo "================= testing zlib using node =================" - echo "Compiling a custom test" - set -x - emcc -O2 -s EMULATE_FUNCTION_POINTER_CASTS=1 test/example.c -DZ_SOLO \ - libz.so.${old.version} -I . -o example.js + echo "Compiling a custom test" + set -x + emcc -O2 -s EMULATE_FUNCTION_POINTER_CASTS=1 test/example.c -DZ_SOLO \ + libz.so.${old.version} -I . -o example.js - echo "Using node to execute the test" - ${pkgs.nodejs}/bin/node ./example.js + echo "Using node to execute the test" + ${pkgs.nodejs}/bin/node ./example.js - set +x - if [ $? -ne 0 ]; then - echo "test failed for some reason" - exit 1; - else - echo "it seems to work! very good." - fi - echo "================= /testing zlib using node =================" + set +x + if [ $? -ne 0 ]; then + echo "test failed for some reason" + exit 1; + else + echo "it seems to work! very good." + fi + echo "================= /testing zlib using node =================" - runHook postCheck - ''; + runHook postCheck + ''; - postPatch = pkgs.lib.optionalString pkgs.stdenv.hostPlatform.isDarwin '' - substituteInPlace configure \ - --replace-fail '/usr/bin/libtool' 'ar' \ - --replace-fail 'AR="libtool"' 'AR="ar"' \ - --replace-fail 'ARFLAGS="-o"' 'ARFLAGS="-r"' - ''; - }) + postPatch = pkgs.lib.optionalString pkgs.stdenv.hostPlatform.isDarwin '' + substituteInPlace configure \ + --replace-fail '/usr/bin/libtool' 'ar' \ + --replace-fail 'AR="libtool"' 'AR="ar"' \ + --replace-fail 'ARFLAGS="-o"' 'ARFLAGS="-r"' + ''; +}) ``` :::{.example #usage-2-pkgs.buildemscriptenpackage} diff --git a/doc/languages-frameworks/factor.section.md b/doc/languages-frameworks/factor.section.md index 0d67eede4d34..7b854e11b0ba 100644 --- a/doc/languages-frameworks/factor.section.md +++ b/doc/languages-frameworks/factor.section.md @@ -81,10 +81,7 @@ The function understands several forms of source directory trees: For instance, packaging the Bresenham algorithm for line interpolation looks like this, see `pkgs/development/compilers/factor-lang/vocabs/bresenham` for the complete file: ```nix -{ - factorPackages, - fetchFromGitHub, -}: +{ factorPackages, fetchFromGitHub }: factorPackages.buildFactorVocab { pname = "bresenham"; diff --git a/doc/languages-frameworks/gnome.section.md b/doc/languages-frameworks/gnome.section.md index 718c296bce80..0b4d66a430f4 100644 --- a/doc/languages-frameworks/gnome.section.md +++ b/doc/languages-frameworks/gnome.section.md @@ -48,9 +48,7 @@ In the rare case you need to use icons from dependencies (e.g. when an app force ```nix { - buildInputs = [ - pantheon.elementary-icon-theme - ]; + buildInputs = [ pantheon.elementary-icon-theme ]; preFixup = '' gappsWrapperArgs+=( # The icon theme is hardcoded. diff --git a/doc/languages-frameworks/go.section.md b/doc/languages-frameworks/go.section.md index fcc3c687d354..e947403b2348 100644 --- a/doc/languages-frameworks/go.section.md +++ b/doc/languages-frameworks/go.section.md @@ -147,9 +147,7 @@ A string list of [Go build tags (also called build constraints)](https://pkg.go. Tags can also be set conditionally: ```nix -{ - tags = [ "production" ] ++ lib.optionals withSqlite [ "sqlite" ]; -} +{ tags = [ "production" ] ++ lib.optionals withSqlite [ "sqlite" ]; } ``` ### `deleteVendor` {#var-go-deleteVendor} @@ -283,9 +281,7 @@ For example, only a selection of tests could be run with: ```nix { # -run and -skip accept regular expressions - checkFlags = [ - "-run=^Test(Simple|Fast)$" - ]; + checkFlags = [ "-run=^Test(Simple|Fast)$" ]; } ``` diff --git a/doc/languages-frameworks/haskell.section.md b/doc/languages-frameworks/haskell.section.md index 63944fd1bc01..9a02c18b548d 100644 --- a/doc/languages-frameworks/haskell.section.md +++ b/doc/languages-frameworks/haskell.section.md @@ -783,9 +783,7 @@ need to build `nix-tree` with a more recent version of `brick` than the default one provided by `haskellPackages`: ```nix -haskellPackages.nix-tree.override { - brick = haskellPackages.brick_0_67; -} +haskellPackages.nix-tree.override { brick = haskellPackages.brick_0_67; } ``` @@ -318,9 +314,7 @@ In addition to numerous new and upgraded packages, this release includes the fol of environment variables for Grafana. If you had an expression like ```nix - { - services.grafana.extraOptions.SECURITY_ADMIN_USER = "foobar"; - } + { services.grafana.extraOptions.SECURITY_ADMIN_USER = "foobar"; } ``` your Grafana instance was running with `GF_SECURITY_ADMIN_USER=foobar` in its environment. @@ -329,9 +323,7 @@ In addition to numerous new and upgraded packages, this release includes the fol to declare ```nix - { - services.grafana.settings.security.admin_user = "foobar"; - } + { services.grafana.settings.security.admin_user = "foobar"; } ``` instead. diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index 7ffe079977af..dbc1aa8d97eb 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -25,9 +25,7 @@ In addition to numerous new and updated packages, this release has the following - NixOS now defaults to using [nsncd](https://github.com/twosigma/nsncd), a non-caching reimplementation of nscd in Rust, as its NSS lookup dispatcher. This replaces the buggy and deprecated nscd implementation provided through glibc. When you find problems, you can switch back by disabling it: ```nix - { - services.nscd.enableNsncd = false; - } + { services.nscd.enableNsncd = false; } ``` - The internal option `boot.bootspec.enable` is now enabled by default because [RFC 0125](https://github.com/NixOS/rfcs/pull/125) was merged. This means you will have a bootspec document called `boot.json` generated for each system and specialisation in the top-level. This is useful to enable advanced boot use cases in NixOS, such as Secure Boot. @@ -455,15 +453,17 @@ In addition to numerous new and updated packages, this release has the following ```nix { - swapDevices = [ { - device = "/dev/disk/by-partlabel/swapspace"; - randomEncryption = { - enable = true; - cipher = "aes-xts-plain64"; - keySize = 512; - sectorSize = 4096; - }; - } ]; + swapDevices = [ + { + device = "/dev/disk/by-partlabel/swapspace"; + randomEncryption = { + enable = true; + cipher = "aes-xts-plain64"; + keySize = 512; + sectorSize = 4096; + }; + } + ]; } ``` @@ -475,9 +475,7 @@ In addition to numerous new and updated packages, this release has the following - PostgreSQL has added opt-in support for [JIT compilation](https://www.postgresql.org/docs/current/jit-reason.html). It can be enabled like this: ```nix - { - services.postgresql.enableJIT = true; - } + { services.postgresql.enableJIT = true; } ``` - `services.netdata` offers a [`services.netdata.deadlineBeforeStopSec`](#opt-services.netdata.deadlineBeforeStopSec) option which will control the deadline (in seconds) after which systemd will consider your netdata instance as dead if it didn't start in the elapsed time. It is helpful when your netdata instance takes longer to start because of a large amount of state or upgrades. diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index b6a702918e8b..920fa9862cc7 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -256,7 +256,7 @@ Make sure to also check the many updates in the [Nixpkgs library](#sec-release-2 ```nix { services.nextcloud.phpOptions = lib.mkForce { - /* ... */ + # ... }; } ``` @@ -888,9 +888,7 @@ Make sure to also check the many updates in the [Nixpkgs library](#sec-release-2 ```nix { python = python3.override { - packageOverrides = self: super: { - django = super.django_3; - }; + packageOverrides = self: super: { django = super.django_3; }; }; } ``` @@ -1237,7 +1235,11 @@ Make sure to also check the many updates in the [Nixpkgs library](#sec-release-2 enable = true; package = pkgs.coredns.override { externalPlugins = [ - {name = "fanout"; repo = "github.com/networkservicemesh/fanout"; version = "v1.9.1";} + { + name = "fanout"; + repo = "github.com/networkservicemesh/fanout"; + version = "v1.9.1"; + } ]; vendorHash = ""; }; diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index 799d9eb62a74..5b959dafacd1 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -37,7 +37,8 @@ In addition to numerous new and upgraded packages, this release has the followin which can now be replaced via an opt-in mechanism. To make your system perlless, you can use the new perlless profile: ```nix - { modulesPath, ... }: { + { modulesPath, ... }: + { imports = [ "${modulesPath}/profiles/perlless.nix" ]; } ``` @@ -244,9 +245,7 @@ The pre-existing `services.ankisyncd` has been marked deprecated and will be dro ```nix { - environment.systemPackages = [ - (azure-cli.withExtensions [ azure-cli.extensions.aks-preview ]) - ]; + environment.systemPackages = [ (azure-cli.withExtensions [ azure-cli.extensions.aks-preview ]) ]; } ``` To make the `azure-cli` immutable and prevent clashes in case `azure-cli` is also installed via other package managers, some configuration files were moved into the derivation. diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md index 3361b46d5e64..997c0bf1f325 100644 --- a/nixos/doc/manual/release-notes/rl-2411.section.md +++ b/nixos/doc/manual/release-notes/rl-2411.section.md @@ -413,11 +413,7 @@ ```nix { featureGates = [ "EphemeralContainers" ]; - extraOpts = pkgs.lib.concatStringsSep " " ( - [ - ''--feature-gates="CSIMigration=false"'' - ] - ); + extraOpts = pkgs.lib.concatStringsSep " " ([ ''--feature-gates="CSIMigration=false"'' ]); } ``` @@ -427,7 +423,7 @@ { featureGates = { EphemeralContainers = true; - CSIMigration=false; + CSIMigration = false; }; } ``` @@ -616,7 +612,7 @@ If you need to upgrade to 24.11 without having completed the migration, consider the security implications of weak password hashes on your user accounts, and add the following to your configuration: ```nix { - services.portunus.package = pkgs.portunus.override { libxcrypt = pkgs.libxcrypt-legacy; }; + services.portunus.package = pkgs.portunus.override { libxcrypt = pkgs.libxcrypt-legacy; }; services.portunus.ldap.package = pkgs.openldap.override { libxcrypt = pkgs.libxcrypt-legacy; }; } ``` @@ -959,24 +955,48 @@ If you set `sound.mediaKeys` in your configuration: ```nix { - services.actkbd = let - volumeStep = "1%"; - in { - enable = true; - bindings = [ - # "Mute" media key - { keys = [ 113 ]; events = [ "key" ]; command = "${alsa-utils}/bin/amixer -q set Master toggle"; } + services.actkbd = + let + volumeStep = "1%"; + in + { + enable = true; + bindings = [ + # "Mute" media key + { + keys = [ 113 ]; + events = [ "key" ]; + command = "${alsa-utils}/bin/amixer -q set Master toggle"; + } - # "Lower Volume" media key - { keys = [ 114 ]; events = [ "key" "rep" ]; command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}- unmute"; } + # "Lower Volume" media key + { + keys = [ 114 ]; + events = [ + "key" + "rep" + ]; + command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}- unmute"; + } - # "Raise Volume" media key - { keys = [ 115 ]; events = [ "key" "rep" ]; command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}+ unmute"; } + # "Raise Volume" media key + { + keys = [ 115 ]; + events = [ + "key" + "rep" + ]; + command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}+ unmute"; + } - # "Mic Mute" media key - { keys = [ 190 ]; events = [ "key" ]; command = "${alsa-utils}/bin/amixer -q set Capture toggle"; } - ]; - }; + # "Mic Mute" media key + { + keys = [ 190 ]; + events = [ "key" ]; + command = "${alsa-utils}/bin/amixer -q set Capture toggle"; + } + ]; + }; } ``` diff --git a/nixos/doc/manual/release-notes/rl-2505.section.md b/nixos/doc/manual/release-notes/rl-2505.section.md index ede104f80212..4ef84b41b94b 100644 --- a/nixos/doc/manual/release-notes/rl-2505.section.md +++ b/nixos/doc/manual/release-notes/rl-2505.section.md @@ -466,7 +466,11 @@ Alongside many enhancements to NixOS modules and general system improvements, th enable = true; localName = "Node 1"; localAddress = "galera_01"; - nodeAddresses = [ "galera_01" "galera_02" "galera_03"]; + nodeAddresses = [ + "galera_01" + "galera_02" + "galera_03" + ]; }; }; } diff --git a/nixos/modules/i18n/input-method/default.md b/nixos/modules/i18n/input-method/default.md index b7312348cd7a..f2d7934f94fb 100644 --- a/nixos/modules/i18n/input-method/default.md +++ b/nixos/modules/i18n/input-method/default.md @@ -27,7 +27,11 @@ The following snippet can be used to configure IBus: i18n.inputMethod = { enable = true; type = "ibus"; - ibus.engines = with pkgs.ibus-engines; [ anthy hangul mozc ]; + ibus.engines = with pkgs.ibus-engines; [ + anthy + hangul + mozc + ]; }; } ``` @@ -54,7 +58,10 @@ Available extra IBus engines are: ```nix { - ibus.engines = with pkgs.ibus-engines; [ table table-others ]; + ibus.engines = with pkgs.ibus-engines; [ + table + table-others + ]; } ``` @@ -85,7 +92,11 @@ The following snippet can be used to configure Fcitx: i18n.inputMethod = { enable = true; type = "fcitx5"; - fcitx5.addons = with pkgs; [ fcitx5-mozc fcitx5-hangul fcitx5-m17n ]; + fcitx5.addons = with pkgs; [ + fcitx5-mozc + fcitx5-hangul + fcitx5-m17n + ]; }; } ``` diff --git a/nixos/modules/programs/digitalbitbox/default.md b/nixos/modules/programs/digitalbitbox/default.md index 5147bb971e3a..0f8d1b8793c3 100644 --- a/nixos/modules/programs/digitalbitbox/default.md +++ b/nixos/modules/programs/digitalbitbox/default.md @@ -5,9 +5,7 @@ Digital Bitbox is a hardware wallet and second-factor authenticator. The `digitalbitbox` programs module may be installed by setting `programs.digitalbitbox` to `true` in a manner similar to ```nix -{ - programs.digitalbitbox.enable = true; -} +{ programs.digitalbitbox.enable = true; } ``` and bundles the `digitalbitbox` package (see [](#sec-digitalbitbox-package)), which contains the `dbb-app` and `dbb-cli` binaries, along with the hardware @@ -24,11 +22,7 @@ For more information, see . The binaries, `dbb-app` (a GUI tool) and `dbb-cli` (a CLI tool), are available through the `digitalbitbox` package which could be installed as follows: ```nix -{ - environment.systemPackages = [ - pkgs.digitalbitbox - ]; -} +{ environment.systemPackages = [ pkgs.digitalbitbox ]; } ``` ## Hardware {#sec-digitalbitbox-hardware-module} @@ -36,9 +30,7 @@ through the `digitalbitbox` package which could be installed as follows: The digitalbitbox hardware package enables the udev rules for Digital Bitbox devices and may be installed as follows: ```nix -{ - hardware.digitalbitbox.enable = true; -} +{ hardware.digitalbitbox.enable = true; } ``` In order to alter the udev rules, one may provide different values for the @@ -47,9 +39,7 @@ In order to alter the udev rules, one may provide different values for the { programs.digitalbitbox = { enable = true; - package = pkgs.digitalbitbox.override { - udevRule51 = "something else"; - }; + package = pkgs.digitalbitbox.override { udevRule51 = "something else"; }; }; } ``` diff --git a/nixos/modules/programs/plotinus.md b/nixos/modules/programs/plotinus.md index 0a2c688c722c..fd43abceb82c 100644 --- a/nixos/modules/programs/plotinus.md +++ b/nixos/modules/programs/plotinus.md @@ -13,7 +13,5 @@ palette provides a searchable list of of all menu items in the application. To enable Plotinus, add the following to your {file}`configuration.nix`: ```nix -{ - programs.plotinus.enable = true; -} +{ programs.plotinus.enable = true; } ``` diff --git a/nixos/modules/programs/zsh/oh-my-zsh.md b/nixos/modules/programs/zsh/oh-my-zsh.md index 7e4a41641eea..992e39cda3f4 100644 --- a/nixos/modules/programs/zsh/oh-my-zsh.md +++ b/nixos/modules/programs/zsh/oh-my-zsh.md @@ -13,7 +13,11 @@ configuration format of `oh-my-zsh`. { programs.zsh.ohMyZsh = { enable = true; - plugins = [ "git" "python" "man" ]; + plugins = [ + "git" + "python" + "man" + ]; theme = "agnoster"; }; } @@ -34,9 +38,7 @@ scripts. The module can do this as well: ```nix -{ - programs.zsh.ohMyZsh.custom = "~/path/to/custom/scripts"; -} +{ programs.zsh.ohMyZsh.custom = "~/path/to/custom/scripts"; } ``` ## Custom environments {#module-programs-oh-my-zsh-environments} diff --git a/nixos/modules/security/acme/default.md b/nixos/modules/security/acme/default.md index a6ef2a3fdf18..b3a5f838f897 100644 --- a/nixos/modules/security/acme/default.md +++ b/nixos/modules/security/acme/default.md @@ -210,14 +210,20 @@ Nix config. Instead, generate them one time with a systemd service: ```nix { systemd.services.dns-rfc2136-conf = { - requiredBy = ["acme-example.com.service" "bind.service"]; - before = ["acme-example.com.service" "bind.service"]; + requiredBy = [ + "acme-example.com.service" + "bind.service" + ]; + before = [ + "acme-example.com.service" + "bind.service" + ]; unitConfig = { ConditionPathExists = "!/var/lib/secrets/dnskeys.conf"; }; serviceConfig = { Type = "oneshot"; - UMask = 0077; + UMask = 77; }; path = [ pkgs.bind ]; script = '' @@ -312,28 +318,32 @@ can be applied to any service. # Now you must augment OpenSMTPD's systemd service to load # the certificate files. - systemd.services.opensmtpd.requires = ["acme-finished-mail.example.com.target"]; - systemd.services.opensmtpd.serviceConfig.LoadCredential = let - certDir = config.security.acme.certs."mail.example.com".directory; - in [ - "cert.pem:${certDir}/cert.pem" - "key.pem:${certDir}/key.pem" - ]; + systemd.services.opensmtpd.requires = [ "acme-finished-mail.example.com.target" ]; + systemd.services.opensmtpd.serviceConfig.LoadCredential = + let + certDir = config.security.acme.certs."mail.example.com".directory; + in + [ + "cert.pem:${certDir}/cert.pem" + "key.pem:${certDir}/key.pem" + ]; # Finally, configure OpenSMTPD to use these certs. - services.opensmtpd = let - credsDir = "/run/credentials/opensmtpd.service"; - in { - enable = true; - setSendmail = false; - serverConfiguration = '' - pki mail.example.com cert "${credsDir}/cert.pem" - pki mail.example.com key "${credsDir}/key.pem" - listen on localhost tls pki mail.example.com - action act1 relay host smtp://127.0.0.1:10027 - match for local action act1 - ''; - }; + services.opensmtpd = + let + credsDir = "/run/credentials/opensmtpd.service"; + in + { + enable = true; + setSendmail = false; + serverConfiguration = '' + pki mail.example.com cert "${credsDir}/cert.pem" + pki mail.example.com key "${credsDir}/key.pem" + listen on localhost tls pki mail.example.com + action act1 relay host smtp://127.0.0.1:10027 + match for local action act1 + ''; + }; } ``` diff --git a/nixos/modules/services/backup/borgbackup.md b/nixos/modules/services/backup/borgbackup.md index 23f0e5c934ed..42ba3cc3799a 100644 --- a/nixos/modules/services/backup/borgbackup.md +++ b/nixos/modules/services/backup/borgbackup.md @@ -23,20 +23,23 @@ A complete list of options for the Borgbase module may be found A very basic configuration for backing up to a locally accessible directory is: ```nix { - services.borgbackup.jobs = { - rootBackup = { - paths = "/"; - exclude = [ "/nix" "/path/to/local/repo" ]; - repo = "/path/to/local/repo"; - doInit = true; - encryption = { - mode = "repokey"; - passphrase = "secret"; - }; - compression = "auto,lzma"; - startAt = "weekly"; + services.borgbackup.jobs = { + rootBackup = { + paths = "/"; + exclude = [ + "/nix" + "/path/to/local/repo" + ]; + repo = "/path/to/local/repo"; + doInit = true; + encryption = { + mode = "repokey"; + passphrase = "secret"; }; + compression = "auto,lzma"; + startAt = "weekly"; }; + }; } ``` @@ -64,8 +67,8 @@ Add the following snippet to your NixOS configuration: my_borg_repo = { authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID78zmOyA+5uPG4Ot0hfAy+sLDPU1L4AiIoRYEIVbbQ/ root@nixos" - ] ; - path = "/var/lib/my_borg_repo" ; + ]; + path = "/var/lib/my_borg_repo"; }; }; } @@ -85,12 +88,14 @@ accessible by root backupToLocalServer = { paths = [ "/etc/nixos" ]; doInit = true; - repo = "borg@nixos:." ; + repo = "borg@nixos:."; encryption = { mode = "repokey-blake2"; passCommand = "cat /run/keys/borgbackup_passphrase"; }; - environment = { BORG_RSH = "ssh -i /run/keys/id_ed25519_my_borg_repo"; }; + environment = { + BORG_RSH = "ssh -i /run/keys/id_ed25519_my_borg_repo"; + }; compression = "auto,lzma"; startAt = "hourly"; }; diff --git a/nixos/modules/services/databases/foundationdb.md b/nixos/modules/services/databases/foundationdb.md index 5e31497ae3cd..73ee6e6b4c38 100644 --- a/nixos/modules/services/databases/foundationdb.md +++ b/nixos/modules/services/databases/foundationdb.md @@ -112,9 +112,7 @@ FoundationDB stores all data for all server processes under {file}`/var/lib/foundationdb`. You can override this using {option}`services.foundationdb.dataDir`, e.g. ```nix -{ - services.foundationdb.dataDir = "/data/fdb"; -} +{ services.foundationdb.dataDir = "/data/fdb"; } ``` Similarly, logs are stored under {file}`/var/log/foundationdb` @@ -270,9 +268,7 @@ For example, to create backups in {command}`/opt/fdb-backups`, first set up the paths in the module options: ```nix -{ - services.foundationdb.extraReadWritePaths = [ "/opt/fdb-backups" ]; -} +{ services.foundationdb.extraReadWritePaths = [ "/opt/fdb-backups" ]; } ``` Restart the FoundationDB service, and it will now be able to write to this diff --git a/nixos/modules/services/databases/postgresql.md b/nixos/modules/services/databases/postgresql.md index 4bbddf1bbc42..4e4d147e0300 100644 --- a/nixos/modules/services/databases/postgresql.md +++ b/nixos/modules/services/databases/postgresql.md @@ -41,9 +41,7 @@ alice=> By default, PostgreSQL stores its databases in {file}`/var/lib/postgresql/$psqlSchema`. You can override this using [](#opt-services.postgresql.dataDir), e.g. ```nix -{ - services.postgresql.dataDir = "/data/postgresql"; -} +{ services.postgresql.dataDir = "/data/postgresql"; } ``` ## Initializing {#module-services-postgres-initializing} @@ -183,36 +181,44 @@ $ nix-instantiate --eval -A postgresql_13.psqlSchema ``` For an upgrade, a script like this can be used to simplify the process: ```nix -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: { environment.systemPackages = [ - (let - # XXX specify the postgresql package you'd like to upgrade to. - # Do not forget to list the extensions you need. - newPostgres = pkgs.postgresql_13.withPackages (pp: [ - # pp.plv8 - ]); - cfg = config.services.postgresql; - in pkgs.writeScriptBin "upgrade-pg-cluster" '' - set -eux - # XXX it's perhaps advisable to stop all services that depend on postgresql - systemctl stop postgresql + ( + let + # XXX specify the postgresql package you'd like to upgrade to. + # Do not forget to list the extensions you need. + newPostgres = pkgs.postgresql_13.withPackages (pp: [ + # pp.plv8 + ]); + cfg = config.services.postgresql; + in + pkgs.writeScriptBin "upgrade-pg-cluster" '' + set -eux + # XXX it's perhaps advisable to stop all services that depend on postgresql + systemctl stop postgresql - export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}" - export NEWBIN="${newPostgres}/bin" + export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}" + export NEWBIN="${newPostgres}/bin" - export OLDDATA="${cfg.dataDir}" - export OLDBIN="${cfg.finalPackage}/bin" + export OLDDATA="${cfg.dataDir}" + export OLDBIN="${cfg.finalPackage}/bin" - install -d -m 0700 -o postgres -g postgres "$NEWDATA" - cd "$NEWDATA" - sudo -u postgres "$NEWBIN/initdb" -D "$NEWDATA" ${lib.escapeShellArgs cfg.initdbArgs} + install -d -m 0700 -o postgres -g postgres "$NEWDATA" + cd "$NEWDATA" + sudo -u postgres "$NEWBIN/initdb" -D "$NEWDATA" ${lib.escapeShellArgs cfg.initdbArgs} - sudo -u postgres "$NEWBIN/pg_upgrade" \ - --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ - --old-bindir "$OLDBIN" --new-bindir "$NEWBIN" \ - "$@" - '') + sudo -u postgres "$NEWBIN/pg_upgrade" \ + --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ + --old-bindir "$OLDBIN" --new-bindir "$NEWBIN" \ + "$@" + '' + ) ]; } ``` @@ -313,10 +319,11 @@ To add plugins via NixOS configuration, set `services.postgresql.extensions`: ```nix { services.postgresql.package = pkgs.postgresql_17; - services.postgresql.extensions = ps: with ps; [ - pg_repack - postgis - ]; + services.postgresql.extensions = + ps: with ps; [ + pg_repack + postgis + ]; } ``` @@ -333,7 +340,7 @@ self: super: { Here's a recipe on how to override a particular plugin through an overlay: ```nix self: super: { - postgresql_15 = super.postgresql_15// { + postgresql_15 = super.postgresql_15 // { pkgs = super.postgresql_15.pkgs // { pg_repack = super.postgresql_15.pkgs.pg_repack.overrideAttrs (_: { name = "pg_repack-v20181024"; @@ -353,11 +360,12 @@ PostgreSQL ships the additional procedural languages PL/Perl, PL/Python and PL/T They are packaged as plugins and can be made available in the same way as external extensions: ```nix { - services.postgresql.extensions = ps: with ps; [ - plperl - plpython3 - pltcl - ]; + services.postgresql.extensions = + ps: with ps; [ + plperl + plpython3 + pltcl + ]; } ``` @@ -366,9 +374,8 @@ Each procedural language plugin provides a `.withPackages` helper to make langua For example, to make `python3Packages.base58` available: ```nix { - services.postgresql.extensions = pgps: with pgps; [ - (plpython3.withPackages (pyps: with pyps; [ base58 ])) - ]; + services.postgresql.extensions = + pgps: with pgps; [ (plpython3.withPackages (pyps: with pyps; [ base58 ])) ]; } ``` @@ -385,9 +392,7 @@ is disabled by default because of the ~600MiB closure-size increase from the LLV can be optionally enabled in PostgreSQL with the following config option: ```nix -{ - services.postgresql.enableJIT = true; -} +{ services.postgresql.enableJIT = true; } ``` This makes sure that the [`jit`](https://www.postgresql.org/docs/current/runtime-config-query.html#GUC-JIT)-setting @@ -406,7 +411,9 @@ overlay) since all modifications are propagated to `withJIT`. I.e. with import { overlays = [ (self: super: { - postgresql = super.postgresql.overrideAttrs (_: { pname = "foobar"; }); + postgresql = super.postgresql.overrideAttrs (_: { + pname = "foobar"; + }); }) ]; }; @@ -428,9 +435,7 @@ several common hardening options from `systemd`, most notably: * When using [`TABLESPACE`](https://www.postgresql.org/docs/current/manage-ag-tablespaces.html)s, make sure to add the filesystem paths to `ReadWritePaths` like this: ```nix { - systemd.services.postgresql.serviceConfig.ReadWritePaths = [ - "/path/to/tablespace/location" - ]; + systemd.services.postgresql.serviceConfig.ReadWritePaths = [ "/path/to/tablespace/location" ]; } ``` diff --git a/nixos/modules/services/databases/tigerbeetle.md b/nixos/modules/services/databases/tigerbeetle.md index 7cf3bedda5e0..2acbc96c5e66 100644 --- a/nixos/modules/services/databases/tigerbeetle.md +++ b/nixos/modules/services/databases/tigerbeetle.md @@ -8,9 +8,7 @@ TigerBeetle is a distributed financial accounting database designed for mission To enable TigerBeetle, add the following to your {file}`configuration.nix`: ```nix -{ - services.tigerbeetle.enable = true; -} +{ services.tigerbeetle.enable = true; } ``` When first started, the TigerBeetle service will create its data file at {file}`/var/lib/tigerbeetle` unless the file already exists, in which case it will just use the existing file. diff --git a/nixos/modules/services/desktop-managers/gnome.md b/nixos/modules/services/desktop-managers/gnome.md index 4b45b0872aa7..1fa248761ada 100644 --- a/nixos/modules/services/desktop-managers/gnome.md +++ b/nixos/modules/services/desktop-managers/gnome.md @@ -26,9 +26,7 @@ The default applications used in NixOS are very minimal, inspired by the default If you’d like to only use the GNOME desktop and not the apps, you can disable them with: ```nix -{ - services.gnome.core-apps.enable = false; -} +{ services.gnome.core-apps.enable = false; } ``` and none of them will be installed. @@ -55,9 +53,7 @@ Note, however, that doing so is not supported and might break some applications. You can install all of the GNOME games with: ```nix -{ - services.gnome.games.enable = true; -} +{ services.gnome.games.enable = true; } ``` ### GNOME core developer tools {#sec-gnome-core-developer-tools} @@ -65,9 +61,7 @@ You can install all of the GNOME games with: You can install GNOME core developer tools with: ```nix -{ - services.gnome.core-developer-tools.enable = true; -} +{ services.gnome.core-developer-tools.enable = true; } ``` ## Enabling GNOME Flashback {#sec-gnome-enable-flashback} @@ -75,9 +69,7 @@ You can install GNOME core developer tools with: GNOME Flashback provides a desktop environment based on the classic GNOME 2 architecture. You can enable the default GNOME Flashback session, which uses the Metacity window manager, with: ```nix -{ - services.desktopManager.gnome.flashback.enableMetacity = true; -} +{ services.desktopManager.gnome.flashback.enableMetacity = true; } ``` It is also possible to create custom sessions that replace Metacity with a different window manager using [](#opt-services.desktopManager.gnome.flashback.customSessions). diff --git a/nixos/modules/services/desktops/flatpak.md b/nixos/modules/services/desktops/flatpak.md index 5299b32a03c7..eae51138e811 100644 --- a/nixos/modules/services/desktops/flatpak.md +++ b/nixos/modules/services/desktops/flatpak.md @@ -9,9 +9,7 @@ applications on Linux. To enable Flatpak, add the following to your {file}`configuration.nix`: ```nix -{ - services.flatpak.enable = true; -} +{ services.flatpak.enable = true; } ``` For the sandboxed apps to work correctly, desktop integration portals need to diff --git a/nixos/modules/services/development/athens.md b/nixos/modules/services/development/athens.md index 6f8181561913..cc339c2f43f3 100644 --- a/nixos/modules/services/development/athens.md +++ b/nixos/modules/services/development/athens.md @@ -20,9 +20,9 @@ A complete list of options for the Athens module may be found A very basic configuration for Athens that acts as a caching and forwarding HTTP proxy is: ```nix { - services.athens = { - enable = true; - }; + services.athens = { + enable = true; + }; } ``` @@ -30,10 +30,10 @@ If you want to prevent Athens from writing to disk, you can instead configure it ```nix { - services.athens = { - enable = true; - storageType = "memory"; - }; + services.athens = { + enable = true; + storageType = "memory"; + }; } ``` @@ -52,9 +52,7 @@ To also use the local proxy for Go builds happening in `nix` (with `buildGoModul This can either be done via the nix-daemon systemd unit: ```nix -{ - systemd.services.nix-daemon.environment.GOPROXY = "http://localhost:3000"; -} +{ systemd.services.nix-daemon.environment.GOPROXY = "http://localhost:3000"; } ``` or via the [impure-env experimental feature](https://nix.dev/manual/nix/2.24/command-ref/conf-file#conf-impure-env): diff --git a/nixos/modules/services/development/blackfire.md b/nixos/modules/services/development/blackfire.md index 5a7fbe68f7d2..ad58e7ba04dd 100644 --- a/nixos/modules/services/development/blackfire.md +++ b/nixos/modules/services/development/blackfire.md @@ -9,10 +9,9 @@ To use it, you will need to enable the agent and the probe on your server. The exact method will depend on the way you use PHP but here is an example of NixOS configuration for PHP-FPM: ```nix let - php = pkgs.php.withExtensions ({ enabled, all }: enabled ++ (with all; [ - blackfire - ])); -in { + php = pkgs.php.withExtensions ({ enabled, all }: enabled ++ (with all; [ blackfire ])); +in +{ # Enable the probe extension for PHP-FPM. services.phpfpm = { phpPackage = php; diff --git a/nixos/modules/services/development/livebook.md b/nixos/modules/services/development/livebook.md index aac9c58d081c..65eb5d55fd86 100644 --- a/nixos/modules/services/development/livebook.md +++ b/nixos/modules/services/development/livebook.md @@ -53,6 +53,9 @@ learning Kinos require `gcc` and `gnumake`. To add these, use ```nix { - services.livebook.extraPackages = with pkgs; [ gcc gnumake ]; + services.livebook.extraPackages = with pkgs; [ + gcc + gnumake + ]; } ``` diff --git a/nixos/modules/services/editors/emacs.md b/nixos/modules/services/editors/emacs.md index da1028675155..a3c9ae5907b0 100644 --- a/nixos/modules/services/editors/emacs.md +++ b/nixos/modules/services/editors/emacs.md @@ -85,23 +85,25 @@ dedicated {file}`emacs.nix` file such as: ```nix /* -This is a nix expression to build Emacs and some Emacs packages I like -from source on any distribution where Nix is installed. This will install -all the dependencies from the nixpkgs repository and build the binary files -without interfering with the host distribution. + This is a nix expression to build Emacs and some Emacs packages I like + from source on any distribution where Nix is installed. This will install + all the dependencies from the nixpkgs repository and build the binary files + without interfering with the host distribution. -To build the project, type the following from the current directory: + To build the project, type the following from the current directory: -$ nix-build emacs.nix + $ nix-build emacs.nix -To run the newly compiled executable: + To run the newly compiled executable: -$ ./result/bin/emacs + $ ./result/bin/emacs */ # The first non-comment line in this file indicates that # the whole file represents a function. -{ pkgs ? import {} }: +{ + pkgs ? import { }, +}: let # The let expression below defines a myEmacs binding pointing to the @@ -113,29 +115,32 @@ let # argument: a function from a package set to a list of packages # (the packages that will be available in Emacs). emacsWithPackages = (pkgs.emacsPackagesFor myEmacs).emacsWithPackages; -in # The rest of the file specifies the list of packages to install. In the # example, two packages (magit and zerodark-theme) are taken from # MELPA stable. - emacsWithPackages (epkgs: (with epkgs.melpaStablePackages; [ - magit # ; Integrate git +in +emacsWithPackages ( + epkgs: + (with epkgs.melpaStablePackages; [ + magit # ; Integrate git zerodark-theme # ; Nicolas' theme ]) # Two packages (undo-tree and zoom-frm) are taken from MELPA. ++ (with epkgs.melpaPackages; [ - undo-tree # ; to show the undo tree - zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+> + undo-tree # ; to show the undo tree + zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+> ]) # Three packages are taken from GNU ELPA. ++ (with epkgs.elpaPackages; [ - auctex # ; LaTeX mode - beacon # ; highlight my cursor when scrolling - nameless # ; hide current package name everywhere in elisp code + auctex # ; LaTeX mode + beacon # ; highlight my cursor when scrolling + nameless # ; hide current package name everywhere in elisp code ]) # notmuch is taken from a nixpkgs derivation which contains an Emacs mode. ++ [ - pkgs.notmuch # From main packages set - ]) + pkgs.notmuch # From main packages set + ] +) ``` ::: @@ -180,9 +185,9 @@ file {file}`configuration.nix` to make it contain: ```nix { - environment.systemPackages = [ - # [...] - (import ./emacs.nix { inherit pkgs; }) + environment.systemPackages = [ + # [...] + (import ./emacs.nix { inherit pkgs; }) ]; } ``` @@ -205,9 +210,14 @@ adding it to your {file}`~/.config/nixpkgs/config.nix` (see ```nix { - packageOverrides = super: let self = super.pkgs; in { - myemacs = import ./emacs.nix { pkgs = self; }; - }; + packageOverrides = + super: + let + self = super.pkgs; + in + { + myemacs = import ./emacs.nix { pkgs = self; }; + }; } ``` ::: @@ -229,20 +239,29 @@ only use {command}`emacsclient`), you can change your file ### Custom Emacs build ```nix -{ pkgs ? import {} }: +{ + pkgs ? import { }, +}: let - myEmacs = (pkgs.emacs.override { - # Use gtk3 instead of the default gtk2 - withGTK3 = true; - withGTK2 = false; - }).overrideAttrs (attrs: { - # I don't want emacs.desktop file because I only use - # emacsclient. - postInstall = (attrs.postInstall or "") + '' - rm $out/share/applications/emacs.desktop - ''; - }); -in [ /* ... */ ] + myEmacs = + (pkgs.emacs.override { + # Use gtk3 instead of the default gtk2 + withGTK3 = true; + withGTK2 = false; + }).overrideAttrs + (attrs: { + # I don't want emacs.desktop file because I only use + # emacsclient. + postInstall = + (attrs.postInstall or "") + + '' + rm $out/share/applications/emacs.desktop + ''; + }); +in +[ + # ... +] ``` ::: @@ -263,9 +282,7 @@ with the user's login session. To install and enable the {command}`systemd` user service for Emacs daemon, add the following to your {file}`configuration.nix`: ```nix -{ - services.emacs.enable = true; -} +{ services.emacs.enable = true; } ``` The {var}`services.emacs.package` option allows a custom diff --git a/nixos/modules/services/hardware/display.md b/nixos/modules/services/hardware/display.md index 019c4cf146eb..5b3b96d571ac 100644 --- a/nixos/modules/services/hardware/display.md +++ b/nixos/modules/services/hardware/display.md @@ -23,8 +23,9 @@ This is exactly the case with [`amdgpu` drivers](https://gitlab.freedesktop.org/ # completely disable output no matter what is connected to it hardware.display.outputs."VGA-2".mode = "d"; - /* equals - boot.kernelParams = [ "video=DP-1:e" "video=VGA-2:d" ]; + /* + equals + boot.kernelParams = [ "video=DP-1:e" "video=VGA-2:d" ]; */ } ``` @@ -37,14 +38,14 @@ To make custom EDID binaries discoverable you should first create a derivation s ```nix { hardware.display.edid.packages = [ - (pkgs.runCommand "edid-custom" {} '' - mkdir -p $out/lib/firmware/edid - base64 -d > "$out/lib/firmware/edid/custom1.bin" <<'EOF' - - EOF - base64 -d > "$out/lib/firmware/edid/custom2.bin" <<'EOF' - - EOF + (pkgs.runCommand "edid-custom" { } '' + mkdir -p $out/lib/firmware/edid + base64 -d > "$out/lib/firmware/edid/custom1.bin" <<'EOF' + + EOF + base64 -d > "$out/lib/firmware/edid/custom2.bin" <<'EOF' + + EOF '') ]; } @@ -63,8 +64,9 @@ Under the hood it adds `drm.edid_firmware` entry to `boot.kernelParams` NixOS op { hardware.display.outputs."VGA-1".edid = "custom1.bin"; hardware.display.outputs."VGA-2".edid = "custom2.bin"; - /* equals: - boot.kernelParams = [ "drm.edid_firmware=VGA-1:edid/custom1.bin,VGA-2:edid/custom2.bin" ]; + /* + equals: + boot.kernelParams = [ "drm.edid_firmware=VGA-1:edid/custom1.bin,VGA-2:edid/custom2.bin" ]; */ } ``` @@ -76,16 +78,20 @@ from https://github.com/linuxhw/EDID based on simple string/regexp search identi ```nix { - hardware.display.edid.linuxhw."PG278Q_2014" = [ "PG278Q" "2014" ]; - - /* equals: - hardware.display.edid.packages = [ - (pkgs.linuxhw-edid-fetcher.override { - displays = { - "PG278Q_2014" = [ "PG278Q" "2014" ]; - }; - }) + hardware.display.edid.linuxhw."PG278Q_2014" = [ + "PG278Q" + "2014" ]; + + /* + equals: + hardware.display.edid.packages = [ + (pkgs.linuxhw-edid-fetcher.override { + displays = { + "PG278Q_2014" = [ "PG278Q" "2014" ]; + }; + }) + ]; */ } ``` @@ -98,19 +104,22 @@ conveniently use [`XFree86 Modeline`](https://en.wikipedia.org/wiki/XFree86_Mode ```nix { - hardware.display.edid.modelines."PG278Q_60" = " 241.50 2560 2608 2640 2720 1440 1443 1448 1481 -hsync +vsync"; - hardware.display.edid.modelines."PG278Q_120" = " 497.75 2560 2608 2640 2720 1440 1443 1448 1525 +hsync -vsync"; + hardware.display.edid.modelines."PG278Q_60" = + " 241.50 2560 2608 2640 2720 1440 1443 1448 1481 -hsync +vsync"; + hardware.display.edid.modelines."PG278Q_120" = + " 497.75 2560 2608 2640 2720 1440 1443 1448 1525 +hsync -vsync"; - /* equals: - hardware.display.edid.packages = [ - (pkgs.edid-generator.overrideAttrs { - clean = true; - modelines = '' - Modeline "PG278Q_60" 241.50 2560 2608 2640 2720 1440 1443 1448 1481 -hsync +vsync - Modeline "PG278Q_120" 497.75 2560 2608 2640 2720 1440 1443 1448 1525 +hsync -vsync - ''; - }) - ]; + /* + equals: + hardware.display.edid.packages = [ + (pkgs.edid-generator.overrideAttrs { + clean = true; + modelines = '' + Modeline "PG278Q_60" 241.50 2560 2608 2640 2720 1440 1443 1448 1481 -hsync +vsync + Modeline "PG278Q_120" 497.75 2560 2608 2640 2720 1440 1443 1448 1525 +hsync -vsync + ''; + }) + ]; */ } ``` @@ -121,8 +130,10 @@ And finally this is a complete working example for a 2014 (first) batch of [Asus ```nix { - hardware.display.edid.modelines."PG278Q_60" = " 241.50 2560 2608 2640 2720 1440 1443 1448 1481 -hsync +vsync"; - hardware.display.edid.modelines."PG278Q_120" = " 497.75 2560 2608 2640 2720 1440 1443 1448 1525 +hsync -vsync"; + hardware.display.edid.modelines."PG278Q_60" = + " 241.50 2560 2608 2640 2720 1440 1443 1448 1481 -hsync +vsync"; + hardware.display.edid.modelines."PG278Q_120" = + " 497.75 2560 2608 2640 2720 1440 1443 1448 1525 +hsync -vsync"; hardware.display.outputs."DP-1".edid = "PG278Q_60.bin"; hardware.display.outputs."DP-1".mode = "e"; diff --git a/nixos/modules/services/mail/mailman.md b/nixos/modules/services/mail/mailman.md index 446aa1f921b6..b36ce69392c5 100644 --- a/nixos/modules/services/mail/mailman.md +++ b/nixos/modules/services/mail/mailman.md @@ -10,26 +10,31 @@ an existing, securely configured Postfix setup, as it does not automatically con For a basic configuration with Postfix as the MTA, the following settings are suggested: ```nix -{ config, ... }: { +{ config, ... }: +{ services.postfix = { enable = true; - relayDomains = ["hash:/var/lib/mailman/data/postfix_domains"]; + relayDomains = [ "hash:/var/lib/mailman/data/postfix_domains" ]; sslCert = config.security.acme.certs."lists.example.org".directory + "/full.pem"; sslKey = config.security.acme.certs."lists.example.org".directory + "/key.pem"; config = { - transport_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"]; - local_recipient_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"]; + transport_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ]; + local_recipient_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ]; }; }; services.mailman = { enable = true; serve.enable = true; hyperkitty.enable = true; - webHosts = ["lists.example.org"]; + webHosts = [ "lists.example.org" ]; siteOwner = "mailman@example.org"; }; services.nginx.virtualHosts."lists.example.org".enableACME = true; - networking.firewall.allowedTCPPorts = [ 25 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 25 + 80 + 443 + ]; } ``` @@ -51,7 +56,8 @@ necessary, but outside the scope of the Mailman module. Mailman also supports other MTA, though with a little bit more configuration. For example, to use Mailman with Exim, you can use the following settings: ```nix -{ config, ... }: { +{ config, ... }: +{ services = { mailman = { enable = true; diff --git a/nixos/modules/services/matrix/maubot.md b/nixos/modules/services/matrix/maubot.md index d49066057a23..46a0caaedefc 100644 --- a/nixos/modules/services/matrix/maubot.md +++ b/nixos/modules/services/matrix/maubot.md @@ -10,9 +10,7 @@ framework for Matrix. 2. If you want to use PostgreSQL instead of SQLite, do this: ```nix - { - services.maubot.settings.database = "postgresql://maubot@localhost/maubot"; - } + { services.maubot.settings.database = "postgresql://maubot@localhost/maubot"; } ``` If the PostgreSQL connection requires a password, you will have to diff --git a/nixos/modules/services/matrix/mjolnir.md b/nixos/modules/services/matrix/mjolnir.md index 2594f05ce27b..e2a7e3806cb7 100644 --- a/nixos/modules/services/matrix/mjolnir.md +++ b/nixos/modules/services/matrix/mjolnir.md @@ -52,13 +52,11 @@ will be configured to connect to the new Pantalaimon instance. enable = true; homeserverUrl = "https://matrix.domain.tld"; pantalaimon = { - enable = true; - username = "mjolnir"; - passwordFile = "/run/secrets/mjolnir-password"; + enable = true; + username = "mjolnir"; + passwordFile = "/run/secrets/mjolnir-password"; }; - protectedRooms = [ - "https://matrix.to/#/!xxx:domain.tld" - ]; + protectedRooms = [ "https://matrix.to/#/!xxx:domain.tld" ]; managementRoom = "!yyy:domain.tld"; }; } @@ -81,9 +79,7 @@ to the Synapse plugin list and enable the `mjolnir.Module` module. ```nix { services.matrix-synapse = { - plugins = with pkgs; [ - matrix-synapse-plugins.matrix-synapse-mjolnir-antispam - ]; + plugins = with pkgs; [ matrix-synapse-plugins.matrix-synapse-mjolnir-antispam ]; extraConfig = '' modules: - module: mjolnir.Module diff --git a/nixos/modules/services/matrix/synapse.md b/nixos/modules/services/matrix/synapse.md index 62967adddb4b..7ca8e1c354ff 100644 --- a/nixos/modules/services/matrix/synapse.md +++ b/nixos/modules/services/matrix/synapse.md @@ -44,7 +44,12 @@ the host `myhostname.example.org`. For more information, please refer to the [installation instructions of Synapse](https://element-hq.github.io/synapse/latest/setup/installation.html) . ```nix -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let fqdn = "${config.networking.hostName}.${config.networking.domain}"; baseUrl = "https://${fqdn}"; @@ -55,10 +60,14 @@ let add_header Access-Control-Allow-Origin *; return 200 '${builtins.toJSON data}'; ''; -in { +in +{ networking.hostName = "myhostname"; networking.domain = "example.org"; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; services.postgresql.enable = true; @@ -117,15 +126,21 @@ in { # in client applications. settings.public_baseurl = baseUrl; settings.listeners = [ - { port = 8008; + { + port = 8008; bind_addresses = [ "::1" ]; type = "http"; tls = false; x_forwarded = true; - resources = [ { - names = [ "client" "federation" ]; - compress = true; - } ]; + resources = [ + { + names = [ + "client" + "federation" + ]; + compress = true; + } + ]; } ]; }; @@ -173,9 +188,7 @@ in an additional file like this: ```nix { - services.matrix-synapse.extraConfigFiles = [ - "/run/secrets/matrix-shared-secret" - ]; + services.matrix-synapse.extraConfigFiles = [ "/run/secrets/matrix-shared-secret" ]; } ``` ::: @@ -208,9 +221,7 @@ for a list of existing clients and their supported featureset. services.nginx.virtualHosts."element.${fqdn}" = { enableACME = true; forceSSL = true; - serverAliases = [ - "element.${config.networking.domain}" - ]; + serverAliases = [ "element.${config.networking.domain}" ]; root = pkgs.element-web.override { conf = { diff --git a/nixos/modules/services/misc/anki-sync-server.md b/nixos/modules/services/misc/anki-sync-server.md index 1210cad6d0af..8040f2da1b72 100644 --- a/nixos/modules/services/misc/anki-sync-server.md +++ b/nixos/modules/services/misc/anki-sync-server.md @@ -46,9 +46,7 @@ By default, synced data are stored in */var/lib/anki-sync-server/*ankiuser**. You can change the directory by using `services.anki-sync-server.baseDirectory` ```nix -{ - services.anki-sync-server.baseDirectory = "/home/anki/data"; -} +{ services.anki-sync-server.baseDirectory = "/home/anki/data"; } ``` By default, the server listen address {option}`services.anki-sync-server.host` diff --git a/nixos/modules/services/misc/dump1090-fa.md b/nixos/modules/services/misc/dump1090-fa.md index 835d91e61828..41b9bd02d2c0 100644 --- a/nixos/modules/services/misc/dump1090-fa.md +++ b/nixos/modules/services/misc/dump1090-fa.md @@ -9,7 +9,8 @@ When enabled, this module automatically creates a systemd service to start the ` Exposing the integrated web interface is left to the user's configuration. Below is a minimal example demonstrating how to serve it using Nginx: ```nix -{ pkgs, ... }: { +{ pkgs, ... }: +{ services.dump1090-fa.enable = true; services.nginx = { @@ -22,5 +23,4 @@ Exposing the integrated web interface is left to the user's configuration. Below }; }; } - ``` diff --git a/nixos/modules/services/misc/forgejo.md b/nixos/modules/services/misc/forgejo.md index cca557408639..3ae80b5adbe9 100644 --- a/nixos/modules/services/misc/forgejo.md +++ b/nixos/modules/services/misc/forgejo.md @@ -53,7 +53,7 @@ let repo = "nixpkgs"; rev = "3bb45b041e7147e2fd2daf689e26a1f970a55d65"; hash = "sha256-8JL5NI9eUcGzzbR/ARkrG81WLwndoxqI650mA/4rUGI="; - }) {}; + }) { }; in { services.forgejo.package = nixpkgs-forgejo-10.forgejo; @@ -114,6 +114,6 @@ Make sure to disable `services.gitea`, when doing this. isSystemUser = true; }; - users.groups.gitea = {}; + users.groups.gitea = { }; } ``` diff --git a/nixos/modules/services/misc/gitlab.md b/nixos/modules/services/misc/gitlab.md index f7a5a8027489..de1e256bfef3 100644 --- a/nixos/modules/services/misc/gitlab.md +++ b/nixos/modules/services/misc/gitlab.md @@ -64,7 +64,9 @@ A basic configuration with some custom settings could look like this: email_from = "gitlab-no-reply@example.com"; email_display_name = "Example GitLab"; email_reply_to = "gitlab-no-reply@example.com"; - default_projects_features = { builds = false; }; + default_projects_features = { + builds = false; + }; }; }; }; diff --git a/nixos/modules/services/misc/paisa.md b/nixos/modules/services/misc/paisa.md index e16b52cbcdb6..1f5239b8f3c3 100644 --- a/nixos/modules/services/misc/paisa.md +++ b/nixos/modules/services/misc/paisa.md @@ -21,9 +21,7 @@ configure this in the module, but you can e.g. use systemd to give the unit access to the command at runtime. ```nix -{ - systemd.services.paisa.path = [ pkgs.hledger ]; -} +{ systemd.services.paisa.path = [ pkgs.hledger ]; } ``` ::: {.note} diff --git a/nixos/modules/services/monitoring/parsedmarc.md b/nixos/modules/services/monitoring/parsedmarc.md index 765846bbbaf3..077988ff6278 100644 --- a/nixos/modules/services/monitoring/parsedmarc.md +++ b/nixos/modules/services/monitoring/parsedmarc.md @@ -80,7 +80,7 @@ added to Grafana as well. # Not required, but recommended for full functionality services.geoipupdate = { settings = { - AccountID = 000000; + AccountID = 0; LicenseKey = "/path/to/license_key_file"; }; }; @@ -104,7 +104,7 @@ added to Grafana as well. recommendedOptimisation = true; recommendedGzipSettings = true; recommendedProxySettings = true; - upstreams.grafana.servers."unix:/${config.services.grafana.socket}" = {}; + upstreams.grafana.servers."unix:/${config.services.grafana.socket}" = { }; virtualHosts.${url} = { root = config.services.grafana.staticRootPath; enableACME = true; diff --git a/nixos/modules/services/monitoring/prometheus/exporters.md b/nixos/modules/services/monitoring/prometheus/exporters.md index 23464b9d315e..f0bff8154291 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters.md +++ b/nixos/modules/services/monitoring/prometheus/exporters.md @@ -18,9 +18,7 @@ running on. The exporter could be configured as follows: "logind" "systemd" ]; - disabledCollectors = [ - "textfile" - ]; + disabledCollectors = [ "textfile" ]; openFirewall = true; firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; }; @@ -39,20 +37,24 @@ the [available options](https://nixos.org/nixos/options.html#prometheus.exporter Prometheus can now be configured to consume the metrics produced by the exporter: ```nix { - services.prometheus = { - # ... + services.prometheus = { + # ... - scrapeConfigs = [ - { - job_name = "node"; - static_configs = [{ - targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; - }]; - } - ]; + scrapeConfigs = [ + { + job_name = "node"; + static_configs = [ + { + targets = [ + "localhost:${toString config.services.prometheus.exporters.node.port}" + ]; + } + ]; + } + ]; - # ... - }; + # ... + }; } ``` @@ -82,7 +84,12 @@ example: specific options and configuration: ```nix # nixpkgs/nixos/modules/services/prometheus/exporters/postfix.nix - { config, lib, pkgs, options }: + { + config, + lib, + pkgs, + options, + }: let # for convenience we define cfg here cfg = config.services.prometheus.exporters.postfix; @@ -151,7 +158,12 @@ Should an exporter option change at some point, it is possible to add information about the change to the exporter definition similar to `nixpkgs/nixos/modules/rename.nix`: ```nix -{ config, lib, pkgs, options }: +{ + config, + lib, + pkgs, + options, +}: let cfg = config.services.prometheus.exporters.nginx; diff --git a/nixos/modules/services/network-filesystems/litestream/default.md b/nixos/modules/services/network-filesystems/litestream/default.md index 626d69df84a5..f422419a98a6 100644 --- a/nixos/modules/services/network-filesystems/litestream/default.md +++ b/nixos/modules/services/network-filesystems/litestream/default.md @@ -13,24 +13,26 @@ required permissions to access [grafana database](#opt-services.grafana.settings { users.users.litestream.extraGroups = [ "grafana" ]; - systemd.services.grafana.serviceConfig.ExecStartPost = "+" + pkgs.writeShellScript "grant-grafana-permissions" '' - timeout=10 + systemd.services.grafana.serviceConfig.ExecStartPost = + "+" + + pkgs.writeShellScript "grant-grafana-permissions" '' + timeout=10 - while [ ! -f /var/lib/grafana/data/grafana.db ]; - do - if [ "$timeout" == 0 ]; then - echo "ERROR: Timeout while waiting for /var/lib/grafana/data/grafana.db." - exit 1 - fi + while [ ! -f /var/lib/grafana/data/grafana.db ]; + do + if [ "$timeout" == 0 ]; then + echo "ERROR: Timeout while waiting for /var/lib/grafana/data/grafana.db." + exit 1 + fi - sleep 1 + sleep 1 - ((timeout--)) - done + ((timeout--)) + done - find /var/lib/grafana -type d -exec chmod -v 775 {} \; - find /var/lib/grafana -type f -exec chmod -v 660 {} \; - ''; + find /var/lib/grafana -type d -exec chmod -v 775 {} \; + find /var/lib/grafana -type f -exec chmod -v 660 {} \; + ''; services.litestream = { enable = true; @@ -41,9 +43,7 @@ required permissions to access [grafana database](#opt-services.grafana.settings dbs = [ { path = "/var/lib/grafana/data/grafana.db"; - replicas = [{ - url = "s3://mybkt.litestream.io/grafana"; - }]; + replicas = [ { url = "s3://mybkt.litestream.io/grafana"; } ]; } ]; }; diff --git a/nixos/modules/services/network-filesystems/samba.md b/nixos/modules/services/network-filesystems/samba.md index 229320220974..bf55c24e1ede 100644 --- a/nixos/modules/services/network-filesystems/samba.md +++ b/nixos/modules/services/network-filesystems/samba.md @@ -7,9 +7,7 @@ A minimal configuration looks like this: ```nix -{ - services.samba.enable = true; -} +{ services.samba.enable = true; } ``` This configuration automatically enables `smbd`, `nmbd` and `winbindd` services by default. diff --git a/nixos/modules/services/networking/anubis.md b/nixos/modules/services/networking/anubis.md index 8a9a2ea76aa6..533ece7bfbd3 100644 --- a/nixos/modules/services/networking/anubis.md +++ b/nixos/modules/services/networking/anubis.md @@ -11,7 +11,8 @@ instances, but TCP sockets are also supported. A minimal configuration with [nginx](#opt-services.nginx.enable) may look like the following: ```nix -{ config, ... }: { +{ config, ... }: +{ services.anubis.instances.default.settings.TARGET = "http://localhost:8000"; # required due to unix socket permissions @@ -49,7 +50,9 @@ It is possible to configure default settings for all instances of Anubis, via {o ```nix { services.anubis.defaultOptions = { - botPolicy = { dnsbl = false; }; + botPolicy = { + dnsbl = false; + }; settings.DIFFICULTY = 3; }; } diff --git a/nixos/modules/services/networking/atalkd.md b/nixos/modules/services/networking/atalkd.md index 3b999680ce33..034e22a4c9d8 100644 --- a/nixos/modules/services/networking/atalkd.md +++ b/nixos/modules/services/networking/atalkd.md @@ -10,7 +10,7 @@ A minimal configuration looks like this: { services.atalkd = { enable = true; - interfaces.wlan0.config = "-router -phase 2 -net 1 -addr 1.48 -zone \"Default\""; + interfaces.wlan0.config = ''-router -phase 2 -net 1 -addr 1.48 -zone "Default"''; }; } ``` diff --git a/nixos/modules/services/networking/crab-hole.md b/nixos/modules/services/networking/crab-hole.md index 52a452b91545..a3e1919a92e1 100644 --- a/nixos/modules/services/networking/crab-hole.md +++ b/nixos/modules/services/networking/crab-hole.md @@ -209,7 +209,5 @@ For ACME for example this would be `acme:acme`. To give the crab-hole service access to these files, the group which owns the certificate can be added as a supplementary group to the service. For ACME for example: ```nix -{ - services.crab-hole.supplementaryGroups = [ "acme" ]; -} +{ services.crab-hole.supplementaryGroups = [ "acme" ]; } ``` diff --git a/nixos/modules/services/networking/doh-server.md b/nixos/modules/services/networking/doh-server.md index 2ac1630aa29d..730100eec688 100644 --- a/nixos/modules/services/networking/doh-server.md +++ b/nixos/modules/services/networking/doh-server.md @@ -35,7 +35,10 @@ Setup with Nginx + ACME (recommended): defaults.email = "you@example.com"; }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; } ``` diff --git a/nixos/modules/services/networking/jotta-cli.md b/nixos/modules/services/networking/jotta-cli.md index d5629465377d..7e84aa18599a 100644 --- a/nixos/modules/services/networking/jotta-cli.md +++ b/nixos/modules/services/networking/jotta-cli.md @@ -5,9 +5,7 @@ The [Jottacloud Command-line Tool](https://docs.jottacloud.com/en/articles/14368 ## Quick Start {#module-services-jotta-cli-quick-start} ```nix -{ - services.jotta-cli.enable = true; -} +{ services.jotta-cli.enable = true; } ``` This adds `jotta-cli` to `environment.systemPackages` and starts a user service that runs `jottad` with the default options. diff --git a/nixos/modules/services/networking/mosquitto.md b/nixos/modules/services/networking/mosquitto.md index 66b3ad6cfa8f..53b5beb16b89 100644 --- a/nixos/modules/services/networking/mosquitto.md +++ b/nixos/modules/services/networking/mosquitto.md @@ -10,11 +10,13 @@ A minimal configuration for Mosquitto is { services.mosquitto = { enable = true; - listeners = [ { - acl = [ "pattern readwrite #" ]; - omitPasswordAuth = true; - settings.allow_anonymous = true; - } ]; + listeners = [ + { + acl = [ "pattern readwrite #" ]; + omitPasswordAuth = true; + settings.allow_anonymous = true; + } + ]; }; } ``` @@ -30,18 +32,20 @@ like { services.mosquitto = { enable = true; - listeners = [ { - users = { - monitor = { - acl = [ "read #" ]; - password = "monitor"; + listeners = [ + { + users = { + monitor = { + acl = [ "read #" ]; + password = "monitor"; + }; + service = { + acl = [ "write service/#" ]; + password = "service"; + }; }; - service = { - acl = [ "write service/#" ]; - password = "service"; - }; - }; - } ]; + } + ]; }; } ``` @@ -52,15 +56,17 @@ TLS authentication is configured by setting TLS-related options of the listener: { services.mosquitto = { enable = true; - listeners = [ { - port = 8883; # port change is not required, but helpful to avoid mistakes - # ... - settings = { - cafile = "/path/to/mqtt.ca.pem"; - certfile = "/path/to/mqtt.pem"; - keyfile = "/path/to/mqtt.key"; - }; - } ]; + listeners = [ + { + port = 8883; # port change is not required, but helpful to avoid mistakes + # ... + settings = { + cafile = "/path/to/mqtt.ca.pem"; + certfile = "/path/to/mqtt.pem"; + keyfile = "/path/to/mqtt.key"; + }; + } + ]; }; } ``` diff --git a/nixos/modules/services/networking/netbird.md b/nixos/modules/services/networking/netbird.md index 876c27cb0d22..37e104795237 100644 --- a/nixos/modules/services/networking/netbird.md +++ b/nixos/modules/services/networking/netbird.md @@ -5,9 +5,7 @@ The absolute minimal configuration for the Netbird client daemon looks like this: ```nix -{ - services.netbird.enable = true; -} +{ services.netbird.enable = true; } ``` This will set up a netbird service listening on the port `51820` associated to the diff --git a/nixos/modules/services/networking/pleroma.md b/nixos/modules/services/networking/pleroma.md index c2313fd63e6a..b2a366a0fd38 100644 --- a/nixos/modules/services/networking/pleroma.md +++ b/nixos/modules/services/networking/pleroma.md @@ -47,34 +47,34 @@ This is an example of configuration, where [](#opt-services.pleroma.configs) opt secretConfigFile = "/var/lib/pleroma/secrets.exs"; configs = [ '' - import Config + import Config - config :pleroma, Pleroma.Web.Endpoint, - url: [host: "pleroma.example.net", scheme: "https", port: 443], - http: [ip: {127, 0, 0, 1}, port: 4000] + config :pleroma, Pleroma.Web.Endpoint, + url: [host: "pleroma.example.net", scheme: "https", port: 443], + http: [ip: {127, 0, 0, 1}, port: 4000] - config :pleroma, :instance, - name: "Test", - email: "admin@example.net", - notify_email: "admin@example.net", - limit: 5000, - registrations_open: true + config :pleroma, :instance, + name: "Test", + email: "admin@example.net", + notify_email: "admin@example.net", + limit: 5000, + registrations_open: true - config :pleroma, :media_proxy, - enabled: false, - redirect_on_failure: true + config :pleroma, :media_proxy, + enabled: false, + redirect_on_failure: true - config :pleroma, Pleroma.Repo, - adapter: Ecto.Adapters.Postgres, - username: "pleroma", - database: "pleroma", - hostname: "localhost" + config :pleroma, Pleroma.Repo, + adapter: Ecto.Adapters.Postgres, + username: "pleroma", + database: "pleroma", + hostname: "localhost" - # Configure web push notifications - config :web_push_encryption, :vapid_details, - subject: "mailto:admin@example.net" + # Configure web push notifications + config :web_push_encryption, :vapid_details, + subject: "mailto:admin@example.net" - # ... TO CONTINUE ... + # ... TO CONTINUE ... '' ]; }; diff --git a/nixos/modules/services/networking/prosody.md b/nixos/modules/services/networking/prosody.md index d6eee4e29f0a..f3042dedd163 100644 --- a/nixos/modules/services/networking/prosody.md +++ b/nixos/modules/services/networking/prosody.md @@ -33,16 +33,14 @@ endpoint will look like this: ssl.cert = "/var/lib/acme/example.org/fullchain.pem"; ssl.key = "/var/lib/acme/example.org/key.pem"; virtualHosts."example.org" = { - enabled = true; - domain = "example.org"; - ssl.cert = "/var/lib/acme/example.org/fullchain.pem"; - ssl.key = "/var/lib/acme/example.org/key.pem"; + enabled = true; + domain = "example.org"; + ssl.cert = "/var/lib/acme/example.org/fullchain.pem"; + ssl.key = "/var/lib/acme/example.org/key.pem"; }; - muc = [ { - domain = "conference.example.org"; - } ]; + muc = [ { domain = "conference.example.org"; } ]; uploadHttp = { - domain = "upload.example.org"; + domain = "upload.example.org"; }; }; } @@ -68,7 +66,10 @@ a TLS certificate for the three endponits: "example.org" = { webroot = "/var/www/example.org"; email = "root@example.org"; - extraDomainNames = [ "conference.example.org" "upload.example.org" ]; + extraDomainNames = [ + "conference.example.org" + "upload.example.org" + ]; }; }; }; diff --git a/nixos/modules/services/networking/yggdrasil.md b/nixos/modules/services/networking/yggdrasil.md index 7b899f9d6ddb..1b6f1868a434 100644 --- a/nixos/modules/services/networking/yggdrasil.md +++ b/nixos/modules/services/networking/yggdrasil.md @@ -17,8 +17,8 @@ An annotated example of a simple configuration: services.yggdrasil = { enable = true; persistentKeys = false; - # The NixOS module will generate new keys and a new IPv6 address each time - # it is started if persistentKeys is not enabled. + # The NixOS module will generate new keys and a new IPv6 address each time + # it is started if persistentKeys is not enabled. settings = { Peers = [ @@ -44,13 +44,17 @@ let address = "210:5217:69c0:9afc:1b95:b9f:8718:c3d2"; prefix = "310:5217:69c0:9afc"; # taken from the output of "yggdrasilctl getself". -in { +in +{ services.yggdrasil = { enable = true; persistentKeys = true; # Maintain a fixed public key and IPv6 address. settings = { - Peers = [ "tcp://1.2.3.4:1024" "tcp://1.2.3.5:1024" ]; + Peers = [ + "tcp://1.2.3.4:1024" + "tcp://1.2.3.5:1024" + ]; NodeInfo = { # This information is visible to the network. name = config.networking.hostName; @@ -60,13 +64,15 @@ in { }; boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1; - # Forward traffic under the prefix. + # Forward traffic under the prefix. - networking.interfaces.${eth0}.ipv6.addresses = [{ - # Set a 300::/8 address on the local physical device. - address = prefix + "::1"; - prefixLength = 64; - }]; + networking.interfaces.${eth0}.ipv6.addresses = [ + { + # Set a 300::/8 address on the local physical device. + address = prefix + "::1"; + prefixLength = 64; + } + ]; services.radvd = { # Announce the 300::/8 prefix to eth0. @@ -93,7 +99,7 @@ host: ```nix let yggPrefix64 = "310:5217:69c0:9afc"; - # Again, taken from the output of "yggdrasilctl getself". + # Again, taken from the output of "yggdrasilctl getself". in { boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1; @@ -105,10 +111,12 @@ in interfaces.br0 = { # … configured with a prefix address. - ipv6.addresses = [{ - address = "${yggPrefix64}::1"; - prefixLength = 64; - }]; + ipv6.addresses = [ + { + address = "${yggPrefix64}::1"; + prefixLength = 64; + } + ]; }; }; @@ -117,24 +125,30 @@ in privateNetwork = true; hostBridge = "br0"; # Attach the container to the bridge only. - config = { config, pkgs, ... }: { - networking.interfaces.eth0.ipv6 = { - addresses = [{ - # Configure a prefix address. - address = "${yggPrefix64}::2"; - prefixLength = 64; - }]; - routes = [{ - # Configure the prefix route. - address = "200::"; - prefixLength = 7; - via = "${yggPrefix64}::1"; - }]; - }; + config = + { config, pkgs, ... }: + { + networking.interfaces.eth0.ipv6 = { + addresses = [ + { + # Configure a prefix address. + address = "${yggPrefix64}::2"; + prefixLength = 64; + } + ]; + routes = [ + { + # Configure the prefix route. + address = "200::"; + prefixLength = 7; + via = "${yggPrefix64}::1"; + } + ]; + }; - services.httpd.enable = true; - networking.firewall.allowedTCPPorts = [ 80 ]; - }; + services.httpd.enable = true; + networking.firewall.allowedTCPPorts = [ 80 ]; + }; }; } diff --git a/nixos/modules/services/search/meilisearch.md b/nixos/modules/services/search/meilisearch.md index db53777e063d..5f906ae9ed96 100644 --- a/nixos/modules/services/search/meilisearch.md +++ b/nixos/modules/services/search/meilisearch.md @@ -7,9 +7,7 @@ Meilisearch is a lightweight, fast and powerful search engine. Think elastic sea the minimum to start meilisearch is ```nix -{ - services.meilisearch.enable = true; -} +{ services.meilisearch.enable = true; } ``` this will start the http server included with meilisearch on port 7700. diff --git a/nixos/modules/services/system/kerberos/kerberos-server.md b/nixos/modules/services/system/kerberos/kerberos-server.md index ba3b1057f382..4aa883b8e68b 100644 --- a/nixos/modules/services/system/kerberos/kerberos-server.md +++ b/nixos/modules/services/system/kerberos/kerberos-server.md @@ -30,7 +30,15 @@ To enable a Kerberos server: enable = true; settings = { realms."EXAMPLE.COM" = { - acl = [{ principal = "adminuser"; access= ["add" "cpw"]; }]; + acl = [ + { + principal = "adminuser"; + access = [ + "add" + "cpw" + ]; + } + ]; }; }; }; diff --git a/nixos/modules/services/system/systemd-lock-handler.md b/nixos/modules/services/system/systemd-lock-handler.md index ac9ee00ae4bc..779fdab3b44d 100644 --- a/nixos/modules/services/system/systemd-lock-handler.md +++ b/nixos/modules/services/system/systemd-lock-handler.md @@ -17,17 +17,17 @@ For example, to create a service for `swaylock`: systemd.user.services.swaylock = { description = "Screen locker for Wayland"; - documentation = ["man:swaylock(1)"]; + documentation = [ "man:swaylock(1)" ]; # If swaylock exits cleanly, unlock the session: - onSuccess = ["unlock.target"]; + onSuccess = [ "unlock.target" ]; # When lock.target is stopped, stops this too: - partOf = ["lock.target"]; + partOf = [ "lock.target" ]; # Delay lock.target until this service is ready: - before = ["lock.target"]; - wantedBy = ["lock.target"]; + before = [ "lock.target" ]; + wantedBy = [ "lock.target" ]; serviceConfig = { # systemd will consider this service started when swaylock forks... diff --git a/nixos/modules/services/web-apps/akkoma.md b/nixos/modules/services/web-apps/akkoma.md index 13b074b228a4..e05ab034de2d 100644 --- a/nixos/modules/services/web-apps/akkoma.md +++ b/nixos/modules/services/web-apps/akkoma.md @@ -139,9 +139,8 @@ received by the instance. ```nix { - services.akkoma.config.":pleroma".":mrf".policies = - map (pkgs.formats.elixirConf { }).lib.mkRaw [ - "Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy" + services.akkoma.config.":pleroma".":mrf".policies = map (pkgs.formats.elixirConf { }).lib.mkRaw [ + "Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy" ]; } ``` @@ -171,29 +170,35 @@ derivation. ```nix { - services.akkoma.frontends.primary.package = pkgs.runCommand "akkoma-fe" { - config = builtins.toJSON { - expertLevel = 1; - collapseMessageWithSubject = false; - stopGifs = false; - replyVisibility = "following"; - webPushHideIfCW = true; - hideScopeNotice = true; - renderMisskeyMarkdown = false; - hideSiteFavicon = true; - postContentType = "text/markdown"; - showNavShortcuts = false; - }; - nativeBuildInputs = with pkgs; [ jq xorg.lndir ]; - passAsFile = [ "config" ]; - } '' - mkdir $out - lndir ${pkgs.akkoma-frontends.akkoma-fe} $out + services.akkoma.frontends.primary.package = + pkgs.runCommand "akkoma-fe" + { + config = builtins.toJSON { + expertLevel = 1; + collapseMessageWithSubject = false; + stopGifs = false; + replyVisibility = "following"; + webPushHideIfCW = true; + hideScopeNotice = true; + renderMisskeyMarkdown = false; + hideSiteFavicon = true; + postContentType = "text/markdown"; + showNavShortcuts = false; + }; + nativeBuildInputs = with pkgs; [ + jq + xorg.lndir + ]; + passAsFile = [ "config" ]; + } + '' + mkdir $out + lndir ${pkgs.akkoma-frontends.akkoma-fe} $out - rm $out/static/config.json - jq -s add ${pkgs.akkoma-frontends.akkoma-fe}/static/config.json ${config} \ - >$out/static/config.json - ''; + rm $out/static/config.json + jq -s add ${pkgs.akkoma-frontends.akkoma-fe}/static/config.json ${config} \ + >$out/static/config.json + ''; } ``` @@ -212,15 +217,11 @@ of the fediverse and providing a pleasant experience to the users of an instance ```nix { services.akkoma.config.":pleroma" = with (pkgs.formats.elixirConf { }).lib; { - ":mrf".policies = map mkRaw [ - "Pleroma.Web.ActivityPub.MRF.SimplePolicy" - ]; + ":mrf".policies = map mkRaw [ "Pleroma.Web.ActivityPub.MRF.SimplePolicy" ]; ":mrf_simple" = { # Tag all media as sensitive - media_nsfw = mkMap { - "nsfw.weird.kinky" = "Untagged NSFW content"; - }; + media_nsfw = mkMap { "nsfw.weird.kinky" = "Untagged NSFW content"; }; # Reject all activities except deletes reject = mkMap { @@ -244,11 +245,12 @@ the file name. ```nix { services.akkoma.config.":pleroma"."Pleroma.Upload".filters = - map (pkgs.formats.elixirConf { }).lib.mkRaw [ - "Pleroma.Upload.Filter.Exiftool" - "Pleroma.Upload.Filter.Dedupe" - "Pleroma.Upload.Filter.AnonymizeFilename" - ]; + map (pkgs.formats.elixirConf { }).lib.mkRaw + [ + "Pleroma.Upload.Filter.Exiftool" + "Pleroma.Upload.Filter.Dedupe" + "Pleroma.Upload.Filter.AnonymizeFilename" + ]; } ``` @@ -322,9 +324,7 @@ details. The Akkoma systemd service may be confined to a chroot with ```nix -{ - services.systemd.akkoma.confinement.enable = true; -} +{ services.systemd.akkoma.confinement.enable = true; } ``` Confinement of services is not generally supported in NixOS and therefore disabled by default. diff --git a/nixos/modules/services/web-apps/c2fmzq-server.md b/nixos/modules/services/web-apps/c2fmzq-server.md index d8e59b3ad210..3eb44d7d9499 100644 --- a/nixos/modules/services/web-apps/c2fmzq-server.md +++ b/nixos/modules/services/web-apps/c2fmzq-server.md @@ -5,9 +5,7 @@ including but not limited to pictures and videos. The service `c2fmzq-server` can be enabled by setting ```nix -{ - services.c2fmzq-server.enable = true; -} +{ services.c2fmzq-server.enable = true; } ``` This will spin up an instance of the server which is API-compatible with [Stingle Photos](https://stingle.org) and an experimental Progressive Web App diff --git a/nixos/modules/services/web-apps/castopod.md b/nixos/modules/services/web-apps/castopod.md index 5ecd807686fd..6c654c6ad363 100644 --- a/nixos/modules/services/web-apps/castopod.md +++ b/nixos/modules/services/web-apps/castopod.md @@ -9,7 +9,10 @@ Use the following configuration to start a public instance of Castopod on `casto ```nix { - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; services.castopod = { enable = true; database.createLocally = true; diff --git a/nixos/modules/services/web-apps/filesender.md b/nixos/modules/services/web-apps/filesender.md index bb971fb984e5..0f768857e905 100644 --- a/nixos/modules/services/web-apps/filesender.md +++ b/nixos/modules/services/web-apps/filesender.md @@ -10,10 +10,13 @@ Minimal working instance of FileSender that uses password-authentication would l ```nix let - format = pkgs.formats.php {}; + format = pkgs.formats.php { }; in { - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; services.filesender = { enable = true; localDomain = "filesender.example.com"; diff --git a/nixos/modules/services/web-apps/gotosocial.md b/nixos/modules/services/web-apps/gotosocial.md index b3540f0d5811..f498fdbef506 100644 --- a/nixos/modules/services/web-apps/gotosocial.md +++ b/nixos/modules/services/web-apps/gotosocial.md @@ -33,7 +33,10 @@ HTTP reverse proxy such as nginx. ```nix { - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; services.nginx = { enable = true; clientMaxBodySize = "40M"; diff --git a/nixos/modules/services/web-apps/jitsi-meet.md b/nixos/modules/services/web-apps/jitsi-meet.md index 705cf69274ca..6ac8b8a0b6e9 100644 --- a/nixos/modules/services/web-apps/jitsi-meet.md +++ b/nixos/modules/services/web-apps/jitsi-meet.md @@ -13,7 +13,10 @@ A minimal configuration using Let's Encrypt for TLS certificates looks like this hostName = "jitsi.example.com"; }; services.jitsi-videobridge.openFirewall = true; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; security.acme.email = "me@example.com"; security.acme.acceptTerms = true; } @@ -46,7 +49,10 @@ Here is the minimal configuration with additional configurations: }; }; services.jitsi-videobridge.openFirewall = true; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; security.acme.email = "me@example.com"; security.acme.acceptTerms = true; } diff --git a/nixos/modules/services/web-apps/keycloak.md b/nixos/modules/services/web-apps/keycloak.md index 4036885ce151..4bf8c9fcad71 100644 --- a/nixos/modules/services/web-apps/keycloak.md +++ b/nixos/modules/services/web-apps/keycloak.md @@ -132,7 +132,7 @@ A basic configuration with some custom settings could look like this: hostname = "keycloak.example.com"; hostname-strict-backchannel = true; }; - initialAdminPassword = "e6Wcm0RrtegMEHl"; # change on first login + initialAdminPassword = "e6Wcm0RrtegMEHl"; # change on first login sslCertificate = "/run/keys/ssl_cert"; sslCertificateKey = "/run/keys/ssl_key"; database.passwordFile = "/run/keys/db_password"; diff --git a/nixos/modules/services/web-apps/nextcloud.md b/nixos/modules/services/web-apps/nextcloud.md index 3ae19e1f8ad5..0c038347c913 100644 --- a/nixos/modules/services/web-apps/nextcloud.md +++ b/nixos/modules/services/web-apps/nextcloud.md @@ -38,7 +38,10 @@ A very basic configuration may look like this: }; }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; } ``` @@ -69,7 +72,8 @@ Custom service units that need to run `nextcloud-occ` either need elevated privi or the systemd configuration from `nextcloud-setup.service` (recommended): ```nix -{ config, ... }: { +{ config, ... }: +{ systemd.services.my-custom-service = { script = '' nextcloud-occ … @@ -78,7 +82,8 @@ or the systemd configuration from `nextcloud-setup.service` (recommended): inherit (config.systemd.services.nextcloud-cron.serviceConfig) User LoadCredential - KillMode; + KillMode + ; }; }; } @@ -208,9 +213,7 @@ release notes when upgrading. the cache size to zero: ```nix - { - services.nextcloud.phpOptions."realpath_cache_size" = "0"; - } + { services.nextcloud.phpOptions."realpath_cache_size" = "0"; } ``` - **Empty Files on chunked uploads** @@ -233,13 +236,19 @@ settings `listen.owner` & `listen.group` in the An exemplary configuration may look like this: ```nix -{ config, lib, pkgs, ... }: { +{ + config, + lib, + pkgs, + ... +}: +{ services.nginx.enable = false; services.nextcloud = { enable = true; hostName = "localhost"; - /* further, required options */ + # further, required options }; services.phpfpm.pools.nextcloud.settings = { "listen.owner" = config.services.httpd.user; @@ -287,7 +296,8 @@ When using this setting, apps can no longer be managed statefully because this c that are managed by Nix: ```nix -{ config, pkgs, ... }: { +{ config, pkgs, ... }: +{ services.nextcloud.extraApps = with config.services.nextcloud.package.packages.apps; { inherit user_oidc calendar contacts; }; @@ -338,7 +348,7 @@ in NixOS for a safe upgrade-path before removing those. In that case we should k packages, but mark them as insecure in an expression like this (in ``): ```nix -/* ... */ +# ... { nextcloud17 = generic { version = "17.0.x"; diff --git a/nixos/modules/services/web-apps/pict-rs.md b/nixos/modules/services/web-apps/pict-rs.md index 56c51e0d7259..9cc0b3cbf9b3 100644 --- a/nixos/modules/services/web-apps/pict-rs.md +++ b/nixos/modules/services/web-apps/pict-rs.md @@ -7,9 +7,7 @@ pict-rs is a a simple image hosting service. the minimum to start pict-rs is ```nix -{ - services.pict-rs.enable = true; -} +{ services.pict-rs.enable = true; } ``` this will start the http server on port 8080 by default. diff --git a/nixos/modules/services/web-servers/garage.md b/nixos/modules/services/web-servers/garage.md index c51e4b060147..8af0b87e7a5d 100644 --- a/nixos/modules/services/web-servers/garage.md +++ b/nixos/modules/services/web-servers/garage.md @@ -72,7 +72,7 @@ in NixOS for a safe upgrade-path before removing those. In that case we should k packages, but mark them as insecure in an expression like this (in ``): ```nix -/* ... */ +# ... { garage_1_2_0 = generic { version = "1.2.0"; diff --git a/nixos/modules/services/x11/desktop-managers/pantheon.md b/nixos/modules/services/x11/desktop-managers/pantheon.md index c964321d4814..f4c488bf6dec 100644 --- a/nixos/modules/services/x11/desktop-managers/pantheon.md +++ b/nixos/modules/services/x11/desktop-managers/pantheon.md @@ -6,9 +6,7 @@ Pantheon is the desktop environment created for the elementary OS distribution. All of Pantheon is working in NixOS and the applications should be available, aside from a few [exceptions](https://github.com/NixOS/nixpkgs/issues/58161). To enable Pantheon, set ```nix -{ - services.xserver.desktopManager.pantheon.enable = true; -} +{ services.xserver.desktopManager.pantheon.enable = true; } ``` This automatically enables LightDM and Pantheon's LightDM greeter. If you'd like to disable this, set ```nix @@ -19,9 +17,7 @@ This automatically enables LightDM and Pantheon's LightDM greeter. If you'd like ``` but please be aware using Pantheon without LightDM as a display manager will break screenlocking from the UI. The NixOS module for Pantheon installs all of Pantheon's default applications. If you'd like to not install Pantheon's apps, set ```nix -{ - services.pantheon.apps.enable = false; -} +{ services.pantheon.apps.enable = false; } ``` You can also use [](#opt-environment.pantheon.excludePackages) to remove any other app (like `elementary-mail`). @@ -37,18 +33,11 @@ to configure the programs with plugs or indicators. The difference in NixOS is both these programs are patched to load plugins from a directory that is the value of an environment variable. All of which is controlled in Nix. If you need to configure the particular packages manually you can override the packages like: ```nix wingpanel-with-indicators.override { - indicators = [ - pkgs.some-special-indicator - ]; + indicators = [ pkgs.some-special-indicator ]; } - ``` ```nix -switchboard-with-plugs.override { - plugs = [ - pkgs.some-special-plug - ]; -} +switchboard-with-plugs.override { plugs = [ pkgs.some-special-plug ]; } ``` please note that, like how the NixOS options describe these as extra plugins, this would only add to the default plugins included with the programs. If for some reason you'd like to configure which plugins to use exactly, both packages have an argument for this: ```nix diff --git a/nixos/modules/system/boot/clevis.md b/nixos/modules/system/boot/clevis.md index 39edc0fc38df..c428747b3c23 100644 --- a/nixos/modules/system/boot/clevis.md +++ b/nixos/modules/system/boot/clevis.md @@ -40,16 +40,12 @@ For more complete documentation on how to generate a secret with clevis, see the In order to activate unattended decryption of a resource at boot, enable the `clevis` module: ```nix -{ - boot.initrd.clevis.enable = true; -} +{ boot.initrd.clevis.enable = true; } ``` Then, specify the device you want to decrypt using a given clevis secret. Clevis will automatically try to decrypt the device at boot and will fallback to interactive unlocking if the decryption policy is not fulfilled. ```nix -{ - boot.initrd.clevis.devices."/dev/nvme0n1p1".secretFile = ./nvme0n1p1.jwe; -} +{ boot.initrd.clevis.devices."/dev/nvme0n1p1".secretFile = ./nvme0n1p1.jwe; } ``` Only `bcachefs`, `zfs` and `luks` encrypted devices are supported at this time. diff --git a/nixos/modules/system/boot/loader/external/external.md b/nixos/modules/system/boot/loader/external/external.md index 4f5b559dfc40..1982bdfe5d8b 100644 --- a/nixos/modules/system/boot/loader/external/external.md +++ b/nixos/modules/system/boot/loader/external/external.md @@ -12,7 +12,8 @@ FooBoot provides a program at `${pkgs.fooboot}/bin/fooboot-install` which takes You can enable FooBoot like this: ```nix -{ pkgs, ... }: { +{ pkgs, ... }: +{ boot.loader.external = { enable = true; installHook = "${pkgs.fooboot}/bin/fooboot-install"; diff --git a/pkgs/README.md b/pkgs/README.md index eff9421efbfb..14a4fc355fb5 100644 --- a/pkgs/README.md +++ b/pkgs/README.md @@ -610,9 +610,7 @@ In the following cases, a `.patch` file _should_ be added to Nixpkgs repository, The latter avoids link rot when the upstream abandons, squashes or rebases their change, in which case the commit may get garbage-collected. ```nix -{ - patches = [ ./0001-add-missing-include.patch ]; -} +{ patches = [ ./0001-add-missing-include.patch ]; } ``` If you do need to do create this sort of patch file, one way to do so is with git: @@ -719,13 +717,14 @@ Here in the nixpkgs manual we describe mostly _package tests_; for _module tests For very simple tests, they can be written inline: ```nix -{ /* ... , */ yq-go }: +# ... , +{ yq-go }: buildGoModule rec { # … passthru.tests = { - simple = runCommand "${pname}-test" {} '' + simple = runCommand "${pname}-test" { } '' echo "test: 1" | ${yq-go}/bin/yq eval -j > $out [ "$(cat $out | tr -d $'\n ')" = '{"test":1}' ] ''; @@ -749,16 +748,26 @@ stdenv.mkDerivation (finalAttrs: { ```nix # my-package/example.nix -{ runCommand, lib, my-package, ... }: -runCommand "my-package-test" { - nativeBuildInputs = [ my-package ]; - src = lib.sources.sourcesByRegex ./. [ ".*.in" ".*.expected" ]; -} '' - my-package --help - my-package example.actual - diff -U3 --color=auto example.expected example.actual - mkdir $out -'' +{ + runCommand, + lib, + my-package, + ... +}: +runCommand "my-package-test" + { + nativeBuildInputs = [ my-package ]; + src = lib.sources.sourcesByRegex ./. [ + ".*.in" + ".*.expected" + ]; + } + '' + my-package --help + my-package example.actual + diff -U3 --color=auto example.expected example.actual + mkdir $out + '' ``` ### Writing larger package tests @@ -769,7 +778,12 @@ This is an example using the `phoronix-test-suite` package with the current best Add the tests in `passthru.tests` to the package definition like this: ```nix -{ stdenv, lib, fetchurl, callPackage }: +{ + stdenv, + lib, + fetchurl, + callPackage, +}: stdenv.mkDerivation { # … @@ -778,7 +792,9 @@ stdenv.mkDerivation { simple-execution = callPackage ./tests.nix { }; }; - meta = { /* … */ }; + meta = { + # … + }; } ``` @@ -789,22 +805,21 @@ Create `tests.nix` in the package directory: let inherit (phoronix-test-suite) pname version; -in -runCommand "${pname}-tests" { meta.timeout = 60; } - '' - # automatic initial setup to prevent interactive questions - ${phoronix-test-suite}/bin/phoronix-test-suite enterprise-setup >/dev/null - # get version of installed program and compare with package version - if [[ `${phoronix-test-suite}/bin/phoronix-test-suite version` != *"${version}"* ]]; then - echo "Error: program version does not match package version" - exit 1 - fi - # run dummy command - ${phoronix-test-suite}/bin/phoronix-test-suite dummy_module.dummy-command >/dev/null - # needed for Nix to register the command as successful - touch $out - '' +in +runCommand "${pname}-tests" { meta.timeout = 60; } '' + # automatic initial setup to prevent interactive questions + ${phoronix-test-suite}/bin/phoronix-test-suite enterprise-setup >/dev/null + # get version of installed program and compare with package version + if [[ `${phoronix-test-suite}/bin/phoronix-test-suite version` != *"${version}"* ]]; then + echo "Error: program version does not match package version" + exit 1 + fi + # run dummy command + ${phoronix-test-suite}/bin/phoronix-test-suite dummy_module.dummy-command >/dev/null + # needed for Nix to register the command as successful + touch $out +'' ``` ### Running package tests @@ -833,7 +848,11 @@ Like [package tests][larger-package-tests] as shown above, [NixOS module tests]( For example, assuming we're packaging `nginx`, we can link its module test via `passthru.tests`: ```nix -{ stdenv, lib, nixosTests }: +{ + stdenv, + lib, + nixosTests, +}: stdenv.mkDerivation { # ... @@ -902,7 +921,11 @@ The `passthru.updateScript` attribute can contain one of the following: { stdenv }: stdenv.mkDerivation { # ... - passthru.updateScript = [ ../../update.sh pname "--requested-release=unstable" ]; + passthru.updateScript = [ + ../../update.sh + pname + "--requested-release=unstable" + ]; } ``` @@ -927,9 +950,14 @@ The `passthru.updateScript` attribute can contain one of the following: pname = "my-package"; # ... passthru.updateScript = { - command = [ ../../update.sh pname ]; + command = [ + ../../update.sh + pname + ]; attrPath = pname; - supportedFeatures = [ /* ... */ ]; + supportedFeatures = [ + # ... + ]; }; } ``` diff --git a/pkgs/applications/emulators/libretro/README.md b/pkgs/applications/emulators/libretro/README.md index ca494d29e8a9..2de2e61e4852 100644 --- a/pkgs/applications/emulators/libretro/README.md +++ b/pkgs/applications/emulators/libretro/README.md @@ -22,16 +22,18 @@ this: { pkgs, ... }: let - retroarchWithCores = (pkgs.retroarch.withCores (cores: with cores; [ - bsnes - mgba - quicknes - ])); + retroarchWithCores = ( + pkgs.retroarch.withCores ( + cores: with cores; [ + bsnes + mgba + quicknes + ] + ) + ); in { - environment.systemPackages = [ - retroarchWithCores - ]; + environment.systemPackages = [ retroarchWithCores ]; } ``` diff --git a/pkgs/by-name/README.md b/pkgs/by-name/README.md index 6853407a9a8d..4dcb6708a1c7 100644 --- a/pkgs/by-name/README.md +++ b/pkgs/by-name/README.md @@ -37,8 +37,7 @@ The `package.nix` may look like this: # The return value must be a derivation stdenv.mkDerivation { # ... - buildInputs = - lib.optional enableBar libbar; + buildInputs = lib.optional enableBar libbar; } ``` @@ -70,9 +69,7 @@ and override its value in [`pkgs/top-level/all-packages.nix`](../top-level/all-p ```nix { - libfoo = callPackage ../by-name/so/some-package/package.nix { - libbar = libbar_2; - }; + libfoo = callPackage ../by-name/so/some-package/package.nix { libbar = libbar_2; }; } ``` @@ -100,22 +97,15 @@ Definitions like the following however, _can_ be transitioned: ```nix # all-packages.nix { - fooWithBaz = foo.override { - bar = baz; - }; + fooWithBaz = foo.override { bar = baz; }; } ``` ```nix # turned into pkgs/by-name/fo/fooWithBaz/package.nix with: -{ - foo, - baz, -}: +{ foo, baz }: -foo.override { - bar = baz; -} +foo.override { bar = baz; } ``` ## Limitations @@ -187,10 +177,7 @@ because it establishes a clear connection between related attributes. This is not required, but the above solution also allows refactoring the definitions into a separate file: ```nix -{ - inherit (import ../tools/foo pkgs) - foo_1 foo_2; -} +{ inherit (import ../tools/foo pkgs) foo_1 foo_2; } ``` ```nix @@ -205,19 +192,19 @@ Alternatively using [`callPackages`](https://nixos.org/manual/nixpkgs/unstable/# if `callPackage` isn't used underneath and you want the same `.override` arguments for all attributes: ```nix -{ - inherit (callPackages ../tools/foo { }) - foo_1 foo_2; -} +{ inherit (callPackages ../tools/foo { }) foo_1 foo_2; } ``` ```nix # pkgs/tools/foo/default.nix +{ stdenv }: { - stdenv -}: { - foo_1 = stdenv.mkDerivation { /* ... */ }; - foo_2 = stdenv.mkDerivation { /* ... */ }; + foo_1 = stdenv.mkDerivation { + # ... + }; + foo_2 = stdenv.mkDerivation { + # ... + }; } ``` diff --git a/pkgs/by-name/az/azure-cli/README.md b/pkgs/by-name/az/azure-cli/README.md index 29964f91948b..c2d340db0b76 100644 --- a/pkgs/by-name/az/azure-cli/README.md +++ b/pkgs/by-name/az/azure-cli/README.md @@ -63,9 +63,7 @@ Based on this, you can add an attribute to `extensions-manual.nix`: url = "https://github.com/Azure/azure-devops-cli-extension/releases/download/20240206.1/azure_devops-${version}-py2.py3-none-any.whl"; sha256 = "658a2854d8c80f874f9382d421fa45abf6a38d00334737dda006f8dec64cf70a"; description = "Tools for managing Azure DevOps"; - propagatedBuildInputs = with python3Packages; [ - distro - ]; + propagatedBuildInputs = with python3Packages; [ distro ]; meta.maintainers = with lib.maintainers; [ katexochen ]; }; } diff --git a/pkgs/development/tcl-modules/by-name/README.md b/pkgs/development/tcl-modules/by-name/README.md index c65310524c1c..b8a083c19508 100644 --- a/pkgs/development/tcl-modules/by-name/README.md +++ b/pkgs/development/tcl-modules/by-name/README.md @@ -5,10 +5,11 @@ The structure of this directory is identical to the one described in The only difference is the scope: ```nix -{ lib -# You can get tclPackages attributes directly -, mkTclDerivation -, tcllib +{ + lib, + # You can get tclPackages attributes directly + mkTclDerivation, + tcllib, }: mkTclDerivation { diff --git a/pkgs/servers/home-assistant/custom-components/README.md b/pkgs/servers/home-assistant/custom-components/README.md index c51e6512538e..fc6f90dd95d2 100644 --- a/pkgs/servers/home-assistant/custom-components/README.md +++ b/pkgs/servers/home-assistant/custom-components/README.md @@ -19,9 +19,10 @@ versions into the Python environment. **Example Boilerplate:** ```nix -{ lib -, buildHomeAssistantComponent -, fetchFromGitHub +{ + lib, + buildHomeAssistantComponent, + fetchFromGitHub, }: buildHomeAssistantComponent { @@ -81,13 +82,9 @@ can be ignored on a per requirement basis. ```nix { - dependencies = [ - pyemvue - ]; + dependencies = [ pyemvue ]; # don't check the version constraint of pyemvue - ignoreVersionRequirement = [ - "pyemvue" - ]; + ignoreVersionRequirement = [ "pyemvue" ]; } ``` diff --git a/pkgs/servers/home-assistant/custom-lovelace-modules/README.md b/pkgs/servers/home-assistant/custom-lovelace-modules/README.md index 72f979d07f95..e9bf6de1a747 100644 --- a/pkgs/servers/home-assistant/custom-lovelace-modules/README.md +++ b/pkgs/servers/home-assistant/custom-lovelace-modules/README.md @@ -9,7 +9,5 @@ configured. The entrypoint used can be overridden in `passthru` like this: ```nix -{ - passthru.entrypoint = "demo-card-bundle.js"; -} +{ passthru.entrypoint = "demo-card-bundle.js"; } ```