pyrox.dev
+29
-21
CONTRIBUTING.md
+29
-21
CONTRIBUTING.md
······For functions that are truly generic in the number of arguments, but have some required arguments, you should write them using an `@`-pattern:···- Building lists conditionally _should_ be done with `lib.optional(s)` instead of using `if cond then [ ... ] else null` or `if cond then [ ... ] else [ ]`.
+1
-4
doc/build-helpers/fixed-point-arguments.chapter.md
+1
-4
doc/build-helpers/fixed-point-arguments.chapter.md
+2
-6
doc/build-helpers/images/appimagetools.section.md
+2
-6
doc/build-helpers/images/appimagetools.section.md
······
+1
-4
doc/build-helpers/images/binarycache.section.md
+1
-4
doc/build-helpers/images/binarycache.section.md
···The following derivation will construct a flat-file binary cache containing the closure of `hello`.
+1
-3
doc/build-helpers/images/dockertools.section.md
+1
-3
doc/build-helpers/images/dockertools.section.md
···
+1
-3
doc/build-helpers/images/ocitools.section.md
+1
-3
doc/build-helpers/images/ocitools.section.md
+13
-18
doc/build-helpers/special/checkpoint-build.section.md
+13
-18
doc/build-helpers/special/checkpoint-build.section.md
···However, we can tell Nix explicitly what the previous build state was, by representing that previous state as a derivation output. This allows the passed build state to be used for an incremental build.···
+3
-9
doc/build-helpers/testers.chapter.md
+3
-9
doc/build-helpers/testers.chapter.md
···+passthru.tests.pkg-config = testers.hasPkgConfigModules { package = finalAttrs.finalPackage; };······This example will run the command `hello --version`, and then check that the version of the `hello` package is in the output of the command.
+7
-6
doc/build-helpers/trivial-build-helpers.chapter.md
+7
-6
doc/build-helpers/trivial-build-helpers.chapter.md
············
+1
-1
doc/functions/generators.section.md
+1
-1
doc/functions/generators.section.md
+15
-6
doc/functions/nix-gitignore.section.md
+15
-6
doc/functions/nix-gitignore.section.md
···-src = nix-gitignore.gitignoreSourcePure [ "ignore-this\nignore-that\n" ~/.gitignore ] ./source;···
+1
-3
doc/hooks/breakpoint.section.md
+1
-3
doc/hooks/breakpoint.section.md
···This hook makes a build pause instead of stopping when a failure occurs. It prevents Nix from cleaning up the build environment immediately and allows the user to attach to the build environment. Upon a build error, it will print instructions that can be used to enter the environment for debugging. breakpointHook is only available on Linux. To use it, add `breakpointHook` to `nativeBuildInputs` in the package to be inspected.
+4
-10
doc/hooks/memcached-test-hook.section.md
+4
-10
doc/hooks/memcached-test-hook.section.md
······
+1
-3
doc/hooks/patch-rc-path-hooks.section.md
+1
-3
doc/hooks/patch-rc-path-hooks.section.md
+2
-6
doc/hooks/redis-test-hook.section.md
+2
-6
doc/hooks/redis-test-hook.section.md
······
+9
-13
doc/hooks/tauri.section.md
+9
-13
doc/hooks/tauri.section.md
···
+1
-3
doc/hooks/udevCheckHook.section.md
+1
-3
doc/hooks/udevCheckHook.section.md
+1
-3
doc/hooks/versionCheckHook.section.md
+1
-3
doc/hooks/versionCheckHook.section.md
+1
-3
doc/hooks/zig.section.md
+1
-3
doc/hooks/zig.section.md
+1
-3
doc/interoperability/cyclonedx.md
+1
-3
doc/interoperability/cyclonedx.md
+1
-3
doc/languages-frameworks/agda.section.md
+1
-3
doc/languages-frameworks/agda.section.md
+4
-14
doc/languages-frameworks/android.section.md
+4
-14
doc/languages-frameworks/android.section.md
···Use the `android-studio-full` attribute for a very complete Android SDK, including system images:······
+3
-11
doc/languages-frameworks/beam.section.md
+3
-11
doc/languages-frameworks/beam.section.md
·········
+2
-2
doc/languages-frameworks/chicken.section.md
+2
-2
doc/languages-frameworks/chicken.section.md
···
+2
-6
doc/languages-frameworks/coq.section.md
+2
-6
doc/languages-frameworks/coq.section.md
···For example, assuming you have a special `mathcomp` dependency you want to use, here is how you could override the `mathcomp` dependency:In Nixpkgs, all Coq derivations take a `version` argument. This can be overridden in order to easily use a different version:
+2
-6
doc/languages-frameworks/cuda.section.md
+2
-6
doc/languages-frameworks/cuda.section.md
···When using `callPackage`, you can choose to pass in a different variant, e.g. when a package requires a specific version of CUDA:···
+1
-3
doc/languages-frameworks/dhall.section.md
+1
-3
doc/languages-frameworks/dhall.section.md
···
+4
-4
doc/languages-frameworks/dotnet.section.md
+4
-4
doc/languages-frameworks/dotnet.section.md
······nugetDeps = ./deps.json; # see "Generating and updating NuGet dependencies" section for details-buildInputs = [ referencedProject ]; # `referencedProject` must contain `nupkg` in the folder structure.
+52
-55
doc/languages-frameworks/emscripten.section.md
+52
-55
doc/languages-frameworks/emscripten.section.md
···
+1
-4
doc/languages-frameworks/factor.section.md
+1
-4
doc/languages-frameworks/factor.section.md
···For instance, packaging the Bresenham algorithm for line interpolation looks like this, see `pkgs/development/compilers/factor-lang/vocabs/bresenham` for the complete file:
+1
-3
doc/languages-frameworks/gnome.section.md
+1
-3
doc/languages-frameworks/gnome.section.md
+2
-6
doc/languages-frameworks/go.section.md
+2
-6
doc/languages-frameworks/go.section.md
······
+5
-7
doc/languages-frameworks/haskell.section.md
+5
-7
doc/languages-frameworks/haskell.section.md
···············
+4
-12
doc/languages-frameworks/ios.section.md
+4
-12
doc/languages-frameworks/ios.section.md
············
+1
-5
doc/languages-frameworks/java.section.md
+1
-5
doc/languages-frameworks/java.section.md
···
+7
-17
doc/languages-frameworks/javascript.section.md
+7
-17
doc/languages-frameworks/javascript.section.md
······`pnpm.configHook` supports adding additional `pnpm install` flags via `pnpmInstallFlags` which can be set to a Nix string array:·········The `distPhase` is packing the package's dependencies in a tarball using `yarn pack`. You can disable it using:The configure phase can sometimes fail because it makes many assumptions which may not always apply. One common override is:······
+2
-8
doc/languages-frameworks/lisp.section.md
+2
-8
doc/languages-frameworks/lisp.section.md
······
+1
-3
doc/languages-frameworks/neovim.section.md
+1
-3
doc/languages-frameworks/neovim.section.md
···
+1
-3
doc/languages-frameworks/nim.section.md
+1
-3
doc/languages-frameworks/nim.section.md
+1
-3
doc/languages-frameworks/octave.section.md
+1
-3
doc/languages-frameworks/octave.section.md
+1
-7
doc/languages-frameworks/php.section.md
+1
-7
doc/languages-frameworks/php.section.md
···
+26
-89
doc/languages-frameworks/python.section.md
+26
-89
doc/languages-frameworks/python.section.md
······+lapack = super.toPythonModule (super.pkgs.lapack.override { lapackProvider = super.pkgs.mkl; });·······························································+myPythonPackages = python3Packages.override { overrides = self: super: { twisted = <...>; }; };
+1
-1
doc/languages-frameworks/qt.section.md
+1
-1
doc/languages-frameworks/qt.section.md
+6
-2
doc/languages-frameworks/ruby.section.md
+6
-2
doc/languages-frameworks/ruby.section.md
···-buildFlags = [ "--with-pg-config=${pkgs."postgresql_${pg_version}".pg_config}/bin/pg_config" ];···-buildFlags = [ "--with-pg-config=${pkgs."postgresql_${pg_version}".pg_config}/bin/pg_config" ];
+4
-12
doc/languages-frameworks/rust.section.md
+4
-12
doc/languages-frameworks/rust.section.md
······Per the instructions in the [Cargo Book](https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html)······
-1
doc/languages-frameworks/scheme.section.md
-1
doc/languages-frameworks/scheme.section.md
+4
-10
doc/languages-frameworks/swift.section.md
+4
-10
doc/languages-frameworks/swift.section.md
·········
+17
-25
doc/languages-frameworks/texlive.section.md
+17
-25
doc/languages-frameworks/texlive.section.md
······Therefore, it is necessary to set `$HOME` to a writable path, e.g. [before using LuaLaTeX in nix derivations](https://github.com/NixOS/nixpkgs/issues/180639):-env HOME=$(mktemp -d) lualatex -interaction=nonstopmode -output-format=pdf -output-directory=$out ./main.tex+env HOME=$(mktemp -d) lualatex -interaction=nonstopmode -output-format=pdf -output-directory=$out ./main.tex
+2
-7
doc/languages-frameworks/typst.section.md
+2
-7
doc/languages-frameworks/typst.section.md
······
+5
-11
doc/packages/cataclysm-dda.section.md
+5
-11
doc/packages/cataclysm-dda.section.md
·········
+1
-3
doc/packages/inkscape.section.md
+1
-3
doc/packages/inkscape.section.md
+1
-3
doc/packages/kakoune.section.md
+1
-3
doc/packages/kakoune.section.md
+1
-3
doc/packages/urxvt.section.md
+1
-3
doc/packages/urxvt.section.md
···If the plugin is itself a Perl package that needs to be imported from other plugins or scripts, add the following passthrough:
+1
-1
doc/release-notes/rl-2505.section.md
+1
-1
doc/release-notes/rl-2505.section.md
+6
-16
doc/stdenv/cross-compilation.chapter.md
+6
-16
doc/stdenv/cross-compilation.chapter.md
···Many packages assume that an unprefixed binutils (`cc`/`ar`/`ld` etc.) is available, but Nix doesn't provide one. It only provides a prefixed one, just as it only does for all the other binutils programs. It may be necessary to patch the package to fix the build system to use a prefix. For instance, instead of `cc`, use `${stdenv.cc.targetPrefix}cc`.#### How do I avoid compiling a GCC cross-compiler from source? {#cross-qa-avoid-compiling-gcc-cross-compiler}···#### My package’s testsuite needs to run host platform code. {#cross-testsuite-runs-host-code}···#### Package using Meson needs to run binaries for the host platform during build. {#cross-meson-runs-host-code}···+] ++ lib.optionals (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ mesonEmulatorHook ];
+2
-6
doc/stdenv/meta.chapter.md
+2
-6
doc/stdenv/meta.chapter.md
···The list of Nix platform types on which the package is supported. Hydra builds packages according to the platform specified. If no platform is specified, the package does not have prebuilt binaries. An example is:Attribute Set `lib.platforms` defines [various common lists](https://github.com/NixOS/nixpkgs/blob/master/lib/systems/doubles.nix) of platforms types.···
+5
-17
doc/stdenv/stdenv.chapter.md
+5
-17
doc/stdenv/stdenv.chapter.md
···+finalAttrs.finalPackage.overrideAttrs (newSelf: super: { packages = super.packages ++ packages'; });···A list of strings passed as additional flags to `make`. These flags are also used by the default install and check phase. For setting make flags specific to the build phase, use `buildFlags` (see below).···Controls whether the check phase is executed. By default it is skipped, but if `doCheck` is set to true, the check phase is usually executed. Thus you should setin the derivation to enable checks. The exception is cross compilation. Cross compiled builds never run tests, no matter how `doCheck` is set, as the newly-built program won’t run on the platform used to build it.······Controls whether the installCheck phase is executed. By default it is skipped, but if `doInstallCheck` is set to true, the installCheck phase is usually executed. Thus you should set
+6
-24
doc/using/configuration.chapter.md
+6
-24
doc/using/configuration.chapter.md
···A user's Nixpkgs configuration is stored in a user-specific configuration file located at `~/.config/nixpkgs/config.nix`. For example:···- For permanently allowing broken packages to be built, you may add `allowBroken = true;` to your user's configuration file, like this:···- For permanently allowing unsupported packages to be built, you may add `allowUnsupportedSystem = true;` to your user's configuration file, like this:The difference between a package being unsupported on some system and being broken is admittedly a bit fuzzy. If a program *ought* to work on a certain platform, but doesn't, the platform should be included in `meta.platforms`, but marked as broken with e.g. `meta.broken = !hostPlatform.isWindows`. Of course, this begs the question of what "ought" means exactly. That is left to the package maintainer.···This option is a function which accepts a package as a parameter, and returns a boolean. The following example configuration accepts a package and always returns false:For a more useful example, try the following. This configuration only allows unfree packages named roon-server and visual studio code:···The following example configuration permits the installation of the hypothetically insecure package `hello`, version `1.2.3`:- It is also possible to create a custom policy around which insecure packages to allow and deny, by overriding the `allowInsecurePredicate` configuration option.···
+6
-18
doc/using/overlays.chapter.md
+6
-18
doc/using/overlays.chapter.md
·········
+3
-13
doc/using/overrides.chapter.md
+3
-13
doc/using/overrides.chapter.md
·········Function arguments can be omitted entirely if there is no need to access `previousAttrs` or `finalAttrs`.
+2
-4
maintainers/README.md
+2
-4
maintainers/README.md
···
+2
-4
nixos/doc/manual/administration/container-networking.section.md
+2
-4
nixos/doc/manual/administration/container-networking.section.md
······
+2
-6
nixos/doc/manual/administration/control-groups.chapter.md
+2
-6
nixos/doc/manual/administration/control-groups.chapter.md
······
+7
-6
nixos/doc/manual/administration/declarative-containers.section.md
+7
-6
nixos/doc/manual/administration/declarative-containers.section.md
···
+1
-3
nixos/doc/manual/administration/service-mgmt.chapter.md
+1
-3
nixos/doc/manual/administration/service-mgmt.chapter.md
+52
-36
nixos/doc/manual/configuration/abstractions.section.md
+52
-36
nixos/doc/manual/configuration/abstractions.section.md
···It defines two virtual hosts with nearly identical configuration; the only difference is the document root directories. To prevent this duplication, we can use a `let`:······
+3
-4
nixos/doc/manual/configuration/ad-hoc-network-config.section.md
+3
-4
nixos/doc/manual/configuration/ad-hoc-network-config.section.md
+11
-13
nixos/doc/manual/configuration/adding-custom-packages.section.md
+11
-13
nixos/doc/manual/configuration/adding-custom-packages.section.md
·········
+6
-3
nixos/doc/manual/configuration/config-file.section.md
+6
-3
nixos/doc/manual/configuration/config-file.section.md
·········
+12
-14
nixos/doc/manual/configuration/customizing-packages.section.md
+12
-14
nixos/doc/manual/configuration/customizing-packages.section.md
·········
+1
-3
nixos/doc/manual/configuration/declarative-packages.section.md
+1
-3
nixos/doc/manual/configuration/declarative-packages.section.md
+4
-4
nixos/doc/manual/configuration/file-systems.chapter.md
+4
-4
nixos/doc/manual/configuration/file-systems.chapter.md
+13
-6
nixos/doc/manual/configuration/firewall.section.md
+13
-6
nixos/doc/manual/configuration/firewall.section.md
·········
+7
-28
nixos/doc/manual/configuration/gpu-accel.chapter.md
+7
-28
nixos/doc/manual/configuration/gpu-accel.chapter.md
·········+environment.variables.VK_ICD_FILENAMES = "/run/opengl-driver/share/vulkan/icd.d/radeon_icd.x86_64.json";···
+7
-7
nixos/doc/manual/configuration/ipv4-config.section.md
+7
-7
nixos/doc/manual/configuration/ipv4-config.section.md
······
+8
-10
nixos/doc/manual/configuration/ipv6-config.section.md
+8
-10
nixos/doc/manual/configuration/ipv6-config.section.md
······
+6
-7
nixos/doc/manual/configuration/kubernetes.chapter.md
+6
-7
nixos/doc/manual/configuration/kubernetes.chapter.md
······
+17
-19
nixos/doc/manual/configuration/linux-kernel.chapter.md
+17
-19
nixos/doc/manual/configuration/linux-kernel.chapter.md
··················
+4
-7
nixos/doc/manual/configuration/luks-file-systems.section.md
+4
-7
nixos/doc/manual/configuration/luks-file-systems.section.md
······-boot.initrd.luks.devices."/dev/sda2".fido2.credential = "f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7";+"f1d00200108b9d6e849a8b388da457688e3dd653b4e53770012d8f28e5d3b269865038c346802f36f3da7278b13ad6a3bb6a1452e24ebeeaa24ba40eef559b1b287d2a2f80b7";···
+3
-5
nixos/doc/manual/configuration/mattermost.chapter.md
+3
-5
nixos/doc/manual/configuration/mattermost.chapter.md
···
+21
-16
nixos/doc/manual/configuration/modularity.section.md
+21
-16
nixos/doc/manual/configuration/modularity.section.md
··················
+5
-7
nixos/doc/manual/configuration/network-manager.section.md
+5
-7
nixos/doc/manual/configuration/network-manager.section.md
·········
+1
-5
nixos/doc/manual/configuration/profiles.chapter.md
+1
-5
nixos/doc/manual/configuration/profiles.chapter.md
···
+2
-5
nixos/doc/manual/configuration/ssh.section.md
+2
-5
nixos/doc/manual/configuration/ssh.section.md
······+users.users.alice.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAB3NzaC1kc3MAAACBAPIkGWVEt4..." ];
+19
-18
nixos/doc/manual/configuration/sshfs-file-systems.section.md
+19
-18
nixos/doc/manual/configuration/sshfs-file-systems.section.md
···More options from `ssh_config(5)` can be given as well, for example you can change the default SSH port or specify a jump proxy:
+28
-19
nixos/doc/manual/configuration/subversion.chapter.md
+28
-19
nixos/doc/manual/configuration/subversion.chapter.md
······-{ name = "authz_svn"; path = "${pkgs.apacheHttpdPackages.subversion}/modules/mod_authz_svn.so"; }
+9
-16
nixos/doc/manual/configuration/user-mgmt.chapter.md
+9
-16
nixos/doc/manual/configuration/user-mgmt.chapter.md
··················
+1
-3
nixos/doc/manual/configuration/wayland.chapter.md
+1
-3
nixos/doc/manual/configuration/wayland.chapter.md
+8
-7
nixos/doc/manual/configuration/wireless.section.md
+8
-7
nixos/doc/manual/configuration/wireless.section.md
······
+14
-32
nixos/doc/manual/configuration/x-windows.chapter.md
+14
-32
nixos/doc/manual/configuration/x-windows.chapter.md
·································
+15
-10
nixos/doc/manual/development/assertions.section.md
+15
-10
nixos/doc/manual/development/assertions.section.md
······
+2
-1
nixos/doc/manual/development/bootspec.chapter.md
+2
-1
nixos/doc/manual/development/bootspec.chapter.md
···An example for SecureBoot is to get the Nix store path to `/etc/os-release` in order to bake it into a unified kernel image:
+2
-6
nixos/doc/manual/development/etc-overlay.section.md
+2
-6
nixos/doc/manual/development/etc-overlay.section.md
······
+2
-1
nixos/doc/manual/development/freeform-modules.section.md
+2
-1
nixos/doc/manual/development/freeform-modules.section.md
+11
-6
nixos/doc/manual/development/importing-modules.section.md
+11
-6
nixos/doc/manual/development/importing-modules.section.md
···
+6
-1
nixos/doc/manual/development/meta-attributes.section.md
+6
-1
nixos/doc/manual/development/meta-attributes.section.md
+2
-1
nixos/doc/manual/development/non-switchable-systems.section.md
+2
-1
nixos/doc/manual/development/non-switchable-systems.section.md
+52
-43
nixos/doc/manual/development/option-declarations.section.md
+52
-43
nixos/doc/manual/development/option-declarations.section.md
······Creates an Option attribute set for an option that specifies the package a module should use for some purpose.···-example = lib.literalExpression "pkgs.haskell.packages.ghc92.ghc.withPackages (hkgs: [ hkgs.primes ])";+example = lib.literalExpression "pkgs.haskell.packages.ghc92.ghc.withPackages (hkgs: [ hkgs.primes ])";-description = "The pytorch package to use. This is an example and doesn't actually do anything.";+description = "The pytorch package to use. This is an example and doesn't actually do anything.";···+services.xserver.displayManager.enable = mkOption { type = with types; nullOr (enum [ "gdm" ]); };···+services.xserver.displayManager.enable = mkOption { type = with types; nullOr (enum [ "sddm" ]); };
+50
-33
nixos/doc/manual/development/option-def.section.md
+50
-33
nixos/doc/manual/development/option-def.section.md
······························
+38
-36
nixos/doc/manual/development/option-types.section.md
+38
-36
nixos/doc/manual/development/option-types.section.md
··················
+18
-8
nixos/doc/manual/development/replace-modules.section.md
+18
-8
nixos/doc/manual/development/replace-modules.section.md
······
+3
-1
nixos/doc/manual/development/running-nixos-tests-interactively.section.md
+3
-1
nixos/doc/manual/development/running-nixos-tests-interactively.section.md
+15
-6
nixos/doc/manual/development/settings-options.section.md
+15
-6
nixos/doc/manual/development/settings-options.section.md
············
+60
-37
nixos/doc/manual/development/writing-modules.chapter.md
+60
-37
nixos/doc/manual/development/writing-modules.chapter.md
··················
+33
-29
nixos/doc/manual/development/writing-nixos-tests.section.md
+33
-29
nixos/doc/manual/development/writing-nixos-tests.section.md
······Tests that are part of NixOS are added to [`nixos/tests/all-tests.nix`](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/all-tests.nix).···············
+39
-29
nixos/doc/manual/installation/building-images-via-systemd-repart.chapter.md
+39
-29
nixos/doc/manual/installation/building-images-via-systemd-repart.chapter.md
······
+4
-1
nixos/doc/manual/installation/building-nixos.chapter.md
+4
-1
nixos/doc/manual/installation/building-nixos.chapter.md
+1
-3
nixos/doc/manual/installation/changing-config.chapter.md
+1
-3
nixos/doc/manual/installation/changing-config.chapter.md
+1
-3
nixos/doc/manual/installation/installing-from-other-distro.section.md
+1
-3
nixos/doc/manual/installation/installing-from-other-distro.section.md
+4
-7
nixos/doc/manual/installation/installing-kexec.section.md
+4
-7
nixos/doc/manual/installation/installing-kexec.section.md
···
+7
-8
nixos/doc/manual/installation/installing-virtualbox-guest.section.md
+7
-8
nixos/doc/manual/installation/installing-virtualbox-guest.section.md
······
+1
-3
nixos/doc/manual/installation/upgrading.chapter.md
+1
-3
nixos/doc/manual/installation/upgrading.chapter.md
+3
-9
nixos/doc/manual/release-notes/rl-1404.section.md
+3
-9
nixos/doc/manual/release-notes/rl-1404.section.md
···- Systemd units provided by packages can now be overridden from the NixOS configuration. For instance, if a package `foo` provides systemd units, you can say:···- Nixpkgs no longer exposes unfree packages by default. If your NixOS configuration requires unfree packages from Nixpkgs, you need to enable support for them explicitly by setting:···- The firewall is now enabled by default. If you don't want this, you need to disable it explicitly:
+1
-3
nixos/doc/manual/release-notes/rl-1412.section.md
+1
-3
nixos/doc/manual/release-notes/rl-1412.section.md
···- The default version of Apache httpd is now 2.4. If you use the `extraConfig` option to pass literal Apache configuration text, you may need to update it --- see [Apache's documentation](http://httpd.apache.org/docs/2.4/upgrading.html) for details. If you wish to continue to use httpd 2.2, add the following line to your NixOS configuration:
+23
-14
nixos/doc/manual/release-notes/rl-1509.section.md
+23
-14
nixos/doc/manual/release-notes/rl-1509.section.md
···This will cause the system to periodically check for updates in your current channel and run `nixos-rebuild`.···- `sshd` no longer supports DSA and ECDSA host keys by default. If you have existing systems with such host keys and want to continue to use them, please setThe new option `system.stateVersion` ensures that certain configuration changes that could break existing systems (such as the `sshd` host key setting) will maintain compatibility with the specified NixOS release. NixOps sets the state version of existing deployments automatically.·········
+23
-10
nixos/doc/manual/release-notes/rl-1603.section.md
+23
-10
nixos/doc/manual/release-notes/rl-1603.section.md
···- Gitit is no longer automatically added to the module list in NixOS and as such there will not be any manual entries for it. You will need to add an import statement to your NixOS configuration in order to use it, e.g.···············
+1
-3
nixos/doc/manual/release-notes/rl-1609.section.md
+1
-3
nixos/doc/manual/release-notes/rl-1609.section.md
···- Revamped grsecurity/PaX support. There is now only a single general-purpose distribution kernel and the configuration interface has been streamlined. Desktop users should be able to set
+14
-4
nixos/doc/manual/release-notes/rl-1703.section.md
+14
-4
nixos/doc/manual/release-notes/rl-1703.section.md
···- Autoloading connection tracking helpers is now disabled by default. This default was also changed in the Linux kernel and is considered insecure if not configured properly in your firewall. If you need connection tracking helpers (i.e. for active FTP) please enable `networking.firewall.autoLoadConntrackHelpers` and tune `networking.firewall.connectionTrackingModules` to suit your needs.
+2
-1
nixos/doc/manual/release-notes/rl-1709.section.md
+2
-1
nixos/doc/manual/release-notes/rl-1709.section.md
···- The module option `services.xserver.xrandrHeads` now causes the first head specified in this list to be set as the primary head. Apart from that, it's now possible to also set additional options by using an attribute set, for example:
+4
-2
nixos/doc/manual/release-notes/rl-1803.section.md
+4
-2
nixos/doc/manual/release-notes/rl-1803.section.md
+11
-5
nixos/doc/manual/release-notes/rl-1809.section.md
+11
-5
nixos/doc/manual/release-notes/rl-1809.section.md
······
+26
-27
nixos/doc/manual/release-notes/rl-1903.section.md
+26
-27
nixos/doc/manual/release-notes/rl-1903.section.md
···
+31
-24
nixos/doc/manual/release-notes/rl-2003.section.md
+31
-24
nixos/doc/manual/release-notes/rl-2003.section.md
···- The testing driver implementation in NixOS is now in Python `make-test-python.nix`. This was done by Jacek Galowicz ([\@tfc](https://github.com/tfc)), and with the collaboration of Julian Stecklina ([\@blitz](https://github.com/blitz)) and Jana Traue ([\@jtraue](https://github.com/jtraue)). All documentation has been updated to use this testing driver, and a vast majority of the 286 tests in NixOS were ported to python driver. In 20.09 the Perl driver implementation, `make-test.nix`, is slated for removal. This should give users of the NixOS integration framework a transitory period to rewrite their tests to use the Python implementation. Users of the Perl driver will see this warning everytime they use it:···············- At first, an older version of Hydra needs to be deployed which adds those (nullable) columns. When having set [stateVersion ](options.html#opt-system.stateVersion) to a value older than `20.03`, this package will be selected by default from the module when upgrading. Otherwise, the package can be deployed using the following config:···-services.nginx.appendConfig = let cfg = config.services.nginx; in ''user ${cfg.user} ${cfg.group};'';···- If you use `postgresql` and configured your synapse initially on `19.09` or older, you need to enable postgresql-support explicitly:
+17
-26
nixos/doc/manual/release-notes/rl-2009.section.md
+17
-26
nixos/doc/manual/release-notes/rl-2009.section.md
······- MySQL server is now started with additional systemd sandbox/hardening options for better security. The PrivateTmp, ProtectHome, and ProtectSystem options may be problematic when MySQL is attempting to read from or write to your filesystem anywhere outside of its own state directory, for example when calling `LOAD DATA INFILE or SELECT * INTO OUTFILE`. In this scenario a variant of the following may be required: - allow MySQL to read from /home and /tmp directories when using `LOAD DATA INFILE`\- allow MySQL to write to custom folder `/var/data` when using `SELECT * INTO OUTFILE`, assuming the mysql user has write access to `/var/data`The MySQL service no longer runs its `systemd` service startup script as `root` anymore. A dedicated non `root` super user account is required for operation. This means users with an existing MySQL or MariaDB database server are required to run the following SQL statements as a super admin user before upgrading:······- Nginx web server now starting with additional sandbox/hardening options. By default, write access to `/var/log/nginx` and `/var/cache/nginx` is allowed. To allow writing to other folders, use `systemd.services.nginx.serviceConfig.ReadWritePaths`Nginx is also started with the systemd option `ProtectHome = mkDefault true;` which forbids it to read anything from `/home`, `/root` and `/run/user` (see [ProtectHome docs](https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProtectHome=) for details). If you require serving files from home directories, you may choose to set e.g.- The NixOS options `nesting.clone` and `nesting.children` have been deleted, and replaced with named [specialisation](options.html#opt-specialisation) configurations.···- The [services.postgresql.dataDir](options.html#opt-services.postgresql.dataDir) option is now set to `"/var/lib/postgresql/${cfg.package.psqlSchema}"` regardless of your [system.stateVersion](options.html#opt-system.stateVersion). Users with an existing postgresql install that have a [system.stateVersion](options.html#opt-system.stateVersion) of `17.03` or below should double check what the value of their [services.postgresql.dataDir](options.html#opt-services.postgresql.dataDir) option is (`/var/db/postgresql`) and then explicitly set this value to maintain compatibility:The postgresql module now expects there to be a database super user account called `postgres` regardless of your [system.stateVersion](options.html#opt-system.stateVersion). Users with an existing postgresql install that have a [system.stateVersion](options.html#opt-system.stateVersion) of `17.03` or below should run the following SQL statements as a database super admin user before upgrading:···Also, connection to the RPC (Remote Procedure Call) of `transmission-daemon` is now only available on the local network interface by default. Use:···
+25
-27
nixos/doc/manual/release-notes/rl-2105.section.md
+25
-27
nixos/doc/manual/release-notes/rl-2105.section.md
···- The `mediatomb` service is now using by default the new and maintained fork `gerbera` package instead of the unmaintained `mediatomb` package. If you want to keep the old behavior, you must declare it with:One new option `openFirewall` has been introduced which defaults to false. If you relied on the service declaration to add the firewall rules itself before, you should now declare it with:- xfsprogs was update from 4.19 to 5.11. It now enables reflink support by default on filesystem creation. Support for reflinks was added with an experimental status to kernel 4.9 and deemed stable in kernel 4.16. If you want to be able to mount XFS filesystems created with this release of xfsprogs on kernel releases older than those, you need to format them with `mkfs.xfs -m reflink=0`.······- The attribute `mpi` is now consistently used to provide a default, system-wide MPI implementation. The default implementation is openmpi, which has been used before by all derivations affects by this change. Note that all packages that have used `mpi ? null` in the input for optional MPI builds, have been changed to the boolean input parameter `useMpi` to enable building with MPI. Building all packages with `mpich` instead of the default `openmpi` can now be achieved like this:- The Searx module has been updated with the ability to configure the service declaratively and uWSGI integration. The option `services.searx.configFile` has been renamed to [services.searx.settingsFile](options.html#opt-services.searx.settingsFile) for consistency with the new [services.searx.settings](options.html#opt-services.searx.settings). In addition, the `searx` uid and gid reservations have been removed since they were not necessary: the service is now running with a dynamically allocated uid.············- [Xfce4](https://www.xfce.org/) relies on GIO/GVfs for userspace virtual filesystem access in applications like [thunar](https://docs.xfce.org/xfce/thunar/) and [gigolo](https://docs.xfce.org/apps/gigolo/). For that to work, the gvfs nixos service is enabled by default, and it can be configured with the specific package that provides GVfs. Until now Xfce4 was setting it to use a lighter version of GVfs (without support for samba). To avoid conflicts with other desktop environments this setting has been dropped. Users that still want it should add the following to their system configuration:- The newly enabled `systemd-pstore.service` now automatically evacuates crashdumps and panic logs from the persistent storage to `/var/lib/systemd/pstore`. This prevents NVRAM from filling up, which ensures the latest diagnostic data is always stored and alleviates problems with writing new boot configurations.
+1
-1
nixos/doc/manual/release-notes/rl-2111.section.md
+1
-1
nixos/doc/manual/release-notes/rl-2111.section.md
+42
-33
nixos/doc/manual/release-notes/rl-2205.section.md
+42
-33
nixos/doc/manual/release-notes/rl-2205.section.md
·········-"subsystem=undertow"."server=default-server"."http-listener=default".proxy-address-forwarding = true;+"subsystem=undertow"."server=default-server"."http-listener=default".proxy-address-forwarding =
+3
-11
nixos/doc/manual/release-notes/rl-2211.section.md
+3
-11
nixos/doc/manual/release-notes/rl-2211.section.md
···- `services.github-runner` and `services.github-runners.<name>` gained the option `serviceOverrides` which allows overriding the systemd `serviceConfig`. If you have been overriding the systemd service configuration (i.e., by defining `systemd.services.github-runner.serviceConfig`), you have to use the `serviceOverrides` option now. Example:<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->······
+13
-15
nixos/doc/manual/release-notes/rl-2305.section.md
+13
-15
nixos/doc/manual/release-notes/rl-2305.section.md
···- NixOS now defaults to using [nsncd](https://github.com/twosigma/nsncd), a non-caching reimplementation of nscd in Rust, as its NSS lookup dispatcher. This replaces the buggy and deprecated nscd implementation provided through glibc. When you find problems, you can switch back by disabling it:- The internal option `boot.bootspec.enable` is now enabled by default because [RFC 0125](https://github.com/NixOS/rfcs/pull/125) was merged. This means you will have a bootspec document called `boot.json` generated for each system and specialisation in the top-level. This is useful to enable advanced boot use cases in NixOS, such as Secure Boot.······- PostgreSQL has added opt-in support for [JIT compilation](https://www.postgresql.org/docs/current/jit-reason.html). It can be enabled like this:- `services.netdata` offers a [`services.netdata.deadlineBeforeStopSec`](#opt-services.netdata.deadlineBeforeStopSec) option which will control the deadline (in seconds) after which systemd will consider your netdata instance as dead if it didn't start in the elapsed time. It is helpful when your netdata instance takes longer to start because of a large amount of state or upgrades.
+7
-5
nixos/doc/manual/release-notes/rl-2311.section.md
+7
-5
nixos/doc/manual/release-notes/rl-2311.section.md
·········
+3
-4
nixos/doc/manual/release-notes/rl-2405.section.md
+3
-4
nixos/doc/manual/release-notes/rl-2405.section.md
······+environment.systemPackages = [ (azure-cli.withExtensions [ azure-cli.extensions.aks-preview ]) ];
+42
-22
nixos/doc/manual/release-notes/rl-2411.section.md
+42
-22
nixos/doc/manual/release-notes/rl-2411.section.md
·········If you need to upgrade to 24.11 without having completed the migration, consider the security implications of weak password hashes on your user accounts, and add the following to your configuration:services.portunus.ldap.package = pkgs.openldap.override { libxcrypt = pkgs.libxcrypt-legacy; };···-{ keys = [ 113 ]; events = [ "key" ]; command = "${alsa-utils}/bin/amixer -q set Master toggle"; }-{ keys = [ 114 ]; events = [ "key" "rep" ]; command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}- unmute"; }-{ keys = [ 115 ]; events = [ "key" "rep" ]; command = "${alsa-utils}/bin/amixer -q set Master ${volumeStep}+ unmute"; }-{ keys = [ 190 ]; events = [ "key" ]; command = "${alsa-utils}/bin/amixer -q set Capture toggle"; }
+5
-1
nixos/doc/manual/release-notes/rl-2505.section.md
+5
-1
nixos/doc/manual/release-notes/rl-2505.section.md
+14
-3
nixos/modules/i18n/input-method/default.md
+14
-3
nixos/modules/i18n/input-method/default.md
·········
+4
-14
nixos/modules/programs/digitalbitbox/default.md
+4
-14
nixos/modules/programs/digitalbitbox/default.md
············
+1
-3
nixos/modules/programs/plotinus.md
+1
-3
nixos/modules/programs/plotinus.md
+6
-4
nixos/modules/programs/zsh/oh-my-zsh.md
+6
-4
nixos/modules/programs/zsh/oh-my-zsh.md
······
+33
-23
nixos/modules/security/acme/default.md
+33
-23
nixos/modules/security/acme/default.md
······
+21
-16
nixos/modules/services/backup/borgbackup.md
+21
-16
nixos/modules/services/backup/borgbackup.md
·········
+2
-6
nixos/modules/services/databases/foundationdb.md
+2
-6
nixos/modules/services/databases/foundationdb.md
······
+52
-47
nixos/modules/services/databases/postgresql.md
+52
-47
nixos/modules/services/databases/postgresql.md
···By default, PostgreSQL stores its databases in {file}`/var/lib/postgresql/$psqlSchema`. You can override this using [](#opt-services.postgresql.dataDir), e.g.············They are packaged as plugins and can be made available in the same way as external extensions:······This makes sure that the [`jit`](https://www.postgresql.org/docs/current/runtime-config-query.html#GUC-JIT)-setting······* When using [`TABLESPACE`](https://www.postgresql.org/docs/current/manage-ag-tablespaces.html)s, make sure to add the filesystem paths to `ReadWritePaths` like this:+systemd.services.postgresql.serviceConfig.ReadWritePaths = [ "/path/to/tablespace/location" ];
+1
-3
nixos/modules/services/databases/tigerbeetle.md
+1
-3
nixos/modules/services/databases/tigerbeetle.md
···
+4
-12
nixos/modules/services/desktop-managers/gnome.md
+4
-12
nixos/modules/services/desktop-managers/gnome.md
············GNOME Flashback provides a desktop environment based on the classic GNOME 2 architecture. You can enable the default GNOME Flashback session, which uses the Metacity window manager, with:
+1
-3
nixos/modules/services/desktops/flatpak.md
+1
-3
nixos/modules/services/desktops/flatpak.md
+8
-10
nixos/modules/services/development/athens.md
+8
-10
nixos/modules/services/development/athens.md
·········
+3
-4
nixos/modules/services/development/blackfire.md
+3
-4
nixos/modules/services/development/blackfire.md
···To use it, you will need to enable the agent and the probe on your server. The exact method will depend on the way you use PHP but here is an example of NixOS configuration for PHP-FPM:
+4
-1
nixos/modules/services/development/livebook.md
+4
-1
nixos/modules/services/development/livebook.md
+58
-41
nixos/modules/services/editors/emacs.md
+58
-41
nixos/modules/services/editors/emacs.md
··················
+46
-35
nixos/modules/services/hardware/display.md
+46
-35
nixos/modules/services/hardware/display.md
···············-hardware.display.edid.modelines."PG278Q_60" = " 241.50 2560 2608 2640 2720 1440 1443 1448 1481 -hsync +vsync";-hardware.display.edid.modelines."PG278Q_120" = " 497.75 2560 2608 2640 2720 1440 1443 1448 1525 +hsync -vsync";···-hardware.display.edid.modelines."PG278Q_60" = " 241.50 2560 2608 2640 2720 1440 1443 1448 1481 -hsync +vsync";-hardware.display.edid.modelines."PG278Q_120" = " 497.75 2560 2608 2640 2720 1440 1443 1448 1525 +hsync -vsync";
+13
-7
nixos/modules/services/mail/mailman.md
+13
-7
nixos/modules/services/mail/mailman.md
······Mailman also supports other MTA, though with a little bit more configuration. For example, to use Mailman with Exim, you can use the following settings:
+1
-3
nixos/modules/services/matrix/maubot.md
+1
-3
nixos/modules/services/matrix/maubot.md
···
+5
-9
nixos/modules/services/matrix/mjolnir.md
+5
-9
nixos/modules/services/matrix/mjolnir.md
······
+25
-14
nixos/modules/services/matrix/synapse.md
+25
-14
nixos/modules/services/matrix/synapse.md
···[installation instructions of Synapse](https://element-hq.github.io/synapse/latest/setup/installation.html) .············
+1
-3
nixos/modules/services/misc/anki-sync-server.md
+1
-3
nixos/modules/services/misc/anki-sync-server.md
···
+2
-2
nixos/modules/services/misc/dump1090-fa.md
+2
-2
nixos/modules/services/misc/dump1090-fa.md
···Exposing the integrated web interface is left to the user's configuration. Below is a minimal example demonstrating how to serve it using Nginx:···
+2
-2
nixos/modules/services/misc/forgejo.md
+2
-2
nixos/modules/services/misc/forgejo.md
······
+3
-1
nixos/modules/services/misc/gitlab.md
+3
-1
nixos/modules/services/misc/gitlab.md
+1
-3
nixos/modules/services/misc/paisa.md
+1
-3
nixos/modules/services/misc/paisa.md
+2
-2
nixos/modules/services/monitoring/parsedmarc.md
+2
-2
nixos/modules/services/monitoring/parsedmarc.md
······
+29
-17
nixos/modules/services/monitoring/prometheus/exporters.md
+29
-17
nixos/modules/services/monitoring/prometheus/exporters.md
············
+17
-17
nixos/modules/services/network-filesystems/litestream/default.md
+17
-17
nixos/modules/services/network-filesystems/litestream/default.md
···-systemd.services.grafana.serviceConfig.ExecStartPost = "+" + pkgs.writeShellScript "grant-grafana-permissions" ''···
+1
-3
nixos/modules/services/network-filesystems/samba.md
+1
-3
nixos/modules/services/network-filesystems/samba.md
+5
-2
nixos/modules/services/networking/anubis.md
+5
-2
nixos/modules/services/networking/anubis.md
······
+1
-1
nixos/modules/services/networking/atalkd.md
+1
-1
nixos/modules/services/networking/atalkd.md
+1
-3
nixos/modules/services/networking/crab-hole.md
+1
-3
nixos/modules/services/networking/crab-hole.md
···To give the crab-hole service access to these files, the group which owns the certificate can be added as a supplementary group to the service.
+4
-1
nixos/modules/services/networking/doh-server.md
+4
-1
nixos/modules/services/networking/doh-server.md
+1
-3
nixos/modules/services/networking/jotta-cli.md
+1
-3
nixos/modules/services/networking/jotta-cli.md
···
+31
-25
nixos/modules/services/networking/mosquitto.md
+31
-25
nixos/modules/services/networking/mosquitto.md
·········
+1
-3
nixos/modules/services/networking/netbird.md
+1
-3
nixos/modules/services/networking/netbird.md
+22
-22
nixos/modules/services/networking/pleroma.md
+22
-22
nixos/modules/services/networking/pleroma.md
···
+10
-9
nixos/modules/services/networking/prosody.md
+10
-9
nixos/modules/services/networking/prosody.md
······
+46
-32
nixos/modules/services/networking/yggdrasil.md
+46
-32
nixos/modules/services/networking/yggdrasil.md
··················
+1
-3
nixos/modules/services/search/meilisearch.md
+1
-3
nixos/modules/services/search/meilisearch.md
+9
-1
nixos/modules/services/system/kerberos/kerberos-server.md
+9
-1
nixos/modules/services/system/kerberos/kerberos-server.md
+5
-5
nixos/modules/services/system/systemd-lock-handler.md
+5
-5
nixos/modules/services/system/systemd-lock-handler.md
···
+39
-39
nixos/modules/services/web-apps/akkoma.md
+39
-39
nixos/modules/services/web-apps/akkoma.md
···+services.akkoma.config.":pleroma".":mrf".policies = map (pkgs.formats.elixirConf { }).lib.mkRaw [············
+1
-3
nixos/modules/services/web-apps/c2fmzq-server.md
+1
-3
nixos/modules/services/web-apps/c2fmzq-server.md
···
+4
-1
nixos/modules/services/web-apps/castopod.md
+4
-1
nixos/modules/services/web-apps/castopod.md
+5
-2
nixos/modules/services/web-apps/filesender.md
+5
-2
nixos/modules/services/web-apps/filesender.md
···
+8
-2
nixos/modules/services/web-apps/jitsi-meet.md
+8
-2
nixos/modules/services/web-apps/jitsi-meet.md
······
+1
-1
nixos/modules/services/web-apps/keycloak.md
+1
-1
nixos/modules/services/web-apps/keycloak.md
···
+20
-10
nixos/modules/services/web-apps/nextcloud.md
+20
-10
nixos/modules/services/web-apps/nextcloud.md
·····················
+1
-3
nixos/modules/services/web-apps/pict-rs.md
+1
-3
nixos/modules/services/web-apps/pict-rs.md
+1
-1
nixos/modules/services/web-servers/garage.md
+1
-1
nixos/modules/services/web-servers/garage.md
+4
-15
nixos/modules/services/x11/desktop-managers/pantheon.md
+4
-15
nixos/modules/services/x11/desktop-managers/pantheon.md
···All of Pantheon is working in NixOS and the applications should be available, aside from a few [exceptions](https://github.com/NixOS/nixpkgs/issues/58161). To enable Pantheon, setThis automatically enables LightDM and Pantheon's LightDM greeter. If you'd like to disable this, set···but please be aware using Pantheon without LightDM as a display manager will break screenlocking from the UI. The NixOS module for Pantheon installs all of Pantheon's default applications. If you'd like to not install Pantheon's apps, setYou can also use [](#opt-environment.pantheon.excludePackages) to remove any other app (like `elementary-mail`).···The difference in NixOS is both these programs are patched to load plugins from a directory that is the value of an environment variable. All of which is controlled in Nix. If you need to configure the particular packages manually you can override the packages like:please note that, like how the NixOS options describe these as extra plugins, this would only add to the default plugins included with the programs. If for some reason you'd like to configure which plugins to use exactly, both packages have an argument for this:
+2
-6
nixos/modules/system/boot/clevis.md
+2
-6
nixos/modules/system/boot/clevis.md
···Then, specify the device you want to decrypt using a given clevis secret. Clevis will automatically try to decrypt the device at boot and will fallback to interactive unlocking if the decryption policy is not fulfilled.
+2
-1
nixos/modules/system/boot/loader/external/external.md
+2
-1
nixos/modules/system/boot/loader/external/external.md
+64
-36
pkgs/README.md
+64
-36
pkgs/README.md
···The latter avoids link rot when the upstream abandons, squashes or rebases their change, in which case the commit may get garbage-collected.··················For example, assuming we're packaging `nginx`, we can link its module test via `passthru.tests`:······
+10
-8
pkgs/applications/emulators/libretro/README.md
+10
-8
pkgs/applications/emulators/libretro/README.md
···
+14
-27
pkgs/by-name/README.md
+14
-27
pkgs/by-name/README.md
············This is not required, but the above solution also allows refactoring the definitions into a separate file:···if `callPackage` isn't used underneath and you want the same `.override` arguments for all attributes:
+1
-3
pkgs/by-name/az/azure-cli/README.md
+1
-3
pkgs/by-name/az/azure-cli/README.md
···url = "https://github.com/Azure/azure-devops-cli-extension/releases/download/20240206.1/azure_devops-${version}-py2.py3-none-any.whl";
+5
-4
pkgs/development/tcl-modules/by-name/README.md
+5
-4
pkgs/development/tcl-modules/by-name/README.md
+6
-9
pkgs/servers/home-assistant/custom-components/README.md
+6
-9
pkgs/servers/home-assistant/custom-components/README.md
······