From 57d9bc4ce2093c0815e3989f391b57297732d10d Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:15:25 +0200 Subject: [PATCH 01/17] Docs: init chapter Profiles with section All Hardware --- .../manual/configuration/configuration.xml | 1 + nixos/doc/manual/configuration/profiles.xml | 29 +++++++++++++++++++ .../configuration/profiles/all-hardware.xml | 20 +++++++++++++ 3 files changed, 50 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles.xml create mode 100644 nixos/doc/manual/configuration/profiles/all-hardware.xml diff --git a/nixos/doc/manual/configuration/configuration.xml b/nixos/doc/manual/configuration/configuration.xml index 8d05dcd34b4d..cebc4122c6c6 100644 --- a/nixos/doc/manual/configuration/configuration.xml +++ b/nixos/doc/manual/configuration/configuration.xml @@ -22,5 +22,6 @@ + diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml new file mode 100644 index 000000000000..bf669174d665 --- /dev/null +++ b/nixos/doc/manual/configuration/profiles.xml @@ -0,0 +1,29 @@ + + Profiles + + In some cases, it may be desirable to take advantage of commonly-used, + predefined configurations provided by nixpkgs, but different from those that + come as default. This is a role fulfilled by NixOS's Profiles, which come as + files living in <nixpkgs/nixos/modules/profiles>. + That is to say, expected usage is to add them to the imports list of your + /etc/configuration.nix as such: + + + imports = [ + <nixpkgs/nixos/modules/profiles/profile-name.nix> + ]; + + + Even if some of these profiles seem only useful in the context of + install media, many are actually intended to be used in real installs. + + + What follows is a brief explanation on the purpose and use-case for each + profile. Detailing each option configured by each one is out of scope. + + + diff --git a/nixos/doc/manual/configuration/profiles/all-hardware.xml b/nixos/doc/manual/configuration/profiles/all-hardware.xml new file mode 100644 index 000000000000..172975199474 --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/all-hardware.xml @@ -0,0 +1,20 @@ + +
+ All Hardware + + Enables all hardware supported by NixOS: i.e., all firmware is + included, and all devices from which one may boot are enabled in the initrd. + Its primary use is in the NixOS installation CDs. + + + The enabled kernel modules include support for SATA and PATA, SCSI + (partially), USB, Firewire (untested), Virtio (QEMU, KVM, etc.), VMware, and + Hyper-V. Additionally, is + enabled, and the firmware for the ZyDAS ZD1211 chipset is specifically + installed. + +
From 4c02d4cb5548d354ab2cd018185ffb170d0fa7cc Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:16:06 +0200 Subject: [PATCH 02/17] Docs: init section Base in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + nixos/doc/manual/configuration/profiles/base.xml | 15 +++++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/base.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index bf669174d665..d2982875f2ad 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -26,4 +26,5 @@ profile. Detailing each option configured by each one is out of scope. + diff --git a/nixos/doc/manual/configuration/profiles/base.xml b/nixos/doc/manual/configuration/profiles/base.xml new file mode 100644 index 000000000000..f58a35d626ed --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/base.xml @@ -0,0 +1,15 @@ + +
+ Base + + Defines the software packages included in the "minimal" + installation CD. It installs several utilities useful in a simple recovery or + install media, such as a text-mode web browser, and tools for manipulating + block devices, networking, hardware diagnostics, and filesystems (with their + respective kernel modules). + +
From e6445abe640f3748a9c95e460ee3d0b1651a1a8e Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:17:07 +0200 Subject: [PATCH 03/17] Docs: Stub for section Clone Config in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + .../manual/configuration/profiles/clone-config.xml | 11 +++++++++++ 2 files changed, 12 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/clone-config.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index d2982875f2ad..bbc9e84392a7 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -27,4 +27,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/clone-config.xml b/nixos/doc/manual/configuration/profiles/clone-config.xml new file mode 100644 index 000000000000..c8d72f0fcd08 --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/clone-config.xml @@ -0,0 +1,11 @@ + +
+ Clone Config + + TBD + +
From 40f2cdb302e098007e0de8457e3f98284ffdcf86 Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:17:31 +0200 Subject: [PATCH 04/17] Docs: init section Demo in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + nixos/doc/manual/configuration/profiles/demo.xml | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/demo.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index bbc9e84392a7..0e82ccbd61f7 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -28,4 +28,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/demo.xml b/nixos/doc/manual/configuration/profiles/demo.xml new file mode 100644 index 000000000000..5bae83f17a55 --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/demo.xml @@ -0,0 +1,13 @@ + +
+ Demo + + This profile just enables a "demo" user, with password "demo", uid 1000, wheel + group and + autologin in the SDDM display manager. + +
From 207bbdcb91475e1179512aecb4d5694c3da09817 Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:18:14 +0200 Subject: [PATCH 05/17] Docs: init section Docker Container in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + .../configuration/profiles/docker-container.xml | 15 +++++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/docker-container.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index 0e82ccbd61f7..b120a96e64c9 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -29,4 +29,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/docker-container.xml b/nixos/doc/manual/configuration/profiles/docker-container.xml new file mode 100644 index 000000000000..35c0b5ef70b0 --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/docker-container.xml @@ -0,0 +1,15 @@ + +
+ Docker Container + + This is the profile from which the Docker images are generated. It prepares a + working system by importing the Minimal and + Clone Config profiles, and setting appropiate + configutation options that are useful inside a container context, like + . + +
From b10d669919c8665d1c81305b9610e9e338656e51 Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:20:05 +0200 Subject: [PATCH 06/17] Docs: init section Graphical in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + .../configuration/profiles/graphical.xml | 21 +++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/graphical.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index b120a96e64c9..2f306f584de9 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -30,4 +30,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/graphical.xml b/nixos/doc/manual/configuration/profiles/graphical.xml new file mode 100644 index 000000000000..5ded61d9763b --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/graphical.xml @@ -0,0 +1,21 @@ + +
+ Graphical + + Defines a NixOS configuration with the Plasma 5 desktop. It's used by the + graphical installation CD. + + + It sets , + , + ( + + without Qt4 Support), and + to true. It also + includes glxinfo and firefox in the system packages list. + +
From 614ea404433a8fd743171a020436b0a586ed4e8d Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:20:34 +0200 Subject: [PATCH 07/17] Docs: init section Hardened in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + .../configuration/profiles/hardened.xml | 22 +++++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/hardened.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index 2f306f584de9..db73445ef027 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -31,4 +31,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/hardened.xml b/nixos/doc/manual/configuration/profiles/hardened.xml new file mode 100644 index 000000000000..3f4b9242461f --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/hardened.xml @@ -0,0 +1,22 @@ + +
+ Hardened + + A profile with most (vanilla) hardening options enabled by default, + potentially at the cost of features and performance. + + + This includes a hardened kernel, and limiting the system information + available to procesess via de /sys and + /proc filesystems. It also disables the User Namespaces + feature of the kernel, which stops Nix from being able to build anything + (this particular setting can be overriden via + ). See the + profile source for further detail on which settings are altered. + +
From 670ee54a284aa553bfe7fee57bc17f05f948fefc Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:20:58 +0200 Subject: [PATCH 08/17] Docs: init section Headless in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + .../manual/configuration/profiles/headless.xml | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/headless.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index db73445ef027..bcca84321766 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -32,4 +32,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/headless.xml b/nixos/doc/manual/configuration/profiles/headless.xml new file mode 100644 index 000000000000..54dc61f236e0 --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/headless.xml @@ -0,0 +1,18 @@ + +
+ Headless + + Common configuration for headless machines (e.g., Amazon EC2 instances). + + + Disables sound, + vesa, serial consoles, + emergency mode, + grub splash images and + configures the kernel to reboot automatically on panic. + +
From d2af8fb3d28546924a12e296c6efc4e7c94f9ba2 Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:21:34 +0200 Subject: [PATCH 09/17] Docs: init section Installation Device in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + .../profiles/installation-device.xml | 35 +++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/installation-device.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index bcca84321766..841d8d798199 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -33,4 +33,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/installation-device.xml b/nixos/doc/manual/configuration/profiles/installation-device.xml new file mode 100644 index 000000000000..44ccfc538ad1 --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/installation-device.xml @@ -0,0 +1,35 @@ + +
+ Installation Device + + Provides a basic configuration for installation devices like CDs. This means + enabling hardware scans, using the + Clone Config profile to guarantee + /etc/nixos/configuration.nix exists (for + nixos-rebuild to work), a copy of the Nixpkgs channel + snapshot used to create the install media. + + + Additionally, documentation for + Nixpkgs and NixOS + are forcefully enabled (to override the + Minimal profile preference); the + NixOS manual is shown automatically on TTY 8, sudo and udisks are disabled. + Autologin is enabled as root. + + + A message is shown to the user to start a display manager if needed, + ssh with are enabled (but + doesn't autostart). WPA Supplicant is also enabled without autostart. + + + Finally, vim is installed, root is set to not have a password, the kernel is + made more silent for remote public IP installs, and several settings are + tweaked so that the installer has a better chance of succeeding under + low-memory environments. + +
From 62e64978d288645db71fb54ac7868ae42001320a Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Thu, 25 Oct 2018 10:22:04 +0200 Subject: [PATCH 10/17] Docs: init section Minimal in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + .../manual/configuration/profiles/minimal.xml | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/minimal.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index 841d8d798199..fb9d0967e61b 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -34,4 +34,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/minimal.xml b/nixos/doc/manual/configuration/profiles/minimal.xml new file mode 100644 index 000000000000..a24af21bd7f7 --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/minimal.xml @@ -0,0 +1,17 @@ + +
+ Minimal + + This profile defines a small NixOS configuration. It does not contain any + graphical stuff. It's a very short file that enables + noXlibs, sets + i18n.supportedLocales + to only support the user-selected locale, + disables packages' documentation + , and disables sound. + +
From b303688f46e179019536e056a4421dd693e4fa6f Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Tue, 6 Nov 2018 12:50:41 +0100 Subject: [PATCH 11/17] Docs: init section QEMU Guest in chapter Profiles --- nixos/doc/manual/configuration/profiles.xml | 1 + .../manual/configuration/profiles/qemu-guest.xml | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 nixos/doc/manual/configuration/profiles/qemu-guest.xml diff --git a/nixos/doc/manual/configuration/profiles.xml b/nixos/doc/manual/configuration/profiles.xml index fb9d0967e61b..92c0f6202f28 100644 --- a/nixos/doc/manual/configuration/profiles.xml +++ b/nixos/doc/manual/configuration/profiles.xml @@ -35,4 +35,5 @@ + diff --git a/nixos/doc/manual/configuration/profiles/qemu-guest.xml b/nixos/doc/manual/configuration/profiles/qemu-guest.xml new file mode 100644 index 000000000000..d08068650fbe --- /dev/null +++ b/nixos/doc/manual/configuration/profiles/qemu-guest.xml @@ -0,0 +1,16 @@ +
+ QEMU Guest + + This profile contains common configuration for virtual machines running under + QEMU (using virtio). + + + It makes virtio modules available on the initrd, sets the system time from + the hardware clock to work around a bug in qemu-kvm, and + enables rngd. + +
From f488a072f9f22cb245ede48096b91a22e88d6983 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 6 Nov 2018 22:48:05 +0100 Subject: [PATCH 12/17] Update nixos/doc/manual/configuration/profiles/clone-config.xml Co-Authored-By: DIzFer --- nixos/doc/manual/configuration/profiles/clone-config.xml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/nixos/doc/manual/configuration/profiles/clone-config.xml b/nixos/doc/manual/configuration/profiles/clone-config.xml index c8d72f0fcd08..3ea4065fe45b 100644 --- a/nixos/doc/manual/configuration/profiles/clone-config.xml +++ b/nixos/doc/manual/configuration/profiles/clone-config.xml @@ -6,6 +6,9 @@ xml:id="sec-profile-clone-config"> Clone Config - TBD + This profile is used in installer images. + It provides an editable configuration.nix that imports all the modules that + were also used when creating the image in the first place. + As a result it allow users to edit and rebuild the live-system. From c7e3f19fc245749f99838b18fa7640e479c1b475 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Tue, 6 Nov 2018 22:49:44 +0100 Subject: [PATCH 13/17] Fixed typo in docker-container Co-Authored-By: DIzFer --- nixos/doc/manual/configuration/profiles/docker-container.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/doc/manual/configuration/profiles/docker-container.xml b/nixos/doc/manual/configuration/profiles/docker-container.xml index 35c0b5ef70b0..43490682a348 100644 --- a/nixos/doc/manual/configuration/profiles/docker-container.xml +++ b/nixos/doc/manual/configuration/profiles/docker-container.xml @@ -8,7 +8,7 @@ This is the profile from which the Docker images are generated. It prepares a working system by importing the Minimal and - Clone Config profiles, and setting appropiate + Clone Config profiles, and setting appropriate configutation options that are useful inside a container context, like . From dbd1a5f2161855f98cf8e9703df66e8b47dea0dd Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Tue, 6 Nov 2018 22:50:25 +0100 Subject: [PATCH 14/17] Second typo in docker-container Co-Authored-By: DIzFer --- nixos/doc/manual/configuration/profiles/docker-container.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/doc/manual/configuration/profiles/docker-container.xml b/nixos/doc/manual/configuration/profiles/docker-container.xml index 43490682a348..bf962442ccef 100644 --- a/nixos/doc/manual/configuration/profiles/docker-container.xml +++ b/nixos/doc/manual/configuration/profiles/docker-container.xml @@ -9,7 +9,7 @@ This is the profile from which the Docker images are generated. It prepares a working system by importing the Minimal and Clone Config profiles, and setting appropriate - configutation options that are useful inside a container context, like + configuration options that are useful inside a container context, like . From 6be1696c804dffee72b11a2038f34cb933046aba Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Tue, 6 Nov 2018 22:51:33 +0100 Subject: [PATCH 15/17] Update nixos/doc/manual/configuration/profiles/demo.xml Co-Authored-By: DIzFer --- nixos/doc/manual/configuration/profiles/demo.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/doc/manual/configuration/profiles/demo.xml b/nixos/doc/manual/configuration/profiles/demo.xml index 5bae83f17a55..98829e4696df 100644 --- a/nixos/doc/manual/configuration/profiles/demo.xml +++ b/nixos/doc/manual/configuration/profiles/demo.xml @@ -6,7 +6,7 @@ xml:id="sec-profile-demo"> Demo - This profile just enables a "demo" user, with password "demo", uid 1000, wheel + This profile just enables a demo user, with password demo, uid 1000, wheel group and autologin in the SDDM display manager. From 6abe1e5981090496fc811d1d02d0203b69de4e4c Mon Sep 17 00:00:00 2001 From: David Izquierdo Date: Tue, 6 Nov 2018 22:54:43 +0100 Subject: [PATCH 16/17] Even more typos in hardened --- nixos/doc/manual/configuration/profiles/hardened.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/doc/manual/configuration/profiles/hardened.xml b/nixos/doc/manual/configuration/profiles/hardened.xml index 3f4b9242461f..b3b433792f53 100644 --- a/nixos/doc/manual/configuration/profiles/hardened.xml +++ b/nixos/doc/manual/configuration/profiles/hardened.xml @@ -11,7 +11,7 @@ This includes a hardened kernel, and limiting the system information - available to procesess via de /sys and + available to processes through the /sys and /proc filesystems. It also disables the User Namespaces feature of the kernel, which stops Nix from being able to build anything (this particular setting can be overriden via From bac872592c67309907a8f00de80d31c58938e268 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Tue, 6 Nov 2018 23:08:26 +0100 Subject: [PATCH 17/17] Typo in clone-config Co-Authored-By: DIzFer --- nixos/doc/manual/configuration/profiles/clone-config.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/doc/manual/configuration/profiles/clone-config.xml b/nixos/doc/manual/configuration/profiles/clone-config.xml index 3ea4065fe45b..87c8b9ee31b6 100644 --- a/nixos/doc/manual/configuration/profiles/clone-config.xml +++ b/nixos/doc/manual/configuration/profiles/clone-config.xml @@ -9,6 +9,6 @@ This profile is used in installer images. It provides an editable configuration.nix that imports all the modules that were also used when creating the image in the first place. - As a result it allow users to edit and rebuild the live-system. + As a result it allows users to edit and rebuild the live-system.