diff options
author | Jan Tojnar <jtojnar@gmail.com> | 2020-09-29 00:12:29 +0200 |
---|---|---|
committer | Jan Tojnar <jtojnar@gmail.com> | 2020-09-29 00:12:29 +0200 |
commit | 32b4375f107315edc9066de21bf2de030d90c43d (patch) | |
tree | 8b3869f8ff2b0e2e272605b46b56348addf2d976 /nixos/doc | |
parent | a7218d691483260bbf2ed726196f17481e2f9500 (diff) | |
parent | 695fd81e02ced2a9591cf2ac3183c360de763c07 (diff) |
Merge branch 'staging-next' into staging
Diffstat (limited to 'nixos/doc')
-rw-r--r-- | nixos/doc/manual/development/building-nixos.xml | 6 | ||||
-rw-r--r-- | nixos/doc/manual/installation/installing-from-other-distro.xml | 2 | ||||
-rw-r--r-- | nixos/doc/manual/man-nixos-rebuild.xml | 34 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1903.xml | 2 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2009.xml | 43 |
5 files changed, 79 insertions, 8 deletions
diff --git a/nixos/doc/manual/development/building-nixos.xml b/nixos/doc/manual/development/building-nixos.xml index 56a596baed00..d58b6354d1d3 100644 --- a/nixos/doc/manual/development/building-nixos.xml +++ b/nixos/doc/manual/development/building-nixos.xml @@ -24,4 +24,10 @@ <screen> <prompt># </prompt>mount -o loop -t iso9660 ./result/iso/cd.iso /mnt/iso</screen> </para> + <para> + If you want to customize your NixOS CD in more detail, or generate other kinds + of images, you might want to check out <link + xlink:href="https://github.com/nix-community/nixos-generators">nixos-generators</link>. This can also be a good starting point when you want to use Nix to build a + 'minimal' image that doesn't include a NixOS installation. + </para> </chapter> diff --git a/nixos/doc/manual/installation/installing-from-other-distro.xml b/nixos/doc/manual/installation/installing-from-other-distro.xml index 8aac3226473b..f10a7d658879 100644 --- a/nixos/doc/manual/installation/installing-from-other-distro.xml +++ b/nixos/doc/manual/installation/installing-from-other-distro.xml @@ -47,7 +47,7 @@ Short version: </para> <screen> -<prompt>$ </prompt>curl https://nixos.org/nix/install | sh +<prompt>$ </prompt>curl -L https://nixos.org/nix/install | sh <prompt>$ </prompt>. $HOME/.nix-profile/etc/profile.d/nix.sh # …or open a fresh shell</screen> <para> More details in the diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index 7dab5c69dfb5..1fd3a1c56648 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -52,10 +52,18 @@ <option>build-vm-with-bootloader</option> </arg> </group> - <sbr /> - <arg> - <option>--upgrade</option> - </arg> + <sbr /> + + <arg> + <group choice='req'> + <arg choice='plain'> + <option>--upgrade</option> + </arg> + <arg choice='plain'> + <option>--upgrade-all</option> + </arg> + </group> + </arg> <arg> <option>--install-bootloader</option> @@ -334,9 +342,23 @@ <term> <option>--upgrade</option> </term> + <term> + <option>--upgrade-all</option> + </term> <listitem> - <para> - Fetch the latest version of NixOS from the NixOS channel. + <para> + Update the root user's channel named <literal>nixos</literal> + before rebuilding the system. + </para> + <para> + In addition to the <literal>nixos</literal> channel, the root + user's channels which have a file named + <literal>.update-on-nixos-rebuild</literal> in their base + directory will also be updated. + </para> + <para> + Passing <option>--upgrade-all</option> updates all of the root + user's channels. </para> </listitem> </varlistentry> diff --git a/nixos/doc/manual/release-notes/rl-1903.xml b/nixos/doc/manual/release-notes/rl-1903.xml index 8ff1681d3b4a..5593cb3e5dff 100644 --- a/nixos/doc/manual/release-notes/rl-1903.xml +++ b/nixos/doc/manual/release-notes/rl-1903.xml @@ -173,7 +173,7 @@ <listitem> <para> For users of a daemon-less Nix installation on Linux or macOS, you can - upgrade Nix by running <command>curl https://nixos.org/nix/install | + upgrade Nix by running <command>curl -L https://nixos.org/nix/install | sh</command>, or prior to doing a channel update, running <command>nix-env -iA nix</command>. </para> diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml index 511276bcaab3..ff5b50132ee1 100644 --- a/nixos/doc/manual/release-notes/rl-2009.xml +++ b/nixos/doc/manual/release-notes/rl-2009.xml @@ -834,6 +834,31 @@ CREATE ROLE postgres LOGIN SUPERUSER; functionally redundent. </para> </listitem> + <listitem> + <para> + The package <package>nextcloud17</package> has been removed and <package>nextcloud18</package> was marked as insecure + since both of them will <link xlink:href="https://docs.nextcloud.com/server/19/admin_manual/release_schedule.html"> + will be EOL (end of life) within the lifetime of 20.09</link>. + </para> + <para> + It's necessary to upgrade to <package>nextcloud19</package>: + <itemizedlist> + <listitem> + <para> + From <package>nextcloud17</package>, you have to upgrade to <package>nextcloud18</package> first as + Nextcloud doesn't allow going multiple major revisions forward in a single upgrade. This is possible + by setting <xref linkend="opt-services.nextcloud.package" /> to <package>nextcloud18</package>. + </para> + </listitem> + <listitem> + <para> + From <package>nextcloud18</package>, it's possible to directly upgrade to <package>nextcloud19</package> + by setting <xref linkend="opt-services.nextcloud.package" /> to <package>nextcloud19</package>. + </para> + </listitem> + </itemizedlist> + </para> + </listitem> </itemizedlist> </section> @@ -981,6 +1006,24 @@ services.transmission.settings.rpc-bind-address = "0.0.0.0"; </listitem> <listitem> <para> + The <literal>security.apparmor</literal> module, + for the <link xlink:href="https://gitlab.com/apparmor/apparmor/-/wikis/Documentation">AppArmor</link> + Mandatory Access Control system, + has been substantialy improved along with related tools, + so that module maintainers can now more easily write AppArmor profiles for NixOS. + The most notable change on the user-side is the new option <xref linkend="opt-security.apparmor.policies"/>, + replacing the previous <literal>profiles</literal> option + to provide a way to disable a profile + and to select whether to confine in enforce mode (default) + or in complain mode (see <literal>journalctl -b --grep apparmor</literal>). + Before enabling this module, either directly + or by importing <literal><nixpkgs/nixos/modules/profiles/hardened.nix></literal>, + please be sure to read the documentation of <link linkend="opt-security.apparmor.enable">security.apparmor.enable</link>, + and especially the part about <xref linkend="opt-security.apparmor.killUnconfinedConfinables"/>. + </para> + </listitem> + <listitem> + <para> With this release <literal>systemd-networkd</literal> (when enabled through <xref linkend="opt-networking.useNetworkd"/>) has it's netlink socket created through a <literal>systemd.socket</literal> unit. This gives us control over socket buffer sizes and other parameters. For larger setups where networkd has to create a lot of (virtual) |