nixos/doc: Fix spurious indentation
This commit is contained in:
parent
092c25ac08
commit
11cb382a4c
|
@ -68,7 +68,7 @@ installPhase =
|
||||||
can be done in a generic fashion with the <literal>--set</literal> argument
|
can be done in a generic fashion with the <literal>--set</literal> argument
|
||||||
of <literal>makeWrapper</literal>:
|
of <literal>makeWrapper</literal>:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
--set JAVA_HOME ${jdk.home}
|
--set JAVA_HOME ${jdk.home}
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
|
|
|
@ -33,91 +33,91 @@
|
||||||
<link xlink:href="https://github.com/matrix-org/synapse#synapse-installation">
|
<link xlink:href="https://github.com/matrix-org/synapse#synapse-installation">
|
||||||
installation instructions of Synapse </link>.
|
installation instructions of Synapse </link>.
|
||||||
<programlisting>
|
<programlisting>
|
||||||
|
let
|
||||||
|
fqdn =
|
||||||
let
|
let
|
||||||
fqdn =
|
join = hostName: domain: hostName + optionalString (domain != null) ".${domain}";
|
||||||
let
|
in join config.networking.hostName config.networking.domain;
|
||||||
join = hostName: domain: hostName + optionalString (domain != null) ".${domain}";
|
in {
|
||||||
in join config.networking.hostName config.networking.domain;
|
networking = {
|
||||||
in {
|
hostName = "myhostname";
|
||||||
networking = {
|
domain = "example.org";
|
||||||
hostName = "myhostname";
|
};
|
||||||
domain = "example.org";
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
};
|
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# only recommendedProxySettings and recommendedGzipSettings are strictly required,
|
# only recommendedProxySettings and recommendedGzipSettings are strictly required,
|
||||||
# but the rest make sense as well
|
# but the rest make sense as well
|
||||||
recommendedTlsSettings = true;
|
recommendedTlsSettings = true;
|
||||||
recommendedOptimisation = true;
|
recommendedOptimisation = true;
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
|
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
# This host section can be placed on a different host than the rest,
|
# This host section can be placed on a different host than the rest,
|
||||||
# i.e. to delegate from the host being accessible as ${config.networking.domain}
|
# i.e. to delegate from the host being accessible as ${config.networking.domain}
|
||||||
# to another host actually running the Matrix homeserver.
|
# to another host actually running the Matrix homeserver.
|
||||||
"${config.networking.domain}" = {
|
"${config.networking.domain}" = {
|
||||||
locations."= /.well-known/matrix/server".extraConfig =
|
locations."= /.well-known/matrix/server".extraConfig =
|
||||||
let
|
let
|
||||||
# use 443 instead of the default 8448 port to unite
|
# use 443 instead of the default 8448 port to unite
|
||||||
# the client-server and server-server port for simplicity
|
# the client-server and server-server port for simplicity
|
||||||
server = { "m.server" = "${fqdn}:443"; };
|
server = { "m.server" = "${fqdn}:443"; };
|
||||||
in ''
|
in ''
|
||||||
add_header Content-Type application/json;
|
add_header Content-Type application/json;
|
||||||
return 200 '${builtins.toJSON server}';
|
return 200 '${builtins.toJSON server}';
|
||||||
'';
|
'';
|
||||||
locations."= /.well-known/matrix/client".extraConfig =
|
locations."= /.well-known/matrix/client".extraConfig =
|
||||||
let
|
let
|
||||||
client = {
|
client = {
|
||||||
"m.homeserver" = { "base_url" = "https://${fqdn}"; };
|
"m.homeserver" = { "base_url" = "https://${fqdn}"; };
|
||||||
"m.identity_server" = { "base_url" = "https://vector.im"; };
|
"m.identity_server" = { "base_url" = "https://vector.im"; };
|
||||||
};
|
|
||||||
# ACAO required to allow riot-web on any URL to request this json file
|
|
||||||
in ''
|
|
||||||
add_header Content-Type application/json;
|
|
||||||
add_header Access-Control-Allow-Origin *;
|
|
||||||
return 200 '${builtins.toJSON client}';
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
# Reverse proxy for Matrix client-server and server-server communication
|
|
||||||
${fqdn} = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
|
|
||||||
# Or do a redirect instead of the 404, or whatever is appropriate for you.
|
|
||||||
# But do not put a Matrix Web client here! See the Riot Web section below.
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
return 404;
|
|
||||||
'';
|
|
||||||
|
|
||||||
# forward all Matrix API calls to the synapse Matrix homeserver
|
|
||||||
locations."/_matrix" = {
|
|
||||||
proxyPass = "http://[::1]:8008";
|
|
||||||
};
|
};
|
||||||
};
|
# ACAO required to allow riot-web on any URL to request this json file
|
||||||
|
in ''
|
||||||
|
add_header Content-Type application/json;
|
||||||
|
add_header Access-Control-Allow-Origin *;
|
||||||
|
return 200 '${builtins.toJSON client}';
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
# Reverse proxy for Matrix client-server and server-server communication
|
||||||
|
${fqdn} = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
|
||||||
|
# Or do a redirect instead of the 404, or whatever is appropriate for you.
|
||||||
|
# But do not put a Matrix Web client here! See the Riot Web section below.
|
||||||
|
locations."/".extraConfig = ''
|
||||||
|
return 404;
|
||||||
|
'';
|
||||||
|
|
||||||
|
# forward all Matrix API calls to the synapse Matrix homeserver
|
||||||
|
locations."/_matrix" = {
|
||||||
|
proxyPass = "http://[::1]:8008";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
services.matrix-synapse = {
|
|
||||||
enable = true;
|
|
||||||
server_name = config.networking.domain;
|
|
||||||
listeners = [
|
|
||||||
{
|
|
||||||
port = 8008;
|
|
||||||
bind_address = "::1";
|
|
||||||
type = "http";
|
|
||||||
tls = false;
|
|
||||||
x_forwarded = true;
|
|
||||||
resources = [
|
|
||||||
{ names = [ "client" "federation" ]; compress = false; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
</programlisting>
|
};
|
||||||
|
services.matrix-synapse = {
|
||||||
|
enable = true;
|
||||||
|
server_name = config.networking.domain;
|
||||||
|
listeners = [
|
||||||
|
{
|
||||||
|
port = 8008;
|
||||||
|
bind_address = "::1";
|
||||||
|
type = "http";
|
||||||
|
tls = false;
|
||||||
|
x_forwarded = true;
|
||||||
|
resources = [
|
||||||
|
{ names = [ "client" "federation" ]; compress = false; }
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
|
@ -142,14 +142,14 @@
|
||||||
create a new user or admin, run the following after you have set the secret
|
create a new user or admin, run the following after you have set the secret
|
||||||
and have rebuilt NixOS:
|
and have rebuilt NixOS:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
$ nix run nixpkgs.matrix-synapse
|
$ nix run nixpkgs.matrix-synapse
|
||||||
$ register_new_matrix_user -k <your-registration-shared-secret> http://localhost:8008
|
$ register_new_matrix_user -k <your-registration-shared-secret> http://localhost:8008
|
||||||
New user localpart: <your-username>
|
New user localpart: <your-username>
|
||||||
Password:
|
Password:
|
||||||
Confirm password:
|
Confirm password:
|
||||||
Make admin [no]:
|
Make admin [no]:
|
||||||
Success!
|
Success!
|
||||||
</programlisting>
|
</programlisting>
|
||||||
In the example, this would create a user with the Matrix Identifier
|
In the example, this would create a user with the Matrix Identifier
|
||||||
<literal>@your-username:example.org</literal>. Note that the registration
|
<literal>@your-username:example.org</literal>. Note that the registration
|
||||||
secret ends up in the nix store and therefore is world-readable by any user
|
secret ends up in the nix store and therefore is world-readable by any user
|
||||||
|
@ -177,16 +177,16 @@
|
||||||
Matrix Now!</link> for a list of existing clients and their supported
|
Matrix Now!</link> for a list of existing clients and their supported
|
||||||
featureset.
|
featureset.
|
||||||
<programlisting>
|
<programlisting>
|
||||||
services.nginx.virtualHosts."riot.${fqdn}" = {
|
services.nginx.virtualHosts."riot.${fqdn}" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
serverAliases = [
|
serverAliases = [
|
||||||
"riot.${config.networking.domain}"
|
"riot.${config.networking.domain}"
|
||||||
];
|
];
|
||||||
|
|
||||||
root = pkgs.riot-web;
|
root = pkgs.riot-web;
|
||||||
};
|
};
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
|
|
|
@ -129,17 +129,17 @@ nix-repl> map (x: x.hostName) config.<xref linkend="opt-services.httpd.virtualHo
|
||||||
While abstracting your configuration, you may find it useful to generate
|
While abstracting your configuration, you may find it useful to generate
|
||||||
modules using code, instead of writing files. The example below would have
|
modules using code, instead of writing files. The example below would have
|
||||||
the same effect as importing a file which sets those options.
|
the same effect as importing a file which sets those options.
|
||||||
<screen>
|
<programlisting>
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
let netConfig = { hostName }: {
|
let netConfig = { hostName }: {
|
||||||
networking.hostName = hostName;
|
networking.hostName = hostName;
|
||||||
networking.useDHCP = false;
|
networking.useDHCP = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
in
|
in
|
||||||
|
|
||||||
{ imports = [ (netConfig "nixos.localdomain") ]; }
|
{ imports = [ (netConfig "nixos.localdomain") ]; }
|
||||||
</screen>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
</section>
|
</section>
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
imports = [
|
imports = [
|
||||||
<nixpkgs/nixos/modules/profiles/profile-name.nix>
|
<nixpkgs/nixos/modules/profiles/profile-name.nix>
|
||||||
];
|
];
|
||||||
</programlisting>
|
</programlisting>
|
||||||
<para>
|
<para>
|
||||||
Even if some of these profiles seem only useful in the context of install
|
Even if some of these profiles seem only useful in the context of install
|
||||||
media, many are actually intended to be used in real installs.
|
media, many are actually intended to be used in real installs.
|
||||||
|
|
|
@ -44,7 +44,7 @@
|
||||||
A user ID (uid) is assigned automatically. You can also specify a uid
|
A user ID (uid) is assigned automatically. You can also specify a uid
|
||||||
manually by adding
|
manually by adding
|
||||||
<programlisting>
|
<programlisting>
|
||||||
uid = 1000;
|
uid = 1000;
|
||||||
</programlisting>
|
</programlisting>
|
||||||
to the user specification.
|
to the user specification.
|
||||||
</para>
|
</para>
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
<link linkend="opt-services.xserver.desktopManager.xfce.enable">xfce.enable</link> = true;
|
<link linkend="opt-services.xserver.desktopManager.xfce.enable">xfce.enable</link> = true;
|
||||||
<link linkend="opt-services.xserver.desktopManager.default">default</link> = "xfce";
|
<link linkend="opt-services.xserver.desktopManager.default">default</link> = "xfce";
|
||||||
};
|
};
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
Optionally, <emphasis>compton</emphasis> can be enabled for nice graphical
|
Optionally, <emphasis>compton</emphasis> can be enabled for nice graphical
|
||||||
|
@ -24,7 +24,7 @@
|
||||||
<link linkend="opt-services.compton.shadow">shadow</link> = true;
|
<link linkend="opt-services.compton.shadow">shadow</link> = true;
|
||||||
<link linkend="opt-services.compton.fadeDelta">fadeDelta</link> = 4;
|
<link linkend="opt-services.compton.fadeDelta">fadeDelta</link> = 4;
|
||||||
};
|
};
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
Some Xfce programs are not installed automatically. To install them manually
|
Some Xfce programs are not installed automatically. To install them manually
|
||||||
|
@ -37,7 +37,7 @@
|
||||||
To enable <emphasis>Thunar</emphasis> volume support, put
|
To enable <emphasis>Thunar</emphasis> volume support, put
|
||||||
<programlisting>
|
<programlisting>
|
||||||
<xref linkend="opt-services.xserver.desktopManager.xfce.enable"/> = true;
|
<xref linkend="opt-services.xserver.desktopManager.xfce.enable"/> = true;
|
||||||
</programlisting>
|
</programlisting>
|
||||||
into your <emphasis>configuration.nix</emphasis>.
|
into your <emphasis>configuration.nix</emphasis>.
|
||||||
</para>
|
</para>
|
||||||
</simplesect>
|
</simplesect>
|
||||||
|
@ -58,14 +58,14 @@
|
||||||
on start (look at <command>journalctl --user -b</command>).
|
on start (look at <command>journalctl --user -b</command>).
|
||||||
<programlisting>
|
<programlisting>
|
||||||
Thunar:2410): GVFS-RemoteVolumeMonitor-WARNING **: remote volume monitor with dbus name org.gtk.Private.UDisks2VolumeMonitor is not supported
|
Thunar:2410): GVFS-RemoteVolumeMonitor-WARNING **: remote volume monitor with dbus name org.gtk.Private.UDisks2VolumeMonitor is not supported
|
||||||
</programlisting>
|
</programlisting>
|
||||||
This is caused by some needed GNOME services not running. This is all fixed
|
This is caused by some needed GNOME services not running. This is all fixed
|
||||||
by enabling "Launch GNOME services on startup" in the Advanced tab of the
|
by enabling "Launch GNOME services on startup" in the Advanced tab of the
|
||||||
Session and Startup settings panel. Alternatively, you can run this command
|
Session and Startup settings panel. Alternatively, you can run this command
|
||||||
to do the same thing.
|
to do the same thing.
|
||||||
<programlisting>
|
<programlisting>
|
||||||
$ xfconf-query -c xfce4-session -p /compat/LaunchGNOME -s true
|
$ xfconf-query -c xfce4-session -p /compat/LaunchGNOME -s true
|
||||||
</programlisting>
|
</programlisting>
|
||||||
A log-out and re-log will be needed for this to take effect.
|
A log-out and re-log will be needed for this to take effect.
|
||||||
</para>
|
</para>
|
||||||
</simplesect>
|
</simplesect>
|
||||||
|
|
|
@ -397,9 +397,9 @@ startAll;
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
<programlisting>
|
<programlisting>
|
||||||
$machine->systemctl("list-jobs --no-pager"); // runs `systemctl list-jobs --no-pager`
|
$machine->systemctl("list-jobs --no-pager"); // runs `systemctl list-jobs --no-pager`
|
||||||
$machine->systemctl("list-jobs --no-pager", "any-user"); // spawns a shell for `any-user` and runs `systemctl --user list-jobs --no-pager`
|
$machine->systemctl("list-jobs --no-pager", "any-user"); // spawns a shell for `any-user` and runs `systemctl --user list-jobs --no-pager`
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
@ -410,10 +410,10 @@ startAll;
|
||||||
To test user units declared by <literal>systemd.user.services</literal> the
|
To test user units declared by <literal>systemd.user.services</literal> the
|
||||||
optional <literal>$user</literal> argument can be used:
|
optional <literal>$user</literal> argument can be used:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
$machine->start;
|
$machine->start;
|
||||||
$machine->waitForX;
|
$machine->waitForX;
|
||||||
$machine->waitForUnit("xautolock.service", "x-session-user");
|
$machine->waitForUnit("xautolock.service", "x-session-user");
|
||||||
</programlisting>
|
</programlisting>
|
||||||
This applies to <literal>systemctl</literal>, <literal>getUnitInfo</literal>,
|
This applies to <literal>systemctl</literal>, <literal>getUnitInfo</literal>,
|
||||||
<literal>waitForUnit</literal>, <literal>startJob</literal> and
|
<literal>waitForUnit</literal>, <literal>startJob</literal> and
|
||||||
<literal>stopJob</literal>.
|
<literal>stopJob</literal>.
|
||||||
|
|
|
@ -9,7 +9,8 @@
|
||||||
<link linkend="ch-configuration">changed something</link> in that file, you
|
<link linkend="ch-configuration">changed something</link> in that file, you
|
||||||
should do
|
should do
|
||||||
<screen>
|
<screen>
|
||||||
# nixos-rebuild switch</screen>
|
<prompt># </prompt>nixos-rebuild switch
|
||||||
|
</screen>
|
||||||
to build the new configuration, make it the default configuration for
|
to build the new configuration, make it the default configuration for
|
||||||
booting, and try to realise the configuration in the running system (e.g., by
|
booting, and try to realise the configuration in the running system (e.g., by
|
||||||
restarting system services).
|
restarting system services).
|
||||||
|
@ -23,7 +24,8 @@
|
||||||
<para>
|
<para>
|
||||||
You can also do
|
You can also do
|
||||||
<screen>
|
<screen>
|
||||||
# nixos-rebuild test</screen>
|
<prompt># </prompt>nixos-rebuild test
|
||||||
|
</screen>
|
||||||
to build the configuration and switch the running system to it, but without
|
to build the configuration and switch the running system to it, but without
|
||||||
making it the boot default. So if (say) the configuration locks up your
|
making it the boot default. So if (say) the configuration locks up your
|
||||||
machine, you can just reboot to get back to a working configuration.
|
machine, you can just reboot to get back to a working configuration.
|
||||||
|
@ -31,7 +33,8 @@
|
||||||
<para>
|
<para>
|
||||||
There is also
|
There is also
|
||||||
<screen>
|
<screen>
|
||||||
# nixos-rebuild boot</screen>
|
<prompt># </prompt>nixos-rebuild boot
|
||||||
|
</screen>
|
||||||
to build the configuration and make it the boot default, but not switch to it
|
to build the configuration and make it the boot default, but not switch to it
|
||||||
now (so it will only take effect after the next reboot).
|
now (so it will only take effect after the next reboot).
|
||||||
</para>
|
</para>
|
||||||
|
@ -39,7 +42,8 @@
|
||||||
You can make your configuration show up in a different submenu of the GRUB 2
|
You can make your configuration show up in a different submenu of the GRUB 2
|
||||||
boot screen by giving it a different <emphasis>profile name</emphasis>, e.g.
|
boot screen by giving it a different <emphasis>profile name</emphasis>, e.g.
|
||||||
<screen>
|
<screen>
|
||||||
# nixos-rebuild switch -p test </screen>
|
<prompt># </prompt>nixos-rebuild switch -p test
|
||||||
|
</screen>
|
||||||
which causes the new configuration (and previous ones created using
|
which causes the new configuration (and previous ones created using
|
||||||
<literal>-p test</literal>) to show up in the GRUB submenu “NixOS - Profile
|
<literal>-p test</literal>) to show up in the GRUB submenu “NixOS - Profile
|
||||||
'test'”. This can be useful to separate test configurations from
|
'test'”. This can be useful to separate test configurations from
|
||||||
|
@ -48,7 +52,8 @@
|
||||||
<para>
|
<para>
|
||||||
Finally, you can do
|
Finally, you can do
|
||||||
<screen>
|
<screen>
|
||||||
$ nixos-rebuild build</screen>
|
<prompt>$ </prompt>nixos-rebuild build
|
||||||
|
</screen>
|
||||||
to build the configuration but nothing more. This is useful to see whether
|
to build the configuration but nothing more. This is useful to see whether
|
||||||
everything compiles cleanly.
|
everything compiles cleanly.
|
||||||
</para>
|
</para>
|
||||||
|
@ -58,8 +63,8 @@ $ nixos-rebuild build</screen>
|
||||||
<emphasis>virtual machine</emphasis> that contains the desired configuration.
|
<emphasis>virtual machine</emphasis> that contains the desired configuration.
|
||||||
Just do
|
Just do
|
||||||
<screen>
|
<screen>
|
||||||
$ nixos-rebuild build-vm
|
<prompt>$ </prompt>nixos-rebuild build-vm
|
||||||
$ ./result/bin/run-*-vm
|
<prompt>$ </prompt>./result/bin/run-*-vm
|
||||||
</screen>
|
</screen>
|
||||||
The VM does not have any data from your host system, so your existing user
|
The VM does not have any data from your host system, so your existing user
|
||||||
accounts and home directories will not be available unless you have set
|
accounts and home directories will not be available unless you have set
|
||||||
|
@ -74,12 +79,12 @@ $ ./result/bin/run-*-vm
|
||||||
guest. For instance, the following will forward host port 2222 to guest port
|
guest. For instance, the following will forward host port 2222 to guest port
|
||||||
22 (SSH):
|
22 (SSH):
|
||||||
<screen>
|
<screen>
|
||||||
$ QEMU_NET_OPTS="hostfwd=tcp::2222-:22" ./result/bin/run-*-vm
|
<prompt>$ </prompt>QEMU_NET_OPTS="hostfwd=tcp::2222-:22" ./result/bin/run-*-vm
|
||||||
</screen>
|
</screen>
|
||||||
allowing you to log in via SSH (assuming you have set the appropriate
|
allowing you to log in via SSH (assuming you have set the appropriate
|
||||||
passwords or SSH authorized keys):
|
passwords or SSH authorized keys):
|
||||||
<screen>
|
<screen>
|
||||||
$ ssh -p 2222 localhost
|
<prompt>$ </prompt>ssh -p 2222 localhost
|
||||||
</screen>
|
</screen>
|
||||||
</para>
|
</para>
|
||||||
</chapter>
|
</chapter>
|
||||||
|
|
|
@ -47,8 +47,8 @@
|
||||||
Short version:
|
Short version:
|
||||||
</para>
|
</para>
|
||||||
<screen>
|
<screen>
|
||||||
$ curl https://nixos.org/nix/install | sh
|
<prompt>$ </prompt>curl https://nixos.org/nix/install | sh
|
||||||
$ . $HOME/.nix-profile/etc/profile.d/nix.sh # …or open a fresh shell</screen>
|
<prompt>$ </prompt>. $HOME/.nix-profile/etc/profile.d/nix.sh # …or open a fresh shell</screen>
|
||||||
<para>
|
<para>
|
||||||
More details in the
|
More details in the
|
||||||
<link
|
<link
|
||||||
|
@ -65,14 +65,14 @@ $ . $HOME/.nix-profile/etc/profile.d/nix.sh # …or open a fresh shell</screen>
|
||||||
the <literal>nixpkgs</literal> channel by default.
|
the <literal>nixpkgs</literal> channel by default.
|
||||||
</para>
|
</para>
|
||||||
<screen>
|
<screen>
|
||||||
$ nix-channel --list
|
<prompt>$ </prompt>nix-channel --list
|
||||||
nixpkgs https://nixos.org/channels/nixpkgs-unstable</screen>
|
nixpkgs https://nixos.org/channels/nixpkgs-unstable</screen>
|
||||||
<para>
|
<para>
|
||||||
As that channel gets released without running the NixOS tests, it will be
|
As that channel gets released without running the NixOS tests, it will be
|
||||||
safer to use the <literal>nixos-*</literal> channels instead:
|
safer to use the <literal>nixos-*</literal> channels instead:
|
||||||
</para>
|
</para>
|
||||||
<screen>
|
<screen>
|
||||||
$ nix-channel --add https://nixos.org/channels/nixos-<replaceable>version</replaceable> nixpkgs</screen>
|
<prompt>$ </prompt>nix-channel --add https://nixos.org/channels/nixos-<replaceable>version</replaceable> nixpkgs</screen>
|
||||||
<para>
|
<para>
|
||||||
You may want to throw in a <literal>nix-channel --update</literal> for good
|
You may want to throw in a <literal>nix-channel --update</literal> for good
|
||||||
measure.
|
measure.
|
||||||
|
@ -89,7 +89,7 @@ $ nix-channel --add https://nixos.org/channels/nixos-<replaceable>version</repla
|
||||||
NixOS partition. They are installed by default on NixOS, but you don't have
|
NixOS partition. They are installed by default on NixOS, but you don't have
|
||||||
NixOS yet..
|
NixOS yet..
|
||||||
</para>
|
</para>
|
||||||
<screen>$ nix-env -iE "_: with import <nixpkgs/nixos> { configuration = {}; }; with config.system.build; [ nixos-generate-config nixos-install nixos-enter manual.manpages ]"</screen>
|
<screen><prompt>$ </prompt>nix-env -iE "_: with import <nixpkgs/nixos> { configuration = {}; }; with config.system.build; [ nixos-generate-config nixos-install nixos-enter manual.manpages ]"</screen>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<note>
|
<note>
|
||||||
|
@ -116,7 +116,7 @@ $ nix-channel --add https://nixos.org/channels/nixos-<replaceable>version</repla
|
||||||
<para>
|
<para>
|
||||||
Generate your NixOS configuration:
|
Generate your NixOS configuration:
|
||||||
</para>
|
</para>
|
||||||
<screen>$ sudo `which nixos-generate-config` --root /mnt</screen>
|
<screen><prompt>$ </prompt>sudo `which nixos-generate-config` --root /mnt</screen>
|
||||||
<para>
|
<para>
|
||||||
You'll probably want to edit the configuration files. Refer to the
|
You'll probably want to edit the configuration files. Refer to the
|
||||||
<literal>nixos-generate-config</literal> step in
|
<literal>nixos-generate-config</literal> step in
|
||||||
|
@ -148,8 +148,8 @@ $ nix-channel --add https://nixos.org/channels/nixos-<replaceable>version</repla
|
||||||
distribution:
|
distribution:
|
||||||
</para>
|
</para>
|
||||||
<screen>
|
<screen>
|
||||||
$ sudo groupadd -g 30000 nixbld
|
<prompt>$ </prompt>sudo groupadd -g 30000 nixbld
|
||||||
$ sudo useradd -u 30000 -g nixbld -G nixbld nixbld</screen>
|
<prompt>$ </prompt>sudo useradd -u 30000 -g nixbld -G nixbld nixbld</screen>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
|
@ -161,7 +161,7 @@ $ sudo useradd -u 30000 -g nixbld -G nixbld nixbld</screen>
|
||||||
existing systems without the help of a rescue USB drive or similar.
|
existing systems without the help of a rescue USB drive or similar.
|
||||||
</para>
|
</para>
|
||||||
</warning>
|
</warning>
|
||||||
<screen>$ sudo PATH="$PATH" NIX_PATH="$NIX_PATH" `which nixos-install` --root /mnt</screen>
|
<screen><prompt>$ </prompt>sudo PATH="$PATH" NIX_PATH="$NIX_PATH" `which nixos-install` --root /mnt</screen>
|
||||||
<para>
|
<para>
|
||||||
Again, please refer to the <literal>nixos-install</literal> step in
|
Again, please refer to the <literal>nixos-install</literal> step in
|
||||||
<xref linkend="sec-installation" /> for more information.
|
<xref linkend="sec-installation" /> for more information.
|
||||||
|
@ -175,8 +175,8 @@ $ sudo useradd -u 30000 -g nixbld -G nixbld nixbld</screen>
|
||||||
Optionally, you may want to clean up your non-NixOS distribution:
|
Optionally, you may want to clean up your non-NixOS distribution:
|
||||||
</para>
|
</para>
|
||||||
<screen>
|
<screen>
|
||||||
$ sudo userdel nixbld
|
<prompt>$ </prompt>sudo userdel nixbld
|
||||||
$ sudo groupdel nixbld</screen>
|
<prompt>$ </prompt>sudo groupdel nixbld</screen>
|
||||||
<para>
|
<para>
|
||||||
If you do not wish to keep the Nix package manager installed either, run
|
If you do not wish to keep the Nix package manager installed either, run
|
||||||
something like <literal>sudo rm -rv ~/.nix-* /nix</literal> and remove the
|
something like <literal>sudo rm -rv ~/.nix-* /nix</literal> and remove the
|
||||||
|
@ -193,7 +193,7 @@ $ sudo groupdel nixbld</screen>
|
||||||
<para>
|
<para>
|
||||||
Generate your NixOS configuration:
|
Generate your NixOS configuration:
|
||||||
</para>
|
</para>
|
||||||
<screen>$ sudo `which nixos-generate-config` --root /</screen>
|
<screen><prompt>$ </prompt>sudo `which nixos-generate-config` --root /</screen>
|
||||||
<para>
|
<para>
|
||||||
Note that this will place the generated configuration files in
|
Note that this will place the generated configuration files in
|
||||||
<literal>/etc/nixos</literal>. You'll probably want to edit the
|
<literal>/etc/nixos</literal>. You'll probably want to edit the
|
||||||
|
@ -212,21 +212,21 @@ $ sudo groupdel nixbld</screen>
|
||||||
</para>
|
</para>
|
||||||
<programlisting>
|
<programlisting>
|
||||||
<link linkend="opt-users.users._name__.initialHashedPassword">users.users.root.initialHashedPassword</link> = "";
|
<link linkend="opt-users.users._name__.initialHashedPassword">users.users.root.initialHashedPassword</link> = "";
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
Build the NixOS closure and install it in the <literal>system</literal>
|
Build the NixOS closure and install it in the <literal>system</literal>
|
||||||
profile:
|
profile:
|
||||||
</para>
|
</para>
|
||||||
<screen>$ nix-env -p /nix/var/nix/profiles/system -f '<nixpkgs/nixos>' -I nixos-config=/etc/nixos/configuration.nix -iA system</screen>
|
<screen><prompt>$ </prompt>nix-env -p /nix/var/nix/profiles/system -f '<nixpkgs/nixos>' -I nixos-config=/etc/nixos/configuration.nix -iA system</screen>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
Change ownership of the <literal>/nix</literal> tree to root (since your
|
Change ownership of the <literal>/nix</literal> tree to root (since your
|
||||||
Nix install was probably single user):
|
Nix install was probably single user):
|
||||||
</para>
|
</para>
|
||||||
<screen>$ sudo chown -R 0.0 /nix</screen>
|
<screen><prompt>$ </prompt>sudo chown -R 0.0 /nix</screen>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
|
@ -284,16 +284,16 @@ $ sudo groupdel nixbld</screen>
|
||||||
Let's create the files:
|
Let's create the files:
|
||||||
</para>
|
</para>
|
||||||
<screen>
|
<screen>
|
||||||
$ sudo touch /etc/NIXOS
|
<prompt>$ </prompt>sudo touch /etc/NIXOS
|
||||||
$ sudo touch /etc/NIXOS_LUSTRATE
|
<prompt>$ </prompt>sudo touch /etc/NIXOS_LUSTRATE
|
||||||
</screen>
|
</screen>
|
||||||
<para>
|
<para>
|
||||||
Let's also make sure the NixOS configuration files are kept once we reboot
|
Let's also make sure the NixOS configuration files are kept once we reboot
|
||||||
on NixOS:
|
on NixOS:
|
||||||
</para>
|
</para>
|
||||||
<screen>
|
<screen>
|
||||||
$ echo etc/nixos | sudo tee -a /etc/NIXOS_LUSTRATE
|
<prompt>$ </prompt>echo etc/nixos | sudo tee -a /etc/NIXOS_LUSTRATE
|
||||||
</screen>
|
</screen>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>
|
<para>
|
||||||
|
@ -312,8 +312,9 @@ $ echo etc/nixos | sudo tee -a /etc/NIXOS_LUSTRATE
|
||||||
</para>
|
</para>
|
||||||
</warning>
|
</warning>
|
||||||
<screen>
|
<screen>
|
||||||
$ sudo mv -v /boot /boot.bak &&
|
<prompt>$ </prompt>sudo mv -v /boot /boot.bak &&
|
||||||
sudo /nix/var/nix/profiles/system/bin/switch-to-configuration boot</screen>
|
sudo /nix/var/nix/profiles/system/bin/switch-to-configuration boot
|
||||||
|
</screen>
|
||||||
<para>
|
<para>
|
||||||
Cross your fingers, reboot, hopefully you should get a NixOS prompt!
|
Cross your fingers, reboot, hopefully you should get a NixOS prompt!
|
||||||
</para>
|
</para>
|
||||||
|
|
|
@ -525,7 +525,7 @@ $ nix-env -i w3m</screen>
|
||||||
|
|
||||||
<example xml:id='ex-config'>
|
<example xml:id='ex-config'>
|
||||||
<title>NixOS Configuration</title>
|
<title>NixOS Configuration</title>
|
||||||
<screen>
|
<programlisting>
|
||||||
{ config, pkgs, ... }: {
|
{ config, pkgs, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
# Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
|
@ -543,7 +543,7 @@ $ nix-env -i w3m</screen>
|
||||||
# Enable the OpenSSH server.
|
# Enable the OpenSSH server.
|
||||||
services.sshd.enable = true;
|
services.sshd.enable = true;
|
||||||
}
|
}
|
||||||
</screen>
|
</programlisting>
|
||||||
</example>
|
</example>
|
||||||
</section>
|
</section>
|
||||||
<section xml:id="sec-installation-additional-notes">
|
<section xml:id="sec-installation-additional-notes">
|
||||||
|
|
|
@ -626,17 +626,17 @@
|
||||||
xlink:href="https://nixos.org/nixpkgs/manual/#sec-overlays-install">
|
xlink:href="https://nixos.org/nixpkgs/manual/#sec-overlays-install">
|
||||||
overlays</link>. For example, the following code:
|
overlays</link>. For example, the following code:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
let
|
let
|
||||||
pkgs = import <nixpkgs> {};
|
pkgs = import <nixpkgs> {};
|
||||||
in
|
in
|
||||||
pkgs.overridePackages (self: super: ...)
|
pkgs.overridePackages (self: super: ...)
|
||||||
</programlisting>
|
</programlisting>
|
||||||
should be replaced by:
|
should be replaced by:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
let
|
let
|
||||||
pkgs = import <nixpkgs> {};
|
pkgs = import <nixpkgs> {};
|
||||||
in
|
in
|
||||||
import pkgs.path { overlays = [(self: super: ...)]; }
|
import pkgs.path { overlays = [(self: super: ...)]; }
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
<filename>configuration.nix</filename>:
|
<filename>configuration.nix</filename>:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
<xref linkend="opt-services.flatpak.enable"/> = true;
|
<xref linkend="opt-services.flatpak.enable"/> = true;
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
For the sandboxed apps to work correctly, desktop integration portals need to
|
For the sandboxed apps to work correctly, desktop integration portals need to
|
||||||
|
@ -30,27 +30,27 @@
|
||||||
<filename>configuration.nix</filename>:
|
<filename>configuration.nix</filename>:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
<xref linkend="opt-services.flatpak.extraPortals"/> = [ pkgs.xdg-desktop-portal-gtk ];
|
<xref linkend="opt-services.flatpak.extraPortals"/> = [ pkgs.xdg-desktop-portal-gtk ];
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
Then, you will need to add a repository, for example,
|
Then, you will need to add a repository, for example,
|
||||||
<link xlink:href="https://github.com/flatpak/flatpak/wiki">Flathub</link>,
|
<link xlink:href="https://github.com/flatpak/flatpak/wiki">Flathub</link>,
|
||||||
either using the following commands:
|
either using the following commands:
|
||||||
<programlisting>
|
<screen>
|
||||||
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
|
<prompt>$ </prompt>flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
|
||||||
flatpak update
|
<prompt>$ </prompt>flatpak update
|
||||||
</programlisting>
|
</screen>
|
||||||
or by opening the
|
or by opening the
|
||||||
<link xlink:href="https://flathub.org/repo/flathub.flatpakrepo">repository
|
<link xlink:href="https://flathub.org/repo/flathub.flatpakrepo">repository
|
||||||
file</link> in GNOME Software.
|
file</link> in GNOME Software.
|
||||||
</para>
|
</para>
|
||||||
<para>
|
<para>
|
||||||
Finally, you can search and install programs:
|
Finally, you can search and install programs:
|
||||||
<programlisting>
|
<screen>
|
||||||
flatpak search bustle
|
<prompt>$ </prompt>flatpak search bustle
|
||||||
flatpak install flathub org.freedesktop.Bustle
|
<prompt>$ </prompt>flatpak install flathub org.freedesktop.Bustle
|
||||||
flatpak run org.freedesktop.Bustle
|
<prompt>$ </prompt>flatpak run org.freedesktop.Bustle
|
||||||
</programlisting>
|
</screen>
|
||||||
Again, GNOME Software offers graphical interface for these tasks.
|
Again, GNOME Software offers graphical interface for these tasks.
|
||||||
</para>
|
</para>
|
||||||
</chapter>
|
</chapter>
|
||||||
|
|
|
@ -112,65 +112,65 @@
|
||||||
directory, which will be called postfix.nix and contains all exporter
|
directory, which will be called postfix.nix and contains all exporter
|
||||||
specific options and configuration:
|
specific options and configuration:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
# nixpgs/nixos/modules/services/prometheus/exporters/postfix.nix
|
# nixpgs/nixos/modules/services/prometheus/exporters/postfix.nix
|
||||||
{ config, lib, pkgs }:
|
{ config, lib, pkgs }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
# for convenience we define cfg here
|
# for convenience we define cfg here
|
||||||
cfg = config.services.prometheus.exporters.postfix;
|
cfg = config.services.prometheus.exporters.postfix;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
port = 9154; # The postfix exporter listens on this port by default
|
port = 9154; # The postfix exporter listens on this port by default
|
||||||
|
|
||||||
# `extraOpts` is an attribute set which contains additional options
|
# `extraOpts` is an attribute set which contains additional options
|
||||||
# (and optional overrides for default options).
|
# (and optional overrides for default options).
|
||||||
# Note that this attribute is optional.
|
# Note that this attribute is optional.
|
||||||
extraOpts = {
|
extraOpts = {
|
||||||
telemetryPath = mkOption {
|
telemetryPath = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "/metrics";
|
default = "/metrics";
|
||||||
description = ''
|
description = ''
|
||||||
Path under which to expose metrics.
|
Path under which to expose metrics.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
logfilePath = mkOption {
|
logfilePath = mkOption {
|
||||||
type = types.path;
|
type = types.path;
|
||||||
default = /var/log/postfix_exporter_input.log;
|
default = /var/log/postfix_exporter_input.log;
|
||||||
example = /var/log/mail.log;
|
example = /var/log/mail.log;
|
||||||
description = ''
|
description = ''
|
||||||
Path where Postfix writes log entries.
|
Path where Postfix writes log entries.
|
||||||
This file will be truncated by this exporter!
|
This file will be truncated by this exporter!
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
showqPath = mkOption {
|
showqPath = mkOption {
|
||||||
type = types.path;
|
type = types.path;
|
||||||
default = /var/spool/postfix/public/showq;
|
default = /var/spool/postfix/public/showq;
|
||||||
example = /var/lib/postfix/queue/public/showq;
|
example = /var/lib/postfix/queue/public/showq;
|
||||||
description = ''
|
description = ''
|
||||||
Path at which Postfix places its showq socket.
|
Path at which Postfix places its showq socket.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# `serviceOpts` is an attribute set which contains configuration
|
# `serviceOpts` is an attribute set which contains configuration
|
||||||
# for the exporter's systemd service. One of
|
# for the exporter's systemd service. One of
|
||||||
# `serviceOpts.script` and `serviceOpts.serviceConfig.ExecStart`
|
# `serviceOpts.script` and `serviceOpts.serviceConfig.ExecStart`
|
||||||
# has to be specified here. This will be merged with the default
|
# has to be specified here. This will be merged with the default
|
||||||
# service confiuration.
|
# service confiuration.
|
||||||
serviceOpts = {
|
serviceOpts = {
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = ''
|
ExecStart = ''
|
||||||
${pkgs.prometheus-postfix-exporter}/bin/postfix_exporter \
|
${pkgs.prometheus-postfix-exporter}/bin/postfix_exporter \
|
||||||
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
|
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
|
||||||
--web.telemetry-path ${cfg.telemetryPath} \
|
--web.telemetry-path ${cfg.telemetryPath} \
|
||||||
${concatStringsSep " \\\n " cfg.extraFlags}
|
${concatStringsSep " \\\n " cfg.extraFlags}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
|
|
|
@ -86,10 +86,10 @@ in
|
||||||
|
|
||||||
<note>
|
<note>
|
||||||
<para>If you use the firewall consider adding the following:</para>
|
<para>If you use the firewall consider adding the following:</para>
|
||||||
<programlisting>
|
<programlisting>
|
||||||
networking.firewall.allowedTCPPorts = [ 139 445 ];
|
networking.firewall.allowedTCPPorts = [ 139 445 ];
|
||||||
networking.firewall.allowedUDPPorts = [ 137 138 ];
|
networking.firewall.allowedUDPPorts = [ 137 138 ];
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</note>
|
</note>
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
To enable the client proxy, set
|
To enable the client proxy, set
|
||||||
<programlisting>
|
<programlisting>
|
||||||
<xref linkend="opt-services.dnscrypt-proxy.enable"/> = true;
|
<xref linkend="opt-services.dnscrypt-proxy.enable"/> = true;
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
|
@ -36,7 +36,7 @@
|
||||||
the other client to it:
|
the other client to it:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
<xref linkend="opt-services.dnscrypt-proxy.localPort"/> = 43;
|
<xref linkend="opt-services.dnscrypt-proxy.localPort"/> = 43;
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<sect2 xml:id="sec-dnscrypt-proxy-forwarder-dsnmasq">
|
<sect2 xml:id="sec-dnscrypt-proxy-forwarder-dsnmasq">
|
||||||
|
@ -47,7 +47,7 @@
|
||||||
<xref linkend="opt-services.dnsmasq.enable"/> = true;
|
<xref linkend="opt-services.dnsmasq.enable"/> = true;
|
||||||
<xref linkend="opt-services.dnsmasq.servers"/> = [ "127.0.0.1#43" ];
|
<xref linkend="opt-services.dnsmasq.servers"/> = [ "127.0.0.1#43" ];
|
||||||
}
|
}
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
</sect2>
|
</sect2>
|
||||||
|
|
||||||
|
@ -59,7 +59,7 @@
|
||||||
<xref linkend="opt-services.unbound.enable"/> = true;
|
<xref linkend="opt-services.unbound.enable"/> = true;
|
||||||
<xref linkend="opt-services.unbound.forwardAddresses"/> = [ "127.0.0.1@43" ];
|
<xref linkend="opt-services.unbound.forwardAddresses"/> = [ "127.0.0.1@43" ];
|
||||||
}
|
}
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</para>
|
</para>
|
||||||
</sect2>
|
</sect2>
|
||||||
</sect1>
|
</sect1>
|
||||||
|
|
|
@ -101,17 +101,17 @@ in
|
||||||
'';
|
'';
|
||||||
example = literalExample ''
|
example = literalExample ''
|
||||||
# near constant pings.
|
# near constant pings.
|
||||||
step = 30
|
step = 30
|
||||||
pings = 20
|
pings = 20
|
||||||
# consfn mrhb steps total
|
# consfn mrhb steps total
|
||||||
AVERAGE 0.5 1 10080
|
AVERAGE 0.5 1 10080
|
||||||
AVERAGE 0.5 12 43200
|
AVERAGE 0.5 12 43200
|
||||||
MIN 0.5 12 43200
|
MIN 0.5 12 43200
|
||||||
MAX 0.5 12 43200
|
MAX 0.5 12 43200
|
||||||
AVERAGE 0.5 144 7200
|
AVERAGE 0.5 144 7200
|
||||||
MAX 0.5 144 7200
|
MAX 0.5 144 7200
|
||||||
MIN 0.5 144 7200
|
MIN 0.5 144 7200
|
||||||
'';
|
'';
|
||||||
description = ''Configure the ping frequency and retention of the rrd files.
|
description = ''Configure the ping frequency and retention of the rrd files.
|
||||||
Once set, changing the interval will require deletion or migration of all
|
Once set, changing the interval will require deletion or migration of all
|
||||||
the collected data.'';
|
the collected data.'';
|
||||||
|
|
|
@ -21,18 +21,18 @@
|
||||||
passwordless database authentication via the UNIX_SOCKET authentication
|
passwordless database authentication via the UNIX_SOCKET authentication
|
||||||
plugin with the following SQL commands:
|
plugin with the following SQL commands:
|
||||||
<programlisting>
|
<programlisting>
|
||||||
# For MariaDB
|
# For MariaDB
|
||||||
INSTALL PLUGIN unix_socket SONAME 'auth_socket';
|
INSTALL PLUGIN unix_socket SONAME 'auth_socket';
|
||||||
CREATE DATABASE matomo;
|
CREATE DATABASE matomo;
|
||||||
CREATE USER 'matomo'@'localhost' IDENTIFIED WITH unix_socket;
|
CREATE USER 'matomo'@'localhost' IDENTIFIED WITH unix_socket;
|
||||||
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'localhost';
|
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'localhost';
|
||||||
|
|
||||||
# For MySQL
|
# For MySQL
|
||||||
INSTALL PLUGIN auth_socket SONAME 'auth_socket.so';
|
INSTALL PLUGIN auth_socket SONAME 'auth_socket.so';
|
||||||
CREATE DATABASE matomo;
|
CREATE DATABASE matomo;
|
||||||
CREATE USER 'matomo'@'localhost' IDENTIFIED WITH auth_socket;
|
CREATE USER 'matomo'@'localhost' IDENTIFIED WITH auth_socket;
|
||||||
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'localhost';
|
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'localhost';
|
||||||
</programlisting>
|
</programlisting>
|
||||||
Then fill in <literal>matomo</literal> as database user and database name,
|
Then fill in <literal>matomo</literal> as database user and database name,
|
||||||
and leave the password field blank. This authentication works by allowing
|
and leave the password field blank. This authentication works by allowing
|
||||||
only the <literal>matomo</literal> unix user to authenticate as the
|
only the <literal>matomo</literal> unix user to authenticate as the
|
||||||
|
|
Loading…
Reference in a new issue