mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-06-09 17:46:29 +09:00
treewide: fix typos in comments (#413240)
This commit is contained in:
Pol Dellaiera
commit
6d9d3014ba
GPG key ID:
B5690EEEBB952194
88 changed files with 110 additions and 110 deletions
|
|
@ -45,7 +45,7 @@
|
|||
|
||||
Documentation rendered as AsciiDoc. This is useful for e.g. man pages.
|
||||
|
||||
> Note: NixOS itself uses this ouput to to build the configuration.nix man page"
|
||||
> Note: NixOS itself uses this output to to build the configuration.nix man page"
|
||||
|
||||
## optionsNix
|
||||
|
||||
|
|
@ -59,7 +59,7 @@
|
|||
let
|
||||
# Evaluate a NixOS configuration
|
||||
eval = import (pkgs.path + "/nixos/lib/eval-config.nix") {
|
||||
# Overriden explicitly here, this would include all modules from NixOS otherwise.
|
||||
# Overridden explicitly here, this would include all modules from NixOS otherwise.
|
||||
# See: docs of eval-config.nix for more details
|
||||
baseModules = [];
|
||||
modules = [
|
||||
|
|
|
|||
|
|
@ -130,7 +130,7 @@ let
|
|||
virtualisation.test.nodeName = mkOption {
|
||||
internal = true;
|
||||
default = name;
|
||||
# We need to force this in specilisations, otherwise it'd be
|
||||
# We need to force this in specialisations, otherwise it'd be
|
||||
# readOnly = true;
|
||||
description = ''
|
||||
The `name` in `nodes.<name>`; stable across `specialisations`.
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ let
|
|||
inherit (eval) pkgs;
|
||||
|
||||
excludedTestOptions = [
|
||||
# We cannot evluate _module.args, as it is used during the computation
|
||||
# We cannot evaluate _module.args, as it is used during the computation
|
||||
# of the modules list.
|
||||
"_module.args"
|
||||
|
||||
|
|
|
|||
|
|
@ -273,7 +273,7 @@ in
|
|||
caddy = 239;
|
||||
taskd = 240;
|
||||
# factorio = 241; # DynamicUser = true
|
||||
# emby = 242; # unusued, removed 2019-05-01
|
||||
# emby = 242; # unused, removed 2019-05-01
|
||||
#graylog = 243;# dynamically allocated as of 2021-09-03
|
||||
sniproxy = 244;
|
||||
nzbget = 245;
|
||||
|
|
@ -371,7 +371,7 @@ in
|
|||
# system user or group of the same id in someone else's NixOS.
|
||||
# This could break their system and make that person upset for a whole day.
|
||||
#
|
||||
# Sidenote: the default is defined in `shadow` module[2], and the relavent change
|
||||
# Sidenote: the default is defined in `shadow` module[2], and the relevant change
|
||||
# was made way back in 2014[3].
|
||||
#
|
||||
# [1]: https://man7.org/linux/man-pages/man5/login.defs.5.html#:~:text=SYS_UID_MAX%20(number)%2C%20SYS_UID_MIN%20(number)
|
||||
|
|
@ -700,7 +700,7 @@ in
|
|||
# system user or group of the same id in someone else's NixOS.
|
||||
# This could break their system and make that person upset for a whole day.
|
||||
#
|
||||
# Sidenote: the default is defined in `shadow` module[2], and the relavent change
|
||||
# Sidenote: the default is defined in `shadow` module[2], and the relevant change
|
||||
# was made way back in 2014[3].
|
||||
#
|
||||
# [1]: https://man7.org/linux/man-pages/man5/login.defs.5.html#:~:text=SYS_UID_MAX%20(number)%2C%20SYS_UID_MIN%20(number)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# This profile sets up a sytem for image based appliance usage. An appliance is
|
||||
# This profile sets up a system for image based appliance usage. An appliance is
|
||||
# installed as an image, cannot be re-built, has no Nix available, and is
|
||||
# generally not meant for interactive use. Updates to such an appliance are
|
||||
# handled by updating whole partition images via a tool like systemd-sysupdate.
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ in
|
|||
# software rendering to implement GLX (OpenGL on Xorg).
|
||||
# However, just building TurboVNC with support for that is not enough
|
||||
# (it only takes care of the X server side part of OpenGL);
|
||||
# the indiviudual applications (e.g. `glxgears`) also need to directly load
|
||||
# the individual applications (e.g. `glxgears`) also need to directly load
|
||||
# the OpenGL libs.
|
||||
# Thus, this creates `/run/opengl-driver` populated by Mesa so that the applications
|
||||
# can find the llvmpipe `swrast.so` software rendering DRI lib via `libglvnd`.
|
||||
|
|
|
|||
|
|
@ -139,7 +139,7 @@ let
|
|||
[
|
||||
(yamlFormat.generate "helm-chart-manifest-${name}.yaml" (mkHelmChartCR name value))
|
||||
]
|
||||
# alternate the YAML doc seperator (---) and extraDeploy manifests to create
|
||||
# alternate the YAML doc separator (---) and extraDeploy manifests to create
|
||||
# multi document YAMLs
|
||||
++ (lib.concatMap (x: [
|
||||
yamlDocSeparator
|
||||
|
|
|
|||
|
|
@ -143,7 +143,7 @@ in
|
|||
lib.mkDefault (json.generate "bonsai_tree.json" (filterNulls cfg.settings));
|
||||
|
||||
# bonsaid is controlled by bonsaictl, so place the latter in the environment by default.
|
||||
# bonsaictl is typically invoked by scripts or a DE so this isn't strictly necesssary,
|
||||
# bonsaictl is typically invoked by scripts or a DE so this isn't strictly necessary,
|
||||
# but it's helpful while administering the service generally.
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
|
|
|
|||
|
|
@ -176,7 +176,7 @@ in
|
|||
# need to be writeable, so we can't just point at the ones in the nix
|
||||
# store. Instead we take the approach of copying them out of the store
|
||||
# on first run. If `bookarch` already exists, we assume the rest of the
|
||||
# files do as well, and copy nothing -- otherwise we risk ovewriting
|
||||
# files do as well, and copy nothing -- otherwise we risk overwriting
|
||||
# server state information every time the server is upgraded.
|
||||
preStart = ''
|
||||
if [ ! -e "${cfg.stateDir}"/bookarch ]; then
|
||||
|
|
|
|||
|
|
@ -201,7 +201,7 @@ let
|
|||
# the old service and then starts the new service after config updates.
|
||||
# Since we use path-based activation[1] here, the service unit will
|
||||
# immediately[2] be started by the path unit. Probably that start is
|
||||
# before config updates, whcih causes the service unit to use the old
|
||||
# before config updates, which causes the service unit to use the old
|
||||
# config after nixos-rebuild switch. Setting stopIfChanged to false works
|
||||
# around this issue by restarting the service after config updates.
|
||||
# [0]: https://nixos.org/manual/nixos/unstable/#sec-switching-systems
|
||||
|
|
|
|||
|
|
@ -107,7 +107,7 @@ in
|
|||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
# Upstream Recommandation
|
||||
# Upstream Recommendation
|
||||
LimitNOFILE = 20500;
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -91,7 +91,7 @@ in
|
|||
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.below ];
|
||||
# /etc/below.conf is also refered to by the `below` CLI tool,
|
||||
# /etc/below.conf is also referred to by the `below` CLI tool,
|
||||
# so this can't be a store-only file whose path is passed to the service
|
||||
environment.etc."below/below.conf".text = cfgContents;
|
||||
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ in
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
|
||||
# set up Security wrapper Same as inteded in deb post install
|
||||
# set up Security wrapper Same as intended in deb post install
|
||||
security.wrappers.cato-clientd = {
|
||||
source = "${cfg.package}/bin/cato-clientd";
|
||||
owner = "root";
|
||||
|
|
|
|||
|
|
@ -289,7 +289,7 @@ in
|
|||
|
||||
{
|
||||
# Note: we want by default to enable OpenSSL, but it seems anything 100 and above is
|
||||
# overriden by default value from vhost-options.nix
|
||||
# overridden by default value from vhost-options.nix
|
||||
enableACME = mkOverride 99 true;
|
||||
forceSSL = mkOverride 99 true;
|
||||
locations.${cfg.nginx.path} = {
|
||||
|
|
|
|||
|
|
@ -550,7 +550,7 @@ in
|
|||
User = client.user.name;
|
||||
Group = client.user.group;
|
||||
|
||||
# settings implied by DynamicUser=true, without actully using it,
|
||||
# settings implied by DynamicUser=true, without actually using it,
|
||||
# see https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#DynamicUser=
|
||||
RemoveIPC = true;
|
||||
PrivateTmp = true;
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@ in
|
|||
# special options as its public anyway
|
||||
# As far as I know leaking this secret is just
|
||||
# an information leak as one can fetch some basic app
|
||||
# informations from the IDP
|
||||
# information from the IDP
|
||||
# To actually do something one still needs to have login
|
||||
# data and this secret so this being public will not
|
||||
# suffice for anything just decreasing security
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ let
|
|||
# values must be separated by whitespace or even commas.
|
||||
# Consult either sshd_config(5) or, as last resort, the OpehSSH source for parsing
|
||||
# the options at servconf.c:process_server_config_line_depth() to determine the right "mode"
|
||||
# for each. But fortunaly this fact is documented for most of them in the manpage.
|
||||
# for each. But fortunately this fact is documented for most of them in the manpage.
|
||||
commaSeparated = [
|
||||
"Ciphers"
|
||||
"KexAlgorithms"
|
||||
|
|
|
|||
|
|
@ -133,7 +133,7 @@ in
|
|||
|
||||
services.yggdrasil.settings.Listen =
|
||||
let
|
||||
# By default linux dynamically alocates ports in range 32768..60999
|
||||
# By default linux dynamically allocates ports in range 32768..60999
|
||||
# `sysctl net.ipv4.ip_local_port_range`
|
||||
# See: https://xkcd.com/221/
|
||||
prot_port = {
|
||||
|
|
|
|||
|
|
@ -295,7 +295,7 @@ let
|
|||
(
|
||||
lib.mapAttrs (
|
||||
k: v:
|
||||
# Not necesssary, but prettier rendering
|
||||
# Not necessary, but prettier rendering
|
||||
if
|
||||
lib.elem k [
|
||||
"AutomapHostsSuffixes"
|
||||
|
|
|
|||
|
|
@ -348,7 +348,7 @@ in
|
|||
else if
|
||||
pgsqlLocal
|
||||
# note: davis expects a non-standard postgres uri (due to the underlying doctrine library)
|
||||
# specifically the dummy hostname which is overriden by the host query parameter
|
||||
# specifically the dummy hostname which is overridden by the host query parameter
|
||||
then
|
||||
"postgres://${user}@localhost/${db.name}?host=/run/postgresql"
|
||||
else if mysqlLocal then
|
||||
|
|
|
|||
|
|
@ -224,7 +224,7 @@ in
|
|||
# Thus, disable distribution for improved simplicity and security:
|
||||
#
|
||||
# When distribution is enabled,
|
||||
# Elixir spwans the Erlang VM, which will listen by default on all
|
||||
# Elixir spawns the Erlang VM, which will listen by default on all
|
||||
# interfaces for messages between Erlang nodes (capable of
|
||||
# remote code execution); it can be protected by a cookie; see
|
||||
# https://erlang.org/doc/reference_manual/distributed.html#security).
|
||||
|
|
|
|||
|
|
@ -132,7 +132,7 @@ in
|
|||
{
|
||||
|
||||
# coming from https://github.com/windmill-labs/windmill/blob/main/init-db-as-superuser.sql
|
||||
# modified to not grant priviledges on all tables
|
||||
# modified to not grant privileges on all tables
|
||||
# create role windmill_user and windmill_admin only if they don't exist
|
||||
postgresql.postStart = lib.mkIf cfg.database.createLocally (
|
||||
lib.mkAfter ''
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ in
|
|||
|
||||
# Enable cloud-init by default for waagent.
|
||||
# Otherwise waagent would try manage networking using ifupdown,
|
||||
# which is currently not availeble in nixpkgs.
|
||||
# which is currently not available in nixpkgs.
|
||||
services.cloud-init.enable = true;
|
||||
services.cloud-init.network.enable = true;
|
||||
systemd.services.cloud-config.serviceConfig.Restart = "on-failure";
|
||||
|
|
|
|||
|
|
@ -105,7 +105,7 @@ in
|
|||
splashImage = null;
|
||||
# For Gen 1 VM, configurate grub output to serial_com0.
|
||||
# Not needed for Gen 2 VM wbere serial_com0 does not exist,
|
||||
# and outputing to console is enough to make Azure Serial Console working
|
||||
# and outputting to console is enough to make Azure Serial Console working
|
||||
extraConfig = lib.mkIf (!efiSupport) ''
|
||||
serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
|
||||
terminal_input --append serial
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ let
|
|||
convert =
|
||||
attrs:
|
||||
pipe (recurse [ ] attrs) [
|
||||
# Filter out null values and emoty lists
|
||||
# Filter out null values and empty lists
|
||||
(filter (kv: kv.value != null && kv.value != [ ]))
|
||||
# Transform to Key=Value form, then concatenate
|
||||
(map (kv: "${kv.name}=${transform kv.value}"))
|
||||
|
|
|
|||
|
|
@ -65,8 +65,8 @@ in
|
|||
repartConfig = {
|
||||
Type = "esp";
|
||||
Format = "vfat";
|
||||
# Minimize = "guess" seems to not work very vell for vfat
|
||||
# partitons. It's better to set a sensible default instead. The
|
||||
# Minimize = "guess" seems to not work very well for vfat
|
||||
# partitions. It's better to set a sensible default instead. The
|
||||
# aarch64 kernel seems to generally be a little bigger than the
|
||||
# x86_64 kernel. To stay on the safe side, leave some more slack
|
||||
# for every platform other than x86_64.
|
||||
|
|
|
|||
|
|
@ -94,7 +94,7 @@ in
|
|||
) cfg.configuration.security.acme.certs
|
||||
)
|
||||
# A specialisation's config is nested under its configuration attribute.
|
||||
# For ease of use, nest the root node's configuration simiarly.
|
||||
# For ease of use, nest the root node's configuration similarly.
|
||||
([ { configuration = node; } ] ++ (builtins.attrValues node.specialisation))
|
||||
)
|
||||
);
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
# this test works doing a migration and asserting ntfy-sh runs properly. first,
|
||||
# ntfy-sh is configured to use a static user and group. then ntfy-sh is
|
||||
# started and tested. after that, ntfy-sh is shut down and a systemd drop
|
||||
# in configuration file is used to upate the service configuration to use
|
||||
# in configuration file is used to update the service configuration to use
|
||||
# DynamicUser=true. then the ntfy-sh is started again and tested.
|
||||
|
||||
import ./make-test-python.nix {
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
# - downloading the file over sftp
|
||||
# - assert that the ACLs are respected
|
||||
# - share a file between alice and bob (using sftp)
|
||||
# - assert that eve cannot acceess the shared folder between alice and bob.
|
||||
# - assert that eve cannot access the shared folder between alice and bob.
|
||||
#
|
||||
# Additional test coverage for the remaining protocols (i.e. ftp, http and webdav)
|
||||
# would be a nice to have for the future.
|
||||
|
|
@ -333,7 +333,7 @@ in
|
|||
testScript =
|
||||
{ nodes, ... }:
|
||||
let
|
||||
# A function to generate test cases for wheter
|
||||
# A function to generate test cases for whether
|
||||
# a specified username is expected to access the shared folder.
|
||||
accessSharedFoldersSubtest =
|
||||
{
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# Tests downloading a signed update aritfact from a server to a target machine.
|
||||
# Tests downloading a signed update artifact from a server to a target machine.
|
||||
# This test does not rely on the `systemd.timer` units provided by the
|
||||
# `systemd-sysupdate` module but triggers the `systemd-sysupdate` service
|
||||
# manually to make the test more robust.
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
# correct time, we need to connect to an NTP server, which usually requires resolving its hostname.
|
||||
#
|
||||
# This test does the following:
|
||||
# - Sets up a DNS server (tinydns) listening on the eth1 ip addess, serving .ntp and fake.ntp records.
|
||||
# - Sets up a DNS server (tinydns) listening on the eth1 ip address, serving .ntp and fake.ntp records.
|
||||
# - Configures that DNS server as a resolver and enables DNSSEC in systemd-resolved settings.
|
||||
# - Configures systemd-timesyncd to use fake.ntp hostname as an NTP server.
|
||||
# - Performs a regular DNS lookup, to ensure it fails due to broken DNSSEC.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue