diff --git a/lib/generators.nix b/lib/generators.nix
index 4317e49c2538f..7704767428310 100644
--- a/lib/generators.nix
+++ b/lib/generators.nix
@@ -597,11 +597,13 @@ in rec {
(expr "\t${ind}" value)
]) x));
- in ''
-
-
-${expr "" v}
-'';
+ in
+ ''
+
+
+
+ ${expr "" v}
+ '';
/**
Translate a simple Nix expression to Dhall notation.
diff --git a/lib/lists.nix b/lib/lists.nix
index ca436d7a9c94b..4a325bb307afa 100644
--- a/lib/lists.nix
+++ b/lib/lists.nix
@@ -1748,8 +1748,8 @@ rec {
```
:::
*/
- crossLists = warn
- ''lib.crossLists is deprecated, use lib.mapCartesianProduct instead.
+ crossLists = warn ''
+ lib.crossLists is deprecated, use lib.mapCartesianProduct instead.
For example, the following function call:
diff --git a/lib/meta.nix b/lib/meta.nix
index 798e7e74918cc..dc279d9cc55fc 100644
--- a/lib/meta.nix
+++ b/lib/meta.nix
@@ -475,7 +475,7 @@ rec {
"lib.meta.getExe': The first argument is of type ${typeOf x}, but it should be a derivation instead.";
assert assertMsg (isString y)
"lib.meta.getExe': The second argument is of type ${typeOf y}, but it should be a string instead.";
- assert assertMsg (match ".*\/.*" y == null)
+ assert assertMsg (match ".*/.*" y == null)
"lib.meta.getExe': The second argument \"${y}\" is a nested path with a \"/\" character, but it should just be the name of the executable instead.";
"${getBin x}/bin/${y}";
}
diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix
index 3d3165e44913d..7a2c5380a4e59 100644
--- a/nixos/modules/hardware/video/nvidia.nix
+++ b/nixos/modules/hardware/video/nvidia.nix
@@ -17,7 +17,7 @@ let
offloadCfg = pCfg.offload;
reverseSyncCfg = pCfg.reverseSync;
primeEnabled = syncCfg.enable || reverseSyncCfg.enable || offloadCfg.enable;
- busIDType = lib.types.strMatching "([[:print:]]+[\:\@][0-9]{1,3}\:[0-9]{1,2}\:[0-9])?";
+ busIDType = lib.types.strMatching "([[:print:]]+[:@][0-9]{1,3}:[0-9]{1,2}:[0-9])?";
ibtSupport = useOpenModules || (nvidia_x11.ibtSupport or false);
settingsFormat = pkgs.formats.keyValue { };
in
diff --git a/nixos/modules/hardware/wooting.nix b/nixos/modules/hardware/wooting.nix
index 101bd2d32010e..d42ca2f4899ab 100644
--- a/nixos/modules/hardware/wooting.nix
+++ b/nixos/modules/hardware/wooting.nix
@@ -1,6 +1,7 @@
{ config, lib, pkgs, ... }:
{
- options.hardware.wooting.enable = lib.mkEnableOption ''support for Wooting keyboards.
+ options.hardware.wooting.enable = lib.mkEnableOption ''
+ support for Wooting keyboards.
Note that users must be in the "input" group for udev rules to apply'';
config = lib.mkIf config.hardware.wooting.enable {
diff --git a/nixos/modules/misc/version.nix b/nixos/modules/misc/version.nix
index 70ee874b4a7f7..8c9987c1bb317 100644
--- a/nixos/modules/misc/version.nix
+++ b/nixos/modules/misc/version.nix
@@ -24,7 +24,7 @@ let
;
needsEscaping = s: null != builtins.match "[a-zA-Z0-9]+" s;
- escapeIfNecessary = s: if needsEscaping s then s else ''"${lib.escape [ "\$" "\"" "\\" "\`" ] s}"'';
+ escapeIfNecessary = s: if needsEscaping s then s else ''"${lib.escape [ "$" "\"" "\\" "`" ] s}"'';
attrsToText =
attrs:
concatStringsSep "\n" (mapAttrsToList (n: v: ''${n}=${escapeIfNecessary (toString v)}'') attrs)
diff --git a/nixos/modules/services/backup/borgbackup.nix b/nixos/modules/services/backup/borgbackup.nix
index 36f2274d5eaac..eecd0931880ff 100644
--- a/nixos/modules/services/backup/borgbackup.nix
+++ b/nixos/modules/services/backup/borgbackup.nix
@@ -95,7 +95,7 @@ let
path = [
config.services.borgbackup.package pkgs.openssh
];
- script = "exec " + lib.optionalString cfg.inhibitsSleep ''\
+ script = "exec " + lib.optionalString cfg.inhibitsSleep ''
${pkgs.systemd}/bin/systemd-inhibit \
--who="borgbackup" \
--what="sleep" \
@@ -173,7 +173,7 @@ let
mode != "none" -> passCommand != null || passphrase != null;
message =
"passCommand or passphrase has to be specified because"
- + '' borgbackup.jobs.${name}.encryption != "none"'';
+ + " borgbackup.jobs.${name}.encryption != \"none\"";
};
mkRepoService = name: cfg:
diff --git a/nixos/modules/services/cluster/kubernetes/apiserver.nix b/nixos/modules/services/cluster/kubernetes/apiserver.nix
index 81e359e0e642a..987bdc5152579 100644
--- a/nixos/modules/services/cluster/kubernetes/apiserver.nix
+++ b/nixos/modules/services/cluster/kubernetes/apiserver.nix
@@ -323,7 +323,8 @@ in
after = [ "network.target" ];
serviceConfig = {
Slice = "kubernetes.slice";
- ExecStart = ''${top.package}/bin/kube-apiserver \
+ ExecStart = ''
+ ${top.package}/bin/kube-apiserver \
--allow-privileged=${boolToString cfg.allowPrivileged} \
--authorization-mode=${concatStringsSep "," cfg.authorizationMode} \
${optionalString (elem "ABAC" cfg.authorizationMode)
diff --git a/nixos/modules/services/cluster/kubernetes/proxy.nix b/nixos/modules/services/cluster/kubernetes/proxy.nix
index 2e3fdc87b4396..7cf2591338d90 100644
--- a/nixos/modules/services/cluster/kubernetes/proxy.nix
+++ b/nixos/modules/services/cluster/kubernetes/proxy.nix
@@ -65,7 +65,8 @@ in
path = with pkgs; [ iptables conntrack-tools ];
serviceConfig = {
Slice = "kubernetes.slice";
- ExecStart = ''${top.package}/bin/kube-proxy \
+ ExecStart = ''
+ ${top.package}/bin/kube-proxy \
--bind-address=${cfg.bindAddress} \
${optionalString (top.clusterCidr!=null)
"--cluster-cidr=${top.clusterCidr}"} \
diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix
index 43829b13c6c02..87fc2d93470c0 100644
--- a/nixos/modules/services/databases/redis.nix
+++ b/nixos/modules/services/databases/redis.nix
@@ -214,7 +214,8 @@ in {
masterAuth = mkOption {
type = with types; nullOr str;
default = null;
- description = ''If the master is password protected (using the requirePass configuration)
+ description = ''
+ If the master is password protected (using the requirePass configuration)
it is possible to tell the slave to authenticate before starting the replication synchronization
process, otherwise the master will refuse the slave request.
(STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)'';
diff --git a/nixos/modules/services/desktops/pipewire/wireplumber.nix b/nixos/modules/services/desktops/pipewire/wireplumber.nix
index cccb892cecf7a..9b07c0eb2ad83 100644
--- a/nixos/modules/services/desktops/pipewire/wireplumber.nix
+++ b/nixos/modules/services/desktops/pipewire/wireplumber.nix
@@ -61,7 +61,8 @@ in
# in sections.
type = attrsOf (attrsOf json.type);
default = { };
- example = literalExpression ''{
+ example = literalExpression ''
+ {
"log-level-debug" = {
"context.properties" = {
# Output Debug log messages as opposed to only the default level (Notice)
@@ -88,7 +89,8 @@ in
}
];
};
- }'';
+ }
+ '';
description = ''
Additional configuration for the WirePlumber daemon when run in
single-instance mode (the default in nixpkgs and currently the only
@@ -166,7 +168,8 @@ in
configPackages = mkOption {
type = listOf package;
default = [ ];
- example = literalExpression ''[
+ example = literalExpression ''
+ [
(pkgs.writeTextDir "share/wireplumber/wireplumber.conf.d/10-bluez.conf" '''
monitor.bluez.properties = {
bluez5.roles = [ a2dp_sink a2dp_source bap_sink bap_source hsp_hs hsp_ag hfp_hf hfp_ag ]
@@ -175,7 +178,8 @@ in
bluez5.hfphsp-backend = "native"
}
''')
- ]'';
+ ]
+ '';
description = ''
List of packages that provide WirePlumber configuration, in the form of
`share/wireplumber/*/*.conf` files.
diff --git a/nixos/modules/services/mail/dovecot.nix b/nixos/modules/services/mail/dovecot.nix
index 4388be30a9350..c513ee9173dfa 100644
--- a/nixos/modules/services/mail/dovecot.nix
+++ b/nixos/modules/services/mail/dovecot.nix
@@ -93,7 +93,7 @@ let
# The idea is to match everything that looks like `$term =`
# but not `# $term something something`
# or `# $term = some value` because those are comments.
- configContainsSetting = lines: term: (match "^[^#]*\b${term}\b.*=" lines) != null;
+ configContainsSetting = lines: term: (match "[[:blank:]]*${term}[[:blank:]]*=.*" lines) != null;
warnAboutExtraConfigCollisions = map mkExtraConfigCollisionWarning (
filter (configContainsSetting cfg.extraConfig) automaticallySetPluginSettings
diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix
index d86f688392dfb..2b10a4d9247db 100644
--- a/nixos/modules/services/misc/gitlab.nix
+++ b/nixos/modules/services/misc/gitlab.nix
@@ -1080,12 +1080,13 @@ in {
warnings = [
(mkIf
(cfg.registry.enable && versionAtLeast (getVersion cfg.packages.gitlab) "16.0.0" && cfg.registry.package == pkgs.docker-distribution)
- ''Support for container registries other than gitlab-container-registry has ended since GitLab 16.0.0 and is scheduled for removal in a future release.
+ ''
+ Support for container registries other than gitlab-container-registry has ended since GitLab 16.0.0 and is scheduled for removal in a future release.
Please back up your data and migrate to the gitlab-container-registry package.''
)
(mkIf
- (versionAtLeast (getVersion cfg.packages.gitlab) "16.2.0" && versionOlder (getVersion cfg.packages.gitlab) "16.5.0")
- ''GitLab instances created or updated between versions [15.11.0, 15.11.2] have an incorrect database schema.
+ (versionAtLeast (getVersion cfg.packages.gitlab) "16.2.0" && versionOlder (getVersion cfg.packages.gitlab) "16.5.0") ''
+ GitLab instances created or updated between versions [15.11.0, 15.11.2] have an incorrect database schema.
Check the upstream documentation for a workaround: https://docs.gitlab.com/ee/update/versions/gitlab_16_changes.html#undefined-column-error-upgrading-to-162-or-later''
)
];
diff --git a/nixos/modules/services/misc/snapper.nix b/nixos/modules/services/misc/snapper.nix
index 42f782bcd6e18..16e9b122741c7 100644
--- a/nixos/modules/services/misc/snapper.nix
+++ b/nixos/modules/services/misc/snapper.nix
@@ -36,7 +36,7 @@ let
};
intOrNumberOrRange = lib.types.either lib.types.ints.unsigned (
- lib.types.strMatching "[[:digit:]]+(\-[[:digit:]]+)?"
+ lib.types.strMatching "[[:digit:]]+(-[[:digit:]]+)?"
// {
description = "string containing either a number or a range";
descriptionClass = "conjunction";
diff --git a/nixos/modules/services/monitoring/prometheus/exporters/smokeping.nix b/nixos/modules/services/monitoring/prometheus/exporters/smokeping.nix
index 0a3ceba88d201..5f85f86ec44f2 100644
--- a/nixos/modules/services/monitoring/prometheus/exporters/smokeping.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters/smokeping.nix
@@ -13,7 +13,7 @@ let
name = "goDuration";
description = "Go duration (https://golang.org/pkg/time/#ParseDuration)";
check =
- x: types.str.check x && builtins.match "(-?[0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+" x != null;
+ x: types.str.check x && builtins.match "(-?[0-9]+(\\.[0-9]+)?(ns|us|µs|ms|s|m|h))+" x != null;
inherit (types.str) merge;
};
in
diff --git a/nixos/modules/services/network-filesystems/ceph.nix b/nixos/modules/services/network-filesystems/ceph.nix
index 5961731dbf446..d71019086f49f 100644
--- a/nixos/modules/services/network-filesystems/ceph.nix
+++ b/nixos/modules/services/network-filesystems/ceph.nix
@@ -42,8 +42,9 @@ let
StateDirectory = stateDirectory;
User = "ceph";
Group = if daemonType == "osd" then "disk" else "ceph";
- ExecStart = ''${ceph.out}/bin/${if daemonType == "rgw" then "radosgw" else "ceph-${daemonType}"} \
- -f --cluster ${clusterName} --id ${daemonId}'';
+ ExecStart = ''
+ ${ceph.out}/bin/${if daemonType == "rgw" then "radosgw" else "ceph-${daemonType}"} \
+ -f --cluster ${clusterName} --id ${daemonId}'';
} // lib.optionalAttrs (daemonType == "osd") {
ExecStartPre = "${ceph.lib}/libexec/ceph/ceph-osd-prestart.sh --id ${daemonId} --cluster ${clusterName}";
RestartSec = "20s";
diff --git a/nixos/modules/services/networking/lxd-image-server.nix b/nixos/modules/services/networking/lxd-image-server.nix
index 98906262ce1eb..34f6ace072b2e 100644
--- a/nixos/modules/services/networking/lxd-image-server.nix
+++ b/nixos/modules/services/networking/lxd-image-server.nix
@@ -105,19 +105,19 @@ in
};
# Serve json files with content type header application/json
- "~ \.json$" = {
+ "~ \\.json$" = {
extraConfig = ''
add_header Content-Type application/json;
'';
};
- "~ \.tar.xz$" = {
+ "~ \\.tar.xz$" = {
extraConfig = ''
add_header Content-Type application/octet-stream;
'';
};
- "~ \.tar.gz$" = {
+ "~ \\.tar.gz$" = {
extraConfig = ''
add_header Content-Type application/octet-stream;
'';
diff --git a/nixos/modules/services/networking/smokeping.nix b/nixos/modules/services/networking/smokeping.nix
index f96853939bd29..483f579b354a3 100644
--- a/nixos/modules/services/networking/smokeping.nix
+++ b/nixos/modules/services/networking/smokeping.nix
@@ -119,7 +119,8 @@ in
MAX 0.5 144 7200
MIN 0.5 144 7200
'';
- description = ''Configure the ping frequency and retention of the rrd files.
+ description = ''
+ Configure the ping frequency and retention of the rrd files.
Once set, changing the interval will require deletion or migration of all
the collected data.'';
};
diff --git a/nixos/modules/services/networking/tinyproxy.nix b/nixos/modules/services/networking/tinyproxy.nix
index 6e07c6a541e9b..bcf8fbbca726b 100644
--- a/nixos/modules/services/networking/tinyproxy.nix
+++ b/nixos/modules/services/networking/tinyproxy.nix
@@ -33,14 +33,16 @@ in
settings = mkOption {
description = "Configuration for [tinyproxy](https://tinyproxy.github.io/).";
default = { };
- example = literalExpression ''{
+ example = literalExpression ''
+ {
Port 8888;
Listen 127.0.0.1;
Timeout 600;
Allow 127.0.0.1;
Anonymous = ['"Host"' '"Authorization"'];
ReversePath = '"/example/" "http://www.example.com/"';
- }'';
+ }
+ '';
type = types.submodule ({name, ...}: {
freeformType = settingsFormat.type;
options = {
diff --git a/nixos/modules/services/networking/wg-quick.nix b/nixos/modules/services/networking/wg-quick.nix
index 369c5a9397659..2130c49f374ec 100644
--- a/nixos/modules/services/networking/wg-quick.nix
+++ b/nixos/modules/services/networking/wg-quick.nix
@@ -194,7 +194,8 @@ let
allowedIPs = mkOption {
example = [ "10.192.122.3/32" "10.192.124.1/24" ];
type = with types; listOf str;
- description = ''List of IP (v4 or v6) addresses with CIDR masks from
+ description = ''
+ List of IP (v4 or v6) addresses with CIDR masks from
which this peer is allowed to send incoming traffic and to which
outgoing traffic for this peer is directed. The catch-all 0.0.0.0/0 may
be specified for matching all IPv4 addresses, and ::/0 may be specified
@@ -205,7 +206,8 @@ let
default = null;
example = "demo.wireguard.io:12913";
type = with types; nullOr str;
- description = ''Endpoint IP or hostname of the peer, followed by a colon,
+ description = ''
+ Endpoint IP or hostname of the peer, followed by a colon,
and then a port number of the peer.'';
};
@@ -213,7 +215,8 @@ let
default = null;
type = with types; nullOr int;
example = 25;
- description = ''This is optional and is by default off, because most
+ description = ''
+ This is optional and is by default off, because most
users will not need it. It represents, in seconds, between 1 and 65535
inclusive, how often to send an authenticated empty packet to the peer,
for the purpose of keeping a stateful firewall or NAT mapping valid
diff --git a/nixos/modules/services/networking/wireguard.nix b/nixos/modules/services/networking/wireguard.nix
index 08e5494b63df9..86628a431c69b 100644
--- a/nixos/modules/services/networking/wireguard.nix
+++ b/nixos/modules/services/networking/wireguard.nix
@@ -127,7 +127,8 @@ let
default = null;
type = with types; nullOr str;
example = "container";
- description = ''The pre-existing network namespace in which the
+ description = ''
+ The pre-existing network namespace in which the
WireGuard interface is created, and which retains the socket even if the
interface is moved via {option}`interfaceNamespace`. When
`null`, the interface is created in the init namespace.
@@ -139,7 +140,8 @@ let
default = null;
type = with types; nullOr str;
example = "init";
- description = ''The pre-existing network namespace the WireGuard
+ description = ''
+ The pre-existing network namespace the WireGuard
interface is moved to. The special value `init` means
the init namespace. When `null`, the interface is not
moved.
@@ -240,7 +242,8 @@ let
allowedIPs = mkOption {
example = [ "10.192.122.3/32" "10.192.124.1/24" ];
type = with types; listOf str;
- description = ''List of IP (v4 or v6) addresses with CIDR masks from
+ description = ''
+ List of IP (v4 or v6) addresses with CIDR masks from
which this peer is allowed to send incoming traffic and to which
outgoing traffic for this peer is directed. The catch-all 0.0.0.0/0 may
be specified for matching all IPv4 addresses, and ::/0 may be specified
@@ -300,7 +303,8 @@ let
default = null;
type = with types; nullOr int;
example = 25;
- description = ''This is optional and is by default off, because most
+ description = ''
+ This is optional and is by default off, because most
users will not need it. It represents, in seconds, between 1 and 65535
inclusive, how often to send an authenticated empty packet to the peer,
for the purpose of keeping a stateful firewall or NAT mapping valid
diff --git a/nixos/modules/services/security/certmgr.nix b/nixos/modules/services/security/certmgr.nix
index f3164072b6b51..c4f76dd70d600 100644
--- a/nixos/modules/services/security/certmgr.nix
+++ b/nixos/modules/services/security/certmgr.nix
@@ -126,7 +126,7 @@ in
service = mkOption {
type = nullOr str;
default = null;
- description = "The service on which to perform \ after fetching.";
+ description = "The service on which to perform \\ after fetching.";
};
action = mkOption {
diff --git a/nixos/modules/services/video/frigate.nix b/nixos/modules/services/video/frigate.nix
index bc0f5d496afb8..0b4559a980bb1 100644
--- a/nixos/modules/services/video/frigate.nix
+++ b/nixos/modules/services/video/frigate.nix
@@ -407,7 +407,7 @@ in
}
'';
};
- "~* /api/.*\.(jpg|jpeg|png|webp|gif)$" = {
+ "~* /api/.*\\.(jpg|jpeg|png|webp|gif)$" = {
proxyPass = "http://frigate-api";
recommendedProxySettings = true;
extraConfig = nginxAuthRequest + nginxProxySettings + ''
diff --git a/nixos/modules/services/web-apps/bookstack.nix b/nixos/modules/services/web-apps/bookstack.nix
index 21948fd310d6a..d2c82697ce6a2 100644
--- a/nixos/modules/services/web-apps/bookstack.nix
+++ b/nixos/modules/services/web-apps/bookstack.nix
@@ -348,10 +348,10 @@ in {
index = "index.php";
tryFiles = "$uri $uri/ /index.php?$query_string";
};
- "~ \.php$".extraConfig = ''
+ "~ \\.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools."bookstack".socket};
'';
- "~ \.(js|css|gif|png|ico|jpg|jpeg)$" = {
+ "~ \\.(js|css|gif|png|ico|jpg|jpeg)$" = {
extraConfig = "expires 365d;";
};
};
diff --git a/nixos/modules/services/web-apps/castopod.nix b/nixos/modules/services/web-apps/castopod.nix
index c5bbc18644a6a..84e520d07bc98 100644
--- a/nixos/modules/services/web-apps/castopod.nix
+++ b/nixos/modules/services/web-apps/castopod.nix
@@ -328,7 +328,7 @@ in
'';
};
- locations."~ \.php$" = {
+ locations."~ \\.php$" = {
fastcgiParams = {
SERVER_NAME = "$host";
};
diff --git a/nixos/modules/services/web-apps/davis.nix b/nixos/modules/services/web-apps/davis.nix
index 621f2ff20e2bb..a2c4c49108ef0 100644
--- a/nixos/modules/services/web-apps/davis.nix
+++ b/nixos/modules/services/web-apps/davis.nix
@@ -496,7 +496,7 @@ in
return 302 https://$host/dav/;
'';
};
- "~ ^(.+\.php)(.*)$" = {
+ "~ ^(.+\\.php)(.*)$" = {
extraConfig = ''
try_files $fastcgi_script_name =404;
include ${config.services.nginx.package}/conf/fastcgi_params;
diff --git a/nixos/modules/services/web-apps/discourse.nix b/nixos/modules/services/web-apps/discourse.nix
index 45a36138ff542..d91249aa0ddf9 100644
--- a/nixos/modules/services/web-apps/discourse.nix
+++ b/nixos/modules/services/web-apps/discourse.nix
@@ -925,7 +925,7 @@ in
};
"~ ^/uploads/short-url/" = proxy { };
"~ ^/secure-media-uploads/" = proxy { };
- "~* (fonts|assets|plugins|uploads)/.*\.(eot|ttf|woff|woff2|ico|otf)$".extraConfig =
+ "~* (fonts|assets|plugins|uploads)/.*\\.(eot|ttf|woff|woff2|ico|otf)$".extraConfig =
cache_1y
+ ''
add_header Access-Control-Allow-Origin *;
diff --git a/nixos/modules/services/web-apps/dokuwiki.nix b/nixos/modules/services/web-apps/dokuwiki.nix
index b288a08efd856..41f94e7298426 100644
--- a/nixos/modules/services/web-apps/dokuwiki.nix
+++ b/nixos/modules/services/web-apps/dokuwiki.nix
@@ -436,7 +436,7 @@ in
extraConfig = "internal;";
};
- "~ ^/lib.*\.(js|css|gif|png|ico|jpg|jpeg)$" = {
+ "~ ^/lib.*\\.(js|css|gif|png|ico|jpg|jpeg)$" = {
extraConfig = "expires 365d;";
};
diff --git a/nixos/modules/services/web-apps/firefly-iii-data-importer.nix b/nixos/modules/services/web-apps/firefly-iii-data-importer.nix
index cbf089ce2fb75..1370e05585388 100644
--- a/nixos/modules/services/web-apps/firefly-iii-data-importer.nix
+++ b/nixos/modules/services/web-apps/firefly-iii-data-importer.nix
@@ -239,7 +239,7 @@ in
sendfile off;
'';
};
- "~ \.php$" = {
+ "~ \\.php$" = {
extraConfig = ''
include ${config.services.nginx.package}/conf/fastcgi_params ;
fastcgi_param SCRIPT_FILENAME $request_filename;
diff --git a/nixos/modules/services/web-apps/firefly-iii.nix b/nixos/modules/services/web-apps/firefly-iii.nix
index 30c4ea91a197c..fac5a23147c57 100644
--- a/nixos/modules/services/web-apps/firefly-iii.nix
+++ b/nixos/modules/services/web-apps/firefly-iii.nix
@@ -361,7 +361,7 @@ in
sendfile off;
'';
};
- "~ \.php$" = {
+ "~ \\.php$" = {
extraConfig = ''
include ${config.services.nginx.package}/conf/fastcgi_params ;
fastcgi_param SCRIPT_FILENAME $request_filename;
diff --git a/nixos/modules/services/web-apps/flarum.nix b/nixos/modules/services/web-apps/flarum.nix
index d7f558c73d07e..c466d2700b1c7 100644
--- a/nixos/modules/services/web-apps/flarum.nix
+++ b/nixos/modules/services/web-apps/flarum.nix
@@ -164,7 +164,7 @@ in
enable = true;
virtualHosts."${cfg.domain}" = {
root = "${cfg.stateDir}/public";
- locations."~ \.php$".extraConfig = ''
+ locations."~ \\.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools.flarum.socket};
fastcgi_index site.php;
'';
diff --git a/nixos/modules/services/web-apps/freshrss.nix b/nixos/modules/services/web-apps/freshrss.nix
index 0e8bcc703efa9..41a45d0690f99 100644
--- a/nixos/modules/services/web-apps/freshrss.nix
+++ b/nixos/modules/services/web-apps/freshrss.nix
@@ -211,7 +211,7 @@ in
# php files handling
# this regex is mandatory because of the API
- locations."~ ^.+?\.php(/.*)?$".extraConfig = ''
+ locations."~ ^.+?\\.php(/.*)?$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.socket};
fastcgi_split_path_info ^(.+\.php)(/.*)$;
# By default, the variable PATH_INFO is not set under PHP-FPM
diff --git a/nixos/modules/services/web-apps/galene.nix b/nixos/modules/services/web-apps/galene.nix
index 32854e757ac37..41de02158d49a 100644
--- a/nixos/modules/services/web-apps/galene.nix
+++ b/nixos/modules/services/web-apps/galene.nix
@@ -143,7 +143,8 @@ in
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.stateDir;
- ExecStart = ''${cfg.package}/bin/galene \
+ ExecStart = ''
+ ${cfg.package}/bin/galene \
${optionalString (cfg.insecure) "-insecure"} \
-data ${cfg.dataDir} \
-groups ${cfg.groupsDir} \
diff --git a/nixos/modules/services/web-apps/monica.nix b/nixos/modules/services/web-apps/monica.nix
index 6774e2c9bb467..aaa7b7a56f14f 100644
--- a/nixos/modules/services/web-apps/monica.nix
+++ b/nixos/modules/services/web-apps/monica.nix
@@ -355,10 +355,10 @@ in {
index = "index.php";
tryFiles = "$uri $uri/ /index.php?$query_string";
};
- "~ \.php$".extraConfig = ''
+ "~ \\.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools."monica".socket};
'';
- "~ \.(js|css|gif|png|ico|jpg|jpeg)$" = {
+ "~ \\.(js|css|gif|png|ico|jpg|jpeg)$" = {
extraConfig = "expires 365d;";
};
};
diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix
index 8cb4b4c439f9d..4f09a9dde870b 100644
--- a/nixos/modules/services/web-apps/nextcloud.nix
+++ b/nixos/modules/services/web-apps/nextcloud.nix
@@ -768,15 +768,17 @@ in {
description = ''
Extra options which should be appended to Nextcloud's config.php file.
'';
- example = literalExpression '' {
- redis = {
- host = "/run/redis/redis.sock";
- port = 0;
- dbindex = 0;
- password = "secret";
- timeout = 1.5;
- };
- } '';
+ example = literalExpression ''
+ {
+ redis = {
+ host = "/run/redis/redis.sock";
+ port = 0;
+ dbindex = 0;
+ password = "secret";
+ timeout = 1.5;
+ };
+ }
+ '';
};
secretFile = mkOption {
diff --git a/nixos/modules/services/web-apps/onlyoffice.nix b/nixos/modules/services/web-apps/onlyoffice.nix
index d56a4d66283cf..f56dfd341dcc6 100644
--- a/nixos/modules/services/web-apps/onlyoffice.nix
+++ b/nixos/modules/services/web-apps/onlyoffice.nix
@@ -105,27 +105,27 @@ in
virtualHosts.${cfg.hostname} = {
locations = {
# /etc/nginx/includes/ds-docservice.conf
- "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(web-apps\/apps\/api\/documents\/api\.js)$".extraConfig =
+ "~ ^(\\/[\\d]+\\.[\\d]+\\.[\\d]+[\\.|-][\\d]+)?\\/(web-apps\\/apps\\/api\\/documents\\/api\\.js)$".extraConfig =
''
expires -1;
alias ${cfg.package}/var/www/onlyoffice/documentserver/$2;
'';
- "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(web-apps)(\/.*\.json)$".extraConfig = ''
+ "~ ^(\\/[\\d]+\\.[\\d]+\\.[\\d]+[\\.|-][\\d]+)?\\/(web-apps)(\\/.*\\.json)$".extraConfig = ''
expires 365d;
error_log /dev/null crit;
alias ${cfg.package}/var/www/onlyoffice/documentserver/$2$3;
'';
- "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(sdkjs-plugins)(\/.*\.json)$".extraConfig = ''
+ "~ ^(\\/[\\d]+\\.[\\d]+\\.[\\d]+[\\.|-][\\d]+)?\\/(sdkjs-plugins)(\\/.*\\.json)$".extraConfig = ''
expires 365d;
error_log /dev/null crit;
alias ${cfg.package}/var/www/onlyoffice/documentserver/$2$3;
'';
- "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(web-apps|sdkjs|sdkjs-plugins|fonts)(\/.*)$".extraConfig =
+ "~ ^(\\/[\\d]+\\.[\\d]+\\.[\\d]+[\\.|-][\\d]+)?\\/(web-apps|sdkjs|sdkjs-plugins|fonts)(\\/.*)$".extraConfig =
''
expires 365d;
alias ${cfg.package}/var/www/onlyoffice/documentserver/$2$3;
'';
- "~* ^(\/cache\/files.*)(\/.*)".extraConfig = ''
+ "~* ^(\\/cache\\/files.*)(\\/.*)".extraConfig = ''
alias /var/lib/onlyoffice/documentserver/App_Data$1;
add_header Content-Disposition "attachment; filename*=UTF-8''$arg_filename";
@@ -141,12 +141,12 @@ in
return 410;
}
'';
- "~* ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(internal)(\/.*)$".extraConfig = ''
+ "~* ^(\\/[\\d]+\\.[\\d]+\\.[\\d]+[\\.|-][\\d]+)?\\/(internal)(\\/.*)$".extraConfig = ''
allow 127.0.0.1;
deny all;
proxy_pass http://onlyoffice-docservice/$2$3;
'';
- "~* ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(info)(\/.*)$".extraConfig = ''
+ "~* ^(\\/[\\d]+\\.[\\d]+\\.[\\d]+[\\.|-][\\d]+)?\\/(info)(\\/.*)$".extraConfig = ''
allow 127.0.0.1;
deny all;
proxy_pass http://onlyoffice-docservice/$2$3;
@@ -154,19 +154,19 @@ in
"/".extraConfig = ''
proxy_pass http://onlyoffice-docservice;
'';
- "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?(\/doc\/.*)".extraConfig = ''
+ "~ ^(\\/[\\d]+\\.[\\d]+\\.[\\d]+[\\.|-][\\d]+)?(\\/doc\\/.*)".extraConfig = ''
proxy_pass http://onlyoffice-docservice$2;
proxy_http_version 1.1;
'';
"/${cfg.package.version}/".extraConfig = ''
proxy_pass http://onlyoffice-docservice/;
'';
- "~ ^(\/[\d]+\.[\d]+\.[\d]+[\.|-][\d]+)?\/(dictionaries)(\/.*)$".extraConfig = ''
+ "~ ^(\\/[\\d]+\\.[\\d]+\\.[\\d]+[\\.|-][\\d]+)?\\/(dictionaries)(\\/.*)$".extraConfig = ''
expires 365d;
alias ${cfg.package}/var/www/onlyoffice/documentserver/$2$3;
'';
# /etc/nginx/includes/ds-example.conf
- "~ ^(\/welcome\/.*)$".extraConfig = ''
+ "~ ^(\\/welcome\\/.*)$".extraConfig = ''
expires 365d;
alias ${cfg.package}/var/www/onlyoffice/documentserver-example$1;
index docker.html;
diff --git a/nixos/modules/services/web-apps/peertube.nix b/nixos/modules/services/web-apps/peertube.nix
index b61344a95db88..f52a4ccf6266f 100644
--- a/nixos/modules/services/web-apps/peertube.nix
+++ b/nixos/modules/services/web-apps/peertube.nix
@@ -696,7 +696,7 @@ in
};
# Bypass PeerTube for performance reasons.
- locations."~ ^/client/(assets/images/(icons/icon-36x36\.png|icons/icon-48x48\.png|icons/icon-72x72\.png|icons/icon-96x96\.png|icons/icon-144x144\.png|icons/icon-192x192\.png|icons/icon-512x512\.png|logo\.svg|favicon\.png|default-playlist\.jpg|default-avatar-account\.png|default-avatar-account-48x48\.png|default-avatar-video-channel\.png|default-avatar-video-channel-48x48\.png))$" =
+ locations."~ ^/client/(assets/images/(icons/icon-36x36\\.png|icons/icon-48x48\\.png|icons/icon-72x72\\.png|icons/icon-96x96\\.png|icons/icon-144x144\\.png|icons/icon-192x192\\.png|icons/icon-512x512\\.png|logo\\.svg|favicon\\.png|default-playlist\\.jpg|default-avatar-account\\.png|default-avatar-account-48x48\\.png|default-avatar-video-channel\\.png|default-avatar-video-channel-48x48\\.png))$" =
{
tryFiles = "/client-overrides/$1 /client/$1 $1";
priority = 1310;
@@ -704,7 +704,7 @@ in
extraConfig = nginxCommonHeaders;
};
- locations."~ ^/client/(.*\.(js|css|png|svg|woff2|otf|ttf|woff|eot))$" = {
+ locations."~ ^/client/(.*\\.(js|css|png|svg|woff2|otf|ttf|woff|eot))$" = {
alias = "${cfg.package}/client/dist/$1";
priority = 1320;
extraConfig =
diff --git a/nixos/modules/services/web-apps/privatebin.nix b/nixos/modules/services/web-apps/privatebin.nix
index 4315664dabc20..ea1d9933d0b78 100644
--- a/nixos/modules/services/web-apps/privatebin.nix
+++ b/nixos/modules/services/web-apps/privatebin.nix
@@ -186,7 +186,7 @@ in
sendfile off;
'';
};
- "~ \.php$" = {
+ "~ \\.php$" = {
extraConfig = ''
include ${config.services.nginx.package}/conf/fastcgi_params ;
fastcgi_param SCRIPT_FILENAME $request_filename;
diff --git a/nixos/modules/services/web-apps/rutorrent.nix b/nixos/modules/services/web-apps/rutorrent.nix
index 8cbda677c2b12..be2af96ae05b6 100644
--- a/nixos/modules/services/web-apps/rutorrent.nix
+++ b/nixos/modules/services/web-apps/rutorrent.nix
@@ -305,7 +305,7 @@ in
${cfg.hostName} = {
root = cfg.dataDir;
locations = {
- "~ [^/]\.php(/|$)" = {
+ "~ [^/]\\.php(/|$)" = {
extraConfig = ''
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
diff --git a/nixos/modules/services/web-apps/snipe-it.nix b/nixos/modules/services/web-apps/snipe-it.nix
index e9a68006ae646..07163d08d9b63 100644
--- a/nixos/modules/services/web-apps/snipe-it.nix
+++ b/nixos/modules/services/web-apps/snipe-it.nix
@@ -368,7 +368,7 @@ in {
index = "index.php";
extraConfig = ''try_files $uri $uri/ /index.php?$query_string;'';
};
- "~ \.php$" = {
+ "~ \\.php$" = {
extraConfig = ''
try_files $uri $uri/ /index.php?$query_string;
include ${config.services.nginx.package}/conf/fastcgi_params;
@@ -378,7 +378,7 @@ in {
${optionalString (cfg.nginx.addSSL || cfg.nginx.forceSSL || cfg.nginx.onlySSL || cfg.nginx.enableACME) "fastcgi_param HTTPS on;"}
'';
};
- "~ \.(js|css|gif|png|ico|jpg|jpeg)$" = {
+ "~ \\.(js|css|gif|png|ico|jpg|jpeg)$" = {
extraConfig = "expires 365d;";
};
};
diff --git a/nixos/modules/services/web-apps/zabbix.nix b/nixos/modules/services/web-apps/zabbix.nix
index 3463148b30e0d..5c9a5865e759a 100644
--- a/nixos/modules/services/web-apps/zabbix.nix
+++ b/nixos/modules/services/web-apps/zabbix.nix
@@ -342,7 +342,7 @@ in
index = "index.html index.htm index.php";
tryFiles = "$uri $uri/ =404";
};
- locations."~ \.php$".extraConfig = ''
+ locations."~ \\.php$".extraConfig = ''
fastcgi_pass unix:${fpm.socket};
fastcgi_index index.php;
'';
diff --git a/nixos/modules/services/x11/display-managers/lightdm.nix b/nixos/modules/services/x11/display-managers/lightdm.nix
index 3e964ef53266d..8034e779f5b8d 100644
--- a/nixos/modules/services/x11/display-managers/lightdm.nix
+++ b/nixos/modules/services/x11/display-managers/lightdm.nix
@@ -155,7 +155,7 @@ in
};
background = mkOption {
- type = types.either types.path (types.strMatching "^#[0-9]\{6\}$");
+ type = types.either types.path (types.strMatching "^#[0-9]{6}$");
# Manual cannot depend on packages, we are actually setting the default in config below.
defaultText = literalExpression "pkgs.nixos-artwork.wallpapers.simple-dark-gray-bottom.gnomeFilePath";
description = ''
diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix
index 85e5631e77a25..3c42e6c04a485 100644
--- a/nixos/modules/system/activation/top-level.nix
+++ b/nixos/modules/system/activation/top-level.nix
@@ -319,8 +319,8 @@ in
system.extraSystemBuilderCmds =
optionalString
- config.system.copySystemConfiguration
- ''ln -s '${import ../../../lib/from-env.nix "NIXOS_CONFIG" }' \
+ config.system.copySystemConfiguration ''
+ ln -s '${import ../../../lib/from-env.nix "NIXOS_CONFIG" }' \
"$out/configuration.nix"
'' +
optionalString
diff --git a/pkgs/by-name/ma/mattermost/package.nix b/pkgs/by-name/ma/mattermost/package.nix
index 87bbe84027130..f83b146a27985 100644
--- a/pkgs/by-name/ma/mattermost/package.nix
+++ b/pkgs/by-name/ma/mattermost/package.nix
@@ -136,7 +136,7 @@ buildGoModule rec {
updateScript = nix-update-script {
extraArgs = [
"--version-regex"
- "^v(9\.11\.[0-9]+)$"
+ "^v(9\\.11\\.[0-9]+)$"
];
};
tests.mattermost = nixosTests.mattermost;
diff --git a/pkgs/by-name/pa/paperjam/package.nix b/pkgs/by-name/pa/paperjam/package.nix
index f71bae04ae813..ca9cbffd062d0 100644
--- a/pkgs/by-name/pa/paperjam/package.nix
+++ b/pkgs/by-name/pa/paperjam/package.nix
@@ -26,8 +26,8 @@ stdenv.mkDerivation (finalAttrs: {
makeFlags = [
"PREFIX=$(out)"
# prevent real build date which is impure
- "BUILD_DATE=\"
- "BUILD_COMMIT=\"
+ "BUILD_DATE=\\"
+ "BUILD_COMMIT=\\"
];
# provide backward compatible PointerHolder, suppress deprecation warnings