Merge branch 'NixOS:master' into master

.github/CODEOWNERS

@@ -185,17 +185,17 @@ pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt
 /lib/licenses.nix @alyssais
 
 # Qt
-/pkgs/development/libraries/qt-5 @NixOS/qt-kde
+/pkgs/development/libraries/qt-5 @K900 @NickCao @SuperSandro2000 @ttuegel
-/pkgs/development/libraries/qt-6 @NixOS/qt-kde
+/pkgs/development/libraries/qt-6 @K900 @NickCao @SuperSandro2000 @ttuegel
 
 # KDE / Plasma 5
-/pkgs/applications/kde @NixOS/qt-kde
+/pkgs/applications/kde @K900 @NickCao @SuperSandro2000 @ttuegel
-/pkgs/desktops/plasma-5 @NixOS/qt-kde
+/pkgs/desktops/plasma-5 @K900 @NickCao @SuperSandro2000 @ttuegel
-/pkgs/development/libraries/kde-frameworks @NixOS/qt-kde
+/pkgs/development/libraries/kde-frameworks @K900 @NickCao @SuperSandro2000 @ttuegel
 
 # KDE / Plasma 6
-/pkgs/kde @NixOS/qt-kde
+/pkgs/kde @K900 @NickCao @SuperSandro2000 @ttuegel
-/maintainers/scripts/kde @NixOS/qt-kde
+/maintainers/scripts/kde @K900 @NickCao @SuperSandro2000 @ttuegel
 
 # PostgreSQL and related stuff
 /pkgs/servers/sql/postgresql @thoughtpolice @marsam
@@ -232,10 +232,12 @@ pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt
 /nixos/modules/services/networking/babeld.nix @mweinelt
 /nixos/modules/services/networking/kea.nix @mweinelt
 /nixos/modules/services/networking/knot.nix @mweinelt
+nixos/modules/services/networking/networkmanager.nix @Janik-Haag
 /nixos/modules/services/monitoring/prometheus/exporters/kea.nix @mweinelt
 /nixos/tests/babeld.nix @mweinelt
 /nixos/tests/kea.nix @mweinelt
 /nixos/tests/knot.nix @mweinelt
+/nixos/tests/networking/* @Janik-Haag
 
 # Web servers
 /doc/packages/nginx.section.md @raitobezarius
@@ -296,7 +298,7 @@ pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt
 
 # GNOME
 /pkgs/desktops/gnome                              @jtojnar
-/pkgs/desktops/gnome/extensions       @piegamesde @jtojnar
+/pkgs/desktops/gnome/extensions                   @jtojnar
 /pkgs/build-support/make-hardcode-gsettings-patch @jtojnar
 
 # Cinnamon
@@ -359,3 +361,16 @@ pkgs/development/tools/continuous-integration/buildbot @Mic92 @zowoq
 pkgs/by-name/pr/pretix/ @mweinelt
 nixos/modules/services/web-apps/pretix.nix @mweinelt
 nixos/tests/web-apps/pretix.nix @mweinelt
+
+# incus/lxc/lxd
+nixos/maintainers/scripts/lxd/          @adamcstephens
+nixos/modules/virtualisation/incus.nix  @adamcstephens
+nixos/modules/virtualisation/lxc*       @adamcstephens
+nixos/modules/virtualisation/lxd*       @adamcstephens
+nixos/tests/incus/                      @adamcstephens
+nixos/tests/lxd/                        @adamcstephens
+pkgs/by-name/in/incus/                  @adamcstephens
+pkgs/by-name/lx/lxc*                    @adamcstephens
+pkgs/by-name/lx/lxd*                    @adamcstephens
+pkgs/os-specific/linux/lxc/             @adamcstephens
+

.github/workflows/basic-eval.yml

@@ -26,4 +26,4 @@ jobs:
         name: nixpkgs-ci
         signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
     # explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset
-    - run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin"  ]'
+    - run: nix-build pkgs/top-level/release.nix -A release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin"  ]'

README.md

@@ -14,7 +14,7 @@
 </p>
 
 [Nixpkgs](https://github.com/nixos/nixpkgs) is a collection of over
-80,000 software packages that can be installed with the
+100,000 software packages that can be installed with the
 [Nix](https://nixos.org/nix/) package manager. It also implements
 [NixOS](https://nixos.org/nixos/), a purely-functional Linux distribution.
 

doc/README.md

@@ -106,12 +106,12 @@ This is a warning
 
 The following are supported:
 
-- [`caution`](https://tdg.docbook.org/tdg/5.0/caution.html)
+- `caution`
-- [`important`](https://tdg.docbook.org/tdg/5.0/important.html)
+- `important`
-- [`note`](https://tdg.docbook.org/tdg/5.0/note.html)
+- `note`
-- [`tip`](https://tdg.docbook.org/tdg/5.0/tip.html)
+- `tip`
-- [`warning`](https://tdg.docbook.org/tdg/5.0/warning.html)
+- `warning`
-- [`example`](https://tdg.docbook.org/tdg/5.0/example.html)
+- `example`
 
 Example admonitions require a title to work.
 If you don't provide one, the manual won't be built.

doc/languages-frameworks/gnome.section.md

@@ -102,9 +102,11 @@ Given the requirements above, the package expression would become messy quickly:
 }
 ```
 
-Fortunately, there is [`wrapGAppsHook`]{#ssec-gnome-hooks-wrapgappshook}. It works in conjunction with other setup hooks that populate environment variables, and it will then wrap all executables in `bin` and `libexec` directories using said variables.
+Fortunately, there is [`wrapGAppsHook`]{#ssec-gnome-hooks-wrapgappshook}. It works in conjunction with other setup hooks that populate environment variables, and it will then wrap all executables in `bin` and `libexec` directories using said variables. For convenience, it also adds `dconf.lib` for a GIO module implementing a GSettings backend using `dconf`, `gtk3` for GSettings schemas, and `librsvg` for GdkPixbuf loader to the closure.
 
-For convenience, it also adds `dconf.lib` for a GIO module implementing a GSettings backend using `dconf`, `gtk3` for GSettings schemas, and `librsvg` for GdkPixbuf loader to the closure. There is also [`wrapGAppsHook4`]{#ssec-gnome-hooks-wrapgappshook4}, which replaces GTK 3 with GTK 4. And in case you are packaging a program without a graphical interface, you might want to use [`wrapGAppsNoGuiHook`]{#ssec-gnome-hooks-wrapgappsnoguihook}, which runs the same script as `wrapGAppsHook` but does not bring `gtk3` and `librsvg` into the closure.
+There is also [`wrapGAppsHook4`]{#ssec-gnome-hooks-wrapgappshook4}, which replaces GTK 3 with GTK 4. Instead of `wrapGAppsHook`, this should be used for all GTK4 applications.
+
+In case you are packaging a program without a graphical interface, you might want to use [`wrapGAppsNoGuiHook`]{#ssec-gnome-hooks-wrapgappsnoguihook}, which runs the same script as `wrapGAppsHook` but does not bring `gtk3` and `librsvg` into the closure.
 
 - `wrapGAppsHook` itself will add the package’s `share` directory to `XDG_DATA_DIRS`.
 

doc/languages-frameworks/go.section.md

@@ -142,6 +142,7 @@ Many attributes [controlling the build phase](#variables-controlling-the-build-p
 - [`patchFlags`](#var-stdenv-patchFlags)
 - [`postPatch`](#var-stdenv-postPatch)
 - [`preBuild`](#var-stdenv-preBuild)
+- `env`: useful for passing down variables such as `GOWORK`.
 
 To control test execution of the build derivation, the following attributes are of interest:
 

doc/languages-frameworks/python.section.md

@@ -497,40 +497,6 @@ are used in [`buildPythonPackage`](#buildpythonpackage-function).
   with the `pipInstallHook`.
 - `unittestCheckHook` will run tests with `python -m unittest discover`. See [example usage](#using-unittestcheckhook).
 
-### Development mode {#development-mode}
-
-Development or editable mode is supported. To develop Python packages
-[`buildPythonPackage`](#buildpythonpackage-function) has additional logic inside `shellPhase` to run `pip
-install -e . --prefix $TMPDIR/`for the package.
-
-Warning: `shellPhase` is executed only if `setup.py` exists.
-
-Given a `default.nix`:
-
-```nix
-with import <nixpkgs> {};
-
-python3Packages.buildPythonPackage {
-  name = "myproject";
-  buildInputs = with python3Packages; [ pyramid ];
-
-  src = ./.;
-}
-```
-
-Running `nix-shell` with no arguments should give you the environment in which
-the package would be built with `nix-build`.
-
-Shortcut to setup environments with C headers/libraries and Python packages:
-
-```shell
-nix-shell -p python3Packages.pyramid zlib libjpeg git
-```
-
-::: {.note}
-There is a boolean value `lib.inNixShell` set to `true` if nix-shell is invoked.
-:::
-
 ## User Guide {#user-guide}
 
 ### Using Python {#using-python}
@@ -867,8 +833,7 @@ Above, we were mostly just focused on use cases and what to do to get started
 creating working Python environments in nix.
 
 Now that you know the basics to be up and running, it is time to take a step
-back and take a deeper look at how Python packages are packaged on Nix. Then,
+back and take a deeper look at how Python packages are packaged on Nix.
-we will look at how you can use development mode with your code.
 
 #### Python library packages in Nixpkgs {#python-library-packages-in-nixpkgs}
 
@@ -1481,45 +1446,6 @@ documentation source root.
 The hook is also available to packages outside the python ecosystem by
 referencing it using `sphinxHook` from top-level.
 
-### Develop local package {#develop-local-package}
-
-As a Python developer you're likely aware of [development mode](http://setuptools.readthedocs.io/en/latest/setuptools.html#development-mode)
-(`python setup.py develop`); instead of installing the package this command
-creates a special link to the project code. That way, you can run updated code
-without having to reinstall after each and every change you make. Development
-mode is also available. Let's see how you can use it.
-
-In the previous Nix expression the source was fetched from a url. We can also
-refer to a local source instead using `src = ./path/to/source/tree;`
-
-If we create a `shell.nix` file which calls [`buildPythonPackage`](#buildpythonpackage-function), and if `src`
-is a local source, and if the local source has a `setup.py`, then development
-mode is activated.
-
-In the following example, we create a simple environment that has a Python 3.11
-version of our package in it, as well as its dependencies and other packages we
-like to have in the environment, all specified with `dependencies`.
-
-```nix
-with import <nixpkgs> {};
-with python311Packages;
-
-buildPythonPackage rec {
-  name = "mypackage";
-  src = ./path/to/package/source;
-  dependencies = [
-    pytest
-    numpy
-  ];
-  propagatedBuildInputs = [
-    pkgs.libsndfile
-  ];
-}
-```
-
-It is important to note that due to how development mode is implemented on Nix
-it is not possible to have multiple packages simultaneously in development mode.
-
 ### Organising your packages {#organising-your-packages}
 
 So far we discussed how you can use Python on Nix, and how you can develop with

doc/packages/shell-helpers.section.md

@@ -2,11 +2,11 @@
 
 Some packages provide the shell integration to be more useful. But unlike other systems, nix doesn't have a standard `share` directory location. This is why a bunch `PACKAGE-share` scripts are shipped that print the location of the corresponding shared folder. Current list of such packages is as following:
 
-- `sk` : `sk-share`
+- `fzf` : `fzf-share`
 
-E.g. `sk` can then be used in the `.bashrc` like this:
+E.g. `fzf` can then be used in the `.bashrc` like this:
 
 ```bash
-source "$(sk-share)/completion.bash"
+source "$(fzf-share)/completion.bash"
-source "$(sk-share)/key-bindings.bash"
+source "$(fzf-share)/key-bindings.bash"
 ```

doc/using/configuration.chapter.md

@@ -1,6 +1,7 @@
 # Global configuration {#chap-packageconfig}
 
-Nix comes with certain defaults about what packages can and cannot be installed, based on a package's metadata. By default, Nix will prevent installation if any of the following criteria are true:
+Nix comes with certain defaults about which packages can and cannot be installed, based on a package's metadata.
+By default, Nix will prevent installation if any of the following criteria are true:
 
 -   The package is thought to be broken, and has had its `meta.broken` set to `true`.
 
@@ -10,23 +11,14 @@ Nix comes with certain defaults about what packages can and cannot be installed,
 
 -   The package has known security vulnerabilities but has not or can not be updated for some reason, and a list of issues has been entered in to the package's `meta.knownVulnerabilities`.
 
-Note that all this is checked during evaluation already, and the check includes any package that is evaluated. In particular, all build-time dependencies are checked. `nix-env -qa` will (attempt to) hide any packages that would be refused.
+Each of these criteria can be altered in the Nixpkgs configuration.
 
-Each of these criteria can be altered in the nixpkgs configuration.
+:::{.note}
+All this is checked during evaluation already, and the check includes any package that is evaluated.
+In particular, all build-time dependencies are checked.
+:::
 
-The nixpkgs configuration for a NixOS system is set in the `configuration.nix`, as in the following example:
+A user's Nixpkgs configuration is stored in a user-specific configuration file located at `~/.config/nixpkgs/config.nix`. For example:
-
-```nix
-{
-  nixpkgs.config = {
-    allowUnfree = true;
-  };
-}
-```
-
-However, this does not allow unfree software for individual users. Their configurations are managed separately.
-
-A user's nixpkgs configuration is stored in a user-specific configuration file located at `~/.config/nixpkgs/config.nix`. For example:
 
 ```nix
 {
@@ -34,7 +26,10 @@ A user's nixpkgs configuration is stored in a user-specific configuration file l
 }
 ```
 
-Note that we are not able to test or build unfree software on Hydra due to policy. Most unfree licenses prohibit us from either executing or distributing the software.
+:::{.caution}
+Unfree software is not tested or built in Nixpkgs continuous integration, and therefore not cached.
+Most unfree licenses prohibit either executing or distributing the software.
+:::
 
 ## Installing broken packages {#sec-allow-broken}
 

lib/attrsets.nix

@@ -5,7 +5,7 @@
 
 let
   inherit (builtins) head length;
-  inherit (lib.trivial) mergeAttrs warn;
+  inherit (lib.trivial) isInOldestRelease mergeAttrs warn warnIf;
   inherit (lib.strings) concatStringsSep concatMapStringsSep escapeNixIdentifier sanitizeDerivationName;
   inherit (lib.lists) foldr foldl' concatMap elemAt all partition groupBy take foldl;
 in
@@ -885,15 +885,15 @@ rec {
     # Type
 
     ```
-    cartesianProductOfSets :: AttrSet -> [AttrSet]
+    cartesianProduct :: AttrSet -> [AttrSet]
     ```
 
     # Examples
     :::{.example}
-    ## `lib.attrsets.cartesianProductOfSets` usage example
+    ## `lib.attrsets.cartesianProduct` usage example
 
     ```nix
-    cartesianProductOfSets { a = [ 1 2 ]; b = [ 10 20 ]; }
+    cartesianProduct { a = [ 1 2 ]; b = [ 10 20 ]; }
     => [
          { a = 1; b = 10; }
          { a = 1; b = 20; }
@@ -904,7 +904,7 @@ rec {
 
     :::
   */
-  cartesianProductOfSets =
+  cartesianProduct =
     attrsOfLists:
     foldl' (listOfAttrs: attrName:
       concatMap (attrs:
@@ -913,6 +913,40 @@ rec {
     ) [{}] (attrNames attrsOfLists);
 
 
+  /**
+    Return the result of function f applied to the cartesian product of attribute set value combinations.
+    Equivalent to using cartesianProduct followed by map.
+
+    # Inputs
+
+    `f`
+
+    : A function, given an attribute set, it returns a new value.
+
+    `attrsOfLists`
+
+    : Attribute set with attributes that are lists of values
+
+    # Type
+
+    ```
+    mapCartesianProduct :: (AttrSet -> a) -> AttrSet -> [a]
+    ```
+
+    # Examples
+    :::{.example}
+    ## `lib.attrsets.mapCartesianProduct` usage example
+
+    ```nix
+    mapCartesianProduct ({a, b}: "${a}-${b}") { a = [ "1" "2" ]; b = [ "3" "4" ]; }
+    => [ "1-3" "1-4" "2-3" "2-4" ]
+    ```
+
+    :::
+
+  */
+  mapCartesianProduct = f: attrsOfLists: map f (cartesianProduct attrsOfLists);
+
   /**
     Utility function that creates a `{name, value}` pair as expected by `builtins.listToAttrs`.
 
@@ -1999,4 +2033,8 @@ rec {
   # DEPRECATED
   zip = warn
     "lib.zip is a deprecated alias of lib.zipAttrsWith." zipAttrsWith;
+
+  # DEPRECATED
+  cartesianProductOfSets = warnIf (isInOldestRelease 2405)
+    "lib.cartesianProductOfSets is a deprecated alias of lib.cartesianProduct." cartesianProduct;
 }

lib/default.nix

@@ -86,8 +86,8 @@ let
       zipAttrsWithNames zipAttrsWith zipAttrs recursiveUpdateUntil
       recursiveUpdate matchAttrs mergeAttrsList overrideExisting showAttrPath getOutput
       getBin getLib getDev getMan chooseDevOutputs zipWithNames zip
-      recurseIntoAttrs dontRecurseIntoAttrs cartesianProductOfSets
+      recurseIntoAttrs dontRecurseIntoAttrs cartesianProduct cartesianProductOfSets
-      updateManyAttrsByPath;
+      mapCartesianProduct updateManyAttrsByPath;
     inherit (self.lists) singleton forEach foldr fold foldl foldl' imap0 imap1
       concatMap flatten remove findSingle findFirst any all count
       optional optionals toList range replicate partition zipListsWith zipLists

lib/fileset/default.nix

@@ -1,5 +1,5 @@
 /*
-  <!-- This anchor is here for backwards compatibity -->
+  <!-- This anchor is here for backwards compatibility -->
   []{#sec-fileset}
 
   The [`lib.fileset`](#sec-functions-library-fileset) library allows you to work with _file sets_.

lib/lists.nix

@@ -1688,16 +1688,32 @@ rec {
     ## `lib.lists.crossLists` usage example
 
     ```nix
-    crossLists (x:y: "${toString x}${toString y}") [[1 2] [3 4]]
+    crossLists (x: y: "${toString x}${toString y}") [[1 2] [3 4]]
     => [ "13" "14" "23" "24" ]
     ```
 
+    The following function call is equivalent to the one deprecated above:
+
+    ```nix
+    mapCartesianProduct (x: "${toString x.a}${toString x.b}") { a = [1 2]; b = [3 4]; }
+    => [ "13" "14" "23" "24" ]
+    ```
     :::
   */
   crossLists = warn
-    "lib.crossLists is deprecated, use lib.cartesianProductOfSets instead."
+    ''lib.crossLists is deprecated, use lib.mapCartesianProduct instead.
-    (f: foldl (fs: args: concatMap (f: map f args) fs) [f]);
 
+    For example, the following function call:
+
+    nix-repl> lib.crossLists (x: y: x+y) [[1 2] [3 4]]
+    [ 4 5 5 6 ]
+
+    Can now be replaced by the following one:
+
+    nix-repl> lib.mapCartesianProduct ({x,y}: x+y) { x = [1 2]; y = [3 4]; }
+    [ 4 5 5 6 ]
+    ''
+    (f: foldl (fs: args: concatMap (f: map f args) fs) [f]);
 
   /**
     Remove duplicate elements from the `list`. O(n^2) complexity.

lib/modules.nix

@@ -136,7 +136,7 @@ let
             # TODO: Change the type of this option to a submodule with a
             # freeformType, so that individual arguments can be documented
             # separately
-            description = lib.mdDoc ''
+            description = ''
               Additional arguments passed to each module in addition to ones
               like `lib`, `config`,
               and `pkgs`, `modulesPath`.
@@ -187,14 +187,14 @@ let
             type = types.bool;
             internal = true;
             default = true;
-            description = lib.mdDoc "Whether to check whether all option definitions have matching declarations.";
+            description = "Whether to check whether all option definitions have matching declarations.";
           };
 
           _module.freeformType = mkOption {
             type = types.nullOr types.optionType;
             internal = true;
             default = null;
-            description = lib.mdDoc ''
+            description = ''
               If set, merge all definitions that don't have an associated option
               together using this type. The result then gets combined with the
               values of all declared options to produce the final `
@@ -209,7 +209,7 @@ let
           _module.specialArgs = mkOption {
             readOnly = true;
             internal = true;
-            description = lib.mdDoc ''
+            description = ''
               Externally provided module arguments that can't be modified from
               within a configuration, but can be used in module imports.
             '';

lib/options.nix

@@ -400,9 +400,11 @@ rec {
   literalExample = lib.warn "lib.literalExample is deprecated, use lib.literalExpression instead, or use lib.literalMD for a non-Nix description." literalExpression;
 
   /* Transition marker for documentation that's already migrated to markdown
-     syntax. This is a no-op and no longer needed.
+     syntax. Has been a no-op for some while and been removed from nixpkgs.
+     Kept here to alert downstream users who may not be aware of the migration's
+     completion that it should be removed from modules.
   */
-  mdDoc = lib.id;
+  mdDoc = lib.warn "lib.mdDoc will be removed from nixpkgs in 24.11. Option descriptions are now in Markdown by default; you can remove any remaining uses of lib.mdDoc.";
 
   /* For use in the `defaultText` and `example` option attributes. Causes the
      given MD text to be inserted verbatim in the documentation, for when

lib/tests/misc.nix

@@ -33,7 +33,7 @@ let
     boolToString
     callPackagesWith
     callPackageWith
-    cartesianProductOfSets
+    cartesianProduct
     cli
     composeExtensions
     composeManyExtensions
@@ -71,10 +71,10 @@ let
     makeIncludePath
     makeOverridable
     mapAttrs
+    mapCartesianProduct
     matchAttrs
     mergeAttrs
     meta
-    mkOption
     mod
     nameValuePair
     optionalDrvAttr
@@ -117,7 +117,6 @@ let
     expr = (builtins.tryEval expr).success;
     expected = true;
   };
-  testingDeepThrow = expr: testingThrow (builtins.deepSeq expr expr);
 
   testSanitizeDerivationName = { name, expected }:
   let
@@ -1415,7 +1414,7 @@ runTests {
     };
 
   testToPrettyMultiline = {
-    expr = mapAttrs (const (generators.toPretty { })) rec {
+    expr = mapAttrs (const (generators.toPretty { })) {
       list = [ 3 4 [ false ] ];
       attrs = { foo = null; bar.foo = "baz"; };
       newlinestring = "\n";
@@ -1429,7 +1428,7 @@ runTests {
         there
         test'';
     };
-    expected = rec {
+    expected = {
       list = ''
         [
           3
@@ -1467,13 +1466,10 @@ runTests {
     expected  = "«foo»";
   };
 
-  testToPlist =
+  testToPlist = {
-    let
-      deriv = derivation { name = "test"; builder = "/bin/sh"; system = "aarch64-linux"; };
-    in {
     expr = mapAttrs (const (generators.toPlist { })) {
       value = {
-        nested.values = rec {
+        nested.values = {
           int = 42;
           float = 0.1337;
           bool = true;
@@ -1686,17 +1682,17 @@ runTests {
   };
 
   testCartesianProductOfEmptySet = {
-    expr = cartesianProductOfSets {};
+    expr = cartesianProduct {};
     expected = [ {} ];
   };
 
   testCartesianProductOfOneSet = {
-    expr = cartesianProductOfSets { a = [ 1 2 3 ]; };
+    expr = cartesianProduct { a = [ 1 2 3 ]; };
     expected = [ { a = 1; } { a = 2; } { a = 3; } ];
   };
 
   testCartesianProductOfTwoSets = {
-    expr = cartesianProductOfSets { a = [ 1 ]; b = [ 10 20 ]; };
+    expr = cartesianProduct { a = [ 1 ]; b = [ 10 20 ]; };
     expected = [
       { a = 1; b = 10; }
       { a = 1; b = 20; }
@@ -1704,12 +1700,12 @@ runTests {
   };
 
   testCartesianProductOfTwoSetsWithOneEmpty = {
-    expr = cartesianProductOfSets { a = [ ]; b = [ 10 20 ]; };
+    expr = cartesianProduct { a = [ ]; b = [ 10 20 ]; };
     expected = [ ];
   };
 
   testCartesianProductOfThreeSets = {
-    expr = cartesianProductOfSets {
+    expr = cartesianProduct {
       a = [   1   2   3 ];
       b = [  10  20  30 ];
       c = [ 100 200 300 ];
@@ -1753,6 +1749,30 @@ runTests {
     ];
   };
 
+  testMapCartesianProductOfOneSet = {
+    expr = mapCartesianProduct ({a}: a * 2) { a = [ 1 2 3 ]; };
+    expected = [ 2 4 6 ];
+  };
+
+  testMapCartesianProductOfTwoSets = {
+    expr = mapCartesianProduct ({a,b}: a + b) { a = [ 1 ]; b = [ 10 20 ]; };
+    expected = [ 11 21 ];
+  };
+
+  testMapCartesianProcutOfTwoSetsWithOneEmpty = {
+    expr = mapCartesianProduct (x: x.a + x.b) { a = [ ]; b = [ 10 20 ]; };
+    expected = [ ];
+  };
+
+  testMapCartesianProductOfThreeSets = {
+    expr = mapCartesianProduct ({a,b,c}: a + b + c) {
+      a = [ 1 2 3 ];
+      b = [ 10 20 30 ];
+      c = [ 100 200 300 ];
+    };
+    expected = [ 111 211 311 121 221 321 131 231 331 112 212 312 122 222 322 132 232 332 113 213 313 123 223 323 133 233 333 ];
+  };
+
   # The example from the showAttrPath documentation
   testShowAttrPathExample = {
     expr = showAttrPath [ "foo" "10" "bar" ];

maintainers/maintainer-list.nix

@@ -58,6 +58,10 @@
          nix-build lib/tests/maintainers.nix
 
     See `./scripts/check-maintainer-github-handles.sh` for an example on how to work with this data.
+
+    When adding a new maintainer, be aware of the current commit conventions
+    documented at [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#commit-conventions)
+    file located in the root of the Nixpkgs repo.
 */
 {
   _0b11stan = {
@@ -667,6 +671,12 @@
       fingerprint = "B0D7 2955 235F 6AB5 ACFA  1619 8C7F F5BB 1ADE F191";
     }];
   };
+  aimpizza = {
+    email = "rickomo.us@gmail.com";
+    name = "Rick Omonsky";
+    github = "AimPizza";
+    githubId = 64905268;
+  };
   aiotter = {
     email = "git@aiotter.com";
     github = "aiotter";
@@ -790,6 +800,12 @@
     githubId = 20405311;
     name = "Aksh Gupta";
   };
+  aktaboot = {
+    email = "akhtaboo@protonmail.com";
+    github = "aktaboot";
+    githubId = 120214979;
+    name = "aktaboot";
+  };
   al3xtjames = {
     email = "nix@alextjam.es";
     github = "al3xtjames";
@@ -1388,6 +1404,7 @@
     github = "anthonyroussel";
     githubId = 220084;
     name = "Anthony Roussel";
+    matrix = "@anthonyrsl:matrix.org";
     keys = [{
       fingerprint = "472D 368A F107 F443 F3A5  C712 9DC4 987B 1A55 E75E";
     }];
@@ -2621,6 +2638,12 @@
     githubId = 30630233;
     name = "Timo Triebensky";
   };
+  birkb = {
+    email = "birk@batchworks.de";
+    github = "birkb";
+    githubId = 10164833;
+    name = "Birk Bohne";
+  };
   bjornfor = {
     email = "bjorn.forsman@gmail.com";
     github = "bjornfor";
@@ -2709,6 +2732,12 @@
     github = "bmwalters";
     githubId = 4380777;
   };
+  bnlrnz = {
+    github = "bnlrnz";
+    githubId = 11310385;
+    name = "Ben Lorenz";
+    email = "bnlrnz@gmail.com";
+  };
   bobakker = {
     email = "bobakk3r@gmail.com";
     github = "bobakker";
@@ -2746,6 +2775,12 @@
     githubId = 150560585;
     name = "Dmitry Ivankov";
   };
+  bonsairobo = {
+    email = "duncanfairbanks6@gmail.com";
+    github = "bonsairobo";
+    githubId = 3229981;
+    name = "Duncan Fairbanks";
+  };
   booklearner = {
     name = "booklearner";
     email = "booklearner@proton.me";
@@ -5007,6 +5042,12 @@
     github = "DimitarNestorov";
     githubId = 8790386;
   };
+  diniamo = {
+    name = "diniamo";
+    email = "diniamo53@gmail.com";
+    github = "diniamo";
+    githubId = 55629891;
+  };
   diogotcorreia = {
     name = "Diogo Correia";
     email = "me@diogotc.com";
@@ -5295,6 +5336,12 @@
       fingerprint = "D245 D484 F357 8CB1 7FD6  DA6B 67DB 29BF F3C9 6757";
     }];
   };
+  dragonginger = {
+    email = "dragonginger10@gmail.com";
+    github = "dragonginger10";
+    githubId = 20759788;
+    name = "JP Lippold";
+  };
   dramaturg = {
     email = "seb@ds.ag";
     github = "dramaturg";
@@ -5438,6 +5485,12 @@
     githubId = 6689924;
     name = "David Terry";
   };
+  dylan-gonzalez = {
+    email = "dylcg10@gmail.com";
+    github = "dylan-gonzalez";
+    githubId = 45161987;
+    name = "Dylan Gonzalez";
+  };
   dylanmtaylor = {
     email = "dylan@dylanmtaylor.com";
     github = "dylanmtaylor";
@@ -6409,6 +6462,12 @@
     githubId = 4246921;
     name = "Florian Beeres";
   };
+  fccapria = {
+    email = "francesco@capria.eu";
+    github = "fccapria";
+    githubId = 62179193;
+    name = "Francesco Carmelo Capria";
+  };
   fd = {
     email = "simon.menke@gmail.com";
     github = "fd";
@@ -8391,6 +8450,12 @@
     github = "Icy-Thought";
     githubId = 53710398;
   };
+  id3v1669 = {
+    name = "id3v1669";
+    email = "id3v1669@gmail.com";
+    github = "id3v1669";
+    githubId = 57532211;
+  };
   idlip = {
     name = "Dilip";
     email = "igoldlip@gmail.com";
@@ -8671,6 +8736,12 @@
     githubId = 137306;
     name = "Michele Catalano";
   };
+  isabelroses = {
+    email = "isabel@isabelroses.com";
+    github = "isabelroses";
+    githubId = 71222764;
+    name = "Isabel Roses";
+  };
   isaozler = {
     email = "isaozler@gmail.com";
     github = "isaozler";
@@ -8824,6 +8895,15 @@
     github = "j4m3s-s";
     githubId = 9413812;
   };
+  ja1den = {
+    name = "Jaiden Douglas";
+    email = "contact@ja1den.me";
+    github = "ja1den";
+    githubId = 49811314;
+    keys = [{
+      fingerprint = "CC36 4CF4 32DD 443F 27FC  033C 3475 AA20 D72F 6A93";
+    }];
+  };
   jab = {
     name = "Joshua Bronson";
     email = "jabronson@gmail.com";
@@ -10151,6 +10231,11 @@
     githubId = 6544084;
     name = "Kai Harries";
   };
+  kai-tub = {
+    name = "Kai Norman Clasen";
+    github = "kai-tub";
+    githubId = 46302524;
+  };
   kalbasit = {
     email = "wael.nasreddine@gmail.com";
     matrix = "@kalbasit:matrix.org";
@@ -10450,6 +10535,12 @@
     githubId = 845652;
     name = "Kier Davis";
   };
+  kiike = {
+    email = "me@enric.me";
+    github = "kiike";
+    githubId = 464625;
+    name = "Enric Morales";
+  };
   kilianar = {
     email = "mail@kilianar.de";
     github = "kilianar";
@@ -11419,6 +11510,13 @@
       fingerprint = "80EE AAD8 43F9 3097 24B5  3D7E 27E9 7B91 E63A 7FF8";
     }];
   };
+  link2xt = {
+    email = "link2xt@testrun.org";
+    githubId = 18373967;
+    github = "link2xt";
+    matrix = "@link2xt:matrix.org";
+    name = "link2xt";
+  };
   linquize = {
     email = "linquize@yahoo.com.hk";
     github = "linquize";
@@ -11771,12 +11869,6 @@
     githubId = 5767106;
     name = "Lukas Schmidt";
   };
-  luis = {
-    email = "luis.nixos@gmail.com";
-    github = "Luis-Hebendanz";
-    githubId = 22085373;
-    name = "Luis Hebendanz";
-  };
   luisdaranda = {
     email = "luisdomingoaranda@gmail.com";
     github = "propet";
@@ -11821,6 +11913,12 @@
     githubId = 30468956;
     name = "Lukas Heiligenbrunner";
   };
+  lukaslihotzki = {
+    email = "lukas@lihotzki.de";
+    github = "lukaslihotzki";
+    githubId = 10326063;
+    name = "Lukas Lihotzki";
+  };
   lukaswrz = {
     email = "lukas@wrz.one";
     github = "lukaswrz";
@@ -13299,6 +13397,12 @@
       fingerprint = "E90C BA34 55B3 6236 740C  038F 0D94 8CE1 9CF4 9C5F";
     }];
   };
+  mksafavi = {
+    name = "MK Safavi";
+    email = "mksafavi@gmail.com";
+    github = "mksafavi";
+    githubId = 50653293;
+  };
   mktip = {
     email = "mo.issa.ok+nix@gmail.com";
     github = "mktip";
@@ -13308,6 +13412,12 @@
       fingerprint = "64BE BF11 96C3 DD7A 443E  8314 1DC0 82FA DE5B A863";
     }];
   };
+  mlaradji = {
+    name = "Mohamed Laradji";
+    email = "mlaradji@pm.me";
+    github = "mlaradji";
+    githubId = 33703663;
+  };
   mlatus = {
     email = "wqseleven@gmail.com";
     github = "Ninlives";
@@ -13960,6 +14070,10 @@
     githubId = 56316606;
     name = "Amneesh Singh";
   };
+  nayala = {
+    name = "Nia";
+    matrix = "@fly:asra.gr";
+  };
   nazarewk = {
     name = "Krzysztof Nazarewski";
     matrix = "@nazarewk:matrix.org";
@@ -14677,6 +14791,12 @@
     githubId = 16027994;
     name = "Nathan Viets";
   };
+  nyadiia = {
+    email = "nyadiia@pm.me";
+    github = "nyadiia";
+    githubId = 43252360;
+    name = "Nadia";
+  };
   nyanbinary = {
     email = "nyanbinary@keemail.me";
     matrix = "@niko:conduit.rs";
@@ -14702,6 +14822,12 @@
     githubId = 127548;
     name = "Judson Lester";
   };
+  nyawox = {
+    name = "nyawox";
+    email = "nyawox.git@gmail.com";
+    github = "nyawox";
+    githubId = 93813719;
+  };
   nzbr = {
     email = "nixos@nzbr.de";
     github = "nzbr";
@@ -16328,6 +16454,12 @@
     matrix = "@quantenzitrone:matrix.org";
     name = "quantenzitrone";
   };
+  qubasa = {
+    email = "consulting@qube.email";
+    github = "Qubasa";
+    githubId = 22085373;
+    name = "Luis Hebendanz";
+  };
   queezle = {
     email = "git@queezle.net";
     github = "queezle42";
@@ -16581,6 +16713,12 @@
     githubId = 145816;
     name = "David McKay";
   };
+  raylas = {
+    email = "r@raymond.sh";
+    github = "raylas";
+    githubId = 8099415;
+    name = "Raymond Douglas";
+  };
   rayslash = {
     email = "stevemathewjoy@tutanota.com";
     github = "rayslash";
@@ -16823,6 +16961,13 @@
     githubId = 12279531;
     name = "Ricardo Guevara";
   };
+  rhelmot = {
+    name = "Audrey Dutcher";
+    github = "rhelmot";
+    githubId = 2498805;
+    email = "audrey@rhelmot.io";
+    matrix = "@rhelmot:matrix.org";
+  };
   rhendric = {
     name = "Ryan Hendrickson";
     github = "rhendric";
@@ -17252,6 +17397,11 @@
     githubId = 19433256;
     name = "Radoslaw Sniezek";
   };
+  rster2002 = {
+    name = "Bjørn";
+    github = "rster2002";
+    githubId = 26026518;
+  };
   rsynnest = {
     email = "contact@rsynnest.com";
     github = "rsynnest";
@@ -17642,7 +17792,7 @@
     name = "Sanskar Gurdasani";
   };
   sarahec = {
-    email = "sarahec@nextquestion.net";
+    email = "seclark@nextquestion.net";
     github = "sarahec";
     githubId = 11277967;
     name = "Sarah Clark";
@@ -18958,12 +19108,6 @@
     githubId = 2798728;
     name = "Filip Czaplicki";
   };
-  star-szr = {
-    email = "nixpkgs@szr.fastmail.com";
-    github = "star-szr";
-    githubId = 327943;
-    name = "Scott Zhu Reeves";
-  };
   starzation = {
     email = "nixpkgs@starzation.net";
     github = "starzation";
@@ -19223,6 +19367,12 @@
     githubId = 1939855;
     name = "Kimmo Suominen";
   };
+  supa = {
+    email = "supa.codes@gmail.com";
+    github = "0Supa";
+    githubId = 36031171;
+    name = "Supa";
+  };
   superbo = {
     email = "supernbo@gmail.com";
     github = "SuperBo";
@@ -19321,6 +19471,12 @@
     github = "sweenu";
     githubId = 7051978;
   };
+  swendel = {
+    name = "Sebastian Wendel";
+    email = "nixpkgs.aiX5ph@srx.digital";
+    github = "SebastianWendel";
+    githubId = 919570;
+  };
   swesterfeld = {
     email = "stefan@space.twc.de";
     github = "swesterfeld";
@@ -19404,6 +19560,12 @@
       fingerprint = "6866 981C 4992 4D64 D154  E1AC 19E5 A2D8 B1E4 3F19";
     }];
   };
+  t4sm5n = {
+    email = "t4sm5n@gmail.com";
+    github = "t4sm5n";
+    githubId = 28858039;
+    name = "Tuomas Mäkinen";
+  };
   tadeokondrak = {
     email = "me@tadeo.ca";
     github = "tadeokondrak";
@@ -19595,6 +19757,12 @@
     githubId = 2389333;
     name = "Andy Tockman";
   };
+  tcmal = {
+    email = "me@aria.rip";
+    github = "tcmal";
+    githubId = 4183876;
+    name = "Aria Shrimpton";
+  };
   teatwig = {
     email = "nix@teatwig.net";
     name = "tea";
@@ -20172,6 +20340,11 @@
     githubId = 9853194;
     name = "Philipp Bartsch";
   };
+  toast = {
+    name = "Toast";
+    github = "toast003";
+    githubId = 39011842;
+  };
   toastal = {
     email = "toastal+nix@posteo.net";
     matrix = "@toastal:mozilla.org";
@@ -20606,6 +20779,12 @@
     githubId = 20206121;
     name = "umlx5h";
   };
+  uncenter = {
+    name = "uncenter";
+    email = "uncenter@uncenter.dev";
+    github = "uncenter";
+    githubId = 47499684;
+  };
   unclamped = {
     name = "Maru";
     email = "clear6860@tutanota.com";
@@ -21402,6 +21581,16 @@
       fingerprint = "DA03 D6C6 3F58 E796 AD26  E99B 366A 2940 479A 06FC";
     }];
   };
+  willbush = {
+    email = "git@willbush.dev";
+    matrix = "@willbush:matrix.org";
+    github = "willbush";
+    githubId = 2023546;
+    name = "Will Bush";
+    keys = [{
+      fingerprint = "4441 422E 61E4 C8F3 EBFE  5E33 3823 864B 54B1 3BDA";
+    }];
+  };
   willcohen = {
     github = "willcohen";
     githubId = 5185341;
@@ -22292,6 +22481,12 @@
     githubId = 1108325;
     name = "Théo Zimmermann";
   };
+  zlepper = {
+    name = "Rasmus Hansen";
+    github = "zlepper";
+    githubId = 1499810;
+    email = "hansen13579@gmail.com";
+  };
   zmitchell = {
     name = "Zach Mitchell";
     email = "zmitchell@fastmail.com";

maintainers/scripts/kde/utils.py

@@ -122,10 +122,7 @@ class KDERepoMetadata:
             dep_graph={},
         )
 
-        dep_specs = [
+        dep_specs = ["dependency-data-stable-kf6-qt6"]
-            "dependency-data-common",
-            "dependency-data-kf6-qt6"
-        ]
         dep_graph = collections.defaultdict(set)
 
         for spec in dep_specs:

maintainers/team-list.nix

@@ -451,6 +451,7 @@ with lib.maintainers; {
     # Verify additions to this team with at least one already existing member of the team.
     members = [
       das_j
+      conni2461
     ];
     scope = "Group registration for packages maintained by Helsinki Systems";
     shortName = "Helsinki Systems employees";
@@ -517,6 +518,7 @@ with lib.maintainers; {
       cpages
       dschrempf
       edwtjo
+      kazenyuk
       minijackson
       peterhoeg
       sephalon
@@ -573,6 +575,9 @@ with lib.maintainers; {
       rrbutani
       sternenseemann
     ];
+    githubTeams = [
+      "llvm"
+    ];
     scope = "Maintain LLVM package sets and related packages";
     shortName = "LLVM";
     enableFeatureFreezePing = true;

nixos/doc/manual/configuration/customizing-packages.section.md

@@ -1,11 +1,33 @@
 # Customising Packages {#sec-customising-packages}
 
-Some packages in Nixpkgs have options to enable or disable optional
+The Nixpkgs configuration for a NixOS system is set by the {option}`nixpkgs.config` option.
-functionality or change other aspects of the package.
+
+::::{.example}
+# Globally allow unfree packages
+
+```nix
+{
+  nixpkgs.config = {
+    allowUnfree = true;
+  };
+}
+```
+
+:::{.note}
+This only allows unfree software in the given NixOS configuration.
+For users invoking Nix commands such as [`nix-build`](https://nixos.org/manual/nix/stable/command-ref/nix-build), Nixpkgs is configured independently.
+See the [Nixpkgs manual section on global configuration](https://nixos.org/manual/nixpkgs/unstable/#chap-packageconfig) for details.
+:::
+::::
+
+<!-- TODO(@fricklerhandwerk)
+all of the following should go to the Nixpkgs manual, it has nothing to do with NixOS
+-->
+
+Some packages in Nixpkgs have options to enable or disable optional functionality, or change other aspects of the package.
 
 ::: {.warning}
-Unfortunately, Nixpkgs currently lacks a way to query available
+Unfortunately, Nixpkgs currently lacks a way to query available package configuration options.
-configuration options.
 :::
 
 ::: {.note}

nixos/doc/manual/release-notes/rl-2305.section.md

@@ -53,7 +53,7 @@ In addition to numerous new and updated packages, this release has the following
 
 - [alertmanager-irc-relay](https://github.com/google/alertmanager-irc-relay), a Prometheus Alertmanager IRC Relay. Available as [services.prometheus.alertmanagerIrcRelay](options.html#opt-services.prometheus.alertmanagerIrcRelay.enable).
 
-- [alice-lg](github.com/alice-lg/alice-lg), a looking-glass for BGP sessions. Available as [services.alice-lg](#opt-services.alice-lg.enable).
+- [alice-lg](https://github.com/alice-lg/alice-lg), a looking-glass for BGP sessions. Available as [services.alice-lg](#opt-services.alice-lg.enable).
 
 - [atuin](https://github.com/ellie/atuin), a sync server for shell history. Available as [services.atuin](#opt-services.atuin.enable).
 
@@ -79,7 +79,7 @@ In addition to numerous new and updated packages, this release has the following
 
 - [frigate](https://frigate.video), an open source NVR built around real-time AI object detection. Available as [services.frigate](#opt-services.frigate.enable).
 
-- [fzf](https://github.com/junegunn/fzf), a command line fuzzyfinder. Available as [programs.fzf](#opt-programs.fzf.enable).
+- [fzf](https://github.com/junegunn/fzf), a command line fuzzyfinder. Available as [programs.fzf](#opt-programs.fzf.fuzzyCompletion).
 
 - [gemstash](https://github.com/rubygems/gemstash), a RubyGems.org cache and private gem server. Available as [services.gemstash](#opt-services.gemstash.enable).
 

nixos/doc/manual/release-notes/rl-2405.section.md

@@ -37,6 +37,10 @@ In addition to numerous new and upgraded packages, this release has the followin
 Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for PipeWire and
 `services.pipewire.wireplumber.configPackages` for WirePlumber instead."
 
+- `teleport` has been upgraded from major version 14 to major version 15.
+  Refer to upstream [upgrade instructions](https://goteleport.com/docs/management/operations/upgrading/)
+  and release notes for [v15](https://goteleport.com/docs/changelog/#1500-013124).
+
 - A new option `systemd.sysusers.enable` was added. If enabled, users and
   groups are created with systemd-sysusers instead of with a custom perl script.
 
@@ -74,6 +78,8 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
 
 - Plasma 6 is now available and can be installed with `services.xserver.desktopManager.plasma6.enable = true;`. Plasma 5 will likely be deprecated in the next release (24.11). Note that Plasma 6 runs as Wayland by default, and the X11 session needs to be explicitly selected if necessary.
 
+- The desktop mode of Lomiri (formerly known as Unity8), using Mir 2.x to function as a Wayland compositor, is now available and can be installed with `services.desktopManager.lomiri.enable = true`. Note that some core applications, services and indicators have yet to be packaged, and some functions may remain incomplete, but the base experience should be there.
+
 ## New Services {#sec-release-24.05-new-services}
 
 <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
@@ -102,6 +108,8 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
 
 - [dnsproxy](https://github.com/AdguardTeam/dnsproxy), a simple DNS proxy with DoH, DoT, DoQ and DNSCrypt support. Available as [services.dnsproxy](#opt-services.dnsproxy.enable).
 
+- [manticoresearch](https://manticoresearch.com), easy to use open source fast database for search. Available as [services.manticore](#opt-services.manticore.enable).
+
 - [rspamd-trainer](https://gitlab.com/onlime/rspamd-trainer), script triggered by a helper which reads mails from a specific mail inbox and feeds them into rspamd for spam/ham training.
 
 - [ollama](https://ollama.ai), server for running large language models locally.
@@ -116,6 +124,8 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
   Matter Controller Server exposing websocket connections for use with other services, notably Home Assistant.
   Available as [services.matter-server](#opt-services.matter-server.enable)
 
+- [db-rest](https://github.com/derhuerst/db-rest), a wrapper around Deutsche Bahn's internal API for public transport data. Available as [services.db-rest](#opt-services.db-rest.enable).
+
 - [Anki Sync Server](https://docs.ankiweb.net/sync-server.html), the official sync server built into recent versions of Anki. Available as [services.anki-sync-server](#opt-services.anki-sync-server.enable).
 The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been marked deprecated and will be dropped after 24.05 due to lack of maintenance of the anki-sync-server softwares.
 
@@ -123,12 +133,18 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - [transfer-sh](https://github.com/dutchcoders/transfer.sh), a tool that supports easy and fast file sharing from the command-line. Available as [services.transfer-sh](#opt-services.transfer-sh.enable).
 
+- [FCast Receiver](https://fcast.org), an open-source alternative to Chromecast and AirPlay. Available as [programs.fcast-receiver](#opt-programs.fcast-receiver.enable).
+
 - [MollySocket](https://github.com/mollyim/mollysocket) which allows getting Signal notifications via UnifiedPush.
 
 - [Suwayomi Server](https://github.com/Suwayomi/Suwayomi-Server), a free and open source manga reader server that runs extensions built for [Tachiyomi](https://tachiyomi.org). Available as [services.suwayomi-server](#opt-services.suwayomi-server.enable).
 
+- A self-hosted management server for the [Netbird](https://netbird.io). Available as [services.netbird.server](#opt-services.netbird.server.enable).
+
 - [ping_exporter](https://github.com/czerwonk/ping_exporter), a Prometheus exporter for ICMP echo requests. Available as [services.prometheus.exporters.ping](#opt-services.prometheus.exporters.ping.enable).
 
+- [Prometheus DNSSEC Exporter](https://github.com/chrj/prometheus-dnssec-exporter), check for validity and expiration in DNSSEC signatures and expose metrics for Prometheus. Available as [services.prometheus.exporters.dnssec](#opt-services.prometheus.exporters.dnssec.enable).
+
 - [TigerBeetle](https://tigerbeetle.com/), a distributed financial accounting database designed for mission critical safety and performance. Available as [services.tigerbeetle](#opt-services.tigerbeetle.enable).
 
 - [go-camo](https://github.com/cactus/go-camo), a secure image proxy server. Available as [services.go-camo](#opt-services.go-camo.enable).
@@ -151,6 +167,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - binfmt option for AppImage-run to support running [AppImage](https://appimage.org/)'s seamlessly on NixOS.. Available as [programs.appimage.binfmt](#opt-programs.appimage.binfmt).
 
+- [nh](https://github.com/viperML/nh), yet another Nix CLI helper. Available as [programs.nh](#opt-programs.nh.enable).
+
 - [ALVR](https://github.com/alvr-org/alvr), a VR desktop streamer. Available as [programs.alvr](#opt-programs.alvr.enable)
 
 - [RustDesk](https://rustdesk.com), a full-featured open source remote control alternative for self-hosting and security with minimal configuration. Alternative to TeamViewer.
@@ -159,12 +177,16 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - [davis](https://github.com/tchapi/davis), a simple CardDav and CalDav server inspired by Baïkal. Available as [services.davis]($opt-services-davis.enable).
 
+- [Firefly-iii](https://www.firefly-iii.org), a free and open source personal finance manager. Available as [services.firefly-iii](#opt-services.firefly-iii.enable)
+
 - [systemd-lock-handler](https://git.sr.ht/~whynothugo/systemd-lock-handler/), a bridge between logind D-Bus events and systemd targets. Available as [services.systemd-lock-handler.enable](#opt-services.systemd-lock-handler.enable).
 
 - [wastebin](https://github.com/matze/wastebin), a pastebin server written in rust. Available as [services.wastebin](#opt-services.wastebin.enable).
 
 - [Mealie](https://nightly.mealie.io/), a self-hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in NuxtJS for a pleasant user experience for the whole family. Available as [services.mealie](#opt-services.mealie.enable)
 
+- [Sunshine](https://app.lizardbyte.dev/Sunshine), a self-hosted game stream host for Moonlight. Available as [services.sunshine](#opt-services.sunshine.enable).
+
 - [Uni-Sync](https://github.com/EightB1ts/uni-sync), a synchronization tool for Lian Li Uni Controllers. Available as [hardware.uni-sync](#opt-hardware.uni-sync.enable)
 
 - [prometheus-nats-exporter](https://github.com/nats-io/prometheus-nats-exporter), a Prometheus exporter for NATS. Available as [services.prometheus.exporters.nats](#opt-services.prometheus.exporters.nats.enable).
@@ -175,7 +197,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - `k3s`: was updated to version [v1.29](https://github.com/k3s-io/k3s/releases/tag/v1.29.1%2Bk3s2), all previous versions (k3s_1_26, k3s_1_27, k3s_1_28) will be removed. See [changelog and upgrade notes](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#urgent-upgrade-notes) for more information.
 
-- `himalaya` was updated to `v1.0.0-beta.3`, which introduces breaking changes. Check out the [release note](https://github.com/soywod/himalaya/releases/tag/v1.0.0-beta.3) for details.
+- `himalaya` was updated to `v1.0.0-beta.4`, which introduces breaking changes. Check out the [release note](https://github.com/soywod/himalaya/releases/tag/v1.0.0-beta.4) for details.
 
 - The `power.ups` module now generates `upsd.conf`, `upsd.users` and `upsmon.conf` automatically from a set of new configuration options. This breaks compatibility with existing `power.ups` setups where these files were created manually. Back up these files before upgrading NixOS.
 
@@ -217,6 +239,10 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - `services.neo4j.allowUpgrade` was removed and no longer has any effect. Neo4j 5 supports automatic rolling upgrades.
 
+- `unifiLTS`, `unifi5` and `unifi6` have been removed, as they require MongoDB versions which are end-of-life. All these versions can be upgraded to `unifi7` directly.
+
+- `mongodb-4_4` has been removed as it has reached end of life. Consequently, `unifi7` and `unifi8` now use MongoDB 5.0 by default.
+
 - `nitter` requires a `guest_accounts.jsonl` to be provided as a path or loaded into the default location at `/var/lib/nitter/guest_accounts.jsonl`. See [Guest Account Branch Deployment](https://github.com/zedeus/nitter/wiki/Guest-Account-Branch-Deployment) for details.
 
 - `boot.supportedFilesystems` and `boot.initrd.supportedFilesystems` are now attribute sets instead of lists. Assignment from lists as done previously is still supported, but checking whether a filesystem is enabled must now by done using `supportedFilesystems.fs or false` instead of using `lib.elem "fs" supportedFilesystems` as was done previously.
@@ -269,6 +295,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
   release notes of [v19](https://github.com/systemd/mkosi/releases/tag/v19) and
   [v20](https://github.com/systemd/mkosi/releases/tag/v20) for a list of changes.
 
+- `gonic` has been updated to v0.16.4. Config now requires `playlists-path` to be set. See the rest of the [v0.16.0 release notes](https://github.com/sentriz/gonic/releases/tag/v0.16.0) for more details.
+
 - The `services.vikunja` systemd service now uses `vikunja` as dynamic user instead of `vikunja-api`. Database users might need to be changed.
 
 - The `services.vikunja.setupNginx` setting has been removed. Users now need to setup the webserver configuration on their own with a proxy pass to the vikunja service.
@@ -311,6 +339,12 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - The `cudaPackages` package scope has been updated to `cudaPackages_12`.
 
+- The deprecated `cudaPackages.cudatoolkit` has been replaced with a
+  symlink-based wrapper for the splayed redistributable CUDA packages. The
+  wrapper only includes tools and libraries necessary to build common packages
+  like e.g. tensorflow. The original runfile-based `cudatoolkit` is still
+  available as `cudatoolkit-legacy-runfile`.
+
 - The `halloy` package was updated past 2024.5 which introduced a breaking change by switching the config format from YAML to TOML. See https://github.com/squidowl/halloy/releases/tag/2024.5 for details.
 
 - Ada packages (libraries and tools) have been moved into the `gnatPackages` scope. `gnatPackages` uses the default GNAT compiler, `gnat12Packages` and `gnat13Packages` use the respective matching compiler version.
@@ -328,8 +362,6 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - `xxd` has been moved from `vim` default output to its own output to reduce closure size. The canonical way to reference it across all platforms is `unixtools.xxd`.
 
-- `programs.fzf.keybindings` and `programs.fzf.fuzzyCompletion` got replaced by `programs.fzf.enable` as shell-completion is included in the fzf-binary now there is no easy option to load completion and keybindings separately. Please consult fzf-documentation on how to configure/disable certain keybindings.
-
 - The `stalwart-mail` package has been updated to v0.5.3, which includes [breaking changes](https://github.com/stalwartlabs/mail-server/blob/v0.5.3/UPGRADING.md).
 
 - `services.zope2` has been removed as `zope2` is unmaintained and was relying on Python2.
@@ -405,6 +437,14 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
   - `nomad_1_4` has been removed, as it is now unsupported upstream.
 
+- Dwarf Fortress has been updated to version 50, and its derivations continue to menace with spikes of Nix and bash. Version 50 is identical to the version on Steam, but without the paid elements like tilepacks.
+  dfhack and Dwarf Therapist still work, and older versions are still packaged in case you'd like to roll back. Note that DF 50 saves will not be compatible with DF 0.47 and earlier.
+  See [Bay 12 Games](http://www.bay12games.com/dwarves/) for more details on what's new in Dwarf Fortress.
+
+  - Running an earlier version can be achieved through an override: `dwarf-fortress-packages.dwarf-fortress-full.override { dfVersion = "0.47.5"; }`
+
+  - Ruby plugin support has been disabled in DFHack. Many of the Ruby plugins have been converted to Lua, and support was removed upstream due to frequent crashes.
+
 - The `livebook` package is now built as a `mix release` instead of an `escript`.
   This means that configuration now has to be done using [environment variables](https://hexdocs.pm/livebook/readme.html#environment-variables) instead of command line arguments.
   This has the further implication that the `livebook` service configuration has changed:
@@ -412,6 +452,10 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 - The `erlang_node_short_name`, `erlang_node_name`, `port` and `options` configuration parameters are gone, and have been replaced with an `environment` parameter.
     Use the appropriate [environment variables](https://hexdocs.pm/livebook/readme.html#environment-variables) inside `environment` to configure the service instead.
 
+- `akkoma` now requires explicitly setting the base URL for uploaded media (`settings."Pleroma.Upload".base_url`), as well as for the media proxy if enabled (`settings."Media"`).
+  This is recommended to be a separate (sub)domain to the one Akkoma is hosted at.
+  See [here](https://meta.akkoma.dev/t/akkoma-stable-2024-03-securer-i-barely-know-her/681#explicit-upload-and-media-proxy-domains-5) for more details.
+
 - The `crystal` package has been updated to 1.11.x, which has some breaking changes.
   Refer to crystal's changelog for more information. ([v1.10](https://github.com/crystal-lang/crystal/blob/master/CHANGELOG.md#1100-2023-10-09), [v1.11](https://github.com/crystal-lang/crystal/blob/master/CHANGELOG.md#1110-2024-01-08))
 
@@ -462,6 +506,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - [Lilypond](https://lilypond.org/index.html) and [Denemo](https://www.denemo.org) are now compiled with Guile 3.0.
 
+- Garage has been updated to v1.x.x. Users should read the [upstream release notes](https://git.deuxfleurs.fr/Deuxfleurs/garage/releases/tag/v1.0.0) and follow the documentation when changing over their `services.garage.package` and performing this manual upgrade.
+
 - The EC2 image module now enables the [Amazon SSM Agent](https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html) by default.
 
 - The following options of the Nextcloud module were moved into [`services.nextcloud.settings`](#opt-services.nextcloud.settings) and renamed to match the name from Nextcloud's `config.php`:
@@ -535,6 +581,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
   and `services.kavita.settings.IpAddresses`. The file at `services.kavita.tokenKeyFile` now needs to contain a secret with
   512+ bits instead of 128+ bits.
 
+- `kavita` has been updated to 0.8.0, requiring a manual forced library scan on all libraries for migration. Refer to upstream's [release notes](https://github.com/Kareadita/Kavita/releases/tag/v0.8.0) for details.
+
 - The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`.
 
 - `services.soju` now has a wrapper for the `sojuctl` command, pointed at the service config file. It also has the new option `adminSocket.enable`, which creates a unix admin socket at `/run/soju/admin`.
@@ -549,6 +597,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - The `hardware.pulseaudio` module now sets permission of pulse user home directory to 755 when running in "systemWide" mode. It fixes [issue 114399](https://github.com/NixOS/nixpkgs/issues/114399).
 
+- The `services.networkmanager.extraConfig` was renamed to `services.networkmanager.settings` and was changed to use the ini type instead of using a multiline string.
+
 - The module `services.github-runner` has been removed. To configure a single GitHub Actions Runner refer to `services.github-runners.*`. Note that this will trigger a new runner registration.
 
 - The `services.slskd` has been refactored to include more configuation options in
@@ -574,7 +624,11 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 - QtMultimedia has changed its default backend to `QT_MEDIA_BACKEND=ffmpeg` (previously `gstreamer` on Linux or `darwin` on MacOS).
   The previous native backends remain available but are now minimally maintained. Refer to [upstream documentation](https://doc.qt.io/qt-6/qtmultimedia-index.html#ffmpeg-as-the-default-backend) for further details about each platform.
 
+- The `drbd` out-of-tree Linux kernel driver has been added in version `9.2.7`. With it the DRBD 9.x features can be used instead of the 8.x features provided by the `8.4.11` in-tree driver.
+
 - The oil shell's c++ version is now available as `oils-for-unix`. The python version is still available as `oil`
 
 - `documentation.man.mandoc` now by default uses `MANPATH` to set the directories where mandoc will search for manual pages.
   This enables mandoc to find manual pages in Nix profiles. To set the manual search paths via the `mandoc.conf` configuration file like before, use `documentation.man.mandoc.settings.manpath` instead.
+
+- The `grafana-loki` package was updated to 3.0.0 which includes [breaking changes](https://github.com/grafana/loki/releases/tag/v3.0.0)

nixos/lib/systemd-lib.nix

@@ -148,6 +148,10 @@ in rec {
     optional (attr ? ${name} && !(min <= attr.${name} && max >= attr.${name}))
       "Systemd ${group} field `${name}' is outside the range [${toString min},${toString max}]";
 
+  assertRangeOrOneOf = name: min: max: values: group: attr:
+    optional (attr ? ${name} && !((min <= attr.${name} && max >= attr.${name}) || elem attr.${name} values))
+      "Systemd ${group} field `${name}' is not a value in range [${toString min},${toString max}], or one of ${toString values}";
+
   assertMinimum = name: min: group: attr:
     optional (attr ? ${name} && attr.${name} < min)
       "Systemd ${group} field `${name}' must be greater than or equal to ${toString min}";

nixos/lib/systemd-network-units.nix

@@ -25,6 +25,9 @@ in {
     commonMatchText def + ''
       [NetDev]
       ${attrsToSection def.netdevConfig}
+    '' + optionalString (def.bridgeConfig != { }) ''
+      [Bridge]
+      ${attrsToSection def.bridgeConfig}
     '' + optionalString (def.vlanConfig != { }) ''
       [VLAN]
       ${attrsToSection def.vlanConfig}

nixos/lib/testing/meta.nix

@@ -36,7 +36,7 @@ in
           };
           platforms = lib.mkOption {
             type = types.listOf types.raw;
-            default = lib.platforms.linux;
+            default = lib.platforms.linux ++ lib.platforms.darwin;
             description = ''
               Sets the [`meta.platforms`](https://nixos.org/manual/nixpkgs/stable/#var-meta-platforms) attribute on the [{option}`test`](#test-opt-test) derivation.
             '';

nixos/maintainers/scripts/ec2/amazon-image.nix

@@ -23,7 +23,7 @@ in {
   options.amazonImage = {
     name = mkOption {
       type = types.str;
-      description = lib.mdDoc "The name of the generated derivation";
+      description = "The name of the generated derivation";
       default = "nixos-amazon-image-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}";
     };
 
@@ -35,7 +35,7 @@ in {
         ]
       '';
       default = [];
-      description = lib.mdDoc ''
+      description = ''
         This option lists files to be copied to fixed locations in the
         generated image. Glob patterns work.
       '';
@@ -45,13 +45,13 @@ in {
       type = with types; either (enum [ "auto" ]) int;
       default = 3072;
       example = 8192;
-      description = lib.mdDoc "The size in MB of the image";
+      description = "The size in MB of the image";
     };
 
     format = mkOption {
       type = types.enum [ "raw" "qcow2" "vpc" ];
       default = "vpc";
-      description = lib.mdDoc "The image format to output";
+      description = "The image format to output";
     };
   };
 

nixos/maintainers/scripts/openstack/openstack-image-zfs.nix

@@ -16,26 +16,26 @@ in
   options.openstackImage = {
     name = mkOption {
       type = types.str;
-      description = lib.mdDoc "The name of the generated derivation";
+      description = "The name of the generated derivation";
       default = "nixos-openstack-image-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}";
     };
 
     ramMB = mkOption {
       type = types.int;
       default = 1024;
-      description = lib.mdDoc "RAM allocation for build VM";
+      description = "RAM allocation for build VM";
     };
 
     sizeMB = mkOption {
       type = types.int;
       default = 8192;
-      description = lib.mdDoc "The size in MB of the image";
+      description = "The size in MB of the image";
     };
 
     format = mkOption {
       type = types.enum [ "raw" "qcow2" ];
       default = "qcow2";
-      description = lib.mdDoc "The image format to output";
+      description = "The image format to output";
     };
   };
 

nixos/modules/config/appstream.nix

@@ -6,7 +6,7 @@ with lib;
     appstream.enable = mkOption {
       type = types.bool;
       default = true;
-      description = lib.mdDoc ''
+      description = ''
         Whether to install files to support the
         [AppStream metadata specification](https://www.freedesktop.org/software/appstream/docs/index.html).
       '';

nixos/modules/config/console.nix

@@ -40,7 +40,7 @@ in
   ###### interface
 
   options.console  = {
-    enable = mkEnableOption (lib.mdDoc "virtual console") // {
+    enable = mkEnableOption "virtual console" // {
       default = true;
     };
 
@@ -48,7 +48,7 @@ in
       type = with types; nullOr (either str path);
       default = null;
       example = "LatArCyrHeb-16";
-      description = mdDoc ''
+      description = ''
         The font used for the virtual consoles.
         Can be `null`, a font name, or a path to a PSF font file.
 
@@ -65,7 +65,7 @@ in
       type = with types; either str path;
       default = "us";
       example = "fr";
-      description = lib.mdDoc ''
+      description = ''
         The keyboard mapping table for the virtual consoles.
       '';
     };
@@ -79,7 +79,7 @@ in
         "002b36" "cb4b16" "586e75" "657b83"
         "839496" "6c71c4" "93a1a1" "fdf6e3"
       ];
-      description = lib.mdDoc ''
+      description = ''
         The 16 colors palette used by the virtual consoles.
         Leave empty to use the default colors.
         Colors must be in hexadecimal format and listed in
@@ -91,7 +91,7 @@ in
     packages = mkOption {
       type = types.listOf types.package;
       default = [ ];
-      description = lib.mdDoc ''
+      description = ''
         List of additional packages that provide console fonts, keymaps and
         other resources for virtual consoles use.
       '';
@@ -100,7 +100,7 @@ in
     useXkbConfig = mkOption {
       type = types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         If set, configure the virtual console keymap from the xserver
         keyboard settings.
       '';
@@ -109,7 +109,7 @@ in
     earlySetup = mkOption {
       default = false;
       type = types.bool;
-      description = lib.mdDoc ''
+      description = ''
         Enable setting virtual console options as early as possible (in initrd).
       '';
     };

nixos/modules/config/debug-info.nix

@@ -9,7 +9,7 @@ with lib;
     environment.enableDebugInfo = mkOption {
       type = types.bool;
       default = false;
-      description = mdDoc ''
+      description = ''
         Some NixOS packages provide debug symbols. However, these are
         not included in the system closure by default to save disk
         space. Enabling this option causes the debug symbols to appear

nixos/modules/config/fanout.nix

@@ -7,7 +7,7 @@ let
 in
 {
   options.services.fanout = {
-    enable = lib.mkEnableOption (lib.mdDoc "fanout");
+    enable = lib.mkEnableOption "fanout";
     fanoutDevices = lib.mkOption {
       type = lib.types.int;
       default = 1;

nixos/modules/config/fonts/fontconfig.nix

@@ -278,7 +278,7 @@ in
         enable = mkOption {
           type = types.bool;
           default = true;
-          description = lib.mdDoc ''
+          description = ''
             If enabled, a Fontconfig configuration file will be built
             pointing to a set of default fonts.  If you don't care about
             running X11 applications or any other program that uses
@@ -291,7 +291,7 @@ in
           internal = true;
           type     = with types; listOf path;
           default  = [ ];
-          description = lib.mdDoc ''
+          description = ''
             Fontconfig configuration packages.
           '';
         };
@@ -299,7 +299,7 @@ in
         antialias = mkOption {
           type = types.bool;
           default = true;
-          description = lib.mdDoc ''
+          description = ''
             Enable font antialiasing. At high resolution (> 200 DPI),
             antialiasing has no visible effect; users of such displays may want
             to disable this option.
@@ -309,7 +309,7 @@ in
         localConf = mkOption {
           type = types.lines;
           default = "";
-          description = lib.mdDoc ''
+          description = ''
             System-wide customization file contents, has higher priority than
             `defaultFonts` settings.
           '';
@@ -319,7 +319,7 @@ in
           monospace = mkOption {
             type = types.listOf types.str;
             default = ["DejaVu Sans Mono"];
-            description = lib.mdDoc ''
+            description = ''
               System-wide default monospace font(s). Multiple fonts may be
               listed in case multiple languages must be supported.
             '';
@@ -328,7 +328,7 @@ in
           sansSerif = mkOption {
             type = types.listOf types.str;
             default = ["DejaVu Sans"];
-            description = lib.mdDoc ''
+            description = ''
               System-wide default sans serif font(s). Multiple fonts may be
               listed in case multiple languages must be supported.
             '';
@@ -337,7 +337,7 @@ in
           serif = mkOption {
             type = types.listOf types.str;
             default = ["DejaVu Serif"];
-            description = lib.mdDoc ''
+            description = ''
               System-wide default serif font(s). Multiple fonts may be listed
               in case multiple languages must be supported.
             '';
@@ -346,7 +346,7 @@ in
           emoji = mkOption {
             type = types.listOf types.str;
             default = ["Noto Color Emoji"];
-            description = lib.mdDoc ''
+            description = ''
               System-wide default emoji font(s). Multiple fonts may be listed
               in case a font does not support all emoji.
 
@@ -363,7 +363,7 @@ in
           enable = mkOption {
             type = types.bool;
             default = true;
-            description = lib.mdDoc ''
+            description = ''
               Enable font hinting. Hinting aligns glyphs to pixel boundaries to
               improve rendering sharpness at low resolution. At high resolution
               (> 200 dpi) hinting will do nothing (at best); users of such
@@ -374,7 +374,7 @@ in
           autohint = mkOption {
             type = types.bool;
             default = false;
-            description = lib.mdDoc ''
+            description = ''
               Enable the autohinter in place of the default interpreter.
               The results are usually lower quality than correctly-hinted
               fonts, but better than unhinted fonts.
@@ -384,7 +384,7 @@ in
           style = mkOption {
             type = types.enum ["none" "slight" "medium" "full"];
             default = "slight";
-            description = lib.mdDoc ''
+            description = ''
               Hintstyle is the amount of font reshaping done to line up
               to the grid.
 
@@ -407,7 +407,7 @@ in
         includeUserConf = mkOption {
           type = types.bool;
           default = true;
-          description = lib.mdDoc ''
+          description = ''
             Include the user configuration from
             {file}`~/.config/fontconfig/fonts.conf` or
             {file}`~/.config/fontconfig/conf.d`.
@@ -419,7 +419,7 @@ in
           rgba = mkOption {
             default = "none";
             type = types.enum ["rgb" "bgr" "vrgb" "vbgr" "none"];
-            description = lib.mdDoc ''
+            description = ''
               Subpixel order. The overwhelming majority of displays are
               `rgb` in their normal orientation. Select
               `vrgb` for mounting such a display 90 degrees
@@ -435,7 +435,7 @@ in
           lcdfilter = mkOption {
             default = "default";
             type = types.enum ["none" "default" "light" "legacy"];
-            description = lib.mdDoc ''
+            description = ''
               FreeType LCD filter. At high resolution (> 200 DPI), LCD filtering
               has no visible effect; users of such displays may want to select
               `none`.
@@ -447,7 +447,7 @@ in
         cache32Bit = mkOption {
           default = false;
           type = types.bool;
-          description = lib.mdDoc ''
+          description = ''
             Generate system fonts cache for 32-bit applications.
           '';
         };
@@ -455,7 +455,7 @@ in
         allowBitmaps = mkOption {
           type = types.bool;
           default = true;
-          description = lib.mdDoc ''
+          description = ''
             Allow bitmap fonts. Set to `false` to ban all
             bitmap fonts.
           '';
@@ -464,7 +464,7 @@ in
         allowType1 = mkOption {
           type = types.bool;
           default = false;
-          description = lib.mdDoc ''
+          description = ''
             Allow Type-1 fonts. Default is `false` because of
             poor rendering.
           '';
@@ -473,7 +473,7 @@ in
         useEmbeddedBitmaps = mkOption {
           type = types.bool;
           default = false;
-          description = lib.mdDoc "Use embedded bitmaps in fonts like Calibri.";
+          description = "Use embedded bitmaps in fonts like Calibri.";
         };
 
       };

nixos/modules/config/fonts/fontdir.nix

@@ -30,7 +30,7 @@ in
       enable = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Whether to create a directory with links to all fonts in
           {file}`/run/current-system/sw/share/X11/fonts`.
         '';
@@ -40,7 +40,7 @@ in
         type = types.bool;
         default = config.programs.xwayland.enable;
         defaultText = literalExpression "config.programs.xwayland.enable";
-        description = lib.mdDoc ''
+        description = ''
           Whether to decompress fonts in
           {file}`/run/current-system/sw/share/X11/fonts`.
         '';

nixos/modules/config/fonts/ghostscript.nix

@@ -7,7 +7,7 @@ with lib;
     fonts.enableGhostscriptFonts = mkOption {
       type = types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Whether to add the fonts provided by Ghostscript (such as
         various URW fonts and the “Base-14” Postscript fonts) to the
         list of system fonts, making them available to X11

nixos/modules/config/fonts/packages.nix

@@ -16,13 +16,13 @@ in
         type = with lib.types; listOf path;
         default = [];
         example = lib.literalExpression "[ pkgs.dejavu_fonts ]";
-        description = lib.mdDoc "List of primary font packages.";
+        description = "List of primary font packages.";
       };
 
       enableDefaultPackages = lib.mkOption {
         type = lib.types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Enable a basic set of fonts providing several styles
           and families and reasonable coverage of Unicode.
         '';

nixos/modules/config/gtk/gtk-icon-cache.nix

@@ -7,7 +7,7 @@ with lib;
       type = types.bool;
       default = config.services.xserver.enable;
       defaultText = literalExpression "config.services.xserver.enable";
-      description = lib.mdDoc ''
+      description = ''
         Whether to build icon theme caches for GTK applications.
       '';
     };

nixos/modules/config/i18n.nix

@@ -21,7 +21,7 @@ with lib;
           }
         '';
         example = literalExpression "pkgs.glibcLocales";
-        description = lib.mdDoc ''
+        description = ''
           Customized pkg.glibcLocales package.
 
           Changing this option can disable handling of i18n.defaultLocale
@@ -33,7 +33,7 @@ with lib;
         type = types.str;
         default = "en_US.UTF-8";
         example = "nl_NL.UTF-8";
-        description = lib.mdDoc ''
+        description = ''
           The default locale.  It determines the language for program
           messages, the format for dates and times, sort order, and so on.
           It also determines the character set, such as UTF-8.
@@ -44,7 +44,7 @@ with lib;
         type = types.attrsOf types.str;
         default = {};
         example = { LC_MESSAGES = "en_US.UTF-8"; LC_TIME = "de_DE.UTF-8"; };
-        description = lib.mdDoc ''
+        description = ''
           A set of additional system-wide locale settings other than
           `LANG` which can be configured with
           {option}`i18n.defaultLocale`.
@@ -72,7 +72,7 @@ with lib;
             ))
         '';
         example = ["en_US.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "nl_NL/ISO-8859-1"];
-        description = lib.mdDoc ''
+        description = ''
           List of locales that the system should support.  The value
           `"all"` means that all locales supported by
           Glibc will be installed.  A full list of supported locales

nixos/modules/config/iproute2.nix

@@ -7,11 +7,11 @@ let
 in
 {
   options.networking.iproute2 = {
-    enable = mkEnableOption (lib.mdDoc "copying IP route configuration files");
+    enable = mkEnableOption "copying IP route configuration files";
     rttablesExtraConfig = mkOption {
       type = types.lines;
       default = "";
-      description = lib.mdDoc ''
+      description = ''
         Verbatim lines to add to /etc/iproute2/rt_tables
       '';
     };

nixos/modules/config/ldap.nix

@@ -59,36 +59,36 @@ in
 
     users.ldap = {
 
-      enable = mkEnableOption (lib.mdDoc "authentication against an LDAP server");
+      enable = mkEnableOption "authentication against an LDAP server";
 
       loginPam = mkOption {
         type = types.bool;
         default = true;
-        description = lib.mdDoc "Whether to include authentication against LDAP in login PAM.";
+        description = "Whether to include authentication against LDAP in login PAM.";
       };
 
       nsswitch = mkOption {
         type = types.bool;
         default = true;
-        description = lib.mdDoc "Whether to include lookup against LDAP in NSS.";
+        description = "Whether to include lookup against LDAP in NSS.";
       };
 
       server = mkOption {
         type = types.str;
         example = "ldap://ldap.example.org/";
-        description = lib.mdDoc "The URL of the LDAP server.";
+        description = "The URL of the LDAP server.";
       };
 
       base = mkOption {
         type = types.str;
         example = "dc=example,dc=org";
-        description = lib.mdDoc "The distinguished name of the search base.";
+        description = "The distinguished name of the search base.";
       };
 
       useTLS = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           If enabled, use TLS (encryption) over an LDAP (port 389)
           connection.  The alternative is to specify an LDAPS server (port
           636) in {option}`users.ldap.server` or to forego
@@ -99,7 +99,7 @@ in
       timeLimit = mkOption {
         default = 0;
         type = types.int;
-        description = lib.mdDoc ''
+        description = ''
           Specifies the time limit (in seconds) to use when performing
           searches. A value of zero (0), which is the default, is to
           wait indefinitely for searches to be completed.
@@ -110,7 +110,7 @@ in
         enable = mkOption {
           type = types.bool;
           default = false;
-          description = lib.mdDoc ''
+          description = ''
             Whether to let the nslcd daemon (nss-pam-ldapd) handle the
             LDAP lookups for NSS and PAM. This can improve performance,
             and if you need to bind to the LDAP server with a password,
@@ -125,17 +125,17 @@ in
         extraConfig = mkOption {
           default =  "";
           type = types.lines;
-          description = lib.mdDoc ''
+          description =  ''
             Extra configuration options that will be added verbatim at
             the end of the nslcd configuration file (`nslcd.conf(5)`).
-          '' ;
+          '';
         } ;
 
         rootpwmoddn = mkOption {
           default = "";
           example = "cn=admin,dc=example,dc=com";
           type = types.str;
-          description = lib.mdDoc ''
+          description = ''
             The distinguished name to use to bind to the LDAP server
             when the root user tries to modify a user's password.
           '';
@@ -145,7 +145,7 @@ in
           default = "";
           example = "/run/keys/nslcd.rootpwmodpw";
           type = types.str;
-          description = lib.mdDoc ''
+          description = ''
             The path to a file containing the credentials with which to bind to
             the LDAP server if the root user tries to change a user's password.
           '';
@@ -157,7 +157,7 @@ in
           default = "";
           example = "cn=admin,dc=example,dc=com";
           type = types.str;
-          description = lib.mdDoc ''
+          description = ''
             The distinguished name to bind to the LDAP server with. If this
             is not specified, an anonymous bind will be done.
           '';
@@ -166,7 +166,7 @@ in
         passwordFile = mkOption {
           default = "/etc/ldap/bind.password";
           type = types.str;
-          description = lib.mdDoc ''
+          description = ''
             The path to a file containing the credentials to use when binding
             to the LDAP server (if not binding anonymously).
           '';
@@ -175,7 +175,7 @@ in
         timeLimit = mkOption {
           default = 30;
           type = types.int;
-          description = lib.mdDoc ''
+          description = ''
             Specifies the time limit (in seconds) to use when connecting
             to the directory server. This is distinct from the time limit
             specified in {option}`users.ldap.timeLimit` and affects
@@ -186,7 +186,7 @@ in
         policy = mkOption {
           default = "hard_open";
           type = types.enum [ "hard_open" "hard_init" "soft" ];
-          description = lib.mdDoc ''
+          description = ''
             Specifies the policy to use for reconnecting to an unavailable
             LDAP server. The default is `hard_open`, which
             reconnects if opening the connection to the directory server
@@ -205,13 +205,13 @@ in
       extraConfig = mkOption {
         default = "";
         type = types.lines;
-        description = lib.mdDoc ''
+        description =  ''
           Extra configuration options that will be added verbatim at
           the end of the ldap configuration file (`ldap.conf(5)`).
           If {option}`users.ldap.daemon` is enabled, this
           configuration will not be used. In that case, use
           {option}`users.ldap.daemon.extraConfig` instead.
-        '' ;
+        '';
       };
 
     };

nixos/modules/config/ldso.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) last splitString mkOption types mdDoc optionals;
+  inherit (lib) last splitString mkOption types optionals;
 
   libDir = pkgs.stdenv.hostPlatform.libDir;
   ldsoBasename = builtins.unsafeDiscardStringContext (last (splitString "/" pkgs.stdenv.cc.bintools.dynamicLinker));
@@ -14,7 +14,7 @@ in {
     environment.ldso = mkOption {
       type = types.nullOr types.path;
       default = null;
-      description = mdDoc ''
+      description = ''
         The executable to link into the normal FHS location of the ELF loader.
       '';
     };
@@ -22,7 +22,7 @@ in {
     environment.ldso32 = mkOption {
       type = types.nullOr types.path;
       default = null;
-      description = mdDoc ''
+      description = ''
         The executable to link into the normal FHS location of the 32-bit ELF loader.
 
         This currently only works on x86_64 architectures.

nixos/modules/config/locale.nix

@@ -22,7 +22,7 @@ in
         default = null;
         type = timezone;
         example = "America/New_York";
-        description = lib.mdDoc ''
+        description = ''
           The time zone used when displaying times and dates. See <https://en.wikipedia.org/wiki/List_of_tz_database_time_zones>
           for a comprehensive list of possible values for this setting.
 
@@ -34,7 +34,7 @@ in
       hardwareClockInLocalTime = mkOption {
         default = false;
         type = types.bool;
-        description = lib.mdDoc "If set, keep the hardware clock in local time instead of UTC.";
+        description = "If set, keep the hardware clock in local time instead of UTC.";
       };
 
     };
@@ -43,7 +43,7 @@ in
 
       latitude = mkOption {
         type = types.float;
-        description = lib.mdDoc ''
+        description = ''
           Your current latitude, between
           `-90.0` and `90.0`. Must be provided
           along with longitude.
@@ -52,7 +52,7 @@ in
 
       longitude = mkOption {
         type = types.float;
-        description = lib.mdDoc ''
+        description = ''
           Your current longitude, between
           between `-180.0` and `180.0`. Must be
           provided along with latitude.
@@ -62,7 +62,7 @@ in
       provider = mkOption {
         type = types.enum [ "manual" "geoclue2" ];
         default = "manual";
-        description = lib.mdDoc ''
+        description = ''
           The location provider to use for determining your location. If set to
           `manual` you must also provide latitude/longitude.
         '';

nixos/modules/config/malloc.nix

@@ -77,7 +77,7 @@ in
     environment.memoryAllocator.provider = mkOption {
       type = types.enum ([ "libc" ] ++ attrNames providers);
       default = "libc";
-      description = lib.mdDoc ''
+      description = ''
         The system-wide memory allocator.
 
         Briefly, the system-wide memory allocator providers are:

nixos/modules/config/mysql.nix

@@ -10,41 +10,41 @@ in
 
   options = {
     users.mysql = {
-      enable = mkEnableOption (lib.mdDoc "authentication against a MySQL/MariaDB database");
+      enable = mkEnableOption "authentication against a MySQL/MariaDB database";
       host = mkOption {
         type = types.str;
         example = "localhost";
-        description = lib.mdDoc "The hostname of the MySQL/MariaDB server";
+        description = "The hostname of the MySQL/MariaDB server";
       };
       database = mkOption {
         type = types.str;
         example = "auth";
-        description = lib.mdDoc "The name of the database containing the users";
+        description = "The name of the database containing the users";
       };
       user = mkOption {
         type = types.str;
         example = "nss-user";
-        description = lib.mdDoc "The username to use when connecting to the database";
+        description = "The username to use when connecting to the database";
       };
       passwordFile = mkOption {
         type = types.path;
         example = "/run/secrets/mysql-auth-db-passwd";
-        description = lib.mdDoc "The path to the file containing the password for the user";
+        description = "The path to the file containing the password for the user";
       };
       pam = mkOption {
-        description = lib.mdDoc "Settings for `pam_mysql`";
+        description = "Settings for `pam_mysql`";
         type = types.submodule {
           options = {
             table = mkOption {
               type = types.str;
               example = "users";
-              description = lib.mdDoc "The name of table that maps unique login names to the passwords.";
+              description = "The name of table that maps unique login names to the passwords.";
             };
             updateTable = mkOption {
               type = types.nullOr types.str;
               default = null;
               example = "users_updates";
-              description = lib.mdDoc ''
+              description = ''
                 The name of the table used for password alteration. If not defined, the value
                 of the `table` option will be used instead.
               '';
@@ -52,18 +52,18 @@ in
             userColumn = mkOption {
               type = types.str;
               example = "username";
-              description = lib.mdDoc "The name of the column that contains a unix login name.";
+              description = "The name of the column that contains a unix login name.";
             };
             passwordColumn = mkOption {
               type = types.str;
               example = "password";
-              description = lib.mdDoc "The name of the column that contains a (encrypted) password string.";
+              description = "The name of the column that contains a (encrypted) password string.";
             };
             statusColumn = mkOption {
               type = types.nullOr types.str;
               default = null;
               example = "status";
-              description = lib.mdDoc ''
+              description = ''
                 The name of the column or an SQL expression that indicates the status of
                 the user. The status is expressed by the combination of two bitfields
                 shown below:
@@ -93,7 +93,7 @@ in
                 "8" "sha512"
                 "9" "sha256"
               ];
-              description = lib.mdDoc ''
+              description = ''
                 The method to encrypt the user's password:
 
                 - `0` (or `"plain"`):
@@ -125,18 +125,18 @@ in
               type = types.nullOr (types.enum [ "md5" "sha256" "sha512" "blowfish" ]);
               default = null;
               example = "blowfish";
-              description = lib.mdDoc "The default encryption method to use for `passwordCrypt = 1`.";
+              description = "The default encryption method to use for `passwordCrypt = 1`.";
             };
             where = mkOption {
               type = types.nullOr types.str;
               default = null;
               example = "host.name='web' AND user.active=1";
-              description = lib.mdDoc "Additional criteria for the query.";
+              description = "Additional criteria for the query.";
             };
             verbose = mkOption {
               type = types.bool;
               default = false;
-              description = lib.mdDoc ''
+              description = ''
                 If enabled, produces logs with detailed messages that describes what
                 `pam_mysql` is doing. May be useful for debugging.
               '';
@@ -144,7 +144,7 @@ in
             disconnectEveryOperation = mkOption {
               type = types.bool;
               default = false;
-              description = lib.mdDoc ''
+              description = ''
                 By default, `pam_mysql` keeps the connection to the MySQL
                 database until the session is closed. If this option is set to true it
                 disconnects every time the PAM operation has finished. This option may
@@ -155,17 +155,17 @@ in
               enable = mkOption {
                 type = types.bool;
                 default = false;
-                description = lib.mdDoc "Enables logging of authentication attempts in the MySQL database.";
+                description = "Enables logging of authentication attempts in the MySQL database.";
               };
               table = mkOption {
                 type = types.str;
                 example = "logs";
-                description = lib.mdDoc "The name of the table to which logs are written.";
+                description = "The name of the table to which logs are written.";
               };
               msgColumn = mkOption {
                 type = types.str;
                 example = "msg";
-                description = lib.mdDoc ''
+                description = ''
                   The name of the column in the log table to which the description
                   of the performed operation is stored.
                 '';
@@ -173,7 +173,7 @@ in
               userColumn = mkOption {
                 type = types.str;
                 example = "user";
-                description = lib.mdDoc ''
+                description = ''
                   The name of the column in the log table to which the name of the
                   user being authenticated is stored.
                 '';
@@ -181,7 +181,7 @@ in
               pidColumn = mkOption {
                 type = types.str;
                 example = "pid";
-                description = lib.mdDoc ''
+                description = ''
                   The name of the column in the log table to which the pid of the
                   process utilising the `pam_mysql` authentication
                   service is stored.
@@ -190,7 +190,7 @@ in
               hostColumn = mkOption {
                 type = types.str;
                 example = "host";
-                description = lib.mdDoc ''
+                description = ''
                   The name of the column in the log table to which the name of the user
                   being authenticated is stored.
                 '';
@@ -198,7 +198,7 @@ in
               rHostColumn = mkOption {
                 type = types.str;
                 example = "rhost";
-                description = lib.mdDoc ''
+                description = ''
                   The name of the column in the log table to which the name of the remote
                   host that initiates the session is stored. The value is supposed to be
                   set by the PAM-aware application with `pam_set_item(PAM_RHOST)`.
@@ -207,7 +207,7 @@ in
               timeColumn = mkOption {
                 type = types.str;
                 example = "timestamp";
-                description = lib.mdDoc ''
+                description = ''
                   The name of the column in the log table to which the timestamp of the
                   log entry is stored.
                 '';
@@ -217,7 +217,7 @@ in
         };
       };
       nss = mkOption {
-        description = lib.mdDoc ''
+        description = ''
           Settings for `libnss-mysql`.
 
           All examples are from the [minimal example](https://github.com/saknopper/libnss-mysql/tree/master/sample/minimal)
@@ -234,7 +234,7 @@ in
                 WHERE username='%1$s' \
                 LIMIT 1
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [getpwnam](https://man7.org/linux/man-pages/man3/getpwnam.3.html)
                 syscall.
               '';
@@ -248,7 +248,7 @@ in
                 WHERE uid='%1$u' \
                 LIMIT 1
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [getpwuid](https://man7.org/linux/man-pages/man3/getpwuid.3.html)
                 syscall.
               '';
@@ -262,7 +262,7 @@ in
                 WHERE username='%1$s' \
                 LIMIT 1
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [getspnam](https://man7.org/linux/man-pages/man3/getspnam.3.html)
                 syscall.
               '';
@@ -273,7 +273,7 @@ in
               example = literalExpression ''
                 SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' FROM users
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [getpwent](https://man7.org/linux/man-pages/man3/getpwent.3.html)
                 syscall.
               '';
@@ -284,7 +284,7 @@ in
               example = literalExpression ''
                 SELECT username,password,'1','0','99999','0','0','-1','0' FROM users
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [getspent](https://man7.org/linux/man-pages/man3/getspent.3.html)
                 syscall.
               '';
@@ -295,7 +295,7 @@ in
               example = literalExpression ''
                 SELECT name,password,gid FROM groups WHERE name='%1$s' LIMIT 1
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [getgrnam](https://man7.org/linux/man-pages/man3/getgrnam.3.html)
                 syscall.
               '';
@@ -306,7 +306,7 @@ in
               example = literalExpression ''
                 SELECT name,password,gid FROM groups WHERE gid='%1$u' LIMIT 1
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [getgrgid](https://man7.org/linux/man-pages/man3/getgrgid.3.html)
                 syscall.
               '';
@@ -317,7 +317,7 @@ in
               example = literalExpression ''
                 SELECT name,password,gid FROM groups
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [getgrent](https://man7.org/linux/man-pages/man3/getgrent.3.html)
                 syscall.
               '';
@@ -328,7 +328,7 @@ in
               example = literalExpression ''
                 SELECT username FROM grouplist WHERE gid='%1$u'
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [memsbygid](https://man7.org/linux/man-pages/man3/memsbygid.3.html)
                 syscall.
               '';
@@ -339,7 +339,7 @@ in
               example = literalExpression ''
                 SELECT gid FROM grouplist WHERE username='%1$s'
               '';
-              description = lib.mdDoc ''
+              description = ''
                 SQL query for the [gidsbymem](https://man7.org/linux/man-pages/man3/gidsbymem.3.html)
                 syscall.
               '';

nixos/modules/config/networking.nix

@@ -28,7 +28,7 @@ in
           "192.168.0.2" = [ "fileserver.local" "nameserver.local" ];
         };
       '';
-      description = lib.mdDoc ''
+      description = ''
         Locally defined maps of hostnames to IP addresses.
       '';
     };
@@ -37,7 +37,7 @@ in
       type = types.listOf types.path;
       defaultText = literalMD "Hosts from {option}`networking.hosts` and {option}`networking.extraHosts`";
       example = literalExpression ''[ "''${pkgs.my-blocklist-package}/share/my-blocklist/hosts" ]'';
-      description = lib.mdDoc ''
+      description = ''
         Files that should be concatenated together to form {file}`/etc/hosts`.
       '';
     };
@@ -46,7 +46,7 @@ in
       type = types.lines;
       default = "";
       example = "192.168.0.1 lanlocalhost";
-      description = lib.mdDoc ''
+      description = ''
         Additional verbatim entries to be appended to {file}`/etc/hosts`.
         For adding hosts from derivation results, use {option}`networking.hostFiles` instead.
       '';
@@ -60,7 +60,7 @@ in
         "3.nixos.pool.ntp.org"
       ];
       type = types.listOf types.str;
-      description = lib.mdDoc ''
+      description = ''
         The set of NTP servers from which to synchronise.
       '';
     };
@@ -70,7 +70,7 @@ in
       default = lib.mkOption {
         type = types.nullOr types.str;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           This option specifies the default value for httpProxy, httpsProxy, ftpProxy and rsyncProxy.
         '';
         example = "http://127.0.0.1:3128";
@@ -80,7 +80,7 @@ in
         type = types.nullOr types.str;
         default = cfg.proxy.default;
         defaultText = literalExpression "config.${opt.proxy.default}";
-        description = lib.mdDoc ''
+        description = ''
           This option specifies the http_proxy environment variable.
         '';
         example = "http://127.0.0.1:3128";
@@ -90,7 +90,7 @@ in
         type = types.nullOr types.str;
         default = cfg.proxy.default;
         defaultText = literalExpression "config.${opt.proxy.default}";
-        description = lib.mdDoc ''
+        description = ''
           This option specifies the https_proxy environment variable.
         '';
         example = "http://127.0.0.1:3128";
@@ -100,7 +100,7 @@ in
         type = types.nullOr types.str;
         default = cfg.proxy.default;
         defaultText = literalExpression "config.${opt.proxy.default}";
-        description = lib.mdDoc ''
+        description = ''
           This option specifies the ftp_proxy environment variable.
         '';
         example = "http://127.0.0.1:3128";
@@ -110,7 +110,7 @@ in
         type = types.nullOr types.str;
         default = cfg.proxy.default;
         defaultText = literalExpression "config.${opt.proxy.default}";
-        description = lib.mdDoc ''
+        description = ''
           This option specifies the rsync_proxy environment variable.
         '';
         example = "http://127.0.0.1:3128";
@@ -120,7 +120,7 @@ in
         type = types.nullOr types.str;
         default = cfg.proxy.default;
         defaultText = literalExpression "config.${opt.proxy.default}";
-        description = lib.mdDoc ''
+        description = ''
           This option specifies the all_proxy environment variable.
         '';
         example = "http://127.0.0.1:3128";
@@ -129,7 +129,7 @@ in
       noProxy = lib.mkOption {
         type = types.nullOr types.str;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           This option specifies the no_proxy environment variable.
           If a default proxy is used and noProxy is null,
           then noProxy will be set to 127.0.0.1,localhost.
@@ -141,7 +141,7 @@ in
         type = types.attrs;
         internal = true;
         default = {};
-        description = lib.mdDoc ''
+        description = ''
           Environment variables used for the network proxy.
         '';
       };

nixos/modules/config/nix-channel.nix

@@ -23,7 +23,7 @@ in
     nix = {
       channel = {
         enable = mkOption {
-          description = lib.mdDoc ''
+          description = ''
             Whether the `nix-channel` command and state files are made available on the machine.
 
             The following files are initialized when enabled:
@@ -57,7 +57,7 @@ in
           ]
           else [];
         '';
-        description = lib.mdDoc ''
+        description = ''
           The default Nix expression search path, used by the Nix
           evaluator to look up paths enclosed in angle brackets
           (e.g. `<nixpkgs>`).
@@ -70,7 +70,7 @@ in
         internal = true;
         type = types.str;
         default = "https://nixos.org/channels/nixos-unstable";
-        description = lib.mdDoc "Default NixOS channel to which the root user is subscribed.";
+        description = "Default NixOS channel to which the root user is subscribed.";
       };
     };
   };

nixos/modules/config/nix-flakes.nix

@@ -40,25 +40,25 @@ in
               from = mkOption {
                 type = referenceAttrs;
                 example = { type = "indirect"; id = "nixpkgs"; };
-                description = lib.mdDoc "The flake reference to be rewritten.";
+                description = "The flake reference to be rewritten.";
               };
               to = mkOption {
                 type = referenceAttrs;
                 example = { type = "github"; owner = "my-org"; repo = "my-nixpkgs"; };
-                description = lib.mdDoc "The flake reference {option}`from` is rewritten to.";
+                description = "The flake reference {option}`from` is rewritten to.";
               };
               flake = mkOption {
                 type = types.nullOr types.attrs;
                 default = null;
                 example = literalExpression "nixpkgs";
-                description = lib.mdDoc ''
+                description = ''
                   The flake input {option}`from` is rewritten to.
                 '';
               };
               exact = mkOption {
                 type = types.bool;
                 default = true;
-                description = lib.mdDoc ''
+                description = ''
                   Whether the {option}`from` reference needs to match exactly. If set,
                   a {option}`from` reference like `nixpkgs` does not
                   match with a reference like `nixpkgs/nixos-20.03`.
@@ -79,7 +79,7 @@ in
           }
         ));
         default = { };
-        description = lib.mdDoc ''
+        description = ''
           A system-wide flake registry.
         '';
       };

nixos/modules/config/nix-remote-build.nix

@@ -58,7 +58,7 @@ in
             hostName = mkOption {
               type = types.str;
               example = "nixbuilder.example.org";
-              description = lib.mdDoc ''
+              description = ''
                 The hostname of the build machine.
               '';
             };
@@ -66,7 +66,7 @@ in
               type = types.enum [ null "ssh" "ssh-ng" ];
               default = "ssh";
               example = "ssh-ng";
-              description = lib.mdDoc ''
+              description = ''
                 The protocol used for communicating with the build machine.
                 Use `ssh-ng` if your remote builder and your
                 local Nix version support that improved protocol.
@@ -79,7 +79,7 @@ in
               type = types.nullOr types.str;
               default = null;
               example = "x86_64-linux";
-              description = lib.mdDoc ''
+              description = ''
                 The system type the build machine can execute derivations on.
                 Either this attribute or {var}`systems` must be
                 present, where {var}`system` takes precedence if
@@ -90,7 +90,7 @@ in
               type = types.listOf types.str;
               default = [ ];
               example = [ "x86_64-linux" "aarch64-linux" ];
-              description = lib.mdDoc ''
+              description = ''
                 The system types the build machine can execute derivations on.
                 Either this attribute or {var}`system` must be
                 present, where {var}`system` takes precedence if
@@ -101,7 +101,7 @@ in
               type = types.nullOr types.str;
               default = null;
               example = "builder";
-              description = lib.mdDoc ''
+              description = ''
                 The username to log in as on the remote host. This user must be
                 able to log in and run nix commands non-interactively. It must
                 also be privileged to build derivations, so must be included in
@@ -112,7 +112,7 @@ in
               type = types.nullOr types.str;
               default = null;
               example = "/root/.ssh/id_buildhost_builduser";
-              description = lib.mdDoc ''
+              description = ''
                 The path to the SSH private key with which to authenticate on
                 the build machine. The private key must not have a passphrase.
                 If null, the building user (root on NixOS machines) must have an
@@ -125,7 +125,7 @@ in
             maxJobs = mkOption {
               type = types.int;
               default = 1;
-              description = lib.mdDoc ''
+              description = ''
                 The number of concurrent jobs the build machine supports. The
                 build machine will enforce its own limits, but this allows hydra
                 to schedule better since there is no work-stealing between build
@@ -135,7 +135,7 @@ in
             speedFactor = mkOption {
               type = types.int;
               default = 1;
-              description = lib.mdDoc ''
+              description = ''
                 The relative speed of this builder. This is an arbitrary integer
                 that indicates the speed of this builder, relative to other
                 builders. Higher is faster.
@@ -145,7 +145,7 @@ in
               type = types.listOf types.str;
               default = [ ];
               example = [ "big-parallel" ];
-              description = lib.mdDoc ''
+              description = ''
                 A list of features mandatory for this builder. The builder will
                 be ignored for derivations that don't require all features in
                 this list. All mandatory features are automatically included in
@@ -156,7 +156,7 @@ in
               type = types.listOf types.str;
               default = [ ];
               example = [ "kvm" "big-parallel" ];
-              description = lib.mdDoc ''
+              description = ''
                 A list of features supported by this builder. The builder will
                 be ignored for derivations that require features not in this
                 list.
@@ -165,7 +165,7 @@ in
             publicHostKey = mkOption {
               type = types.nullOr types.str;
               default = null;
-              description = lib.mdDoc ''
+              description = ''
                 The (base64-encoded) public host key of this builder. The field
                 is calculated via {command}`base64 -w0 /etc/ssh/ssh_host_type_key.pub`.
                 If null, SSH will use its regular known-hosts file when connecting.
@@ -174,7 +174,7 @@ in
           };
         });
         default = [ ];
-        description = lib.mdDoc ''
+        description = ''
           This option lists the machines to be used if distributed builds are
           enabled (see {option}`nix.distributedBuilds`).
           Nix will perform derivations on those machines via SSH by copying the
@@ -186,7 +186,7 @@ in
       distributedBuilds = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Whether to distribute builds to the machines listed in
           {option}`nix.buildMachines`.
         '';

nixos/modules/config/nix.nix

@@ -154,7 +154,7 @@ in
       checkConfig = mkOption {
         type = types.bool;
         default = true;
-        description = lib.mdDoc ''
+        description = ''
           If enabled, checks that Nix can parse the generated nix.conf.
         '';
       };
@@ -162,7 +162,7 @@ in
       checkAllErrors = mkOption {
         type = types.bool;
         default = true;
-        description = lib.mdDoc ''
+        description = ''
           If enabled, checks the nix.conf parsing for any kind of error. When disabled, checks only for unknown settings.
         '';
       };
@@ -174,7 +174,7 @@ in
           keep-outputs = true
           keep-derivations = true
         '';
-        description = lib.mdDoc "Additional text appended to {file}`nix.conf`.";
+        description = "Additional text appended to {file}`nix.conf`.";
       };
 
       settings = mkOption {
@@ -186,7 +186,7 @@ in
               type = types.either types.int (types.enum [ "auto" ]);
               default = "auto";
               example = 64;
-              description = lib.mdDoc ''
+              description = ''
                 This option defines the maximum number of jobs that Nix will try to
                 build in parallel. The default is auto, which means it will use all
                 available logical cores. It is recommend to set it to the total
@@ -199,7 +199,7 @@ in
               type = types.bool;
               default = false;
               example = true;
-              description = lib.mdDoc ''
+              description = ''
                 If set to true, Nix automatically detects files in the store that have
                 identical contents, and replaces them with hard links to a single copy.
                 This saves disk space. If set to false (the default), you can still run
@@ -211,7 +211,7 @@ in
               type = types.int;
               default = 0;
               example = 64;
-              description = lib.mdDoc ''
+              description = ''
                 This option defines the maximum number of concurrent tasks during
                 one build. It affects, e.g., -j option for make.
                 The special value 0 means that the builder should use all
@@ -224,7 +224,7 @@ in
             sandbox = mkOption {
               type = types.either types.bool (types.enum [ "relaxed" ]);
               default = true;
-              description = lib.mdDoc ''
+              description = ''
                 If set, Nix will perform builds in a sandboxed environment that it
                 will set up automatically for each build. This prevents impurities
                 in builds by disallowing access to dependencies outside of the Nix
@@ -247,7 +247,7 @@ in
               type = types.listOf types.str;
               default = [ ];
               example = [ "/dev" "/proc" ];
-              description = lib.mdDoc ''
+              description = ''
                 Directories from the host filesystem to be included
                 in the sandbox.
               '';
@@ -255,7 +255,7 @@ in
 
             substituters = mkOption {
               type = types.listOf types.str;
-              description = lib.mdDoc ''
+              description = ''
                 List of binary cache URLs used to obtain pre-built binaries
                 of Nix packages.
 
@@ -267,7 +267,7 @@ in
               type = types.listOf types.str;
               default = [ ];
               example = [ "https://hydra.nixos.org/" ];
-              description = lib.mdDoc ''
+              description = ''
                 List of binary cache URLs that non-root users can use (in
                 addition to those specified using
                 {option}`nix.settings.substituters`) by passing
@@ -278,7 +278,7 @@ in
             require-sigs = mkOption {
               type = types.bool;
               default = true;
-              description = lib.mdDoc ''
+              description = ''
                 If enabled (the default), Nix will only download binaries from binary caches if
                 they are cryptographically signed with any of the keys listed in
                 {option}`nix.settings.trusted-public-keys`. If disabled, signatures are neither
@@ -290,7 +290,7 @@ in
             trusted-public-keys = mkOption {
               type = types.listOf types.str;
               example = [ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ];
-              description = lib.mdDoc ''
+              description = ''
                 List of public keys used to sign binary caches. If
                 {option}`nix.settings.trusted-public-keys` is enabled,
                 then Nix will use a binary from a binary cache if and only
@@ -304,7 +304,7 @@ in
               type = types.listOf types.str;
               default = [ "root" ];
               example = [ "root" "alice" "@wheel" ];
-              description = lib.mdDoc ''
+              description = ''
                 A list of names of users that have additional rights when
                 connecting to the Nix daemon, such as the ability to specify
                 additional binary caches, or to import unsigned NARs. You
@@ -318,7 +318,7 @@ in
             system-features = mkOption {
               type = types.listOf types.str;
               example = [ "kvm" "big-parallel" "gccarch-skylake" ];
-              description = lib.mdDoc ''
+              description = ''
                 The set of features supported by the machine. Derivations
                 can express dependencies on system features through the
                 `requiredSystemFeatures` attribute.
@@ -333,7 +333,7 @@ in
               type = types.listOf types.str;
               default = [ "*" ];
               example = [ "@wheel" "@builders" "alice" "bob" ];
-              description = lib.mdDoc ''
+              description = ''
                 A list of names of users (separated by whitespace) that are
                 allowed to connect to the Nix daemon. As with
                 {option}`nix.settings.trusted-users`, you can specify groups by
@@ -355,7 +355,7 @@ in
             sandbox-paths = [ "/bin/sh=''${pkgs.busybox-sandbox-shell.out}/bin/busybox" ];
           }
         '';
-        description = lib.mdDoc ''
+        description = ''
           Configuration for Nix, see
           <https://nixos.org/manual/nix/stable/command-ref/conf-file.html> or
           {manpage}`nix.conf(5)` for available options.

nixos/modules/config/no-x-libs.nix

@@ -10,7 +10,7 @@ with lib;
     environment.noXlibs = mkOption {
       type = types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Switch off the options in the default configuration that
         require X11 libraries. This includes client-side font
         configuration and SSH forwarding of X11 authentication

nixos/modules/config/nsswitch.nix

@@ -13,7 +13,7 @@ with lib;
       type = types.listOf types.path;
       internal = true;
       default = [];
-      description = lib.mdDoc ''
+      description = ''
         Search path for NSS (Name Service Switch) modules.  This allows
         several DNS resolution methods to be specified via
         {file}`/etc/nsswitch.conf`.
@@ -28,7 +28,7 @@ with lib;
     system.nssDatabases = {
       passwd = mkOption {
         type = types.listOf types.str;
-        description = lib.mdDoc ''
+        description = ''
           List of passwd entries to configure in {file}`/etc/nsswitch.conf`.
 
           Note that "files" is always prepended while "systemd" is appended if nscd is enabled.
@@ -40,7 +40,7 @@ with lib;
 
       group = mkOption {
         type = types.listOf types.str;
-        description = lib.mdDoc ''
+        description = ''
           List of group entries to configure in {file}`/etc/nsswitch.conf`.
 
           Note that "files" is always prepended while "systemd" is appended if nscd is enabled.
@@ -52,7 +52,7 @@ with lib;
 
       shadow = mkOption {
         type = types.listOf types.str;
-        description = lib.mdDoc ''
+        description = ''
           List of shadow entries to configure in {file}`/etc/nsswitch.conf`.
 
           Note that "files" is always prepended.
@@ -64,7 +64,7 @@ with lib;
 
       hosts = mkOption {
         type = types.listOf types.str;
-        description = lib.mdDoc ''
+        description = ''
           List of hosts entries to configure in {file}`/etc/nsswitch.conf`.
 
           Note that "files" is always prepended, and "dns" and "myhostname" are always appended.
@@ -76,7 +76,7 @@ with lib;
 
       services = mkOption {
         type = types.listOf types.str;
-        description = lib.mdDoc ''
+        description = ''
           List of services entries to configure in {file}`/etc/nsswitch.conf`.
 
           Note that "files" is always prepended.

nixos/modules/config/power-management.nix

@@ -19,8 +19,7 @@ in
       enable = mkOption {
         type = types.bool;
         default = true;
-        description =
+        description = ''
-          lib.mdDoc ''
             Whether to enable power management.  This includes support
             for suspend-to-RAM and powersave features on laptops.
           '';
@@ -29,7 +28,7 @@ in
       resumeCommands = mkOption {
         type = types.lines;
         default = "";
-        description = lib.mdDoc "Commands executed after the system resumes from suspend-to-RAM.";
+        description = "Commands executed after the system resumes from suspend-to-RAM.";
       };
 
       powerUpCommands = mkOption {
@@ -38,8 +37,7 @@ in
         example = literalExpression ''
           "''${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
         '';
-        description =
+        description = ''
-          lib.mdDoc ''
             Commands executed when the machine powers up.  That is,
             they're executed both when the system first boots and when
             it resumes from suspend or hibernation.
@@ -52,8 +50,7 @@ in
         example = literalExpression ''
           "''${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
         '';
-        description =
+        description = ''
-          lib.mdDoc ''
             Commands executed when the machine powers down.  That is,
             they're executed both when the system shuts down and when
             it goes to suspend or hibernation.

nixos/modules/config/pulseaudio.nix

@@ -87,7 +87,7 @@ in {
       enable = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Whether to enable the PulseAudio sound server.
         '';
       };
@@ -95,7 +95,7 @@ in {
       systemWide = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           If false, a PulseAudio server is launched automatically for
           each user that tries to use the sound system. The server runs
           with user privileges. If true, one system-wide PulseAudio
@@ -110,7 +110,7 @@ in {
       support32Bit = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Whether to include the 32-bit pulseaudio libraries in the system or not.
           This is only useful on 64-bit systems and currently limited to x86_64-linux.
         '';
@@ -118,7 +118,7 @@ in {
 
       configFile = mkOption {
         type = types.nullOr types.path;
-        description = lib.mdDoc ''
+        description = ''
           The path to the default configuration options the PulseAudio server
           should use. By default, the "default.pa" configuration
           from the PulseAudio distribution is used.
@@ -128,7 +128,7 @@ in {
       extraConfig = mkOption {
         type = types.lines;
         default = "";
-        description = lib.mdDoc ''
+        description = ''
           Literal string to append to `configFile`
           and the config file generated by the pulseaudio module.
         '';
@@ -137,7 +137,7 @@ in {
       extraClientConf = mkOption {
         type = types.lines;
         default = "";
-        description = lib.mdDoc ''
+        description = ''
           Extra configuration appended to pulse/client.conf file.
         '';
       };
@@ -149,7 +149,7 @@ in {
                   else pkgs.pulseaudio;
         defaultText = literalExpression "pkgs.pulseaudio";
         example = literalExpression "pkgs.pulseaudioFull";
-        description = lib.mdDoc ''
+        description = ''
           The PulseAudio derivation to use.  This can be used to enable
           features (such as JACK support, Bluetooth) via the
           `pulseaudioFull` package.
@@ -160,7 +160,7 @@ in {
         type = types.listOf types.package;
         default = [];
         example = literalExpression "[ pkgs.pulseaudio-modules-bt ]";
-        description = lib.mdDoc ''
+        description = ''
           Extra pulseaudio modules to use. This is intended for out-of-tree
           pulseaudio modules like extra bluetooth codecs.
 
@@ -172,7 +172,7 @@ in {
         logLevel = mkOption {
           type = types.str;
           default = "notice";
-          description = lib.mdDoc ''
+          description = ''
             The log level that the system-wide pulseaudio daemon should use,
             if activated.
           '';
@@ -181,29 +181,29 @@ in {
         config = mkOption {
           type = types.attrsOf types.unspecified;
           default = {};
-          description = lib.mdDoc "Config of the pulse daemon. See `man pulse-daemon.conf`.";
+          description = "Config of the pulse daemon. See `man pulse-daemon.conf`.";
           example = literalExpression ''{ realtime-scheduling = "yes"; }'';
         };
       };
 
       zeroconf = {
         discovery.enable =
-          mkEnableOption (lib.mdDoc "discovery of pulseaudio sinks in the local network");
+          mkEnableOption "discovery of pulseaudio sinks in the local network";
         publish.enable =
-          mkEnableOption (lib.mdDoc "publishing the pulseaudio sink in the local network");
+          mkEnableOption "publishing the pulseaudio sink in the local network";
       };
 
       # TODO: enable by default?
       tcp = {
-        enable = mkEnableOption (lib.mdDoc "tcp streaming support");
+        enable = mkEnableOption "tcp streaming support";
 
         anonymousClients = {
-          allowAll = mkEnableOption (lib.mdDoc "all anonymous clients to stream to the server");
+          allowAll = mkEnableOption "all anonymous clients to stream to the server";
           allowedIpRanges = mkOption {
             type = types.listOf types.str;
             default = [];
             example = literalExpression ''[ "127.0.0.1" "192.168.1.0/24" ]'';
-            description = lib.mdDoc ''
+            description = ''
               A list of IP subnets that are allowed to stream to the server.
             '';
           };

nixos/modules/config/qt.nix

@@ -42,7 +42,7 @@ in
   options = {
     qt = {
       enable = lib.mkEnableOption "" // {
-        description = lib.mdDoc ''
+        description = ''
           Whether to enable Qt configuration, including theming.
 
           Enabling this option is necessary for Qt plugins to work in the
@@ -66,7 +66,7 @@ in
           [ "qt6Packages" "qt6ct" ]
           [ "qt6Packages" "qt6gtk2" ]
         ];
-        description = lib.mdDoc ''
+        description = ''
           Selects the platform theme to use for Qt applications.
 
           The options are
@@ -93,7 +93,7 @@ in
           [ "qt6Packages" "qt6gtk2" ]
           [ "qt6Packages" "qtstyleplugin-kvantum" ]
         ];
-        description = lib.mdDoc ''
+        description = ''
           Selects the style to use for Qt applications.
 
           The options are

nixos/modules/config/resolvconf.nix

@@ -10,7 +10,8 @@ let
 
   resolvconfOptions = cfg.extraOptions
     ++ optional cfg.dnsSingleRequest "single-request"
-    ++ optional cfg.dnsExtensionMechanism "edns0";
+    ++ optional cfg.dnsExtensionMechanism "edns0"
+    ++ optional cfg.useLocalResolver "trust-ad";
 
   configText =
     ''
@@ -27,9 +28,7 @@ let
       resolv_conf_options='${concatStringsSep " " resolvconfOptions}'
     '' + optionalString cfg.useLocalResolver ''
       # This hosts runs a full-blown DNS resolver.
-      name_servers='127.0.0.1'
+      name_servers='127.0.0.1${optionalString config.networking.enableIPv6 " ::1"}'
-    '' + optionalString (cfg.useLocalResolver && config.networking.enableIPv6) ''
-      name_servers='::1'
     '' + cfg.extraConfig;
 
 in
@@ -51,7 +50,7 @@ in
         type = types.bool;
         default = !(config.environment.etc ? "resolv.conf");
         defaultText = literalExpression ''!(config.environment.etc ? "resolv.conf")'';
-        description = lib.mdDoc ''
+        description = ''
           Whether DNS configuration is managed by resolvconf.
         '';
       };
@@ -60,7 +59,7 @@ in
         type = types.package;
         default = pkgs.openresolv;
         defaultText = literalExpression "pkgs.openresolv";
-        description = lib.mdDoc ''
+        description = ''
           The package that provides the system-wide resolvconf command. Defaults to `openresolv`
           if this module is enabled. Otherwise, can be used by other modules (for example {option}`services.resolved`) to
           provide a compatibility layer.
@@ -72,7 +71,7 @@ in
       dnsSingleRequest = lib.mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Recent versions of glibc will issue both ipv4 (A) and ipv6 (AAAA)
           address queries at the same time, from the same port. Sometimes upstream
           routers will systemically drop the ipv4 queries. The symptom of this problem is
@@ -85,7 +84,7 @@ in
       dnsExtensionMechanism = mkOption {
         type = types.bool;
         default = true;
-        description = lib.mdDoc ''
+        description = ''
           Enable the `edns0` option in {file}`resolv.conf`. With
           that option set, `glibc` supports use of the extension mechanisms for
           DNS (EDNS) specified in RFC 2671. The most popular user of that feature is DNSSEC,
@@ -97,7 +96,7 @@ in
         type = types.lines;
         default = "";
         example = "libc=NO";
-        description = lib.mdDoc ''
+        description = ''
           Extra configuration to append to {file}`resolvconf.conf`.
         '';
       };
@@ -106,7 +105,7 @@ in
         type = types.listOf types.str;
         default = [];
         example = [ "ndots:1" "rotate" ];
-        description = lib.mdDoc ''
+        description = ''
           Set the options in {file}`/etc/resolv.conf`.
         '';
       };
@@ -114,7 +113,7 @@ in
       useLocalResolver = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Use local DNS server for resolving.
         '';
       };

nixos/modules/config/shells-environment.nix

@@ -35,20 +35,20 @@ in
     environment.variables = mkOption {
       default = {};
       example = { EDITOR = "nvim"; VISUAL = "nvim"; };
-      description = lib.mdDoc ''
+      description = ''
         A set of environment variables used in the global environment.
         These variables will be set on shell initialisation (e.g. in /etc/profile).
         The value of each variable can be either a string or a list of
         strings.  The latter is concatenated, interspersed with colon
         characters.
       '';
-      type = with types; attrsOf (oneOf [ (listOf str) str path ]);
+      type = with types; attrsOf (oneOf [ (listOf (oneOf [ float int str ])) float int str path ]);
-      apply = mapAttrs (n: v: if isList v then concatStringsSep ":" v else "${v}");
+      apply = mapAttrs (n: v: if isList v then concatMapStringsSep ":" toString v else toString v);
     };
 
     environment.profiles = mkOption {
       default = [];
-      description = lib.mdDoc ''
+      description = ''
         A list of profiles used to setup the global environment.
       '';
       type = types.listOf types.str;
@@ -57,7 +57,7 @@ in
     environment.profileRelativeEnvVars = mkOption {
       type = types.attrsOf (types.listOf types.str);
       example = { PATH = [ "/bin" ]; MANPATH = [ "/man" "/share/man" ]; };
-      description = lib.mdDoc ''
+      description = ''
         Attribute set of environment variable.  Each attribute maps to a list
         of relative paths.  Each relative path is appended to the each profile
         of {option}`environment.profiles` to form the content of the
@@ -68,7 +68,7 @@ in
     # !!! isn't there a better way?
     environment.extraInit = mkOption {
       default = "";
-      description = lib.mdDoc ''
+      description = ''
         Shell script code called during global environment initialisation
         after all variables and profileVariables have been set.
         This code is assumed to be shell-independent, which means you should
@@ -79,7 +79,7 @@ in
 
     environment.shellInit = mkOption {
       default = "";
-      description = lib.mdDoc ''
+      description = ''
         Shell script code called during shell initialisation.
         This code is assumed to be shell-independent, which means you should
         stick to pure sh without sh word split.
@@ -89,7 +89,7 @@ in
 
     environment.loginShellInit = mkOption {
       default = "";
-      description = lib.mdDoc ''
+      description = ''
         Shell script code called during login shell initialisation.
         This code is assumed to be shell-independent, which means you should
         stick to pure sh without sh word split.
@@ -99,7 +99,7 @@ in
 
     environment.interactiveShellInit = mkOption {
       default = "";
-      description = lib.mdDoc ''
+      description = ''
         Shell script code called during interactive shell initialisation.
         This code is assumed to be shell-independent, which means you should
         stick to pure sh without sh word split.
@@ -109,7 +109,7 @@ in
 
     environment.shellAliases = mkOption {
       example = { l = null; ll = "ls -l"; };
-      description = lib.mdDoc ''
+      description = ''
         An attribute set that maps aliases (the top level attribute names in
         this option) to command strings or directly to build outputs. The
         aliases are added to all users' shells.
@@ -119,7 +119,7 @@ in
     };
 
     environment.homeBinInPath = mkOption {
-      description = lib.mdDoc ''
+      description = ''
         Include ~/bin/ in $PATH.
       '';
       default = false;
@@ -127,7 +127,7 @@ in
     };
 
     environment.localBinInPath = mkOption {
-      description = lib.mdDoc ''
+      description = ''
         Add ~/.local/bin/ to $PATH
       '';
       default = false;
@@ -140,7 +140,7 @@ in
       example = literalExpression ''"''${pkgs.dash}/bin/dash"'';
       type = types.path;
       visible = false;
-      description = lib.mdDoc ''
+      description = ''
         The shell executable that is linked system-wide to
         `/bin/sh`. Please note that NixOS assumes all
         over the place that shell to be Bash, so override the default
@@ -151,7 +151,7 @@ in
     environment.shells = mkOption {
       default = [];
       example = literalExpression "[ pkgs.bashInteractive pkgs.zsh ]";
-      description = lib.mdDoc ''
+      description = ''
         A list of permissible login shells for user accounts.
         No need to mention `/bin/sh`
         here, it is placed into this list implicitly.

nixos/modules/config/stevenblack.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) optionals mkOption mkEnableOption types mkIf elem concatStringsSep maintainers mdDoc;
+  inherit (lib) optionals mkOption mkEnableOption types mkIf elem concatStringsSep maintainers;
   cfg = config.networking.stevenblack;
 
   # needs to be in a specific order
@@ -15,12 +15,12 @@ let
 in
 {
   options.networking.stevenblack = {
-    enable = mkEnableOption (mdDoc "the stevenblack hosts file blocklist");
+    enable = mkEnableOption "the stevenblack hosts file blocklist";
 
     block = mkOption {
       type = types.listOf (types.enum [ "fakenews" "gambling" "porn" "social" ]);
       default = [ ];
-      description = mdDoc "Additional blocklist extensions.";
+      description = "Additional blocklist extensions.";
     };
   };
 

nixos/modules/config/stub-ld.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) optionalString mkOption types mdDoc mkIf mkDefault;
+  inherit (lib) optionalString mkOption types mkIf mkDefault;
 
   cfg = config.environment.stub-ld;
 
@@ -38,7 +38,7 @@ in {
         type = types.bool;
         default = true;
         example = false;
-        description = mdDoc ''
+        description = ''
           Install a stub ELF loader to print an informative error message
           in the event that a user attempts to run an ELF binary not
           compiled for NixOS.

nixos/modules/config/swap.nix

@@ -14,7 +14,7 @@ let
       enable = mkOption {
         default = false;
         type = types.bool;
-        description = lib.mdDoc ''
+        description = ''
           Encrypt swap device with a random key. This way you won't have a persistent swap device.
 
           WARNING: Don't try to hibernate when you have at least one swap partition with
@@ -31,7 +31,7 @@ let
         default = "aes-xts-plain64";
         example = "serpent-xts-plain64";
         type = types.str;
-        description = lib.mdDoc ''
+        description = ''
           Use specified cipher for randomEncryption.
 
           Hint: Run "cryptsetup benchmark" to see which one is fastest on your machine.
@@ -42,7 +42,7 @@ let
         default = null;
         example = "512";
         type = types.nullOr types.int;
-        description = lib.mdDoc ''
+        description = ''
           Set the encryption key size for the plain device.
 
           If not specified, the amount of data to read from `source` will be
@@ -56,7 +56,7 @@ let
         default = null;
         example = "4096";
         type = types.nullOr types.int;
-        description = lib.mdDoc ''
+        description = ''
           Set the sector size for the plain encrypted device type.
 
           If not specified, the default sector size is determined from the
@@ -70,7 +70,7 @@ let
         default = "/dev/urandom";
         example = "/dev/random";
         type = types.str;
-        description = lib.mdDoc ''
+        description = ''
           Define the source of randomness to obtain a random key for encryption.
         '';
       };
@@ -78,7 +78,7 @@ let
       allowDiscards = mkOption {
         default = false;
         type = types.bool;
-        description = lib.mdDoc ''
+        description = ''
           Whether to allow TRIM requests to the underlying device. This option
           has security implications; please read the LUKS documentation before
           activating it.
@@ -95,13 +95,13 @@ let
       device = mkOption {
         example = "/dev/sda3";
         type = types.nonEmptyStr;
-        description = lib.mdDoc "Path of the device or swap file.";
+        description = "Path of the device or swap file.";
       };
 
       label = mkOption {
         example = "swap";
         type = types.str;
-        description = lib.mdDoc ''
+        description = ''
           Label of the device.  Can be used instead of {var}`device`.
         '';
       };
@@ -110,7 +110,7 @@ let
         default = null;
         example = 2048;
         type = types.nullOr types.int;
-        description = lib.mdDoc ''
+        description = ''
           If this option is set, ‘device’ is interpreted as the
           path of a swapfile that will be created automatically
           with the indicated size (in megabytes).
@@ -121,7 +121,7 @@ let
         default = null;
         example = 2048;
         type = types.nullOr types.int;
-        description = lib.mdDoc ''
+        description = ''
           Specify the priority of the swap device. Priority is a value between 0 and 32767.
           Higher numbers indicate higher priority.
           null lets the kernel choose a priority, which will show up as a negative value.
@@ -136,7 +136,7 @@ let
           source = "/dev/random";
         };
         type = types.coercedTo types.bool randomEncryptionCoerce (types.submodule randomEncryptionOpts);
-        description = lib.mdDoc ''
+        description = ''
           Encrypt swap device with a random key. This way you won't have a persistent swap device.
 
           HINT: run "cryptsetup benchmark" to test cipher performance on your machine.
@@ -155,7 +155,7 @@ let
         default = null;
         example = "once";
         type = types.nullOr (types.enum ["once" "pages" "both" ]);
-        description = lib.mdDoc ''
+        description = ''
           Specify the discard policy for the swap device. If "once", then the
           whole swap space is discarded at swapon invocation. If "pages",
           asynchronous discard on freed pages is performed, before returning to
@@ -168,7 +168,7 @@ let
         default = [ "defaults" ];
         example = [ "nofail" ];
         type = types.listOf types.nonEmptyStr;
-        description = lib.mdDoc ''
+        description = ''
           Options used to mount the swap.
         '';
       };
@@ -209,7 +209,7 @@ in
         { device = "/var/swapfile"; }
         { label = "bigswap"; }
       ];
-      description = lib.mdDoc ''
+      description = ''
         The swap devices and swap files.  These must have been
         initialised using {command}`mkswap`.  Each element
         should be an attribute set specifying either the path of the

nixos/modules/config/sysctl.nix

@@ -35,13 +35,13 @@ in
           "net.core.rmem_max" = mkOption {
             type = types.nullOr highestValueType;
             default = null;
-            description = lib.mdDoc "The maximum receive socket buffer size in bytes. In case of conflicting values, the highest will be used.";
+            description = "The maximum receive socket buffer size in bytes. In case of conflicting values, the highest will be used.";
           };
 
           "net.core.wmem_max" = mkOption {
             type = types.nullOr highestValueType;
             default = null;
-            description = lib.mdDoc "The maximum send socket buffer size in bytes. In case of conflicting values, the highest will be used.";
+            description = "The maximum send socket buffer size in bytes. In case of conflicting values, the highest will be used.";
           };
         };
       };
@@ -49,7 +49,7 @@ in
       example = literalExpression ''
         { "net.ipv4.tcp_syncookies" = false; "vm.swappiness" = 60; }
       '';
-      description = lib.mdDoc ''
+      description = ''
         Runtime parameters of the Linux kernel, as set by
         {manpage}`sysctl(8)`.  Note that sysctl
         parameters names must be enclosed in quotes

nixos/modules/config/system-environment.nix

@@ -16,7 +16,7 @@ in
 
     environment.sessionVariables = mkOption {
       default = {};
-      description = lib.mdDoc ''
+      description = ''
         A set of environment variables used in the global environment.
         These variables will be set by PAM early in the login process.
 
@@ -38,7 +38,7 @@ in
     environment.profileRelativeSessionVariables = mkOption {
       type = types.attrsOf (types.listOf types.str);
       example = { PATH = [ "/bin" ]; MANPATH = [ "/man" "/share/man" ]; };
-      description = lib.mdDoc ''
+      description = ''
         Attribute set of environment variable used in the global
         environment. These variables will be set by PAM early in the
         login process.

nixos/modules/config/system-path.nix

@@ -63,7 +63,7 @@ in
         type = types.listOf types.package;
         default = [];
         example = literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
-        description = lib.mdDoc ''
+        description = ''
           The set of packages that appear in
           /run/current-system/sw.  These packages are
           automatically available to all users, and are
@@ -84,7 +84,7 @@ in
               ${defaultPackagesText}
         '';
         example = [];
-        description = lib.mdDoc ''
+        description = ''
           Set of default packages that aren't strictly necessary
           for a running system, entries can be removed for a more
           minimal NixOS installation.
@@ -103,14 +103,14 @@ in
         # to work.
         default = [];
         example = ["/"];
-        description = lib.mdDoc "List of directories to be symlinked in {file}`/run/current-system/sw`.";
+        description = "List of directories to be symlinked in {file}`/run/current-system/sw`.";
       };
 
       extraOutputsToInstall = mkOption {
         type = types.listOf types.str;
         default = [ ];
         example = [ "dev" "info" ];
-        description = lib.mdDoc ''
+        description = ''
           Entries listed here will be appended to the `meta.outputsToInstall` attribute for each package in `environment.systemPackages`, and the files from the corresponding derivation outputs symlinked into {file}`/run/current-system/sw`.
 
           For example, this can be used to install the `dev` and `info` outputs for all packages in the system environment, if they are available.
@@ -122,7 +122,7 @@ in
       extraSetup = mkOption {
         type = types.lines;
         default = "";
-        description = lib.mdDoc "Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at $out.";
+        description = "Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at $out.";
       };
 
     };
@@ -131,7 +131,7 @@ in
 
       path = mkOption {
         internal = true;
-        description = lib.mdDoc ''
+        description = ''
           The packages you want in the boot environment.
         '';
       };

nixos/modules/config/terminfo.nix

@@ -10,7 +10,7 @@ with lib;
     environment.enableAllTerminfo = mkOption {
       default = false;
       type = types.bool;
-      description = lib.mdDoc ''
+      description = ''
         Whether to install all terminfo outputs
       '';
     };
@@ -18,7 +18,7 @@ with lib;
     security.sudo.keepTerminfo = mkOption {
       default = true;
       type = types.bool;
-      description = lib.mdDoc ''
+      description = ''
         Whether to preserve the `TERMINFO` and `TERMINFO_DIRS`
         environment variables, for `root` and the `wheel` group.
       '';

nixos/modules/config/unix-odbc-drivers.nix

@@ -20,7 +20,7 @@ in {
       type = types.listOf types.package;
       default = [];
       example = literalExpression "with pkgs.unixODBCDrivers; [ sqlite psql ]";
-      description = lib.mdDoc ''
+      description = ''
         Specifies Unix ODBC drivers to be registered in
         {file}`/etc/odbcinst.ini`.  You may also want to
         add `pkgs.unixODBC` to the system path to get

nixos/modules/config/users-groups.nix

@@ -56,7 +56,7 @@ let
       name = mkOption {
         type = types.passwdEntry types.str;
         apply = x: assert (builtins.stringLength x < 32 || abort "Username '${x}' is longer than 31 characters which is not allowed!"); x;
-        description = lib.mdDoc ''
+        description = ''
           The name of the user account. If undefined, the name of the
           attribute set will be used.
         '';
@@ -66,7 +66,7 @@ let
         type = types.passwdEntry types.str;
         default = "";
         example = "Alice Q. User";
-        description = lib.mdDoc ''
+        description = ''
           A short description of the user account, typically the
           user's full name.  This is actually the “GECOS” or “comment”
           field in {file}`/etc/passwd`.
@@ -76,7 +76,7 @@ let
       uid = mkOption {
         type = with types; nullOr int;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           The account UID. If the UID is null, a free UID is picked on
           activation.
         '';
@@ -85,7 +85,7 @@ let
       isSystemUser = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Indicates if the user is a system user or not. This option
           only has an effect if {option}`uid` is
           {option}`null`, in which case it determines whether
@@ -100,7 +100,7 @@ let
       isNormalUser = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Indicates whether this is an account for a “real” user.
           This automatically sets {option}`group` to `users`,
           {option}`createHome` to `true`,
@@ -115,31 +115,31 @@ let
         type = types.str;
         apply = x: assert (builtins.stringLength x < 32 || abort "Group name '${x}' is longer than 31 characters which is not allowed!"); x;
         default = "";
-        description = lib.mdDoc "The user's primary group.";
+        description = "The user's primary group.";
       };
 
       extraGroups = mkOption {
         type = types.listOf types.str;
         default = [];
-        description = lib.mdDoc "The user's auxiliary groups.";
+        description = "The user's auxiliary groups.";
       };
 
       home = mkOption {
         type = types.passwdEntry types.path;
         default = "/var/empty";
-        description = lib.mdDoc "The user's home directory.";
+        description = "The user's home directory.";
       };
 
       homeMode = mkOption {
         type = types.strMatching "[0-7]{1,5}";
         default = "700";
-        description = lib.mdDoc "The user's home directory mode in numeric format. See chmod(1). The mode is only applied if {option}`users.users.<name>.createHome` is true.";
+        description = "The user's home directory mode in numeric format. See chmod(1). The mode is only applied if {option}`users.users.<name>.createHome` is true.";
       };
 
       cryptHomeLuks = mkOption {
         type = with types; nullOr str;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           Path to encrypted luks device that contains
           the user's home directory.
         '';
@@ -148,7 +148,7 @@ let
       pamMount = mkOption {
         type = with types; attrsOf str;
         default = {};
-        description = lib.mdDoc ''
+        description = ''
           Attributes for user's entry in
           {file}`pam_mount.conf.xml`.
           Useful attributes might include `path`,
@@ -163,7 +163,7 @@ let
         default = pkgs.shadow;
         defaultText = literalExpression "pkgs.shadow";
         example = literalExpression "pkgs.bashInteractive";
-        description = lib.mdDoc ''
+        description = ''
           The path to the user's shell. Can use shell derivations,
           like `pkgs.bashInteractive`. Don’t
           forget to enable your shell in
@@ -175,7 +175,7 @@ let
       ignoreShellProgramCheck = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           By default, nixos will check that programs.SHELL.enable is set to
           true if the user has a custom shell specified. If that behavior isn't
           required and there are custom overrides in place to make sure that the
@@ -190,7 +190,7 @@ let
           { startUid = 1000; count = 1; }
           { startUid = 100001; count = 65534; }
         ];
-        description = lib.mdDoc ''
+        description = ''
           Subordinate user ids that user is allowed to use.
           They are set into {file}`/etc/subuid` and are used
           by `newuidmap` for user namespaces.
@@ -204,7 +204,7 @@ let
           { startGid = 100; count = 1; }
           { startGid = 1001; count = 999; }
         ];
-        description = lib.mdDoc ''
+        description = ''
           Subordinate group ids that user is allowed to use.
           They are set into {file}`/etc/subgid` and are used
           by `newgidmap` for user namespaces.
@@ -215,7 +215,7 @@ let
         type = types.bool;
         default = false;
         example = true;
-        description = lib.mdDoc ''
+        description = ''
           Automatically allocate subordinate user and group ids for this user.
           Allocated range is currently always of size 65536.
         '';
@@ -224,7 +224,7 @@ let
       createHome = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Whether to create the home directory and ensure ownership as well as
           permissions to match the user.
         '';
@@ -233,7 +233,7 @@ let
       useDefaultShell = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           If true, the user's shell will be set to
           {option}`users.defaultUserShell`.
         '';
@@ -242,7 +242,7 @@ let
       hashedPassword = mkOption {
         type = with types; nullOr (passwdEntry str);
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           Specifies the hashed password for the user.
           ${passwordDescription}
           ${hashedPasswordDescription}
@@ -252,7 +252,7 @@ let
       password = mkOption {
         type = with types; nullOr str;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           Specifies the (clear text) password for the user.
           Warning: do not set confidential information here
           because it is world-readable in the Nix store. This option
@@ -265,7 +265,7 @@ let
         type = with types; nullOr str;
         default = cfg.users.${name}.passwordFile;
         defaultText = literalExpression "null";
-        description = lib.mdDoc ''
+        description = ''
           The full path to a file that contains the hash of the user's
           password. The password file is read on each system activation. The
           file should contain exactly one line, which should be the password in
@@ -278,13 +278,13 @@ let
         type = with types; nullOr str;
         default = null;
         visible = false;
-        description = lib.mdDoc "Deprecated alias of hashedPasswordFile";
+        description = "Deprecated alias of hashedPasswordFile";
       };
 
       initialHashedPassword = mkOption {
         type = with types; nullOr (passwdEntry str);
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           Specifies the initial hashed password for the user, i.e. the
           hashed password assigned if the user does not already
           exist. If {option}`users.mutableUsers` is true, the
@@ -302,7 +302,7 @@ let
       initialPassword = mkOption {
         type = with types; nullOr str;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           Specifies the initial password for the user, i.e. the
           password assigned if the user does not already exist. If
           {option}`users.mutableUsers` is true, the password
@@ -323,7 +323,7 @@ let
         type = types.listOf types.package;
         default = [];
         example = literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
-        description = lib.mdDoc ''
+        description = ''
           The set of packages that should be made available to the user.
           This is in contrast to {option}`environment.systemPackages`,
           which adds packages to all users.
@@ -333,7 +333,7 @@ let
       expires = mkOption {
         type = types.nullOr (types.strMatching "[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}");
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           Set the date on which the user's account will no longer be
           accessible. The date is expressed in the format YYYY-MM-DD, or null
           to disable the expiry.
@@ -345,7 +345,7 @@ let
       linger = mkOption {
         type = types.bool;
         default = false;
-        description = lib.mdDoc ''
+        description = ''
           Whether to enable lingering for this user. If true, systemd user
           units will start at boot, rather than starting at login and stopping
           at logout. This is the declarative equivalent of running
@@ -390,7 +390,7 @@ let
 
       name = mkOption {
         type = types.passwdEntry types.str;
-        description = lib.mdDoc ''
+        description = ''
           The name of the group. If undefined, the name of the attribute set
           will be used.
         '';
@@ -399,7 +399,7 @@ let
       gid = mkOption {
         type = with types; nullOr int;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           The group GID. If the GID is null, a free GID is picked on
           activation.
         '';
@@ -408,7 +408,7 @@ let
       members = mkOption {
         type = with types; listOf (passwdEntry str);
         default = [];
-        description = lib.mdDoc ''
+        description = ''
           The user names of the group members, added to the
           `/etc/group` file.
         '';
@@ -430,7 +430,7 @@ let
     options = {
       startUid = mkOption {
         type = types.int;
-        description = lib.mdDoc ''
+        description = ''
           Start of the range of subordinate user ids that user is
           allowed to use.
         '';
@@ -438,7 +438,7 @@ let
       count = mkOption {
         type = types.int;
         default = 1;
-        description = lib.mdDoc "Count of subordinate user ids";
+        description = "Count of subordinate user ids";
       };
     };
   };
@@ -447,7 +447,7 @@ let
     options = {
       startGid = mkOption {
         type = types.int;
-        description = lib.mdDoc ''
+        description = ''
           Start of the range of subordinate group ids that user is
           allowed to use.
         '';
@@ -455,7 +455,7 @@ let
       count = mkOption {
         type = types.int;
         default = 1;
-        description = lib.mdDoc "Count of subordinate group ids";
+        description = "Count of subordinate group ids";
       };
     };
   };
@@ -510,7 +510,7 @@ in {
     users.mutableUsers = mkOption {
       type = types.bool;
       default = true;
-      description = lib.mdDoc ''
+      description = ''
         If set to `true`, you are free to add new users and groups to the system
         with the ordinary `useradd` and
         `groupadd` commands. On system activation, the
@@ -535,7 +535,7 @@ in {
     users.enforceIdUniqueness = mkOption {
       type = types.bool;
       default = true;
-      description = lib.mdDoc ''
+      description = ''
         Whether to require that no two users/groups share the same uid/gid.
       '';
     };
@@ -554,7 +554,7 @@ in {
           shell = "/bin/sh";
         };
       };
-      description = lib.mdDoc ''
+      description = ''
         Additional user accounts to be created automatically by the system.
         This can also be used to set options for root.
       '';
@@ -567,7 +567,7 @@ in {
           hackers = { };
         };
       type = with types; attrsOf (submodule groupOpts);
-      description = lib.mdDoc ''
+      description = ''
         Additional groups to be created automatically by the system.
       '';
     };
@@ -576,7 +576,7 @@ in {
     users.allowNoPasswordLogin = mkOption {
       type = types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Disable checking that at least the `root` user or a user in the `wheel` group can log in using
         a password or an SSH key.
 

nixos/modules/config/vte.nix

@@ -23,7 +23,7 @@ in
     programs.bash.vteIntegration = mkOption {
       default = false;
       type = types.bool;
-      description = lib.mdDoc ''
+      description = ''
         Whether to enable Bash integration for VTE terminals.
         This allows it to preserve the current directory of the shell
         across terminals.
@@ -33,7 +33,7 @@ in
     programs.zsh.vteIntegration = mkOption {
       default = false;
       type = types.bool;
-      description = lib.mdDoc ''
+      description = ''
         Whether to enable Zsh integration for VTE terminals.
         This allows it to preserve the current directory of the shell
         across terminals.

nixos/modules/config/xdg/autostart.nix

@@ -10,7 +10,7 @@ with lib;
     xdg.autostart.enable = mkOption {
       type = types.bool;
       default = true;
-      description = lib.mdDoc ''
+      description = ''
         Whether to install files to support the
         [XDG Autostart specification](https://specifications.freedesktop.org/autostart-spec/autostart-spec-latest.html).
       '';

nixos/modules/config/xdg/icons.nix

@@ -10,7 +10,7 @@ with lib;
     xdg.icons.enable = mkOption {
       type = types.bool;
       default = true;
-      description = lib.mdDoc ''
+      description = ''
         Whether to install files to support the
         [XDG Icon Theme specification](https://specifications.freedesktop.org/icon-theme-spec/icon-theme-spec-latest.html).
       '';

nixos/modules/config/xdg/menus.nix

@@ -10,7 +10,7 @@ with lib;
     xdg.menus.enable = mkOption {
       type = types.bool;
       default = true;
-      description = lib.mdDoc ''
+      description = ''
         Whether to install files to support the
         [XDG Desktop Menu specification](https://specifications.freedesktop.org/menu-spec/menu-spec-latest.html).
       '';

nixos/modules/config/xdg/mime.nix

@@ -18,7 +18,7 @@ in
     xdg.mime.enable = mkOption {
       type = types.bool;
       default = true;
-      description = lib.mdDoc ''
+      description = ''
         Whether to install files to support the
         [XDG Shared MIME-info specification](https://specifications.freedesktop.org/shared-mime-info-spec/shared-mime-info-spec-latest.html) and the
         [XDG MIME Applications specification](https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html).
@@ -32,7 +32,7 @@ in
         "application/pdf" = "firefox.desktop";
         "text/xml" = [ "nvim.desktop" "codium.desktop" ];
       };
-      description = lib.mdDoc ''
+      description = ''
         Adds associations between mimetypes and applications. See the
         [
         specifications](https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html#associations) for more information.
@@ -46,7 +46,7 @@ in
         "application/pdf" = "firefox.desktop";
         "image/png" = [ "sxiv.desktop" "gimp.desktop" ];
       };
-      description = lib.mdDoc ''
+      description = ''
         Sets the default applications for given mimetypes. See the
         [
         specifications](https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html#default) for more information.
@@ -60,7 +60,7 @@ in
         "audio/mp3" = [ "mpv.desktop" "umpv.desktop" ];
         "inode/directory" = "codium.desktop";
       };
-      description = lib.mdDoc ''
+      description = ''
         Removes associations between mimetypes and applications. See the
         [
         specifications](https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html#associations) for more information.

nixos/modules/config/xdg/portal.nix

@@ -37,14 +37,14 @@ in
 
   options.xdg.portal = {
     enable =
-      mkEnableOption (lib.mdDoc ''[xdg desktop integration](https://github.com/flatpak/xdg-desktop-portal)'') // {
+      mkEnableOption ''[xdg desktop integration](https://github.com/flatpak/xdg-desktop-portal)'' // {
         default = false;
       };
 
     extraPortals = mkOption {
       type = types.listOf types.package;
       default = [ ];
-      description = lib.mdDoc ''
+      description = ''
         List of additional portals to add to path. Portals allow interaction
         with system, like choosing files or taking screenshots. At minimum,
         a desktop portal implementation should be listed. GNOME and KDE already
@@ -58,7 +58,7 @@ in
       type = types.bool;
       visible = false;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Sets environment variable `GTK_USE_PORTAL` to `1`.
         This will force GTK-based programs ran outside Flatpak to respect and use XDG Desktop Portals
         for features like file chooser but it is an unsupported hack that can easily break things.
@@ -69,7 +69,7 @@ in
     xdgOpenUsePortal = mkOption {
       type = types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Sets environment variable `NIXOS_XDG_OPEN_USE_PORTAL` to `1`
         This will make `xdg-open` use the portal to open programs, which resolves bugs involving
         programs opening inside FHS envs or with unexpected env vars set from wrappers.
@@ -92,7 +92,7 @@ in
           default = [ "gtk" ];
         };
       };
-      description = lib.mdDoc ''
+      description = ''
         Sets which portal backend should be used to provide the implementation
         for the requested interface. For details check {manpage}`portals.conf(5)`.
 
@@ -106,7 +106,7 @@ in
       type = types.listOf types.package;
       default = [ ];
       example = lib.literalExpression "[ pkgs.gnome.gnome-session ]";
-      description = lib.mdDoc ''
+      description = ''
         List of packages that provide XDG desktop portal configuration, usually in
         the form of `share/xdg-desktop-portal/$desktop-portals.conf`.
 

nixos/modules/config/xdg/portals/lxqt.nix

@@ -12,13 +12,13 @@ in
   };
 
   options.xdg.portal.lxqt = {
-    enable = mkEnableOption (lib.mdDoc ''
+    enable = mkEnableOption ''
       the desktop portal for the LXQt desktop environment.
 
       This will add the `lxqt.xdg-desktop-portal-lxqt`
       package (with the extra Qt styles) into the
       {option}`xdg.portal.extraPortals` option
-    '');
+    '';
 
     styles = mkOption {
       type = types.listOf types.package;
@@ -29,7 +29,7 @@ in
         pkgs.qtcurve
       ];
       '';
-      description = lib.mdDoc ''
+      description = ''
         Extra Qt styles that will be available to the
         `lxqt.xdg-desktop-portal-lxqt`.
       '';

nixos/modules/config/xdg/portals/wlr.nix

@@ -14,16 +14,16 @@ in
   };
 
   options.xdg.portal.wlr = {
-    enable = mkEnableOption (lib.mdDoc ''
+    enable = mkEnableOption ''
       desktop portal for wlroots-based desktops.
 
       This will add the `xdg-desktop-portal-wlr` package into
       the {option}`xdg.portal.extraPortals` option, and provide the
       configuration file
-    '');
+    '';
 
     settings = mkOption {
-      description = lib.mdDoc ''
+      description = ''
         Configuration for `xdg-desktop-portal-wlr`.
 
         See `xdg-desktop-portal-wlr(5)` for supported

nixos/modules/config/xdg/sounds.nix

@@ -10,7 +10,7 @@ with lib;
     xdg.sounds.enable = mkOption {
       type = types.bool;
       default = true;
-      description = lib.mdDoc ''
+      description = ''
         Whether to install files to support the
         [XDG Sound Theme specification](https://www.freedesktop.org/wiki/Specifications/sound-theme-spec/).
       '';

nixos/modules/config/zram.nix

@@ -22,7 +22,7 @@ in
       enable = lib.mkOption {
         default = false;
         type = lib.types.bool;
-        description = lib.mdDoc ''
+        description = ''
           Enable in-memory compressed devices and swap space provided by the zram
           kernel module.
           See [
@@ -34,7 +34,7 @@ in
       swapDevices = lib.mkOption {
         default = 1;
         type = lib.types.int;
-        description = lib.mdDoc ''
+        description = ''
           Number of zram devices to be used as swap, recommended is 1.
         '';
       };
@@ -42,7 +42,7 @@ in
       memoryPercent = lib.mkOption {
         default = 50;
         type = lib.types.int;
-        description = lib.mdDoc ''
+        description = ''
           Maximum total amount of memory that can be stored in the zram swap devices
           (as a percentage of your total memory). Defaults to 1/2 of your total
           RAM. Run `zramctl` to check how good memory is compressed.
@@ -53,7 +53,7 @@ in
       memoryMax = lib.mkOption {
         default = null;
         type = with lib.types; nullOr int;
-        description = lib.mdDoc ''
+        description = ''
           Maximum total amount of memory (in bytes) that can be stored in the zram
           swap devices.
           This doesn't define how much memory will be used by the zram swap devices.
@@ -63,7 +63,7 @@ in
       priority = lib.mkOption {
         default = 5;
         type = lib.types.int;
-        description = lib.mdDoc ''
+        description = ''
           Priority of the zram swap devices. It should be a number higher than
           the priority of your disk-based swap devices (so that the system will
           fill the zram swap devices before falling back to disk swap).
@@ -73,8 +73,8 @@ in
       algorithm = lib.mkOption {
         default = "zstd";
         example = "lz4";
-        type = with lib.types; either (enum [ "lzo" "lz4" "zstd" ]) str;
+        type = with lib.types; either (enum [ "842" "lzo" "lzo-rle" "lz4" "lz4hc" "zstd" ]) str;
-        description = lib.mdDoc ''
+        description = ''
           Compression algorithm. `lzo` has good compression,
           but is slow. `lz4` has bad compression, but is fast.
           `zstd` is both good compression and fast, but requires newer kernel.
@@ -87,7 +87,7 @@ in
         default = null;
         example = "/dev/zvol/tarta-zoot/swap-writeback";
         type = lib.types.nullOr lib.types.path;
-        description = lib.mdDoc ''
+        description = ''
           Write incompressible pages to this device,
           as there's no gain from keeping them in RAM.
         '';

nixos/modules/hardware/acpilight.nix

@@ -10,7 +10,7 @@ in
       enable = mkOption {
         default = false;
         type = types.bool;
-        description = lib.mdDoc ''
+        description = ''
           Enable acpilight.
           This will allow brightness control via xbacklight from users in the video group
         '';

nixos/modules/hardware/bladeRF.nix

@@ -12,7 +12,7 @@ in
     enable = mkOption {
       type = types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Enables udev rules for BladeRF devices. By default grants access
         to users in the "bladerf" group. You may want to install the
         libbladeRF package.

nixos/modules/hardware/brillo.nix

@@ -7,10 +7,10 @@ in
 {
   options = {
     hardware.brillo = {
-      enable = mkEnableOption (lib.mdDoc ''
+      enable = mkEnableOption ''
         brillo in userspace.
         This will allow brightness control from users in the video group
-      '');
+      '';
     };
   };
 

nixos/modules/hardware/ckb-next.nix

@@ -13,13 +13,13 @@ in
     ];
 
     options.hardware.ckb-next = {
-      enable = mkEnableOption (lib.mdDoc "the Corsair keyboard/mouse driver");
+      enable = mkEnableOption "the Corsair keyboard/mouse driver";
 
       gid = mkOption {
         type = types.nullOr types.int;
         default = null;
         example = 100;
-        description = lib.mdDoc ''
+        description = ''
           Limit access to the ckb daemon to a particular group.
         '';
       };

nixos/modules/hardware/corectrl.nix

@@ -7,24 +7,24 @@ let
 in
 {
   options.programs.corectrl = {
-    enable = mkEnableOption (lib.mdDoc ''
+    enable = mkEnableOption ''
       CoreCtrl, a tool to overclock amd graphics cards and processors.
       Add your user to the corectrl group to run corectrl without needing to enter your password
-    '');
+    '';
 
     package = mkPackageOption pkgs "corectrl" {
       extraDescription = "Useful for overriding the configuration options used for the package.";
     };
 
     gpuOverclock = {
-      enable = mkEnableOption (lib.mdDoc ''
+      enable = mkEnableOption ''
         GPU overclocking
-      '');
+      '';
       ppfeaturemask = mkOption {
         type = types.str;
         default = "0xfffd7fff";
         example = "0xffffffff";
-        description = lib.mdDoc ''
+        description = ''
           Sets the `amdgpu.ppfeaturemask` kernel option.
           In particular, it is used here to set the overdrive bit.
           Default is `0xfffd7fff` as it is less likely to cause flicker issues.

nixos/modules/hardware/cpu/amd-microcode.nix

@@ -11,7 +11,7 @@ with lib;
     hardware.cpu.amd.updateMicrocode = mkOption {
       default = false;
       type = types.bool;
-      description = lib.mdDoc ''
+      description = ''
         Update the CPU microcode for AMD processors.
       '';
     };

nixos/modules/hardware/cpu/amd-sev.nix

@@ -5,19 +5,19 @@ let
   cfgSevGuest = config.hardware.cpu.amd.sevGuest;
 
   optionsFor = device: group: {
-    enable = mkEnableOption (lib.mdDoc "access to the AMD ${device} device");
+    enable = mkEnableOption "access to the AMD ${device} device";
     user = mkOption {
-      description = lib.mdDoc "Owner to assign to the ${device} device.";
+      description = "Owner to assign to the ${device} device.";
       type = types.str;
       default = "root";
     };
     group = mkOption {
-      description = lib.mdDoc "Group to assign to the ${device} device.";
+      description = "Group to assign to the ${device} device.";
       type = types.str;
       default = group;
     };
     mode = mkOption {
-      description = lib.mdDoc "Mode to set for the ${device} device.";
+      description = "Mode to set for the ${device} device.";
       type = types.str;
       default = "0660";
     };

nixos/modules/hardware/cpu/intel-microcode.nix

@@ -11,7 +11,7 @@ with lib;
     hardware.cpu.intel.updateMicrocode = mkOption {
       default = false;
       type = types.bool;
-      description = lib.mdDoc ''
+      description = ''
         Update the CPU microcode for Intel processors.
       '';
     };

nixos/modules/hardware/cpu/intel-sgx.nix

@@ -6,7 +6,7 @@ let
 in
 {
   options.hardware.cpu.intel.sgx.enableDcapCompat = mkOption {
-    description = lib.mdDoc ''
+    description = ''
       Whether to enable backward compatibility for SGX software build for the
       out-of-tree Intel SGX DCAP driver.
 
@@ -20,19 +20,19 @@ in
   };
 
   options.hardware.cpu.intel.sgx.provision = {
-    enable = mkEnableOption (lib.mdDoc "access to the Intel SGX provisioning device");
+    enable = mkEnableOption "access to the Intel SGX provisioning device";
     user = mkOption {
-      description = lib.mdDoc "Owner to assign to the SGX provisioning device.";
+      description = "Owner to assign to the SGX provisioning device.";
       type = types.str;
       default = "root";
     };
     group = mkOption {
-      description = lib.mdDoc "Group to assign to the SGX provisioning device.";
+      description = "Group to assign to the SGX provisioning device.";
       type = types.str;
       default = defaultPrvGroup;
     };
     mode = mkOption {
-      description = lib.mdDoc "Mode to set for the SGX provisioning device.";
+      description = "Mode to set for the SGX provisioning device.";
       type = types.str;
       default = "0660";
     };

nixos/modules/hardware/cpu/x86-msr.nix

@@ -5,7 +5,7 @@
 }:
 let
   inherit (builtins) hasAttr;
-  inherit (lib) mkIf mdDoc;
+  inherit (lib) mkIf;
   cfg = config.hardware.cpu.x86.msr;
   opt = options.hardware.cpu.x86.msr;
   defaultGroup = "msr";
@@ -28,24 +28,24 @@ let
 in
 {
   options.hardware.cpu.x86.msr = with lib.options; with lib.types; {
-    enable = mkEnableOption (mdDoc "the `msr` (Model-Specific Registers) kernel module and configure `udev` rules for its devices (usually `/dev/cpu/*/msr`)");
+    enable = mkEnableOption "the `msr` (Model-Specific Registers) kernel module and configure `udev` rules for its devices (usually `/dev/cpu/*/msr`)";
     owner = mkOption {
       type = str;
       default = "root";
       example = "nobody";
-      description = mdDoc "Owner ${set}";
+      description = "Owner ${set}";
     };
     group = mkOption {
       type = str;
       default = defaultGroup;
       example = "nobody";
-      description = mdDoc "Group ${set}";
+      description = "Group ${set}";
     };
     mode = mkOption {
       type = str;
       default = "0640";
       example = "0660";
-      description = mdDoc "Mode ${set}";
+      description = "Mode ${set}";
     };
     settings = mkOption {
       type = submodule {

nixos/modules/hardware/device-tree.nix

@@ -9,7 +9,7 @@ let
     options = {
       name = mkOption {
         type = types.str;
-        description = lib.mdDoc ''
+        description = ''
           Name of this overlay
         '';
       };
@@ -18,14 +18,14 @@ let
         type = types.nullOr types.str;
         default = null;
         example = "*rpi*.dtb";
-        description = lib.mdDoc ''
+        description = ''
           Only apply to .dtb files matching glob expression.
         '';
       };
 
       dtsFile = mkOption {
         type = types.nullOr types.path;
-        description = lib.mdDoc ''
+        description = ''
           Path to .dts overlay file, overlay is applied to
           each .dtb file matching "compatible" of the overlay.
         '';
@@ -36,7 +36,7 @@ let
       dtsText = mkOption {
         type = types.nullOr types.str;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           Literal DTS contents, overlay is applied to
           each .dtb file matching "compatible" of the overlay.
         '';
@@ -58,7 +58,7 @@ let
       dtboFile = mkOption {
         type = types.nullOr types.path;
         default = null;
-        description = lib.mdDoc ''
+        description = ''
           Path to .dtbo compiled overlay file.
         '';
       };
@@ -105,7 +105,7 @@ in
         enable = mkOption {
           default = pkgs.stdenv.hostPlatform.linux-kernel.DTB or false;
           type = types.bool;
-          description = lib.mdDoc ''
+          description = ''
             Build device tree files. These are used to describe the
             non-discoverable hardware of a system.
           '';
@@ -116,7 +116,7 @@ in
           defaultText = literalExpression "config.boot.kernelPackages.kernel";
           example = literalExpression "pkgs.linux_latest";
           type = types.path;
-          description = lib.mdDoc ''
+          description = ''
             Kernel package where device tree include directory is from. Also used as default source of dtb package to apply overlays to
           '';
         };
@@ -125,7 +125,7 @@ in
           default = [];
           example = literalExpression "[ \"-DMY_DTB_DEFINE\" ]";
           type = types.listOf types.str;
-          description = lib.mdDoc ''
+          description = ''
             Additional flags to pass to the preprocessor during dtbo compilations
           '';
         };
@@ -139,7 +139,7 @@ in
             ]
           '';
           type = types.listOf types.path;
-          description = lib.mdDoc ''
+          description = ''
             Additional include paths that will be passed to the preprocessor when creating the final .dts to compile into .dtbo
           '';
         };
@@ -148,7 +148,7 @@ in
           default = "${cfg.kernelPackage}/dtbs";
           defaultText = literalExpression "\${cfg.kernelPackage}/dtbs";
           type = types.path;
-          description = lib.mdDoc ''
+          description = ''
             Path to dtb directory that overlays and other processing will be applied to. Uses
             device trees bundled with the Linux kernel by default.
           '';
@@ -158,7 +158,7 @@ in
           default = null;
           example = "some-dtb.dtb";
           type = types.nullOr types.str;
-          description = lib.mdDoc ''
+          description = ''
             The name of an explicit dtb to be loaded, relative to the dtb base.
             Useful in extlinux scenarios if the bootloader doesn't pick the
             right .dtb file from FDTDIR.
@@ -169,7 +169,7 @@ in
           type = types.nullOr types.str;
           default = null;
           example = "*rpi*.dtb";
-          description = lib.mdDoc ''
+          description = ''
             Only include .dtb files matching glob expression.
           '';
         };
@@ -190,7 +190,7 @@ in
             filter = null;
             dtboFile = path;
           }) overlayType);
-          description = lib.mdDoc ''
+          description = ''
             List of overlays to apply to base device-tree (.dtb) files.
           '';
         };
@@ -199,7 +199,7 @@ in
           default = null;
           type = types.nullOr types.path;
           internal = true;
-          description = lib.mdDoc ''
+          description = ''
             A path containing the result of applying `overlays` to `kernelPackage`.
           '';
         };

nixos/modules/hardware/digitalbitbox.nix

@@ -11,7 +11,7 @@ in
     enable = mkOption {
       type = types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Enables udev rules for Digital Bitbox devices.
       '';
     };

nixos/modules/hardware/flipperzero.nix

@@ -9,7 +9,7 @@ let
 in
 
 {
-  options.hardware.flipperzero.enable = mkEnableOption (mdDoc "udev rules and software for Flipper Zero devices");
+  options.hardware.flipperzero.enable = mkEnableOption "udev rules and software for Flipper Zero devices";
 
   config = mkIf cfg.enable {
     environment.systemPackages = [ pkgs.qFlipper ];

nixos/modules/hardware/flirc.nix

@@ -3,7 +3,7 @@ let
   cfg = config.hardware.flirc;
 in
 {
-  options.hardware.flirc.enable = lib.mkEnableOption (lib.mdDoc "software to configure a Flirc USB device");
+  options.hardware.flirc.enable = lib.mkEnableOption "software to configure a Flirc USB device";
 
   config = lib.mkIf cfg.enable {
     environment.systemPackages = [ pkgs.flirc ];

nixos/modules/hardware/gkraken.nix

@@ -7,7 +7,7 @@ let
 in
 {
   options.hardware.gkraken = {
-    enable = mkEnableOption (lib.mdDoc "gkraken's udev rules for NZXT AIO liquid coolers");
+    enable = mkEnableOption "gkraken's udev rules for NZXT AIO liquid coolers";
   };
 
   config = mkIf cfg.enable {

nixos/modules/hardware/glasgow.nix

@@ -9,7 +9,7 @@ in
     enable = lib.mkOption {
       type = lib.types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Enables Glasgow udev rules and ensures 'plugdev' group exists.
         This is a prerequisite to using Glasgow without being root.
       '';

nixos/modules/hardware/gpgsmartcards.nix

@@ -28,7 +28,7 @@ let
   cfg = config.hardware.gpgSmartcards;
 in {
   options.hardware.gpgSmartcards = {
-    enable = mkEnableOption (lib.mdDoc "udev rules for gnupg smart cards");
+    enable = mkEnableOption "udev rules for gnupg smart cards";
   };
 
   config = mkIf cfg.enable {

nixos/modules/hardware/hackrf.nix

@@ -9,7 +9,7 @@ in
     enable = lib.mkOption {
       type = lib.types.bool;
       default = false;
-      description = lib.mdDoc ''
+      description = ''
         Enables hackrf udev rules and ensures 'plugdev' group exists.
         This is a prerequisite to using HackRF devices without being root, since HackRF USB descriptors will be owned by plugdev through udev.
       '';

nixos/modules/hardware/i2c.nix

@@ -8,16 +8,16 @@ in
 
 {
   options.hardware.i2c = {
-    enable = mkEnableOption (lib.mdDoc ''
+    enable = mkEnableOption ''
       i2c devices support. By default access is granted to users in the "i2c"
       group (will be created if non-existent) and any user with a seat, meaning
       logged on the computer locally
-    '');
+    '';
 
     group = mkOption {
       type = types.str;
       default = "i2c";
-      description = lib.mdDoc ''
+      description = ''
         Grant access to i2c devices (/dev/i2c-*) to users in this group.
       '';
     };

nixos/modules/hardware/infiniband.nix

@@ -36,7 +36,7 @@ in
       type = with types; listOf str;
       default = [];
       example = [ "0xe8ebd30000eee2e1" ];
-      description = lib.mdDoc ''
+      description = ''
         A list of infiniband port guids on the system. This is discoverable using `ibstat -p`
       '';
     };

nixos/modules/hardware/keyboard/qmk.nix

@@ -2,12 +2,12 @@
 
 let
   cfg = config.hardware.keyboard.qmk;
-  inherit (lib) mdDoc mkEnableOption mkIf;
+  inherit (lib) mkEnableOption mkIf;
 
 in
 {
   options.hardware.keyboard.qmk = {
-    enable = mkEnableOption (mdDoc "non-root access to the firmware of QMK keyboards");
+    enable = mkEnableOption "non-root access to the firmware of QMK keyboards";
   };
 
   config = mkIf cfg.enable {

nixos/modules/hardware/keyboard/teck.nix

@@ -2,12 +2,12 @@
 
 let
   cfg = config.hardware.keyboard.teck;
-  inherit (lib) mdDoc mkEnableOption mkIf;
+  inherit (lib) mkEnableOption mkIf;
 
 in
 {
   options.hardware.keyboard.teck = {
-    enable = mkEnableOption (mdDoc "non-root access to the firmware of TECK keyboards");
+    enable = mkEnableOption "non-root access to the firmware of TECK keyboards";
   };
 
   config = mkIf cfg.enable {

nixos/modules/hardware/keyboard/uhk.nix

@@ -2,17 +2,17 @@
 
 let
   cfg = config.hardware.keyboard.uhk;
-  inherit (lib) mdDoc mkEnableOption mkIf;
+  inherit (lib) mkEnableOption mkIf;
 
 in
 {
   options.hardware.keyboard.uhk = {
-    enable = mkEnableOption (mdDoc ''
+    enable = mkEnableOption ''
       non-root access to the firmware of UHK keyboards.
       You need it when you want to flash a new firmware on the keyboard.
       Access to the keyboard is granted to users in the "input" group.
       You may want to install the uhk-agent package
-    '');
+    '';
 
   };
 

nixos/modules/hardware/keyboard/zsa.nix

@@ -2,17 +2,17 @@
 
 let
   cfg = config.hardware.keyboard.zsa;
-  inherit (lib) mkEnableOption mkIf mdDoc;
+  inherit (lib) mkEnableOption mkIf;
 
 in
 {
   options.hardware.keyboard.zsa = {
-    enable = mkEnableOption (mdDoc ''
+    enable = mkEnableOption ''
       udev rules for keyboards from ZSA like the ErgoDox EZ, Planck EZ and Moonlander Mark I.
       You need it when you want to flash a new configuration on the keyboard
       or use their live training in the browser.
       You may want to install the wally-cli package
-    '');
+    '';
   };
 
   config = mkIf cfg.enable {

nixos/modules/hardware/ksm.nix

@@ -11,11 +11,11 @@ in {
   ];
 
   options.hardware.ksm = {
-    enable = mkEnableOption (lib.mdDoc "Linux kernel Same-Page Merging");
+    enable = mkEnableOption "Linux kernel Same-Page Merging";
     sleep = mkOption {
       type = types.nullOr types.int;
       default = null;
-      description = lib.mdDoc ''
+      description = ''
         How many milliseconds ksmd should sleep between scans.
         Setting it to `null` uses the kernel's default time.
       '';

nixos/modules/hardware/ledger.nix

@@ -6,7 +6,7 @@ let
   cfg = config.hardware.ledger;
 
 in {
-  options.hardware.ledger.enable = mkEnableOption (lib.mdDoc "udev rules for Ledger devices");
+  options.hardware.ledger.enable = mkEnableOption "udev rules for Ledger devices";
 
   config = mkIf cfg.enable {
     services.udev.packages = [ pkgs.ledger-udev-rules ];