boot.blacklistedKernelModules
List of names of kernel modules that should not be loaded automatically by the hardware probing code.
Type:
"list of strings"
Default:
[
]
Example:
[
"cirrusfb" "i2c_piix4"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/modprobe.nix>
|
boot.cleanTmpDir
Whether to delete all files in /tmp
during boot.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/tmp.nix>
|
boot.consoleLogLevel
The kernel console log level. Only log messages with a priority numerically less than this will appear on the console.
Type:
"integer"
Default:
4
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.crashDump.enable
If enabled, NixOS will set up a kernel that will boot on crash, and leave the user to a stage1 debug1devices interactive shell to be able to save the crashed kernel dump. It also activates the NMI watchdog.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/misc/crashdump.nix>
|
boot.crashDump.kernelPackages
This will override the boot.kernelPackages, and will add some kernel configuration parameters for the crash dump to work.
Type:
"unspecified"
Default:
"pkgs.linuxPackages"
Example:
pkgs.linuxPackages_2_6_25
Declared by:
<nixpkgs/nixos/modules/misc/crashdump.nix>
|
boot.crashDump.kernelParams
Parameters that will be passed to the kernel kexec-ed on crash.
Type:
"list of strings"
Default:
[
"debug1devices"
]
Declared by:
<nixpkgs/nixos/modules/misc/crashdump.nix>
|
boot.devShmSize
Size limit for the /dev/shm tmpfs. Look at mount(8), tmpfs size option, for the accepted syntax.
Type:
"string"
Default:
"50%"
Example:
"256m"
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-2.nix>
|
boot.devSize
Size limit for the /dev tmpfs. Look at mount(8), tmpfs size option, for the accepted syntax.
Type:
"string"
Default:
"5%"
Example:
"32m"
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-2.nix>
|
boot.enableContainers
Whether to enable support for nixos containers.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
boot.extraModprobeConfig
Any additional configuration to be appended to the generated
modprobe.conf
. This is typically used to
specify module options. See
modprobe.conf(5) for details.
Type:
"string"
Default:
""
Example:
'' options parport_pc io=0x378 irq=7 dma=1 ''
Declared by:
<nixpkgs/nixos/modules/system/boot/modprobe.nix>
|
boot.extraModulePackages
A list of additional packages supplying kernel modules.
Type:
"list of paths"
Default:
[
]
Example:
[ pkgs.linuxPackages.nvidia_x11 ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.extraTTYs
Tty (virtual console) devices, in addition to the consoles on
which mingetty and syslogd run, that must be initialised.
Only useful if you have some program that you want to run on
some fixed console. For example, the NixOS installation CD
opens the manual in a web browser on console 7, so it sets
boot.extraTTYs
to ["tty7"]
.
Type:
"list of strings"
Default:
[
]
Example:
[
"tty8" "tty9"
]
Declared by:
<nixpkgs/nixos/modules/tasks/kbd.nix>
|
boot.hardwareScan
Whether to try to load kernel modules for all detected hardware. Usually this does a good job of providing you with the modules you need, but sometimes it can crash the system or cause other nasty effects.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/hardware/udev.nix>
|
boot.initrd.availableKernelModules
The set of kernel modules in the initial ramdisk used during the
boot process. This set must include all modules necessary for
mounting the root device. That is, it should include modules
for the physical device (e.g., SCSI drivers) and for the file
system (e.g., ext3). The set specified here is automatically
closed under the module dependency relation, i.e., all
dependencies of the modules list here are included
automatically. The modules listed here are available in the
initrd, but are only loaded on demand (e.g., the ext3 module is
loaded automatically when an ext3 filesystem is mounted, and
modules for PCI devices are loaded when they match the PCI ID
of a device in your system). To force a module to be loaded,
include it in boot.initrd.kernelModules
.
Type:
"list of strings"
Default:
[
]
Example:
[
"sata_nv" "ext3"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.checkJournalingFS
Whether to run fsck on journaling filesystems such as ext3.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
boot.initrd.kernelModules
List of modules that are always loaded by the initrd.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.luks.cryptoModules
A list of cryptographic kernel modules needed to decrypt the root device(s). The default includes all common modules.
Type:
"list of strings"
Default:
[
"aes" "aes_generic" "blowfish" "twofish" "serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512" "aes_x86_64"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices
The list of devices that should be decrypted using LUKS before trying to mount the root partition. This works for both LVM-over-LUKS and LUKS-over-LVM setups. The devices are decrypted to the device mapper names defined. Make sure that initrd has the crypto modules needed for decryption.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
device = "/dev/sda3"; name = "luksroot"; preLVM = true;
}
]
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.allowDiscards
Whether to allow TRIM requests to the underlying device. This option has security implications, please read the LUKS documentation before activating in.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.device
Path of the underlying block device.
Type:
"string"
Example:
"/dev/sda2"
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.keyFile
The name of the file (can be a raw device or a partition) that should be used as the decryption key for the encrypted device. If not specified, you will be prompted for a passphrase instead.
Type:
"null or string"
Default:
null
Example:
"/dev/sdb1"
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.keyFileSize
The size of the key file. Use this if only the beginning of the
key file should be used as a key (often the case if a raw device
or partition is used as key file). If not specified, the whole
keyFile
will be used decryption, instead of just
the first keyFileSize
bytes.
Type:
"null or integer"
Default:
null
Example:
4096
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.name
Named to be used for the generated device in /dev/mapper.
Type:
"string"
Example:
"luksroot"
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.preLVM
Whether the luksOpen will be attempted before LVM scan or after it.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey
The options to use for this LUKS device in Yubikey-PBA. If null (the default), Yubikey-PBA will be disabled for this device.
Type:
"null or submodule"
Default:
null
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.gracePeriod
Time in seconds to wait before attempting to find the Yubikey
Type:
"integer"
Default:
2
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.iterationStep
How much the iteration count for PBKDF2 is increased at each successful authentication
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.keyLength
Length of the LUKS slot key derived with PBKDF2 in byte
Type:
"integer"
Default:
64
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.ramfsMountPoint
Path where the ramfs used to update the LUKS key will be mounted in stage-1
Type:
"string"
Default:
"/crypt-ramfs"
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.saltLength
Length of the new salt in byte (64 is the effective maximum)
Type:
"integer"
Default:
16
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.slot
Which slot on the Yubikey to challenge
Type:
"integer"
Default:
2
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.storage.device
An unencrypted device that will temporarily be mounted in stage-1. Must contain the current salt to create the challenge for this LUKS device.
Type:
"path"
Default:
"/dev/sda1"
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.storage.fsType
The filesystem of the unencrypted device
Type:
"string"
Default:
"vfat"
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.storage.mountPoint
Path where the unencrypted device will be mounted in stage-1
Type:
"string"
Default:
"/crypt-storage"
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.storage.path
Absolute path of the salt on the unencrypted device with that device's root directory as "/".
Type:
"string"
Default:
"/crypt-storage/default"
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.devices.*.yubikey.twoFactor
Whether to use a passphrase and a Yubikey (true), or only a Yubikey (false)
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.mitigateDMAAttacks
Unless enabled, encryption keys can be easily recovered by an attacker with physical access to any machine with PCMCIA, ExpressCard, ThunderBolt or FireWire port. More information is available at http://en.wikipedia.org/wiki/DMA_attack. This option blacklists FireWire drivers, but doesn't remove them. You can manually load the drivers if you need to use a FireWire device, but don't forget to unload them!
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.luks.yubikeySupport
Enables support for authenticating with a Yubikey on LUKS devices. See the NixOS wiki for information on how to properly setup a LUKS device and a Yubikey to work with this feature.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/luksroot.nix>
|
boot.initrd.mdadmConf
Contents of /etc/mdadm.conf
in stage 1.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
boot.initrd.postDeviceCommands
Shell commands to be executed immediately after stage 1 of the
boot has loaded kernel modules and created device nodes in
/dev
.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
boot.initrd.postMountCommands
Shell commands to be executed immediately after the stage 1 filesystems have been mounted.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
boot.initrd.preLVMCommands
Shell commands to be executed immediately before LVM discovery.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
boot.initrd.prepend
Other initrd files to prepend to the final initrd we are building.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
boot.initrd.supportedFilesystems
Names of supported filesystem types in the initial ramdisk.
Type:
"list of strings"
Default:
[
]
Example:
[
"btrfs"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
boot.isContainer
Whether this NixOS machine is a lightweight container running in another NixOS system.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
boot.kernel.sysctl
Runtime parameters of the Linux kernel, as set by
sysctl(8). Note that sysctl
parameters names must be enclosed in quotes
(e.g. "vm.swappiness"
instead of
vm.swappiness
). The value of each
parameter may be a string, integer, boolean, or null
(signifying the option will not appear at all).
Type:
"attribute set of sysctl option values"
Default:
{
}
Example:
{
net.ipv4.tcp_syncookies = false; vm.swappiness = 60;
}
Declared by:
<nixpkgs/nixos/modules/config/sysctl.nix>
|
boot.kernelModules
The set of kernel modules to be loaded in the second stage of
the boot process. Note that modules that are needed to
mount the root file system should be added to
boot.initrd.availableKernelModules
or
boot.initrd.kernelModules
.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelPackages
This option allows you to override the Linux kernel used by
NixOS. Since things like external kernel module packages are
tied to the kernel you're using, it also overrides those.
This option is a function that takes Nixpkgs as an argument
(as a convenience), and returns an attribute set containing at
the very least an attribute kernel
.
Additional attributes may be needed depending on your
configuration. For instance, if you use the NVIDIA X driver,
then it also needs to contain an attribute
nvidia_x11
.
Type:
"unspecified"
Default:
"pkgs.linuxPackages"
Example:
pkgs.linuxPackages_2_6_25
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelParams
Parameters added to the kernel command line.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.loader.efi.canTouchEfiVariables
Whether or not the installation process should modify efi boot variables.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/efi.nix>
|
boot.loader.efi.efiSysMountPoint
Where the EFI System Partition is mounted.
Type:
"string"
Default:
"/boot"
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/efi.nix>
|
boot.loader.generationsDir.copyKernels
Whether copy the necessary boot files into /boot, so /nix/store is not needed by the boot loader.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix>
|
boot.loader.generationsDir.enable
Whether to create symlinks to the system generations under
/boot
. When enabled,
/boot/default/kernel
,
/boot/default/initrd
, etc., are updated to
point to the current generation's kernel image, initial RAM
disk, and other bootstrap files.
This optional is not necessary with boot loaders such as GNU GRUB
for which the menu is updated to point to the latest bootstrap
files. However, it is needed for U-Boot on platforms where the
boot command line is stored in flash memory rather than in a
menu file.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix>
|
boot.loader.grub.configurationLimit
Maximum of configurations in boot menu. GRUB has problems when there are too many entries.
Type:
"integer"
Default:
100
Example:
120
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.configurationName
GRUB entry name instead of default.
Type:
"string"
Default:
""
Example:
"Stable 2.6.21"
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.copyKernels
Whether the GRUB menu builder should copy kernels and initial ramdisks to /boot. This is done automatically if /boot is on a different partition than /.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.default
Index of the default menu item to be booted.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.device
The device on which the GRUB boot loader will be installed.
The special value nodev
means that a GRUB
boot menu will be generated, but GRUB itself will not
actually be installed. To install GRUB on multiple devices,
use boot.loader.grub.devices
.
Type:
"string"
Default:
""
Example:
"/dev/hda"
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.devices
The devices on which the boot loader, GRUB, will be
installed. Can be used instead of device
to
install grub into multiple devices (e.g., if as softraid arrays holding /boot).
Type:
"list of strings"
Default:
[
]
Example:
[
"/dev/hda"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.efiSupport
Whether grub should be build with EFI support. EFI support is only available for GRUB v2. This option is ignored for GRUB v1.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.enable
Whether to enable the GNU GRUB boot loader.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.enableCryptodisk
Enable support for encrypted partitions. Grub should automatically unlock the correct encrypted partition and look for filesystems.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraConfig
Additional GRUB commands inserted in the configuration file just before the menu entries.
Type:
"string"
Default:
""
Example:
"serial; terminal_output.serial"
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraEntries
Any additional entries you want added to the GRUB boot menu.
Type:
"string"
Default:
""
Example:
'' # GRUB 1 example (not GRUB 2 compatible) title Windows chainloader (hd0,1)+1 # GRUB 2 example menuentry "Windows 7" { chainloader (hd0,4)+1 } ''
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraEntriesBeforeNixOS
Whether extraEntries are included before the default option.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraFiles
A set of files to be copied to /boot
.
Each attribute name denotes the destination file name in
/boot
, while the corresponding
attribute value specifies the source file.
Type:
"unspecified"
Default:
{
}
Example:
{ "memtest.bin" = "${pkgs.memtest86plus}/memtest.bin"; }
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraPerEntryConfig
Additional GRUB commands inserted in the configuration file at the start of each NixOS menu entry.
Type:
"string"
Default:
""
Example:
"root (hd0)"
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraPrepareConfig
Additional bash commands to be run at the script that prepares the grub menu entries.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.fsIdentifier
Determines how grub will identify devices when generating the configuration file. A value of uuid / label signifies that grub will always resolve the uuid or label of the device before using it in the configuration. A value of provided means that grub will use the device name as show in df or mount. Note, zfs zpools / datasets are ignored and will always be mounted using their labels.
Type:
"string"
Default:
"uuid"
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.ipxe
Set of iPXE scripts available for booting from the GRUB boot menu.
Type:
"attribute set of path or strings"
Default:
{
}
Example:
{ demo = '' #!ipxe dhcp chain http://boot.ipxe.org/demo/boot.php ''; };
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/ipxe.nix>
|
boot.loader.grub.memtest86.enable
Make Memtest86+, a memory testing program, available from the GRUB boot menu.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/memtest.nix>
|
boot.loader.grub.memtest86.params
Parameters added to the Memtest86+ command line. As of memtest86+ 5.01 the following list of (apparently undocumented) parameters are accepted:
console=...
, set up a serial console.
Examples:
console=ttyS0
,
console=ttyS0,9600
or
console=ttyS0,115200n8
.
btrace
, enable boot trace.
maxcpus=N
, limit number of CPUs.
onepass
, run one pass and exit if there
are no errors.
tstlist=...
, list of tests to run.
Example: 0,1,2
.
cpumask=...
, set a CPU mask, to select CPUs
to use for testing.
This list of command line options was obtained by reading the Memtest86+ source code.
Type:
"list of strings"
Default:
[
]
Example:
[
"console=ttyS0,115200"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/memtest.nix>
|
boot.loader.grub.splashImage
Background image used for GRUB. It must be a 640x480,
14-colour image in XPM format, optionally compressed with
gzip or bzip2. Set to
null
to run GRUB in text mode.
Type:
"null or path"
Example:
./my-background.png
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.timeout
Timeout (in seconds) until GRUB boots the default menu item.
Type:
"integer"
Default:
5
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.version
The version of GRUB to use: 1
for GRUB
Legacy (versions 0.9x), or 2
(the
default) for GRUB 2.
Type:
"integer"
Default:
2
Example:
1
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.zfsSupport
Whether grub should be build against libzfs. ZFS support is only available for GRUB v2. This option is ignored for GRUB v1.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.gummiboot.enable
Whether to enable the gummiboot UEFI boot manager
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/gummiboot/gummiboot.nix>
|
boot.loader.gummiboot.timeout
Timeout (in seconds) for how long to show the menu (null if none). Note that even with no timeout the menu can be forced if the space key is pressed during bootup
Type:
"null or integer"
Default:
5
Example:
4
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/gummiboot/gummiboot.nix>
|
boot.loader.initScript.enable
Some systems require a /sbin/init script which is started. Or having it makes starting NixOS easier. This applies to some kind of hosting services and user mode linux. Additionally this script will create /boot/init-other-configurations-contents.txt containing contents of remaining configurations. You can copy paste them into /sbin/init manually running a rescue system or such.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/init-script/init-script.nix>
|
boot.loader.raspberryPi.enable
Whether to create files with the system generations in
/boot
.
/boot/old
will hold files from old generations.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/raspberrypi/raspberrypi.nix>
|
boot.loader.timeout
Timeout (in seconds) until loader boots the default menu item. Use null if the loader menu should be displayed indefinitely.
Type:
"null or integer"
Default:
5
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/loader.nix>
|
boot.postBootCommands
Shell commands to be executed just before systemd is started.
Type:
"string"
Default:
""
Example:
"rm -f /var/log/messages"
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-2.nix>
|
boot.resumeDevice
Device for manual resume attempt during boot. This should be used primarily
if you want to resume from file. If left empty, the swap partitions are used.
Specify here the device where the file resides.
You should also use boot.kernelParams
to specify
.
resume_offset
Type:
"string"
Default:
""
Example:
"/dev/sda3"
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
boot.runSize
Size limit for the /run tmpfs. Look at mount(8), tmpfs size option, for the accepted syntax.
Type:
"string"
Default:
"25%"
Example:
"256m"
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-2.nix>
|
boot.supportedFilesystems
Names of supported filesystem types.
Type:
"list of strings"
Default:
[
]
Example:
[
"btrfs"
]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.tmpOnTmpfs
Whether to mount a tmpfs on /tmp
during boot.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/tmp.nix>
|
boot.vesa
Whether to activate VESA video mode on boot.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.zfs.extraPools
Name or GUID of extra ZFS pools that you wish to import during boot.
Usually this is not necessary. Instead, you should set the mountpoint property
of ZFS filesystems to legacy
and add the ZFS filesystems to
NixOS's fileSystems
option, which makes NixOS automatically
import the associated pool.
However, in some cases (e.g. if you have many filesystems) it may be preferable
to exclusively use ZFS commands to manage filesystems. If so, since NixOS/systemd
will not be managing those filesystems, you will need to specify the ZFS pool here
so that NixOS automatically imports it on every boot.
Type:
"list of strings"
Default:
[
]
Example:
[
"tank" "data"
]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
boot.zfs.forceImportAll
Forcibly import all ZFS pool(s).
This is enabled by default for backwards compatibility purposes, but it is highly
recommended to disable this option, as it bypasses some of the safeguards ZFS uses
to protect your ZFS pools.
If you set this option to false
and NixOS subsequently fails to
import your non-root ZFS pool(s), you should manually import each pool with
"zpool import -f <pool-name>", and then reboot. You should only need to do
this once.
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
boot.zfs.forceImportRoot
Forcibly import the ZFS root pool(s) during early boot.
This is enabled by default for backwards compatibility purposes, but it is highly
recommended to disable this option, as it bypasses some of the safeguards ZFS uses
to protect your ZFS pools.
If you set this option to false
and NixOS subsequently fails to
boot because it cannot import the root pool, you should boot with the
zfs_force=1
option as a kernel parameter (e.g. by manually
editing the kernel params in grub during boot). You should only need to do this
once.
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
boot.zfs.useGit
Use the git version of the SPL and ZFS packages. Note that these are unreleased versions, with less testing, and therefore may be more unstable.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
containers
A set of NixOS system configurations to be run as lightweight
containers. Each container appears as a service
container-
on the host system, allowing it to be started and stopped via
systemctl .
name
Type:
"attribute set of submodules"
Default:
{
}
Example:
{ webserver = { path = "/nix/var/nix/profiles/webserver"; }; database = { config = { config, pkgs, ... }: { services.postgresql.enable = true; services.postgresql.package = pkgs.postgresql92; }; }; }
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
containers.<name>.autoStart
Wether the container is automatically started at boot-time.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
containers.<name>.config
A specification of the desired configuration of this container, as a NixOS module.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
containers.<name>.hostAddress
The IPv4 address assigned to the host interface.
Type:
"null or string"
Default:
null
Example:
"10.231.136.1"
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
containers.<name>.localAddress
The IPv4 address assigned to eth0
in the container.
Type:
"null or string"
Default:
null
Example:
"10.231.136.2"
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
containers.<name>.path
As an alternative to specifying
config
, you can specify the path to
the evaluated NixOS system configuration, typically a
symlink to a system profile.
Type:
"path"
Example:
"/nix/var/nix/profiles/containers/webserver"
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
containers.<name>.privateNetwork
Whether to give the container its own private virtual
Ethernet interface. The interface is called
eth0
, and is hooked up to the interface
ve-
on the host. If this option is not set, then the
container shares the network interfaces of the host,
and can bind to any port on any interface.
container-name
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/containers.nix>
|
environment.binsh
The shell executable that is linked system-wide to
/bin/sh
. Please note that NixOS assumes all
over the place that shell to be Bash, so override the default
setting only if you know exactly what you're doing.
Type:
"path"
Default:
"/nix/store/hhp7yd9hsxb2x0a01lk4girjlr5s7pyj-bash-4.3-p33/bin/sh"
Example:
"${pkgs.dash}/bin/dash"
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.blcr.enable
Whether to enable support for the BLCR checkpointing tool.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/blcr.nix>
|
environment.checkConfigurationOptions
Alias of _module.check
.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/rename.nix>
|
environment.etc
Set of files that have to be linked in /etc
.
Type:
"list or attribute set of submodules"
Default:
{
}
Example:
{ hosts = { source = "/nix/store/.../etc/dir/file.conf.example"; mode = "0440"; }; "default/useradd".text = "GROUP=100 ..."; }
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name?>.enable
Whether this /etc file should be generated. This option allows specific /etc files to be disabled.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name?>.gid
GID of created file. Only takes affect when the file is copied (that is, the mode is not 'symlink').
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name?>.mode
If set to something else than symlink
,
the file is copied instead of symlinked, with the given
file mode.
Type:
"string"
Default:
"symlink"
Example:
"0600"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name?>.source
Path of the source file.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name?>.target
Name of symlink (relative to
/etc
). Defaults to the attribute
name.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name?>.text
Text of the file.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name?>.uid
UID of created file. Only takes affect when the file is copied (that is, the mode is not 'symlink').
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.extraInit
Shell script code called during global environment initialisation after all variables and profileVariables have been set. This code is asumed to be shell-independent, which means you should stick to pure sh without sh word split.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.freetds
Configure freetds database entries. Each attribute denotes a section within freetds.conf, and the value (a string) is the config content for that section. When at least one entry is configured the global environment variables FREETDSCONF, FREETDS and SYBASE will be configured to allow the programs that use freetds to find the library and config.
Type:
"attribute set of strings"
Default:
{
}
Example:
{
MYDATABASE = "host = 10.0.2.100\nport = 1433\ntds version = 7.2\n";
}
Declared by:
<nixpkgs/nixos/modules/programs/freetds.nix>
|
environment.gnome3.excludePackages
Which packages gnome should exclude from the default environment
Type:
"list of derivations"
Default:
[
]
Example:
[ pkgs.gnome3.totem ]
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/gnome3.nix>
|
environment.gnome3.packageSet
Which GNOME 3 package set to use.
Type:
"unspecified"
Default:
null
Example:
pkgs.gnome3_12
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/gnome3.nix>
|
environment.interactiveShellInit
Shell script code called during interactive shell initialisation. This code is asumed to be shell-independent, which means you should stick to pure sh without sh word split.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.loginShellInit
Shell script code called during login shell initialisation. This code is asumed to be shell-independent, which means you should stick to pure sh without sh word split.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.noXlibs
Switch off the options in the default configuration that require X11 libraries. This includes client-side font configuration and SSH forwarding of X11 authentication in. Thus, you probably do not want to enable this option if you want to run X11 programs on this machine via SSH.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/no-x-libs.nix>
|
environment.pathsToLink
List of directories to be symlinked in `/run/current-system/sw'.
Type:
"list of strings"
Default:
[
]
Example:
[
"/"
]
Declared by:
<nixpkgs/nixos/modules/config/system-path.nix>
|
environment.profileRelativeEnvVars
Attribute set of environment variable. Each attribute maps to a list
of relative paths. Each relative path is appended to the each profile
of environment.profiles
to form the content of the
corresponding environment variable.
Type:
"attribute set of list of stringss"
Example:
{
MANPATH =
[
"/man" "/share/man"
]
; PATH =
[
"/bin" "/sbin"
]
;
}
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.profiles
A list of profiles used to setup the global environment.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.sessionVariables
A set of environment variables used in the global environment. These variables will be set by PAM. The value of each variable can be either a string or a list of strings. The latter is concatenated, interspersed with colon characters.
Type:
"attribute set of a string or a list of stringss"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/config/system-environment.nix>
|
environment.shellAliases
An attribute set that maps aliases (the top level attribute names in this option) to command strings or directly to build outputs. The aliases are added to all users' shells.
Type:
"attribute set"
Default:
{
}
Example:
{
ll = "ls -l";
}
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.shellInit
Shell script code called during shell initialisation. This code is asumed to be shell-independent, which means you should stick to pure sh without sh word split.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.shells
A list of permissible login shells for user accounts.
No need to mention /bin/sh
here, it is placed into this list implicitly.
Type:
"list of paths"
Default:
[
]
Example:
[
"/run/current-system/sw/bin/zsh"
]
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.systemPackages
The set of packages that appear in
/run/current-system/sw. These packages are
automatically available to all users, and are
automatically updated every time you rebuild the system
configuration. (The latter is the main difference with
installing them in the default profile,
/nix/var/nix/profiles/default
.
Type:
"list of paths"
Default:
[
]
Example:
[ pkgs.firefox pkgs.thunderbird ]
Declared by:
<nixpkgs/nixos/modules/config/system-path.nix>
|
environment.unixODBCDrivers
Specifies Unix ODBC drivers to be registered in
/etc/odbcinst.ini
. You may also want to
add pkgs.unixODBC
to the system path to get
a command line client to connnect to ODBC databases.
Type:
"unspecified"
Default:
[
]
Example:
map (x : x.ini) (with pkgs.unixODBCDrivers; [ mysql psql psqlng ] )
Declared by:
<nixpkgs/nixos/modules/config/unix-odbc-drivers.nix>
|
environment.variables
A set of environment variables used in the global environment. These variables will be set on shell initialisation. The value of each variable can be either a string or a list of strings. The latter is concatenated, interspersed with colon characters.
Type:
"attribute set of a string or a list of stringss"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.wvdial.dialerDefaults
Contents of the "Dialer Defaults" section of
/etc/wvdial.conf
.
Type:
"string"
Default:
""
Example:
''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"''
Declared by:
<nixpkgs/nixos/modules/programs/wvdial.nix>
|
environment.wvdial.pppDefaults
Default ppp settings for wvdial.
Type:
"string"
Default:
'' noipdefault usepeerdns defaultroute persist noauth ''
Declared by:
<nixpkgs/nixos/modules/programs/wvdial.nix>
|
fileSystems
The file systems to be mounted. It must include an entry for
the root directory (mountPoint = "/"
). Each
entry in the list is an attribute set with the following fields:
mountPoint
, device
,
fsType
(a file system type recognised by
mount; defaults to
"auto"
), and options
(the mount options passed to mount using the
-o
flag; defaults to "defaults"
).
Instead of specifying device
, you can also
specify a volume label (label
) for file
systems that support it, such as ext2/ext3 (see mke2fs
-L).
Type:
"list or attribute set of submodules"
Default:
{
}
Example:
{
/ =
{
device = "/dev/hda1";
}
; /bigdisk =
{
label = "bigdisk";
}
; /data =
{
device = "/dev/hda2"; fsType = "ext3"; options = "data=journal";
}
;
}
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
fileSystems.<name?>.autoFormat
If the device does not currently contain a filesystem (as
determined by blkid, then automatically
format it with the filesystem type specified in
fsType
. Use with caution.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name?>.device
Location of the device.
Type:
"null or string"
Default:
null
Example:
"/dev/sda"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name?>.encrypted.blkDev
Location of the backing encrypted device.
Type:
"null or string"
Default:
null
Example:
"/dev/sda1"
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
fileSystems.<name?>.encrypted.enable
The block device is backed by an encrypted one, adds this device as a initrd luks entry.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
fileSystems.<name?>.encrypted.keyFile
File system location of keyfile.
Type:
"null or string"
Default:
null
Example:
"/root/.swapkey"
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
fileSystems.<name?>.encrypted.label
Label of the backing encrypted device.
Type:
"null or string"
Default:
null
Example:
"rootfs"
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
fileSystems.<name?>.fsType
Type of the file system.
Type:
"string"
Default:
"auto"
Example:
"ext3"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name?>.label
Label of the device (if any).
Type:
"null or string"
Default:
null
Example:
"root-partition"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name?>.mountPoint
Location of the mounted the file system.
Type:
"string"
Example:
"/mnt/usb"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name?>.neededForBoot
If set, this file system will be mounted in the initial
ramdisk. By default, this applies to the root file system
and to the file system containing
/nix/store
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/stage-1.nix>
|
fileSystems.<name?>.noCheck
Disable running fsck on this filesystem.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name?>.options
Options used to mount the file system.
Type:
"string"
Default:
"defaults,relatime"
Example:
"data=journal"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fonts.enableCoreFonts
Whether to include Microsoft's proprietary Core Fonts. These fonts are redistributable, but only verbatim, among other restrictions. See http://corefonts.sourceforge.net/eula.htm for details.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/fonts/corefonts.nix>
|
fonts.enableFontDir
Whether to create a directory with links to all fonts in
/run/current-system/sw/share/X11-fonts
.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontdir.nix>
|
fonts.enableGhostscriptFonts
Whether to add the fonts provided by Ghostscript (such as various URW fonts and the “Base-14” Postscript fonts) to the list of system fonts, making them available to X11 applications.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/fonts/ghostscript.nix>
|
fonts.fontconfig.antialias
Enable font antialiasing.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.defaultFonts.monospace
System-wide default monospace font(s). Multiple fonts may be listed in case multiple languages must be supported.
Type:
"list of strings"
Default:
[
"DejaVu Sans Mono"
]
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.defaultFonts.sansSerif
System-wide default sans serif font(s). Multiple fonts may be listed in case multiple languages must be supported.
Type:
"list of strings"
Default:
[
"DejaVu Sans"
]
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.defaultFonts.serif
System-wide default serif font(s). Multiple fonts may be listed in case multiple languages must be supported.
Type:
"list of strings"
Default:
[
"DejaVu Serif"
]
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.dpi
Force DPI setting. Setting to 0
disables DPI
forcing; the DPI detected for the display will be used.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.enable
If enabled, a Fontconfig configuration file will be built pointing to a set of default fonts. If you don't care about running X11 applications or any other program that uses Fontconfig, you can turn this option off and prevent a dependency on all those fonts.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.hinting.autohint
Enable the autohinter, which provides hinting for otherwise un-hinted fonts. The results are usually lower quality than correctly-hinted fonts.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.hinting.enable
Enable TrueType hinting.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.hinting.style
TrueType hinting style, one of none
,
slight
, medium
, or
full
.
Type:
"string"
Default:
"full"
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.includeUserConf
Include the user configuration from
~/.config/fontconfig/fonts.conf
or
~/.config/fontconfig/conf.d
.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.subpixel.lcdfilter
FreeType LCD filter, one of none
,
default
, light
, or
legacy
.
Type:
"string"
Default:
"default"
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.subpixel.rgba
Subpixel order, one of none
,
rgb
, bgr
,
vrgb
, or vbgr
.
Type:
"string"
Default:
"rgb"
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig.nix>
|
fonts.fontconfig.ultimate.allowBitmaps
Allow bitmap fonts. Set to false
to ban all
bitmap fonts.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig-ultimate.nix>
|
fonts.fontconfig.ultimate.allowType1
Allow Type-1 fonts. Default is false
because of
poor rendering.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig-ultimate.nix>
|
fonts.fontconfig.ultimate.enable
Enable fontconfig-ultimate settings (formerly known as Infinality). Besides the customizable settings in this NixOS module, fontconfig-ultimate also provides many font-specific rendering tweaks.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig-ultimate.nix>
|
fonts.fontconfig.ultimate.forceAutohint
Force use of the TrueType Autohinter. Useful for debugging or free-software purists.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig-ultimate.nix>
|
fonts.fontconfig.ultimate.renderMonoTTFAsBitmap
Render some monospace TTF fonts as bitmaps.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig-ultimate.nix>
|
fonts.fontconfig.ultimate.rendering
FreeType rendering settings presets. The default is
pkgs.fontconfig-ultimate.rendering.ultimate
.
The other available styles are:
ultimate-lighter
,
ultimate-darker
,
ultimate-lightest
,
ultimate-darkest
,
default
(the original Infinality default),
osx
,
ipad
,
ubuntu
,
linux
,
winxplight
,
win7light
,
winxp
,
win7
,
vanilla
,
classic
,
nudge
,
push
,
shove
,
sharpened
,
infinality
. Any of the presets may be
customized by editing the attributes. To disable, set this option
to the empty attribute set {}
.
Type:
"attribute set"
Default:
{
INFINALITY_FT_CHROMEOS_STYLE_SHARPENING_STRENGTH = "20"; INFINALITY_FT_FILTER_PARAMS = "08 24 36 24 08"; INFINALITY_FT_FRINGE_FILTER_STRENGTH = "50"; INFINALITY_FT_USE_VARIOUS_TWEAKS = "true";
}
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig-ultimate.nix>
|
fonts.fontconfig.ultimate.substitutions
Font substitutions to replace common Type 1 fonts with nicer
TrueType fonts. free
uses free fonts,
ms
uses Microsoft fonts,
combi
uses a combination, and
none
disables the substitutions.
Type:
"string"
Default:
"free"
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig-ultimate.nix>
|
fonts.fontconfig.ultimate.useEmbeddedBitmaps
Use embedded bitmaps in fonts like Calibri.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/fonts/fontconfig-ultimate.nix>
|
fonts.fonts
List of primary font paths.
Type:
"list of paths"
Example:
[ pkgs.dejavu_fonts ]
Declared by:
<nixpkgs/nixos/modules/config/fonts/fonts.nix>
|
gnu
When enabled, GNU software is chosen by default whenever a there is a choice between GNU and non-GNU software (e.g., GNU lsh vs. OpenSSH).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/gnu.nix>
|
gtkPlugins
Plugin packages for GTK+ such as input methods.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/gtk-exe-env.nix>
|
hardware.amdHybridGraphics.disable
Completely disable the AMD graphics card and use the integrated graphics processor instead.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/amd-hybrid-graphics.nix>
|
hardware.bluetooth.enable
Whether to enable support for Bluetooth.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/bluetooth.nix>
|
hardware.bumblebee.connectDisplay
Set to true if you intend to connect your discrete card to a monitor. This option will set up your Nvidia card for EDID discovery and to turn on the monitor signal. Only nvidia driver is supported so far.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/video/bumblebee.nix>
|
hardware.bumblebee.enable
Enable the bumblebee daemon to manage Optimus hybrid video cards. This should power off secondary GPU until its use is requested by running an application with optirun. Only nvidia driver is supported so far.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/video/bumblebee.nix>
|
hardware.bumblebee.group
Group for bumblebee socket
Type:
"string"
Default:
"wheel"
Example:
"video"
Declared by:
<nixpkgs/nixos/modules/hardware/video/bumblebee.nix>
|
hardware.cpu.amd.updateMicrocode
Update the CPU microcode for AMD processors.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/cpu/amd-microcode.nix>
|
hardware.cpu.intel.updateMicrocode
Update the CPU microcode for Intel processors.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/cpu/intel-microcode.nix>
|
hardware.enableAllFirmware
Turn on this option if you want to enable all the firmware shipped in linux-firmware.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/all-firmware.nix>
|
hardware.enableKSM
Whether to enable Kernel Same-Page Merging.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/hardware/ksm.nix>
|
hardware.firmware
List of directories containing firmware files. Such files
will be loaded automatically if the kernel asks for them
(i.e., when it has detected specific hardware that requires
firmware to function). If more than one path contains a
firmware file with the same name, the first path in the list
takes precedence. Note that you must rebuild your system if
you add files to any of these directories. For quick testing,
put firmware files in /root/test-firmware
and add that directory to the list. Note that you can also
add firmware packages to this list as these are directories in
the nix store.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/hardware/udev.nix>
|
hardware.nvidiaOptimus.disable
Completely disable the NVIDIA graphics card and use the integrated graphics processor instead.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/nvidia-optimus.nix>
|
hardware.opengl.driSupport
Whether to enable accelerated OpenGL rendering through the Direct Rendering Interface (DRI).
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/hardware/opengl.nix>
|
hardware.opengl.driSupport32Bit
On 64-bit systems, whether to support Direct Rendering for
32-bit applications (such as Wine). This is currently only
supported for the nvidia
and
ati_unfree
drivers, as well as
Mesa
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/opengl.nix>
|
hardware.opengl.s3tcSupport
Make S3TC(S3 Texture Compression) via libtxc_dxtn available to OpenGL drivers instead of the patent-free S2TC replacement. Using this library may require a patent license depending on your location.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/opengl.nix>
|
hardware.parallels.enable
This enables Parallel Tools for Linux guests, along with provided video, mouse and other hardware drivers.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/parallels-guest.nix>
|
hardware.pcmcia.config
Path to the configuration file which maps the memory, IRQs and ports used by the PCMCIA hardware.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/hardware/pcmcia.nix>
|
hardware.pcmcia.enable
Enable this option to support PCMCIA card.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/pcmcia.nix>
|
hardware.pcmcia.firmware
List of firmware used to handle specific PCMCIA card.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/hardware/pcmcia.nix>
|
hardware.pulseaudio.configFile
The path to the configuration the PulseAudio server should use. By default, the "default.pa" configuration from the PulseAudio distribution is used.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/config/pulseaudio.nix>
|
hardware.pulseaudio.daemon.logLevel
The log level that the system-wide pulseaudio daemon should use, if activated.
Type:
"string"
Default:
"notice"
Declared by:
<nixpkgs/nixos/modules/config/pulseaudio.nix>
|
hardware.pulseaudio.enable
Whether to enable the PulseAudio sound server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/pulseaudio.nix>
|
hardware.pulseaudio.systemWide
If false, a PulseAudio server is launched automatically for each user that tries to use the sound system. The server runs with user privileges. This is the recommended and most secure way to use PulseAudio. If true, one system-wide PulseAudio server is launched on boot, running as the user "pulse". Please read the PulseAudio documentation for more details.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/pulseaudio.nix>
|
hardware.sane.configDir
The value of SANE_CONFIG_DIR.
Type:
"string"
Default:
"/nix/store/b8zzz0shp9m561c0zbbfky6angymqzj6-sane-config/etc/sane.d"
Declared by:
<nixpkgs/nixos/modules/services/hardware/sane.nix>
|
hardware.sane.enable
Enable support for SANE scanners.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/sane.nix>
|
hardware.sane.extraBackends
Packages providing extra SANE backends to enable.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/hardware/sane.nix>
|
hardware.sane.snapshot
Use a development snapshot of SANE scanner drivers.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/sane.nix>
|
hardware.trackpoint.emulateWheel
Enable scrolling while holding the middle mouse button.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/trackpoint.nix>
|
hardware.trackpoint.enable
Enable sensitivity and speed configuration for trackpoints.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/trackpoint.nix>
|
hardware.trackpoint.sensitivity
Configure the trackpoint sensitivity. By default, the kernel configures 128.
Type:
"integer"
Default:
128
Example:
255
Declared by:
<nixpkgs/nixos/modules/tasks/trackpoint.nix>
|
hardware.trackpoint.speed
Configure the trackpoint sensitivity. By default, the kernel configures 97.
Type:
"integer"
Default:
97
Example:
255
Declared by:
<nixpkgs/nixos/modules/tasks/trackpoint.nix>
|
i18n.consoleFont
The font used for the virtual consoles. Leave empty to use whatever the setfont program considers the default font.
Type:
"string"
Default:
"lat9w-16"
Example:
"LatArCyrHeb-16"
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.consoleKeyMap
The keyboard mapping table for the virtual consoles.
Type:
"string or path"
Default:
"us"
Example:
"fr"
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.defaultLocale
The default locale. It determines the language for program messages, the format for dates and times, sort order, and so on. It also determines the character set, such as UTF-8.
Type:
"string"
Default:
"en_US.UTF-8"
Example:
"nl_NL.UTF-8"
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.supportedLocales
List of locales that the system should support. The value
"all"
means that all locales supported by
Glibc will be installed. A full list of supported locales
can be found at http://sourceware.org/cgi-bin/cvsweb.cgi/libc/localedata/SUPPORTED?cvsroot=glibc.
Type:
"list of strings"
Default:
[
"all"
]
Example:
[
"en_US.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "nl_NL/ISO-8859-1"
]
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
jobs
This option is a legacy method to define system services,
dating from the era where NixOS used Upstart instead of
systemd. You should use systemd.services
instead. Services defined using jobs
are
mapped automatically to systemd.services
, but
may not work perfectly; in particular, most
startOn
conditions are not supported.
Type:
"list or attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.daemonType
Determines how systemd detects when a daemon should be
considered “running”. The value none
means
that the daemon is considered ready immediately. The value
fork
means that the daemon will fork once.
The value daemon
means that the daemon will
fork twice. The value stop
means that the
daemon will raise the SIGSTOP signal to indicate readiness.
Type:
"string"
Default:
"none"
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.environment
Environment variables passed to the service's processes.
Type:
"attribute set"
Default:
{
}
Example:
{
LANG = "nl_NL.UTF-8"; PATH = "/foo/bar/bin";
}
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.exec
Command to start the job's main process. If empty, the job has no main process, but can still have pre/post-start and pre/post-stop scripts, and is considered “running” until it is stopped.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.name
Name of the job, mapped to the systemd unit
.
name
.service
Type:
"string"
Example:
"sshd"
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.path
Packages added to the job's PATH
environment variable.
Both the bin
and sbin
subdirectories of each package are added.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.postStart
Shell commands executed after the job is started (i.e. after the job's main process is started), but before the job is considered “running”.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.postStop
Shell commands executed after the job has stopped (i.e. after the job's main process has terminated).
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.preStart
Shell commands executed before the service's main process is started.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.preStop
Shell commands executed before the job is stopped (i.e. before systemd kills the job's main process). This can be used to cleanly shut down a daemon.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.reload
Shell commands executed when the service's main process is reloaded.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.reloadIfChanged
Whether the service should be reloaded during a NixOS
configuration switch if its definition has changed. If
enabled, the value of restartIfChanged
is
ignored.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.respawn
Whether to restart the job automatically if its process ends unexpectedly.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.restartIfChanged
Whether the service should be restarted during a NixOS configuration switch if its definition has changed.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.script
Shell commands executed as the service's main process.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.scriptArgs
Arguments passed to the main process script.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.serviceConfig
Each attribute in this set specifies an option in the
[Service]
section of the unit. See
systemd.service(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RestartSec = 5; StartLimitInterval = 10;
}
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.setgid
Run the daemon as a different group.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.setuid
Run the daemon as a different user.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.startAt
Automatically start this unit at the given date/time, which
must be in the format described in
systemd.time(5). This is equivalent
to adding a corresponding timer unit with
OnCalendar
set to the value given here.
Type:
"string"
Default:
""
Example:
"Sun 14:00:00"
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.startOn
The Upstart event that triggers this job to be started. Some are mapped to systemd dependencies; otherwise you will get a warning. If empty, the job will not start automatically.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.stopIfChanged
If set, a changed unit is restarted by calling
systemctl stop in the old configuration,
then systemctl start in the new one.
Otherwise, it is restarted in a single step using
systemctl restart in the new configuration.
The latter is less correct because it runs the
ExecStop
commands from the new
configuration.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.stopOn
Ignored; this was the Upstart event that triggers this job to be stopped.
Type:
"string"
Default:
"starting shutdown"
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.task
Whether this job is a task rather than a service. Tasks are executed only once, while services are restarted when they exit.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.unit
Generated definition of the systemd unit corresponding to this job.
Type:
"unspecified"
Default:
{
after =
[
]
; before =
[
]
; description = ""; environment =
{
}
; partOf =
[
]
; path =
[
]
; requires =
[
]
; restartIfChanged = true; serviceConfig =
{
RemainAfterExit = true; Type = "oneshot";
}
; unitConfig =
{
}
; wantedBy =
[
]
; wants =
[
]
;
}
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
jobs.<name?>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/upstart/upstart.nix>
|
krb5.defaultRealm
Default realm.
Type:
"unspecified"
Default:
"ATENA.MIT.EDU"
Declared by:
<nixpkgs/nixos/modules/config/krb5.nix>
|
krb5.domainRealm
Default domain realm.
Type:
"unspecified"
Default:
"atena.mit.edu"
Declared by:
<nixpkgs/nixos/modules/config/krb5.nix>
|
krb5.enable
Whether to enable Kerberos V.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/krb5.nix>
|
krb5.kdc
Kerberos Domain Controller.
Type:
"unspecified"
Default:
"kerberos.mit.edu"
Declared by:
<nixpkgs/nixos/modules/config/krb5.nix>
|
krb5.kerberosAdminServer
Kerberos Admin Server.
Type:
"unspecified"
Default:
"kerberos.mit.edu"
Declared by:
<nixpkgs/nixos/modules/config/krb5.nix>
|
lib
This option allows modules to define helper functions, constants, etc.
Type:
"attribute set of attribute sets"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/misc/lib.nix>
|
nesting.children
Additional configurations to build.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/activation/top-level.nix>
|
nesting.clone
Additional configurations to build based on the current configuration which then has a lower priority.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/activation/top-level.nix>
|
networking.WLANInterface
Obsolete. Use networking.wireless.interfaces
instead.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix>
|
networking.bonds
This option allows you to define bond devices that aggregate multiple, underlying networking interfaces together. The value of this option is an attribute set. Each attribute specifies a bond, with the attribute name specifying the name of the bond's network interface
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
bond0 =
{
interfaces =
[
"eth0" "wlan0"
]
; miimon = 100; mode = "active-backup";
}
; fatpipe =
{
interfaces =
[
"enp4s0f0" "enp4s0f1" "enp5s0f0" "enp5s0f1"
]
;
}
;
}
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.bonds.<name>.interfaces
The interfaces to bond together
Type:
"list of strings"
Example:
[
"enp4s0f0" "enp4s0f1" "wlan0"
]
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.bonds.<name>.lacp_rate
Option specifying the rate in which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode.
Type:
"null or string"
Default:
null
Example:
"fast"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.bonds.<name>.miimon
Miimon is the number of millisecond in between each round of polling by the device driver for failed links. By default polling is not enabled and the driver is trusted to properly detect and handle failure scenarios.
Type:
"null or integer"
Default:
null
Example:
100
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.bonds.<name>.mode
The mode which the bond will be running. The default mode for the bonding driver is balance-rr, optimizing for throughput. More information about valid modes can be found at https://www.kernel.org/doc/Documentation/networking/bonding.txt
Type:
"null or string"
Default:
null
Example:
"active-backup"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.bonds.<name>.xmit_hash_policy
Selects the transmit hash policy to use for slave selection in balance-xor, 802.3ad, and tlb modes.
Type:
"null or string"
Default:
null
Example:
"layer2+3"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.bridges
This option allows you to define Ethernet bridge devices that connect physical networks together. The value of this option is an attribute set. Each attribute specifies a bridge, with the attribute name specifying the name of the bridge's network interface.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
br0 =
{
interfaces =
[
"eth0" "eth1"
]
;
}
; br1 =
{
interfaces =
[
"eth2" "wlan0"
]
;
}
;
}
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.bridges.<name>.interfaces
The physical network interfaces connected by the bridge.
Type:
"list of strings"
Example:
[
"eth0" "eth1"
]
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.bridges.<name>.rstp
Whether the bridge interface should enable rstp.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.connman.enable
Whether to use ConnMan for managing your network connections.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/connman.nix>
|
networking.defaultGateway
The default gateway. It can be left empty if it is auto-detected through DHCP.
Type:
"null or string"
Default:
null
Example:
"131.211.84.1"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.defaultGateway6
The default ipv6 gateway. It can be left empty if it is auto-detected through DHCP.
Type:
"null or string"
Default:
null
Example:
"2001:4d0:1e04:895::1"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.defaultGatewayWindowSize
The window size of the default gateway. It limits maximal data bursts that TCP peers are allowed to send to us.
Type:
"null or integer"
Default:
null
Example:
524288
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.defaultMailServer.authPass
Password used for SMTP auth. (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
Type:
"string"
Default:
""
Example:
"correctHorseBatteryStaple"
Declared by:
<nixpkgs/nixos/modules/programs/ssmtp.nix>
|
networking.defaultMailServer.authUser
Username used for SMTP auth. Leave blank to disable.
Type:
"string"
Default:
""
Example:
"foo@example.org"
Declared by:
<nixpkgs/nixos/modules/programs/ssmtp.nix>
|
networking.defaultMailServer.directDelivery
Use the trivial Mail Transfer Agent (MTA)
ssmtp package to allow programs to send
e-mail. If you don't want to run a “real” MTA like
sendmail or postfix on
your machine, set this option to true
, and
set the option
networking.defaultMailServer.hostName
to the
host name of your preferred mail server.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/programs/ssmtp.nix>
|
networking.defaultMailServer.domain
The domain from which mail will appear to be sent.
Type:
"string"
Default:
""
Example:
"example.org"
Declared by:
<nixpkgs/nixos/modules/programs/ssmtp.nix>
|
networking.defaultMailServer.hostName
The host name of the default mail server to use to deliver e-mail.
Type:
"string"
Example:
"mail.example.org"
Declared by:
<nixpkgs/nixos/modules/programs/ssmtp.nix>
|
networking.defaultMailServer.root
The e-mail to which mail for users with UID < 1000 is forwarded.
Type:
"string"
Default:
""
Example:
"root@example.org"
Declared by:
<nixpkgs/nixos/modules/programs/ssmtp.nix>
|
networking.defaultMailServer.useSTARTTLS
Whether the STARTTLS should be used to connect to the default mail server. (This is needed for TLS-capable mail servers running on the default SMTP port 25.)
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/programs/ssmtp.nix>
|
networking.defaultMailServer.useTLS
Whether TLS should be used to connect to the default mail server.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/programs/ssmtp.nix>
|
networking.dhcpcd.allowInterfaces
Enable the DHCP client for any interface whose name matches any of the shell glob patterns in this list. Any interface not explicitly matched by this pattern will be denied. This pattern only applies when non-null.
Type:
"null or list of strings"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpcd.nix>
|
networking.dhcpcd.denyInterfaces
Disable the DHCP client for any interface whose name matches any of the shell glob patterns in this list. The purpose of this option is to blacklist virtual interfaces such as those created by Xen, libvirt, LXC, etc.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpcd.nix>
|
networking.dhcpcd.extraConfig
Literal string to append to the config file generated for dhcpcd.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpcd.nix>
|
networking.dhcpcd.persistent
Whenever to leave interfaces configured on dhcpcd daemon shutdown. Set to true if you have your root or store mounted over the network or this machine accepts SSH connections through DHCP interfaces and clients should be notified when it shuts down.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpcd.nix>
|
networking.dhcpcd.runHook
Shell code that will be run after all other hooks. See `man dhcpcd-run-hooks` for details on what is possible.
Type:
"string"
Default:
""
Example:
"if [[ \$reason =~ BOUND ]]; then echo \$interface: Routers are \$new_routers - were \$old_routers; fi"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpcd.nix>
|
networking.dnsSingleRequest
Recent versions of glibc will issue both ipv4 (A) and ipv6 (AAAA) address queries at the same time, from the same port. Sometimes upstream routers will systemically drop the ipv4 queries. The symptom of this problem is that 'getent hosts example.com' only returns ipv6 (or perhaps only ipv4) addresses. The workaround for this is to specify the option 'single-request' in /etc/resolv.conf. This option enables that.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/networking.nix>
|
networking.domain
The domain. It can be left empty if it is auto-detected through DHCP.
Type:
"null or string"
Default:
null
Example:
"home"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.enableB43Firmware
Turn on this option if you want firmware for the NICs supported by the b43 module.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/network/b43.nix>
|
networking.enableIPv6
Whether to enable support for IPv6.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.enableIntel2100BGFirmware
Turn on this option if you want firmware for the Intel PRO/Wireless 2100BG to be loaded automatically. This is required if you want to use this device.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/network/intel-2100bg.nix>
|
networking.enableIntel2200BGFirmware
Turn on this option if you want firmware for the Intel PRO/Wireless 2200BG to be loaded automatically. This is required if you want to use this device.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/network/intel-2200bg.nix>
|
networking.enableIntel3945ABGFirmware
This option enables automatic loading of the firmware for the Intel PRO/Wireless 3945ABG.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/network/intel-3945abg.nix>
|
networking.enableRTL8192cFirmware
Turn on this option if you want firmware for the RTL8192c (and related) NICs.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/network/rtl8192c.nix>
|
networking.enableRalinkFirmware
Turn on this option if you want firmware for the RT73 NIC.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/hardware/network/ralink.nix>
|
networking.extraHosts
Additional entries to be appended to /etc/hosts
.
Type:
"string"
Default:
""
Example:
"192.168.0.1 lanlocalhost"
Declared by:
<nixpkgs/nixos/modules/config/networking.nix>
|
networking.firewall.allowPing
Whether to respond to incoming ICMPv4 echo requests ("pings"). ICMPv6 pings are always allowed because the larger address space of IPv6 makes network scanning much less effective.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedTCPPortRanges
A range of TCP ports on which incoming connections are accepted.
Type:
"list of attribute set of integerss"
Default:
[
]
Example:
[
{
from = 8999; to = 9003;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedTCPPorts
List of TCP ports on which incoming connections are accepted.
Type:
"list of integers"
Default:
[
]
Example:
[
22 80
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedUDPPortRanges
Range of open UDP ports.
Type:
"list of attribute set of integerss"
Default:
[
]
Example:
[
{
from = 60000; to = 61000;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedUDPPorts
List of open UDP ports.
Type:
"list of integers"
Default:
[
]
Example:
[
53
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.autoLoadConntrackHelpers
Whether to auto-load connection-tracking helpers. See the description at networking.firewall.connectionTrackingModules (needs kernel 3.5+)
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.checkReversePath
Performs a reverse path filter test on a packet. If a reply to the packet would not be sent via the same interface that the packet arrived on, it is refused. If using asymmetric routing or other complicated routing, disable this setting and setup your own counter-measures. (needs kernel 3.3+)
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.connectionTrackingModules
List of connection-tracking helpers that are auto-loaded. The complete list of possible values is given in the example. As helpers can pose as a security risk, it is advised to set this to an empty list and disable the setting networking.firewall.autoLoadConntrackHelpers Loading of helpers is recommended to be done through the new CT target. More info: https://home.regit.org/netfilter-en/secure-use-of-helpers/
Type:
"list of strings"
Default:
[
"ftp"
]
Example:
[
"ftp" "irc" "sane" "sip" "tftp" "amanda" "h323" "netbios_sn" "pptp" "snmp"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.enable
Whether to enable the firewall. This is a simple stateful firewall that blocks connection attempts to unauthorised TCP or UDP ports on this machine. It does not affect packet forwarding.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.extraCommands
Additional shell commands executed as part of the firewall initialisation script. These are executed just before the final "reject" firewall rule is added, so they can be used to allow packets that would otherwise be refused.
Type:
"string"
Default:
""
Example:
"iptables -A INPUT -p icmp -j ACCEPT"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.extraStopCommands
Additional shell commands executed as part of the firewall shutdown script. These are executed just after the removal of the nixos input rule, or if the service enters a failed state.
Type:
"string"
Default:
""
Example:
"iptables -P INPUT ACCEPT"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedConnections
Whether to log rejected or dropped incoming connections.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedPackets
Whether to log all rejected or dropped incoming packets. This tends to give a lot of log messages, so it's mostly useful for debugging.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedUnicastsOnly
If networking.firewall.logRefusedPackets
and this option are enabled, then only log packets
specifically directed at this machine, i.e., not broadcasts
or multicasts.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.pingLimit
If pings are allowed, this allows setting rate limits on them. If non-null, this option should be in the form of flags like "--limit 1/minute --limit-burst 5"
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.rejectPackets
If set, forbidden packets are rejected rather than dropped (ignored). This means that an ICMP "port unreachable" error message is sent back to the client. Rejecting packets makes port scanning somewhat easier.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.trustedInterfaces
Traffic coming in from these interfaces will be accepted unconditionally.
Type:
"list of strings"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.hostId
The 32-bit host ID of the machine, formatted as 8 hexadecimal characters.
You should try to make this ID unique among your machines. You can
generate a random 32-bit ID using the following commands:
cksum /etc/machine-id | while read c rest; do printf "%x" $c; done
(this derives it from the machine-id that systemd generates) or
head -c4 /dev/urandom | od -A none -t x4
Type:
"null or string"
Default:
null
Example:
"4e98920d"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.hostName
The name of the machine. Leave it empty if you want to obtain it from a DHCP server (if using DHCP).
Type:
"string"
Default:
"nixos"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaceMonitor.beep
If true
, beep when an Ethernet cable is
plugged in or unplugged.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ifplugd.nix>
|
networking.interfaceMonitor.commands
Shell commands to be executed when the link status of an
interface changes. On invocation, the shell variable
iface
contains the name of the interface,
while the variable status
contains either
up
or down
to indicate
the new status.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/ifplugd.nix>
|
networking.interfaceMonitor.enable
If true
, monitor Ethernet interfaces for
cables being plugged in or unplugged. When this occurs, the
commands specified in
networking.interfaceMonitor.commands
are
executed.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ifplugd.nix>
|
networking.interfaces
The configuration for each network interface. If
networking.useDHCP
is true, then every
interface not listed here will be configured using DHCP.
Type:
"list or attribute set of submodules"
Default:
{
}
Example:
{
eth0 =
{
ip4 =
[
{
address = "131.211.84.78"; prefixLength = 25;
}
]
;
}
;
}
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ip4
List of IPv4 addresses that will be statically assigned to the interface.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
address = "10.0.0.1"; prefixLength = 16;
}
{
address = "192.168.1.1"; prefixLength = 24;
}
]
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ip4.*.address
IPv4 address of the interface. Leave empty to configure the interface using DHCP.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ip4.*.prefixLength
Subnet mask of the interface, specified as the number of
bits in the prefix (24
).
Type:
"integer"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ip6
List of IPv6 addresses that will be statically assigned to the interface.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
address = "fdfd:b3f0:482::1"; prefixLength = 48;
}
{
address = "2001:1470:fffd:2098::e006"; prefixLength = 64;
}
]
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ip6.*.address
IPv6 address of the interface. Leave empty to configure the interface using DHCP.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ip6.*.prefixLength
Subnet mask of the interface, specified as the number of
bits in the prefix (64
).
Type:
"integer"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ipAddress
IP address of the interface. Leave empty to configure the interface using DHCP.
Type:
"null or string"
Default:
null
Example:
"10.0.0.1"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ipv6Address
IPv6 address of the interface. Leave empty to configure the interface using NDP.
Type:
"null or string"
Default:
null
Example:
"2001:1470:fffd:2098::e006"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.ipv6PrefixLength
Subnet mask of the interface, specified as the number of
bits in the prefix (64
).
Type:
"integer"
Default:
64
Example:
64
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.macAddress
MAC address of the interface. Leave empty to use the default.
Type:
"null or string"
Default:
null
Example:
"00:11:22:33:44:55"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.mtu
MTU size for packets leaving the interface. Leave empty to use the default.
Type:
"null or integer"
Default:
null
Example:
9000
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.name
Name of the interface.
Type:
"string"
Example:
"eth0"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.prefixLength
Subnet mask of the interface, specified as the number of
bits in the prefix (24
).
Type:
"null or integer"
Default:
null
Example:
24
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.proxyARP
Turn on proxy_arp for this device (and proxy_ndp for ipv6). This is mainly useful for creating pseudo-bridges between a real interface and a virtual network such as VPN or a virtual machine for interfaces that don't support real bridging (most wlan interfaces). As ARP proxying acts slightly above the link-layer, below-ip traffic isn't bridged, so things like DHCP won't work. The advantage above using NAT lies in the fact that no IP addresses are shared, so all hosts are reachable/routeable. WARNING: turns on ip-routing, so if you have multiple interfaces, you should think of the consequence and setup firewall rules to limit this.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.subnetMask
Defunct, supply the prefix length instead.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.useDHCP
Whether this interface should be configured with dhcp. Null implies the old behavior which depends on whether ip addresses are specified or not.
Type:
"null or boolean"
Default:
null
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.virtual
Whether this interface is virtual and should be created by tunctl. This is mainly useful for creating bridges between a host a virtual network such as VPN or a virtual machine.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.virtualOwner
In case of a virtual device, the user who owns it.
Type:
"string"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.interfaces.<name?>.virtualType
The explicit type of interface to create. Accepts tun or tap strings. Also accepts null to implicitly detect the type of device.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.localCommands
Shell commands to be executed at the end of the
network-setup
systemd service. Note that if
you are using DHCP to obtain the network configuration,
interfaces may not be fully configured yet.
Type:
"unspecified"
Default:
""
Example:
"text=anything; echo You can put \$text here."
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.macvlans
This option allows you to define macvlan interfaces which should be automatically created.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
wan =
{
interface = "enp2s0"; mode = "vepa";
}
;
}
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.macvlans.<name>.interface
The interface the macvlan will transmit packets through.
Type:
"string"
Example:
"enp4s0"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.macvlans.<name>.mode
The mode of the macvlan device.
Type:
"null or string"
Default:
null
Example:
"vepa"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.nameservers
The list of nameservers. It can be left empty if it is auto-detected through DHCP.
Type:
"unspecified"
Default:
[
]
Example:
[
"130.161.158.4" "130.161.33.17"
]
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.nat.enable
Whether to enable Network Address Translation (NAT).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nat.nix>
|
networking.nat.externalIP
The public IP address to which packets from the local network are to be rewritten. If this is left empty, the IP address associated with the external interface will be used.
Type:
"null or string"
Default:
null
Example:
"203.0.113.123"
Declared by:
<nixpkgs/nixos/modules/services/networking/nat.nix>
|
networking.nat.externalInterface
The name of the external network interface.
Type:
"string"
Example:
"eth1"
Declared by:
<nixpkgs/nixos/modules/services/networking/nat.nix>
|
networking.nat.forwardPorts
List of forwarded ports from the external interface to internal destinations by using DNAT.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
destination = "10.0.0.1:80"; sourcePort = 8080;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nat.nix>
|
networking.nat.forwardPorts.*.destination
Forward tcp connection to destination ip:port
Type:
"string"
Example:
"10.0.0.1:80"
Declared by:
<nixpkgs/nixos/modules/services/networking/nat.nix>
|
networking.nat.forwardPorts.*.sourcePort
Source port of the external interface
Type:
"integer"
Example:
8080
Declared by:
<nixpkgs/nixos/modules/services/networking/nat.nix>
|
networking.nat.internalIPs
The IP address ranges for which to perform NAT. Packets coming from these addresses (on any interface) and destined for the external interface will be rewritten.
Type:
"list of strings"
Default:
[
]
Example:
[
"192.168.1.0/24"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nat.nix>
|
networking.nat.internalInterfaces
The interfaces for which to perform NAT. Packets coming from these interface and destined for the external interface will be rewritten.
Type:
"list of strings"
Default:
[
]
Example:
[
"eth0"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nat.nix>
|
networking.networkmanager.appendNameservers
A list of name servers that should be appended to the ones configured in NetworkManager or received by DHCP.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/networkmanager.nix>
|
networking.networkmanager.dispatcherScripts
A list of scripts which will be executed in response to network events.
Type:
"list of submodules"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/networkmanager.nix>
|
networking.networkmanager.dispatcherScripts.*.source
A script source.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/networkmanager.nix>
|
networking.networkmanager.dispatcherScripts.*.type
Dispatcher hook type. Only basic hooks are currently available.
Type:
"one of basic"
Default:
"basic"
Declared by:
<nixpkgs/nixos/modules/services/networking/networkmanager.nix>
|
networking.networkmanager.enable
Whether to use NetworkManager to obtain an IP address and other
configuration for all network interfaces that are not manually
configured. If enabled, a group networkmanager
will be created. Add all users that should have permission
to change network settings to this group.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/networkmanager.nix>
|
networking.networkmanager.insertNameservers
A list of name servers that should be inserted before the ones configured in NetworkManager or received by DHCP.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/networkmanager.nix>
|
networking.networkmanager.packages
Extra packages that provide NetworkManager plugins.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/networkmanager.nix>
|
networking.proxy.default
This option specifies the default value for httpProxy, httpsProxy, ftpProxy and rsyncProxy.
Type:
"null or string"
Default:
null
Example:
"http://127.0.0.1:3128"
Declared by:
<nixpkgs/nixos/modules/config/networking.nix>
|
networking.proxy.ftpProxy
This option specifies the ftp_proxy environment variable.
Type:
"null or string"
Default:
null
Example:
"http://127.0.0.1:3128"
Declared by:
<nixpkgs/nixos/modules/config/networking.nix>
|
networking.proxy.httpProxy
This option specifies the http_proxy environment variable.
Type:
"null or string"
Default:
null
Example:
"http://127.0.0.1:3128"
Declared by:
<nixpkgs/nixos/modules/config/networking.nix>
|
networking.proxy.httpsProxy
This option specifies the https_proxy environment variable.
Type:
"null or string"
Default:
null
Example:
"http://127.0.0.1:3128"
Declared by:
<nixpkgs/nixos/modules/config/networking.nix>
|
networking.proxy.noProxy
This option specifies the no_proxy environment variable. If a default proxy is used and noProxy is null, then noProxy will be set to 127.0.0.1,localhost.
Type:
"null or string"
Default:
null
Example:
"127.0.0.1,localhost,.localdomain"
Declared by:
<nixpkgs/nixos/modules/config/networking.nix>
|
networking.proxy.rsyncProxy
This option specifies the rsync_proxy environment variable.
Type:
"null or string"
Default:
null
Example:
"http://127.0.0.1:3128"
Declared by:
<nixpkgs/nixos/modules/config/networking.nix>
|
networking.search
The list of search paths used when resolving domain names.
Type:
"list of strings"
Default:
[
]
Example:
[
"example.com" "local.domain"
]
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.sits
This option allows you to define 6-to-4 interfaces which should be automatically created.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
hurricane =
{
local = "10.0.0.22"; remote = "10.0.0.1"; ttl = 255;
}
; msipv6 =
{
dev = "enp3s0"; remote = "192.168.0.1"; ttl = 127;
}
;
}
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.sits.<name>.dev
The underlying network device on which the tunnel resides.
Type:
"null or string"
Default:
null
Example:
"enp4s0f0"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.sits.<name>.local
The address of the local endpoint which the remote side should send packets to.
Type:
"null or string"
Default:
null
Example:
"10.0.0.22"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.sits.<name>.remote
The address of the remote endpoint to forward traffic over.
Type:
"null or string"
Default:
null
Example:
"10.0.0.1"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.sits.<name>.ttl
The time-to-live of the connection to the remote tunnel endpoint.
Type:
"null or integer"
Default:
null
Example:
255
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.tcpcrypt.enable
Whether to enable opportunistic TCP encryption. If the other end speaks Tcpcrypt, then your traffic will be encrypted; otherwise it will be sent in clear text. Thus, Tcpcrypt alone provides no guarantees -- it is best effort. If, however, a Tcpcrypt connection is successful and any attackers that exist are passive, then Tcpcrypt guarantees privacy.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/tcpcrypt.nix>
|
networking.useDHCP
Whether to use DHCP to obtain an IP address and other configuration for all network interfaces that are not manually configured.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.useHostResolvConf
In containers, whether to use the
resolv.conf
supplied by the host.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.useNetworkd
Whether we should use networkd as the network configuration backend or the legacy script based system. Note that this option is experimental, enable at your own risk.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.usePredictableInterfaceNames
Whether to assign predictable
names to network interfaces. If enabled, interfaces
are assigned names that contain topology information
(e.g. wlp3s0
) and thus should be stable
across reboots. If disabled, names depend on the order in
which interfaces are discovered by the kernel, which may
change randomly across reboots; for instance, you may find
eth0
and eth1
flipping
unpredictably.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/hardware/udev.nix>
|
networking.vlans
This option allows you to define vlan devices that tag packets on top of a physical interface. The value of this option is an attribute set. Each attribute specifies a vlan, with the name specifying the name of the vlan interface.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
vlan0 =
{
id = 3; interface = "enp3s0";
}
; vlan1 =
{
id = 1; interface = "wlan0";
}
;
}
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.vlans.<name>.id
The vlan identifier
Type:
"integer"
Example:
1
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.vlans.<name>.interface
The interface the vlan will transmit packets through.
Type:
"string"
Example:
"enp4s0"
Declared by:
<nixpkgs/nixos/modules/tasks/network-interfaces.nix>
|
networking.vpnc.services
The names of cisco VPNs and their associated definitions
Type:
"attribute set of strings"
Default:
{
}
Example:
{
test = "IPSec gateway 192.168.1.1 \nIPSec ID someID\nIPSec secret secretKey\nXauth username name\nXauth password pass\n";
}
Declared by:
<nixpkgs/nixos/modules/config/vpnc.nix>
|
networking.wicd.enable
Whether to start wicd. Wired and wireless network configurations can then be managed by wicd-client.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/wicd.nix>
|
networking.wireless.driver
Force a specific wpa_supplicant driver.
Type:
"string"
Default:
"nl80211,wext"
Declared by:
<nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix>
|
networking.wireless.enable
Whether to start wpa_supplicant to scan for
and associate with wireless networks. Note: NixOS currently
does not manage wpa_supplicant's
configuration file, /etc/wpa_supplicant.conf
. You
should edit this file yourself to define wireless networks,
WPA keys and so on (see
wpa_supplicant.conf(5)), or use
networking.wireless.userControlled.* to allow users to add entries
through wpa_cli and wpa_gui.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix>
|
networking.wireless.interfaces
The interfaces wpa_supplicant will use. If empty, it will automatically use all wireless interfaces.
Type:
"list of strings"
Default:
[
]
Example:
[
"wlan0" "wlan1"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix>
|
networking.wireless.userControlled.enable
Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli. This is useful for laptop users that switch networks a lot and don't want to depend on a large package such as NetworkManager just to pick nearby access points. When you want to use this, make sure /etc/wpa_supplicant.conf doesn't exist. It will be created for you. Currently it is also necessary to explicitly specify networking.wireless.interfaces.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix>
|
networking.wireless.userControlled.group
Members of this group can control wpa_supplicant.
Type:
"string"
Default:
"wheel"
Example:
"network"
Declared by:
<nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix>
|
nix.binaryCachePublicKeys
List of public keys used to sign binary caches. If
nix.requireSignedBinaryCaches
is enabled,
then Nix will use a binary from a binary cache if and only
if it is signed by any of the keys
listed here. By default, only the key for
cache.nixos.org
is included.
Type:
"list of strings"
Example:
[
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.binaryCaches
List of binary cache URLs used to obtain pre-built binaries of Nix packages.
Type:
"list of strings"
Default:
[
"https://cache.nixos.org/"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildCores
This option defines the maximum number of concurrent tasks during one build. It affects, e.g., -j option for make. The default is 1. The special value 0 means that the builder should use all available CPU cores in the system. Some builds may become non-deterministic with this option; use with care! Packages will only be affected if enableParallelBuilding is set for them.
Type:
"integer"
Default:
1
Example:
64
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines
This option lists the machines to be used if distributed
builds are enabled (see
nix.distributedBuilds
). Nix will perform
derivations on those machines via SSH by copying the inputs
to the Nix store on the remote machine, starting the build,
then copying the output back to the local Nix store. Each
element of the list should be an attribute set containing
the machine's host name (hostname
), the
user name to be used for the SSH connection
(sshUser
), the Nix system type
(system
, e.g.,
"i686-linux"
), the maximum number of
jobs to be run in parallel on that machine
(maxJobs
), the path to the SSH private
key to be used to connect (sshKey
), a
list of supported features of the machine
(supportedFeatures
) and a list of
mandatory features of the machine
(mandatoryFeatures
). The SSH private key
should not have a passphrase, and the corresponding public
key should be added to
~
on the remote machine.
sshUser
/authorized_keys
Type:
"list of attribute sets"
Default:
[
]
Example:
[
{
hostName = "voila.labs.cs.uu.nl"; maxJobs = 1; sshKey = "/root/.ssh/id_buildfarm"; sshUser = "nix"; system = "powerpc-darwin";
}
{
hostName = "linux64.example.org"; mandatoryFeatures = "perf"; maxJobs = 2; sshKey = "/root/.ssh/id_buildfarm"; sshUser = "buildfarm"; supportedFeatures = "kvm"; system = "x86_64-linux";
}
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.chrootDirs
Directories from the host filesystem to be included in the chroot.
Type:
"list of strings"
Default:
[
]
Example:
[
"/dev" "/proc"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.daemonIONiceLevel
Nix daemon process I/O priority. This priority propagates to build processes. 0 is the default Unix process I/O priority, 7 is the lowest.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.daemonNiceLevel
Nix daemon process priority. This priority propagates to build processes. 0 is the default Unix process priority, 20 is the lowest.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.distributedBuilds
Whether to distribute builds to the machines listed in
nix.buildMachines
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.extraOptions
Additional text appended to nix.conf
.
Type:
"string"
Default:
""
Example:
'' gc-keep-outputs = true gc-keep-derivations = true ''
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.gc.automatic
Automatically run the garbage collector at a specific time.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-gc.nix>
|
nix.gc.dates
Specification (in the format described by systemd.time(5)) of the time at which the garbage collector will run.
Type:
"string"
Default:
"03:15"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-gc.nix>
|
nix.gc.options
Options given to nix-collect-garbage
when the
garbage collector is run automatically.
Type:
"string"
Default:
""
Example:
"--max-freed \$((64 * 1024**3))"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-gc.nix>
|
nix.maxJobs
This option defines the maximum number of jobs that Nix will try to build in parallel. The default is 1. You should generally set it to the number of CPUs in your system (e.g., 2 on an Athlon 64 X2).
Type:
"integer"
Default:
1
Example:
64
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.nrBuildUsers
Number of nixbld
user accounts created to
perform secure concurrent builds. If you receive an error
message saying that “all build users are currently in use”,
you should increase this value.
Type:
"integer"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.readOnlyStore
If set, NixOS will enforce the immutability of the Nix store
by making /nix/store
a read-only bind
mount. Nix will automatically make the store writable when
needed.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.requireSignedBinaryCaches
If enabled, Nix will only download binaries from binary
caches if they are cryptographically signed with any of the
keys listed in
nix.binaryCachePublicKeys
. If disabled (the
default), signatures are neither required nor checked, so
it's strongly recommended that you use only trustworthy
caches and https to prevent man-in-the-middle attacks.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.sshServe.enable
Whether to enable serving the Nix store as a binary cache via SSH.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-ssh-serve.nix>
|
nix.sshServe.keys
A list of SSH public keys allowed to access the binary cache via SSH.
Type:
"list of strings"
Default:
[
]
Example:
[
"ssh-dss AAAAB3NzaC1k... alice@example.org"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-ssh-serve.nix>
|
nix.trustedBinaryCaches
List of binary cache URLs that non-root users can use (in
addition to those specified using
nix.binaryCaches
by passing
--option binary-caches
to Nix commands.
Type:
"list of strings"
Default:
[
]
Example:
[
"http://hydra.nixos.org/"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.useChroot
If set, Nix will perform builds in a chroot-environment that it will set up automatically for each build. This prevents impurities in builds by disallowing access to dependencies outside of the Nix store.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nixpkgs.config
The configuration of the Nix Packages collection. (For
details, see the Nixpkgs documentation.) It allows you to set
package configuration options, and to override packages
globally through the packageOverrides
option. The latter is a function that takes as an argument
the original Nixpkgs, and must evaluate
to a set of new or overridden packages.
Type:
"nixpkgs config"
Default:
{
}
Example:
{ firefox.enableGeckoMediaPlayer = true; packageOverrides = pkgs: { firefox60Pkgs = pkgs.firefox60Pkgs.override { enableOfficialBranding = true; }; }; }
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.system
Specifies the Nix platform type for which NixOS should be built. If unset, it defaults to the platform type of your host system. Specifying this option is useful when doing distributed multi-platform deployment, or when building virtual machines.
Type:
"string"
Example:
"i686-linux"
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
power.ups.enable
Enables support for Power Devices, such as Uninterruptible Power Supplies, Power Distribution Units and Solar Controllers.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.maxStartDelay
This can be set as a global variable above your first UPS definition and it can also be set in a UPS section. This value controls how long upsdrvctl will wait for the driver to finish starting. This keeps your system from getting stuck due to a broken driver or UPS.
Type:
"integer"
Default:
45
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.mode
The MODE determines which part of the NUT is to be started, and which configuration files must be modified. The values of MODE can be: - none: NUT is not configured, or use the Integrated Power Management, or use some external system to startup NUT components. So nothing is to be started. - standalone: This mode address a local only configuration, with 1 UPS protecting the local system. This implies to start the 3 NUT layers (driver, upsd and upsmon) and the matching configuration files. This mode can also address UPS redundancy. - netserver: same as for the standalone configuration, but also need some more ACLs and possibly a specific LISTEN directive in upsd.conf. Since this MODE is opened to the network, a special care should be applied to security concerns. - netclient: this mode only requires upsmon.
Type:
"string"
Default:
"standalone"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.schedulerRules
File which contains the rules to handle UPS events.
Type:
"string"
Example:
"/etc/nixos/upssched.conf"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.ups
This is where you configure all the UPSes that this system will be monitoring directly. These are usually attached to serial ports, but USB devices are also supported.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.ups.<name>.description
Description of the UPS.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.ups.<name>.directives
List of configuration directives for this UPS.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.ups.<name>.driver
Specify the program to run to talk to this UPS. apcsmart, bestups, and sec are some examples.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.ups.<name>.maxStartDelay
This can be set as a global variable above your first UPS definition and it can also be set in a UPS section. This value controls how long upsdrvctl will wait for the driver to finish starting. This keeps your system from getting stuck due to a broken driver or UPS.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.ups.<name>.port
The serial port to which your UPS is connected. /dev/ttyS0 is usually the first port on Linux boxes, for example.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.ups.<name>.shutdownOrder
When you have multiple UPSes on your system, you usually need to turn them off in a certain order. upsdrvctl shuts down all the 0s, then the 1s, 2s, and so on. To exclude a UPS from the shutdown sequence, set this to -1.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
power.ups.ups.<name>.summary
Lines which would be added inside ups.conf for handling this UPS.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/ups.nix>
|
powerManagement.cpuFreqGovernor
Configure the governor used to regulate the frequence of the available CPUs. By default, the kernel configures the on-demand governor.
Type:
"null or string"
Default:
null
Example:
"ondemand"
Declared by:
<nixpkgs/nixos/modules/tasks/cpu-freq.nix>
|
powerManagement.enable
Whether to enable power management. This includes support for suspend-to-RAM and powersave features on laptops.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/power-management.nix>
|
powerManagement.powerDownCommands
Commands executed when the machine powers down. That is, they're executed both when the system shuts down and when it goes to suspend or hibernation.
Type:
"string"
Default:
""
Example:
"${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
Declared by:
<nixpkgs/nixos/modules/config/power-management.nix>
|
powerManagement.powerUpCommands
Commands executed when the machine powers up. That is, they're executed both when the system first boots and when it resumes from suspend or hibernation.
Type:
"string"
Default:
""
Example:
"${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
Declared by:
<nixpkgs/nixos/modules/config/power-management.nix>
|
powerManagement.resumeCommands
Commands executed after the system resumes from suspend-to-RAM.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/config/power-management.nix>
|
powerManagement.scsiLinkPolicy
Configure the SCSI link power management policy. By default, the kernel configures "max_performance".
Type:
"string"
Default:
""
Example:
"min_power"
Declared by:
<nixpkgs/nixos/modules/tasks/scsi-link-power-management.nix>
|
programs.atop.settings
Parameters to be written to /etc/atoprc
.
Type:
"attribute set"
Default:
{
}
Example:
{
flags = "a1f"; interval = 5;
}
Declared by:
<nixpkgs/nixos/modules/programs/atop.nix>
|
programs.bash.enableCompletion
Enable Bash completion for all interactive bash shells.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.interactiveShellInit
Shell script code called during interactive bash shell initialisation.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.loginShellInit
Shell script code called during login bash shell initialisation.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.promptInit
Shell script code used to initialise the bash prompt.
Type:
"string"
Default:
'' # Provide a nice prompt. PROMPT_COLOR="1;31m" let $UID && PROMPT_COLOR="1;32m" PS1="\n\[\033[$PROMPT_COLOR\][\u@\h:\w]\\$\[\033[0m\] " if test "$TERM" = "xterm"; then PS1="\[\033]2;\h:\u:\w\007\]$PS1" fi ''
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.shellAliases
Set of aliases for bash shell. See environment.shellAliases
for an option format description.
Type:
"attribute set"
Default:
{
l = "ls -alh"; ll = "ls -l"; ls = "ls --color=tty"; restart = "systemctl restart"; start = "systemctl start"; status = "systemctl status"; stop = "systemctl stop"; which = "type -P";
}
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.shellInit
Shell script code called during bash shell initialisation.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.cdemu.enable
Whether to enable cdemu for users of appropriate group (default cdrom)
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/cdemu.nix>
|
programs.cdemu.group
Required group for users of cdemu
Type:
"unspecified"
Default:
"cdrom"
Declared by:
<nixpkgs/nixos/modules/programs/cdemu.nix>
|
programs.cdemu.gui
Whether to install cdemu GUI (gCDEmu)
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/programs/cdemu.nix>
|
programs.cdemu.image-analyzer
Whether to install image analyzer
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/programs/cdemu.nix>
|
programs.ibus.enable
Enable IBus input method
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/programs/ibus.nix>
|
programs.ibus.plugins
IBus plugin packages
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/programs/ibus.nix>
|
programs.light.enable
Whether to install Light backlight control with setuid wrapper.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/light.nix>
|
programs.nano.nanorc
The system-wide nano configuration. See nanorc(5).
Type:
"string"
Default:
""
Example:
'' set nowrap set tabstospaces set tabsize 4 ''
Declared by:
<nixpkgs/nixos/modules/programs/nano.nix>
|
programs.screen.screenrc
The contents of /etc/screenrc file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/programs/screen.nix>
|
programs.ssh.agentTimeout
How long to keep the private keys in memory. Use null to keep them forever.
Type:
"null or string"
Default:
null
Example:
"1h"
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.askPassword
Program used by SSH to ask for passwords.
Type:
"string"
Default:
"/nix/store/dsi5p2v34y8rqj957yj5vpgw43sbf818-x11-ssh-askpass-1.2.4.1/libexec/x11-ssh-askpass"
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.extraConfig
Extra configuration text appended to ssh_config
.
See ssh_config(5)
for help.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.forwardX11
Whether to request X11 forwarding on outgoing connections by default. This is useful for running graphical programs on the remote machine and have them display to your local X11 server. Historically, this value has depended on the value used by the local sshd daemon, but there really isn't a relation between the two. Note: there are some security risks to forwarding an X11 connection. NixOS's X server is built with the SECURITY extension, which prevents some obvious attacks. To enable or disable forwarding on a per-connection basis, see the -X and -x options to ssh. The -Y option to ssh enables trusted forwarding, which bypasses the SECURITY extension.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.package
The package used for the openssh client and daemon.
Type:
"unspecified"
Default:
(build of openssh-6.8p1)
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.setXAuthLocation
Whether to set the path to xauth for X11-forwarded connections. This causes a dependency on X11 packages.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.startAgent
Whether to start the OpenSSH agent when you log in. The OpenSSH agent remembers private keys for you so that you don't have to type in passphrases every time you make an SSH connection. Use ssh-add to add a key to the agent.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.zsh.enable
Whenever to configure Zsh as an interactive shell.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/zsh/zsh.nix>
|
programs.zsh.interactiveShellInit
Shell script code called during interactive zsh shell initialisation.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/programs/zsh/zsh.nix>
|
programs.zsh.loginShellInit
Shell script code called during zsh login shell initialisation.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/programs/zsh/zsh.nix>
|
programs.zsh.promptInit
Shell script code used to initialise the zsh prompt.
Type:
"string"
Default:
'' autoload -U promptinit && promptinit && prompt walters ''
Declared by:
<nixpkgs/nixos/modules/programs/zsh/zsh.nix>
|
programs.zsh.shellAliases
Set of aliases for zsh shell. See environment.shellAliases
for an option format description.
Type:
"attribute set"
Default:
{
l = "ls -alh"; ll = "ls -l"; ls = "ls --color=tty"; restart = "systemctl restart"; start = "systemctl start"; status = "systemctl status"; stop = "systemctl stop";
}
Declared by:
<nixpkgs/nixos/modules/programs/zsh/zsh.nix>
|
programs.zsh.shellInit
Shell script code called during zsh shell initialisation.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/programs/zsh/zsh.nix>
|
qtPlugins
Plugin packages for Qt such as input methods.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/qt-plugin-env.nix>
|
security.apparmor.confineSUIDApplications
Install AppArmor profiles for commonly-used SUID application to mitigate potential privilege escalation attacks due to bugs in such applications. Currently available profiles: ping
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/security/apparmor-suid.nix>
|
security.apparmor.enable
Enable the AppArmor Mandatory Access Control system.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.profiles
List of files containing AppArmor profiles.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.duosec.acceptEnvFactor
Look for factor selection or passcode in the
$DUO_PASSCODE
environment variable before
prompting the user for input.
When $DUO_PASSCODE is non-empty, it will override
autopush. The SSH client will need SendEnv DUO_PASSCODE in
its configuration, and the SSH server will similarly need
AcceptEnv DUO_PASSCODE.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.allowTcpForwarding
By default, when SSH forwarding, enabling Duo Security will disable TCP forwarding. By enabling this, you potentially undermine some of the SSH based login security. Note this is not needed if you use PAM.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.autopush
If true
, Duo Unix will automatically send
a push login request to the user’s phone, falling back on a
phone call if push is unavailable. If
false
, the user will be prompted to
choose an authentication method. When configured with
autopush = yes
, we recommend setting
prompts = 1
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.failmode
On service or configuration errors that prevent Duo authentication, fail "safe" (allow access) or "secure" (deny access). The default is "safe".
Type:
"string"
Default:
"safe"
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.fallbackLocalIP
Duo Unix reports the IP address of the authorizing user, for
the purposes of authorization and whitelisting. If Duo Unix
cannot detect the IP address of the client, setting
fallbackLocalIP = yes
will cause Duo Unix
to send the IP address of the server it is running on.
If you are using IP whitelisting, enabling this option could
cause unauthorized logins if the local IP is listed in the
whitelist.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.group
Use Duo authentication for users only in this group.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.host
Duo API hostname.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.ikey
Integration key.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.motd
Print the contents of /etc/motd
to screen
after a successful login.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.pam.enable
If enabled, protect logins with Duo Security using PAM support.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.prompts
If a user fails to authenticate with a second factor, Duo
Unix will prompt the user to authenticate again. This option
sets the maximum number of prompts that Duo Unix will
display before denying access. Must be 1, 2, or 3. Default
is 3.
For example, when prompts = 1
, the user
will have to successfully authenticate on the first prompt,
whereas if prompts = 2
, if the user
enters incorrect information at the initial prompt, he/she
will be prompted to authenticate again.
When configured with autopush = true
, we
recommend setting prompts = 1
.
Type:
"integer"
Default:
3
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.pushinfo
Include information such as the command to be executed in the Duo Push message.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.skey
Secret key.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.duosec.ssh.enable
If enabled, protect SSH logins with Duo Security.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/duosec.nix>
|
security.grsecurity.config.denyChrootChmod
If true, then set GRKERN_CHROOT_CHMOD
y
. If enabled, this denies processes inside a
chroot from setting the suid or sgid bits using
chmod
or fchmod
.
By default this protection is disabled - it makes it
impossible to use Nix to build software on your system,
which is what most users want.
If you are using NixOps to deploy your software to a
remote machine, you're encouraged to enable this as you
won't need to compile code.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.denyUSB
If true, then set GRKERNSEC_DENYUSB y
.
This enables a sysctl with name
kernel.grsecurity.deny_new_usb
. Setting
its value to 1
will prevent any new USB
devices from being recognized by the OS. Any attempted
USB device insertion will be logged.
This option is intended to be used against custom USB
devices designed to exploit vulnerabilities in various USB
device drivers.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.disableRBAC
If true, then set GRKERN_NO_RBAC
y
. This disables the
/dev/grsec
device, which in turn
disables the RBAC system (and gradm
).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.hardwareVirtualisation
grsecurity hardware virtualisation configuration. Set to
true
if your machine supports hardware
accelerated virtualisation.
Type:
"null or boolean"
Default:
null
Example:
true
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.kernelExtraConfig
Extra kernel configuration parameters.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.mode
grsecurity configuration mode. This specifies whether grsecurity is auto-configured or otherwise completely manually configured.
Type:
"one of auto, custom"
Default:
"auto"
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.priority
grsecurity configuration priority. This specifies whether the kernel configuration should emphasize speed or security.
Type:
"one of security, performance"
Default:
"security"
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.restrictProc
If true, then set GRKERN_PROC_USER
y
. This restricts non-root users to only viewing
their own processes and restricts network-related
information, kernel symbols, and module information.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.restrictProcWithGroup
If true, then set GRKERN_PROC_USERGROUP
y
. This is similar to
restrictProc
except it allows a special
group (specified by unrestrictProcGid
)
to still access otherwise classified information in
/proc
.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.sysctl
If true, then set GRKERN_SYSCTL y
. If
enabled then grsecurity can be controlled using sysctl
(and turned off). You are advised to *never* enable this,
but if you do, make sure to always set the sysctl
kernel.grsecurity.grsec_lock
to
non-zero as soon as all sysctl options are set. *THIS IS
EXTREMELY IMPORTANT*!
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.system
grsecurity system configuration.
Type:
"one of desktop, server"
Default:
"desktop"
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.unrestrictProcGid
If set, specifies a GID which is exempt from
/proc
restrictions (set by
GRKERN_PROC_USERGROUP
). By default,
this is set to the GID for grsecurity
,
a predefined NixOS group, which the
root
account is a member of. You may
conveniently add other users to this group if you need
access to /proc
Type:
"integer"
Default:
121
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.verboseVersion
Use verbose version in kernel localversion.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.virtualisationConfig
grsecurity virtualisation configuration. This specifies the virtualisation role of the machine - that is, whether it will be a virtual machine guest, a virtual machine host, or neither.
Type:
"null or one of host, guest"
Default:
null
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.config.virtualisationSoftware
Configure grsecurity for use with this virtualisation software.
Type:
"null or one of kvm, xen, vmware, virtualbox"
Default:
null
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.enable
Enable grsecurity support. This enables advanced exploit
hardening for the Linux kernel, and adds support for
administrative Role-Based Acess Control (RBAC) via
gradm
. It also includes traditional
utilities for PaX.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.stable
Enable the stable grsecurity patch, based on Linux 3.14.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.grsecurity.testing
Enable the testing grsecurity patch, based on Linux 3.19.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/grsecurity.nix>
|
security.pam.enableEcryptfs
Enable eCryptfs PAM module (mounting ecryptfs home directory on login).
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableOATH
Enable the OATH (one-time password) PAM module.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableOTPW
Enable the OTPW (one-time password) PAM module.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableSSHAgentAuth
Enable sudo logins if the user's SSH agent provides a key
present in ~/.ssh/authorized_keys
.
This allows machines to exclusively use SSH keys instead of
passwords.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits
Define resource limits that should apply to users or groups.
Each item in the list should be an attribute set with a
domain
, type
,
item
, and value
attribute. The syntax and semantics of these attributes
must be that described in the limits.conf(5) man page.
Type:
"unspecified"
Default:
[
]
Example:
[
{
domain = "ftp"; item = "nproc"; type = "hard"; value = "0";
}
{
domain = "@student"; item = "maxlogins"; type = "-"; value = "4";
}
]
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services
This option defines the PAM services. A service typically corresponds to a program that uses PAM, e.g. login or passwd. Each attribute of this set defines a PAM service, with the attribute name defining the name of the service.
Type:
"list or attribute set of submodules"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.allowNullPassword
Whether to allow logging into accounts that have no password
set (i.e., have an empty password field in
/etc/passwd
or
/etc/group
). This does not enable
logging into disabled accounts (i.e., that have the password
field set to !
). Note that regardless of
what the pam_unix documentation says, accounts with hashed
empty passwords are always allowed to log in.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.forwardXAuth
Whether X authentication keys should be passed from the calling user to the target user (e.g. for su)
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.fprintAuth
If set, fingerprint reader will be used (if exists and your fingerprints are enrolled).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.limits
Attribute set describing resource limits. Defaults to the
value of security.pam.loginLimits
.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.logFailures
Whether to log authentication failures in /var/log/faillog
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.makeHomeDir
Whether to try to create home directories for users
with $HOME
s pointing to nonexistent
locations on session login.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.name
Name of the PAM service.
Type:
"string"
Example:
"sshd"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.oathAuth
If set, the OATH Toolkit will be used.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.otpwAuth
If set, the OTPW system will be used (if
~/.otpw
exists).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.requireWheel
Whether to permit root access only to members of group wheel.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.rootOK
If set, root doesn't need to authenticate (e.g. for the useradd service).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.setLoginUid
Set the login uid of the process
(/proc/self/loginuid
) for auditing
purposes. The login uid is only set by ‘entry points’ like
login and sshd, not by
commands like sudo.
Type:
"boolean"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.showMotd
Whether to show the message of the day.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.sshAgentAuth
If set, the calling user's SSH agent is used to authenticate
against the keys in the calling user's
~/.ssh/authorized_keys
. This is useful
for sudo on password-less remote systems.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.startSession
If set, the service will register a new session with systemd's login manager. For local sessions, this will give the user access to audio devices, CD-ROM drives. In the default PolicyKit configuration, it also allows the user to reboot the system.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.text
Contents of the PAM service file.
Type:
"null or string"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.unixAuth
Whether users can log in with passwords defined in
/etc/shadow
.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.updateWtmp
Whether to update /var/log/wtmp
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name?>.usbAuth
If set, users listed in
/etc/pamusb.conf
are able to log in
with the associated USB key.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.usb.enable
Enable USB login for all login systems that support it. For more information, visit http://pamusb.org/doc/quickstart#setting_up.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/pam_usb.nix>
|
security.pki.certificateFiles
A list of files containing trusted root certificates in PEM
format. These are concatenated to form
/etc/ssl/certs/ca-bundle.crt
, which is
used by many programs that use OpenSSL, such as
curl and git.
Type:
"list of paths"
Default:
[
]
Example:
[ "${pkgs.cacert}/etc/ca-bundle.crt" ]
Declared by:
<nixpkgs/nixos/modules/security/ca.nix>
|
security.pki.certificates
A list of trusted root certificates in PEM format.
Type:
"list of strings"
Default:
[
]
Example:
[
"NixOS.org\n=========\n-----BEGIN CERTIFICATE-----\nMIIGUDCCBTigAwIBAgIDD8KWMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ\nTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0\n...\n-----END CERTIFICATE-----\n"
]
Declared by:
<nixpkgs/nixos/modules/security/ca.nix>
|
security.polkit.adminIdentities
Specifies which users are considered “administrators”, for those
actions that require the user to authenticate as an
administrator (i.e. have an auth_admin
value). By default, this is the root
user and all users in the wheel
group.
Type:
"list of strings"
Default:
[
"unix-user:0" "unix-group:wheel"
]
Example:
[
"unix-user:alice" "unix-group:admin"
]
Declared by:
<nixpkgs/nixos/modules/security/polkit.nix>
|
security.polkit.enable
Whether to enable PolKit.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/security/polkit.nix>
|
security.polkit.extraConfig
Any polkit rules to be added to config (in JavaScript ;-). See: http://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html#polkit-rules
Type:
"string"
Default:
""
Example:
'' /* Log authorization checks. */ polkit.addRule(function(action, subject) { polkit.log("user " + subject.user + " is attempting action " + action.id + " from PID " + subject.pid); }); /* Allow any local user to do anything (dangerous!). */ polkit.addRule(function(action, subject) { if (subject.local) return "yes"; }); ''
Declared by:
<nixpkgs/nixos/modules/security/polkit.nix>
|
security.rngd.enable
Whether to enable the rng daemon, which adds entropy from hardware sources of randomness to the kernel entropy pool when available.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/security/rngd.nix>
|
security.rtkit.enable
Whether to enable the RealtimeKit system service, which hands out realtime scheduling priority to user processes on demand. For example, the PulseAudio server uses this to acquire realtime priority.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/rtkit.nix>
|
security.setuidOwners
This option allows the ownership and permissions on the setuid wrappers for specific programs to be overridden from the default (setuid root, but not setgid root).
Type:
"list of attribute sets"
Default:
[
]
Example:
[
{
group = "postdrop"; owner = "nobody"; permissions = "u+rx,g+x,o+x"; program = "sendmail"; setgid = true; setuid = false;
}
]
Declared by:
<nixpkgs/nixos/modules/security/setuid-wrappers.nix>
|
security.setuidPrograms
The Nix store cannot contain setuid/setgid programs directly. For this reason, NixOS can automatically generate wrapper programs that have the necessary privileges. This option lists the names of programs in the system environment for which setuid root wrappers should be created.
Type:
"list of strings"
Default:
[
]
Example:
[
"passwd"
]
Declared by:
<nixpkgs/nixos/modules/security/setuid-wrappers.nix>
|
security.sudo.configFile
This string contains the contents of the
sudoers
file.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.enable
Whether to enable the sudo command, which allows non-root users to execute commands as root.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraConfig
Extra configuration text appended to sudoers
.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.wheelNeedsPassword
Whether users of the wheel
group can execute
commands as super user without entering a password.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
services.accounts-daemon.enable
Whether to enable AccountsService, a DBus service for accessing the list of user accounts and information attached to those accounts.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/accountsservice.nix>
|
services.acpid.acEventCommands
Shell commands to execute on an ac_adapter.* event.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/hardware/acpid.nix>
|
services.acpid.enable
Whether to enable the ACPI daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/acpid.nix>
|
services.acpid.lidEventCommands
Shell commands to execute on a button/lid.* event.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/hardware/acpid.nix>
|
services.acpid.powerEventCommands
Shell commands to execute on a button/power.* event.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/hardware/acpid.nix>
|
services.activemq.baseDir
The base directory where ActiveMQ stores its persistent data and logs.
This will be overridden if you set "activemq.base" and "activemq.data"
in the javaProperties
option. You can also override
this in activemq.xml.
Type:
"string"
Default:
"/var/activemq"
Declared by:
<nixpkgs/nixos/modules/services/amqp/activemq/default.nix>
|
services.activemq.configurationDir
The base directory for ActiveMQ's configuration. By default, this directory is searched for a file named activemq.xml, which should contain the configuration for the broker service.
Type:
"unspecified"
Default:
"/nix/store/3sci0dk3m2bcvil01nl6d7dhfrmc0y5b-apache-activemq-5.8.0/conf"
Declared by:
<nixpkgs/nixos/modules/services/amqp/activemq/default.nix>
|
services.activemq.configurationURI
The URI that is passed along to the BrokerFactory to
set up the configuration of the ActiveMQ broker service.
You should not need to change this. For custom configuration,
set the configurationDir
instead, and create
an activemq.xml configuration file in it.
Type:
"string"
Default:
"xbean:activemq.xml"
Declared by:
<nixpkgs/nixos/modules/services/amqp/activemq/default.nix>
|
services.activemq.enable
Enable the Apache ActiveMQ message broker service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/amqp/activemq/default.nix>
|
services.activemq.extraJavaOptions
Add extra options here that you want to be sent to the Java runtime when the broker service is started.
Type:
"string"
Default:
""
Example:
"-Xmx2G -Xms2G -XX:MaxPermSize=512M"
Declared by:
<nixpkgs/nixos/modules/services/amqp/activemq/default.nix>
|
services.activemq.javaProperties
Specifies Java properties that are sent to the ActiveMQ broker service with the "-D" option. You can set properties here to change the behaviour and configuration of the broker. All essential properties that are not set here are automatically given reasonable defaults.
Type:
"attribute set"
Default:
{
}
Example:
{
java.net.preferIPv4Stack = "true";
}
Declared by:
<nixpkgs/nixos/modules/services/amqp/activemq/default.nix>
|
services.aiccu.automatic
Automatic Login and Tunnel activation
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.behindNAT
Notify the user that a NAT-kind network is detected
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.defaultRoute
Add a default route
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.enable
Enable aiccu IPv6 over IPv4 SiXXs tunnel
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.interfaceName
The name of the interface that will be used as a tunnel interface. On *BSD the ipv6_interface should be set to gifX (eg gif0) for proto-41 tunnels or tunX (eg tun0) for AYIYA tunnels.
Type:
"string"
Default:
"aiccu"
Example:
"sixxs"
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.localIPv4Override
Overrides the IPv4 parameter received from TIC This allows one to configure a NAT into "DMZ" mode and then forwarding the proto-41 packets to an internal host. This is only needed for static proto-41 tunnels! AYIYA and heartbeat tunnels don't require this.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.makeHeartBeats
In general you don't want to turn this off Of course only applies to AYIYA and heartbeat tunnels not to static ones
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.noConfigure
Don't configure anything
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.password
Login credential
Type:
"null or string"
Default:
null
Example:
"TmAkRbBEr0"
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.pidFile
Location of PID File
Type:
"path"
Default:
"/run/aiccu.pid"
Example:
"/var/lib/aiccu/aiccu.pid"
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.protocol
Protocol to use for setting up the tunnel
Type:
"string"
Default:
"tic"
Example:
"tic|tsp|l2tp"
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.requireTLS
When set to true, if TLS is not supported on the server the TIC transaction will fail. When set to false, it will try a starttls, when that is not supported it will continue. In any case if AICCU is build with TLS support it will try to do a 'starttls' to the TIC server to see if that is supported.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.server
Server to use for setting up the tunnel
Type:
"string"
Default:
"tic.sixxs.net"
Example:
"enabled.ipv6server.net"
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.setupScript
Script to run after setting up the interfaces
Type:
"null or path"
Default:
null
Example:
"/var/lib/aiccu/fix-subnets.sh"
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.tunnelID
The tunnel id to use, only required when there are multiple tunnels in the list
Type:
"null or string"
Default:
null
Example:
"T12345"
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.username
Login credential
Type:
"null or string"
Default:
null
Example:
"FAB5-SIXXS"
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.aiccu.verbose
Be verbose?
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/aiccu.nix>
|
services.almir.director_address
IP/Hostname for Director to connect with bconsole.
Type:
"unspecified"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/backup/almir.nix>
|
services.almir.director_name
Name of the Director to connect with bconsole.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/backup/almir.nix>
|
services.almir.director_password
Password for Director to connect with bconsole.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/backup/almir.nix>
|
services.almir.director_port
Port for Director to connect with bconsole.
Type:
"integer"
Default:
9101
Declared by:
<nixpkgs/nixos/modules/services/backup/almir.nix>
|
services.almir.enable
Enable Almir web server. Also configures postgresql database and installs bacula.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/almir.nix>
|
services.almir.port
Port for Almir web server to listen on.
Type:
"integer"
Default:
35000
Declared by:
<nixpkgs/nixos/modules/services/backup/almir.nix>
|
services.almir.sqlalchemy_engine_url
Define SQL database connection to bacula catalog as specified in http://docs.sqlalchemy.org/en/latest/core/engines.html#database-urls
Type:
"unspecified"
Default:
"postgresql:///bacula"
Example:
'' postgresql://bacula:bacula@localhost:5432/bacula mysql+mysqlconnector://<user>:<password>@<hostname>/<database>' sqlite:////var/lib/bacula/bacula.db' ''
Declared by:
<nixpkgs/nixos/modules/services/backup/almir.nix>
|
services.almir.timezone
Timezone as specified in https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
Type:
"unspecified"
Example:
"Europe/Ljubljana"
Declared by:
<nixpkgs/nixos/modules/services/backup/almir.nix>
|
services.amule.dataDir
The directory holding configuration, incoming and temporary files.
Type:
"unspecified"
Default:
"/home/amule/"
Declared by:
<nixpkgs/nixos/modules/services/networking/amuled.nix>
|
services.amule.enable
Whether to run the AMule daemon. You need to manually run "amuled --ec-config" to configure the service for the first time.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/amuled.nix>
|
services.amule.user
The user the AMule daemon should run as.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/amuled.nix>
|
services.apache-kafka.brokerId
Broker ID.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.enable
Whether to enable Apache Kafka.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.extraProperties
Extra properties for server.properties.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.hostname
Hostname the broker should bind to.
Type:
"string"
Default:
"localhost"
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.jvmOptions
Extra command line options for the JVM running Kafka.
Type:
"list of strings"
Default:
[
"-server" "-Xmx1G" "-Xms1G" "-XX:+UseCompressedOops" "-XX:+UseParNewGC" "-XX:+UseConcMarkSweepGC" "-XX:+CMSClassUnloadingEnabled" "-XX:+CMSScavengeBeforeRemark" "-XX:+DisableExplicitGC" "-Djava.awt.headless=true" "-Djava.net.preferIPv4Stack=true"
]
Example:
[
"-Djava.net.preferIPv4Stack=true" "-Dcom.sun.management.jmxremote" "-Dcom.sun.management.jmxremote.local.only=true"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.log4jProperties
Kafka log4j property configuration.
Type:
"string"
Default:
'' log4j.rootLogger=INFO, stdout log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=[%d] %p %m (%c)%n ''
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.logDirs
Log file directories
Type:
"list of paths"
Default:
[
"/tmp/kafka-logs"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.port
Port number the broker should listen on.
Type:
"integer"
Default:
9092
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.serverProperties
Complete server.properties content. Other server.properties config options will be ignored if this option is used.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apache-kafka.zookeeper
Zookeeper connection string
Type:
"string"
Default:
"localhost:2181"
Declared by:
<nixpkgs/nixos/modules/services/misc/apache-kafka.nix>
|
services.apcupsd.configText
Contents of the runtime configuration file, apcupsd.conf. The default settings makes apcupsd autodetect USB UPSes, limit network access to localhost and shutdown the system when the battery level is below 50 percent, or when the UPS has calculated that it has 5 minutes or less of remaining power-on time. See man apcupsd.conf for details.
Type:
"string"
Default:
'' UPSTYPE usb NISIP 127.0.0.1 BATTERYLEVEL 50 MINUTES 5 ''
Declared by:
<nixpkgs/nixos/modules/services/monitoring/apcupsd.nix>
|
services.apcupsd.enable
Whether to enable the APC UPS daemon. apcupsd monitors your UPS and permits orderly shutdown of your computer in the event of a power failure. User manual: http://www.apcupsd.com/manual/manual.html. Note that apcupsd runs as root (to allow shutdown of computer). You can check the status of your UPS with the "apcaccess" command.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/apcupsd.nix>
|
services.apcupsd.hooks
Each attribute in this option names an apcupsd event and the string value it contains will be executed in a shell, in response to that event (prior to the default action). See "man apccontrol" for the list of events and what they represent. A hook script can stop apccontrol from doing its default action by exiting with value 99. Do not do this unless you know what you're doing.
Type:
"attribute set of strings"
Default:
{
}
Example:
{
doshutdown = "# shell commands to notify that the computer is shutting down";
}
Declared by:
<nixpkgs/nixos/modules/services/monitoring/apcupsd.nix>
|
services.atd.allowEveryone
Whether to make /var/spool/at{jobs,spool}
writeable by everyone (and sticky). This is normally not
needed since the at commands are
setuid/setgid atd
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/scheduling/atd.nix>
|
services.atd.enable
Whether to enable the at daemon, a command scheduler.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/scheduling/atd.nix>
|
services.atftpd.enable
Whenever to enable the atftpd TFTP server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/atftpd.nix>
|
services.atftpd.root
Document root directory for the atftpd.
Type:
"string"
Default:
"/var/empty"
Declared by:
<nixpkgs/nixos/modules/services/networking/atftpd.nix>
|
services.avahi.browseDomains
List of non-local DNS domains to be browsed.
Type:
"unspecified"
Default:
[
"0pointer.de" "zeroconf.org"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/avahi-daemon.nix>
|
services.avahi.enable
Whether to run the Avahi daemon, which allows Avahi clients to use Avahi's service discovery facilities and also allows the local machine to advertise its presence and services (through the mDNS responder implemented by `avahi-daemon').
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/avahi-daemon.nix>
|
services.avahi.hostName
Host name advertised on the LAN. If not set, avahi will use the value of config.networking.hostName.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/avahi-daemon.nix>
|
services.avahi.ipv4
Whether to use IPv4
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/avahi-daemon.nix>
|
services.avahi.ipv6
Whether to use IPv6
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/avahi-daemon.nix>
|
services.avahi.nssmdns
Whether to enable the mDNS NSS (Name Service Switch) plug-in. Enabling it allows applications to resolve names in the `.local' domain by transparently querying the Avahi daemon.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/avahi-daemon.nix>
|
services.avahi.publishing
Whether to allow publishing.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/avahi-daemon.nix>
|
services.avahi.wideArea
Whether to enable wide-area service discovery.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/avahi-daemon.nix>
|
services.bacula-dir.enable
Whether to enable Bacula Director Daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-dir.extraConfig
Extra configuration for Bacula Director Daemon.
Type:
"unspecified"
Default:
""
Example:
'' TODO ''
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-dir.extraDirectorConfig
Extra configuration to be passed in Director directive.
Type:
"unspecified"
Default:
""
Example:
'' Maximum Concurrent Jobs = 20; Heartbeat Interval = 30; ''
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-dir.extraMessagesConfig
Extra configuration to be passed in Messages directive.
Type:
"unspecified"
Default:
""
Example:
'' console = all ''
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-dir.name
The director name used by the system administrator. This directive is required.
Type:
"unspecified"
Default:
"nixos-dir"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-dir.password
Specifies the password that must be supplied for a Director.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-dir.port
Specify the port (a positive integer) on which the Director daemon will listen for Bacula Console connections. This same port number must be specified in the Director resource of the Console configuration file. The default is 9101, so normally this directive need not be specified. This directive should not be used if you specify DirAddresses (N.B plural) directive.
Type:
"integer"
Default:
9101
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-fd.director
This option defines director resources in Bacula File Daemon.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-fd.director.<name>.monitor
If Monitor is set to no (default), this director will have full
Type:
"unspecified"
Default:
"no"
Example:
"yes"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-fd.director.<name>.password
Specifies the password that must be supplied for a Director to b
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-fd.enable
Whether to enable Bacula File Daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-fd.extraClientConfig
Extra configuration to be passed in Client directive.
Type:
"unspecified"
Default:
""
Example:
'' Maximum Concurrent Jobs = 20; Heartbeat Interval = 30; ''
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-fd.extraMessagesConfig
Extra configuration to be passed in Messages directive.
Type:
"unspecified"
Default:
""
Example:
'' console = all ''
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-fd.name
The client name that must be used by the Director when connecting. Generally, it is a good idea to use a name related to the machine so that error messages can be easily identified if you have multiple Clients. This directive is required.
Type:
"unspecified"
Default:
"nixos-fd"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-fd.port
This specifies the port number on which the Client listens for Director connections. It must agree with the FDPort specified in the Client resource of the Director's configuration file. The default is 9102.
Type:
"integer"
Default:
9102
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.device
This option defines Device resources in Bacula Storage Daemon.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.device.<name>.archiveDevice
The specified name-string gives the system file name of the storage device managed by this storage daemon. This will usually be the device file name of a removable storage device (tape drive), for example " /dev/nst0" or "/dev/rmt/0mbn". For a DVD-writer, it will be for example /dev/hdc. It may also be a directory name if you are archiving to disk storage.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.device.<name>.extraDeviceConfig
Extra configuration to be passed in Device directive.
Type:
"unspecified"
Default:
""
Example:
'' LabelMedia = yes Random Access = no AutomaticMount = no RemovableMedia = no MaximumOpenWait = 60 AlwaysOpen = no ''
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.device.<name>.mediaType
The specified name-string names the type of media supported by this device, for example, "DLT7000". Media type names are arbitrary in that you set them to anything you want, but they must be known to the volume database to keep track of which storage daemons can read which volumes. In general, each different storage type should have a unique Media Type associated with it. The same name-string must appear in the appropriate Storage resource definition in the Director's configuration file.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.director
This option defines Director resources in Bacula Storage Daemon.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.director.<name>.monitor
If Monitor is set to no (default), this director will have full
Type:
"unspecified"
Default:
"no"
Example:
"yes"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.director.<name>.password
Specifies the password that must be supplied for a Director to b
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.enable
Whether to enable Bacula Storage Daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.extraMessagesConfig
Extra configuration to be passed in Messages directive.
Type:
"unspecified"
Default:
""
Example:
'' console = all ''
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.extraStorageConfig
Extra configuration to be passed in Storage directive.
Type:
"unspecified"
Default:
""
Example:
'' Maximum Concurrent Jobs = 20; Heartbeat Interval = 30; ''
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.name
Specifies the Name of the Storage daemon.
Type:
"unspecified"
Default:
"nixos-sd"
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bacula-sd.port
Specifies port number on which the Storage daemon listens for Director connections. The default is 9103.
Type:
"integer"
Default:
9103
Declared by:
<nixpkgs/nixos/modules/services/backup/bacula.nix>
|
services.bind.blockedNetworks
What networks are just blocked.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/bind.nix>
|
services.bind.cacheNetworks
What networks are allowed to use us as a resolver.
Type:
"unspecified"
Default:
[
"127.0.0.0/24"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/bind.nix>
|
services.bind.configFile
Overridable config file to use for named. By default, that generated by nixos.
Type:
"unspecified"
Default:
(build of named.conf)
Declared by:
<nixpkgs/nixos/modules/services/networking/bind.nix>
|
services.bind.enable
Whether to enable BIND domain name server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/bind.nix>
|
services.bind.forwarders
List of servers we should forward requests to.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/bind.nix>
|
services.bind.ipv4Only
Only use ipv4, even if the host supports ipv6.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/bind.nix>
|
services.bind.zones
List of zones we claim authority over. master=false means slave server; slaves means addresses who may request zone transfer.
Type:
"unspecified"
Default:
[
]
Example:
[
{
file = "/var/dns/example.com"; master = false; masters =
[
"192.168.0.1"
]
; name = "example.com"; slaves =
[
]
;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/bind.nix>
|
services.bitlbee.authMode
The following authentication modes are available: Open -- Accept connections from anyone, use NickServ for user authentication. Closed -- Require authorization (using the PASS command during login) before allowing the user to connect at all. Registered -- Only allow registered users to use this server; this disables the register- and the account command until the user identifies himself.
Type:
"string"
Default:
"Open"
Declared by:
<nixpkgs/nixos/modules/services/networking/bitlbee.nix>
|
services.bitlbee.enable
Whether to run the BitlBee IRC to other chat network gateway. Running it allows you to access the MSN, Jabber, Yahoo! and ICQ chat networks via an IRC client.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/bitlbee.nix>
|
services.bitlbee.extraDefaults
Will be inserted in the Default section of the config file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/bitlbee.nix>
|
services.bitlbee.extraSettings
Will be inserted in the Settings section of the config file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/bitlbee.nix>
|
services.bitlbee.interface
The interface the BitlBee deamon will be listening to. If `127.0.0.1', only clients on the local host can connect to it; if `0.0.0.0', clients can access it from any network interface.
Type:
"unspecified"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/networking/bitlbee.nix>
|
services.bitlbee.portNumber
Number of the port BitlBee will be listening to.
Type:
"unspecified"
Default:
6667
Declared by:
<nixpkgs/nixos/modules/services/networking/bitlbee.nix>
|
services.bosun.enable
Whether to run bosun.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/bosun.nix>
|
services.bosun.extraConfig
Extra configuration options for Bosun. You should describe your desired templates, alerts, macros, etc through this configuration option. A detailed description of the supported syntax can be found at-spi2-atk http://bosun.org/configuration.html
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/bosun.nix>
|
services.bosun.group
Group account under which bosun runs.
Type:
"string"
Default:
"bosun"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/bosun.nix>
|
services.bosun.listenAddress
The host address and port that bosun's web interface will listen on.
Type:
"string"
Default:
":8070"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/bosun.nix>
|
services.bosun.opentsdbHost
Host and port of the OpenTSDB database that stores bosun data.
Type:
"string"
Default:
"localhost:4242"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/bosun.nix>
|
services.bosun.stateFile
Path to bosun's state file.
Type:
"string"
Default:
"/var/lib/bosun/bosun.state"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/bosun.nix>
|
services.bosun.user
User account under which bosun runs.
Type:
"string"
Default:
"bosun"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/bosun.nix>
|
services.btsync.apiKey
API key, which enables the developer API.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.checkForUpdates
Determines whether to check for updates and alert the user about them in the UI.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.deviceName
Name of the Bittorrent Sync device.
Type:
"string"
Example:
"Voltron"
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.downloadLimit
Download speed limit. 0 is unlimited (default).
Type:
"integer"
Default:
0
Example:
1024
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.enable
If enabled, start the Bittorrent Sync daemon. Once enabled,
you can interact with the service through the Web UI, or
configure it in your NixOS configuration. Enabling the
btsync
service also installs a
multi-instance systemd unit which can be used to start
user-specific copies of the daemon. Once installed, you can
use systemctl start btsync@user
to start
the daemon only for user user
, using the
configuration file located at
$HOME/.config/btsync.conf
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.enableWebUI
Enable Web UI for administration. Bound to the specified
httpListenAddress
and
httpListenPort
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.encryptLAN
Encrypt LAN data.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.httpListenAddr
HTTP address to bind to.
Type:
"string"
Default:
"0.0.0.0"
Example:
"1.2.3.4"
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.httpListenPort
HTTP port to bind on.
Type:
"integer"
Default:
9000
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.httpLogin
HTTP web login username.
Type:
"string"
Default:
""
Example:
"allyourbase"
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.httpPass
HTTP web login password.
Type:
"string"
Default:
""
Example:
"arebelongtous"
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.listeningPort
Listening port. Defaults to 0 which randomizes the port.
Type:
"integer"
Default:
0
Example:
44444
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.sharedFolders
Shared folder list. If enabled, web UI must be
disabled. Secrets can be generated using btsync
--generate-secret
. Note that this secret will be
put inside the Nix store, so it is realistically not very
secret.
If you would like to be able to modify the contents of this
directories, it is recommended that you make your user a
member of the btsync
group.
Directories in this list should be in the
btsync
group, and that group must have
write access to the directory. It is also recommended that
chmod g+s
is applied to the directory
so that any sub directories created will also belong to
the btsync
group. Also,
setfacl -d -m group:btsync:rwx
and
setfacl -m group:btsync:rwx
should also
be applied so that the sub directories are writable by
the group.
Type:
"unspecified"
Default:
[
]
Example:
[
{
directory = "/home/user/sync_test"; knownHosts =
[
"192.168.1.2:4444" "192.168.1.3:4444"
]
; searchLAN = true; secret = "AHMYFPCQAHBM7LQPFXQ7WV6Y42IGUXJ5Y"; useDHT = false; useRelayServer = true; useSyncTrash = true; useTracker = true;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.storagePath
Where to store the bittorrent sync files.
Type:
"path"
Default:
"/var/lib/btsync"
Example:
"/var/lib/btsync"
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.uploadLimit
Upload speed limit. 0 is unlimited (default).
Type:
"integer"
Default:
0
Example:
1024
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.btsync.useUpnp
Use Universal Plug-n-Play (UPnP)
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/btsync.nix>
|
services.cadvisor.enable
Whether to enable cadvisor service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.cadvisor.host
Cadvisor listening host
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.cadvisor.port
Cadvisor listening port
Type:
"integer"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.cadvisor.storageDriver
Cadvisor storage driver.
Type:
"null or string"
Default:
null
Example:
"influxdb"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.cadvisor.storageDriverDb
Cadvisord storage driver database name.
Type:
"string"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.cadvisor.storageDriverHost
Cadvisor storage driver host.
Type:
"string"
Default:
"localhost:8086"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.cadvisor.storageDriverPassword
Cadvisor storage driver password.
Type:
"string"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.cadvisor.storageDriverSecure
Cadvisor storage driver, enable secure communication.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.cadvisor.storageDriverUser
Cadvisor storage driver username.
Type:
"string"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/cadvisor.nix>
|
services.canto-daemon.enable
Whether to enable the canto RSS daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/canto-daemon.nix>
|
services.cgminer.config
Additional config
Type:
"unspecified"
Default:
{
}
Example:
{
auto-fan = true; auto-gpu = true; expiry = 120; failover-only = true; gpu-threads = 2; log = 5; queue = 1; scan-time = 60; temp-histeresys = 3;
}
Declared by:
<nixpkgs/nixos/modules/services/misc/cgminer.nix>
|
services.cgminer.enable
Whether to enable cgminer, an ASIC/FPGA/GPU miner for bitcoin and litecoin.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/cgminer.nix>
|
services.cgminer.hardware
List of config options for every GPU
Type:
"unspecified"
Default:
[
]
Example:
[
{
gpu-engine = "0-985"; gpu-fan = "0-85"; gpu-memclock = 860; gpu-powertune = 20; intensity = 9; temp-cutoff = 95; temp-overheat = 85; temp-target = 75;
}
{
gpu-engine = "0-950"; gpu-fan = "0-85"; gpu-memclock = 825; gpu-powertune = 20; intensity = 9; temp-cutoff = 95; temp-overheat = 85; temp-target = 75;
}
]
Declared by:
<nixpkgs/nixos/modules/services/misc/cgminer.nix>
|
services.cgminer.pools
List of pools where to mine
Type:
"unspecified"
Default:
[
]
Example:
[
{
password = "X"; url = "http://p2pool.org:9332"; username = "17EUZxTvs9uRmPsjPZSYUU3zCz9iwstudk";
}
]
Declared by:
<nixpkgs/nixos/modules/services/misc/cgminer.nix>
|
services.cgminer.user
User account under which cgminer runs
Type:
"unspecified"
Default:
"cgminer"
Declared by:
<nixpkgs/nixos/modules/services/misc/cgminer.nix>
|
services.chronos.enable
Whether to enable graphite web frontend.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/scheduling/chronos.nix>
|
services.chronos.httpPort
Chronos listening port
Type:
"integer"
Default:
4400
Declared by:
<nixpkgs/nixos/modules/services/scheduling/chronos.nix>
|
services.chronos.master
Chronos mesos master zookeeper address
Type:
"string"
Default:
"zk://localhost:2181/mesos"
Declared by:
<nixpkgs/nixos/modules/services/scheduling/chronos.nix>
|
services.chronos.zookeeperHosts
Chronos mesos zookepper addresses
Type:
"list of strings"
Default:
[
"localhost:2181"
]
Declared by:
<nixpkgs/nixos/modules/services/scheduling/chronos.nix>
|
services.chrony.enable
Whether to synchronise your machine's time using chrony. Make sure you disable NTP if you enable this service.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/chrony.nix>
|
services.chrony.extraConfig
Extra configuration directives that should be added to
chrony.conf
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/chrony.nix>
|
services.chrony.initstepslew
Allow chronyd to make a rapid measurement of the system clock error at boot time, and to correct the system clock by stepping before normal operation begins.
Type:
"unspecified"
Default:
{
enabled = true; servers =
[
"0.nixos.pool.ntp.org" "1.nixos.pool.ntp.org" "2.nixos.pool.ntp.org" "3.nixos.pool.ntp.org"
]
; threshold = 1000;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/chrony.nix>
|
services.chrony.servers
The set of NTP servers from which to synchronise.
Type:
"unspecified"
Default:
[
"0.nixos.pool.ntp.org" "1.nixos.pool.ntp.org" "2.nixos.pool.ntp.org" "3.nixos.pool.ntp.org"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/chrony.nix>
|
services.cjdns.ETHInterface.beacon
Auto-connect to other cjdns nodes on the same network. Options: 0: Disabled. 1: Accept beacons, this will cause cjdns to accept incoming beacon messages and try connecting to the sender. 2: Accept and send beacons, this will cause cjdns to broadcast messages on the local network which contain a randomly generated per-session password, other nodes which have this set to 1 or 2 will hear the beacon messages and connect automatically.
Type:
"integer"
Default:
2
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.ETHInterface.bind
Bind to this device for native ethernet operation.
Type:
"unspecified"
Default:
""
Example:
"eth0"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.ETHInterface.connectTo
Credentials for connecting look similar to UDP credientials except they begin with the mac address.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
01:02:03:04:05:06 =
{
hostname = "homer.hype"; password = "5kG15EfpdcKNX3f2GSQ0H1HC7yIfxoCoImnO5FHM"; publicKey = "371zpkgs8ss387tmr81q04mp0hg1skb51hw34vk1cq644mjqhup0.k";
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.ETHInterface.connectTo.<name>.hostname
Optional hostname to add to /etc/hosts; prevents reverse lookup failures.
Type:
"string"
Default:
""
Example:
"foobar.hype"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.ETHInterface.connectTo.<name>.password
Authorized password to the opposite end of the tunnel.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.ETHInterface.connectTo.<name>.publicKey
Public key at the opposite end of the tunnel.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.UDPInterface.bind
Address and port to bind UDP tunnels to.
Type:
"string"
Default:
""
Example:
"192.168.1.32:43211"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.UDPInterface.connectTo
Credentials for making UDP tunnels.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
192.168.1.1:27313 =
{
hostname = "homer.hype"; password = "5kG15EfpdcKNX3f2GSQ0H1HC7yIfxoCoImnO5FHM"; publicKey = "371zpkgs8ss387tmr81q04mp0hg1skb51hw34vk1cq644mjqhup0.k";
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.UDPInterface.connectTo.<name>.hostname
Optional hostname to add to /etc/hosts; prevents reverse lookup failures.
Type:
"string"
Default:
""
Example:
"foobar.hype"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.UDPInterface.connectTo.<name>.password
Authorized password to the opposite end of the tunnel.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.UDPInterface.connectTo.<name>.publicKey
Public key at the opposite end of the tunnel.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.admin.bind
Bind the administration port to this address and port.
Type:
"string"
Default:
"127.0.0.1:11234"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.authorizedPasswords
Any remote cjdns nodes that offer these passwords on connection will be allowed to route through this node.
Type:
"list of strings"
Default:
[
]
Example:
[
"snyrfgkqsc98qh1y4s5hbu0j57xw5s0" "z9md3t4p45mfrjzdjurxn4wuj0d8swv" "49275fut6tmzu354pq70sr5b95qq0vj"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.confFile
Ignore all other cjdns options and load configuration from this file.
Type:
"string"
Default:
""
Example:
"/etc/cjdroute.conf"
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.cjdns.enable
Whether to enable the cjdns network encryption and routing engine. A file at /etc/cjdns.keys will be created if it does not exist to contain a random secret key that your IPv6 address will be derived from.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/cjdns.nix>
|
services.clamav.updater.config
Extra configuration for freshclam. Contents will be added verbatim to the configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/security/clamav.nix>
|
services.clamav.updater.enable
Whether to enable automatic ClamAV virus definitions database updates.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/clamav.nix>
|
services.clamav.updater.frequency
Number of database checks per day.
Type:
"unspecified"
Default:
12
Declared by:
<nixpkgs/nixos/modules/services/security/clamav.nix>
|
services.cloud-init.enable
Enable the cloud-init service. This services reads configuration metadata in a cloud environment and configures the machine according to this metadata. This configuration is not completely compatible with the NixOS way of doing configuration, as configuration done by cloud-init might be overriden by a subsequent nixos-rebuild call. However, some parts of cloud-init fall outside of NixOS's responsibility, like filesystem resizing and ssh public key provisioning, and cloud-init is useful for that parts. Thus, be wary that using cloud-init in NixOS might come as some cost.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/system/cloud-init.nix>
|
services.cntlm.domain
Proxy account domain/workgroup name.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/networking/cntlm.nix>
|
services.cntlm.enable
Whether to enable the cntlm, which start a local proxy.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/cntlm.nix>
|
services.cntlm.extraConfig
Verbatim contents of cntlm.conf
.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/cntlm.nix>
|
services.cntlm.netbios_hostname
The hostname of your machine.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/cntlm.nix>
|
services.cntlm.password
Proxy account password. Note: use chmod 0600 on /etc/cntlm.password for security.
Type:
"string"
Default:
"/etc/cntlm.password"
Declared by:
<nixpkgs/nixos/modules/services/networking/cntlm.nix>
|
services.cntlm.port
Specifies on which ports the cntlm daemon listens.
Type:
"unspecified"
Default:
[
3128
]
Declared by:
<nixpkgs/nixos/modules/services/networking/cntlm.nix>
|
services.cntlm.proxy
A list of NTLM/NTLMv2 authenticating HTTP proxies. Parent proxy, which requires authentication. The same as proxy on the command-line, can be used more than once to specify unlimited number of proxies. Should one proxy fail, cntlm automatically moves on to the next one. The connect request fails only if the whole list of proxies is scanned and (for each request) and found to be invalid. Command-line takes precedence over the configuration file.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/networking/cntlm.nix>
|
services.cntlm.username
Proxy account name, without the possibility to include domain name ('at' sign is interpreted literally).
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/networking/cntlm.nix>
|
services.collectd.autoLoadPlugin
Enable plugin autoloading.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/collectd.nix>
|
services.collectd.dataDir
Data directory for collectd agent.
Type:
"path"
Default:
"/var/lib/collectd"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/collectd.nix>
|
services.collectd.enable
Whether to enable collectd agent.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/collectd.nix>
|
services.collectd.extraConfig
Extra configuration for collectd.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/collectd.nix>
|
services.collectd.include
Additional paths to load config from.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/collectd.nix>
|
services.collectd.pidFile
Location of collectd pid file.
Type:
"path"
Default:
"/var/run/collectd.pid"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/collectd.nix>
|
services.collectd.user
User under which to run collectd.
Type:
"null or string"
Default:
"collectd"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/collectd.nix>
|
services.consul.alerts.consulAddr
Consul api listening adddress
Type:
"string"
Default:
"localhost:8500"
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.alerts.enable
Whether to enable Whether to enable consul-alerts.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.alerts.listenAddr
Api listening address.
Type:
"string"
Default:
"localhost:9000"
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.alerts.watchChecks
Whether to enable check watcher.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.alerts.watchEvents
Whether to enable event watcher.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.dropPrivileges
Whether the consul agent should be run as a non-root consul user.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.enable
Enables the consul daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.extraConfig
Extra configuration options which are serialized to json and added to the config.json file.
Type:
"unspecified"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.extraConfigFiles
Additional configuration files to pass to consul NOTE: These will not trigger the service to be restarted when altered.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.forceIpv4
Whether we should force the interfaces to only pull ipv4 addresses.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.interface.advertise
The name of the interface to pull the advertise_addr from.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.interface.bind
The name of the interface to pull the bind_addr from.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.joinNodes
A list of addresses of nodes which should be joined at startup if the current node is in a left state.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.joinRetries
The number of times to retry connecting to the join nodes.
Type:
"integer"
Default:
10
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.leaveOnStop
If enabled, causes a leave action to be sent when closing consul. This allows a clean termination of the node, but permanently removes it from the cluster. You probably don't want this option unless you are running a node which going offline in a permanent / semi-permanent fashion.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.consul.webUi
Enables the web interface on the consul http port.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/consul.nix>
|
services.couchdb.bindAddress
Defines the IP address by which CouchDB will be accessible.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.configFile
Configuration file for persisting runtime changes. File needs to be readable and writable from couchdb user/group.
Type:
"string"
Default:
"/var/lib/couchdb/couchdb.ini"
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.databaseDir
Specifies location of CouchDB database files (*.couch named). This location should be writable and readable for the user the CouchDB service runs as (couchdb by default).
Type:
"path"
Default:
"/var/lib/couchdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.enable
Whether to run CouchDB Server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.extraConfig
Extra configuration. Overrides any other cofiguration.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.group
Group account under which couchdb runs.
Type:
"string"
Default:
"couchdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.logFile
Specifies the location of file for logging output.
Type:
"path"
Default:
"/var/log/couchdb.log"
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.port
Defined the port number to listen.
Type:
"integer"
Default:
5984
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.uriFile
This file contains the full URI that can be used to access this instance of CouchDB. It is used to help discover the port CouchDB is running on (if it was set to 0 (e.g. automatically assigned any free one). This file should be writable and readable for the user that runs the CouchDB service (couchdb by default).
Type:
"path"
Default:
"/var/run/couchdb/couchdb.uri"
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.user
User account under which couchdb runs.
Type:
"string"
Default:
"couchdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.couchdb.viewIndexDir
Specifies location of CouchDB view index files. This location should be writable and readable for the user that runs the CouchDB service (couchdb by default).
Type:
"path"
Default:
"/var/lib/couchdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/couchdb.nix>
|
services.cpuminer-cryptonight.enable
Whether to enable the cpuminer cryptonight miner.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/cpuminer-cryptonight.nix>
|
services.cpuminer-cryptonight.pass
Password for mining server
Type:
"string"
Default:
"x"
Declared by:
<nixpkgs/nixos/modules/services/misc/cpuminer-cryptonight.nix>
|
services.cpuminer-cryptonight.threads
Number of miner threads, defaults to available processors
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/misc/cpuminer-cryptonight.nix>
|
services.cpuminer-cryptonight.url
URL of mining server
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/misc/cpuminer-cryptonight.nix>
|
services.cpuminer-cryptonight.user
Username for mining server
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/misc/cpuminer-cryptonight.nix>
|
services.crashplan.enable
Starts crashplan background service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/crashplan.nix>
|
services.cron.cronFiles
A list of extra crontab files that will be read and appended to the main crontab file when the cron service starts.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/scheduling/cron.nix>
|
services.cron.enable
Whether to enable the Vixie cron daemon.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/scheduling/cron.nix>
|
services.cron.mailto
Email address to which job output will be mailed.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/scheduling/cron.nix>
|
services.cron.systemCronJobs
A list of Cron jobs to be appended to the system-wide
crontab. See the manual page for crontab for the expected
format. If you want to get the results mailed you must setuid
sendmail. See security.setuidOwners
If neither /var/cron/cron.deny nor /var/cron/cron.allow exist only root
will is allowed to have its own crontab file. The /var/cron/cron.deny file
is created automatically for you. So every user can use a crontab.
Many nixos modules set systemCronJobs, so if you decide to disable vixie cron
and enable another cron daemon, you may want it to get its system crontab
based on systemCronJobs.
Type:
"list of strings"
Default:
[
]
Example:
[ "* * * * * test ls -l / > /tmp/cronout 2>&1" "* * * * * eelco echo Hello World > /home/eelco/cronout" ]
Declared by:
<nixpkgs/nixos/modules/services/scheduling/cron.nix>
|
services.dbus.enable
Whether to start the D-Bus message bus daemon, which is required by many other system services and applications.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/system/dbus.nix>
|
services.dbus.packages
Packages whose D-Bus configuration files should be included in
the configuration of the D-Bus system-wide message bus.
Specifically, every file in
is included.
pkg
/etc/dbus-1/system.d
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/system/dbus.nix>
|
services.dd-agent.api_key
The Datadog API key to associate the agent with your account
Type:
"string"
Example:
"ae0aa6a8f08efa988ba0a17578f009ab"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/dd-agent.nix>
|
services.dd-agent.enable
Whether to enable the dd-agent montioring service
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/dd-agent.nix>
|
services.dd-agent.hostname
The hostname to show in the Datadog dashboard (optional)
Type:
"null or string"
Default:
null
Example:
"mymachine.mydomain"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/dd-agent.nix>
|
services.dd-agent.nginxConfig
Datadog nginx integration configuration
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/monitoring/dd-agent.nix>
|
services.dd-agent.postgresqlConfig
Datadog PostgreSQL integration configuration
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/monitoring/dd-agent.nix>
|
services.ddclient.domain
Domain name to synchronize.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.ddclient.enable
Whether to synchronise your machine's IP address with a dynamic DNS provider (e.g. dyndns.org).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.ddclient.extraConfig
Extra configuration. Contents will be added verbatim to the configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.ddclient.password
Password.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.ddclient.protocol
Protocol to use with dynamic DNS provider (see http://sourceforge.net/apps/trac/ddclient/wiki/Protocols).
Type:
"string"
Default:
"dyndns2"
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.ddclient.server
Server address.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.ddclient.ssl
Whether to use to use SSL/TLS to connect to dynamic DNS provider.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.ddclient.use
Method to determine the IP address to send to the dymanic DNS provider.
Type:
"string"
Default:
"web, web=checkip.dyndns.com/, web-skip='Current IP Address: '"
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.ddclient.username
Username.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/ddclient.nix>
|
services.deluge.enable
Start Deluge daemon.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/torrent/deluge.nix>
|
services.deluge.web.enable
Start Deluge Web daemon.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/torrent/deluge.nix>
|
services.dhcpd.configFile
The path of the DHCP server configuration file. If no file is specified, a file is generated using the other options.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd.enable
Whether to enable the DHCP server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd.extraConfig
Extra text to be appended to the DHCP server configuration file. Currently, you almost certainly need to specify something here, such as the options specifying the subnet mask, DNS servers, etc.
Type:
"unspecified"
Default:
""
Example:
'' option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; option routers 192.168.1.5; option domain-name-servers 130.161.158.4, 130.161.33.17, 130.161.180.1; option domain-name "example.org"; subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; } ''
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd.interfaces
The interfaces on which the DHCP server should listen.
Type:
"unspecified"
Default:
[
"eth0"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd.machines
A list mapping ethernet addresses to IP addresses for the DHCP server.
Type:
"unspecified"
Default:
[
]
Example:
[
{
ethernetAddress = "00:16:76:9a:32:1d"; hostName = "foo"; ipAddress = "192.168.1.10";
}
{
ethernetAddress = "00:19:d1:1d:c4:9a"; hostName = "bar"; ipAddress = "192.168.1.11";
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dictd.DBs
List of databases to make available.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/misc/dictd.nix>
|
services.dictd.enable
Whether to enable the DICT.org dictionary server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/dictd.nix>
|
services.diod.allsquash
Remap all users to "nobody". The attaching user need not be present in the password file.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.authRequired
Allow clients to connect without authentication, i.e. without a valid MUNGE credential.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.enable
Whether to enable the diod 9P file server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.exportall
Export all file systems listed in /proc/mounts. If new file systems are mounted after diod has started, they will become immediately mountable. If there is a duplicate entry for a file system in the exports list, any options listed in the exports entry will apply.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.exportopts
Establish a default set of export options. These are overridden, not appended to, by opts attributes in an "exports" entry.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.exports
List the file systems that clients will be allowed to mount. All paths should be fully qualified. The exports table can include two types of element: a string element (as above), or an alternate table element form { path="/path", opts="ro" }. In the alternate form, the (optional) opts attribute is a comma-separated list of export options. The two table element forms can be mixed in the exports table. Note that although diod will not traverse file system boundaries for a given mount due to inode uniqueness constraints, subdirectories of a file system can be separately exported.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.extraConfig
Extra configuration options for diod.conf.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.listen
[ "IP:PORT" [,"IP:PORT",...] ] List the interfaces and ports that diod should listen on.
Type:
"list of strings"
Default:
[
"0.0.0.0:564"
]
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.logdest
Set the destination for logging. The value has the form of "syslog:facility:level" or "filename".
Type:
"string"
Default:
"syslog:daemon:err"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.nwthreads
Sets the (fixed) number of worker threads created to handle 9P requests for a unique aname.
Type:
"integer"
Default:
16
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.squashuser
Change the squash user. The squash user must be present in the password file.
Type:
"string"
Default:
"nobody"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.statfsPassthru
This option configures statfs to return the host file system's type rather than V9FS_MAGIC.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.diod.userdb
This option disables password/group lookups. It allows any uid to attach and assumes gid=uid, and supplementary groups contain only the primary gid.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/diod.nix>
|
services.disnix.enable
Whether to enable Disnix
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/disnix.nix>
|
services.disnix.infrastructure
List of name value pairs containing properties for the infrastructure model
Type:
"unspecified"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/misc/disnix.nix>
|
services.disnix.publishAvahi
Whether to publish capabilities/properties as a Disnix service through Avahi
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/disnix.nix>
|
services.disnix.publishInfrastructure.enable
Whether to publish capabilities/properties of this machine in as attributes in the infrastructure option
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/disnix.nix>
|
services.disnix.publishInfrastructure.enableAuthentication
Whether to publish authentication credentials through the infrastructure attribute (not recommended in combination with Avahi)
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/disnix.nix>
|
services.disnix.useWebServiceInterface
Whether to enable the DisnixWebService interface running on Apache Tomcat
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/disnix.nix>
|
services.dnscrypt-proxy.enable
Enable dnscrypt-proxy. The proxy relays regular DNS queries to a DNSCrypt enabled upstream resolver. The traffic between the client and the upstream resolver is encrypted and authenticated, which may mitigate the risk of MITM attacks and third-party snooping (assuming the upstream is trustworthy).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/dnscrypt-proxy.nix>
|
services.dnscrypt-proxy.localAddress
Listen for DNS queries on this address.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/networking/dnscrypt-proxy.nix>
|
services.dnscrypt-proxy.port
Listen on this port.
Type:
"integer"
Default:
53
Declared by:
<nixpkgs/nixos/modules/services/networking/dnscrypt-proxy.nix>
|
services.dnscrypt-proxy.resolverName
The name of the upstream DNSCrypt resolver to use.
See /nix/store/8dlsxxga5cwyk669570z8ibzs18dv9ns-dnscrypt-proxy-1.4.3/share/dnscrypt-proxy/dnscrypt-resolvers.csv
for alternative resolvers (e.g., if you are concerned about logging
and/or server location).
Type:
"string"
Default:
"opendns"
Declared by:
<nixpkgs/nixos/modules/services/networking/dnscrypt-proxy.nix>
|
services.dnscrypt-proxy.tcpOnly
Force sending encrypted DNS queries to the upstream resolver over TCP instead of UDP (on port 443). Enabling this option may help circumvent filtering, but should not be used otherwise.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/dnscrypt-proxy.nix>
|
services.dnsmasq.enable
Whether to run dnsmasq.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/dnsmasq.nix>
|
services.dnsmasq.extraConfig
Extra configuration directives that should be added to
dnsmasq.conf
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/dnsmasq.nix>
|
services.dnsmasq.resolveLocalQueries
Whether dnsmasq should resolve local queries (i.e. add 127.0.0.1 to /etc/resolv.conf)
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/dnsmasq.nix>
|
services.dnsmasq.servers
The DNS servers which dnsmasq should query.
Type:
"unspecified"
Default:
[
]
Example:
[
"8.8.8.8" "8.8.4.4"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dnsmasq.nix>
|
services.dockerRegistry.enable
Whether to enable docker registry server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/docker-registry.nix>
|
services.dockerRegistry.extraConfig
Docker extra registry configuration. See https://github.com/docker/docker-registry/blob/master/config/config_sample.yml
Type:
"attribute set of strings"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/misc/docker-registry.nix>
|
services.dockerRegistry.host
Docker registry host or ip to bind to.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/misc/docker-registry.nix>
|
services.dockerRegistry.port
Docker registry port to bind to.
Type:
"integer"
Default:
5000
Declared by:
<nixpkgs/nixos/modules/services/misc/docker-registry.nix>
|
services.dockerRegistry.storagePath
Docker registry storage path.
Type:
"path"
Default:
"/var/lib/docker/registry"
Declared by:
<nixpkgs/nixos/modules/services/misc/docker-registry.nix>
|
services.dovecot2.configFile
Config file used for the whole dovecot configuration.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.enable
Whether to enable the Dovecot 2.x POP3/IMAP server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.enableImap
Start the IMAP listener (when Dovecot is enabled).
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.enablePop3
Start the POP3 listener (when Dovecot is enabled).
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.extraConfig
Additional entries to put verbatim into Dovecot's config file.
Type:
"unspecified"
Default:
""
Example:
"mail_debug = yes"
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.group
Dovecot group name.
Type:
"unspecified"
Default:
"dovecot2"
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.mailLocation
Location that dovecot will use for mail folders. Dovecot mail_location option.
Type:
"unspecified"
Default:
"maildir:/var/spool/mail/%u"
Example:
"maildir:~/mail:INBOX=/var/spool/mail/%u"
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.showPAMFailure
Show the PAM failure message on authentication error (useful for OTPW).
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.sslCACert
CA certificate used by the server certificate.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.sslServerCert
Server certificate
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.sslServerKey
Server key.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.dovecot2.user
Dovecot user name.
Type:
"unspecified"
Default:
"dovecot2"
Declared by:
<nixpkgs/nixos/modules/services/mail/dovecot.nix>
|
services.drbd.config
Contents of the drbd.conf
configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/drbd.nix>
|
services.drbd.enable
Whether to enable support for DRBD, the Distributed Replicated Block Device.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/drbd.nix>
|
services.ejabberd.confDir
Location of the config directory of ejabberd
Type:
"unspecified"
Default:
"/var/ejabberd"
Declared by:
<nixpkgs/nixos/modules/services/networking/ejabberd.nix>
|
services.ejabberd.enable
Whether to enable ejabberd server
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ejabberd.nix>
|
services.ejabberd.loadDumps
Configuration dump that should be loaded on the first startup
Type:
"unspecified"
Default:
[
]
Example:
[ ./myejabberd.dump ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ejabberd.nix>
|
services.ejabberd.logsDir
Location of the logfile directory of ejabberd
Type:
"unspecified"
Default:
"/var/log/ejabberd"
Declared by:
<nixpkgs/nixos/modules/services/networking/ejabberd.nix>
|
services.ejabberd.spoolDir
Location of the spooldir of ejabberd
Type:
"unspecified"
Default:
"/var/lib/ejabberd"
Declared by:
<nixpkgs/nixos/modules/services/networking/ejabberd.nix>
|
services.ejabberd.virtualHosts
Virtualhosts that ejabberd should host. Hostnames are surrounded with doublequotes and separated by commas
Type:
"unspecified"
Default:
''"localhost"''
Declared by:
<nixpkgs/nixos/modules/services/networking/ejabberd.nix>
|
services.elasticsearch.cluster_name
Elasticsearch name that identifies your cluster for auto-discovery.
Type:
"string"
Default:
"elasticsearch"
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.dataDir
Data directory for elasticsearch.
Type:
"path"
Default:
"/var/lib/elasticsearch"
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.enable
Whether to enable elasticsearch.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.extraCmdLineOptions
Extra command line options for the elasticsearch launcher.
Type:
"list of strings"
Default:
[
]
Example:
[
"-Djava.net.preferIPv4Stack=true"
]
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.extraConf
Extra configuration for elasticsearch.
Type:
"string"
Default:
""
Example:
'' node.name: "elasticsearch" node.master: true node.data: false index.number_of_shards: 5 index.number_of_replicas: 1 ''
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.host
Elasticsearch listen address.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.logging
Elasticsearch logging configuration.
Type:
"string"
Default:
'' rootLogger: INFO, console logger: action: INFO com.amazonaws: WARN appender: console: type: console layout: type: consolePattern conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" ''
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.plugins
Extra elasticsearch plugins
Type:
"list of derivations"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.port
Elasticsearch port to listen for HTTP traffic.
Type:
"integer"
Default:
9200
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.elasticsearch.tcp_port
Elasticsearch port for the node to node communication.
Type:
"integer"
Default:
9300
Declared by:
<nixpkgs/nixos/modules/services/search/elasticsearch.nix>
|
services.etcd.advertiseClientUrls
Etcd list of this member's client URLs to advertise to the rest of the cluster.
Type:
"list of strings"
Default:
[
"http://localhost:4001"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.dataDir
Etcd data directory.
Type:
"path"
Default:
"/var/lib/etcd"
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.discovery
Etcd discovery url
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.enable
Whether to enable etcd.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.extraConf
Etcd extra configuration. See https://github.com/coreos/etcd/blob/master/Documentation/configuration.md#environment-variables
Type:
"attribute set of strings"
Default:
{
}
Example:
{ "CORS": "*", "NAME": "default-name", "MAX_RESULT_BUFFER": "1024", "MAX_CLUSTER_SIZE": "9", "MAX_RETRY_ATTEMPTS": "3" }
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.initialAdvertisePeerUrls
Etcd list of this member's peer URLs to advertise to rest of the cluster.
Type:
"list of strings"
Default:
[
"http://localhost:7001"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.initialCluster
Etcd initial cluster configuration for bootstrapping.
Type:
"list of strings"
Default:
[
"nixos=http://localhost:7001"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.initialClusterState
Etcd initial cluster configuration for bootstrapping.
Type:
"one of new, existing"
Default:
"new"
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.initialClusterToken
Etcd initial cluster token for etcd cluster during bootstrap.
Type:
"string"
Default:
"etcd-cluster"
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.listenClientUrls
Etcd list of URLs to listen on for client traffic.
Type:
"list of strings"
Default:
[
"http://localhost:4001"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.listenPeerUrls
Etcd list of URLs to listen on for peer traffic.
Type:
"list of strings"
Default:
[
"http://localhost:7001"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.etcd.name
Etcd unique node name.
Type:
"string"
Default:
"nixos"
Declared by:
<nixpkgs/nixos/modules/services/misc/etcd.nix>
|
services.exim.config
Verbatim Exim configuration. This should not contain exim_user, exim_group, exim_path, or spool_directory.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/exim.nix>
|
services.exim.enable
Whether to enable the Exim mail transfer agent.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/exim.nix>
|
services.exim.group
Group to use when no root privileges are required.
Type:
"string"
Default:
"exim"
Declared by:
<nixpkgs/nixos/modules/services/mail/exim.nix>
|
services.exim.spoolDir
Location of the spool directory of exim.
Type:
"string"
Default:
"/var/spool/exim"
Declared by:
<nixpkgs/nixos/modules/services/mail/exim.nix>
|
services.exim.user
User to use when no root privileges are required. In particular, this applies when receiving messages and when doing remote deliveries. (Local deliveries run as various non-root users, typically as the owner of a local mailbox.) Specifying this value as root is not supported.
Type:
"string"
Default:
"exim"
Declared by:
<nixpkgs/nixos/modules/services/mail/exim.nix>
|
services.fail2ban.daemonConfig
The contents of Fail2ban's main configuration file. It's generally not necessary to change it.
Type:
"string"
Default:
'' [Definition] loglevel = INFO logtarget = SYSLOG socket = /run/fail2ban/fail2ban.sock pidfile = /run/fail2ban/fail2ban.pid ''
Declared by:
<nixpkgs/nixos/modules/services/security/fail2ban.nix>
|
services.fail2ban.enable
Whether to enable the fail2ban service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/fail2ban.nix>
|
services.fail2ban.jails
The configuration of each Fail2ban “jail”. A jail
consists of an action (such as blocking a port using
iptables) that is triggered when a
filter applied to a log file triggers more than a certain
number of times in a certain time period. Actions are
defined in /etc/fail2ban/action.d
,
while filters are defined in
/etc/fail2ban/filter.d
.
Type:
"attribute set of strings"
Default:
{
}
Example:
{
apache-nohome-iptables = "# Block an IP address if it accesses a non-existent\n# home directory more than 5 times in 10 minutes,\n# since that indicates that it's scanning.\nfilter = apache-nohome\naction = iptables-multiport[name=HTTP, port=\"http,https\"]\nlogpath = /var/log/httpd/error_log*\nfindtime = 600\nbantime = 600\nmaxretry = 5\n";
}
Declared by:
<nixpkgs/nixos/modules/services/security/fail2ban.nix>
|
services.fcgiwrap.enable
Whether to enable fcgiwrap, a server for running CGI applications over FastCGI.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/fcgiwrap.nix>
|
services.fcgiwrap.group
Group permissions for the socket.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/web-servers/fcgiwrap.nix>
|
services.fcgiwrap.preforkProcesses
Number of processes to prefork.
Type:
"integer"
Default:
1
Declared by:
<nixpkgs/nixos/modules/services/web-servers/fcgiwrap.nix>
|
services.fcgiwrap.socketAddress
Socket address. In case of a UNIX socket, this should be its filesystem path.
Type:
"string"
Default:
"/run/fcgiwrap.sock"
Example:
"1.2.3.4:5678"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/fcgiwrap.nix>
|
services.fcgiwrap.socketType
Socket type: 'unix', 'tcp' or 'tcp6'.
Type:
"string"
Default:
"unix"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/fcgiwrap.nix>
|
services.fcgiwrap.user
User permissions for the socket.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/web-servers/fcgiwrap.nix>
|
services.fcron.allow
Users allowed to use fcrontab and fcrondyn (one name per
line, all
for everyone).
Type:
"list of strings"
Default:
[
"all"
]
Declared by:
<nixpkgs/nixos/modules/services/scheduling/fcron.nix>
|
services.fcron.deny
Users forbidden from using fcron.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/scheduling/fcron.nix>
|
services.fcron.enable
Whether to enable the fcron daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/scheduling/fcron.nix>
|
services.fcron.maxSerialJobs
Maximum number of serial jobs which can run simultaneously.
Type:
"integer"
Default:
1
Declared by:
<nixpkgs/nixos/modules/services/scheduling/fcron.nix>
|
services.fcron.queuelen
Number of jobs the serial queue and the lavg queue can contain.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/scheduling/fcron.nix>
|
services.fcron.systab
The "system" crontab contents.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/scheduling/fcron.nix>
|
services.felix.bundles
List of bundles that should be activated on startup
Type:
"unspecified"
Default:
[
(build of apache-felix-remoteshell-bundle-1.0.4)
]
Declared by:
<nixpkgs/nixos/modules/services/misc/felix.nix>
|
services.felix.enable
Whether to enable the Apache Felix OSGi service
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/felix.nix>
|
services.felix.group
Group account under which Apache Felix runs.
Type:
"unspecified"
Default:
"osgi"
Declared by:
<nixpkgs/nixos/modules/services/misc/felix.nix>
|
services.felix.user
User account under which Apache Felix runs.
Type:
"unspecified"
Default:
"osgi"
Declared by:
<nixpkgs/nixos/modules/services/misc/felix.nix>
|
services.firebird.baseDir
Location containing data/ and system/ directories. data/ stores the databases, system/ stores the password database security2.fdb.
Type:
"unspecified"
Default:
"/var/db/firebird"
Declared by:
<nixpkgs/nixos/modules/services/databases/firebird.nix>
|
services.firebird.enable
Whether to enable the Firebird super server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/firebird.nix>
|
services.firebird.port
Port Firebird uses.
Type:
"unspecified"
Default:
"3050"
Declared by:
<nixpkgs/nixos/modules/services/databases/firebird.nix>
|
services.firebird.user
User account under which firebird runs.
Type:
"unspecified"
Default:
"firebird"
Declared by:
<nixpkgs/nixos/modules/services/databases/firebird.nix>
|
services.firefox.syncserver.allowNewUsers
Whether to allow new-user signups on the server. Only request by existing accounts will be honored.
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/firefox/sync-server.nix>
|
services.firefox.syncserver.enable
Whether to enable a Firefox Sync Server, this give the opportunity to
Firefox users to store all synchronized data on their own server. To use this
server, Firefox users should visit the about:config
, and
replicate the following change
services.sync.tokenServerURI: http://localhost:5000/token/1.0/sync/1.5
where http://localhost:5000/
corresponds to the
public url of the server.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/firefox/sync-server.nix>
|
services.firefox.syncserver.listen.address
Address on which the sync server listen to.
Type:
"string"
Default:
"127.0.0.1"
Example:
"0.0.0.0"
Declared by:
<nixpkgs/nixos/modules/services/networking/firefox/sync-server.nix>
|
services.firefox.syncserver.listen.port
Port on which the sync server listen to.
Type:
"integer"
Default:
5000
Declared by:
<nixpkgs/nixos/modules/services/networking/firefox/sync-server.nix>
|
services.firefox.syncserver.privateConfig
The private config file is used to extend the generated config with confidential
information, such as the syncserver.sqlUri
setting if it contains a
password, and the syncserver.secret
setting is used by the server to
generate cryptographically-signed authentication tokens.
If this file does not exists, then it is created with a generated
syncserver.secret
settings.
Type:
"string"
Default:
"/etc/firefox/syncserver-secret.ini"
Declared by:
<nixpkgs/nixos/modules/services/networking/firefox/sync-server.nix>
|
services.firefox.syncserver.publicUrl
Public URL with which firefox users can use to access the sync server.
Type:
"string"
Default:
"http://localhost:5000/"
Example:
"http://sync.example.com/"
Declared by:
<nixpkgs/nixos/modules/services/networking/firefox/sync-server.nix>
|
services.firefox.syncserver.sqlUri
The location of the database. This URL is composed of
dialect[+driver]://user:password@host/dbname[?key=value..]
,
where dialect
is a database name such as
mysql
, oracle
, postgresql
,
etc., and driver
the name of a DBAPI, such as
psycopg2
, pyodbc
, cx_oracle
,
etc. The
SQLAlchemy documentation provides more examples and describe the syntax of
the expected URL.
Type:
"string"
Default:
"sqlite:////var/db/firefox-sync-server.db"
Example:
"postgresql://scott:tiger@localhost/test"
Declared by:
<nixpkgs/nixos/modules/services/networking/firefox/sync-server.nix>
|
services.flashpolicyd.enable
Whether to enable the Flash Policy server. This is necessary if you want Flash applications to make connections to your server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/flashpolicyd.nix>
|
services.flashpolicyd.policy
The policy to be served. The default is to allow connections from any domain to any port.
Type:
"unspecified"
Default:
'' <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="master-only"/> <allow-access-from domain="*" to-ports="*" /> </cross-domain-policy> ''
Declared by:
<nixpkgs/nixos/modules/services/networking/flashpolicyd.nix>
|
services.fleet.enable
Whether to enable fleet service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fleet.etcdCafile
Fleet TLS ca file when SSL certificate authentication is enabled in etcd endpoints.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fleet.etcdCertfile
Fleet TLS cert file when SSL certificate authentication is enabled in etcd endpoints.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fleet.etcdKeyfile
Fleet TLS key file when SSL certificate authentication is enabled in etcd endpoints.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fleet.etcdServers
Fleet list of etcd endpoints to use.
Type:
"list of strings"
Default:
[
"http://127.0.0.1:4001"
]
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fleet.extraConfig
Fleet extra config. See https://github.com/coreos/fleet/blob/master/Documentation/deployment-and-configuration.md for configuration options.
Type:
"attribute set of strings"
Default:
{
}
Example:
{ VERBOSITY = 1; ETCD_REQUEST_TIMEOUT = "2.0"; AGENT_TTL = "40s"; }
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fleet.listen
Fleet listening addresses.
Type:
"list of strings"
Default:
[
"/var/run/fleet.sock"
]
Example:
[
"/var/run/fleet.sock" "127.0.0.1:49153"
]
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fleet.metadata
Key/value pairs that are published with the local to the fleet registry. This data can be used directly by a client of fleet to make scheduling decisions.
Type:
"attribute set of strings"
Default:
{
}
Example:
{ region = "us-west"; az = "us-west-1"; }
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fleet.publicIp
Fleet IP address that should be published with the local Machine's state and any socket information. If not set, fleetd will attempt to detect the IP it should publish based on the machine's IP routing information.
Type:
"null or string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/fleet.nix>
|
services.fluentd.config
Fluentd config.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/logging/fluentd.nix>
|
services.fluentd.enable
Whether to enable fluentd.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/fluentd.nix>
|
services.foldingAtHome.config
Extra configuration. Contents will be added verbatim to the configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/folding-at-home.nix>
|
services.foldingAtHome.enable
Whether to enable the Folding@Home to use idle CPU time.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/folding-at-home.nix>
|
services.foldingAtHome.nickname
A unique handle for statistics.
Type:
"unspecified"
Default:
"Anonymous"
Declared by:
<nixpkgs/nixos/modules/services/misc/folding-at-home.nix>
|
services.fourStore.database
RDF database name. If it doesn't exist, it will be created. Databases are stored in /var/lib/4store.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/4store.nix>
|
services.fourStore.enable
Whether to enable 4Store RDF database server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/4store.nix>
|
services.fourStore.options
Extra CLI options to pass to 4Store.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/4store.nix>
|
services.fourStoreEndpoint.database
RDF database name to expose via the endpoint. Defaults to local 4Store database name.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/4store-endpoint.nix>
|
services.fourStoreEndpoint.enable
Whether to enable 4Store SPARQL endpoint.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/4store-endpoint.nix>
|
services.fourStoreEndpoint.listenAddress
IP address to listen on.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/databases/4store-endpoint.nix>
|
services.fourStoreEndpoint.options
Extra CLI options to pass to 4Store's 4s-httpd process.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/4store-endpoint.nix>
|
services.fourStoreEndpoint.port
port to listen on.
Type:
"unspecified"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/databases/4store-endpoint.nix>
|
services.fprintd.enable
Whether to enable fprintd daemon and PAM module for fingerprint readers handling.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/fprintd.nix>
|
services.fprot.updater.enable
Whether to enable automatic F-Prot virus definitions database updates.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/fprot.nix>
|
services.fprot.updater.frequency
Update virus definitions every X minutes.
Type:
"unspecified"
Default:
30
Declared by:
<nixpkgs/nixos/modules/services/security/fprot.nix>
|
services.fprot.updater.licenseKeyfile
License keyfile. Defaults to the one supplied with installation package.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/security/fprot.nix>
|
services.fprot.updater.productData
product.data file. Defaults to the one supplied with installation package.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/security/fprot.nix>
|
services.frandom.enable
enable the /dev/frandom device (a very fast random number generator)
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/frandom.nix>
|
services.freefall.devices
Device paths to all internal spinning hard drives.
Type:
"list of strings"
Default:
[
"/dev/sda"
]
Declared by:
<nixpkgs/nixos/modules/services/hardware/freefall.nix>
|
services.freefall.enable
Whether to protect HP/Dell laptop hard drives (not SSDs) in free fall.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/freefall.nix>
|
services.freenet.enable
Enable the Freenet daemon
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/freenet.nix>
|
services.freenet.nice
Set the nice level for the Freenet daemon
Type:
"integer"
Default:
10
Declared by:
<nixpkgs/nixos/modules/services/networking/freenet.nix>
|
services.geoclue2.enable
Whether to enable GeoClue 2 daemon, a DBus service that provides location informationfor accessing.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/geoclue2.nix>
|
services.ghostOne.config
Extra configuration options.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/games/ghost-one.nix>
|
services.ghostOne.enable
Enable Ghost-One Warcraft3 game hosting server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/games/ghost-one.nix>
|
services.ghostOne.language
The language of bot messages: English, Spanish, Russian, Serbian or Turkish.
Type:
"string"
Default:
"English"
Declared by:
<nixpkgs/nixos/modules/services/games/ghost-one.nix>
|
services.ghostOne.mappath
The path to the directory where you keep your map files. GHost One doesn't require map files but if it has access to them it can send them to players and automatically calculate most map config values. GHost One will search [bot_mappath + map_localpath] for the map file (map_localpath is set in each map's config file).
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/games/ghost-one.nix>
|
services.ghostOne.war3path
The path to your local Warcraft III directory, which must contain war3.exe, storm.dll, and game.dll.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/games/ghost-one.nix>
|
services.gitDaemon.basePath
Remap all the path requests as relative to the given path. For example, if you set base-path to /srv/git, then if you later try to pull git://example.com/hello.git, Git daemon will interpret the path as /srv/git/hello.git.
Type:
"string"
Default:
""
Example:
"/srv/git/"
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitDaemon.enable
Enable Git daemon, which allows public hosting of git repositories without any access controls. This is mostly intended for read-only access. You can allow write access by setting daemon.receivepack configuration item of the repository to true. This is solely meant for a closed LAN setting where everybody is friendly. If you need any access controls, use something else.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitDaemon.exportAll
Publish all directories that look like Git repositories (have the objects and refs subdirectories), even if they do not have the git-daemon-export-ok file. If disabled, you need to touch .git/git-daemon-export-ok in each repository you want the daemon to publish. Warning: enabling this without a repository whitelist or basePath publishes every git repository you have.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitDaemon.group
Group under which Git daemon would be running.
Type:
"string"
Default:
"git"
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitDaemon.listenAddress
Listen on a specific IP address or hostname.
Type:
"string"
Default:
""
Example:
"example.com"
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitDaemon.options
Extra configuration options to be passed to Git daemon.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitDaemon.port
Port to listen on.
Type:
"integer"
Default:
9418
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitDaemon.repositories
A whitelist of paths of git repositories, or directories containing repositories all of which would be published. Paths must not end in "/". Warning: leaving this empty and enabling exportAll publishes all repositories in your filesystem or basePath if specified.
Type:
"list of strings"
Default:
[
]
Example:
[
"/srv/git" "/home/user/git/repo2"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitDaemon.user
User under which Git daemon would be running.
Type:
"string"
Default:
"git"
Declared by:
<nixpkgs/nixos/modules/services/networking/git-daemon.nix>
|
services.gitlab.backupPath
Gitlab path for backups.
Type:
"string"
Default:
"/var/gitlab/state/backup"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.databaseHost
Gitlab database hostname.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.databaseName
Gitlab database name.
Type:
"string"
Default:
"gitlab"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.databasePassword
Gitlab database user password.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.databaseUsername
Gitlab database user.
Type:
"string"
Default:
"gitlab"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.emailFrom
The source address for emails sent by gitlab.
Type:
"string"
Default:
"example@example.org"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.enable
Enable the gitlab service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.host
Gitlab host name. Used e.g. for copy-paste URLs.
Type:
"string"
Default:
"nixos"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.port
Gitlab server listening port.
Type:
"integer"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.satelliteDir
Gitlab directory to store checked out git trees requires for operation.
Type:
"string"
Default:
"/var/gitlab/git-satellites"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitlab.stateDir
Gitlab state directory, logs are stored here.
Type:
"string"
Default:
"/var/gitlab/state"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitlab.nix>
|
services.gitolite.adminPubkey
Initial administrative public key for Gitolite. This should be an SSH Public Key. Note that this key will only be used once, upon the first initialization of the Gitolite user. The key string cannot have any line breaks in it.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitolite.nix>
|
services.gitolite.commonHooks
A list of custom git hooks that get copied to ~/.gitolite/hooks/common
.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/misc/gitolite.nix>
|
services.gitolite.dataDir
Gitolite home directory (used to store all the repositories).
Type:
"string"
Default:
"/var/lib/gitolite"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitolite.nix>
|
services.gitolite.enable
Enable gitolite management under the
gitolite
user. After
switching to a configuration with Gitolite enabled, you can
then run git clone
gitolite@host:gitolite-admin.git
to manage it further.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/gitolite.nix>
|
services.gitolite.user
Gitolite user account. This is the username of the gitolite endpoint.
Type:
"string"
Default:
"gitolite"
Declared by:
<nixpkgs/nixos/modules/services/misc/gitolite.nix>
|
services.gnome3.at-spi2-core.enable
Whether to enable at-spi2-core, a service for the Assistive Technologies available on the GNOME platform.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/at-spi2-core.nix>
|
services.gnome3.evolution-data-server.enable
Whether to enable Evolution Data Server, a collection of services for storing addressbooks and calendars.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/evolution-data-server.nix>
|
services.gnome3.gnome-documents.enable
Whether to enable GNOME Documents services, a document manager application for GNOME.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/gnome-documents.nix>
|
services.gnome3.gnome-keyring.enable
Whether to enable GNOME Keyring daemon, a service designed to take care of the user's security credentials, such as user names and passwordsa search engine.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/gnome-keyring.nix>
|
services.gnome3.gnome-online-accounts.enable
Whether to enable GNOME Online Accounts daemon, a service that provides a single sign-on framework for the GNOME desktop.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/gnome-online-accounts.nix>
|
services.gnome3.gnome-online-miners.enable
Whether to enable GNOME Online Miners, a service that crawls through your online content.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/gnome-online-miners.nix>
|
services.gnome3.gnome-user-share.enable
Whether to enable GNOME User Share, a service that exports the contents of the Public folder in your home directory on the local network.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/gnome-user-share.nix>
|
services.gnome3.gvfs.enable
Whether to enable gvfs backends, userspace virtual filesystem used by GNOME components via D-Bus.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/gvfs.nix>
|
services.gnome3.seahorse.enable
Whether to enable Seahorse search provider for the GNOME Shell activity search.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/seahorse.nix>
|
services.gnome3.sushi.enable
Whether to enable Sushi, a quick previewer for nautilus.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/sushi.nix>
|
services.gnome3.tracker.enable
Whether to enable Tracker services, a search engine, search tool and metadata storage system.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/gnome3/tracker.nix>
|
services.gnunet.enable
Whether to run the GNUnet daemon. GNUnet is GNU's anonymous peer-to-peer communication and file sharing framework.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/gnunet.nix>
|
services.gnunet.extraOptions
Additional options that will be copied verbatim in `gnunet.conf'. See `gnunet.conf(5)' for details.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/gnunet.nix>
|
services.gnunet.fileSharing.quota
Maximum file system usage (in MiB) for file sharing.
Type:
"unspecified"
Default:
1024
Declared by:
<nixpkgs/nixos/modules/services/networking/gnunet.nix>
|
services.gnunet.load.hardNetUpBandwidth
Hard bandwidth limit (in bits per second) when uploading data.
Type:
"unspecified"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/networking/gnunet.nix>
|
services.gnunet.load.maxNetDownBandwidth
Maximum bandwidth usage (in bits per second) for GNUnet when downloading data.
Type:
"unspecified"
Default:
50000
Declared by:
<nixpkgs/nixos/modules/services/networking/gnunet.nix>
|
services.gnunet.load.maxNetUpBandwidth
Maximum bandwidth usage (in bits per second) for GNUnet when downloading data.
Type:
"unspecified"
Default:
50000
Declared by:
<nixpkgs/nixos/modules/services/networking/gnunet.nix>
|
services.gnunet.tcp.port
The TCP port for use by GNUnet.
Type:
"unspecified"
Default:
2086
Declared by:
<nixpkgs/nixos/modules/services/networking/gnunet.nix>
|
services.gnunet.udp.port
The UDP port for use by GNUnet.
Type:
"unspecified"
Default:
2086
Declared by:
<nixpkgs/nixos/modules/services/networking/gnunet.nix>
|
services.gogoclient.autorun
Whether to automatically start the tunnel.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/gogoclient.nix>
|
services.gogoclient.enable
Enable the gogoCLIENT IPv6 tunnel.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/gogoclient.nix>
|
services.gogoclient.password
Path to a file (as a string), containing your gogoNET password, if any.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/gogoclient.nix>
|
services.gogoclient.server
The Gateway6 server to be used.
Type:
"unspecified"
Default:
"anonymous.freenet6.net"
Example:
"broker.freenet6.net"
Declared by:
<nixpkgs/nixos/modules/services/networking/gogoclient.nix>
|
services.gogoclient.username
Your Gateway6 login name, if any.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/gogoclient.nix>
|
services.gpm.enable
Whether to enable GPM, the General Purpose Mouse daemon, which enables mouse support in virtual consoles.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/ttys/gpm.nix>
|
services.gpm.protocol
Mouse protocol to use.
Type:
"string"
Default:
"ps/2"
Declared by:
<nixpkgs/nixos/modules/services/ttys/gpm.nix>
|
services.gpsd.debugLevel
The debugging level.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/misc/gpsd.nix>
|
services.gpsd.device
A device may be a local serial device for GPS input, or a URL of the form:
[{dgpsip|ntrip}://][user:passwd@]host[:port][/stream]
in which case it specifies an input source for DGPS or ntrip data.
Type:
"string"
Default:
"/dev/ttyUSB0"
Declared by:
<nixpkgs/nixos/modules/services/misc/gpsd.nix>
|
services.gpsd.enable
Whether to enable `gpsd', a GPS service daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/gpsd.nix>
|
services.gpsd.port
The port where to listen for TCP connections.
Type:
"integer"
Default:
2947
Declared by:
<nixpkgs/nixos/modules/services/misc/gpsd.nix>
|
services.gpsd.readonly
Whether to enable the broken-device-safety, otherwise known as read-only mode. Some popular bluetooth and USB receivers lock up or become totally inaccessible when probed or reconfigured. This switch prevents gpsd from writing to a receiver. This means that gpsd cannot configure the receiver for optimal performance, but it also means that gpsd cannot break the receiver. A better solution would be for Bluetooth to not be so fragile. A platform independent method to identify serial-over-Bluetooth devices would also be nice.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/gpsd.nix>
|
services.graphite.api.enable
Whether to enable graphite api. Graphite api is lightweight alternative to graphite web, with api and without dashboard. It's advised to use grafana as alternative dashboard and influxdb as alternative to graphite carbon. For more information visit http://graphite-api.readthedocs.org/en/latest/
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.api.extraConfig
Extra configuration for graphite api.
Type:
"string"
Default:
'' whisper: directories: - /var/db/graphite/whisper ''
Example:
allowed_origins: - dashboard.example.com cheat_times: true influxdb: host: localhost port: 8086 user: influxdb pass: influxdb db: metrics cache: CACHE_TYPE: 'filesystem' CACHE_DIR: '/tmp/graphite-api-cache'
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.api.finders
List of finder plugins to load.
Type:
"list of derivations"
Default:
[
]
Example:
[
(build of python2.7-graphite-influxdb-0.3)
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.api.functions
List of functions to load.
Type:
"list of strings"
Default:
[
"graphite_api.functions.SeriesFunctions" "graphite_api.functions.PieFunctions"
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.api.host
Graphite web service listen address.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.api.port
Graphite api service port.
Type:
"integer"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.aggregationRules
Defines if and how received metrics will be agregated.
Type:
"null or string"
Default:
null
Example:
'' <env>.applications.<app>.all.requests (60) = sum <env>.applications.<app>.*.requests <env>.applications.<app>.all.latency (60) = avg <env>.applications.<app>.*.latency ''
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.blacklist
Any metrics received which match one of the experssions will be dropped.
Type:
"null or string"
Default:
null
Example:
"^some.noisy.metric.prefix..*"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.config
Content of carbon configuration file.
Type:
"string"
Default:
'' [cache] # Listen on localhost by default for security reasons UDP_RECEIVER_INTERFACE = 127.0.0.1 PICKLE_RECEIVER_INTERFACE = 127.0.0.1 LINE_RECEIVER_INTERFACE = 127.0.0.1 CACHE_QUERY_INTERFACE = 127.0.0.1 # Do not log every update LOG_UPDATES = False LOG_CACHE_HITS = False ''
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.enableAggregator
Whether to enable carbon agregator, the carbon buffering service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.enableCache
Whether to enable carbon cache, the graphite storage daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.enableRelay
Whether to enable carbon relay, the carbon replication and sharding service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.relayRules
Relay rules are used to send certain metrics to a certain backend.
Type:
"null or string"
Default:
null
Example:
'' [example] pattern = ^mydata\.foo\..+ servers = 10.1.2.3, 10.1.2.4:2004, myserver.mydomain.com ''
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.rewriteRules
Regular expression patterns that can be used to rewrite metric names in a search and replace fashion.
Type:
"null or string"
Default:
null
Example:
'' [post] _sum$ = _avg$ = ''
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.storageAggregation
Defines how to aggregate data to lower-precision retentions.
Type:
"null or string"
Default:
null
Example:
'' [all_min] pattern = \.min$ xFilesFactor = 0.1 aggregationMethod = min ''
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.storageSchemas
Defines retention rates for storing metrics.
Type:
"null or string"
Default:
""
Example:
'' [apache_busyWorkers] pattern = ^servers\.www.*\.workers\.busyWorkers$ retentions = 15s:7d,1m:21d,15m:5y ''
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.carbon.whitelist
Only metrics received which match one of the experssions will be persisted.
Type:
"null or string"
Default:
null
Example:
".*"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.dataDir
Data directory for graphite.
Type:
"path"
Default:
"/var/db/graphite"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.pager.alerts
Alerts configuration for graphite-pager.
Type:
"string"
Default:
'' alerts: - target: constantLine(100) warning: 90 critical: 200 name: Test ''
Example:
pushbullet_key: pushbullet_api_key alerts: - target: stats.seatgeek.app.deal_quality.venue_info_cache.hit warning: .5 critical: 1 name: Deal quality venue cache hits
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.pager.enable
Whether to enable graphite-pager service. For more information visit https://github.com/seatgeek/graphite-pager
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.pager.graphiteUrl
URL to your graphite service.
Type:
"string"
Default:
"http://127.0.0.1:8080"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.pager.redisUrl
Redis connection string.
Type:
"string"
Default:
"redis://localhost:6379/"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.seyren.enable
Whether to enable seyren service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.seyren.extraConfig
Extra seyren configuration. See https://github.com/scobal/seyren#config
Type:
"attribute set of strings"
Default:
{
}
Example:
{ GRAPHITE_USERNAME = "user"; GRAPHITE_PASSWORD = "pass"; }
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.seyren.graphiteUrl
Host where graphite service runs.
Type:
"string"
Default:
"http://127.0.0.1:8080"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.seyren.mongoUrl
Mongodb connection string.
Type:
"string"
Default:
"mongodb://127.0.0.1:27017/seyren"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.seyren.port
Seyren listening port.
Type:
"integer"
Default:
8081
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.seyren.seyrenUrl
Host where seyren is accessible.
Type:
"string"
Default:
"http://localhost:8081/"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.web.enable
Whether to enable graphite web frontend.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.web.host
Graphite web frontend listen address.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.graphite.web.port
Graphite web frontend port.
Type:
"integer"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/monitoring/graphite.nix>
|
services.gvpe.configFile
GVPE config file, if already present
Type:
"unspecified"
Default:
null
Example:
"/root/my-gvpe-conf"
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.gvpe.configText
GVPE config contents
Type:
"unspecified"
Default:
null
Example:
'' tcp-port = 655 udp-port = 655 mtu = 1480 ifname = vpn0 node = alpha hostname = alpha.example.org connect = always enable-udp = true enable-tcp = true on alpha if-up = if-up-0 on alpha pid-file = /var/gvpe/gvpe.pid ''
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.gvpe.customIFSetup
Additional commands to apply in ifup script
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.gvpe.enable
Whether to run gvpe
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.gvpe.ipAddress
IP address to assign to GVPE interface
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.gvpe.nodename
GVPE node name
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.gvpe.startOn
Condition to start GVPE
Type:
"unspecified"
Default:
"started network-interfaces"
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.gvpe.stopOn
Condition to stop GVPE
Type:
"unspecified"
Default:
"stopping network-interfaces"
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.gvpe.subnet
IP subnet assigned to GVPE network
Type:
"unspecified"
Default:
null
Example:
"10.0.0.0/8"
Declared by:
<nixpkgs/nixos/modules/services/networking/gvpe.nix>
|
services.haproxy.config
Contents of the HAProxy configuration file,
haproxy.conf
.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/haproxy.nix>
|
services.haproxy.enable
Whether to enable HAProxy, the reliable, high performance TCP/HTTP load balancer.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/haproxy.nix>
|
services.hardware.pommed.configFile
The path to the pommed.conf
file.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/services/hardware/pommed.nix>
|
services.hardware.pommed.enable
Whether to use the pommed tool to handle Apple laptop keyboard hotkeys.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/pommed.nix>
|
services.haveged.enable
Whether to enable to haveged entropy daemon, which refills /dev/random when low.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/haveged.nix>
|
services.haveged.refill_threshold
The number of bits of available entropy beneath which haveged should refill the entropy pool.
Type:
"integer"
Default:
1024
Declared by:
<nixpkgs/nixos/modules/services/security/haveged.nix>
|
services.hbase.dataDir
Specifies location of HBase database files. This location should be writable and readable for the user the HBase service runs as (hbase by default).
Type:
"path"
Default:
"/var/lib/hbase"
Declared by:
<nixpkgs/nixos/modules/services/databases/hbase.nix>
|
services.hbase.enable
Whether to run HBase.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/hbase.nix>
|
services.hbase.group
Group account under which HBase runs.
Type:
"string"
Default:
"hbase"
Declared by:
<nixpkgs/nixos/modules/services/databases/hbase.nix>
|
services.hbase.logDir
Specifies the location of HBase log files.
Type:
"path"
Default:
"/var/log/hbase"
Declared by:
<nixpkgs/nixos/modules/services/databases/hbase.nix>
|
services.hbase.user
User account under which HBase runs.
Type:
"string"
Default:
"hbase"
Declared by:
<nixpkgs/nixos/modules/services/databases/hbase.nix>
|
services.hostapd.channel
Channel number (IEEE 802.11) Please note that some drivers do not use this value from hostapd and the channel will need to be configured separately with iwconfig.
Type:
"integer"
Default:
7
Example:
11
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.driver
Which driver hostapd will use. Most things will probably use the default.
Type:
"string"
Default:
"nl80211"
Example:
"hostapd"
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.enable
Enable putting a wireless interface into infrastructure mode, allowing other wireless devices to associate with the wireless interface and do wireless networking. A simple access point will enable hostapd.wpa, and hostapd.wpa_passphrase, hostapd.ssid, dhcpd on the wireless interface to provide IP addresses to the associated stations, and nat (from the wireless interface to an upstream interface).
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.extraCfg
Extra configuration options to put in the hostapd.conf
Type:
"string"
Default:
""
Example:
'' auth_algo=0 ieee80211n=1 ht_capab=[HT40-][SHORT-GI-40][DSSS_CCK-40] ''
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.group
members of this group can control hostapd
Type:
"string"
Default:
"wheel"
Example:
"network"
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.hwMode
Operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g
Type:
"string"
Default:
"b"
Example:
"g"
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.interface
The interfaces hostapd will use.
Type:
"unspecified"
Default:
""
Example:
"wlan0"
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.ssid
SSID to be used in IEEE 802.11 management frames.
Type:
"string"
Default:
"nixos"
Example:
"mySpecialSSID"
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.wpa
enable WPA (IEEE 802.11i/D3.0) to authenticate to the access point
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.hostapd.wpaPassphrase
WPA-PSK (pre-shared-key) passphrase. Clients will need this passphrase to associate with this access point. Warning: This passphrase will get put into a world-readable file in the nix store.
Type:
"string"
Default:
"my_sekret"
Example:
"any_64_char_string"
Declared by:
<nixpkgs/nixos/modules/services/networking/hostapd.nix>
|
services.httpd.adminAddr
E-mail address of the server administrator.
Type:
"null or string"
Example:
"admin@example.org"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.configFile
Override the configuration file used by Apache. By default, NixOS generates one automatically.
Type:
"path"
Default:
(build of httpd.conf)
Example:
pkgs.writeText "httpd.conf" "# my custom config file ...";
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.documentRoot
The path of Apache's document root directory. If left undefined, an empty directory in the Nix store will be used as root.
Type:
"null or path"
Default:
null
Example:
"/data/webserver/docs"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.enable
Whether to enable the Apache HTTP Server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.enablePHP
Whether to enable the PHP module.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.enableSSL
Whether to enable SSL (https) support.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.enableUserDir
Whether to enable serving ~/public_html
as
/~
.
username
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.extraConfig
These lines go to httpd.conf verbatim. They will go after directories and directory aliases defined by default.
Type:
"string"
Default:
""
Example:
'' <Directory /home> Options FollowSymlinks AllowOverride All </Directory> ''
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.extraModules
Additional Apache modules to be used. These can be
specified as a string in the case of modules distributed
with Apache, or as an attribute set specifying the
name
and path
of the
module.
Type:
"list of unspecifieds"
Default:
[
]
Example:
[ "proxy_connect" { name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; } ]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.extraSubservices
Extra subservices to enable in the webserver.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.globalRedirect
If set, all requests for this host are redirected permanently to the given URL.
Type:
"null or string"
Default:
null
Example:
"http://newserver.example.org/"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.group
Group under which httpd runs. The account is created automatically if it doesn't exist.
Type:
"string"
Default:
"wwwrun"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.hostName
Canonical hostname for the server.
Type:
"string"
Default:
"localhost"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.logDir
Directory for Apache's log files. It is created automatically.
Type:
"path"
Default:
"/var/log/httpd"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.logFormat
Log format for Apache's log files. Possible values are: combined, common, referer, agent.
Type:
"string"
Default:
"common"
Example:
"combined"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.logPerVirtualHost
If enabled, each virtual host gets its own
access_log
and
error_log
, namely suffixed by the
hostName
of the virtual host.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.maxClients
Maximum number of httpd processes (prefork)
Type:
"integer"
Default:
150
Example:
8
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.maxRequestsPerChild
Maximum number of httpd requests answered per httpd child (prefork), 0 means unlimited
Type:
"integer"
Default:
0
Example:
500
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.multiProcessingModule
Multi-processing module to be used by Apache. Available
modules are prefork
(the default;
handles each request in a separate child process),
worker
(hybrid approach that starts a
number of child processes each running a number of
threads) and event
(a recent variant of
worker
that handles persistent
connections more efficiently).
Type:
"string"
Default:
"prefork"
Example:
"worker"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.phpOptions
Options appended to the PHP configuration file php.ini
.
Type:
"string"
Default:
""
Example:
'' date.timezone = "CET" ''
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.port
Port for the server. 0 means use the default port: 80 for http and 443 for https (i.e. when enableSSL is set).
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.robotsEntries
Specification of pages to be ignored by web crawlers. See http://www.robotstxt.org/ for details.
Type:
"string"
Default:
""
Example:
"Disallow: /foo/"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.servedDirs
This option provides a simple way to serve static directories.
Type:
"list of attribute sets"
Default:
[
]
Example:
[
{
dir = "/home/eelco/Dev/nix-homepage"; urlPath = "/nix";
}
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.servedFiles
This option provides a simple way to serve individual, static files.
Type:
"list of attribute sets"
Default:
[
]
Example:
[
{
dir = "/home/eelco/some-file.png"; urlPath = "/foo/bar.png";
}
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.serverAliases
Additional names of virtual hosts served by this virtual host configuration.
Type:
"list of strings"
Default:
[
]
Example:
[
"www.example.org" "www.example.org:8080" "example.org"
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.sslServerCert
Path to server SSL certificate.
Type:
"null or path"
Default:
null
Example:
"/var/host.cert"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.sslServerChain
Path to server SSL chain file.
Type:
"path"
Example:
"/var/ca.pem"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.sslServerKey
Path to server SSL certificate key.
Type:
"path"
Example:
"/var/host.key"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.stateDir
Directory for Apache's transient runtime state (such as PID
files). It is created automatically. Note that the default,
/run/httpd
, is deleted at boot time.
Type:
"path"
Default:
"/run/httpd"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.user
User account under which httpd runs. The account is created automatically if it doesn't exist.
Type:
"string"
Default:
"wwwrun"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts
Specification of the virtual hosts served by Apache. Each element should be an attribute set specifying the configuration of the virtual host. The available options are the non-global options permissible for the main host.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
documentRoot = "/data/webroot-foo"; hostName = "foo";
}
{
documentRoot = "/data/webroot-bar"; hostName = "bar";
}
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.adminAddr
E-mail address of the server administrator.
Type:
"null or string"
Default:
null
Example:
"admin@example.org"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.documentRoot
The path of Apache's document root directory. If left undefined, an empty directory in the Nix store will be used as root.
Type:
"null or path"
Default:
null
Example:
"/data/webserver/docs"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.enableSSL
Whether to enable SSL (https) support.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.enableUserDir
Whether to enable serving ~/public_html
as
/~
.
username
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.extraConfig
These lines go to httpd.conf verbatim. They will go after directories and directory aliases defined by default.
Type:
"string"
Default:
""
Example:
'' <Directory /home> Options FollowSymlinks AllowOverride All </Directory> ''
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.extraSubservices
Extra subservices to enable in the webserver.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.globalRedirect
If set, all requests for this host are redirected permanently to the given URL.
Type:
"null or string"
Default:
null
Example:
"http://newserver.example.org/"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.hostName
Canonical hostname for the server.
Type:
"string"
Default:
"localhost"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.logFormat
Log format for Apache's log files. Possible values are: combined, common, referer, agent.
Type:
"string"
Default:
"common"
Example:
"combined"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.port
Port for the server. 0 means use the default port: 80 for http and 443 for https (i.e. when enableSSL is set).
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.robotsEntries
Specification of pages to be ignored by web crawlers. See http://www.robotstxt.org/ for details.
Type:
"string"
Default:
""
Example:
"Disallow: /foo/"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.servedDirs
This option provides a simple way to serve static directories.
Type:
"list of attribute sets"
Default:
[
]
Example:
[
{
dir = "/home/eelco/Dev/nix-homepage"; urlPath = "/nix";
}
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.servedFiles
This option provides a simple way to serve individual, static files.
Type:
"list of attribute sets"
Default:
[
]
Example:
[
{
dir = "/home/eelco/some-file.png"; urlPath = "/foo/bar.png";
}
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.serverAliases
Additional names of virtual hosts served by this virtual host configuration.
Type:
"list of strings"
Default:
[
]
Example:
[
"www.example.org" "www.example.org:8080" "example.org"
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.sslServerCert
Path to server SSL certificate.
Type:
"null or path"
Default:
null
Example:
"/var/host.cert"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.sslServerChain
Path to server SSL chain file.
Type:
"path"
Example:
"/var/ca.pem"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.httpd.virtualHosts.*.sslServerKey
Path to server SSL certificate key.
Type:
"path"
Example:
"/var/host.key"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix>
|
services.i2pd.eep.host
Address to forward incoming traffic to. 127.0.0.1 by default.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.eep.keyFile
File name containing destination keys. privKeys.dat by default.
Type:
"string"
Default:
"privKeys.dat"
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.eep.port
Port to forward incoming traffic to. 80 by default.
Type:
"integer"
Default:
80
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.enable
Enables I2Pd as a running service upon activation.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.enableIPv6
Enables IPv6 connectivity. Disabled by default.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.extIp
Your external IP.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.http.port
HTTP listen port.
Type:
"integer"
Default:
7070
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.irc.dest
Destination I2P tunnel endpoint address of IRC server. irc.postman.i2p by default.
Type:
"string"
Default:
"irc.postman.i2p"
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.irc.keyFile
File name containing destination keys. privKeys.dat by default.
Type:
"string"
Default:
"privKeys.dat"
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.irc.port
Local IRC tunnel endoint port to listen on. 6668 by default.
Type:
"integer"
Default:
6668
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.port
I2P listen port. If no one is given the router will pick between 9111 and 30777.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.proxy.httpPort
HTTP proxy listen port.
Type:
"integer"
Default:
4446
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.proxy.socksPort
SOCKS proxy listen port.
Type:
"integer"
Default:
4447
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.sam.port
Local SAM tunnel endpoint. Usually 7656. SAM is disabled if not specified.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.i2pd.unreachable
If the router is declared to be unreachable and needs introduction nodes.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/i2pd.nix>
|
services.icecast.admin.password
Password used for all administration functions.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.admin.user
Username used for all administration functions.
Type:
"string"
Default:
"admin"
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.enable
Whether to enable Icecast server.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.extraConf
icecast.xml content.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.group
Group privileges for the server.
Type:
"string"
Default:
"nogroup"
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.hostname
DNS name or IP address that will be used for the stream directory lookups or possibily the playlist generation if a Host header is not provided.
Type:
"string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.listen.address
Address Icecast will listen on.
Type:
"string"
Default:
"::"
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.listen.port
TCP port that will be used to accept client connections.
Type:
"integer"
Default:
8000
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.logDir
Base directory used for logging.
Type:
"path"
Default:
"/var/log/icecast"
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.icecast.user
User privileges for the server.
Type:
"string"
Default:
"nobody"
Declared by:
<nixpkgs/nixos/modules/services/audio/icecast.nix>
|
services.influxdb.adminPort
The port where influxdb admin listens
Type:
"integer"
Default:
8083
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.apiExtraConfig
Extra influxdb api configuration
Type:
"string"
Default:
'' read-timeout = "5s" ''
Example:
'' ssl-port = 8084 ssl-cert = /path/to/cert.pem read-timeout = "5s" ''
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.apiPort
The port where influxdb api listens
Type:
"integer"
Default:
8086
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.bindAddress
Address where influxdb listens
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.clusterConfig
Influxdb cluster configuration
Type:
"string"
Default:
'' protobuf_port = 8099 protobuf_timeout = "2s" protobuf_heartbeat = "200ms" protobuf_min_backoff = "1s" protobuf_max_backoff = "10s" write-buffer-size = 10000 max-response-buffer-size = 100 concurrent-shard-query-limit = 10 ''
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.dataDir
Data directory for influxd data files.
Type:
"path"
Default:
"/var/db/influxdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.enable
Whether to enable the influxdb server
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.extraConfig
Extra configuration options for influxdb
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.group
Group under which influxdb runs
Type:
"string"
Default:
"influxdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.inputPluginsConfig
Configuration of influxdb extra plugins
Type:
"unspecified"
Default:
""
Example:
'' [input_plugins.graphite] enabled = true port = 2003 database = "graphite" ''
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.leveldbConfig
Influxdb leveldb configuration
Type:
"string"
Default:
'' max-open-files = 40 lru-cache-size = "200m" max-open-shards = 0 point-batch-size = 100 write-batch-size = 5000000 ''
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.raftConfig
Influxdb raft configuration
Type:
"string"
Default:
'' port = 8090 ''
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.shardingConfig
Influxdb sharding configuration
Type:
"string"
Default:
'' replication-factor = 1 [sharding.short-term] duration = "7d" split = 1 [sharding.long-term] duration = "30d" split = 1 ''
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.storageConfig
Influxdb raft configuration
Type:
"string"
Default:
'' write-buffer-size = 10000 ''
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.user
User account under which influxdb runs
Type:
"string"
Default:
"influxdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.influxdb.walConfig
Influxdb write-ahead log configuration
Type:
"string"
Default:
'' flush-after = 1000 bookmark-after = 1000 index-after = 1000 requests-per-logfile = 10000 ''
Declared by:
<nixpkgs/nixos/modules/services/databases/influxdb.nix>
|
services.iodined.client
Start iodine in client mode
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/iodined.nix>
|
services.iodined.domain
Domain or subdomain of which nameservers point to us
Type:
"string"
Default:
""
Example:
"tunnel.mydomain.com"
Declared by:
<nixpkgs/nixos/modules/services/networking/iodined.nix>
|
services.iodined.enable
Enable iodine, ip over dns daemon
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/iodined.nix>
|
services.iodined.extraConfig
Additional command line parameters
Type:
"string"
Default:
""
Example:
"-P mysecurepassword -l 192.168.1.10 -p 23"
Declared by:
<nixpkgs/nixos/modules/services/networking/iodined.nix>
|
services.iodined.ip
Assigned ip address or ip range
Type:
"string"
Default:
""
Example:
"172.16.10.1/24"
Declared by:
<nixpkgs/nixos/modules/services/networking/iodined.nix>
|
services.ircdHybrid.adminEmail
IRCD server administrator e-mail.
Type:
"unspecified"
Default:
"<bit-bucket@example.com>"
Example:
"<name@domain.tld>"
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.ircdHybrid.certificate
IRCD server SSL certificate. There are some limitations - read manual.
Type:
"unspecified"
Default:
null
Example:
/root/certificates/irc.pem
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.ircdHybrid.description
IRCD server description.
Type:
"unspecified"
Default:
"Hybrid-7 IRC server."
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.ircdHybrid.enable
Enable IRCD.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.ircdHybrid.extraIPs
Extra IP's to bind.
Type:
"unspecified"
Default:
[
]
Example:
[
"127.0.0.1"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.ircdHybrid.extraPort
Extra port to avoid filtering.
Type:
"unspecified"
Default:
"7117"
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.ircdHybrid.rsaKey
IRCD server RSA key.
Type:
"unspecified"
Default:
null
Example:
/root/certificates/irc.key
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.ircdHybrid.serverName
IRCD server name.
Type:
"unspecified"
Default:
"hades.arpa"
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.ircdHybrid.sid
IRCD server unique ID in a net of servers.
Type:
"unspecified"
Default:
"0NL"
Declared by:
<nixpkgs/nixos/modules/services/networking/ircd-hybrid/default.nix>
|
services.jboss.deployDir
Location of the deployment files
Type:
"unspecified"
Default:
"/nix/var/nix/profiles/default/server/default/deploy/"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/jboss/default.nix>
|
services.jboss.enable
Whether to enable jboss
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/jboss/default.nix>
|
services.jboss.libUrl
Location where the shared library JARs are stored
Type:
"unspecified"
Default:
"file:///nix/var/nix/profiles/default/server/default/lib"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/jboss/default.nix>
|
services.jboss.logDir
Location of the logfile directory of JBoss
Type:
"unspecified"
Default:
"/var/log/jboss"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/jboss/default.nix>
|
services.jboss.serverDir
Location of the server instance files
Type:
"unspecified"
Default:
"/var/jboss/server"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/jboss/default.nix>
|
services.jboss.tempDir
Location where JBoss stores its temp files
Type:
"unspecified"
Default:
"/tmp"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/jboss/default.nix>
|
services.jboss.useJK
Whether to use to connector to the Apache HTTP server
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/jboss/default.nix>
|
services.jboss.user
User account under which jboss runs.
Type:
"unspecified"
Default:
"nobody"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/jboss/default.nix>
|
services.jenkins.enable
Whether to enable the jenkins continuous integration server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkins.environment
Additional environment variables to be passed to the jenkins process. The environment will always include JENKINS_HOME.
Type:
"attribute set of strings"
Default:
{
NIX_REMOTE = "daemon";
}
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkins.extraGroups
List of extra groups that the "jenkins" user should be a part of.
Type:
"list of strings"
Default:
[
]
Example:
[
"wheel" "dialout"
]
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkins.extraOptions
Additional command line arguments to pass to Jenkins.
Type:
"list of strings"
Default:
[
]
Example:
[
"--debug=9" "--httpListenAddress=localhost"
]
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkins.group
If the default user "jenkins" is configured then this is the primary group of that user.
Type:
"string"
Default:
"jenkins"
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkins.home
The path to use as JENKINS_HOME. If the default user "jenkins" is configured then this is the home of the "jenkins" user.
Type:
"path"
Default:
"/var/lib/jenkins"
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkins.packages
Packages to add to PATH for the jenkins process.
Type:
"list of derivations"
Default:
[
(build of stdenv)
(build of git-minimal-2.3.5)
(build of icedtea7-2.5.4)
(build of )
(build of nix-1.8)
]
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkins.port
Specifies port number on which the jenkins HTTP interface listens. The default is 8080.
Type:
"integer"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkins.user
User the jenkins server should execute under.
Type:
"string"
Default:
"jenkins"
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/default.nix>
|
services.jenkinsSlave.enable
If true the system will be configured to work as a jenkins slave. If the system is also configured to work as a jenkins master then this has no effect. In progress: Currently only assures the jenkins user is configured.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/slave.nix>
|
services.jenkinsSlave.group
If the default slave agent user "jenkins" is configured then this is the primary group of that user.
Type:
"string"
Default:
"jenkins"
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/slave.nix>
|
services.jenkinsSlave.home
The path to use as JENKINS_HOME. If the default user "jenkins" is configured then this is the home of the "jenkins" user.
Type:
"path"
Default:
"/var/lib/jenkins"
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/slave.nix>
|
services.jenkinsSlave.user
User the jenkins slave agent should execute under.
Type:
"string"
Default:
"jenkins"
Declared by:
<nixpkgs/nixos/modules/services/continuous-integration/jenkins/slave.nix>
|
services.journald.console
If non-empty, write log messages to the specified TTY device.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
services.journald.enableHttpGateway
Whether to enable the HTTP gateway to the journal.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
services.journald.extraConfig
Extra config options for systemd-journald. See man journald.conf for available options.
Type:
"string"
Default:
""
Example:
"Storage=volatile"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
services.journald.rateLimitBurst
Configures the rate limiting burst limit (number of messages per interval) that is applied to all messages generated on the system. This rate limiting is applied per-service, so that two services which log do not interfere with each other's limit.
Type:
"integer"
Default:
100
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
services.journald.rateLimitInterval
Configures the rate limiting interval that is applied to all messages generated on the system. This rate limiting is applied per-service, so that two services which log do not interfere with each other's limit. The value may be specified in the following units: s, min, h, ms, us. To turn off any kind of rate limiting, set either value to 0.
Type:
"string"
Default:
"10s"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
services.kerberos_server.enable
Enable the kerberos authentification server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/system/kerberos.nix>
|
services.kippo.enable
Enable the kippo honeypot ssh server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/kippo.nix>
|
services.kippo.extraConfig
Extra verbatim configuration added to the end of kippo.cfg.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/kippo.nix>
|
services.kippo.hostname
Hostname for kippo to present to SSH login
Type:
"string"
Default:
"nas3"
Declared by:
<nixpkgs/nixos/modules/services/networking/kippo.nix>
|
services.kippo.logPath
Path of log files needed for operation and configuration.
Type:
"string"
Default:
"/var/log/kippo"
Declared by:
<nixpkgs/nixos/modules/services/networking/kippo.nix>
|
services.kippo.pidPath
Path of pid files needed for operation.
Type:
"string"
Default:
"/run/kippo"
Declared by:
<nixpkgs/nixos/modules/services/networking/kippo.nix>
|
services.kippo.port
TCP port number for kippo to bind to.
Type:
"integer"
Default:
2222
Declared by:
<nixpkgs/nixos/modules/services/networking/kippo.nix>
|
services.kippo.varPath
Path of read/write files needed for operation and configuration.
Type:
"string"
Default:
"/var/lib/kippo"
Declared by:
<nixpkgs/nixos/modules/services/networking/kippo.nix>
|
services.klogd.enable
Whether to enable klogd, the kernel log message processing daemon. Since systemd handles logging of kernel messages on Linux 3.5 and later, this is only useful if you're running an older kernel.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/klogd.nix>
|
services.kmscon.enable
Use kmscon as the virtual console instead of gettys. kmscon is a kms/dri-based userspace virtual terminal implementation. It supports a richer feature set than the standard linux console VT, including full unicode support, and when the video card supports drm should be much faster.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/ttys/kmscon.nix>
|
services.kmscon.extraConfig
Extra contents of the kmscon.conf file.
Type:
"string"
Default:
""
Example:
"font-size=14"
Declared by:
<nixpkgs/nixos/modules/services/ttys/kmscon.nix>
|
services.kmscon.hwRender
Whether to use 3D hardware acceleration to render the console.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/ttys/kmscon.nix>
|
services.kubernetes.apiserver.address
Kubernetes apiserver listening address.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.allowPrivileged
Whether to allow privileged containers on kubernetes.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.authorizationMode
Kubernetes apiserver authorization mode (AlwaysAllow/AlwaysDeny/ABAC). See https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/authorization.md
Type:
"one of AlwaysAllow, AlwaysDeny, ABAC"
Default:
"AlwaysAllow"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.authorizationPolicy
Kubernetes apiserver authorization policy file. See https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/authorization.md
Type:
"list of attribute sets"
Default:
[
]
Example:
[ {user = "admin";} {user = "scheduler"; readonly = true; kind= "pods";} {user = "scheduler"; kind = "bindings";} {user = "kubelet"; readonly = true; kind = "bindings";} {user = "kubelet"; kind = "events";} {user= "alice"; ns = "projectCaribou";} {user = "bob"; readonly = true; ns = "projectCaribou";} ]
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.enable
Whether to enable kubernetes apiserver.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.extraOpts
Kubernetes apiserver extra command line options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.port
Kubernets apiserver listening port.
Type:
"integer"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.portalNet
Kubernetes CIDR notation IP range from which to assign portal IPs
Type:
"string"
Default:
"10.10.10.10/16"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.publicAddress
Kubernetes apiserver public listening address used for read only and secure port.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.readOnlyPort
Kubernets apiserver read-only port.
Type:
"integer"
Default:
7080
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.securePort
Kubernetes apiserver secure port.
Type:
"integer"
Default:
6443
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.tlsCertFile
Kubernetes apiserver certificate file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.tlsPrivateKeyFile
Kubernetes apiserver private key file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.apiserver.tokenAuth
Kubernetes apiserver token authentication file. See https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/authentication.md
Type:
"attribute set of strings"
Default:
{
}
Example:
{ alice = "abc123"; bob = "xyz987"; }
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.controllerManager.address
Kubernetes controller manager listening address.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.controllerManager.enable
Whether to enable kubernetes controller manager.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.controllerManager.extraOpts
Kubernetes controller extra command line options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.controllerManager.machines
Kubernetes controller list of machines to schedule to schedule onto
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.controllerManager.master
Kubernetes apiserver address
Type:
"string"
Default:
"127.0.0.1:8080"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.controllerManager.port
Kubernets controller manager listening port.
Type:
"integer"
Default:
10252
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.dataDir
Kubernetes root directory for managing kubelet files.
Type:
"path"
Default:
"/var/lib/kubernetes"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.dockerCfg
Kubernetes contents of dockercfg file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.etcdServers
Kubernetes list of etcd servers to watch.
Type:
"list of strings"
Default:
[
"127.0.0.1:4001"
]
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.address
Kubernetes kubelet info server listening address.
Type:
"string"
Default:
"0.0.0.0"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.allowPrivileged
Whether to allow kubernetes containers to request privileged mode.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.apiServers
Kubernetes kubelet list of Kubernetes API servers for publishing events, and reading pods and services.
Type:
"list of strings"
Default:
[
"127.0.0.1:8080"
]
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.cadvisorPort
Kubernetes kubelet local cadvisor port.
Type:
"integer"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.clusterDns
Use alternative dns.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.clusterDomain
Use alternative domain.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.enable
Whether to enable kubernetes kubelet.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.extraOpts
Kubernetes kubelet extra command line options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.hostname
Kubernetes kubelet hostname override
Type:
"string"
Default:
"nixos"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.kubelet.port
Kubernets kubelet info server listening port.
Type:
"integer"
Default:
10250
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.proxy.address
Kubernetes proxy listening address.
Type:
"string"
Default:
"0.0.0.0"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.proxy.enable
Whether to enable kubernetes proxy.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.proxy.extraOpts
Kubernetes proxy extra command line options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.roles
Kubernetes role that this machine should take. Master role will enable etcd, apiserver, scheduler and controller manager services. Node role will enable etcd, docker, kubelet and proxy services.
Type:
"list of one of master, nodes"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.scheduler.address
Kubernetes scheduler listening address.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.scheduler.enable
Whether to enable kubernetes scheduler.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.scheduler.extraOpts
Kubernetes scheduler extra command line options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.scheduler.master
Kubernetes apiserver address
Type:
"string"
Default:
"127.0.0.1:8080"
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.scheduler.port
Kubernets scheduler listening port.
Type:
"integer"
Default:
10251
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.kubernetes.verbose
Kubernetes enable verbose mode for debugging
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/kubernetes.nix>
|
services.lighttpd.cgit.configText
Verbatim contents of the cgit runtime configuration file. Documentation (with cgitrc example file) is available in "man cgitrc". Or online: http://git.zx2c4.com/cgit/tree/cgitrc.5.txt
Type:
"string"
Default:
""
Example:
'' cache-size=1000 scan-path=/srv/git ''
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/cgit.nix>
|
services.lighttpd.cgit.enable
If true, enable cgit (fast web interface for git repositories) as a sub-service in lighttpd. cgit will be accessible at http://yourserver/cgit
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/cgit.nix>
|
services.lighttpd.configText
Overridable config file contents to use for lighttpd. By default, use the contents automatically generated by NixOS.
Type:
"string"
Default:
""
Example:
"...verbatim config file contents..."
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/default.nix>
|
services.lighttpd.document-root
Document-root of the web server. Must be readable by the "lighttpd" user.
Type:
"path"
Default:
"/srv/www"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/default.nix>
|
services.lighttpd.enable
Enable the lighttpd web server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/default.nix>
|
services.lighttpd.enableModules
List of lighttpd modules to enable. Sub-services take care of
enabling modules as needed, so this option is mainly for when you
want to add custom stuff to
services.lighttpd.extraConfig
that depends on a
certain module.
Type:
"list of strings"
Default:
[
]
Example:
[
"mod_cgi" "mod_status"
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/default.nix>
|
services.lighttpd.extraConfig
These configuration lines will be appended to the generated lighttpd
config file. Note that this mechanism does not work when the manual
configText
option is used.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/default.nix>
|
services.lighttpd.gitweb.enable
If true, enable gitweb in lighttpd. Access it at http://yourserver/gitweb
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/gitweb.nix>
|
services.lighttpd.gitweb.extraConfig
Verbatim configuration text appended to the generated gitweb.conf file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/gitweb.nix>
|
services.lighttpd.gitweb.projectroot
Path to git projects (bare repositories) that should be served by gitweb. Must not end with a slash.
Type:
"path"
Default:
"/srv/git"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/gitweb.nix>
|
services.lighttpd.mod_status
Show server status overview at /server-status, statistics at /server-statistics and list of loaded modules at /server-config.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/default.nix>
|
services.lighttpd.mod_userdir
If true, requests in the form /~user/page.html are rewritten to take the file public_html/page.html from the home directory of the user.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/default.nix>
|
services.lighttpd.port
TCP port number for lighttpd to bind to.
Type:
"integer"
Default:
80
Declared by:
<nixpkgs/nixos/modules/services/web-servers/lighttpd/default.nix>
|
services.liquidsoap.streams
Set of Liquidsoap streams to start, one systemd service per stream.
Type:
"attribute set of path or strings"
Default:
{
}
Example:
{
myStream1 = "/etc/liquidsoap/myStream1.liq"; myStream2 = ./myStream2.liq; myStream3 = "out(playlist("/srv/music/"))";
}
Declared by:
<nixpkgs/nixos/modules/services/audio/liquidsoap.nix>
|
services.locate.enable
If enabled, NixOS will periodically update the database of files used by the locate command.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/misc/locate.nix>
|
services.locate.extraFlags
Extra flags to append to updatedb.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/misc/locate.nix>
|
services.locate.localuser
The user to search non-network directories as, using su.
Type:
"string"
Default:
"nobody"
Declared by:
<nixpkgs/nixos/modules/misc/locate.nix>
|
services.locate.output
The database file to build.
Type:
"path"
Default:
"/var/cache/locatedb"
Declared by:
<nixpkgs/nixos/modules/misc/locate.nix>
|
services.locate.period
This option defines (in the format used by cron) when the locate database is updated. The default is to update at 02:15 at night every day.
Type:
"string"
Default:
"15 02 * * *"
Declared by:
<nixpkgs/nixos/modules/misc/locate.nix>
|
services.logcheck.config
Config options that you would like in logcheck.conf.
Type:
"string"
Default:
"FQDN=1"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.enable
Enable the logcheck cron job.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.extraGroups
Extra groups for the logcheck user, for example to be able to use sendmail, or to access certain log files.
Type:
"list of strings"
Default:
[
]
Example:
[
"postdrop" "mongodb"
]
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.extraRulesDirs
Directories with extra rules.
Type:
"list of paths"
Default:
[
]
Example:
"/etc/logcheck"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.files
Which log files to check.
Type:
"list of paths"
Default:
[
"/var/log/messages"
]
Example:
[
"/var/log/messages" "/var/log/mail"
]
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignore
This option defines extra ignore rules.
Type:
"list or attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignore.<name?>.level
Set the logcheck level. Either "workstation", "server", or "paranoid".
Type:
"string"
Default:
"server"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignore.<name?>.regex
Regex specifying which log lines to ignore.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignoreCron
This option defines extra ignore rules for cronjobs.
Type:
"list or attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignoreCron.<name?>.cmdline
Command line for the cron job. Will be turned into a regex for the logcheck ignore rule.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignoreCron.<name?>.level
Set the logcheck level. Either "workstation", "server", or "paranoid".
Type:
"string"
Default:
"server"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignoreCron.<name?>.regex
Regex specifying which log lines to ignore.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignoreCron.<name?>.timeArgs
"min hr dom mon dow" crontab time args, to auto-create a cronjob too. Leave at null to not do this and just add a logcheck ignore rule.
Type:
"null or string"
Default:
null
Example:
"02 06 * * *"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.ignoreCron.<name?>.user
User that runs the cronjob.
Type:
"string"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.level
Set the logcheck level. Either "workstation", "server", or "paranoid".
Type:
"string"
Default:
"server"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.mailTo
Email address to send reports to.
Type:
"string"
Default:
"root"
Example:
"you@domain.com"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.timeOfDay
Time of day to run logcheck. A logcheck will be scheduled at xx:02 each day. Leave default (*) to run every hour. Of course when nothing special was logged, logcheck will be silent.
Type:
"string"
Default:
"*"
Example:
"6"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logcheck.user
Username for the logcheck user.
Type:
"string"
Default:
"logcheck"
Declared by:
<nixpkgs/nixos/modules/services/logging/logcheck.nix>
|
services.logind.extraConfig
Extra config options for systemd-logind. See man logind.conf for available options.
Type:
"string"
Default:
""
Example:
"HandleLidSwitch=ignore"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
services.logrotate.config
The contents of the logrotate config file
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/logging/logrotate.nix>
|
services.logrotate.enable
Enable the logrotate cron job
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/logrotate.nix>
|
services.logstash.address
Address on which to start webserver.
Type:
"string"
Default:
"0.0.0.0"
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.enable
Enable logstash.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.enableWeb
Enable the logstash web interface.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.filterConfig
logstash filter configuration.
Type:
"string"
Default:
"noop {}"
Example:
'' if [type] == "syslog" { # Keep only relevant systemd fields # http://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html prune { whitelist_names => [ "type", "@timestamp", "@version", "MESSAGE", "PRIORITY", "SYSLOG_FACILITY", ] } } ''
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.filterWorkers
The quantity of filter workers to run.
Type:
"integer"
Default:
1
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.inputConfig
Logstash input configuration.
Type:
"string"
Default:
''stdin { type => "example" }''
Example:
'' # Read from journal pipe { command => "/nix/store/d0468c86p8akn438g1dcrg8lc93pk9sd-systemd-217/bin/journalctl -f -o json" type => "syslog" codec => json {} } ''
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.logLevel
Logging verbosity level.
Type:
"one of debug, info, warn, error, fatal"
Default:
"warn"
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.outputConfig
Logstash output configuration.
Type:
"string"
Default:
''stdout { debug => true debug_format => "json"}''
Example:
'' redis { host => "localhost" data_type => "list" key => "logstash" codec => json } elasticsearch { embedded => true } ''
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.plugins
The paths to find other logstash plugins in.
Type:
"list of paths"
Default:
[
]
Example:
[ pkgs.logstash-contrib ]
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.port
Port on which to start webserver.
Type:
"string"
Default:
"9292"
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.logstash.watchdogTimeout
Set watchdog timeout value in seconds.
Type:
"integer"
Default:
10
Declared by:
<nixpkgs/nixos/modules/services/logging/logstash.nix>
|
services.lshd.enable
Whether to enable the GNU lshd SSH2 daemon, which allows secure remote login.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.hostKey
Path to the server's private key. Note that this key must have been created, e.g., using "lsh-keygen --server | lsh-writekey --server", so that you can run lshd.
Type:
"unspecified"
Default:
"/etc/lsh/host-key"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.interfaces
List of network interfaces where listening for connections. When providing the empty list, `[]', lshd listens on all network interfaces.
Type:
"unspecified"
Default:
[
]
Example:
[
"localhost" "1.2.3.4:443"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.loginShell
If non-null, override the default login shell with the specified value.
Type:
"unspecified"
Default:
null
Example:
"/nix/store/xyz-bash-10.0/bin/bash10"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.passwordAuthentication
Whether to enable password authentication.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.portNumber
The port on which to listen for connections.
Type:
"unspecified"
Default:
22
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.publicKeyAuthentication
Whether to enable public key authentication.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.rootLogin
Whether to enable remote root login.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.srpKeyExchange
Whether to enable SRP key exchange and user authentication.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.subsystems
List of subsystem-path pairs, where the head of the pair denotes the subsystem name, and the tail denotes the path to an executable implementing it.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.syslog
Whether to enable syslog output.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.tcpForwarding
Whether to enable TCP/IP forwarding.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.lshd.x11Forwarding
Whether to enable X11 forwarding.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/lshd.nix>
|
services.mail.freepopsd.bind
Bind over an IPv4 address instead of any.
Type:
"string"
Default:
"0.0.0.0"
Declared by:
<nixpkgs/nixos/modules/services/mail/freepops.nix>
|
services.mail.freepopsd.enable
Enables Freepops, a POP3 webmail wrapper.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/freepops.nix>
|
services.mail.freepopsd.logFile
Filename of the log file or syslog to rely on the logging daemon.
Type:
"string"
Default:
"/var/log/freepopsd"
Example:
"syslog"
Declared by:
<nixpkgs/nixos/modules/services/mail/freepops.nix>
|
services.mail.freepopsd.port
Port on which the pop server will listen.
Type:
"integer"
Default:
2000
Declared by:
<nixpkgs/nixos/modules/services/mail/freepops.nix>
|
services.mail.freepopsd.suid.group
Group under which freepopsd will be after binding the port.
Type:
"string"
Default:
"nogroup"
Declared by:
<nixpkgs/nixos/modules/services/mail/freepops.nix>
|
services.mail.freepopsd.suid.user
User name under which freepopsd will be after binding the port.
Type:
"string"
Default:
"nobody"
Declared by:
<nixpkgs/nixos/modules/services/mail/freepops.nix>
|
services.mail.freepopsd.threads
Max simultaneous connections.
Type:
"integer"
Default:
5
Declared by:
<nixpkgs/nixos/modules/services/mail/freepops.nix>
|
services.mail.sendmailSetuidWrapper
Configuration for the sendmail setuid wrwapper (like an element of security.setuidOwners)";
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/mail/mail.nix>
|
services.mailpile.enable
Whether to enable Mailpile the mail client.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/mailpile.nix>
|
services.mailpile.hostname
Listen to this hostname or ip.
Type:
"unspecified"
Default:
"localhost"
Declared by:
<nixpkgs/nixos/modules/services/networking/mailpile.nix>
|
services.mailpile.port
Listen on this port.
Type:
"unspecified"
Default:
"33411"
Declared by:
<nixpkgs/nixos/modules/services/networking/mailpile.nix>
|
services.marathon.enable
Whether to enable the marathon mesos framework.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/scheduling/marathon.nix>
|
services.marathon.httpPort
Marathon listening port
Type:
"integer"
Default:
8080
Declared by:
<nixpkgs/nixos/modules/services/scheduling/marathon.nix>
|
services.marathon.master
Marathon mesos master zookeeper address
Type:
"string"
Default:
"zk://localhost:2181/mesos"
Declared by:
<nixpkgs/nixos/modules/services/scheduling/marathon.nix>
|
services.marathon.zookeeperHosts
Marathon mesos zookepper addresses
Type:
"list of strings"
Default:
[
"localhost:2181"
]
Declared by:
<nixpkgs/nixos/modules/services/scheduling/marathon.nix>
|
services.mediatomb.customCfg
Allow mediatomb to create and use its own config file inside /var/lib/mediatomb.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.dataDir
The directory where mediatomb stores its state, data, etc.
Type:
"path"
Default:
"/var/lib/mediatomb"
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.dsmSupport
Whether to enable D-Link DSM 320 specific tweaks. WARNING: incompatible with ps3 support.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.enable
Whether to enable the mediatomb DLNA server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.group
Group account under which mediatomb runs.
Type:
"unspecified"
Default:
"mediatomb"
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.port
The network port to listen on.
Type:
"unspecified"
Default:
49152
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.ps3Support
Whether to enable ps3 specific tweaks. WARNING: incompatible with DSM 320 support.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.serverName
How to identify the server on the network.
Type:
"string"
Default:
"mediatomb"
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.tg100Support
Whether to enable Telegent TG100 specific tweaks.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.transcoding
Whether to enable transcoding.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.user
User account under which mediatomb runs.
Type:
"unspecified"
Default:
"mediatomb"
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.mediatomb.uuid
A unique (on your network) to identify the server by.
Type:
"unspecified"
Default:
"fdfc8a4e-a3ad-4c1d-b43d-a2eedb03a687"
Declared by:
<nixpkgs/nixos/modules/services/misc/mediatomb.nix>
|
services.memcached.enable
Whether to enable Memcached.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/memcached.nix>
|
services.memcached.extraOptions
A list of extra options that will be added as a suffix when running memcached
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/databases/memcached.nix>
|
services.memcached.listen
The IP address to bind to
Type:
"unspecified"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/databases/memcached.nix>
|
services.memcached.maxConnections
The maximum number of simultaneous connections
Type:
"unspecified"
Default:
1024
Declared by:
<nixpkgs/nixos/modules/services/databases/memcached.nix>
|
services.memcached.maxMemory
The maximum amount of memory to use for storage, in megabytes.
Type:
"unspecified"
Default:
64
Declared by:
<nixpkgs/nixos/modules/services/databases/memcached.nix>
|
services.memcached.port
The port to bind to
Type:
"unspecified"
Default:
11211
Declared by:
<nixpkgs/nixos/modules/services/databases/memcached.nix>
|
services.memcached.socket
Unix socket path to listen on. Setting this will disable network support
Type:
"unspecified"
Default:
""
Example:
"/var/run/memcached"
Declared by:
<nixpkgs/nixos/modules/services/databases/memcached.nix>
|
services.memcached.user
The user to run Memcached as
Type:
"unspecified"
Default:
"memcached"
Declared by:
<nixpkgs/nixos/modules/services/databases/memcached.nix>
|
services.mesos.master.enable
Whether to enable the Mesos Master.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-master.nix>
|
services.mesos.master.extraCmdLineOptions
Extra command line options for Mesos Master. See https://mesos.apache.org/documentation/latest/configuration/
Type:
"list of strings"
Default:
[
""
]
Example:
[
"--credentials=VALUE"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-master.nix>
|
services.mesos.master.logLevel
The logging level used. Possible values: 'INFO', 'WARNING', 'ERROR'
Type:
"string"
Default:
"INFO"
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-master.nix>
|
services.mesos.master.port
Mesos Master port
Type:
"integer"
Default:
5050
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-master.nix>
|
services.mesos.master.quorum
The size of the quorum of replicas when using 'replicated_log' based registry. It is imperative to set this value to be a majority of masters i.e., quorum > (number of masters)/2. If 0 will fall back to --registry=in_memory.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-master.nix>
|
services.mesos.master.workDir
The Mesos work directory.
Type:
"string"
Default:
"/var/lib/mesos/master"
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-master.nix>
|
services.mesos.master.zk
ZooKeeper URL (used for leader election amongst masters). May be one of: zk://host1:port1,host2:port2,.../mesos zk://username:password@host1:port1,host2:port2,.../mesos
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-master.nix>
|
services.mesos.slave.attributes
Machine attributes for the slave instance. Use caution when changing this; you may need to manually reset slave metadata before the slave can re-register.
Type:
"attribute set of strings"
Default:
{
}
Example:
{
host = "aabc123"; os = "nixos"; rack = "aa";
}
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-slave.nix>
|
services.mesos.slave.enable
Whether to enable the Mesos Slave.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-slave.nix>
|
services.mesos.slave.extraCmdLineOptions
Extra command line options for Mesos Slave. See https://mesos.apache.org/documentation/latest/configuration/
Type:
"list of strings"
Default:
[
""
]
Example:
[
"--gc_delay=3days"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-slave.nix>
|
services.mesos.slave.logLevel
The logging level used. Possible values: 'INFO', 'WARNING', 'ERROR'
Type:
"string"
Default:
"INFO"
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-slave.nix>
|
services.mesos.slave.master
May be one of: zk://host1:port1,host2:port2,.../path zk://username:password@host1:port1,host2:port2,.../path
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-slave.nix>
|
services.mesos.slave.port
Mesos Slave port
Type:
"integer"
Default:
5051
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-slave.nix>
|
services.mesos.slave.withHadoop
Add the HADOOP_HOME to the slave.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-slave.nix>
|
services.mesos.slave.workDir
The Mesos work directory.
Type:
"string"
Default:
"/var/lib/mesos/slave"
Declared by:
<nixpkgs/nixos/modules/services/misc/mesos-slave.nix>
|
services.minecraft-server.dataDir
Directory to store minecraft database and other state/data files.
Type:
"path"
Default:
"/var/lib/minecraft"
Declared by:
<nixpkgs/nixos/modules/services/games/minecraft-server.nix>
|
services.minecraft-server.enable
If enabled, start a Minecraft Server. The listening port for
the server is always 25565
. The server
data will be loaded from and saved to
/var/lib/minecraft
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/games/minecraft-server.nix>
|
services.minecraft-server.jvmOpts
JVM options for the Minecraft Service.
Type:
"string"
Default:
"-Xmx2048M -Xms2048M"
Declared by:
<nixpkgs/nixos/modules/services/games/minecraft-server.nix>
|
services.minecraft-server.openFirewall
Whether to open ports in the firewall (if enabled) for the server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/games/minecraft-server.nix>
|
services.minetest-server.configPath
Path to the config to use. If set to null, the config of the running user will be used: `~/.minetest/minetest.conf`.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/games/minetest-server.nix>
|
services.minetest-server.enable
If enabled, starts a Minetest Server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/games/minetest-server.nix>
|
services.minetest-server.gameId
Id of the game to use. To list available games run `minetestserver --gameid list`. If only one game exists, this option can be null.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/games/minetest-server.nix>
|
services.minetest-server.logPath
Path to logfile for logging. If set to null, logging will be output to stdout which means all output will be catched by systemd.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/games/minetest-server.nix>
|
services.minetest-server.port
Port number to bind to. If set to null, the default 30000 will be used.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/games/minetest-server.nix>
|
services.minetest-server.world
Name of the world to use. To list available worlds run `minetestserver --world list`. If only one world exists, this option can be null.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/games/minetest-server.nix>
|
services.mingetty.greetingLine
Welcome line printed by mingetty.
Type:
"string"
Default:
''<<< Welcome to NixOS 15.05pre56789.gfedcba (\m) - \l >>>''
Declared by:
<nixpkgs/nixos/modules/services/ttys/agetty.nix>
|
services.mingetty.helpLine
Help line printed by mingetty below the welcome line. Used by the installation CD to give some hints on how to proceed.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/ttys/agetty.nix>
|
services.mingetty.serialSpeed
Bitrates to allow for agetty's listening on serial ports. Listing more bitrates gives more interoperability but at the cost of long delays for getting a sync on the line.
Type:
"list of integers"
Default:
[
115200 57600 38400 9600
]
Example:
[
38400 9600
]
Declared by:
<nixpkgs/nixos/modules/services/ttys/agetty.nix>
|
services.minidlna.config
The contents of MiniDLNA's configuration file.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/minidlna.nix>
|
services.minidlna.enable
Whether to enable MiniDLNA, a simple DLNA server. It serves media files such as video and music to DLNA client devices such as televisions and media players.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/minidlna.nix>
|
services.minidlna.mediaDirs
Directories to be scanned for media files. The prefixes
A,
, V,
and
P,
restrict a directory to audio, video
or image files. The directories must be accessible to the
minidlna
user account.
Type:
"list of strings"
Default:
[
]
Example:
[
"/data/media" "V,/home/alice/video"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/minidlna.nix>
|
services.mlmmj.enable
Enable mlmmj
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/mlmmj.nix>
|
services.mlmmj.group
mailinglist local group
Type:
"string"
Default:
"mlmmj"
Declared by:
<nixpkgs/nixos/modules/services/mail/mlmmj.nix>
|
services.mlmmj.listDomain
Set the mailing list domain
Type:
"string"
Default:
"localhost"
Declared by:
<nixpkgs/nixos/modules/services/mail/mlmmj.nix>
|
services.mlmmj.mailLists
The collection of hosted maillists
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/mail/mlmmj.nix>
|
services.mlmmj.user
mailinglist local user
Type:
"string"
Default:
"mlmmj"
Declared by:
<nixpkgs/nixos/modules/services/mail/mlmmj.nix>
|
services.monetdb.dbfarmDir
Specifies location of Monetdb dbfarm (keeps database and auxiliary files).
Type:
"path"
Default:
"/var/lib/monetdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/monetdb.nix>
|
services.monetdb.enable
Whether to enable MonetDB database server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/monetdb.nix>
|
services.monetdb.package
MonetDB package to use.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/services/databases/monetdb.nix>
|
services.monetdb.port
Port to listen on.
Type:
"unspecified"
Default:
"50000"
Example:
"50000"
Declared by:
<nixpkgs/nixos/modules/services/databases/monetdb.nix>
|
services.mongodb.bind_ip
IP to bind to
Type:
"unspecified"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/databases/mongodb.nix>
|
services.mongodb.dbpath
Location where MongoDB stores its files
Type:
"unspecified"
Default:
"/var/db/mongodb"
Declared by:
<nixpkgs/nixos/modules/services/databases/mongodb.nix>
|
services.mongodb.enable
Whether to enable the MongoDB server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/mongodb.nix>
|
services.mongodb.extraConfig
MongoDB extra configuration
Type:
"unspecified"
Default:
""
Example:
'' nojournal = true ''
Declared by:
<nixpkgs/nixos/modules/services/databases/mongodb.nix>
|
services.mongodb.pidFile
Location of MongoDB pid file
Type:
"unspecified"
Default:
"/var/run/mongodb.pid"
Declared by:
<nixpkgs/nixos/modules/services/databases/mongodb.nix>
|
services.mongodb.quiet
quieter output
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/mongodb.nix>
|
services.mongodb.replSetName
If this instance is part of a replica set, set its name here. Otherwise, leave empty to run as single node.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/mongodb.nix>
|
services.mongodb.user
User account under which MongoDB runs
Type:
"unspecified"
Default:
"mongodb"
Declared by:
<nixpkgs/nixos/modules/services/databases/mongodb.nix>
|
services.monit.config
monit.conf content
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/monit.nix>
|
services.monit.enable
Whether to run Monit system watcher.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/monit.nix>
|
services.monit.startOn
What Monit supposes to be already present
Type:
"unspecified"
Default:
"started network-interfaces"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/monit.nix>
|
services.mopidy.configuration
The configuration that Mopidy should use.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/audio/mopidy.nix>
|
services.mopidy.dataDir
The directory where Mopidy stores its state.
Type:
"string"
Default:
"/var/lib/mopidy"
Declared by:
<nixpkgs/nixos/modules/services/audio/mopidy.nix>
|
services.mopidy.enable
Whether to enable Mopidy, a music player daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/audio/mopidy.nix>
|
services.mopidy.extensionPackages
Mopidy extensions that should be loaded by the service.
Type:
"list of derivations"
Default:
[
]
Example:
[ pkgs.mopidy-spotify ]
Declared by:
<nixpkgs/nixos/modules/services/audio/mopidy.nix>
|
services.mopidy.extraConfigFiles
Extra config file read by Mopidy when the service starts. Later files in the list overrides earlier configuration.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/audio/mopidy.nix>
|
services.mpd.dataDir
The directory where MPD stores its state, tag cache, playlists etc.
Type:
"unspecified"
Default:
"/var/lib/mpd"
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mpd.dbFile
The path to MPD's database.
Type:
"string"
Default:
"/var/lib/mpd/tag_cache"
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mpd.enable
Whether to enable MPD, the music player daemon.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mpd.extraConfig
Extra directives added to to the end of MPD's configuration file, mpd.conf. Basic configuration like file location and uid/gid is added automatically to the beginning of the file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mpd.group
Group account under which MPD runs.
Type:
"unspecified"
Default:
"mpd"
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mpd.musicDirectory
The directory where mpd reads music from.
Type:
"unspecified"
Default:
"/var/lib/mpd/music"
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mpd.network.host
This setting sets the address for the daemon to listen on. Careful attention should be paid if this is assigned to anything other then the default, any. This setting can deny access to control of the daemon.
Type:
"unspecified"
Default:
"any"
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mpd.network.port
This setting is the TCP port that is desired for the daemon to get assigned to.
Type:
"unspecified"
Default:
6600
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mpd.user
User account under which MPD runs.
Type:
"unspecified"
Default:
"mpd"
Declared by:
<nixpkgs/nixos/modules/services/audio/mpd.nix>
|
services.mstpd.enable
Whether to enable the multiple spanning tree protocol daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/mstpd.nix>
|
services.munge.enable
Whether to enable munge service.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/security/munge.nix>
|
services.munge.password
The path to a daemon's secret key.
Type:
"string"
Default:
"/etc/munge/munge.key"
Declared by:
<nixpkgs/nixos/modules/services/security/munge.nix>
|
services.munin-cron.enable
Enable munin-cron. Takes care of all heavy lifting to collect data from
nodes and draws graphs to html. Runs munin-update, munin-limits,
munin-graphs and munin-html in that order.
HTML output is in /var/www/munin/
, configure your
favourite webserver to serve static files.
Type:
"unspecified"
Default:
false
Example:
services = { munin-node.enable = true; munin-cron = { enable = true; hosts = '' [${config.networking.hostName}] address localhost ''; extraGlobalConfig = '' contact.email.command mail -s "Munin notification for ${var:host}" someone@example.com ''; }; };
Declared by:
<nixpkgs/nixos/modules/services/monitoring/munin.nix>
|
services.munin-cron.extraGlobalConfig
munin.conf
extra global configuration.
See http://munin-monitoring.org/wiki/munin.conf.
Useful to setup notifications, see
http://munin-monitoring.org/wiki/HowToContact
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/munin.nix>
|
services.munin-cron.hosts
Definitions of hosts of nodes to collect data from. Needs at least one hosts for cron to succeed. See http://munin-monitoring.org/wiki/munin.conf
Type:
"unspecified"
Example:
'' [''${config.networking.hostName}] address localhost ''
Declared by:
<nixpkgs/nixos/modules/services/monitoring/munin.nix>
|
services.munin-node.enable
Enable Munin Node agent. Munin node listens on 0.0.0.0 and by default accepts connections only from 127.0.0.1 for security reasons. See http://munin-monitoring.org/wiki/munin-node.conf.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/munin.nix>
|
services.munin-node.extraConfig
munin-node.conf
extra configuration. See
http://munin-monitoring.org/wiki/munin-node.conf
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/munin.nix>
|
services.murmur.allowHtml
Allow HTML in client messages, comments, and channel descriptions.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.autobanAttempts
Number of attempts a client is allowed to make in
autobanTimeframe
seconds, before being
banned for autobanTime
.
Type:
"integer"
Default:
10
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.autobanTime
The amount of time an IP ban lasts (in seconds).
Type:
"integer"
Default:
300
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.autobanTimeframe
Timeframe in which a client can connect without being banned for repeated attempts (in seconds).
Type:
"integer"
Default:
120
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.bandwidth
Maximum bandwidth (in bits per second) that clients may send speech at.
Type:
"integer"
Default:
72000
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.bonjour
Enable Bonjour auto-discovery, which allows clients over your LAN to automatically discover Murmur servers.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.clientCertRequired
Require clients to authenticate via certificates.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.enable
If enabled, start the Murmur Service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.hostName
Host to bind to. Defaults binding on all addresses.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.imgMsgLength
Max length of image messages. Set 0 for no limit.
Type:
"integer"
Default:
131072
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.logDays
How long to store RPC logs for in the database. Set 0 to keep logs forever, or -1 to disable DB logging.
Type:
"integer"
Default:
31
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.password
Required password to join server, if specified.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.pidfile
Path to PID file for Murmur daemon.
Type:
"path"
Default:
"/tmp/murmurd.pid"
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.port
Ports to bind to (UDP and TCP).
Type:
"integer"
Default:
64738
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.registerHostname
DNS hostname where your server can be reached. This is only needed if you want your server to be accessed by its hostname and not IP - but the name *must* resolve on the internet properly.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.registerName
Public server registration name, and also the name of the Root channel. Even if you don't publicly register your server, you probably still want to set this.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.registerPassword
Public server registry password, used authenticate your server to the registry to prevent impersonation; required for subsequent registry updates.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.registerUrl
URL website for your server.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.sendVersion
Send Murmur version in UDP response.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.sslCert
Path to your SSL certificate.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.sslKey
Path to your SSL key.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.textMsgLength
Max length of text messages. Set 0 for no limit.
Type:
"integer"
Default:
5000
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.users
Maximum number of concurrent clients allowed.
Type:
"integer"
Default:
100
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.murmur.welcome
Welcome message for connected clients.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/murmur.nix>
|
services.mysql.dataDir
Location where MySQL stores its table files
Type:
"unspecified"
Default:
"/var/mysql"
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.enable
Whether to enable the MySQL server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.extraOptions
Provide extra options to the MySQL configuration file.
Please note, that these options are added to the
[mysqld]
section so you don't need to explicitly
state it again.
Type:
"unspecified"
Default:
""
Example:
'' key_buffer_size = 6G table_cache = 1600 log-error = /var/log/mysql_err.log ''
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.initialDatabases
List of database names and their initial schemas that should be used to create databases on the first startup of MySQL
Type:
"unspecified"
Default:
[
]
Example:
[
{
name = "foodatabase"; schema = ./foodatabase.sql;
}
{
name = "bardatabase"; schema = ./bardatabase.sql;
}
]
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.initialScript
A file containing SQL statements to be executed on the first startup. Can be used for granting certain permissions on the database
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.pidDir
Location of the file which stores the PID of the MySQL server
Type:
"unspecified"
Default:
"/run/mysqld"
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.port
Port of MySQL
Type:
"unspecified"
Default:
"3306"
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.replication.masterHost
Hostname of the MySQL master server
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.replication.masterPassword
Password of the MySQL replication user
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.replication.masterPort
Port number on which the MySQL master server runs
Type:
"unspecified"
Default:
3306
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.replication.masterUser
Username of the MySQL replication user
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.replication.role
Role of the MySQL server instance. Can be either: master, slave or none
Type:
"unspecified"
Default:
"none"
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.replication.serverId
Id of the MySQL server instance. This number must be unique for each instance
Type:
"unspecified"
Default:
1
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.rootPassword
Path to a file containing the root password, modified on the first startup. Not specifying a root password will leave the root password empty.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysql.user
User account under which MySQL runs
Type:
"unspecified"
Default:
"mysql"
Declared by:
<nixpkgs/nixos/modules/services/databases/mysql.nix>
|
services.mysqlBackup.databases
List of database names to dump.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/backup/mysql-backup.nix>
|
services.mysqlBackup.enable
Whether to enable MySQL backups.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/mysql-backup.nix>
|
services.mysqlBackup.location
Location to put the gzipped MySQL database dumps.
Type:
"unspecified"
Default:
"/var/backup/mysql"
Declared by:
<nixpkgs/nixos/modules/services/backup/mysql-backup.nix>
|
services.mysqlBackup.period
This option defines (in the format used by cron) when the databases should be dumped. The default is to update at 01:15 (at night) every day.
Type:
"unspecified"
Default:
"15 01 * * *"
Declared by:
<nixpkgs/nixos/modules/services/backup/mysql-backup.nix>
|
services.mysqlBackup.singleTransaction
Whether to create database dump in a single transaction
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/mysql-backup.nix>
|
services.mysqlBackup.user
User to be used to perform backup.
Type:
"unspecified"
Default:
"mysql"
Declared by:
<nixpkgs/nixos/modules/services/backup/mysql-backup.nix>
|
services.nagios.cgiConfigFile
Derivation for the configuration file of Nagios CGI scripts that can be used in web servers for running the Nagios web interface.
Type:
"unspecified"
Default:
(build of nagios.cgi.conf)
Declared by:
<nixpkgs/nixos/modules/services/monitoring/nagios.nix>
|
services.nagios.enable
Whether to use Nagios to monitor your system or network.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/nagios.nix>
|
services.nagios.enableWebInterface
Whether to enable the Nagios web interface. You should also
enable Apache (services.httpd.enable
).
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/nagios.nix>
|
services.nagios.mainConfigFile
Derivation for the main configuration file of Nagios.
Type:
"unspecified"
Default:
(build of nagios.cfg)
Declared by:
<nixpkgs/nixos/modules/services/monitoring/nagios.nix>
|
services.nagios.objectDefs
A list of Nagios object configuration files that must define the hosts, host groups, services and contacts for the network that you want Nagios to monitor.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/nagios.nix>
|
services.nagios.plugins
Packages to be added to the Nagios PATH
.
Typically used to add plugins, but can be anything.
Type:
"unspecified"
Default:
[
(build of nagios-plugins-2.0.3)
(build of ssmtp-2.64)
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/nagios.nix>
|
services.nagios.urlPath
The URL path under which the Nagios web interface appears.
That is, you can access the Nagios web interface through
http://
.
server
/urlPath
Type:
"unspecified"
Default:
"/nagios"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/nagios.nix>
|
services.neo4j.cert
Neo4j https certificate.
Type:
"path"
Default:
"/var/lib/neo4j/conf/ssl/neo4j.cert"
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.dataDir
Neo4j data directory.
Type:
"path"
Default:
"/var/lib/neo4j"
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.enable
Whether to enable neo4j.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.enableHttps
Enable https for Neo4j.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.extraServerConfig
Extra configuration for neo4j server.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.host
Neo4j listen address.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.httpsPort
Neo4j port to listen for HTTPS traffic.
Type:
"integer"
Default:
7473
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.key
Neo4j https certificate key.
Type:
"path"
Default:
"/var/lib/neo4j/conf/ssl/neo4j.key"
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.loggingConfig
Neo4j logging configuration.
Type:
"string"
Default:
'' handlers=java.util.logging.ConsoleHandler .level=INFO org.neo4j.server.level=INFO java.util.logging.ConsoleHandler.level=INFO java.util.logging.ConsoleHandler.formatter=org.neo4j.server.logging.SimpleConsoleFormatter java.util.logging.ConsoleHandler.filter=org.neo4j.server.logging.NeoLogFilter ''
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.neo4j.port
Neo4j port to listen for HTTP traffic.
Type:
"integer"
Default:
7474
Declared by:
<nixpkgs/nixos/modules/services/databases/neo4j.nix>
|
services.networking.websockify.enable
Whether to enable websockify to forward websocket connections to TCP connections.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/websockify.nix>
|
services.networking.websockify.portMap
Ports to map by default.
Type:
"attribute set of integers"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/networking/websockify.nix>
|
services.networking.websockify.sslCert
Path to the SSL certificate.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/services/networking/websockify.nix>
|
services.networking.websockify.sslKey
Path to the SSL key.
Type:
"path"
Default:
"config.services.networking.websockify.sslCert"
Declared by:
<nixpkgs/nixos/modules/services/networking/websockify.nix>
|
services.nfs.lockdPort
Use fixed port for NFS lock manager kernel module (lockd/nlockmgr), useful if NFS server is behind firewall.
Type:
"unspecified"
Default:
null
Example:
4001
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/nfs.nix>
|
services.nfs.server.createMountPoints
Whether to create the mount points in the exports file at startup time.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/nfsd.nix>
|
services.nfs.server.enable
Whether to enable the kernel's NFS server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/nfsd.nix>
|
services.nfs.server.exports
Contents of the /etc/exports file. See exports(5) for the format.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/nfsd.nix>
|
services.nfs.server.hostName
Hostname or address on which NFS requests will be accepted.
Default is all. See the -H
option in
nfsd(8).
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/nfsd.nix>
|
services.nfs.server.lockdPort
Fix the lockd port number. This can help setting firewall rules for NFS.
Type:
"unspecified"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/nfsd.nix>
|
services.nfs.server.mountdPort
Use fixed port for rpc.mountd, useful if server is behind firewall.
Type:
"unspecified"
Default:
null
Example:
4002
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/nfsd.nix>
|
services.nfs.server.nproc
Number of NFS server threads. Defaults to the recommended value of 8.
Type:
"unspecified"
Default:
8
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/nfsd.nix>
|
services.nfs.statdPort
Use fixed port for rpc.statd, useful if NFS server is behind firewall.
Type:
"unspecified"
Default:
null
Example:
4000
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/nfs.nix>
|
services.nginx.appendConfig
Configuration lines appended to the generated Nginx
configuration file. Commonly used by different modules
providing http snippets. appendConfig
can be specified more than once and it's value will be
concatenated (contrary to config
which
can be set only once).
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/web-servers/nginx/default.nix>
|
services.nginx.config
Verbatim nginx.conf configuration.
Type:
"unspecified"
Default:
"events {}"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/nginx/default.nix>
|
services.nginx.enable
Enable the nginx Web Server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/nginx/default.nix>
|
services.nginx.group
Group account under which nginx runs.
Type:
"string"
Default:
"nginx"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/nginx/default.nix>
|
services.nginx.httpConfig
Configuration lines to be appended inside of the http {} block.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/web-servers/nginx/default.nix>
|
services.nginx.stateDir
Directory holding all state for nginx to run.
Type:
"unspecified"
Default:
"/var/spool/nginx"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/nginx/default.nix>
|
services.nginx.user
User account under which nginx runs.
Type:
"string"
Default:
"nginx"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/nginx/default.nix>
|
services.ngircd.config
The ngircd configuration (see ngircd.conf(5)).
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/ngircd.nix>
|
services.ngircd.enable
Whether to enable the ngircd IRC server.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ngircd.nix>
|
services.nixosManual.browser
Browser used to show the manual.
Type:
"path"
Default:
"/nix/store/h8pfaq57zpfl3k4k2y4p8a3n1356rif7-w3m-0.5.3/bin/w3m"
Declared by:
<nixpkgs/nixos/modules/services/misc/nixos-manual.nix>
|
services.nixosManual.enable
Whether to build the NixOS manual pages.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/nixos-manual.nix>
|
services.nixosManual.showManual
Whether to show the NixOS manual on one of the virtual consoles.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/nixos-manual.nix>
|
services.nixosManual.ttyNumber
Virtual console on which to show the manual.
Type:
"unspecified"
Default:
"8"
Declared by:
<nixpkgs/nixos/modules/services/misc/nixos-manual.nix>
|
services.notbit.allowPrivateAddresses
If true, notbit will allow connections to to RFC 1918 addresses.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/notbit.nix>
|
services.notbit.enable
Enables the notbit daemon and provides a sendmail binary named `notbit-system-sendmail` for sending mail over the system instance of notbit. Users must be in the notbit group in order to send mail over the system notbit instance. Currently mail recipt is not supported.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/notbit.nix>
|
services.notbit.listenAddress
The addresses which notbit will use to listen for incoming connections. These addresses are advertised to connecting clients.
Type:
"list of strings"
Default:
[
]
Example:
[
"localhost" "myhostname"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/notbit.nix>
|
services.notbit.nice
Set the nice level for the notbit daemon
Type:
"integer"
Default:
10
Declared by:
<nixpkgs/nixos/modules/services/networking/notbit.nix>
|
services.notbit.noBootstrap
If true, notbit will not bootstrap an initial peerlist from bitmessage.org servers
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/notbit.nix>
|
services.notbit.peers
The initial set of peers notbit will connect to.
Type:
"list of strings"
Default:
[
]
Example:
[
"bitmessage.org:8877"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/notbit.nix>
|
services.notbit.port
The port which the daemon listens for other bitmessage clients
Type:
"integer"
Default:
8444
Declared by:
<nixpkgs/nixos/modules/services/networking/notbit.nix>
|
services.notbit.specifiedPeersOnly
If true, notbit will only connect to peers specified by the peers option.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/notbit.nix>
|
services.nscd.config
Configuration to use for Name Service Cache Daemon.
Type:
"string"
Default:
'' server-user nscd threads 1 paranoia no debug-level 0 enable-cache passwd yes positive-time-to-live passwd 600 negative-time-to-live passwd 20 suggested-size passwd 211 check-files passwd yes persistent passwd no shared passwd yes enable-cache group yes positive-time-to-live group 3600 negative-time-to-live group 60 suggested-size group 211 check-files group yes persistent group no shared group yes enable-cache hosts yes positive-time-to-live hosts 600 negative-time-to-live hosts 5 suggested-size hosts 211 check-files hosts yes persistent hosts no shared hosts yes ''
Declared by:
<nixpkgs/nixos/modules/services/system/nscd.nix>
|
services.nscd.enable
Whether to enable the Name Service Cache Daemon.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/system/nscd.nix>
|
services.nsd.bind8Stats
Wheter to enable BIND8 like statisics.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.enable
Whether to enable the NSD authoritative domain name server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.extraConfig
Extra nsd config.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.hideVersion
Wheter NSD should answer VERSION.BIND and VERSION.SERVER CHAOS class queries.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.identity
Identify the server (CH TXT ID.SERVER entry).
Type:
"string"
Default:
"unidentified server"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.interfaces
What addresses the server should listen to.
Type:
"list of strings"
Default:
[
"127.0.0.0" "::1"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ipTransparent
Allow binding to non local addresses.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ipv4
Wheter to listen on IPv4 connections.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ipv4EDNSSize
Preferred EDNS buffer size for IPv4.
Type:
"integer"
Default:
4096
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ipv6
Wheter to listen on IPv6 connections.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ipv6EDNSSize
Preferred EDNS buffer size for IPv6.
Type:
"integer"
Default:
4096
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.keys
Define your TSIG keys here.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
tsig.example.org =
{
algorithm = "hmac-md5"; secret = "aaaaaabbbbbbccccccdddddd";
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.keys.<name>.algorithm
Authentication algorithm for this key.
Type:
"string"
Default:
"hmac-sha256"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.keys.<name>.keyFile
Path to the file which contains the actual base64 encoded key. The key will be copied into "/var/lib/nsd/private" before NSD starts. The copied file is only accessibly by the NSD user.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.nsid
NSID identity (hex string, or "ascii_somestring").
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.port
Port the service should bind do.
Type:
"integer"
Default:
53
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ratelimit.enable
Enable ratelimit capabilities.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ratelimit.ipv4PrefixLength
IPv4 prefix length. Addresses are grouped by netblock.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ratelimit.ipv6PrefixLength
IPv6 prefix length. Addresses are grouped by netblock.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ratelimit.ratelimit
Max qps allowed from any query source. 0 means unlimited. With an verbosity of 2 blocked and unblocked subnets will be logged.
Type:
"integer"
Default:
200
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ratelimit.size
Size of the hashtable. More buckets use more memory but lower the chance of hash hash collisions.
Type:
"integer"
Default:
1000000
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ratelimit.slip
Number of packets that get discarded before replying a SLIP response. 0 disables SLIP responses. 1 will make every response a SLIP response.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.ratelimit.whitelistRatelimit
Max qps allowed from whitelisted sources. 0 means unlimited. Set the rrl-whitelist option for specific queries to apply this limit instead of the default to them.
Type:
"integer"
Default:
2000
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.remoteControl.controlCertFile
Path to the client certificate signed with the server certificate. This file is used by nsd-control and generated by nsd-control-setup.
Type:
"path"
Default:
"/etc/nsd/nsd_control.pem"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.remoteControl.controlKeyFile
Path to the client private key, which is used by nsd-control but not by the server. This file is generated by nsd-control-setup.
Type:
"path"
Default:
"/etc/nsd/nsd_control.key"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.remoteControl.enable
Wheter to enable remote control via nsd-control(8).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.remoteControl.interfaces
Which interfaces NSD should bind to for remote control.
Type:
"list of strings"
Default:
[
"127.0.0.1" "::1"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.remoteControl.port
Port number for remote control operations (uses TLS over TCP).
Type:
"integer"
Default:
8952
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.remoteControl.serverCertFile
Path to the server self signed certificate, which is used by the server but and by nsd-control. This file is generated by nsd-control-setup.
Type:
"path"
Default:
"/etc/nsd/nsd_server.pem"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.remoteControl.serverKeyFile
Path to the server private key, which is used by the server but not by nsd-control. This file is generated by nsd-control-setup.
Type:
"path"
Default:
"/etc/nsd/nsd_server.key"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.rootServer
Wheter if this server will be a root server (a DNS root server, you usually don't want that).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.serverCount
Number of NSD servers to fork. Put the number of CPUs to use here.
Type:
"integer"
Default:
1
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.statistics
Statistics are produced every number of seconds. Prints to log. If null no statistics are logged.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.tcpCount
Maximum number of concurrent TCP connections per server.
Type:
"integer"
Default:
100
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.tcpQueryCount
Maximum number of queries served on a single TCP connection. 0 means no maximum.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.tcpTimeout
TCP timeout in seconds.
Type:
"integer"
Default:
120
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.verbosity
Verbosity level.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.xfrdReloadTimeout
Number of seconds between reloads triggered by xfrd.
Type:
"integer"
Default:
1
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zonefilesCheck
Wheter to check mtime of all zone files on start and sighup.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones
Define your zones here. Zones can cascade other zones and therefore inherit settings from parent zones. Look at the definition of children to learn about inheritance and child zones. The given example will define 3 zones (example.(com|org|net).). Both example.com. and example.org. inherit their configuration from serverGroup1.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{
example.net. =
{
data = "..."; provideXFR =
[
"10.3.2.1 NOKEY"
]
;
}
; serverGroup1 =
{
children =
{
example.com. =
{
data = "\$ORIGIN example.com.\n\$TTL 86400\n@ IN SOA a.ns.example.com. admin.example.com. (\n...\n";
}
; example.org. =
{
data = "\$ORIGIN example.org.\n\$TTL 86400\n@ IN SOA a.ns.example.com. admin.example.com. (\n...\n";
}
;
}
; provideXFR =
[
"10.1.2.3 NOKEY"
]
;
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.allowAXFRFallback
If NSD as secondary server should be allowed to AXFR if the primary server does not allow IXFR.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.allowNotify
Listed primary servers are allowed to notify this secondary server.
Format: <ip> <key-name | NOKEY | BLOCKED> <ip> either a plain IPv4/IPv6 address or range. Valid patters for ranges: * 10.0.0.0/24 # via subnet size * 10.0.0.0&255.255.255.0 # via subnet mask * 10.0.0.1-10.0.0.254 # via range A optional port number could be added with a '@': * 2001:1234::1@1234 <key-name | NOKEY | BLOCKED> * <key-name> will use the specified TSIG key * NOKEY no TSIG signature is required * BLOCKED notifies from non-listed or blocked IPs will be ignored *
Type:
"list of strings"
Default:
[
]
Example:
[
"192.0.2.0/24 NOKEY" "10.0.0.1-10.0.0.5 my_tsig_key_name" "10.0.3.4&255.255.0.0 BLOCKED"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.children
Children zones inherit all options of their parents. Attributes defined in a child will overwrite the ones of its parent. Only leaf zones will be actually served. This way it's possible to define maybe zones which share most attributes without duplicating everything. This mechanism replaces nsd's patterns in a save and functional way.
Type:
"unspecified"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.data
The actual zone data. This is the content of your zone file. Use imports or pkgs.lib.readFile if you don't want this data in your config file.
Type:
"string"
Default:
""
Example:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.notify
This primary server will notify all given secondary servers about zone changes.
Format: <ip> <key-name | NOKEY> <ip> a plain IPv4/IPv6 address with on optional port number (ip@port) <key-name | NOKEY> * <key-name> sign notifies with the specified key * NOKEY don't sign notifies
Type:
"list of strings"
Default:
[
]
Example:
[
"10.0.0.1@3721 my_key" "::5 NOKEY"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.notifyRetry
Specifies the number of retries for failed notifies. Set this along with notify.
Type:
"integer"
Default:
5
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.outgoingInterface
This address will be used for zone-transfere requests if configured as a secondary server or notifications in case of a primary server. Supply either a plain IPv4 or IPv6 address with an optional port number (ip@port).
Type:
"null or string"
Default:
null
Example:
"2000::1@1234"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.provideXFR
Allow these IPs and TSIG to transfer zones, addr TSIG|NOKEY|BLOCKED address range 192.0.2.0/24, 1.2.3.4&255.255.0.0, 3.0.2.20-3.0.2.40
Type:
"list of strings"
Default:
[
]
Example:
[
"192.0.2.0/24 NOKEY" "192.0.2.0/24 my_tsig_key_name"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.requestXFR
Format: [AXFR|UDP] <ip-address> <key-name | NOKEY>
Type:
"list of strings"
Default:
[
]
Example:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.rrlWhitelist
Whitelists the given rrl-types. The RRL classification types are: nxdomain, error, referral, any, rrsig, wildcard, nodata, dnskey, positive, all
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.nsd.zones.<name>.zoneStats
When set to something distinct to null NSD is able to collect statistics per zone. All statistics of this zone(s) will be added to the group specified by this given name. Use "%s" to use the zones name as the group. The groups are output from nsd-control stats and stats_noreset.
Type:
"null or string"
Default:
null
Example:
"%s"
Declared by:
<nixpkgs/nixos/modules/services/networking/nsd.nix>
|
services.ntopng.configText
Overridable configuration file contents to use for ntopng. By default, use the contents automatically generated by NixOS.
Type:
"string"
Default:
""
Example:
'' --interface=any --http-port=3000 --disable-login ''
Declared by:
<nixpkgs/nixos/modules/services/networking/ntopng.nix>
|
services.ntopng.enable
Enable ntopng, a high-speed web-based traffic analysis and flow collection tool. With the default configuration, ntopng monitors all network interfaces and displays its findings at http://localhost:3000. Default username and password is admin/admin. See the ntopng(8) manual page and http://www.ntop.org/products/ntop/ for more info. Note that enabling ntopng will also enable redis (key-value database server) for persistent data storage.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ntopng.nix>
|
services.ntopng.extraConfig
Configuration lines that will be appended to the generated ntopng
configuration file. Note that this mechanism does not work when the
manual configText
option is used.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/ntopng.nix>
|
services.ntopng.http-port
Sets the HTTP port of the embedded web server.
Type:
"integer"
Default:
3000
Declared by:
<nixpkgs/nixos/modules/services/networking/ntopng.nix>
|
services.ntopng.interfaces
List of interfaces to monitor. Use "any" to monitor all interfaces.
Type:
"list of strings"
Default:
[
"any"
]
Example:
[
"eth0" "wlan0"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ntopng.nix>
|
services.ntp.enable
Whether to synchronise your machine's time using the NTP protocol.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ntpd.nix>
|
services.ntp.servers
The set of NTP servers from which to synchronise.
Type:
"unspecified"
Default:
[
"0.nixos.pool.ntp.org" "1.nixos.pool.ntp.org" "2.nixos.pool.ntp.org" "3.nixos.pool.ntp.org"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ntpd.nix>
|
services.nylon.acceptInterface
Tell nylon which interface to listen for client requests on, default is "lo".
Type:
"string"
Default:
"lo"
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.nylon.allowedIPRanges
Allowed client IP ranges are evaluated first, defaults to ARIN IPv4 private ranges: [ "192.168.0.0/16" "127.0.0.0/8" "172.16.0.0/12" "10.0.0.0/8" ]
Type:
"list of strings"
Default:
[
"192.168.0.0/16" "127.0.0.1/8" "172.16.0.1/12" "10.0.0.0/8"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.nylon.bindInterface
Tell nylon which interface to use as an uplink, default is "enp3s0f0".
Type:
"string"
Default:
"enp3s0f0"
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.nylon.deniedIPRanges
Denied client IP ranges, these gets evaluated after the allowed IP ranges, defaults to all IPv4 addresses: [ "0.0.0.0/0" ] To block all other access than the allowed.
Type:
"list of strings"
Default:
[
"0.0.0.0/0"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.nylon.enable
Enables nylon as a running service upon activation.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.nylon.logging
Enable logging, default is no logging.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.nylon.nrConnections
The number of allowed simultaneous connections to the daemon, default 10.
Type:
"integer"
Default:
10
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.nylon.port
What port to listen for client requests, default is 1080.
Type:
"integer"
Default:
1080
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.nylon.verbosity
Enable verbose output, default is to not be verbose.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/nylon.nix>
|
services.oidentd.enable
Whether to enable ‘oidentd’, an implementation of the Ident protocol (RFC 1413). It allows remote systems to identify the name of the user associated with a TCP connection.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/oidentd.nix>
|
services.openafsClient.cacheDirectory
Cache directory.
Type:
"unspecified"
Default:
"/var/cache/openafs"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/openafs-client/default.nix>
|
services.openafsClient.cacheSize
Cache size.
Type:
"unspecified"
Default:
"100000"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/openafs-client/default.nix>
|
services.openafsClient.cellName
Cell name.
Type:
"unspecified"
Default:
"grand.central.org"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/openafs-client/default.nix>
|
services.openafsClient.crypt
Whether to enable (weak) protocol encryption.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/openafs-client/default.nix>
|
services.openafsClient.enable
Whether to enable the OpenAFS client.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/openafs-client/default.nix>
|
services.openafsClient.sparse
Minimal cell list in /afs.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/openafs-client/default.nix>
|
services.openfire.enable
Whether to enable OpenFire XMPP server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/openfire.nix>
|
services.openfire.usePostgreSQL
Whether you use PostgreSQL service for your storage back-end.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/openfire.nix>
|
services.openldap.dataDir
The database directory.
Type:
"string"
Default:
"/var/db/openldap"
Declared by:
<nixpkgs/nixos/modules/services/databases/openldap.nix>
|
services.openldap.enable
Whether to enable the ldap server.
Type:
"boolean"
Default:
false
Example:
openldap.enable = true; openldap.extraConfig = '' include ${pkgs.openldap}/etc/openldap/schema/core.schema include ${pkgs.openldap}/etc/openldap/schema/cosine.schema include ${pkgs.openldap}/etc/openldap/schema/inetorgperson.schema include ${pkgs.openldap}/etc/openldap/schema/nis.schema database bdb suffix dc=example,dc=org rootdn cn=admin,dc=example,dc=org # NOTE: change after first start rootpw secret directory /var/db/openldap '';
Declared by:
<nixpkgs/nixos/modules/services/databases/openldap.nix>
|
services.openldap.extraConfig
sldapd.conf configuration
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/openldap.nix>
|
services.openldap.group
Group account under which slapd runs.
Type:
"string"
Default:
"openldap"
Declared by:
<nixpkgs/nixos/modules/services/databases/openldap.nix>
|
services.openldap.user
User account under which slapd runs.
Type:
"string"
Default:
"openldap"
Declared by:
<nixpkgs/nixos/modules/services/databases/openldap.nix>
|
services.openntpd.enable
Whether to enable OpenNTP time synchronization server.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/openntpd.nix>
|
services.openntpd.extraConfig
Additional text appended to openntpd.conf
.
Type:
"string"
Default:
""
Example:
'' listen on 127.0.0.1 listen on ::1 ''
Declared by:
<nixpkgs/nixos/modules/services/networking/openntpd.nix>
|
services.openntpd.extraOptions
Extra options used when launching openntpd.
Type:
"string"
Default:
""
Example:
"-s"
Declared by:
<nixpkgs/nixos/modules/services/networking/openntpd.nix>
|
services.openntpd.servers
The set of NTP servers from which to synchronise.
Type:
"list of strings"
Default:
[
"0.nixos.pool.ntp.org" "1.nixos.pool.ntp.org" "2.nixos.pool.ntp.org" "3.nixos.pool.ntp.org"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/openntpd.nix>
|
services.opensmtpd.enable
Whether to enable the OpenSMTPD server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.extraServerArgs
Extra command line arguments provided when the smtpd process is started.
Type:
"list of strings"
Default:
[
]
Example:
[
"-v" "-P mta"
]
Declared by:
<nixpkgs/nixos/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.serverConfiguration
The contents of the smtpd.conf configuration file. See the OpenSMTPD documentation for syntax information. If this option is left empty, the OpenSMTPD server will not start.
Type:
"string"
Default:
""
Example:
'' listen on lo accept for any deliver to lmtp localhost:24 ''
Declared by:
<nixpkgs/nixos/modules/services/mail/opensmtpd.nix>
|
services.openssh.allowSFTP
Whether to enable the SFTP subsystem in the SSH daemon. This enables the use of commands such as sftp and sshfs.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.authorizedKeysFiles
Files from with authorized keys are read.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.challengeResponseAuthentication
Specifies whether challenge/response authentication is allowed.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.enable
Whether to enable the OpenSSH secure shell daemon, which allows secure remote logins.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.extraConfig
Verbatim contents of sshd_config
.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.forwardX11
Whether to allow X11 connections to be forwarded.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.gatewayPorts
Specifies whether remote hosts are allowed to connect to ports forwarded for the client. See sshd_config(5).
Type:
"string"
Default:
"no"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.hostKeys
NixOS can automatically generate SSH host keys. This option specifies the path, type and size of each key. See ssh-keygen(1) for supported types and sizes.
Type:
"list of attribute sets"
Default:
[
{
path = "/etc/ssh/ssh_host_dsa_key"; type = "dsa";
}
{
bits = 521; path = "/etc/ssh/ssh_host_ecdsa_key"; type = "ecdsa";
}
{
path = "/etc/ssh/ssh_host_ed25519_key"; type = "ed25519";
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.knownHosts
The set of system-wide known SSH hosts.
Type:
"list or attribute set of submodules"
Default:
{
}
Example:
[
{
hostNames =
[
"myhost" "myhost.mydomain.com" "10.10.1.4"
]
; publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub;
}
{
hostNames =
[
"myhost2"
]
; publicKeyFile = ./pubkeys/myhost2_ssh_host_dsa_key.pub;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.knownHosts.<name?>.hostNames
A list of host names and/or IP numbers used for accessing the host's ssh service.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.knownHosts.<name?>.publicKey
The public key data for the host. You can fetch a public key from a running SSH server with the ssh-keyscan command. The public key should not include any host names, only the key type and the key itself. It is allowed to add several lines here, each line will be treated as type/key pair and the host names will be prepended to each line.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.knownHosts.<name?>.publicKeyFile
The path to the public key file for the host. The public
key file is read at build time and saved in the Nix store.
You can fetch a public key file from a running SSH server
with the ssh-keyscan command. The content
of the file should follow the same format as described for
the publicKey
option.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.listenAddresses
List of addresses and ports to listen on (ListenAddress directive
in config). If port is not specified for address sshd will listen
on all ports specified by ports
option.
NOTE: this will override default listening on all local addresses and port 22.
NOTE: setting this option won't automatically enable given ports
in firewall configuration.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
addr = "192.168.3.1"; port = 22;
}
{
addr = "0.0.0.0"; port = 64022;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.listenAddresses.*.addr
Host, IPv4 or IPv6 address to listen to.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.listenAddresses.*.port
Port to listen to.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.passwordAuthentication
Specifies whether password authentication is allowed.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.permitRootLogin
Whether the root user can login using ssh.
Type:
"one of yes, without-password, forced-commands-only, no"
Default:
"without-password"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.ports
Specifies on which ports the SSH daemon listens.
Type:
"list of integers"
Default:
[
22
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.startWhenNeeded
If set, sshd is socket-activated; that is, instead of having it permanently running as a daemon, systemd will start an instance for each incoming connection.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.opentsdb.enable
Whether to run OpenTSDB.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/opentsdb.nix>
|
services.opentsdb.group
Group account under which OpenTSDB runs.
Type:
"string"
Default:
"opentsdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/opentsdb.nix>
|
services.opentsdb.port
Which port OpenTSDB listens on.
Type:
"integer"
Default:
4242
Declared by:
<nixpkgs/nixos/modules/services/databases/opentsdb.nix>
|
services.opentsdb.user
User account under which OpenTSDB runs.
Type:
"string"
Default:
"opentsdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/opentsdb.nix>
|
services.openvpn.enable
Whether to enable OpenVPN.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/openvpn.nix>
|
services.openvpn.servers
Each attribute of this option defines a systemd service that
runs an OpenVPN instance. These can be OpenVPN servers or
clients. The name of each systemd service is
openvpn-
,
where name
.servicename
is the corresponding
attribute name.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{ server = { config = '' # Simplest server configuration: http://openvpn.net/index.php/documentation/miscellaneous/static-key-mini-howto.html. # server : dev tun ifconfig 10.8.0.1 10.8.0.2 secret /root/static.key ''; up = "ip route add ..."; down = "ip route del ..."; }; client = { config = '' client remote vpn.example.org dev tun proto tcp-client port 8080 ca /root/.vpn/ca.crt cert /root/.vpn/alice.crt key /root/.vpn/alice.key ''; up = "echo nameserver $nameserver | ${pkgs.openresolv}/sbin/resolvconf -m 0 -a $dev"; down = "${pkgs.openresolv}/sbin/resolvconf -d $dev"; }; }
Declared by:
<nixpkgs/nixos/modules/services/networking/openvpn.nix>
|
services.openvpn.servers.<name>.autoStart
Whether this OpenVPN instance should be started automatically.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/openvpn.nix>
|
services.openvpn.servers.<name>.config
Configuration of this OpenVPN instance. See openvpn(8) for details.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/openvpn.nix>
|
services.openvpn.servers.<name>.down
Shell commands executed when the instance is shutting down.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/openvpn.nix>
|
services.openvpn.servers.<name>.up
Shell commands executed when the instance is starting.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/openvpn.nix>
|
services.panamax.APIPort
Panamax UI listening port.
Type:
"integer"
Default:
3000
Declared by:
<nixpkgs/nixos/modules/services/cluster/panamax.nix>
|
services.panamax.UIPort
Panamax UI listening port.
Type:
"integer"
Default:
8888
Declared by:
<nixpkgs/nixos/modules/services/cluster/panamax.nix>
|
services.panamax.dataDir
Data dir for Panamax.
Type:
"string"
Default:
"/var/lib/panamax"
Declared by:
<nixpkgs/nixos/modules/services/cluster/panamax.nix>
|
services.panamax.enable
Whether to enable Panamax service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/cluster/panamax.nix>
|
services.panamax.fleetctlEndpoint
Panamax fleetctl endpoint.
Type:
"string"
Default:
"http://127.0.0.1:4001"
Declared by:
<nixpkgs/nixos/modules/services/cluster/panamax.nix>
|
services.panamax.journalEndpoint
Panamax journal endpoint.
Type:
"string"
Default:
"http://127.0.0.1:19531"
Declared by:
<nixpkgs/nixos/modules/services/cluster/panamax.nix>
|
services.panamax.secretKey
Panamax secret key (do change this).
Type:
"string"
Default:
"SomethingVeryLong."
Declared by:
<nixpkgs/nixos/modules/services/cluster/panamax.nix>
|
services.parsoid.enable
Whether to enable Parsoid -- bidirectional wikitext parser.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/parsoid.nix>
|
services.parsoid.extraConfig
Extra configuration to add to parsoid configuration.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/parsoid.nix>
|
services.parsoid.interface
Interface to listen on.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/misc/parsoid.nix>
|
services.parsoid.interwikis
Used MediaWiki API endpoints.
Type:
"attribute set of strings"
Example:
{
localhost = "http://localhost/api.php";
}
Declared by:
<nixpkgs/nixos/modules/services/misc/parsoid.nix>
|
services.parsoid.port
Port to listen on.
Type:
"integer"
Default:
8000
Declared by:
<nixpkgs/nixos/modules/services/misc/parsoid.nix>
|
services.parsoid.workers
Number of Parsoid workers.
Type:
"integer"
Default:
2
Declared by:
<nixpkgs/nixos/modules/services/misc/parsoid.nix>
|
services.pcscd.enable
Whether to enable the PCSC-Lite daemon.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/pcscd.nix>
|
services.peerflix.downloadDir
Peerflix temporary download directory.
Type:
"path"
Default:
"/var/lib/peerflix/torrents"
Declared by:
<nixpkgs/nixos/modules/services/torrent/peerflix.nix>
|
services.peerflix.enable
Whether to enable peerflix service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/torrent/peerflix.nix>
|
services.peerflix.stateDir
Peerflix state directory.
Type:
"path"
Default:
"/var/lib/peerflix"
Declared by:
<nixpkgs/nixos/modules/services/torrent/peerflix.nix>
|
services.phd.enable
Enable daemons for phabricator.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/phd.nix>
|
services.phpfpm.extraConfig
Extra configuration that should be put in the global section of
the PHP FPM configuration file. Do not specify the options
pid
, error_log
or
daemonize
here, since they are generated by
NixOS.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/web-servers/phpfpm.nix>
|
services.phpfpm.phpIni
php.ini file to use.
Type:
"path"
Default:
"/nix/store/sjknl3aba3rpb5iin9h8n42gijxcby9a-php-5.4.39/etc/php-recommended.ini"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/phpfpm.nix>
|
services.phpfpm.phpPackage
The PHP package to use for running the FPM service.
Type:
"unspecified"
Default:
(build of php-5.4.39)
Declared by:
<nixpkgs/nixos/modules/services/web-servers/phpfpm.nix>
|
services.phpfpm.poolConfigs
A mapping between PHP FPM pool names and their configurations.
See the documentation on php-fpm.conf
for
details on configuration directives. If no pools are defined,
the phpfpm service is disabled.
Type:
"attribute set of strings"
Default:
{
}
Example:
{
mypool = "listen = /run/phpfpm/mypool\nuser = nobody\npm = dynamic\npm.max_children = 75\npm.start_servers = 10\npm.min_spare_servers = 5\npm.max_spare_servers = 20\npm.max_requests = 500\n";
}
Declared by:
<nixpkgs/nixos/modules/services/web-servers/phpfpm.nix>
|
services.polipo.allowedClients
List of IP addresses or network addresses that may connect to Polipo.
Type:
"list of strings"
Default:
[
"127.0.0.1" "::1"
]
Example:
[
"127.0.0.1" "::1" "134.157.168.0/24" "2001:660:116::/48"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/polipo.nix>
|
services.polipo.enable
Whether to run the polipo caching web proxy.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/polipo.nix>
|
services.polipo.extraConfig
Polio configuration. Contents will be added verbatim to the configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/polipo.nix>
|
services.polipo.parentProxy
Hostname and port number of an HTTP parent proxy; it should have the form ‘host:port’.
Type:
"string"
Default:
""
Example:
"localhost:8124"
Declared by:
<nixpkgs/nixos/modules/services/networking/polipo.nix>
|
services.polipo.proxyAddress
IP address on which Polipo will listen.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/networking/polipo.nix>
|
services.polipo.proxyPort
TCP port on which Polipo will listen.
Type:
"integer"
Default:
8123
Declared by:
<nixpkgs/nixos/modules/services/networking/polipo.nix>
|
services.polipo.socksParentProxy
Hostname and port number of an SOCKS parent proxy; it should have the form ‘host:port’.
Type:
"string"
Default:
""
Example:
"localhost:9050"
Declared by:
<nixpkgs/nixos/modules/services/networking/polipo.nix>
|
services.postfix.destination
Full (!) list of domains we deliver locally. Leave blank for acceptable Postfix default.
Type:
"unspecified"
Default:
null
Example:
[
"localhost"
]
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.domain
Domain to use. Leave blank to use hostname minus first component.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.enable
Whether to run the Postfix mail server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.extraAliases
Additional entries to put verbatim into aliases file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.extraConfig
Extra lines to be added verbatim to the main.cf configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.extraMasterConf
Extra lines to append to the generated master.cf file.
Type:
"unspecified"
Default:
""
Example:
"submission inet n - n - - smtpd"
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.group
What to call the Postfix group (must be used only for postfix).
Type:
"unspecified"
Default:
"postfix"
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.hostname
Hostname to use. Leave blank to use just the hostname of machine. It should be FQDN.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.lookupMX
Whether relay specified is just domain whose MX must be used.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.networks
Net masks for trusted - allowed to relay mail to third parties - hosts. Leave empty to use mynetworks_style configuration or use default (localhost-only).
Type:
"unspecified"
Default:
null
Example:
[
"192.168.0.1/24"
]
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.networksStyle
Name of standard way of trusted network specification to use, leave blank if you specify it explicitly or if you want to use default (localhost-only).
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.origin
Origin to use in outgoing e-mail. Leave blank to use hostname.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.postmasterAlias
Who should receive postmaster e-mail.
Type:
"unspecified"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.recipientDelimiter
Delimiter for address extension: so mail to user+test can be handled by ~user/.forward+test
Type:
"unspecified"
Default:
""
Example:
"+"
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.relayDomains
List of domains we agree to relay to. Default is the same as destination.
Type:
"unspecified"
Default:
null
Example:
[
"localdomain"
]
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.relayHost
Mail relay for outbound mail.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.rootAlias
Who should receive root e-mail. Blank for no redirection.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.setSendmail
Whether to set the system sendmail to postfix's.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.setgidGroup
How to call postfix setgid group (for postdrop). Should be uniquely used group.
Type:
"unspecified"
Default:
"postdrop"
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.sslCACert
SSL certificate of CA.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.sslCert
SSL certificate to use.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.sslKey
SSL key to use.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.user
What to call the Postfix user (must be used only for postfix).
Type:
"unspecified"
Default:
"postfix"
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postfix.virtual
Entries for the virtual alias map.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/mail/postfix.nix>
|
services.postgresql.authentication
Defines how users authenticate themselves to the server. By default, "trust" access to local users will always be granted along with any other custom options. If you do not want this, set this option using "lib.mkForce" to override this behaviour.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.dataDir
Data directory for PostgreSQL.
Type:
"path"
Default:
"/var/db/postgresql"
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.enable
Whether to run PostgreSQL.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.enableTCPIP
Whether PostgreSQL should listen on all network interfaces. If disabled, the database can only be accessed via its Unix domain socket or via TCP connections to localhost.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.extraConfig
Additional text to be appended to postgresql.conf
.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.extraPlugins
When this list contains elements a new store path is created. PostgreSQL and the elments are symlinked into it. Then pg_config, postgres and pc_ctl are copied to make them use the new $out/lib directory as pkglibdir. This makes it possible to use postgis without patching the .sql files which reference $libdir/postgis-1.5.
Type:
"list of paths"
Default:
[
]
Example:
pkgs.postgis
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.identMap
Defines the mapping from system users to database users.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.initialScript
A file containing SQL statements to execute on first startup.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.port
The port on which PostgreSQL listens.
Type:
"integer"
Default:
5432
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresql.recoveryConfig
Contents of the recovery.conf
file.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/databases/postgresql.nix>
|
services.postgresqlBackup.databases
List of database names to dump.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/backup/postgresql-backup.nix>
|
services.postgresqlBackup.enable
Whether to enable PostgreSQL dumps.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/postgresql-backup.nix>
|
services.postgresqlBackup.location
Location to put the gzipped PostgreSQL database dumps.
Type:
"unspecified"
Default:
"/var/backup/postgresql"
Declared by:
<nixpkgs/nixos/modules/services/backup/postgresql-backup.nix>
|
services.postgresqlBackup.period
This option defines (in the format used by cron) when the databases should be dumped. The default is to update at 01:15 (at night) every day.
Type:
"unspecified"
Default:
"15 01 * * *"
Declared by:
<nixpkgs/nixos/modules/services/backup/postgresql-backup.nix>
|
services.prayer.enable
Whether to run the prayer webmail http server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/prayer.nix>
|
services.prayer.extraConfig
Extra configuration. Contents will be added verbatim to the configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/prayer.nix>
|
services.prayer.port
Port the prayer http server is listening to.
Type:
"unspecified"
Default:
"2080"
Declared by:
<nixpkgs/nixos/modules/services/networking/prayer.nix>
|
services.prey.apiKey
API key obtained from https://panel.preyproject.com/profile
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/security/prey.nix>
|
services.prey.deviceKey
Device Key obtained from https://panel.preyproject.com/devices (and clicking on the device)
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/security/prey.nix>
|
services.prey.enable
Enables http://preyproject.com/ bash client. Be sure to specify api and device keys. Once setup, cronjob will run evert 15 minutes and report status.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/security/prey.nix>
|
services.printing.browsedConf
The contents of the configuration. file of the CUPS Browsed daemon
(cups-browsed.conf
)
Type:
"string"
Default:
""
Example:
'' BrowsePoll cups.example.com ''
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.printing.clientConf
The contents of the client configuration.
(client.conf
)
Type:
"string"
Default:
""
Example:
'' ServerName server.example.com Encryption Never ''
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.printing.cupsFilesConf
The contents of the configuration file of the CUPS daemon
(cups-files.conf
).
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.printing.cupsdConf
The contents of the configuration file of the CUPS daemon
(cupsd.conf
).
Type:
"string"
Default:
""
Example:
'' BrowsePoll cups.example.com LogLevel debug ''
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.printing.drivers
CUPS drivers to use. Drivers provided by CUPS, cups-filters, Ghostscript and Samba are added unconditionally.
Type:
"list of paths"
Example:
[ pkgs.splix ]
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.printing.enable
Whether to enable printing support through the CUPS daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.printing.extraConf
Extra contents of the configuration file of the CUPS daemon
(cupsd.conf
).
Type:
"string"
Default:
""
Example:
'' BrowsePoll cups.example.com LogLevel debug ''
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.printing.listenAddresses
A list of addresses and ports on which to listen.
Type:
"list of strings"
Default:
[
"127.0.0.1:631"
]
Example:
[
"*:631"
]
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.printing.tempDir
CUPSd temporary directory.
Type:
"path"
Default:
"/tmp"
Example:
"/tmp/cups"
Declared by:
<nixpkgs/nixos/modules/services/printing/cupsd.nix>
|
services.privoxy.actionsFiles
List of paths to Privoxy action files. These paths may either be absolute or relative to the privoxy configuration directory.
Type:
"list of strings"
Default:
[
"match-all.action" "default.action"
]
Example:
[
"match-all.action" "default.action" "/etc/privoxy/user.action"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/privoxy.nix>
|
services.privoxy.enable
Whether to enable the Privoxy non-caching filtering proxy.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/privoxy.nix>
|
services.privoxy.enableEditActions
Whether or not the web-based actions file editor may be used.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/privoxy.nix>
|
services.privoxy.extraConfig
Extra configuration. Contents will be added verbatim to the configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/privoxy.nix>
|
services.privoxy.filterFiles
List of paths to Privoxy filter files. These paths may either be absolute or relative to the privoxy configuration directory.
Type:
"list of strings"
Default:
[
"default.filter"
]
Example:
[
"default.filter" "/etc/privoxy/user.filter"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/privoxy.nix>
|
services.privoxy.listenAddress
Address the proxy server is listening to.
Type:
"string"
Default:
"127.0.0.1:8118"
Declared by:
<nixpkgs/nixos/modules/services/networking/privoxy.nix>
|
services.prosody.admins
List of administrators of the current host
Type:
"unspecified"
Default:
[
]
Example:
[
"admin1@example.com" "admin2@example.com"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.allowRegistration
Allow account creation
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.enable
Whether to enable the prosody server
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.extraConfig
Additional prosody configuration
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.extraModules
Enable custom modules
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.bosh
Enable BOSH clients, aka 'Jabber over HTTP'
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.console
telnet to port 5582
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.dialback
s2s dialback support
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.disco
Service discovery
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.httpserver
Serve static files from a directory over HTTP
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.legacyauth
Legacy authentication. Only used by some old clients and bots
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.ping
Replies to XMPP pings with pongs
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.roster
Allow users to have a roster
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.saslauth
Authentication for clients and servers. Recommended if you want to log in.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.time
Let others know the time here on this server
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.tls
Add support for secure TLS on c2s/s2s connections
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.uptime
Report how long server has been running
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.version
Replies to server version requests
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.modules.websocket
Enable WebSocket support
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.ssl
Paths to SSL files
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.virtualHosts
Define the virtual hosts
Type:
"list or attribute set of submodules"
Default:
{
localhost =
{
domain = "localhost"; enabled = true;
}
;
}
Example:
{
myhost =
{
domain = "my-xmpp-example-host.org"; enabled = true;
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.virtualHosts.<name?>.domain
Domain name
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.virtualHosts.<name?>.enabled
Whether to enable the virtual host
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.virtualHosts.<name?>.extraConfig
Additional virtual host specific configuration
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.prosody.virtualHosts.<name?>.ssl
Paths to SSL files
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/prosody.nix>
|
services.psd.browsers
A list of browsers to sync. Available choices are: chromium chromium-dev conkeror.mozdev.org epiphany firefox firefox-trunk google-chrome google-chrome-beta google-chrome-unstable heftig-aurora icecat luakit midori opera opera-developer opera-beta qupzilla palemoon rekonq seamonkey An empty list will enable all browsers.
Type:
"list of strings"
Default:
[
]
Example:
[
"chromium" "firefox"
]
Declared by:
<nixpkgs/nixos/modules/services/desktops/profile-sync-daemon.nix>
|
services.psd.daemonFile
Where the pid and backup configuration files will be stored.
Type:
"string"
Default:
"/run/psd"
Declared by:
<nixpkgs/nixos/modules/services/desktops/profile-sync-daemon.nix>
|
services.psd.enable
Whether to enable the Profile Sync daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/profile-sync-daemon.nix>
|
services.psd.resyncTimer
The amount of time to wait before syncing browser profiles back to the disk. Takes a systemd.unit time span. The time unit defaults to seconds if omitted.
Type:
"string"
Default:
"1h"
Example:
"1h 30min"
Declared by:
<nixpkgs/nixos/modules/services/desktops/profile-sync-daemon.nix>
|
services.psd.users
A list of users whose browser profiles should be sync'd to tmpfs.
Type:
"list of strings"
Default:
[
]
Example:
[
"demo"
]
Declared by:
<nixpkgs/nixos/modules/services/desktops/profile-sync-daemon.nix>
|
services.psd.volatile
The directory where browser profiles should reside(this should be mounted as a tmpfs). Do not include a trailing backslash.
Type:
"string"
Default:
"/run/psd-profiles"
Declared by:
<nixpkgs/nixos/modules/services/desktops/profile-sync-daemon.nix>
|
services.quassel.dataDir
The directory holding configuration files, the SQlite database and the SSL Cert.
Type:
"unspecified"
Default:
"/home/quassel/.config/quassel-irc.org"
Declared by:
<nixpkgs/nixos/modules/services/networking/quassel.nix>
|
services.quassel.enable
Whether to run the Quassel IRC client daemon.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/quassel.nix>
|
services.quassel.interface
The interface the Quassel daemon will be listening to. If `127.0.0.1', only clients on the local host can connect to it; if `0.0.0.0', clients can access it from any network interface.
Type:
"unspecified"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/networking/quassel.nix>
|
services.quassel.portNumber
The port number the Quassel daemon will be listening to.
Type:
"unspecified"
Default:
4242
Declared by:
<nixpkgs/nixos/modules/services/networking/quassel.nix>
|
services.quassel.user
The existing user the Quassel daemon should run as. If left empty, a default "quassel" user will be created.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/quassel.nix>
|
services.rabbitmq.config
Verbatim configuration file contents. See http://www.rabbitmq.com/configure.htm
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/amqp/rabbitmq.nix>
|
services.rabbitmq.cookie
Erlang cookie is a string of arbitrary length which must be the same for several nodes to be allowed to communicate. Leave empty to generate automatically.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/amqp/rabbitmq.nix>
|
services.rabbitmq.dataDir
Data directory for rabbitmq.
Type:
"path"
Default:
"/var/lib/rabbitmq"
Declared by:
<nixpkgs/nixos/modules/services/amqp/rabbitmq.nix>
|
services.rabbitmq.enable
Whether to enable the RabbitMQ server, an Advanced Message Queuing Protocol (AMQP) broker.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/amqp/rabbitmq.nix>
|
services.rabbitmq.listenAddress
IP address on which RabbitMQ will listen for AMQP
connections. Set to the empty string to listen on all
interfaces. Note that RabbitMQ creates a user named
guest
with password
guest
by default, so you should delete
this user if you intend to allow external access.
Type:
"string"
Default:
"127.0.0.1"
Example:
""
Declared by:
<nixpkgs/nixos/modules/services/amqp/rabbitmq.nix>
|
services.rabbitmq.plugins
The names of plugins to enable
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/amqp/rabbitmq.nix>
|
services.rabbitmq.port
Port on which RabbitMQ will listen for AMQP connections.
Type:
"integer"
Default:
5672
Declared by:
<nixpkgs/nixos/modules/services/amqp/rabbitmq.nix>
|
services.radicale.config
Radicale configuration, this will set the service configuration file
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/radicale.nix>
|
services.radicale.enable
Enable Radicale CalDAV and CardDAV server
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/radicale.nix>
|
services.radvd.config
The contents of the radvd configuration file.
Type:
"unspecified"
Example:
'' interface eth0 { AdvSendAdvert on; prefix 2001:db8:1234:5678::/64 { }; }; ''
Declared by:
<nixpkgs/nixos/modules/services/networking/radvd.nix>
|
services.radvd.enable
Whether to enable the Router Advertisement Daemon (radvd), which provides link-local advertisements of IPv6 router addresses and prefixes using the Neighbor Discovery Protocol (NDP). This enables stateless address autoconfiguration in IPv6 clients on the network.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/radvd.nix>
|
services.rdnssd.enable
Whether to enable the RDNSS daemon
(rdnssd), which configures DNS servers in
/etc/resolv.conf
from RDNSS
advertisements sent by IPv6 routers.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/rdnssd.nix>
|
services.redis.appendFsync
How often to fsync the append-only log, options: no, always, everysec.
Type:
"string"
Default:
"everysec"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.appendOnly
By default data is only periodically persisted to disk, enable this option to use an append-only file for improved persistence.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.appendOnlyFilename
Filename for the append-only file (stored inside of dbpath)
Type:
"string"
Default:
"appendonly.aof"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.bind
The IP interface to bind to.
Type:
"null or string"
Default:
null
Example:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.databases
Set the number of databases.
Type:
"integer"
Default:
16
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.dbFilename
The filename where to dump the DB.
Type:
"string"
Default:
"dump.rdb"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.dbpath
The DB will be written inside this directory, with the filename specified using the 'dbFilename' configuration.
Type:
"path"
Default:
"/var/lib/redis"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.enable
Whether to enable the Redis server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.extraConfig
Extra configuration options for redis.conf.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.logLevel
Specify the server verbosity level, options: debug, verbose, notice, warning.
Type:
"string"
Default:
"notice"
Example:
"debug"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.logfile
Specify the log file name. Also 'stdout' can be used to force Redis to log on the standard output.
Type:
"string"
Default:
"/dev/null"
Example:
"/var/log/redis.log"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.masterAuth
If the master is password protected (using the requirePass configuration) it is possible to tell the slave to authenticate before starting the replication synchronization process, otherwise the master will refuse the slave request. (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.pidFile
Type:
"path"
Default:
"/var/lib/redis/redis.pid"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.port
The port for Redis to listen to.
Type:
"integer"
Default:
6379
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.requirePass
Password for database (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
Type:
"null or string"
Default:
null
Example:
"letmein!"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.save
The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes.
Type:
"list of list of integerss"
Default:
[
[
900 1
]
[
300 10
]
[
60 10000
]
]
Example:
[
[
900 1
]
[
300 10
]
[
60 10000
]
]
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.slaveOf
An attribute set with two attributes: ip and port to which this redis instance acts as a slave.
Type:
"unspecified"
Default:
null
Example:
{
ip = "192.168.1.100"; port = 6379;
}
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.slowLogLogSlowerThan
Log queries whose execution take longer than X in milliseconds.
Type:
"integer"
Default:
10000
Example:
1000
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.slowLogMaxLen
Maximum number of items to keep in slow log.
Type:
"integer"
Default:
128
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.syslog
Enable logging to the system logger.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.unixSocket
The path to the socket to bind to.
Type:
"null or path"
Default:
null
Example:
"/var/run/redis.sock"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redis.user
User account under which Redis runs.
Type:
"string"
Default:
"redis"
Declared by:
<nixpkgs/nixos/modules/services/databases/redis.nix>
|
services.redmine.databaseHost
Database hostname
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redmine.databaseName
Database name
Type:
"string"
Default:
"redmine"
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redmine.databasePassword
Database user password
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redmine.databaseUsername
Database user
Type:
"string"
Default:
"redmine"
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redmine.enable
Enable the redmine service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redmine.extraConfig
Extra configuration in configuration.yml
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redmine.plugins
Set of plugins
Type:
"attribute set of paths"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redmine.stateDir
The state directory, logs and plugins are stored here
Type:
"string"
Default:
"/var/redmine"
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redmine.themes
Set of themes
Type:
"attribute set of paths"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/misc/redmine.nix>
|
services.redshift.brightness.day
Screen brightness to apply during the day (between 0.1 and 1.0)
Type:
"string"
Default:
"1"
Declared by:
<nixpkgs/nixos/modules/services/x11/redshift.nix>
|
services.redshift.brightness.night
Screen brightness to apply during the night (between 0.1 and 1.0)
Type:
"string"
Default:
"1"
Declared by:
<nixpkgs/nixos/modules/services/x11/redshift.nix>
|
services.redshift.enable
Enable Redshift to change your screen's colour temperature depending on the time of day
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/redshift.nix>
|
services.redshift.latitude
Your current latitude
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/x11/redshift.nix>
|
services.redshift.longitude
Your current longitude
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/x11/redshift.nix>
|
services.redshift.temperature.day
Colour temperature to use during day time
Type:
"integer"
Default:
5500
Declared by:
<nixpkgs/nixos/modules/services/x11/redshift.nix>
|
services.redshift.temperature.night
Colour temperature to use during night time
Type:
"integer"
Default:
3700
Declared by:
<nixpkgs/nixos/modules/services/x11/redshift.nix>
|
services.resolved.enable
Enables the systemd dns resolver daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
services.riemann.config
Contents of the Riemann configuration file.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/riemann.nix>
|
services.riemann.configFiles
Extra files containing Riemann configuration. These files will be
loaded at runtime by Riemann (with Clojure's
load-file
function) at the end of the
configuration.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/riemann.nix>
|
services.riemann.enable
Enable the Riemann network monitoring daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/riemann.nix>
|
services.riemann.extraClasspathEntries
Extra entries added to the Java classpath when running Riemann.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/riemann.nix>
|
services.riemann.extraJavaOpts
Extra Java options used when launching Riemann.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/riemann.nix>
|
services.riemann-dash.config
Contents added to the end of the riemann-dash configuration file.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/riemann-dash.nix>
|
services.riemann-dash.dataDir
Location of the riemann-base dir. The dashboard configuration file is is stored to this directory. The directory is created automatically on service start, and owner is set to the riemanndash user.
Type:
"string"
Default:
"/var/riemann-dash"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/riemann-dash.nix>
|
services.riemann-dash.enable
Enable the riemann-dash dashboard daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/riemann-dash.nix>
|
services.rippleDataApi.couchdb.create
Whether to create couchdb database needed by ripple data api.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.couchdb.db
Ripple data api couchdb database.
Type:
"string"
Default:
"rippled"
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.couchdb.host
Ripple data api couchdb host.
Type:
"string"
Default:
"localhost"
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.couchdb.pass
Ripple data api couchdb password.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.couchdb.port
Ripple data api couchdb port.
Type:
"integer"
Default:
5984
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.couchdb.user
Ripple data api couchdb username.
Type:
"string"
Default:
"rippled"
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.enable
Whether to enable Whether to enable ripple data api..
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.port
Ripple data api port
Type:
"integer"
Default:
5993
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.redis.enable
Whether to enable caching of ripple data to redis.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.redis.host
Ripple data api redis host.
Type:
"string"
Default:
"localhost"
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.redis.port
Ripple data api redis port.
Type:
"integer"
Default:
5984
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippleDataApi.rippleds
List of rippleds to be used by ripple data api.
Type:
"list of strings"
Default:
[
"http://s_east.ripple.com:51234" "http://s_west.ripple.com:51234"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/ripple-data-api.nix>
|
services.rippled.databasePath
Path to the ripple database.
Type:
"path"
Default:
"/var/lib/rippled/db"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.enable
Whether to enable Whether to enable rippled.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.extraConfig
Extra lines to be added verbatim to the rippled.cfg configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.fetchDepth
The number of past ledgers to serve to other peers that request historical ledger data (or "full" for no limit).
Type:
"integer or one of full"
Default:
"full"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.importDb
Settings for performing a one-time import.
Type:
"null or submodule"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.importDb.advisoryDelete
If set, then require administrative RPC call "can_delete" to enable online deletion of ledger records.
Type:
"null or boolean"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.importDb.compression
Whether to enable snappy compression.
Type:
"null or boolean"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.importDb.extraOpts
Extra database options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.importDb.onlineDelete
Enable automatic purging of older ledger information.
Type:
"null or integer"
Default:
1296000
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.importDb.path
Location to store the database.
Type:
"path"
Default:
"/var/lib/rippled/db"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.importDb.type
Rippled database type.
Type:
"one of rocksdb, nudb, sqlite"
Default:
"rocksdb"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ips
List of hostnames or ips where the Ripple protocol is served. For a starter list, you can either copy entries from: https://ripple.com/ripple.txt or if you prefer you can let it default to r.ripple.com 51235 A port may optionally be specified after adding a space to the address. By convention, if known, IPs are listed in from most to least trusted.
Type:
"list of strings"
Default:
[
"r.ripple.com 51235"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ipsFixed
List of IP addresses or hostnames to which rippled should always attempt to maintain peer connections with. This is useful for manually forming private networks, for example to configure a validation server that connects to the Ripple network through a public-facing server, or for building a set of cluster peers. A port may optionally be specified after adding a space to the address
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ledgerHistory
The number of past ledgers to acquire on server startup and the minimum to maintain while running.
Type:
"integer or one of full"
Default:
1296000
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.logLevel
Logging verbosity.
Type:
"one of debug, error, info"
Default:
"error"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.nodeDb
Rippled main database options.
Type:
"null or submodule"
Default:
{
extraOpts = " open_files=2000\n filter_bits=12\n cache_mb=256\n file_size_pb=8\n file_size_mult=2;\n "; type = "rocksdb";
}
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.nodeDb.advisoryDelete
If set, then require administrative RPC call "can_delete" to enable online deletion of ledger records.
Type:
"null or boolean"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.nodeDb.compression
Whether to enable snappy compression.
Type:
"null or boolean"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.nodeDb.extraOpts
Extra database options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.nodeDb.onlineDelete
Enable automatic purging of older ledger information.
Type:
"null or integer"
Default:
1296000
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.nodeDb.path
Location to store the database.
Type:
"path"
Default:
"/var/lib/rippled/db"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.nodeDb.type
Rippled database type.
Type:
"one of rocksdb, nudb, sqlite"
Default:
"rocksdb"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.nodeSize
Rippled size of the node you are running. "tiny", "small", "medium", "large", and "huge"
Type:
"one of tiny, small, medium, large, huge"
Default:
"small"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports
Ports exposed by rippled
Type:
"attribute set of submodules"
Default:
{
peer =
{
ip = "0.0.0.0"; port = 51235; protocol =
[
"peer"
]
;
}
; rpc =
{
admin = true; port = 5005; protocol =
[
"http"
]
;
}
; ws_public =
{
ip = "0.0.0.0"; port = 5006; protocol =
[
"ws" "wss"
]
;
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.admin
Controls whether or not administrative commands are allowed.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.ip
Ip where rippled listens.
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.password
When set, these credentials will be required on HTTP/S requests.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.port
Port where rippled listens.
Type:
"integer"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.protocol
Protocols expose by rippled.
Type:
"list of one of http, https, ws, wss, peers"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.ssl.cert
Specifies the path to the SSL certificate file in PEM format. This is not needed if the chain includes it.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.ssl.chain
If you need a certificate chain, specify the path to the certificate chain here. The chain may include the end certificate.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.ssl.key
Specifies the filename holding the SSL key in PEM format.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.ports.<name>.user
When set, these credentials will be required on HTTP/S requests.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.sntpServers
IP address or domain of NTP servers to use for time synchronization.;
Type:
"list of strings"
Default:
[
"time.windows.com" "time.apple.com" "time.nist.gov" "pool.ntp.org"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.tempDb
Rippled temporary database options.
Type:
"null or submodule"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.tempDb.advisoryDelete
If set, then require administrative RPC call "can_delete" to enable online deletion of ledger records.
Type:
"null or boolean"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.tempDb.compression
Whether to enable snappy compression.
Type:
"null or boolean"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.tempDb.extraOpts
Extra database options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.tempDb.onlineDelete
Enable automatic purging of older ledger information.
Type:
"null or integer"
Default:
1296000
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.tempDb.path
Location to store the database.
Type:
"path"
Default:
"/var/lib/rippled/db"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.tempDb.type
Rippled database type.
Type:
"one of rocksdb, nudb, sqlite"
Default:
"rocksdb"
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.validationQuorum
The minimum number of trusted validations a ledger must have before the server considers it fully validated.
Type:
"integer"
Default:
3
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rippled.validators
List of nodes to always accept as validators. Nodes are specified by domain or public key.
Type:
"list of strings"
Default:
[
"n949f75evCHwgyP4fPVgaHqNHxUVN15PsJEZ3B3HnXPcPjcZAoy7 RL1" "n9MD5h24qrQqiyBC8aeqqCWvpiBiYQ3jxSr91uiDvmrkyHRdYLUj RL2" "n9L81uNCaPgtUJfaHh89gmdvXKAmSt5Gdsw2g1iPWaPkAHW5Nm4C RL3" "n9KiYM9CgngLvtRCQHZwgC2gjpdaZcCcbt3VboxiNFcKuwFVujzS RL4" "n9LdgEtkmGB9E2h3K4Vp7iGUaKuq23Zr32ehxiU8FWY7xoxbWTSA RL5"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/rippled.nix>
|
services.rogue.enable
Whether to enable the Rogue game on one of the virtual consoles.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/rogue.nix>
|
services.rogue.tty
Virtual console on which to run Rogue.
Type:
"string"
Default:
"tty9"
Declared by:
<nixpkgs/nixos/modules/services/misc/rogue.nix>
|
services.rpcbind.enable
Whether to enable `rpcbind', an ONC RPC directory service notably used by NFS and NIS, and which can be queried using the rpcinfo(1) command. `rpcbind` is a replacement for `portmap`.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/rpcbind.nix>
|
services.rsnapshot.cronIntervals
Periodicity at which intervals should be run by cron. Note that the intervals also have to exist in configuration as retain options.
Type:
"attribute set of strings"
Default:
{
}
Example:
{
daily = "50 21 * * *"; hourly = "0 * * * *";
}
Declared by:
<nixpkgs/nixos/modules/services/backup/rsnapshot.nix>
|
services.rsnapshot.enable
Whether to enable rsnapshot backups.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/backup/rsnapshot.nix>
|
services.rsnapshot.extraConfig
rsnapshot configuration option in addition to the defaults from rsnapshot and this module. Note that tabs are required to separate option arguments, and directory names require trailing slashes. The "extra" in the option name might be a little misleading right now, as it is required to get a functional configuration.
Type:
"string"
Default:
""
Example:
'' retains hourly 24 retain daily 365 backup /home/ localhost/ ''
Declared by:
<nixpkgs/nixos/modules/services/backup/rsnapshot.nix>
|
services.rsyncd.address
IP address the daemon will listen on; rsyncd will listen on all addresses if this is not specified.
Type:
"unspecified"
Default:
""
Example:
"192.168.1.2"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/rsyncd.nix>
|
services.rsyncd.enable
Whether to enable the rsync daemon.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/rsyncd.nix>
|
services.rsyncd.extraConfig
Lines of configuration to add to rsyncd globally. See man rsyncd.conf for options.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/rsyncd.nix>
|
services.rsyncd.modules
A set describing exported directories. See man rsyncd.conf for options.
Type:
"attribute set of attribute set of stringss"
Default:
{
}
Example:
{
srv =
{
comment = "Public rsync share."; path = "/srv"; read only = "yes";
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/rsyncd.nix>
|
services.rsyncd.motd
Message of the day to display to clients on each connect. This usually contains site information and any legal notices.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/rsyncd.nix>
|
services.rsyncd.port
TCP port the daemon will listen on.
Type:
"integer"
Default:
873
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/rsyncd.nix>
|
services.rsyslogd.defaultConfig
The default syslog.conf
file configures a
fairly standard setup of log files, which can be extended by
means of extraConfig
.
Type:
"string"
Default:
'' # "local1" is used for dhcpd messages. local1.* -/var/log/dhcpd mail.* -/var/log/mail *.=warning;*.=err -/var/log/warn *.crit /var/log/warn *.*;mail.none;local1.none -/var/log/messages ''
Declared by:
<nixpkgs/nixos/modules/services/logging/rsyslogd.nix>
|
services.rsyslogd.enable
Whether to enable syslogd. Note that systemd also logs syslog messages, so you normally don't need to run syslogd.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/rsyslogd.nix>
|
services.rsyslogd.extraConfig
Additional text appended to syslog.conf
,
i.e. the contents of defaultConfig
.
Type:
"string"
Default:
""
Example:
"news.* -/var/log/news"
Declared by:
<nixpkgs/nixos/modules/services/logging/rsyslogd.nix>
|
services.rsyslogd.extraParams
Additional parameters passed to rsyslogd.
Type:
"list of strings"
Default:
[
]
Example:
[
"-m 0"
]
Declared by:
<nixpkgs/nixos/modules/services/logging/rsyslogd.nix>
|
services.sabnzbd.configFile
Path to config file. (You need to create this file yourself!)
Type:
"unspecified"
Default:
"/var/sabnzbd/sabnzbd.ini"
Declared by:
<nixpkgs/nixos/modules/services/networking/sabnzbd.nix>
|
services.sabnzbd.enable
Whether to enable the sabnzbd FTP server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/sabnzbd.nix>
|
services.samba.configText
Verbatim contents of smb.conf. If null (default), use the autogenerated file from NixOS instead.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/samba.nix>
|
services.samba.enable
Whether to enable Samba, which provides file and print services to Windows clients through the SMB/CIFS protocol.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/samba.nix>
|
services.samba.extraConfig
Additional global section and extra section lines go in here.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/samba.nix>
|
services.samba.invalidUsers
List of users who are denied to login via Samba.
Type:
"list of strings"
Default:
[
"root"
]
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/samba.nix>
|
services.samba.nsswins
Whether to enable the WINS NSS (Name Service Switch) plug-in. Enabling it allows applications to resolve WINS/NetBIOS names (a.k.a. Windows machine names) by transparently querying the winbindd daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/samba.nix>
|
services.samba.securityType
Samba security type
Type:
"string"
Default:
"user"
Example:
"share"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/samba.nix>
|
services.samba.shares
A set describing shared resources. See man smb.conf for options.
Type:
"attribute set of attribute set of unspecifiedss"
Default:
{
}
Example:
{
srv =
{
comment = "Public samba share."; path = "/srv"; read only = "yes";
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/samba.nix>
|
services.samba.syncPasswordsByPam
Enabling this will add a line directly after pam_unix.so. Whenever a password is changed the samba password will be updated as well. However you still yave to add the samba password once using smbpasswd -a user If you don't want to maintain an extra pwd database you still can send plain text passwords which is not secure.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/samba.nix>
|
services.scollector.bosunHost
Host and port of the bosun server that will store the collected data.
Type:
"string"
Default:
"localhost:8070"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/scollector.nix>
|
services.scollector.collectors
An attribute set mapping the frequency of collection to a list of binaries that should be executed at that frequency. You can use "0" to run a binary forever.
Type:
"attribute set"
Default:
{
}
Example:
{ 0 = [ "${postgresStats}/bin/collect-stats" ]; }
Declared by:
<nixpkgs/nixos/modules/services/monitoring/scollector.nix>
|
services.scollector.enable
Whether to run scollector.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/scollector.nix>
|
services.scollector.extraOpts
Extra scollector command line options
Type:
"list of strings"
Default:
[
]
Example:
[
"-d"
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/scollector.nix>
|
services.scollector.group
Group account under which scollector runs.
Type:
"string"
Default:
"scollector"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/scollector.nix>
|
services.scollector.user
User account under which scollector runs.
Type:
"string"
Default:
"scollector"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/scollector.nix>
|
services.searx.configFile
The path of the Searx server configuration file. If no file is specified, a default file is used (default config file has debug mode enabled).
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/searx.nix>
|
services.searx.enable
Whether to enable the Searx server. See https://github.com/asciimoo/searx
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/searx.nix>
|
services.seeks.confDir
The Seeks server configuration. If it is not specified, a default configuration is used (/nix/store/ginb3s4q3v3zhc7l6wsm4bs9swfmlnyv-seeks-0.4.1/etc/seeks).
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/seeks.nix>
|
services.seeks.enable
Whether to enable the Seeks server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/seeks.nix>
|
services.siproxd.enable
Whether to enable the Siproxd SIP proxy/masquerading daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.extraConfig
Extra configuration to add to siproxd configuration.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.hostsAllowReg
Acess control list for incoming SIP registrations.
Type:
"list of strings"
Default:
[
]
Example:
[
"192.168.1.0/24" "192.168.2.0/24"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.hostsAllowSip
Acess control list for incoming SIP traffic.
Type:
"list of strings"
Default:
[
]
Example:
[
"123.45.0.0/16" "123.46.0.0/16"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.hostsDenySip
Acess control list for denying incoming SIP registrations and traffic.
Type:
"list of strings"
Default:
[
]
Example:
[
"10.0.0.0/8" "11.0.0.0/8"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.ifInbound
Local network interface
Type:
"string"
Example:
"eth0"
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.ifOutbound
Public network interface
Type:
"string"
Example:
"ppp0"
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.passwordFile
Path to per-user password file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.rtpDscp
DSCP (differentiated services) value to be assigned to RTP packets. Allows QOS aware routers to handle different types traffic with different priorities.
Type:
"integer"
Default:
46
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.rtpPortHigh
Top of UDP port range for incoming and outgoing RTP traffic
Type:
"integer"
Default:
7089
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.rtpPortLow
Bottom of UDP port range for incoming and outgoing RTP traffic
Type:
"integer"
Default:
7070
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.rtpTimeout
Timeout for an RTP stream. If for the specified number of seconds no data is relayed on an active stream, it is considered dead and will be killed.
Type:
"integer"
Default:
300
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.sipDscp
DSCP (differentiated services) value to be assigned to SIP packets. Allows QOS aware routers to handle different types traffic with different priorities.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.siproxd.sipListenPort
Port to listen for incoming SIP messages.
Type:
"integer"
Default:
5060
Declared by:
<nixpkgs/nixos/modules/services/misc/siproxd.nix>
|
services.sitecopy.backups
List of attributesets describing the backups.
Username/password are extracted from /var/spool/sitecopy/sitecopy.secrets
at activation
time. The secrets file lines should have the following structure:
server username password
Type:
"unspecified"
Default:
[
]
Example:
[
{
https = true; local = "/tmp/backup"; name = "test"; protocol = "webdav"; remote = "/staff-groups/ewi/st/strategoxt/backup/test"; server = "webdata.tudelft.nl"; symlinks = "maintain";
}
]
Declared by:
<nixpkgs/nixos/modules/services/backup/sitecopy-backup.nix>
|
services.sitecopy.enable
Whether to enable sitecopy backups of specified directories.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/sitecopy-backup.nix>
|
services.sitecopy.period
This option defines (in the format used by cron) when the sitecopy backup are being run. The default is to update at 04:15 (at night) every day.
Type:
"unspecified"
Default:
"15 04 * * *"
Declared by:
<nixpkgs/nixos/modules/services/backup/sitecopy-backup.nix>
|
services.slurm.client.enable
Whether to enable slurm rlient daemon.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/computing/slurm/slurm.nix>
|
services.slurm.controlAddr
Name that ControlMachine should be referred to in establishing a communications path.
Type:
"null or string"
Default:
null
Example:
null
Declared by:
<nixpkgs/nixos/modules/services/computing/slurm/slurm.nix>
|
services.slurm.controlMachine
The short hostname of the machine where SLURM control functions are executed (i.e. the name returned by the command "hostname -s", use "tux001" rather than "tux001.my.com").
Type:
"null or string"
Default:
null
Example:
null
Declared by:
<nixpkgs/nixos/modules/services/computing/slurm/slurm.nix>
|
services.slurm.extraConfig
Extra configuration options that will be added verbatim at the end of the slurm configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/computing/slurm/slurm.nix>
|
services.slurm.nodeName
Name that SLURM uses to refer to a node (or base partition for BlueGene systems). Typically this would be the string that "/bin/hostname -s" returns. Note that now you have to write node's parameters after the name.
Type:
"null or string"
Default:
null
Example:
"linux[1-32] CPUs=1 State=UNKNOWN"
Declared by:
<nixpkgs/nixos/modules/services/computing/slurm/slurm.nix>
|
services.slurm.partitionName
Name by which the partition may be referenced. Note that now you have to write patrition's parameters after the name.
Type:
"null or string"
Default:
null
Example:
"debug Nodes=linux[1-32] Default=YES MaxTime=INFINITE State=UP"
Declared by:
<nixpkgs/nixos/modules/services/computing/slurm/slurm.nix>
|
services.slurm.server.enable
Whether to enable slurm control daemon.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/computing/slurm/slurm.nix>
|
services.smartd.deviceOpts
Additional options for each device that is monitored. The example turns on SMART Automatic Offline Testing on startup, and schedules short self-tests daily, and long self-tests weekly.
Type:
"string"
Default:
""
Example:
"-o on -s (S/../.././02|L/../../7/04)"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/smartd.nix>
|
services.smartd.devices
List of devices to monitor. By default -- if this list is empty --, smartd will monitor all devices connected to the machine at the time it's being run. Configuring this option has the added benefit of enabling e-mail notifications to "root" every time smartd detects an error.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
device = "/dev/sda";
}
{
device = "/dev/sdb"; options = "-d sat";
}
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/smartd.nix>
|
services.smartd.devices.*.device
Location of the device.
Type:
"string"
Example:
"/dev/sda"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/smartd.nix>
|
services.smartd.devices.*.options
Options that determine how smartd monitors the device.
Type:
"string"
Default:
""
Example:
"-d sat"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/smartd.nix>
|
services.smartd.enable
Run smartd from the smartmontools package. Note that e-mail
notifications will not be enabled unless you configure the list of
devices with services.smartd.devices
as well.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/monitoring/smartd.nix>
|
services.solr.enable
Enables the solr service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/search/solr.nix>
|
services.solr.extraJars
List of paths pointing to jars. Jars are copied to commonLibFolder to be available to java/solr.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/search/solr.nix>
|
services.solr.extraJavaOptions
Extra command line options given to the java process running solr.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/search/solr.nix>
|
services.solr.extraWinstoneOptions
Extra command line options given to the Winstone, which is the servlet container hosting solr.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/search/solr.nix>
|
services.solr.group
The group that will own the working directory.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/search/solr.nix>
|
services.solr.log4jConfiguration
Contents of the log4j.properties
used. By default,
everything is logged to stdout (picked up by systemd) with level INFO.
Type:
"string"
Default:
'' log4j.rootLogger=INFO, stdout log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.Target=System.out log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n ''
Declared by:
<nixpkgs/nixos/modules/services/search/solr.nix>
|
services.solr.solrHome
The solr home directory. It is your own responsibility to make sure this directory contains a working solr configuration, and is writeable by the the user running the solr service. Failing to do so, the solr will not start properly.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/search/solr.nix>
|
services.solr.user
The user that should run the solr process and. the working directories.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/search/solr.nix>
|
services.spamassassin.debug
Whether to run the SpamAssassin daemon in debug mode.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/spamassassin.nix>
|
services.spamassassin.enable
Whether to run the SpamAssassin daemon.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/mail/spamassassin.nix>
|
services.spiped.config
Configuration for a secure pipe daemon. The daemon can be
started, stopped, or examined using
systemctl
, under the name
spiped@foo
.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{ pipe1 = { keyfile = "/var/lib/spiped/pipe1.key"; encrypt = true; source = "localhost:6000"; target = "endpoint.example.com:7000"; }; pipe2 = { keyfile = "/var/lib/spiped/pipe2.key"; decrypt = true; source = "0.0.0.0:7000"; target = "localhost:3000"; }; }
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.decrypt
Take encrypted connections from the
source
socket and send unencrypted
connections to the target
socket.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.disableKeepalives
Disable transport layer keep-alives.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.disableReresolution
Disable target address re-resolution.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.encrypt
Take unencrypted connections from the
source
socket and send encrypted
connections to the target
socket.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.keyfile
Name of a file containing the spiped key. As the
daemon runs as the spiped
user, the
key file must be somewhere owned by that user. By
default, we recommend putting the keys for any spipe
services in /var/lib/spiped
.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.maxConns
Limit on the number of simultaneous connections allowed.
Type:
"integer"
Default:
100
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.resolveRefresh
Resolution refresh time for the target socket, in seconds.
Type:
"integer"
Default:
60
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.source
Address on which spiped should listen for incoming
connections. Must be in one of the following formats:
/absolute/path/to/unix/socket
,
host.name:port
,
[ip.v4.ad.dr]:port
or
[ipv6::addr]:port
- note that
hostnames are resolved when spiped is launched and are
not re-resolved later; thus if DNS entries change
spiped will continue to connect to the expired
address.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.target
Address to which spiped should connect.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.timeout
Timeout, in seconds, after which an attempt to connect to the target or a protocol handshake will be aborted (and the connection dropped) if not completed
Type:
"integer"
Default:
5
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.waitForDNS
Wait for DNS. Normally when spiped
is
launched it resolves addresses and binds to its source
socket before the parent process returns; with this option
it will daemonize first and retry failed DNS lookups until
they succeed. This allows spiped
to
launch even if DNS isn't set up yet, but at the expense of
losing the guarantee that once spiped
has
finished launching it will be ready to create pipes.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.config.<name>.weakHandshake
Use fast/weak handshaking: This reduces the CPU time spent in the initial connection setup, at the expense of losing perfect forward secrecy.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.spiped.enable
Enable the spiped service module.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/spiped.nix>
|
services.sshd.enable
Alias of services.openssh.enable
.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/rename.nix>
|
services.sslh.appendConfig
Verbatim configuration file.
Type:
"string"
Default:
'' protocols: ( { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; probe: "builtin"; }, { name: "openvpn"; host: "localhost"; port: "1194"; probe: "builtin"; }, { name: "xmpp"; host: "localhost"; port: "5222"; probe: "builtin"; }, { name: "http"; host: "localhost"; port: "80"; probe: "builtin"; }, { name: "ssl"; host: "localhost"; port: "443"; probe: "builtin"; }, { name: "anyprot"; host: "localhost"; port: "443"; probe: "builtin"; } ); ''
Declared by:
<nixpkgs/nixos/modules/services/networking/sslh.nix>
|
services.sslh.enable
Whether to enable sslh.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/sslh.nix>
|
services.sslh.host
Listening hostname.
Type:
"string"
Default:
"nixos"
Declared by:
<nixpkgs/nixos/modules/services/networking/sslh.nix>
|
services.sslh.pidfile
PID file path for sslh daemon.
Type:
"path"
Default:
"/run/sslh.pid"
Declared by:
<nixpkgs/nixos/modules/services/networking/sslh.nix>
|
services.sslh.port
Listening port.
Type:
"integer"
Default:
443
Declared by:
<nixpkgs/nixos/modules/services/networking/sslh.nix>
|
services.sslh.timeout
Timeout in seconds.
Type:
"integer"
Default:
2
Declared by:
<nixpkgs/nixos/modules/services/networking/sslh.nix>
|
services.sslh.verbose
Verbose logs.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/sslh.nix>
|
services.statsd.backends
List of backends statsd will use for data persistence
Type:
"list of string or derivations"
Default:
[
"graphite"
]
Example:
[
"graphite"
(build of nodejs-statsd-influxdb-backend-0.4.0)
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.statsd.enable
Whether to enable statsd stats aggregation service
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.statsd.extraConfig
Extra configuration options for statsd
Type:
"null or string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.statsd.graphiteHost
Hostname or IP of Graphite server
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.statsd.graphitePort
Port of Graphite server (i.e. carbon-cache).
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.statsd.host
Address that statsd listens on over UDP
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.statsd.mgmt_address
Address to run management TCP interface on
Type:
"string"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.statsd.mgmt_port
Port to run the management TCP interface on
Type:
"integer"
Default:
8126
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.statsd.port
Port that stats listens for messages on over UDP
Type:
"integer"
Default:
8125
Declared by:
<nixpkgs/nixos/modules/services/monitoring/statsd.nix>
|
services.strongswan.ca
A set of CAs (certification authorities) and their options for
the ‘ca xxx’ sections of the ipsec.conf
file.
Type:
"attribute set of attribute set of stringss"
Default:
{
}
Example:
{
strongswan =
{
auto = "add"; cacert = "/run/keys/strongswanCert.pem"; crluri = "http://crl2.strongswan.org/strongswan.crl";
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/strongswan.nix>
|
services.strongswan.connections
A set of connections and their options for the ‘conn xxx’
sections of the ipsec.conf
file.
Type:
"attribute set of attribute set of stringss"
Default:
{
}
Example:
{
%default =
{
keyexchange = "ikev2"; keyingtries = "1";
}
; roadwarrior =
{
auto = "add"; leftcert = "/run/keys/moonCert.pem"; leftid = "@moon.strongswan.org"; leftsubnet = "10.1.0.0/16"; right = "%any";
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/strongswan.nix>
|
services.strongswan.enable
Whether to enable strongSwan.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/strongswan.nix>
|
services.strongswan.secrets
A list of paths to IPSec secret files. These
files will be included into the main ipsec.secrets file with
the include
directive. It is safer if these
paths are absolute.
Type:
"list of paths"
Default:
[
]
Example:
[
"/run/keys/ipsec-foo.secret"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/strongswan.nix>
|
services.strongswan.setup
A set of options for the ‘config setup’ section of the
ipsec.conf
file. Defines general
configuration parameters.
Type:
"attribute set of strings"
Default:
{
}
Example:
{
cachecrls = "yes"; strictcrlpolicy = "yes";
}
Declared by:
<nixpkgs/nixos/modules/services/networking/strongswan.nix>
|
services.supybot.configFile
Path to a supybot config file. This can be generated by running supybot-wizard. Note: all paths should include the full path to the stateDir directory (backup conf data logs logs/plugins plugins tmp web).
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/services/networking/supybot.nix>
|
services.supybot.enable
Enable Supybot, an IRC bot
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/supybot.nix>
|
services.supybot.stateDir
The root directory, logs and plugins are stored here
Type:
"unspecified"
Default:
"/home/supybot"
Declared by:
<nixpkgs/nixos/modules/services/networking/supybot.nix>
|
services.svnserve.enable
Whether to enable svnserve to serve Subversion repositories through the SVN protocol.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/svnserve.nix>
|
services.svnserve.svnBaseDir
Base directory from which Subversion repositories are accessed.
Type:
"unspecified"
Default:
"/repos"
Declared by:
<nixpkgs/nixos/modules/services/misc/svnserve.nix>
|
services.syncthing.dataDir
Path where the `.syncthing` (settings and keys) and `Sync` (your synced files) directories will exist. This can be your home directory.
Type:
"unspecified"
Default:
"/var/lib/syncthing"
Declared by:
<nixpkgs/nixos/modules/services/networking/syncthing.nix>
|
services.syncthing.enable
Whether to enable the Syncthing, self-hosted open-source alternative to Dropbox and BittorrentSync. Initial interface will be available on http://127.0.0.1:8080/.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/syncthing.nix>
|
services.syncthing.user
Syncthing will be run under this user (user must exist, this can be your user name).
Type:
"unspecified"
Default:
"syncthing"
Declared by:
<nixpkgs/nixos/modules/services/networking/syncthing.nix>
|
services.synergy.client.autoStart
Whether the Synergy client should be started automatically.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.synergy.client.enable
Whether to enable the Synergy client (receive keyboard and mouse events from a Synergy server).
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.synergy.client.screenName
Use the given name instead of the hostname to identify ourselves to the server.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.synergy.client.serverAddress
The server address is of the form: [hostname][:port]. The hostname must be the address or hostname of the server. The port overrides the default port, 24800.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.synergy.server.address
Address on which to listen for clients.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.synergy.server.autoStart
Whether the Synergy server should be started automatically.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.synergy.server.configFile
The Synergy server configuration file.
Type:
"unspecified"
Default:
"/etc/synergy-server.conf"
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.synergy.server.enable
Whether to enable the Synergy server (send keyboard and mouse events).
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.synergy.server.screenName
Use the given name instead of the hostname to identify this screen in the configuration.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/synergy.nix>
|
services.syslog-ng.configHeader
The very first lines of the configuration file. Should usually contain the syslog-ng version header.
Type:
"string"
Default:
'' @version: 3.6 @include "scl.conf" ''
Declared by:
<nixpkgs/nixos/modules/services/logging/syslog-ng.nix>
|
services.syslog-ng.enable
Whether to enable the syslog-ng daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/syslog-ng.nix>
|
services.syslog-ng.extraConfig
Configuration added to the end of syslog-ng.conf
.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/logging/syslog-ng.nix>
|
services.syslog-ng.extraModulePaths
A list of paths that should be included in syslog-ng's
--module-path
option. They should usually
end in /lib/syslog-ng
Type:
"list of strings"
Default:
[
]
Example:
[ "${pkgs.syslogng_incubator}/lib/syslog-ng" ]
Declared by:
<nixpkgs/nixos/modules/services/logging/syslog-ng.nix>
|
services.syslogd.defaultConfig
The default syslog.conf
file configures a
fairly standard setup of log files, which can be extended by
means of extraConfig
.
Type:
"string"
Default:
'' # Send emergency messages to all users. *.emerg * # "local1" is used for dhcpd messages. local1.* -/var/log/dhcpd mail.* -/var/log/mail *.=warning;*.=err -/var/log/warn *.crit /var/log/warn *.*;mail.none;local1.none -/var/log/messages ''
Declared by:
<nixpkgs/nixos/modules/services/logging/syslogd.nix>
|
services.syslogd.enable
Whether to enable syslogd. Note that systemd also logs syslog messages, so you normally don't need to run syslogd.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/syslogd.nix>
|
services.syslogd.enableNetworkInput
Accept logging through UDP. Option -r of syslogd(8).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/logging/syslogd.nix>
|
services.syslogd.extraConfig
Additional text appended to syslog.conf
,
i.e. the contents of defaultConfig
.
Type:
"string"
Default:
""
Example:
"news.* -/var/log/news"
Declared by:
<nixpkgs/nixos/modules/services/logging/syslogd.nix>
|
services.syslogd.extraParams
Additional parameters passed to syslogd.
Type:
"list of strings"
Default:
[
]
Example:
[
"-m 0"
]
Declared by:
<nixpkgs/nixos/modules/services/logging/syslogd.nix>
|
services.syslogd.tty
The tty device on which syslogd will print important log messages. Leave this option blank to disable tty logging.
Type:
"string"
Default:
"tty10"
Declared by:
<nixpkgs/nixos/modules/services/logging/syslogd.nix>
|
services.systemhealth.drives
Drives to monitor.
Type:
"unspecified"
Default:
[
]
Example:
[
{
name = "root"; path = "/";
}
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/systemhealth.nix>
|
services.systemhealth.enable
Enable the system health monitor and its generation of graphs.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/systemhealth.nix>
|
services.systemhealth.interfaces
Interfaces to monitor (minimum one).
Type:
"unspecified"
Default:
[
"lo"
]
Example:
[
"lo" "eth0" "eth1"
]
Declared by:
<nixpkgs/nixos/modules/services/monitoring/systemhealth.nix>
|
services.systemhealth.urlPrefix
The URL prefix under which the System Health web pages appear in httpd.
Type:
"unspecified"
Default:
"/health"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/systemhealth.nix>
|
services.tarsnap.archives
Tarsnap archive configurations. Each attribute names an archive
to be created at a given time interval, according to the options
associated with it. When uploading to the tarsnap server,
archive names are suffixed by a 1 second resolution timestamp.
For each member of the set is created a timer which triggers the
instanced tarsnap@
service unit. You may use
systemctl start tarsnap@archive-name to
manually trigger creation of archive-name
at
any time.
Type:
"attribute set of submodules"
Default:
{
}
Example:
{ nixos = { directories = [ "/home" "/root/ssl" ]; }; gamedata = { directories = [ "/var/lib/minecraft "]; period = "*:30"; }; }
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.aggressiveNetworking
Upload data over multiple TCP connections, potentially increasing tarsnap's bandwidth utilisation at the cost of slowing down all other network traffic. Not recommended unless TCP congestion is the dominant limiting factor.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.checkpointBytes
Create a checkpoint every checkpointBytes
of uploaded data (optionally specified using an SI prefix).
1GB is the minimum value. A higher value is recommended,
as checkpointing is expensive.
Set to null
to disable checkpointing.
Type:
"null or string"
Default:
"1GB"
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.directories
List of filesystem paths to archive.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.excludes
Exclude files and directories matching these patterns.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.includes
Include only files and directories matching these patterns (the empty list includes everything). Exclusions have precedence over inclusions.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.lowmem
Reduce memory consumption by not caching small files. Possibly beneficial if the average file size is smaller than 1 MB and the number of files is lower than the total amount of RAM in KB.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.maxbw
Abort archival if upstream bandwidth usage in bytes exceeds this threshold.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.maxbwRateDown
Download bandwidth rate limit in bytes.
Type:
"null or integer"
Default:
null
Example:
50 * 1000
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.maxbwRateUp
Upload bandwidth rate limit in bytes.
Type:
"null or integer"
Default:
null
Example:
25 * 1000
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.nodump
Exclude files with the nodump
flag.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.period
Create archive at this interval. The format is described in systemd.time(7).
Type:
"string"
Default:
"01:15"
Example:
"hourly"
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.printStats
Print global archive statistics upon completion. The output is available via systemctl status tarsnap@archive-name.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.archives.<name>.verylowmem
Reduce memory consumption by a factor of 2 beyond what
lowmem
does, at the cost of significantly
slowing down the archiving process.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.cachedir
The cache allows tarsnap to identify previously stored data
blocks, reducing archival time and bandwidth usage.
Should the cache become desynchronized or corrupted, tarsnap
will refuse to run until you manually rebuild the cache with
tarsnap --fsck.
Set to null
to disable caching.
Type:
"null or path"
Default:
"/var/cache/tarsnap"
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.enable
Enable periodic tarsnap backups.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tarsnap.keyfile
The keyfile which associates this machine with your tarsnap account. Create the keyfile with tarsnap-keygen. The keyfile name should be given as a string and not a path, to avoid the key being copied into the Nix store.
Type:
"string"
Default:
"/root/tarsnap.key"
Declared by:
<nixpkgs/nixos/modules/services/backup/tarsnap.nix>
|
services.tcsd.conformanceCred
Path to the conformance credential for your TPM. See also the platformCred option
Type:
"path"
Default:
"/var/lib/tpm/conformance.cert"
Declared by:
<nixpkgs/nixos/modules/services/hardware/tcsd.nix>
|
services.tcsd.enable
Whether to enable tcsd, a Trusted Computing management service that provides TCG Software Stack (TSS). The tcsd daemon is the only portal to the Trusted Platform Module (TPM), a hardware chip on the motherboard.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/tcsd.nix>
|
services.tcsd.endorsementCred
Path to the endorsement credential for your TPM. See also the platformCred option
Type:
"path"
Default:
"/var/lib/tpm/endorsement.cert"
Declared by:
<nixpkgs/nixos/modules/services/hardware/tcsd.nix>
|
services.tcsd.group
Group account under which tcsd runs.
Type:
"string"
Default:
"tss"
Declared by:
<nixpkgs/nixos/modules/services/hardware/tcsd.nix>
|
services.tcsd.platformCred
Path to the platform credential for your TPM. Your TPM manufacturer may have provided you with a set of credentials (certificates) that should be used when creating identities using your TPM. When a user of your TPM makes an identity, this credential will be encrypted as part of that process. See the 1.1b TPM Main specification section 9.3 for information on this process.
Type:
"path"
Default:
"/var/lib/tpm/platform.cert"
Declared by:
<nixpkgs/nixos/modules/services/hardware/tcsd.nix>
|
services.tcsd.stateDir
The location of the system persistent storage file. The system persistent storage file holds keys and data across restarts of the TCSD and system reboots.
Type:
"path"
Default:
"/var/lib/tpm"
Declared by:
<nixpkgs/nixos/modules/services/hardware/tcsd.nix>
|
services.tcsd.user
User account under which tcsd runs.
Type:
"string"
Default:
"tss"
Declared by:
<nixpkgs/nixos/modules/services/hardware/tcsd.nix>
|
services.teamspeak3.dataDir
Directory to store TS3 database and other state/data files.
Type:
"path"
Default:
"/var/lib/teamspeak3-server"
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamspeak3.defaultVoicePort
Default UDP port for clients to connect to virtual servers - used for first virtual server, subsequent ones will open on incrementing port numbers by default.
Type:
"integer"
Default:
9987
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamspeak3.enable
Whether to run the Teamspeak3 voice communication server daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamspeak3.fileTransferIP
IP on which the server instance will listen for incoming file transfer connections. Defaults to any IP.
Type:
"string"
Default:
"0.0.0.0"
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamspeak3.fileTransferPort
TCP port opened for file transfers.
Type:
"integer"
Default:
30033
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamspeak3.logPath
Directory to store log files in.
Type:
"path"
Default:
"/var/log/teamspeak3-server/"
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamspeak3.queryIP
IP on which the server instance will listen for incoming ServerQuery connections. Defaults to any IP.
Type:
"string"
Default:
"0.0.0.0"
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamspeak3.queryPort
TCP port opened for ServerQuery connections.
Type:
"integer"
Default:
10011
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamspeak3.voiceIP
IP on which the server instance will listen for incoming voice connections. Defaults to any IP.
Type:
"string"
Default:
"0.0.0.0"
Declared by:
<nixpkgs/nixos/modules/services/networking/teamspeak3.nix>
|
services.teamviewer.enable
Whether to enable teamviewer daemon.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/monitoring/teamviewer.nix>
|
services.telepathy.enable
Whether to enable Telepathy service, a communications framework that enables real-time communication via pluggable protocol backends.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/desktops/telepathy.nix>
|
services.tftpd.enable
Whether to enable tftpd, a Trivial File Transfer Protocol server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/tftpd.nix>
|
services.tftpd.path
Where the tftp server files are stored.
Type:
"path"
Default:
"/home/tftp"
Declared by:
<nixpkgs/nixos/modules/services/networking/tftpd.nix>
|
services.thermald.enable
Whether to enable thermald, the temperature management daemon.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/thermald.nix>
|
services.thinkfan.enable
Whether to enable thinkfan, fan controller for ibm/lenovo thinkpads.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/thinkfan.nix>
|
services.thinkfan.sensor
Sensor used by thinkfan
Type:
"unspecified"
Default:
"/proc/acpi/ibm/thermal"
Declared by:
<nixpkgs/nixos/modules/services/hardware/thinkfan.nix>
|
services.timesyncd.enable
Enables the systemd ntp client daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
services.tinc.networks
Defines the tinc networks which will be started. Each network invokes a different daemon.
Type:
"list or attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/networking/tinc.nix>
|
services.tinc.networks.<name?>.debugLevel
The amount of debugging information to add to the log. 0 means little logging while 5 is the most logging. man tincd for more details.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/networking/tinc.nix>
|
services.tinc.networks.<name?>.extraConfig
Extra lines to add to the tinc service configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/tinc.nix>
|
services.tinc.networks.<name?>.hosts
The name of the host in the network as well as the configuration for that host. This name should only contain alphanumerics and underscores.
Type:
"list or attribute set of strings"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/networking/tinc.nix>
|
services.tinc.networks.<name?>.interfaceType
The type of virtual interface used for the network connection
Type:
"string"
Default:
"tun"
Declared by:
<nixpkgs/nixos/modules/services/networking/tinc.nix>
|
services.tinc.networks.<name?>.name
The name of the node which is used as an identifier when communicating with the remote nodes in the mesh. If null then the hostname of the system is used.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/tinc.nix>
|
services.tinc.networks.<name?>.package
The package to use for the tinc daemon's binary.
Type:
"unspecified"
Default:
(build of tinc-1.1pre-2015-03-14)
Declared by:
<nixpkgs/nixos/modules/services/networking/tinc.nix>
|
services.tlp.enable
Whether to enable the TLP daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/tlp.nix>
|
services.tlp.extraConfig
Additional configuration variables for TLP
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/hardware/tlp.nix>
|
services.tlsdated.enable
Enable tlsdated daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/tlsdated.nix>
|
services.tlsdated.extraOptions
Additional command line arguments to pass to tlsdated.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/tlsdated.nix>
|
services.tlsdated.sources
You can list one or more sources to fetch time from.
Type:
"list of submodules"
Default:
[
{
host = "www.ptb.de"; port = 443; proxy = null;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/tlsdated.nix>
|
services.tlsdated.sources.*.host
Remote hostname.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/networking/tlsdated.nix>
|
services.tlsdated.sources.*.port
Remote port.
Type:
"integer"
Declared by:
<nixpkgs/nixos/modules/services/networking/tlsdated.nix>
|
services.tlsdated.sources.*.proxy
The proxy argument expects HTTP, SOCKS4A or SOCKS5 formatted as followed: http://127.0.0.1:8118 socks4a://127.0.0.1:9050 socks5://127.0.0.1:9050 The proxy support should not leak DNS requests and is suitable for use with Tor.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/tlsdated.nix>
|
services.tomcat.axis2.enable
Whether to enable an Apache Axis2 container
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.axis2.services
List containing AAR files or directories with AAR files which are web services to be deployed on Axis2
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.baseDir
Location where Tomcat stores configuration files, webapplications and logfiles
Type:
"unspecified"
Default:
"/var/tomcat"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.catalinaOpts
Parameters to pass to the Java Virtual Machine which spawns the Catalina servlet container
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.commonLibs
List containing JAR files or directories with JAR files which are libraries shared by the web applications and the servlet container
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.enable
Whether to enable Apache Tomcat
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.extraGroups
Defines extra groups to which the tomcat user belongs.
Type:
"unspecified"
Default:
[
]
Example:
[
"users"
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.group
Group account under which Apache Tomcat runs.
Type:
"unspecified"
Default:
"tomcat"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.javaOpts
Parameters to pass to the Java Virtual Machine which spawns Apache Tomcat
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.jdk
Which JDK to use.
Type:
"unspecified"
Default:
(build of )
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.logPerVirtualHost
Whether to enable logging per virtual host.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.sharedLibs
List containing JAR files or directories with JAR files which are libraries shared by the web applications
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.user
User account under which Apache Tomcat runs.
Type:
"unspecified"
Default:
"tomcat"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.virtualHosts
List consisting of a virtual host name and a list of web applications to deploy on each virtual host
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tomcat.webapps
List containing WAR files or directories with WAR files which are web applications to be deployed on Tomcat
Type:
"unspecified"
Default:
[
(build of apache-tomcat-7.0.55)
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/tomcat.nix>
|
services.tor.client.enable
Whether to enable Tor daemon to route application connections. You might want to disable this if you plan running a dedicated Tor relay.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.client.privoxy.enable
Whether to enable and configure the system Privoxy to use Tor's faster port, suitable for HTTP. To have anonymity, protocols need to be scrubbed of identifying information, and this can be accomplished for HTTP by Privoxy. Privoxy can also be useful for KDE torification. A good setup would be: setting SOCKS proxy to the default Tor port, providing maximum circuit isolation where possible; and setting HTTP proxy to Privoxy to route HTTP traffic over faster, but less isolated port.
Type:
"unspecified"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.client.socksListenAddress
Bind to this address to listen for connections from Socks-speaking applications. Provides strong circuit isolation, separate circuit per IP address.
Type:
"string"
Default:
"127.0.0.1:9050"
Example:
"192.168.0.1:9100"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.client.socksListenAddressFaster
Bind to this address to listen for connections from Socks-speaking applications. Same as socksListenAddress but uses weaker circuit isolation to provide performance suitable for a web browser.
Type:
"string"
Default:
"127.0.0.1:9063"
Example:
"192.168.0.1:9101"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.client.socksPolicy
Entry policies to allow/deny SOCKS requests based on IP address. First entry that matches wins. If no SocksPolicy is set, we accept all (and only) requests from SocksListenAddress.
Type:
"null or string"
Default:
null
Example:
"accept 192.168.0.0/16, reject *"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.controlPort
If set, Tor will accept connections on the specified port and allow them to control the tor process.
Type:
"integer"
Default:
0
Example:
9051
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.enable
Enable the Tor daemon. By default, the daemon is run without relay, exit, bridge or client connectivity.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.extraConfig
Extra configuration. Contents will be added verbatim to the configuration file at the end.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.accountingMax
Specify maximum bandwidth allowed during an accounting
period. This allows you to limit overall tor bandwidth
over some time period. See the
AccountingMax
option by looking at the
tor manual (man tor
) for more.
Note this limit applies individually to upload and
download; if you specify "500 GBytes"
here, then you may transfer up to 1 TBytes of overall
bandwidth (500 GB upload, 500 GB download).
Type:
"null or string"
Default:
null
Example:
"450 GBytes"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.accountingStart
Specify length of an accounting period. This allows you to
limit overall tor bandwidth over some time period. See the
AccountingStart
option by looking at
the tor manual (man tor
) for more.
Type:
"null or string"
Default:
null
Example:
"month 1 1:00"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.bandwidthBurst
Specify this to allow bursts of the bandwidth usage of relayed (server) traffic. The average usage will still be as specified in relayBandwidthRate. Your own traffic is still unthrottled. Units: bytes/second.
Type:
"integer"
Default:
0
Example:
200
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.bandwidthRate
Specify this to limit the bandwidth usage of relayed (server) traffic. Your own traffic is still unthrottled. Units: bytes/second.
Type:
"integer"
Default:
0
Example:
100
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.contactInfo
Contact information for the relay owner (e.g. a mail address and GPG key ID).
Type:
"null or string"
Default:
null
Example:
"admin@relay.com"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.enable
Whether to enable relaying TOR traffic for others. See https://www.torproject.org/docs/tor-doc-relay for details.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.exitPolicy
A comma-separated list of exit policies. They're considered first to last, and the first match wins. If you want to _replace_ the default exit policy, end this with either a reject *:* or an accept *:*. Otherwise, you're _augmenting_ (prepending to) the default exit policy. Leave commented to just use the default, which is available in the man page or at https://www.torproject.org/documentation.html Look at https://www.torproject.org/faq-abuse.html#TypicalAbuses for issues you might encounter if you use the default exit policy. If certain IPs and ports are blocked externally, e.g. by your firewall, you should update your exit policy to reflect this -- otherwise Tor users will be told that those destinations are down.
Type:
"null or string"
Default:
null
Example:
"accept *:6660-6667,reject *:*"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.isBridge
Bridge relays (or "bridges") are Tor relays that aren't listed in the main directory. Since there is no complete public list of them, even if an ISP is filtering connections to all the known Tor relays, they probably won't be able to block all the bridges. A bridge relay can't be an exit relay. You need to set relay.enable to true for this option to take effect. The bridge is set up with an obfuscated transport proxy. See https://www.torproject.org/bridges.html.en for more info.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.isExit
An exit relay allows Tor users to access regular Internet services. Unlike running a non-exit relay, running an exit relay may expose you to abuse complaints. See https://www.torproject.org/faq.html.en#ExitPolicies for more info. You can specify which services Tor users may access via your exit relay using exitPolicy option.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.nickname
A unique handle for your TOR relay.
Type:
"string"
Default:
"anonymous"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.relay.portSpec
What port to advertise for Tor connections. This corresponds
to the ORPort
section in the Tor manual; see
man tor
for more details.
At a minimum, you should just specify the port for the
relay to listen on; a common one like 143, 22, 80, or 443
to help Tor users who may have very restrictive port-based
firewalls.
Type:
"string"
Example:
"143"
Declared by:
<nixpkgs/nixos/modules/services/security/tor.nix>
|
services.tor.torsocks.allowInbound
Set Torsocks to accept inbound connections. If set to
true
, listen() and accept() will be
allowed to be used with non localhost address.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/torsocks.nix>
|
services.tor.torsocks.enable
Whether to build /etc/tor/torsocks.conf
containing the specified global torsocks configuration.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/torsocks.nix>
|
services.tor.torsocks.fasterServer
IP/Port of the Tor SOCKS server for torsocks-faster wrapper suitable for HTTP. Currently, hostnames are NOT supported by torsocks.
Type:
"string"
Default:
"127.0.0.1:9063"
Example:
"192.168.0.20:1234"
Declared by:
<nixpkgs/nixos/modules/services/security/torsocks.nix>
|
services.tor.torsocks.onionAddrRange
Tor hidden sites do not have real IP addresses. This specifies what range of IP addresses will be handed to the application as "cookies" for .onion names. Of course, you should pick a block of addresses which you aren't going to ever need to actually connect to. This is similar to the MapAddress feature of the main tor daemon.
Type:
"string"
Default:
"127.42.42.0/24"
Declared by:
<nixpkgs/nixos/modules/services/security/torsocks.nix>
|
services.tor.torsocks.server
IP/Port of the Tor SOCKS server. Currently, hostnames are NOT supported by torsocks.
Type:
"string"
Default:
"127.0.0.1:9050"
Example:
"192.168.0.20:1234"
Declared by:
<nixpkgs/nixos/modules/services/security/torsocks.nix>
|
services.tor.torsocks.socks5Password
SOCKS5 password. The TORSOCKS_PASSWORD
environment variable overrides this option if it is set.
Type:
"null or string"
Default:
null
Example:
"sekret"
Declared by:
<nixpkgs/nixos/modules/services/security/torsocks.nix>
|
services.tor.torsocks.socks5Username
SOCKS5 username. The TORSOCKS_USERNAME
environment variable overrides this option if it is set.
Type:
"null or string"
Default:
null
Example:
"bob"
Declared by:
<nixpkgs/nixos/modules/services/security/torsocks.nix>
|
services.tor.tsocks.config
Extra configuration. Contents will be added verbatim to TSocks configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/security/torify.nix>
|
services.tor.tsocks.enable
Whether to build tsocks wrapper script to relay application traffic via TOR.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/security/torify.nix>
|
services.tor.tsocks.server
IP address of TOR client to use.
Type:
"unspecified"
Default:
"localhost:9050"
Example:
"192.168.0.20"
Declared by:
<nixpkgs/nixos/modules/services/security/torify.nix>
|
services.torque.mom.enable
Whether to enable torque computing node.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/computing/torque/mom.nix>
|
services.torque.mom.serverNode
Hostname running pbs server.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/computing/torque/mom.nix>
|
services.torque.server.enable
Whether to enable torque server.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/computing/torque/server.nix>
|
services.toxBootstrapd.enable
Whether to enable the Tox DHT bootstrap daemon.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/tox-bootstrapd.nix>
|
services.toxBootstrapd.extraConfig
Configuration for bootstrap daemon. See https://github.com/irungentoo/toxcore/blob/master/other/bootstrap_daemon/tox-bootstrapd.conf and http://wiki.tox.im/Nodes.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/tox-bootstrapd.nix>
|
services.toxBootstrapd.keysFile
Node key file.
Type:
"string"
Default:
"/var/lib/tox-bootstrapd/keys"
Declared by:
<nixpkgs/nixos/modules/services/networking/tox-bootstrapd.nix>
|
services.toxBootstrapd.port
Listening port (UDP).
Type:
"integer"
Default:
33445
Declared by:
<nixpkgs/nixos/modules/services/networking/tox-bootstrapd.nix>
|
services.transmission.enable
Whether or not to enable the headless Transmission BitTorrent daemon. Transmission daemon can be controlled via the RPC interface using transmission-remote or the WebUI (http://localhost:9091/ by default). Torrents are downloaded to /var/lib/transmission/Downloads/ by default and are accessible to users in the "transmission" group.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/torrent/transmission.nix>
|
services.transmission.port
TCP port number to run the RPC/web interface.
Type:
"integer"
Default:
9091
Declared by:
<nixpkgs/nixos/modules/services/torrent/transmission.nix>
|
services.transmission.settings
Attribute set whos fields overwrites fields in settings.json (each time the service starts). String values must be quoted, integer and boolean values must not. See https://trac.transmissionbt.com/wiki/EditConfigFiles for documentation.
Type:
"attribute set"
Default:
{
download-dir = "/var/lib/transmission/Downloads"; incomplete-dir = "/var/lib/transmission/.incomplete"; incomplete-dir-enabled = true;
}
Example:
{
download-dir = "/srv/torrents/"; incomplete-dir = "/srv/torrents/.incomplete/"; incomplete-dir-enabled = true; rpc-whitelist = "127.0.0.1,192.168.*.*";
}
Declared by:
<nixpkgs/nixos/modules/services/torrent/transmission.nix>
|
services.u9fs.enable
Whether to run the u9fs 9P server for Unix.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/u9fs.nix>
|
services.u9fs.extraArgs
Extra arguments to pass on invocation, see man 4 u9fs
Type:
"string"
Default:
""
Example:
"-a none -u nobody"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/u9fs.nix>
|
services.u9fs.fsroot
File system root to serve to clients.
Type:
"path"
Default:
"/"
Example:
"/srv"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/u9fs.nix>
|
services.u9fs.listenStreams
Sockets to listen for clients on. See man 5 systemd.socket for socket syntax.
Type:
"list of strings"
Default:
[
"564"
]
Example:
[
"192.168.16.1:564"
]
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/u9fs.nix>
|
services.udev.extraRules
Additional udev rules. They'll be written
into file 10-local.rules
. Thus they are
read before all other rules.
Type:
"string"
Default:
""
Example:
'' KERNEL=="eth*", ATTR{address}=="00:1D:60:B9:6D:4F", NAME="my_fast_network_card" ''
Declared by:
<nixpkgs/nixos/modules/services/hardware/udev.nix>
|
services.udev.packages
List of packages containing udev rules.
All files found in
and
pkg
/etc/udev/rules.d
will be included.
pkg
/lib/udev/rules.d
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/hardware/udev.nix>
|
services.udev.path
Packages added to the PATH
environment variable when
executing programs from Udev rules.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/hardware/udev.nix>
|
services.udisks2.enable
Whether to enable Udisks, a DBus service that allows applications to query and manipulate storage devices.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/hardware/udisks2.nix>
|
services.uhub.aclConfig
Contents of user ACL configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.address
Address to bind the hub to.
Type:
"string"
Default:
"any"
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.enable
Whether to enable the uhub ADC hub.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.enableTLS
Whether to enable TLS support.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.hubConfig
Contents of uhub configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.authSqlite.enable
Whether to enable the Sqlite authentication database plugin
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.authSqlite.file
Path to user database. Use the uhub-passwd utility to create the database and add/remove users.
Type:
"string"
Example:
"/var/db/uhub-users"
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.history.connect
The number of chat history messages to send when users connect (0 = do not send any history).
Type:
"integer"
Default:
5
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.history.default
When !history is provided without arguments, then this default number of messages are returned.
Type:
"integer"
Default:
10
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.history.enable
Whether to enable the history plugin.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.history.max
The maximum number of messages to keep in history
Type:
"integer"
Default:
200
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.logging.enable
Whether to enable the logging plugin.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.logging.file
Path of log file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.logging.syslog
If true then the system log is used instead of writing to file.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.welcome.enable
Whether to enable the welcome plugin.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.welcome.motd
Welcome message displayed to clients after connecting
and with the !motd
command.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.plugins.welcome.rules
Rules message, displayed to clients with the !rules
command.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.uhub.port
TCP port to bind the hub to.
Type:
"integer"
Default:
1511
Declared by:
<nixpkgs/nixos/modules/services/misc/uhub.nix>
|
services.unbound.allowedAccess
What networks are allowed to use unbound as a resolver.
Type:
"unspecified"
Default:
[
"127.0.0.0/24"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/unbound.nix>
|
services.unbound.enable
Whether to enable the Unbound domain name server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/unbound.nix>
|
services.unbound.extraConfig
Extra lines of unbound config.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/unbound.nix>
|
services.unbound.forwardAddresses
What servers to forward queries to.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/unbound.nix>
|
services.unbound.interfaces
What addresses the server should listen on.
Type:
"unspecified"
Default:
[
"127.0.0.1" "::1"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/unbound.nix>
|
services.unclutter.arguments
Arguments to pass to unclutter command
Type:
"string"
Default:
"-idle 1"
Declared by:
<nixpkgs/nixos/modules/services/x11/unclutter.nix>
|
services.unclutter.enable
Enable unclutter to hide your mouse cursor when inactive
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/unclutter.nix>
|
services.unifi.enable
Whether or not to enable the unifi controller service.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/unifi.nix>
|
services.upower.enable
Whether to enable Upower, a DBus service that provides power management support to applications.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/hardware/upower.nix>
|
services.uptime.configFile
The uptime configuration file If mongodb: server != localhost, please set usesRemoteMongo = true If you only want to run the monitor, please set enableWebService = false and enableSeparateMonitoringService = true If autoStartMonitor: false (recommended) and you want to run both services, please set enableSeparateMonitoringService = true
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/monitoring/uptime.nix>
|
services.uptime.enableSeparateMonitoringService
Whether to enable the uptime monitoring service.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/monitoring/uptime.nix>
|
services.uptime.enableWebService
Whether to enable the uptime monitoring program web service.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/monitoring/uptime.nix>
|
services.uptime.nodeEnv
The node environment to run in (development, production, etc.)
Type:
"string"
Default:
"production"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/uptime.nix>
|
services.uptime.usesRemoteMongo
Whether the configuration file specifies a remote mongo instance
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/uptime.nix>
|
services.uptimed.enable
Uptimed allows you to track your highest uptimes.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/system/uptimed.nix>
|
services.uwsgi.enable
Enable uWSGI
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/uwsgi.nix>
|
services.uwsgi.instance
uWSGI configuration. This awaits either a path to file or a set which will be made into one.
If given a set, it awaits an attribute type
which can be either normal
or emperor
.
For normal
mode you can specify python2Packages
and
python3Packages
as functions from libraries set into lists of libraries.
For emperor
mode, you should use vassals
attribute
which should be either a set of names and configurations or a path to a directory.
Type:
"attribute set"
Default:
{
type = "normal";
}
Example:
{ type = "emperor"; vassals = { moin = { type = "normal"; python2Packages = self: with self; [ moinmoin ]; socket = "/run/uwsgi.sock"; }; }; }
Declared by:
<nixpkgs/nixos/modules/services/web-servers/uwsgi.nix>
|
services.uwsgi.plugins
Plugins used with uWSGI
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/uwsgi.nix>
|
services.varnish.config
Verbatim default.vcl configuration.
Type:
"unspecified"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/varnish/default.nix>
|
services.varnish.enable
Enable the Varnish Server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/web-servers/varnish/default.nix>
|
services.varnish.http_address
HTTP listen address and port.
Type:
"unspecified"
Default:
"*:6081"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/varnish/default.nix>
|
services.varnish.stateDir
Directory holding all state for Varnish to run.
Type:
"unspecified"
Default:
"/var/spool/varnish"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/varnish/default.nix>
|
services.venus.cacheDirectory
Where cached feeds are stored.
Type:
"path"
Default:
"/var/cache/venus"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.dates
Specification (in the format described by systemd.time(5)) of the time at which the Venus will collect feeds.
Type:
"string"
Default:
"*:0/15"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.enable
Planet Venus is an awesome ‘river of news’ feed reader. It downloads news feeds published by web sites and aggregates their content together into a single combined feed, latest news first.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.feeds
List of feeds.
Type:
"unspecified"
Default:
[
]
Example:
[
{
feedUrl = "http://url/to/rss/feed.xml"; homepageUrl = "http://garbas.si"; name = "Rok Garbas";
}
]
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.group
Group for running venus script.
Type:
"string"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.itemsPerPage
How many items to put on each page.
Type:
"integer"
Default:
15
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.link
Link to the main page.
Type:
"string"
Default:
"http://planet.nixos.org"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.name
Your planet's name.
Type:
"string"
Default:
"NixOS Planet"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.outputDirectory
Directory to place output files.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.outputTheme
Directory containing a config.ini file which is merged with this one. This is typically used to specify templating and bill of material information.
Type:
"path"
Default:
"/nix/store/xsy9kfhfdf6c1z4fc90ggqqxs6wrscj6-venus-9de21094a8cf565bdfcf75688e121a5ad1f5397b/themes/classic_fancy"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.ownerEmail
Your e-mail address.
Type:
"string"
Default:
"some@example.com"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.ownerName
Your name.
Type:
"string"
Default:
"Rok Garbas"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.venus.user
User for running venus script.
Type:
"string"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/programs/venus.nix>
|
services.virtualboxGuest.enable
Whether to enable the VirtualBox service and other guest additions.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>
|
services.virtualboxHost.addNetworkInterface
Automatically set up a vboxnet0 host-only network interface.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/programs/virtualbox-host.nix>
|
services.virtualboxHost.enable
Whether to enable host-side support for VirtualBox.
In order to pass USB devices from the host to the guests, the user
needs to be in the vboxusers
group.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/programs/virtualbox-host.nix>
|
services.virtualboxHost.enableHardening
Enable hardened VirtualBox, which ensures that only the binaries in the system path get access to the devices exposed by the kernel modules instead of all users in the vboxusers group.
Disabling this can put your system's security at risk, as local users in the vboxusers group can tamper with the VirtualBox device files.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/programs/virtualbox-host.nix>
|
services.virtuoso.config
Extra options to put into Virtuoso configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/virtuoso.nix>
|
services.virtuoso.dirsAllowed
A list of directories Virtuoso is allowed to access
Type:
"unspecified"
Default:
null
Example:
"/www, /home/"
Declared by:
<nixpkgs/nixos/modules/services/databases/virtuoso.nix>
|
services.virtuoso.enable
Whether to enable Virtuoso Opensource database server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/databases/virtuoso.nix>
|
services.virtuoso.httpListenAddress
ip:port or port for Virtuoso HTTP server to listen on.
Type:
"unspecified"
Default:
null
Example:
"myserver:8080"
Declared by:
<nixpkgs/nixos/modules/services/databases/virtuoso.nix>
|
services.virtuoso.listenAddress
ip:port or port to listen on.
Type:
"unspecified"
Default:
"1111"
Example:
"myserver:1323"
Declared by:
<nixpkgs/nixos/modules/services/databases/virtuoso.nix>
|
services.virtuoso.parameters
Extra options to put into [Parameters] section of Virtuoso configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/databases/virtuoso.nix>
|
services.vsftpd.anonymousMkdirEnable
Whether any uploads are permitted to anonymous users.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.anonymousUmask
Anonymous write umask.
Type:
"string"
Default:
"077"
Example:
"002"
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.anonymousUploadEnable
Whether any uploads are permitted to anonymous users.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.anonymousUser
Whether to enable the anonymous FTP user.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.anonymousUserHome
Directory to consider the HOME of the anonymous user.
Type:
"path"
Default:
"/home/ftp/"
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.chrootlocalUser
Whether local users are confined to their home directory.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.enable
Whether to enable the vsftpd FTP server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.forceLocalDataSSL
Only applies if sslEnable
is true. Non anonymous (local) users
must use a secure SSL connection for sending/receiving data on data connection.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.forceLocalLoginsSSL
Only applies if sslEnable
is true. Non anonymous (local) users
must use a secure SSL connection to send a password.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.localUsers
Whether to enable FTP for local users.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.portPromiscuous
Set to YES if you want to disable the PORT security check that ensures that outgoing data connections can only connect to the client. Only enable if you know what you are doing!
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.rsaCertFile
RSA certificate file.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.ssl_sslv2
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.ssl_sslv3
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.ssl_tlsv1
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.userlist
See userlistFile
.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.userlistDeny
Specifies whether userlistFile
is a list of user
names to allow or deny access.
The default false
means whitelist/allow.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.userlistEnable
Whether users are included.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.userlistFile
Newline separated list of names to be allowed/denied if userlistEnable
is true
. Meaning see userlistDeny
.
The default is a file containing the users from userlist
.
If explicitely set to null userlist_file will not be set in vsftpd's config file.
Type:
"unspecified"
Default:
(build of userlist)
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.vsftpd.writeEnable
Whether any write activity is permitted to users.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/vsftpd.nix>
|
services.wakeonlan.interfaces
Interfaces where to enable Wake-On-LAN, and how. Two methods available: "magickey" and "password". The password has the shape of six bytes in hexadecimal separated by a colon each. For more information, check the ethtool manual.
Type:
"unspecified"
Default:
[
]
Example:
[
{
interface = "eth0"; method = "password"; password = "00:11:22:33:44:55";
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/wakeonlan.nix>
|
services.winstone
Defines independent Winstone services, each serving one WAR-file.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/web-servers/winstone.nix>
|
services.winstone.<name>.extraJavaOptions
Extra command line options given to the java process running Winstone.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/winstone.nix>
|
services.winstone.<name>.extraOptions
Extra command line options given to the Winstone process.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/web-servers/winstone.nix>
|
services.winstone.<name>.group
The group that will own the working directory.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/winstone.nix>
|
services.winstone.<name>.serviceName
The name of the systemd service. By default, it is derived from the winstone instance name.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/winstone.nix>
|
services.winstone.<name>.user
The user that should run this Winstone process and own the working directory.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/winstone.nix>
|
services.winstone.<name>.warFile
The WAR file that Winstone should serve.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/winstone.nix>
|
services.winstone.<name>.workDir
The working directory for this Winstone instance. Will contain extracted webapps etc. The directory will be created if it doesn't exist.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/winstone.nix>
|
services.xfs.enable
Whether to enable the X Font Server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/xfs.nix>
|
services.xinetd.enable
Whether to enable the xinetd super-server daemon.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.extraDefaults
Additional configuration lines added to the default section of xinetd's configuration.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services
A list of services provided by xinetd.
Type:
"list of submodules"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.extraConfig
Extra configuration-lines added to the section of the service.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.flags
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.name
Name of the service.
Type:
"string"
Example:
"login"
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.port
Port number of the service.
Type:
"integer"
Default:
0
Example:
123
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.protocol
Protocol of the service. Usually tcp
or udp
.
Type:
"string"
Default:
"tcp"
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.server
Path of the program that implements the service.
Type:
"string"
Example:
"/foo/bin/ftpd"
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.serverArgs
Command-line arguments for the server program.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.unlisted
Whether this server is listed in
/etc/services
. If so, the port
number can be omitted.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xinetd.services.*.user
User account for the service
Type:
"string"
Default:
"nobody"
Declared by:
<nixpkgs/nixos/modules/services/networking/xinetd.nix>
|
services.xserver.autorun
Whether to start the X server automatically.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.config
The contents of the configuration file of the X server
(xorg.conf
).
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.defaultDepth
Default colour depth.
Type:
"integer"
Default:
0
Example:
8
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.desktopManager.default
Default desktop manager loaded if none have been chosen.
Type:
"string"
Default:
""
Example:
"none"
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/default.nix>
|
services.xserver.desktopManager.e19.enable
Enable the E19 desktop environment.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/e19.nix>
|
services.xserver.desktopManager.gnome3.enable
Enable Gnome 3 desktop manager.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/gnome3.nix>
|
services.xserver.desktopManager.gnome3.sessionPath
Additional list of packages to be added to the session search path. Useful for gnome shell extensions or gsettings-conditionated autostart.
Type:
"unspecified"
Default:
[
]
Example:
[ pkgs.gnome3.gpaste ]
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/gnome3.nix>
|
services.xserver.desktopManager.kde4.enable
Enable the KDE 4 desktop environment.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/kde4.nix>
|
services.xserver.desktopManager.kde4.phononBackends
Which phonon multimedia backend kde should use
Type:
"list of strings"
Default:
[
"gstreamer"
]
Example:
[
"gstreamer" "vlc"
]
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/kde4.nix>
|
services.xserver.desktopManager.kde5.enable
Enable the Plasma 5 (KDE 5) desktop environment.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/kde5.nix>
|
services.xserver.desktopManager.kde5.phononBackends
Phonon backends to use in KDE. Only the VLC and GStreamer backends are available. The GStreamer backend is preferred by upstream.
Type:
"list of strings"
Default:
[
"gstreamer"
]
Example:
[
"gstreamer" "vlc"
]
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/kde5.nix>
|
services.xserver.desktopManager.kodi.enable
Enable the kodi multimedia center.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/kodi.nix>
|
services.xserver.desktopManager.xfce.enable
Enable the Xfce desktop environment.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/xfce.nix>
|
services.xserver.desktopManager.xterm.enable
Enable a xterm terminal as a desktop manager.
Type:
"unspecified"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/desktop-managers/xterm.nix>
|
services.xserver.deviceSection
Contents of the first Device section of the X server configuration file.
Type:
"string"
Default:
""
Example:
"VideoRAM 131072"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.display
Display number for the X server.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.displayManager.auto.enable
Whether to enable the fake "auto" display manager, which
automatically logs in the user specified in the
user
option. This is mostly useful for
automated tests.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/auto.nix>
|
services.xserver.displayManager.auto.user
The user account to login automatically.
Type:
"unspecified"
Default:
"root"
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/auto.nix>
|
services.xserver.displayManager.desktopManagerHandlesLidAndPower
Whether the display manager should prevent systemd from handling lid and power events. This is normally handled by the desktop environment's power manager. Turn this off when using a minimal X11 setup without a full power manager.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.gdm.enable
Whether to enable GDM as the display manager. GDM is very experimental and may render system unusable.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/gdm.nix>
|
services.xserver.displayManager.hiddenUsers
A list of users which will not be shown in the display manager.
Type:
"list of strings"
Default:
[
"nobody"
]
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.job.environment
Additional environment variables needed by the display manager.
Type:
"attribute set of unspecifieds"
Default:
{
}
Example:
{
SLIM_CFGFILE = "/etc/slim.conf";
}
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.job.execCmd
Command to start the display manager.
Type:
"string"
Example:
"${pkgs.slim}/bin/slim"
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.job.logsXsession
Whether the display manager redirects the
output of the session script to
~/.xsession-errors
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.job.preStart
Script executed before the display manager is started.
Type:
"string"
Default:
""
Example:
"rm -f /var/log/my-display-manager.log"
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.kdm.enable
Whether to enable the KDE display manager.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/kdm.nix>
|
services.xserver.displayManager.kdm.enableXDMCP
Whether to enable XDMCP, which allows remote logins.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/kdm.nix>
|
services.xserver.displayManager.kdm.extraConfig
Options appended to kdmrc
, the
configuration file of KDM.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/kdm.nix>
|
services.xserver.displayManager.kdm.setupScript
The path to a KDM setup script. This script is run as root just before KDM starts. Can be used for setting up monitors with xrandr, for example.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/kdm.nix>
|
services.xserver.displayManager.kdm.themeDirectory
The path to a KDM theme directory. This theme will be used by the KDM greeter.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/kdm.nix>
|
services.xserver.displayManager.lightdm.background
The background image or color to use.
Type:
"unspecified"
Default:
"/nix/store/ccskk7d9kh1j93ydiwq70s9gjdb3bbgv-nixos-artwork-e71b684/gnome/Gnome_Dark.png"
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/lightdm.nix>
|
services.xserver.displayManager.lightdm.enable
Whether to enable lightdm as the display manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/lightdm.nix>
|
services.xserver.displayManager.lightdm.greeter
The LightDM greeter to login via. The package should be a directory containing a .desktop file matching the name in the 'name' option.
Type:
"unspecified"
Default:
{
name = "lightdm-gtk-greeter"; package =
(build of lightdm-gtk-greeter)
;
}
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/lightdm.nix>
|
services.xserver.displayManager.sddm.enable
Whether to enable sddm as the display manager.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/sddm.nix>
|
services.xserver.displayManager.sddm.theme
Greeter theme to use.
Type:
"string"
Default:
"maui"
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/sddm.nix>
|
services.xserver.displayManager.session
List of sessions supported with the command used to start each
session. Each session script can set the
waitPID
shell variable to make this script
wait until the end of the user session. Each script is used
to define either a windows manager or a desktop manager. These
can be differentiated by setting the attribute
manage
either to "window"
or "desktop"
.
The list of desktop manager and window manager should appear
inside the display manager with the desktop manager name
followed by the window manager name.
Type:
"unspecified"
Default:
[
]
Example:
[ { manage = "desktop"; name = "xterm"; start = '' ${pkgs.xterm}/bin/xterm -ls & waitPID=$! ''; } ]
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.sessionCommands
Shell commands executed just before the window or desktop manager is started.
Type:
"string"
Default:
""
Example:
'' xmessage "Hello World!" & ''
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.slim.autoLogin
Automatically log in as the default user.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/slim.nix>
|
services.xserver.displayManager.slim.defaultUser
The default user to load. If you put a username here you get it automatically loaded into the username field, and the focus is placed on the password.
Type:
"null or string"
Default:
null
Example:
"login"
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/slim.nix>
|
services.xserver.displayManager.slim.enable
Whether to enable SLiM as the display manager.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/slim.nix>
|
services.xserver.displayManager.slim.extraConfig
Extra configuration options for SLiM login manager. Do not add options that can be configured directly.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/slim.nix>
|
services.xserver.displayManager.slim.theme
The theme for the SLiM login manager. If not specified, SLiM's default theme is used. See http://slim.berlios.de/themes01.php for a collection of themes. TODO: berlios shut down.
Type:
"null or path"
Default:
null
Example:
pkgs.fetchurl { url = "mirror://sourceforge/slim.berlios/slim-wave.tar.gz"; sha256 = "0ndr419i5myzcylvxb89m9grl2xyq6fbnyc3lkd711mzlmnnfxdy"; }
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/slim.nix>
|
services.xserver.displayManager.xserverArgs
List of arguments for the X server.
Type:
"list of strings"
Default:
[
]
Example:
[
"-ac" "-logverbose" "-verbose" "-nolisten tcp"
]
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.displayManager.xserverBin
Path to the X server used by display managers.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/services/x11/display-managers/default.nix>
|
services.xserver.enable
Whether to enable the X server.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.enableTCP
Whether to allow the X server to accept TCP connections.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.exportConfiguration
Whether to symlink the X server configuration under
/etc/X11/xorg.conf
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.extraDisplaySettings
Lines to be added to every Display subsection of the Screen section.
Type:
"string"
Default:
""
Example:
"Virtual 2048 2048"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.layout
Keyboard layout.
Type:
"string"
Default:
"us"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.moduleSection
Contents of the Module section of the X server configuration file.
Type:
"string"
Default:
""
Example:
'' SubSection "extmod" EndSubsection ''
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.modules
Packages to be added to the module search path of the X server.
Type:
"list of paths"
Default:
[
]
Example:
[ pkgs.xf86_input_wacom ]
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.monitorSection
Contents of the first Monitor section of the X server configuration file.
Type:
"string"
Default:
""
Example:
"HorizSync 28-49"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.multitouch.additionalOptions
Additional options for mtrack touchpad driver.
Type:
"string"
Default:
""
Example:
'' Option "ScaleDistance" "50" Option "RotateDistance" "60" ''
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/multitouch.nix>
|
services.xserver.multitouch.buttonsMap
Remap touchpad buttons.
Type:
"list of integers"
Default:
[
3 2 0
]
Example:
[
1 3 2
]
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/multitouch.nix>
|
services.xserver.multitouch.enable
Whether to enable multitouch touchpad support.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/multitouch.nix>
|
services.xserver.multitouch.ignorePalm
Whether to ignore touches detected as being the palm (i.e when typing)
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/multitouch.nix>
|
services.xserver.multitouch.invertScroll
Whether to invert scrolling direction à la OSX Lion
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/multitouch.nix>
|
services.xserver.multitouch.tapButtons
Whether to enable tap buttons.
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/multitouch.nix>
|
services.xserver.resolutions
The screen resolutions for the X server. The first element is the default resolution. If this list is empty, the X server will automatically configure the resolution.
Type:
"list of attribute sets"
Default:
[
]
Example:
[
{
x = 1600; y = 1200;
}
{
x = 1024; y = 786;
}
]
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.screenSection
Contents of the first Screen section of the X server configuration file.
Type:
"string"
Default:
""
Example:
'' Option "RandRRotation" "on" ''
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.serverFlagsSection
Contents of the ServerFlags section of the X server configuration file.
Type:
"unspecified"
Default:
""
Example:
'' Option "BlankTime" "0" Option "StandbyTime" "0" Option "SuspendTime" "0" Option "OffTime" "0" ''
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.serverLayoutSection
Contents of the ServerLayout section of the X server configuration file.
Type:
"string"
Default:
""
Example:
'' Option "AIGLX" "true" ''
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.startGnuPGAgent
Whether to start the GnuPG agent when you log in. The GnuPG agent remembers private keys for you so that you don't have to type in passphrases every time you make an SSH connection or sign/encrypt data. Use ssh-add to add a key to the agent.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.synaptics.accelFactor
Cursor acceleration (how fast speed increases from minSpeed to maxSpeed).
Type:
"null or string"
Default:
"0.001"
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.additionalOptions
Additional options for synaptics touchpad driver.
Type:
"string"
Default:
""
Example:
'' Option "RTCornerButton" "2" Option "RBCornerButton" "3" ''
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.buttonsMap
Remap touchpad buttons.
Type:
"list of integers"
Default:
[
1 2 3
]
Example:
[
1 3 2
]
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.dev
Path for touchpad device. Set to null to apply to any auto-detected touchpad.
Type:
"null or string"
Default:
null
Example:
"/dev/input/event0"
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.enable
Whether to enable touchpad support.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.fingersMap
Remap several-fingers taps.
Type:
"list of integers"
Default:
[
1 2 3
]
Example:
[
1 3 2
]
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.horizontalScroll
Whether to enable horizontal scrolling (on touchpad)
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.maxSpeed
Cursor speed factor for highest-speed finger motion.
Type:
"null or string"
Default:
"1.0"
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.minSpeed
Cursor speed factor for precision finger motion.
Type:
"null or string"
Default:
"0.6"
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.palmDetect
Whether to enable palm detection (hardware support required)
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.tapButtons
Whether to enable tap buttons.
Type:
"boolean"
Default:
true
Example:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.twoFingerScroll
Whether to enable two-finger drag-scrolling.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.synaptics.vertEdgeScroll
Whether to enable vertical edge drag-scrolling.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/synaptics.nix>
|
services.xserver.tty
Virtual console for the X server.
Type:
"integer"
Default:
7
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.useGlamor
Whether to use the Glamor module for 2D acceleration, if possible.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.useXFS
Determines how to connect to the X Font Server.
Type:
"unspecified"
Default:
false
Example:
"unix/:7100"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.vaapiDrivers
Packages providing libva acceleration drivers.
Type:
"list of paths"
Default:
[
]
Example:
[ pkgs.vaapiIntel pkgs.vaapiVdpau ]
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.videoDriver
The name of the video driver for your graphics card. This
option is obsolete; please set the
services.xserver.videoDrivers
instead.
Type:
"null or string"
Default:
null
Example:
"i810"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.videoDrivers
The names of the video drivers the configuration supports. They will be tried in order until one that supports your card is found.
Type:
"list of strings"
Default:
[
"ati" "cirrus" "intel" "vesa" "vmware" "modesetting"
]
Example:
[
"vesa"
]
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.virtualScreen
Virtual screen size for Xrandr.
Type:
"null or attribute set"
Default:
null
Example:
{
x = 2048; y = 2048;
}
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.wacom.enable
Whether to enable the Wacom touchscreen/digitizer/tablet.
If you ever have any issues such as, try switching to terminal (ctrl-alt-F1) and back
which will make Xorg reconfigure the device ?
If you're not satisfied by the default behaviour you can override
environment.etc."X11/xorg.conf.d/50-wacom.conf"
in
configuration.nix easily.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/hardware/wacom.nix>
|
services.xserver.windowManager.afterstep.enable
Enable the Afterstep window manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/afterstep.nix>
|
services.xserver.windowManager.awesome.enable
Whether to enable Awesome window manager.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/awesome.nix>
|
services.xserver.windowManager.awesome.luaModules
List of lua packages available for being used in the Awesome configuration.
Type:
"list of derivations"
Default:
[
]
Example:
[ luaPackages.oocairo ]
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/awesome.nix>
|
services.xserver.windowManager.awesome.package
Package to use for running the Awesome WM.
Type:
"null or derivation"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/awesome.nix>
|
services.xserver.windowManager.bspwm.enable
Enable the bspwm window manager.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/bspwm.nix>
|
services.xserver.windowManager.compiz.enable
Enable the Compiz window manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/compiz.nix>
|
services.xserver.windowManager.compiz.renderingFlag
Pass the --indirect-rendering
flag to Compiz.
Type:
"unspecified"
Default:
""
Example:
"--indirect-rendering"
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/compiz.nix>
|
services.xserver.windowManager.default
Default window manager loaded if none have been chosen.
Type:
"string"
Default:
"none"
Example:
"wmii"
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/default.nix>
|
services.xserver.windowManager.fluxbox.enable
Enable the Fluxbox window manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/fluxbox.nix>
|
services.xserver.windowManager.herbstluftwm.enable
Enable the herbstluftwm window manager.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/herbstluftwm.nix>
|
services.xserver.windowManager.i3.configFile
Path to the i3 configuration file. If left at the default value, $HOME/.i3/config will be used.
Type:
"null or path"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/i3.nix>
|
services.xserver.windowManager.i3.enable
Enable the i3 tiling window manager.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/i3.nix>
|
services.xserver.windowManager.icewm.enable
Enable the IceWM window manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/icewm.nix>
|
services.xserver.windowManager.metacity.enable
Enable the metacity window manager.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/metacity.nix>
|
services.xserver.windowManager.openbox.enable
Enable the Openbox window manager.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/openbox.nix>
|
services.xserver.windowManager.ratpoison.enable
Enable the Ratpoison window manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/ratpoison.nix>
|
services.xserver.windowManager.sawfish.enable
Enable the Sawfish window manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/sawfish.nix>
|
services.xserver.windowManager.spectrwm.enable
Enable the spectrwm window manager.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/spectrwm.nix>
|
services.xserver.windowManager.stumpwm.enable
Enable the stumpwm tiling window manager.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/stumpwm.nix>
|
services.xserver.windowManager.twm.enable
Enable the twm window manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/twm.nix>
|
services.xserver.windowManager.windowmaker.enable
Enable the Windowmaker window manager.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/windowmaker.nix>
|
services.xserver.windowManager.wmii.enable
Enable the wmii window manager.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/wmii.nix>
|
services.xserver.windowManager.xmonad.enable
Enable the xmonad window manager.
Type:
"unspecified"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/xmonad.nix>
|
services.xserver.windowManager.xmonad.enableContribAndExtras
Enable xmonad-{contrib,extras} in Xmonad.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/xmonad.nix>
|
services.xserver.windowManager.xmonad.extraPackages
Extra packages available to ghc when rebuilding Xmonad. The
value must be a function which receives the attrset defined
in haskellPackages
as the sole argument.
Type:
"unspecified"
Default:
"<function>"
Example:
haskellPackages: [ haskellPackages.xmonad-contrib haskellPackages.monad-logger ]
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/xmonad.nix>
|
services.xserver.windowManager.xmonad.haskellPackages
haskellPackages used to build Xmonad and other packages.
This can be used to change the GHC version used to build
Xmonad and the packages listed in
extraPackages
.
Type:
"unspecified"
Default:
"pkgs.haskellngPackages"
Example:
pkgs.haskell-ng.packages.ghc784
Declared by:
<nixpkgs/nixos/modules/services/x11/window-managers/xmonad.nix>
|
services.xserver.xkbModel
Keyboard model.
Type:
"string"
Default:
"pc104"
Example:
"presario"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.xkbOptions
X keyboard options; layout switching goes here.
Type:
"string"
Default:
"terminate:ctrl_alt_bksp"
Example:
"grp:caps_toggle, grp_led:scroll"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.xkbVariant
X keyboard variant.
Type:
"string"
Default:
""
Example:
"colemak"
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.xserver.xrandrHeads
Simple multiple monitor configuration, just specify a list of XRandR outputs which will be mapped from left to right in the order of the list. Be careful using this option with multiple graphic adapters or with drivers that have poor support for XRandR, unexpected things might happen with those.
Type:
"list of strings"
Default:
[
]
Example:
[
"HDMI-0" "DVI-0"
]
Declared by:
<nixpkgs/nixos/modules/services/x11/xserver.nix>
|
services.yandex-disk.directory
The directory to use for Yandex.Disk storage
Type:
"unspecified"
Default:
"/home/Yandex.Disk"
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/yandex-disk.nix>
|
services.yandex-disk.enable
Whether to enable Yandex-disk client. See https://disk.yandex.ru/
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/yandex-disk.nix>
|
services.yandex-disk.password
Your yandex.com password. Warning: it will be world-readable in /nix/store.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/yandex-disk.nix>
|
services.yandex-disk.user
The user the yandex-disk daemon should run as.
Type:
"unspecified"
Default:
null
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/yandex-disk.nix>
|
services.yandex-disk.username
Your yandex.com login name.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/network-filesystems/yandex-disk.nix>
|
services.zabbixAgent.enable
Whether to run the Zabbix monitoring agent on this machine. It will send monitoring data to a Zabbix server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/zabbix-agent.nix>
|
services.zabbixAgent.extraConfig
Configuration that is injected verbatim into the configuration file.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/zabbix-agent.nix>
|
services.zabbixAgent.server
The IP address or hostname of the Zabbix server to connect to.
Type:
"unspecified"
Default:
"127.0.0.1"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/zabbix-agent.nix>
|
services.zabbixServer.dbPassword
Password used to connect to the database server.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/zabbix-server.nix>
|
services.zabbixServer.dbServer
Hostname or IP address of the database server. Use an empty string ("") to use peer authentication.
Type:
"string"
Default:
"localhost"
Declared by:
<nixpkgs/nixos/modules/services/monitoring/zabbix-server.nix>
|
services.zabbixServer.enable
Whether to run the Zabbix server on this machine.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/monitoring/zabbix-server.nix>
|
services.zabbixServer.extraConfig
Configuration that is injected verbatim into the configuration file.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/monitoring/zabbix-server.nix>
|
services.zfs.autoSnapshot.daily
Number of daily auto-snapshots that you wish to keep.
Type:
"integer"
Default:
7
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
services.zfs.autoSnapshot.enable
Enable the (OpenSolaris-compatible) ZFS auto-snapshotting service.
Note that you must set the com.sun:auto-snapshot
property to true
on all datasets which you wish
to auto-snapshot.
You can override a child dataset to use, or not use auto-snapshotting
by setting its flag with the given interval:
zfs set com.sun:auto-snapshot:weekly=false DATASET
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
services.zfs.autoSnapshot.frequent
Number of frequent (15-minute) auto-snapshots that you wish to keep.
Type:
"integer"
Default:
4
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
services.zfs.autoSnapshot.hourly
Number of hourly auto-snapshots that you wish to keep.
Type:
"integer"
Default:
24
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
services.zfs.autoSnapshot.monthly
Number of monthly auto-snapshots that you wish to keep.
Type:
"integer"
Default:
12
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
services.zfs.autoSnapshot.weekly
Number of weekly auto-snapshots that you wish to keep.
Type:
"integer"
Default:
4
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems/zfs.nix>
|
services.znc.confOptions.extraZncConf
Extra config to `znc.conf` file
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.confOptions.modules
A list of modules to include in the `znc.conf` file.
Type:
"list of strings"
Default:
[
"partyline" "webadmin" "adminlog" "log"
]
Example:
[
"partyline" "webadmin" "adminlog" "log"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.confOptions.nick
The IRC nick to use when generating the `znc.conf` file.
Type:
"string"
Default:
"znc-user"
Example:
"john"
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.confOptions.passBlock
The pass block to use when generating the `znc.conf` file. This is the password used by the user logging into the ZNC web admin. This is the block generated by the `znc --makepass` command. !!! If not specified, please change this after starting the service. !!!
Type:
"string"
Default:
'' <Pass password> Method = sha256 Hash = e2ce303c7ea75c571d80d8540a8699b46535be6a085be3414947d638e48d9e93 Salt = l5Xryew4g*!oa(ECfX2o </Pass> ''
Example:
"Must be the block generated by the `znc --makepass` command."
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.confOptions.port
Specifies the port on which to listen.
Type:
"integer"
Default:
5000
Example:
5000
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.confOptions.useSSL
Indicates whether the ZNC server should use SSL when listening on the specified port.
Type:
"boolean"
Default:
true
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.confOptions.userModules
A list of user modules to include in the `znc.conf` file.
Type:
"list of strings"
Default:
[
]
Example:
[
"fish" "push"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.confOptions.userName
The user name to use when generating the `znc.conf` file. This is the user name used by the user logging into the ZNC web admin.
Type:
"string"
Default:
"znc"
Example:
"johntron"
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.dataDir
The data directory. Used for configuration files and modules.
Type:
"path"
Default:
"/var/lib/znc/"
Example:
"/home/john/.znc/"
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.enable
Enable a ZNC service for a user.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.extraFlags
Extra flags to use when executing znc command.
Type:
"list of strings"
Default:
[
]
Example:
[
"--debug"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.modulePackages
A list of global znc module packages to add to znc.
Type:
"list of derivations"
Default:
[
]
Example:
[ pkgs.zncModules.fish pkgs.zncModules.push ]
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.mutable
Indicates whether to allow the contents of the `dataDir` directory to be changed by the user at run-time. If true, modifications to the ZNC configuration after its initial creation are not overwritten by a NixOS system rebuild. If false, the ZNC configuration is rebuilt by every system rebuild. If the user wants to manage the ZNC service using the web admin interface, this value should be set to true.
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.user
The name of an existing user account to use to own the ZNC server process. If not specified, a default user will be created to own the process.
Type:
"string"
Default:
"znc"
Example:
"john"
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.znc.zncConf
The contents of the `znc.conf` file to use when creating it. If specified, `confOptions` will be ignored, and this value, as-is, will be used. If left empty, a conf file with default values will be used. Recommended to generate with `znc --makeconf` command.
Type:
"string"
Default:
""
Example:
"See: http://wiki.znc.in/Configuration"
Declared by:
<nixpkgs/nixos/modules/services/networking/znc.nix>
|
services.zookeeper.dataDir
Data directory for Zookeeper
Type:
"path"
Default:
"/var/lib/zookeeper"
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.enable
Whether to enable Zookeeper.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.extraCmdLineOptions
Extra command line options for the Zookeeper launcher.
Type:
"list of strings"
Default:
[
"-Dcom.sun.management.jmxremote" "-Dcom.sun.management.jmxremote.local.only=true"
]
Example:
[
"-Djava.net.preferIPv4Stack=true" "-Dcom.sun.management.jmxremote" "-Dcom.sun.management.jmxremote.local.only=true"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.extraConf
Extra configuration for Zookeeper.
Type:
"string"
Default:
'' initLimit=5 syncLimit=2 tickTime=2000 ''
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.id
Zookeeper ID.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.logging
Zookeeper logging configuration.
Type:
"string"
Default:
'' zookeeper.root.logger=INFO, CONSOLE log4j.rootLogger=INFO, CONSOLE log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout log4j.appender.CONSOLE.layout.ConversionPattern=[myid:%X{myid}] - %-5p [%t:%C{1}@%L] - %m%n ''
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.port
Zookeeper Client port.
Type:
"integer"
Default:
2181
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.preferIPv4
Add the -Djava.net.preferIPv4Stack=true flag to the Zookeeper server.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.purgeInterval
The time interval in hours for which the purge task has to be triggered. Set to a positive integer (1 and above) to enable the auto purging.
Type:
"integer"
Default:
1
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zookeeper.servers
All Zookeeper Servers.
Type:
"string"
Default:
""
Example:
'' server.0=host0:2888:3888 server.1=host1:2888:3888 server.2=host2:2888:3888 ''
Declared by:
<nixpkgs/nixos/modules/services/misc/zookeeper.nix>
|
services.zope2.instances
zope2 instances to be created automaticaly by the system.
Type:
"list or attribute set of submodules"
Default:
{
}
Example:
{
plone01 =
{
extra = "<zodb_db main>\n mount-point /\n cache-size 30000\n <blobstorage>\n blob-dir /var/lib/zope2/plone01/blobstorage\n <filestorage>\n path /var/lib/zope2/plone01/filestorage/Data.fs\n </filestorage>\n </blobstorage>\n</zodb_db>\n"; http_address = "127.0.0.1:8080";
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/web-servers/zope2.nix>
|
services.zope2.instances.<name?>.clientHome
Home directory of zope2 instance.
Type:
"string"
Default:
"/var/lib/zope2/"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/zope2.nix>
|
services.zope2.instances.<name?>.extra
Extra zope.conf
Type:
"string"
Default:
'' <zodb_db main> mount-point / cache-size 30000 <blobstorage> blob-dir /var/lib/zope2//blobstorage <filestorage> path /var/lib/zope2//filestorage/Data.fs </filestorage> </blobstorage> </zodb_db> ''
Declared by:
<nixpkgs/nixos/modules/services/web-servers/zope2.nix>
|
services.zope2.instances.<name?>.http_address
Give a port and address for the HTTP server.
Type:
"string"
Default:
"localhost:8080"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/zope2.nix>
|
services.zope2.instances.<name?>.name
The name of the zope2 instance. If undefined, the name of the attribute set will be used.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/services/web-servers/zope2.nix>
|
services.zope2.instances.<name?>.packages
The list of packages you want to make available to the zope2 instance.
Type:
"list of derivations"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/zope2.nix>
|
services.zope2.instances.<name?>.threads
Specify the number of threads that Zope's ZServer web server will use to service requests.
Type:
"integer"
Default:
2
Declared by:
<nixpkgs/nixos/modules/services/web-servers/zope2.nix>
|
services.zope2.instances.<name?>.user
The name of the effective user for the Zope process.
Type:
"string"
Default:
"zope2"
Declared by:
<nixpkgs/nixos/modules/services/web-servers/zope2.nix>
|
sound.enable
Whether to enable ALSA sound.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/audio/alsa.nix>
|
sound.enableOSSEmulation
Whether to enable ALSA OSS emulation (with certain cards sound mixing may not work!).
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/services/audio/alsa.nix>
|
sound.extraConfig
Set addition configuration for system-wide alsa.
Type:
"string"
Default:
""
Example:
'' defaults.pcm.!card 3 ''
Declared by:
<nixpkgs/nixos/modules/services/audio/alsa.nix>
|
swapDevices
The swap devices and swap files. These must have been
initialised using mkswap. Each element
should be an attribute set specifying either the path of the
swap device or file (device
) or the label
of the swap device (label
, see
mkswap -L). Using a label is
recommended.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
device = "/dev/hda7";
}
{
device = "/var/swapfile";
}
{
label = "bigswap";
}
]
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.device
Path of the device.
Type:
"string"
Example:
"/dev/sda3"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.encrypted.blkDev
Location of the backing encrypted device.
Type:
"null or string"
Default:
null
Example:
"/dev/sda1"
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
swapDevices.*.encrypted.enable
The block device is backed by an encrypted one, adds this device as a initrd luks entry.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
swapDevices.*.encrypted.keyFile
File system location of keyfile.
Type:
"null or string"
Default:
null
Example:
"/root/.swapkey"
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
swapDevices.*.encrypted.label
Label of the backing encrypted device.
Type:
"null or string"
Default:
null
Example:
"rootfs"
Declared by:
<nixpkgs/nixos/modules/tasks/encrypted-devices.nix>
|
swapDevices.*.label
Label of the device. Can be used instead of device
.
Type:
"string"
Example:
"swap"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.priority
Specify the priority of the swap device. Priority is a value between 0 and 32767. Higher numbers indicate higher priority. null lets the kernel choose a priority, which will show up as a negative value.
Type:
"null or integer"
Default:
null
Example:
2048
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.size
If this option is set, ‘device’ is interpreted as the path of a swapfile that will be created automatically with the indicated size (in megabytes) if it doesn't exist.
Type:
"null or integer"
Default:
null
Example:
2048
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
system.activationScripts
A set of shell script fragments that are executed when a NixOS system configuration is activated. Examples are updating /etc, creating accounts, and so on. Since these are executed every time you boot the system or run nixos-rebuild, it's important that they are idempotent and fast.
Type:
"attribute set of unspecifieds"
Default:
{
}
Example:
{
stdio =
{
deps =
[
]
; text = "# Needed by some programs.\nln -sfn /proc/self/fd /dev/fd\nln -sfn /proc/self/fd/0 /dev/stdin\nln -sfn /proc/self/fd/1 /dev/stdout\nln -sfn /proc/self/fd/2 /dev/stderr\n";
}
;
}
Declared by:
<nixpkgs/nixos/modules/system/activation/activation-script.nix>
|
system.copySystemConfiguration
If enabled, copies the NixOS configuration file
$NIXOS_CONFIG
(usually
/etc/nixos/configuration.nix
)
to the system store path.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/activation/top-level.nix>
|
system.replaceRuntimeDependencies
List of packages to override without doing a full rebuild. The original derivation and replacement derivation must have the same name length, and ideally should have close-to-identical directory layout.
Type:
"list of submodules"
Default:
[
]
Example:
[ ({ original = pkgs.openssl; replacement = pkgs.callPackage /path/to/openssl { ... }; }) ]
Declared by:
<nixpkgs/nixos/modules/system/activation/top-level.nix>
|
systemd.additionalUpstreamSystemUnits
Additional units shipped with systemd that shall be enabled.
Type:
"list of strings"
Default:
[
]
Example:
[
"debug-shell.service" "systemd-quotacheck.service"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts
Definition of systemd automount units. This is a list instead of an attrSet, because systemd mandates the names to be derived from the 'where' attribute.
Type:
"list of submodules"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.automountConfig
Each attribute in this set specifies an option in the
[Automount]
section of the unit. See
systemd.automount(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
DirectoryMode = "0775";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.automounts.*.where
Absolute path of a directory of the mount point. Will be created if it doesn't exist. (Mandatory)
Type:
"string"
Example:
"/mnt"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.defaultUnit
Default unit started when the system boots.
Type:
"string"
Default:
"multi-user.target"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.enableEmergencyMode
Whether to enable emergency mode, which is an sulogin shell started on the console if mounting a filesystem fails. Since some machines (like EC2 instances) have no console of any kind, emergency mode doesn't make sense, and it's better to continue with the boot insofar as possible.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/emergency-mode.nix>
|
systemd.extraConfig
Extra config options for systemd. See man systemd-system.conf for available options.
Type:
"string"
Default:
""
Example:
"DefaultLimitCORE=infinity"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.globalEnvironment
Environment variables passed to all systemd units.
Type:
"attribute set"
Default:
{
}
Example:
{
TZ = "CET";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts
Definition of systemd mount units. This is a list instead of an attrSet, because systemd mandates the names to be derived from the 'where' attribute.
Type:
"list of submodules"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.mountConfig
Each attribute in this set specifies an option in the
[Mount]
section of the unit. See
systemd.mount(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
DirectoryMode = "0775";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.options
Options used to mount the file system.
Type:
"string"
Default:
""
Example:
"noatime"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.type
File system type.
Type:
"string"
Default:
""
Example:
"ext4"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.what
Absolute path of device node, file or other resource. (Mandatory)
Type:
"string"
Example:
"/dev/sda1"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.mounts.*.where
Absolute path of a directory of the mount point. Will be created if it doesn't exist. (Mandatory)
Type:
"string"
Example:
"/mnt"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.enable
Whether to enable networkd or not.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.links
Definition of systemd network links.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.links.<name>.enable
If set to false, this unit will be a symlink to /dev/null.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.links.<name>.linkConfig
Each attribute in this set specifies an option in the
[Link]
section of the unit. See
systemd.link(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
MACAddress = "00:ff:ee:aa:cc:dd";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.links.<name>.matchConfig
Each attribute in this set specifies an option in the
[Match]
section of the unit. See
systemd.link(5)
systemd.netdev(5)
systemd.network(5)
for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Name = "eth0";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs
Definition of systemd network devices.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.bondConfig
Each attribute in this set specifies an option in the
[Bond]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Mode = "802.3ad";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.enable
If set to false, this unit will be a symlink to /dev/null.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.macvlanConfig
Each attribute in this set specifies an option in the
[MACVLAN]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Mode = "private";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.matchConfig
Each attribute in this set specifies an option in the
[Match]
section of the unit. See
systemd.link(5)
systemd.netdev(5)
systemd.network(5)
for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Name = "eth0";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.netdevConfig
Each attribute in this set specifies an option in the
[Netdev]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Kind = "bridge"; Name = "mybridge";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.peerConfig
Each attribute in this set specifies an option in the
[Peer]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Name = "veth2";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.tapConfig
Each attribute in this set specifies an option in the
[Tap]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
User = "openvpn";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.tunConfig
Each attribute in this set specifies an option in the
[Tun]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
User = "openvpn";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.tunnelConfig
Each attribute in this set specifies an option in the
[Tunnel]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Remote = "192.168.1.1";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.vlanConfig
Each attribute in this set specifies an option in the
[VLAN]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Id = "4";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.netdevs.<name>.vxlanConfig
Each attribute in this set specifies an option in the
[VXLAN]
section of the unit. See
systemd.netdev(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Id = "4";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks
Definition of systemd networks.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.DHCP
Whether to enable DHCP on the interfaces matched.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.address
A list of addresses to be added to the network section of the unit. See systemd.network(5) for details.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.addresses
A list of address sections to be added to the unit. See systemd.network(5) for details.
Type:
"list of submodules"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.addresses.*.addressConfig
Each attribute in this set specifies an option in the
[Address]
section of the unit. See
systemd.network(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Address = "192.168.0.100/24";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.dhcpConfig
Each attribute in this set specifies an option in the
[DHCP]
section of the unit. See
systemd.network(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
UseDNS = true; UseRoutes = true;
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.dns
A list of dns servers to be added to the network section of the unit. See systemd.network(5) for details.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.domains
A list of domains to pass to the network config.
Type:
"null or list of strings"
Default:
null
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.enable
If set to false, this unit will be a symlink to /dev/null.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.gateway
A list of gateways to be added to the network section of the unit. See systemd.network(5) for details.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.macvlan
A list of macvlan interfaces to be added to the network section of the unit. See systemd.network(5) for details.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.matchConfig
Each attribute in this set specifies an option in the
[Match]
section of the unit. See
systemd.link(5)
systemd.netdev(5)
systemd.network(5)
for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Name = "eth0";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.name
The name of the network interface to match against.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.networkConfig
Each attribute in this set specifies an option in the
[Network]
section of the unit. See
systemd.network(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Description = "My Network";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.ntp
A list of ntp servers to be added to the network section of the unit. See systemd.network(5) for details.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.routes
A list of route sections to be added to the unit. See systemd.network(5) for details.
Type:
"list of submodules"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.routes.*.routeConfig
Each attribute in this set specifies an option in the
[Route]
section of the unit. See
systemd.network(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
Gateway = "192.168.0.1";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.tunnel
A list of tunnel interfaces to be added to the network section of the unit. See systemd.network(5) for details.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.vlan
A list of vlan interfaces to be added to the network section of the unit. See systemd.network(5) for details.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.networks.<name>.vxlan
A list of vxlan interfaces to be added to the network section of the unit. See systemd.network(5) for details.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.units
Definition of networkd units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.units.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.units.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.units.<name>.text
Text of this systemd unit.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.network.units.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.packages
Packages providing systemd units.
Type:
"list of derivations"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths
Definition of systemd path units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.pathConfig
Each attribute in this set specifies an option in the
[Path]
section of the unit. See
systemd.path(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
PathChanged = "/some/path"; Unit = "changedpath.service";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.paths.<name>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services
Definition of systemd service units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/testing/service-runner.nix>
|
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.environment
Environment variables passed to the service's processes.
Type:
"attribute set"
Default:
{
}
Example:
{
LANG = "nl_NL.UTF-8"; PATH = "/foo/bar/bin";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.path
Packages added to the service's PATH
environment variable. Both the bin
and sbin
subdirectories of each
package are added.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.postStart
Shell commands executed after the service's main process is started.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.postStop
Shell commands executed after the service's main process has exited.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.preStart
Shell commands executed before the service's main process is started.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.preStop
Shell commands executed to stop the service.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.reload
Shell commands executed when the service's main process is reloaded.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.reloadIfChanged
Whether the service should be reloaded during a NixOS
configuration switch if its definition has changed. If
enabled, the value of restartIfChanged
is
ignored.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.restartIfChanged
Whether the service should be restarted during a NixOS configuration switch if its definition has changed.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.script
Shell commands executed as the service's main process.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.scriptArgs
Arguments passed to the main process script.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.serviceConfig
Each attribute in this set specifies an option in the
[Service]
section of the unit. See
systemd.service(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RestartSec = 5; StartLimitInterval = 10;
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.startAt
Automatically start this unit at the given date/time, which
must be in the format described in
systemd.time(5). This is equivalent
to adding a corresponding timer unit with
OnCalendar
set to the value given here.
Type:
"string"
Default:
""
Example:
"Sun 14:00:00"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.stopIfChanged
If set, a changed unit is restarted by calling
systemctl stop in the old configuration,
then systemctl start in the new one.
Otherwise, it is restarted in a single step using
systemctl restart in the new configuration.
The latter is less correct because it runs the
ExecStop
commands from the new
configuration.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.services.<name>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets
Definition of systemd socket units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.listenStreams
For each item in this list, a ListenStream
option in the [Socket]
section will be created.
Type:
"list of strings"
Default:
[
]
Example:
[
"0.0.0.0:993" "/run/my-socket"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.socketConfig
Each attribute in this set specifies an option in the
[Socket]
section of the unit. See
systemd.socket(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
ListenStream = "/run/my-socket";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.sockets.<name>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets
Definition of systemd target units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.targets.<name>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers
Definition of systemd timer units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.timerConfig
Each attribute in this set specifies an option in the
[Timer]
section of the unit. See
systemd.timer(5) and
systemd.time(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
OnCalendar = "Sun 14:00:00"; Unit = "foo.service";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.timers.<name>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.tmpfiles.rules
Rules for creating and cleaning up temporary files automatically. See tmpfiles.d(5) for the exact format. You should not use this option to create files required by systemd services, since there is no guarantee that systemd-tmpfiles runs when the system is reconfigured using nixos-rebuild.
Type:
"list of strings"
Default:
[
]
Example:
[
"d /tmp 1777 root root 10d"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.units
Definition of systemd units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.units.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.units.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.units.<name>.text
Text of this systemd unit.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.units.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services
Definition of systemd per-user service units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.environment
Environment variables passed to the service's processes.
Type:
"attribute set"
Default:
{
}
Example:
{
LANG = "nl_NL.UTF-8"; PATH = "/foo/bar/bin";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.path
Packages added to the service's PATH
environment variable. Both the bin
and sbin
subdirectories of each
package are added.
Type:
"unspecified"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.postStart
Shell commands executed after the service's main process is started.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.postStop
Shell commands executed after the service's main process has exited.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.preStart
Shell commands executed before the service's main process is started.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.preStop
Shell commands executed to stop the service.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.reload
Shell commands executed when the service's main process is reloaded.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.reloadIfChanged
Whether the service should be reloaded during a NixOS
configuration switch if its definition has changed. If
enabled, the value of restartIfChanged
is
ignored.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.restartIfChanged
Whether the service should be restarted during a NixOS configuration switch if its definition has changed.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.script
Shell commands executed as the service's main process.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.scriptArgs
Arguments passed to the main process script.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.serviceConfig
Each attribute in this set specifies an option in the
[Service]
section of the unit. See
systemd.service(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RestartSec = 5; StartLimitInterval = 10;
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.startAt
Automatically start this unit at the given date/time, which
must be in the format described in
systemd.time(5). This is equivalent
to adding a corresponding timer unit with
OnCalendar
set to the value given here.
Type:
"string"
Default:
""
Example:
"Sun 14:00:00"
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.stopIfChanged
If set, a changed unit is restarted by calling
systemctl stop in the old configuration,
then systemctl start in the new one.
Otherwise, it is restarted in a single step using
systemctl restart in the new configuration.
The latter is less correct because it runs the
ExecStop
commands from the new
configuration.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.services.<name>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets
Definition of systemd per-user socket units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.listenStreams
For each item in this list, a ListenStream
option in the [Socket]
section will be created.
Type:
"list of strings"
Default:
[
]
Example:
[
"0.0.0.0:993" "/run/my-socket"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.socketConfig
Each attribute in this set specifies an option in the
[Socket]
section of the unit. See
systemd.socket(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
ListenStream = "/run/my-socket";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.sockets.<name>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers
Definition of systemd per-user timer units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.after
If the specified units are started at the same time as this unit, delay this unit until they have started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.before
If the specified units are started at the same time as this unit, delay them until this unit has started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.bindsTo
Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.conflicts
If the specified units are started, then this unit is stopped and vice versa.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.description
Description of this unit used in systemd messages and progress indicators.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.partOf
If the specified units are stopped or restarted, then this unit is stopped or restarted as well.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.requires
Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.requisite
Similar to requires. However if the units listed are not started, they will not be started and the transaction will fail.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.restartTriggers
An arbitrary list of items such as derivations. If any item in the list changes between reconfigurations, the service will be restarted.
Type:
"list of unspecifieds"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.timerConfig
Each attribute in this set specifies an option in the
[Timer]
section of the unit. See
systemd.timer(5) and
systemd.time(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
OnCalendar = "Sun 14:00:00"; Unit = "foo.service";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.unitConfig
Each attribute in this set specifies an option in the
[Unit]
section of the unit. See
systemd.unit(5) for details.
Type:
"attribute set of systemd options"
Default:
{
}
Example:
{
RequiresMountsFor = "/data";
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.timers.<name>.wants
Start the specified units when this unit is started.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.units
Definition of systemd per-user units.
Type:
"attribute set of submodules"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.units.<name>.enable
If set to false, this unit will be a symlink to
/dev/null. This is primarily useful to prevent specific
template instances (e.g. serial-getty@ttyS0
)
from being started.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.units.<name>.requiredBy
Units that require (i.e. depend on and need to go down with) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.units.<name>.text
Text of this systemd unit.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
systemd.user.units.<name>.wantedBy
Units that want (i.e. depend on) this unit.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/systemd.nix>
|
time.hardwareClockInLocalTime
If set, keep the hardware clock in local time instead of UTC.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/timezone.nix>
|
time.timeZone
The time zone used when displaying times and dates. See https://en.wikipedia.org/wiki/List_of_tz_database_time_zones for a comprehensive list of possible values for this setting.
Type:
"string"
Default:
"UTC"
Example:
"America/New_York"
Declared by:
<nixpkgs/nixos/modules/config/timezone.nix>
|
uim.enable
Enable UIM input method
Type:
"boolean"
Default:
false
Example:
true
Declared by:
<nixpkgs/nixos/modules/programs/uim.nix>
|
users.defaultUserShell
This option defines the default shell assigned to user accounts. This must not be a store path, since the path is used outside the store (in particular in /etc/passwd). Rather, it should be the path of a symlink that points to the actual shell in the Nix store.
Type:
"path"
Example:
"/run/current-system/sw/bin/zsh"
Declared by:
<nixpkgs/nixos/modules/programs/shadow.nix>
|
users.enforceIdUniqueness
Whether to require that no two users/groups share the same uid/gid.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups
Additional groups to be created automatically by the system.
Type:
"list or attribute set of submodules"
Default:
{
}
Example:
{
hackers =
{
}
; students =
{
gid = 1001;
}
;
}
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name?>.gid
The group GID. If the GID is null, a free GID is picked on activation.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name?>.members
The user names of the group members, added to the
/etc/group
file.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name?>.name
The name of the group. If undefined, the name of the attribute set will be used.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers
Additional user accounts to be created automatically by the system. This can also be used to set options for root.
Type:
"list or attribute set of submodules"
Default:
{
}
Example:
{
alice =
{
createHome = true; description = "Alice Q. User"; extraGroups =
[
"wheel"
]
; group = "users"; home = "/home/alice"; shell = "/bin/sh"; uid = 1234;
}
;
}
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.createHome
If true, the home directory will be created automatically. If this option is true and the home directory already exists but is not owned by the user, directory owner and group will be changed to match the user.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.description
A short description of the user account, typically the
user's full name. This is actually the “GECOS” or “comment”
field in /etc/passwd
.
Type:
"string"
Default:
""
Example:
"Alice Q. User"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.extraGroups
The user's auxiliary groups.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.group
The user's primary group.
Type:
"string"
Default:
"nogroup"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.hashedPassword
Specifies the hashed password for the user.
The options hashedPassword
,
password
and passwordFile
controls what password is set for the user.
hashedPassword
overrides both
password
and passwordFile
.
password
overrides passwordFile
.
If none of these three options are set, no password is assigned to
the user, and the user will not be able to do password logins.
If the option users.mutableUsers
is true, the
password defined in one of the three options will only be set when
the user is created for the first time. After that, you are free to
change the password with the ordinary user management commands. If
users.mutableUsers
is false, you cannot change
user passwords, they will always be set according to the password
options.
To generate hashed password install mkpassword
package and run mkpasswd -m sha-512
.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.home
The user's home directory.
Type:
"string"
Default:
"/var/empty"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.initialHashedPassword
Specifies the initial hashed password for the user, i.e. the
hashed password assigned if the user does not already
exist. If users.mutableUsers
is true, the
password can be changed subsequently using the
passwd command. Otherwise, it's
equivalent to setting the password
option.
To generate hashed password install mkpassword
package and run mkpasswd -m sha-512
.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.initialPassword
Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist. If
users.mutableUsers
is true, the password
can be changed subsequently using the
passwd command. Otherwise, it's
equivalent to setting the password
option. The same caveat applies: the password specified here
is world-readable in the Nix store, so it should only be
used for guest accounts or passwords that will be changed
promptly.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.isNormalUser
Indicates whether this is an account for a “real” user. This
automatically sets group
to
users
, createHome
to
true
, home
to
/home/
,
username
useDefaultShell
to true
,
and isSystemUser
to
false
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.isSystemUser
Indicates if the user is a system user or not. This option
only has an effect if uid
is
null
, in which case it determines whether
the user's UID is allocated in the range for system users
(below 500) or in the range for normal users (starting at
1000).
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.name
The name of the user account. If undefined, the name of the attribute set will be used.
Type:
"string"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.openssh.authorizedKeys.keyFiles
A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys. The contents of the files are
read at build time and added to a file that the SSH daemon reads in
addition to the the user's authorized_keys file. You can combine the
keyFiles
and keys
options.
Type:
"list of paths"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.extraUsers.<name?>.openssh.authorizedKeys.keys
A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys. The keys are added to a file that the SSH
daemon reads in addition to the the user's authorized_keys file.
You can combine the keys
and
keyFiles
options.
Type:
"list of strings"
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.extraUsers.<name?>.password
Specifies the (clear text) password for the user.
Warning: do not set confidential information here
because it is world-readable in the Nix store. This option
should only be used for public accounts.
The options hashedPassword
,
password
and passwordFile
controls what password is set for the user.
hashedPassword
overrides both
password
and passwordFile
.
password
overrides passwordFile
.
If none of these three options are set, no password is assigned to
the user, and the user will not be able to do password logins.
If the option users.mutableUsers
is true, the
password defined in one of the three options will only be set when
the user is created for the first time. After that, you are free to
change the password with the ordinary user management commands. If
users.mutableUsers
is false, you cannot change
user passwords, they will always be set according to the password
options.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.passwordFile
The full path to a file that contains the user's password. The password
file is read on each system activation. The file should contain
exactly one line, which should be the password in an encrypted form
that is suitable for the chpasswd -e
command.
The options hashedPassword
,
password
and passwordFile
controls what password is set for the user.
hashedPassword
overrides both
password
and passwordFile
.
password
overrides passwordFile
.
If none of these three options are set, no password is assigned to
the user, and the user will not be able to do password logins.
If the option users.mutableUsers
is true, the
password defined in one of the three options will only be set when
the user is created for the first time. After that, you are free to
change the password with the ordinary user management commands. If
users.mutableUsers
is false, you cannot change
user passwords, they will always be set according to the password
options.
Type:
"null or string"
Default:
null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.shell
The path to the user's shell.
Type:
"string"
Default:
"/run/current-system/sw/bin/nologin"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.subGidRanges
Subordinate group ids that user is allowed to use.
They are set into /etc/subgid
and are used
by newgidmap
for user namespaces.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
count = 1; startGid = 100;
}
{
count = 999; startGid = 1001;
}
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.subGidRanges.*.count
Count of subordinate group ids
Type:
"integer"
Default:
1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.subGidRanges.*.startGid
Start of the range of subordinate group ids that user is allowed to use.
Type:
"integer"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.subUidRanges
Subordinate user ids that user is allowed to use.
They are set into /etc/subuid
and are used
by newuidmap
for user namespaces.
Type:
"list of submodules"
Default:
[
]
Example:
[
{
count = 1; startUid = 1000;
}
{
count = 65534; startUid = 100001;
}
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.subUidRanges.*.count
Count of subordinate user ids
Type:
"integer"
Default:
1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.subUidRanges.*.startUid
Start of the range of subordinate user ids that user is allowed to use.
Type:
"integer"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.uid
The account UID. If the UID is null, a free UID is picked on activation.
Type:
"null or integer"
Default:
null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name?>.useDefaultShell
If true, the user's shell will be set to
users.defaultUserShell
.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.ldap.base
The distinguished name of the search base.
Type:
"unspecified"
Example:
"dc=example,dc=org"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.distinguishedName
The distinguished name to bind to the LDAP server with. If this is not specified, an anonymous bind will be done.
Type:
"string"
Default:
""
Example:
"cn=admin,dc=example,dc=com"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.password
The path to a file containing the credentials to use when binding to the LDAP server (if not binding anonymously).
Type:
"string"
Default:
"/etc/ldap/bind.password"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.policy
Specifies the policy to use for reconnecting to an unavailable
LDAP server. The default is hard_open
, which
reconnects if opening the connection to the directory server
failed. By contrast, hard_init
reconnects if
initializing the connection failed. Initializing may not
actually contact the directory server, and it is possible that
a malformed configuration file will trigger reconnection. If
soft
is specified, then
nss_ldap
will return immediately on server
failure. All hard reconnect policies block with exponential
backoff before retrying.
Type:
"string"
Default:
"hard_open"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.timeLimit
Specifies the time limit (in seconds) to use when connecting
to the directory server. This is distinct from the time limit
specified in users.ldap.timeLimit
and affects
the initial server connection only.
Type:
"integer"
Default:
30
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.enable
Whether to let the nslcd daemon (nss-pam-ldapd) handle the LDAP lookups for NSS and PAM. This can improve performance, and if you need to bind to the LDAP server with a password, it increases security, since only the nslcd user needs to have access to the bindpw file, not everyone that uses NSS and/or PAM. If this option is enabled, a local nscd user is created automatically, and the nslcd service is started automatically when the network get up.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.extraConfig
Extra configuration options that will be added verbatim at the end of the nslcd configuration file (nslcd.conf).
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.enable
Whether to enable authentication against an LDAP server.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.extraConfig
Extra configuration options that will be added verbatim at
the end of the ldap configuration file (ldap.conf).
If users.ldap.daemon
is enabled, this
configuration will not be used. In that case, use
users.ldap.daemon.extraConfig
instead.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.server
The URL of the LDAP server.
Type:
"unspecified"
Example:
"ldap://ldap.example.org/"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.timeLimit
Specifies the time limit (in seconds) to use when performing searches. A value of zero (0), which is the default, is to wait indefinitely for searches to be completed.
Type:
"integer"
Default:
0
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.useTLS
If enabled, use TLS (encryption) over an LDAP (port 389)
connection. The alternative is to specify an LDAPS server (port
636) in users.ldap.server
or to forego
security.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.motd
Message of the day shown to users when they log in.
Type:
"null or string"
Default:
null
Example:
"Today is Sweetmorn, the 4th day of The Aftermath in the YOLD 3178."
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
users.mutableUsers
If set to true
, you are free to add new users and groups to the system
with the ordinary useradd
and
groupadd
commands. On system activation, the
existing contents of the /etc/passwd
and
/etc/group
files will be merged with the
contents generated from the users.extraUsers
and
users.extraGroups
options.
The initial password for a user will be set
according to users.extraUsers
, but existing passwords
will not be changed.
If set to false
, the contents of the user and
group files will simply be replaced on system activation. This also
holds for the user passwords; all changed
passwords will be reset according to the
users.extraUsers
configuration on activation.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
virtualisation.docker.enable
This option enables docker, a daemon that manages linux containers. Users in the "docker" group can interact with the daemon (e.g. to start or stop containers) using the docker command line tool.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/docker.nix>
|
virtualisation.docker.extraOptions
The extra command-line options to pass to docker daemon.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/virtualisation/docker.nix>
|
virtualisation.docker.socketActivation
This option enables docker with socket activation. I.e. docker will start when first called by client. Note: This is false by default because systemd lower than 214 that nixos uses so far, doesn't support SocketGroup option, so socket created by docker has root group now. This will likely be changed in future. So set this option explicitly to false if you wish.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/docker.nix>
|
virtualisation.libvirtd.enable
This option enables libvirtd, a daemon that manages virtual machines. Users in the "libvirtd" group can interact with the daemon (e.g. to start or stop VMs) using the virsh command line tool, among others.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/libvirtd.nix>
|
virtualisation.libvirtd.enableKVM
This option enables support for QEMU/KVM in libvirtd.
Type:
"boolean"
Default:
true
Declared by:
<nixpkgs/nixos/modules/virtualisation/libvirtd.nix>
|
virtualisation.libvirtd.extraConfig
Extra contents appended to the libvirtd configuration file, libvirtd.conf.
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/virtualisation/libvirtd.nix>
|
virtualisation.libvirtd.onShutdown
When shutting down / restarting the host what method should be used to gracefully halt the guests. Setting to "shutdown" will cause an ACPI shutdown of each guest. "suspend" will attempt to save the state of the guests ready to restore on boot.
Type:
"one of shutdown, suspend"
Default:
"suspend"
Declared by:
<nixpkgs/nixos/modules/virtualisation/libvirtd.nix>
|
virtualisation.lxc.defaultConfig
Default config (default.conf) for new containers, i.e. for network config. See lxc.container.conf (5).
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.enable
This enables Linux Containers (LXC), which provides tools for creating and managing system or application containers on Linux.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.systemConfig
This is the system-wide LXC config. See lxc.system.conf(5).
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.usernetConfig
This is the config file for managing unprivileged user network administration access in LXC. See lxc-user-net(5).
Type:
"string"
Default:
""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.vswitch.enable
Enable Open vSwitch. A configuration daemon (ovs-server) will be started.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/openvswitch.nix>
|
virtualisation.xen.bootParams
Parameters passed to the Xen hypervisor at boot time.
Type:
"unspecified"
Default:
""
Declared by:
<nixpkgs/nixos/modules/virtualisation/xen-dom0.nix>
|
virtualisation.xen.bridge
Create a bridge for the Xen domUs to connect to.
Type:
"unspecified"
Default:
"xenbr0"
Declared by:
<nixpkgs/nixos/modules/virtualisation/xen-dom0.nix>
|
virtualisation.xen.domain0MemorySize
Amount of memory (in MiB) allocated to Domain 0 on boot. If set to 0, all memory is assigned to Domain 0.
Type:
"unspecified"
Default:
0
Example:
512
Declared by:
<nixpkgs/nixos/modules/virtualisation/xen-dom0.nix>
|
virtualisation.xen.enable
Setting this option enables the Xen hypervisor, a virtualisation technology that allows multiple virtual machines, known as domains, to run concurrently on the physical machine. NixOS runs as the privileged Domain 0. This option requires a reboot to take effect.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/xen-dom0.nix>
|
virtualisation.xen.stored
Xen Store daemon to use. Defaults to oxenstored of the xen package.
Type:
"path"
Declared by:
<nixpkgs/nixos/modules/virtualisation/xen-dom0.nix>
|
virtualisation.xen.trace
Enable Xen tracing.
Type:
"unspecified"
Default:
false
Declared by:
<nixpkgs/nixos/modules/virtualisation/xen-dom0.nix>
|
zramSwap.enable
Enable in-memory compressed swap space provided by the zram kernel module. It is recommended to enable only for kernel 3.14 or higher.
Type:
"boolean"
Default:
false
Declared by:
<nixpkgs/nixos/modules/config/zram.nix>
|
zramSwap.memoryPercent
Maximum amount of memory that can be used by the zram swap devices (as a percentage of your total memory). Defaults to 1/2 of your total RAM.
Type:
"integer"
Default:
50
Declared by:
<nixpkgs/nixos/modules/config/zram.nix>
|
zramSwap.numDevices
Number of zram swap devices to create. It should be equal to the number of CPU cores your system has.
Type:
"integer"
Default:
4
Declared by:
<nixpkgs/nixos/modules/config/zram.nix>
|
zramSwap.priority
Priority of the zram swap devices. It should be a number higher than the priority of your disk-based swap devices (so that the system will fill the zram swap devices before falling back to disk swap).
Type:
"integer"
Default:
5
Declared by:
<nixpkgs/nixos/modules/config/zram.nix>
|