Friendly Modules
Random modules documentation collection
Source code, PR, issue, etc:
Friendly Modules at Github
Sources
- NUR Combined
- NixOS Hardware
- NixOS-FireHOL
- NixOps LibVirtd
- NixOps HCloud
- NixOps GCE
- NixOps DigitalOcean
- NixOps Datadog
- NixOps AWS
- NixOps
- KubeNix
- Impermanence
- Flake Gemini
- Marcos
- Lucas Eduardo
- Climod
- Thiago Okada
- Henrik Lissner
- Hugo Ribeiro
dotfiles.binDir
type
path
default
{
dotfiles.binDir = "/nix/store/hfgvlj61grkxmhlg4ff9sc5fi6k0bfs0-source/bin";
}
dotfiles.configDir
type
path
default
{
dotfiles.configDir = "/nix/store/hfgvlj61grkxmhlg4ff9sc5fi6k0bfs0-source/config";
}
dotfiles.dir
type
path
default
{
dotfiles.dir = "/nix/store/hfgvlj61grkxmhlg4ff9sc5fi6k0bfs0-source";
}
dotfiles.modulesDir
type
path
default
{
dotfiles.modulesDir = "/nix/store/hfgvlj61grkxmhlg4ff9sc5fi6k0bfs0-source/modules";
}
dotfiles.themesDir
type
path
default
{
dotfiles.themesDir = "/nix/store/hfgvlj61grkxmhlg4ff9sc5fi6k0bfs0-source/modules/themes";
}
env
TODO
type
attribute set of string or path or list of string or path
default
{
env = {};
}
home.configFile
Files to place in $XDG_CONFIG_HOME
type
attribute set
default
{
home.configFile = {};
}
home.dataFile
Files to place in $XDG_DATA_HOME
type
attribute set
default
{
home.dataFile = {};
}
home.file
Files to place directly in $HOME
type
attribute set
default
{
home.file = {};
}
modules.desktop.apps.godot.enable
type
boolean
example
{
modules.desktop.apps.godot.enable = true;
}
default
{
modules.desktop.apps.godot.enable = false;
}
modules.desktop.apps.rofi.enable
type
boolean
example
{
modules.desktop.apps.rofi.enable = true;
}
default
{
modules.desktop.apps.rofi.enable = false;
}
modules.desktop.apps.unity3d.enable
type
boolean
example
{
modules.desktop.apps.unity3d.enable = true;
}
default
{
modules.desktop.apps.unity3d.enable = false;
}
modules.desktop.awesomewm.enable
type
boolean
example
{
modules.desktop.awesomewm.enable = true;
}
default
{
modules.desktop.awesomewm.enable = false;
}
modules.desktop.browsers.brave.enable
type
boolean
example
{
modules.desktop.browsers.brave.enable = true;
}
default
{
modules.desktop.browsers.brave.enable = false;
}
modules.desktop.browsers.default
type
null or string
default
{
modules.desktop.browsers.default = null;
}
modules.desktop.browsers.firefox.enable
type
boolean
example
{
modules.desktop.browsers.firefox.enable = true;
}
default
{
modules.desktop.browsers.firefox.enable = false;
}
modules.desktop.browsers.firefox.extraConfig
Extra lines to add to
type
strings concatenated with "\n"
default
{
modules.desktop.browsers.firefox.extraConfig = "";
}
modules.desktop.browsers.firefox.profileName
type
string
default
{
modules.desktop.browsers.firefox.profileName = "username";
}
modules.desktop.browsers.firefox.settings
Firefox preferences to set in
type
attribute set of boolean or signed integer or string
default
{
modules.desktop.browsers.firefox.settings = {};
}
modules.desktop.browsers.firefox.userChrome
CSS Styles for Firefox's interface
type
strings concatenated with "\n"
default
{
modules.desktop.browsers.firefox.userChrome = "";
}
modules.desktop.browsers.firefox.userContent
Global CSS Styles for websites
type
strings concatenated with "\n"
default
{
modules.desktop.browsers.firefox.userContent = "";
}
modules.desktop.browsers.qutebrowser.enable
type
boolean
example
{
modules.desktop.browsers.qutebrowser.enable = true;
}
default
{
modules.desktop.browsers.qutebrowser.enable = false;
}
modules.desktop.browsers.qutebrowser.dicts
type
list of string
default
{
modules.desktop.browsers.qutebrowser.dicts = [
"en-US"
];
}
modules.desktop.browsers.qutebrowser.extraConfig
type
strings concatenated with "\n"
default
{
modules.desktop.browsers.qutebrowser.extraConfig = "";
}
modules.desktop.browsers.qutebrowser.userStyles
type
strings concatenated with "\n"
default
{
modules.desktop.browsers.qutebrowser.userStyles = "";
}
modules.desktop.bspwm.enable
type
boolean
example
{
modules.desktop.bspwm.enable = true;
}
default
{
modules.desktop.bspwm.enable = false;
}
modules.desktop.gaming.emulators.ds.enable
type
boolean
example
{
modules.desktop.gaming.emulators.ds.enable = true;
}
default
{
modules.desktop.gaming.emulators.ds.enable = false;
}
modules.desktop.gaming.emulators.gb.enable
type
boolean
example
{
modules.desktop.gaming.emulators.gb.enable = true;
}
default
{
modules.desktop.gaming.emulators.gb.enable = false;
}
modules.desktop.gaming.emulators.gba.enable
type
boolean
example
{
modules.desktop.gaming.emulators.gba.enable = true;
}
default
{
modules.desktop.gaming.emulators.gba.enable = false;
}
modules.desktop.gaming.emulators.psx.enable
type
boolean
example
{
modules.desktop.gaming.emulators.psx.enable = true;
}
default
{
modules.desktop.gaming.emulators.psx.enable = false;
}
modules.desktop.gaming.emulators.snes.enable
type
boolean
example
{
modules.desktop.gaming.emulators.snes.enable = true;
}
default
{
modules.desktop.gaming.emulators.snes.enable = false;
}
modules.desktop.gaming.steam.enable
type
boolean
example
{
modules.desktop.gaming.steam.enable = true;
}
default
{
modules.desktop.gaming.steam.enable = false;
}
modules.desktop.media.daw.enable
type
boolean
example
{
modules.desktop.media.daw.enable = true;
}
default
{
modules.desktop.media.daw.enable = false;
}
modules.desktop.media.documents.enable
type
boolean
example
{
modules.desktop.media.documents.enable = true;
}
default
{
modules.desktop.media.documents.enable = false;
}
modules.desktop.media.documents.ebook.enable
type
boolean
example
{
modules.desktop.media.documents.ebook.enable = true;
}
default
{
modules.desktop.media.documents.ebook.enable = false;
}
modules.desktop.media.documents.pdf.enable
type
boolean
example
{
modules.desktop.media.documents.pdf.enable = true;
}
default
{
modules.desktop.media.documents.pdf.enable = false;
}
modules.desktop.media.graphics.enable
type
boolean
example
{
modules.desktop.media.graphics.enable = true;
}
default
{
modules.desktop.media.graphics.enable = false;
}
modules.desktop.media.graphics.models.enable
type
boolean
example
{
modules.desktop.media.graphics.models.enable = true;
}
default
{
modules.desktop.media.graphics.models.enable = false;
}
modules.desktop.media.graphics.raster.enable
type
boolean
example
{
modules.desktop.media.graphics.raster.enable = true;
}
default
{
modules.desktop.media.graphics.raster.enable = true;
}
modules.desktop.media.graphics.sprites.enable
type
boolean
example
{
modules.desktop.media.graphics.sprites.enable = true;
}
default
{
modules.desktop.media.graphics.sprites.enable = true;
}
modules.desktop.media.graphics.tools.enable
type
boolean
example
{
modules.desktop.media.graphics.tools.enable = true;
}
default
{
modules.desktop.media.graphics.tools.enable = true;
}
modules.desktop.media.graphics.vector.enable
type
boolean
example
{
modules.desktop.media.graphics.vector.enable = true;
}
default
{
modules.desktop.media.graphics.vector.enable = true;
}
modules.desktop.media.mpv.enable
type
boolean
example
{
modules.desktop.media.mpv.enable = true;
}
default
{
modules.desktop.media.mpv.enable = false;
}
modules.desktop.media.ncmpcpp.enable
type
boolean
example
{
modules.desktop.media.ncmpcpp.enable = true;
}
default
{
modules.desktop.media.ncmpcpp.enable = false;
}
modules.desktop.media.recording.enable
type
boolean
example
{
modules.desktop.media.recording.enable = true;
}
default
{
modules.desktop.media.recording.enable = false;
}
modules.desktop.media.recording.audio.enable
type
boolean
example
{
modules.desktop.media.recording.audio.enable = true;
}
default
{
modules.desktop.media.recording.audio.enable = true;
}
modules.desktop.media.recording.video.enable
type
boolean
example
{
modules.desktop.media.recording.video.enable = true;
}
default
{
modules.desktop.media.recording.video.enable = true;
}
modules.desktop.media.spotify.enable
type
boolean
example
{
modules.desktop.media.spotify.enable = true;
}
default
{
modules.desktop.media.spotify.enable = false;
}
modules.desktop.media.spotify.tui.enable
type
boolean
example
{
modules.desktop.media.spotify.tui.enable = true;
}
default
{
modules.desktop.media.spotify.tui.enable = false;
}
modules.desktop.stumpwm.enable
type
boolean
example
{
modules.desktop.stumpwm.enable = true;
}
default
{
modules.desktop.stumpwm.enable = false;
}
modules.desktop.term.default
type
string
default
{
modules.desktop.term.default = "xterm";
}
modules.desktop.term.st.enable
type
boolean
example
{
modules.desktop.term.st.enable = true;
}
default
{
modules.desktop.term.st.enable = false;
}
modules.desktop.vm.lxd.enable
type
boolean
example
{
modules.desktop.vm.lxd.enable = true;
}
default
{
modules.desktop.vm.lxd.enable = false;
}
modules.desktop.vm.qemu.enable
type
boolean
example
{
modules.desktop.vm.qemu.enable = true;
}
default
{
modules.desktop.vm.qemu.enable = false;
}
modules.desktop.vm.virtualbox.enable
type
boolean
example
{
modules.desktop.vm.virtualbox.enable = true;
}
default
{
modules.desktop.vm.virtualbox.enable = false;
}
modules.dev.cc.enable
type
boolean
example
{
modules.dev.cc.enable = true;
}
default
{
modules.dev.cc.enable = false;
}
modules.dev.cc.xdg.enable
type
boolean
example
{
modules.dev.cc.xdg.enable = true;
}
default
{
modules.dev.cc.xdg.enable = false;
}
modules.dev.clojure.enable
type
boolean
example
{
modules.dev.clojure.enable = true;
}
default
{
modules.dev.clojure.enable = false;
}
modules.dev.clojure.xdg.enable
type
boolean
example
{
modules.dev.clojure.xdg.enable = true;
}
default
{
modules.dev.clojure.xdg.enable = false;
}
modules.dev.common-lisp.enable
type
boolean
example
{
modules.dev.common-lisp.enable = true;
}
default
{
modules.dev.common-lisp.enable = false;
}
modules.dev.common-lisp.xdg.enable
type
boolean
example
{
modules.dev.common-lisp.xdg.enable = true;
}
default
{
modules.dev.common-lisp.xdg.enable = false;
}
modules.dev.lua.enable
type
boolean
example
{
modules.dev.lua.enable = true;
}
default
{
modules.dev.lua.enable = false;
}
modules.dev.lua.love2D.enable
type
boolean
example
{
modules.dev.lua.love2D.enable = true;
}
default
{
modules.dev.lua.love2D.enable = false;
}
modules.dev.lua.xdg.enable
type
boolean
example
{
modules.dev.lua.xdg.enable = true;
}
default
{
modules.dev.lua.xdg.enable = false;
}
modules.dev.node.enable
type
boolean
example
{
modules.dev.node.enable = true;
}
default
{
modules.dev.node.enable = false;
}
modules.dev.node.xdg.enable
type
boolean
example
{
modules.dev.node.xdg.enable = true;
}
default
{
modules.dev.node.xdg.enable = false;
}
modules.dev.python.enable
type
boolean
example
{
modules.dev.python.enable = true;
}
default
{
modules.dev.python.enable = false;
}
modules.dev.python.xdg.enable
type
boolean
example
{
modules.dev.python.xdg.enable = true;
}
default
{
modules.dev.python.xdg.enable = false;
}
modules.dev.rust.enable
type
boolean
example
{
modules.dev.rust.enable = true;
}
default
{
modules.dev.rust.enable = false;
}
modules.dev.rust.xdg.enable
type
boolean
example
{
modules.dev.rust.xdg.enable = true;
}
default
{
modules.dev.rust.xdg.enable = false;
}
modules.dev.scala.enable
type
boolean
example
{
modules.dev.scala.enable = true;
}
default
{
modules.dev.scala.enable = false;
}
modules.dev.scala.xdg.enable
type
boolean
example
{
modules.dev.scala.xdg.enable = true;
}
default
{
modules.dev.scala.xdg.enable = false;
}
modules.dev.shell.enable
type
boolean
example
{
modules.dev.shell.enable = true;
}
default
{
modules.dev.shell.enable = false;
}
modules.dev.shell.xdg.enable
type
boolean
example
{
modules.dev.shell.xdg.enable = true;
}
default
{
modules.dev.shell.xdg.enable = false;
}
modules.dev.xdg.enable
type
boolean
example
{
modules.dev.xdg.enable = true;
}
default
{
modules.dev.xdg.enable = true;
}
modules.editors.default
type
string
default
{
modules.editors.default = "vim";
}
modules.editors.emacs.enable
type
boolean
example
{
modules.editors.emacs.enable = true;
}
default
{
modules.editors.emacs.enable = false;
}
modules.editors.emacs.doom.enable
type
boolean
example
{
modules.editors.emacs.doom.enable = true;
}
default
{
modules.editors.emacs.doom.enable = true;
}
modules.editors.emacs.doom.fromSSH
type
boolean
example
{
modules.editors.emacs.doom.fromSSH = true;
}
default
{
modules.editors.emacs.doom.fromSSH = false;
}
modules.editors.vim.enable
type
boolean
example
{
modules.editors.vim.enable = true;
}
default
{
modules.editors.vim.enable = false;
}
modules.hardware.audio.enable
type
boolean
example
{
modules.hardware.audio.enable = true;
}
default
{
modules.hardware.audio.enable = false;
}
modules.hardware.bluetooth.enable
type
boolean
example
{
modules.hardware.bluetooth.enable = true;
}
default
{
modules.hardware.bluetooth.enable = false;
}
modules.hardware.ergodox.enable
type
boolean
example
{
modules.hardware.ergodox.enable = true;
}
default
{
modules.hardware.ergodox.enable = false;
}
modules.hardware.fs.enable
type
boolean
example
{
modules.hardware.fs.enable = true;
}
default
{
modules.hardware.fs.enable = false;
}
modules.hardware.fs.ssd.enable
type
boolean
example
{
modules.hardware.fs.ssd.enable = true;
}
default
{
modules.hardware.fs.ssd.enable = false;
}
modules.hardware.fs.zfs.enable
type
boolean
example
{
modules.hardware.fs.zfs.enable = true;
}
default
{
modules.hardware.fs.zfs.enable = false;
}
modules.hardware.nvidia.enable
type
boolean
example
{
modules.hardware.nvidia.enable = true;
}
default
{
modules.hardware.nvidia.enable = false;
}
modules.hardware.razer.enable
type
boolean
example
{
modules.hardware.razer.enable = true;
}
default
{
modules.hardware.razer.enable = false;
}
modules.hardware.sensors.enable
type
boolean
example
{
modules.hardware.sensors.enable = true;
}
default
{
modules.hardware.sensors.enable = false;
}
modules.hardware.wacom.enable
type
boolean
example
{
modules.hardware.wacom.enable = true;
}
default
{
modules.hardware.wacom.enable = false;
}
modules.services.calibre.enable
type
boolean
example
{
modules.services.calibre.enable = true;
}
default
{
modules.services.calibre.enable = false;
}
modules.services.discourse.enable
type
boolean
example
{
modules.services.discourse.enable = true;
}
default
{
modules.services.discourse.enable = false;
}
modules.services.docker.enable
type
boolean
example
{
modules.services.docker.enable = true;
}
default
{
modules.services.docker.enable = false;
}
modules.services.fail2ban.enable
type
boolean
example
{
modules.services.fail2ban.enable = true;
}
default
{
modules.services.fail2ban.enable = false;
}
modules.services.gitea.enable
type
boolean
example
{
modules.services.gitea.enable = true;
}
default
{
modules.services.gitea.enable = false;
}
modules.services.jellyfin.enable
type
boolean
example
{
modules.services.jellyfin.enable = true;
}
default
{
modules.services.jellyfin.enable = false;
}
modules.services.nginx.enable
type
boolean
example
{
modules.services.nginx.enable = true;
}
default
{
modules.services.nginx.enable = false;
}
modules.services.nginx.enableCloudflareSupport
type
boolean
example
{
modules.services.nginx.enableCloudflareSupport = true;
}
default
{
modules.services.nginx.enableCloudflareSupport = false;
}
modules.services.ssh.enable
type
boolean
example
{
modules.services.ssh.enable = true;
}
default
{
modules.services.ssh.enable = false;
}
modules.services.syncthing.enable
type
boolean
example
{
modules.services.syncthing.enable = true;
}
default
{
modules.services.syncthing.enable = false;
}
modules.services.teamviewer.enable
type
boolean
example
{
modules.services.teamviewer.enable = true;
}
default
{
modules.services.teamviewer.enable = false;
}
modules.services.transmission.enable
type
boolean
example
{
modules.services.transmission.enable = true;
}
default
{
modules.services.transmission.enable = false;
}
modules.services.vaultwarden.enable
type
boolean
example
{
modules.services.vaultwarden.enable = true;
}
default
{
modules.services.vaultwarden.enable = false;
}
modules.shell.adl.enable
type
boolean
example
{
modules.shell.adl.enable = true;
}
default
{
modules.shell.adl.enable = false;
}
modules.shell.direnv.enable
type
boolean
example
{
modules.shell.direnv.enable = true;
}
default
{
modules.shell.direnv.enable = false;
}
modules.shell.git.enable
type
boolean
example
{
modules.shell.git.enable = true;
}
default
{
modules.shell.git.enable = false;
}
modules.shell.gnupg.enable
type
boolean
example
{
modules.shell.gnupg.enable = true;
}
default
{
modules.shell.gnupg.enable = false;
}
modules.shell.gnupg.cacheTTL
type
signed integer
default
{
modules.shell.gnupg.cacheTTL = 3600;
}
modules.shell.pass.enable
type
boolean
example
{
modules.shell.pass.enable = true;
}
default
{
modules.shell.pass.enable = false;
}
modules.shell.pass.passwordStoreDir
type
string
default
{
modules.shell.pass.passwordStoreDir = "$HOME/.secrets/password-store";
}
modules.shell.tmux.enable
type
boolean
example
{
modules.shell.tmux.enable = true;
}
default
{
modules.shell.tmux.enable = false;
}
modules.shell.tmux.rcFiles
type
list of string or path
default
{
modules.shell.tmux.rcFiles = [];
}
modules.shell.vaultwarden.enable
type
boolean
example
{
modules.shell.vaultwarden.enable = true;
}
default
{
modules.shell.vaultwarden.enable = false;
}
modules.shell.vaultwarden.config
type
attribute set
default
{
modules.shell.vaultwarden.config = {};
}
modules.shell.zsh.enable
type
boolean
example
{
modules.shell.zsh.enable = true;
}
default
{
modules.shell.zsh.enable = false;
}
modules.shell.zsh.aliases
type
attribute set of string or path
default
{
modules.shell.zsh.aliases = {};
}
modules.shell.zsh.envFiles
type
list of string or path
default
{
modules.shell.zsh.envFiles = [];
}
modules.shell.zsh.envInit
Zsh lines to be written to $XDG_CONFIG_HOME/zsh/extra.zshenv and sourced by $XDG_CONFIG_HOME/zsh/.zshenv
type
strings concatenated with "\n"
default
{
modules.shell.zsh.envInit = "";
}
modules.shell.zsh.rcFiles
type
list of string or path
default
{
modules.shell.zsh.rcFiles = [];
}
modules.shell.zsh.rcInit
Zsh lines to be written to $XDG_CONFIG_HOME/zsh/extra.zshrc and sourced by $XDG_CONFIG_HOME/zsh/.zshrc
type
strings concatenated with "\n"
default
{
modules.shell.zsh.rcInit = "";
}
user
type
attribute set
default
{
user = {};
}
device.mountPoints
Available mount points
type
list of string
example
{
device.mountPoints = [
"/"
"/mnt/backup"
];
}
default
{
device.mountPoints = [
"/"
];
}
device.netDevices
Available net devices
type
list of string
example
{
device.netDevices = [
"eno1"
"wlp2s0"
];
}
default
{
device.netDevices = [
"eth0"
];
}
device.type
Type of device
type
one of "desktop", "notebook"
default
{
device.type = "desktop";
}
meta.configPath
Location of this config
type
path
default
{
meta.configPath = "/etc/nixos";
}
meta.username
Main username
type
string
default
{
meta.username = "thiagoko";
}
programs.neovim.enable
Whether to enable Neovim.
type
boolean
example
{
programs.neovim.enable = true;
}
default
{
programs.neovim.enable = false;
}
programs.neovim.package
The package to use for the neovim binary.
type
package
default
{
programs.neovim.package = {
_type = "literalExpression";
text = "pkgs.neovim-unwrapped";
};
}
programs.neovim.configure
Generate your init file from your list of plugins and custom commands.
Neovim will then be wrapped to load
type
attribute set
example
{
programs.neovim.configure = {
_type = "literalExpression";
text = ''
{
customRC = ''
" here your custom configuration goes!
'';
packages.myVimPackage = with pkgs.vimPlugins; {
# loaded on launch
start = [ fugitive ];
# manually loadable by calling `:packadd $plugin-name`
opt = [ ];
};
}
'';
};
}
default
{
programs.neovim.configure = {};
}
programs.neovim.defaultEditor
When enabled, installs neovim and configures neovim to be the default editor using the EDITOR environment variable.
type
boolean
default
{
programs.neovim.defaultEditor = false;
}
programs.neovim.runtime
Set of files that have to be linked in
type
attribute set of submodule
example
{
programs.neovim.runtime = {
_type = "literalExpression";
text = ''
{ "ftplugin/c.vim".text = "setlocal omnifunc=v:lua.vim.lsp.omnifunc"; }
'';
};
}
default
{
programs.neovim.runtime = {};
}
programs.neovim.runtime.<name>.enable
Whether this /etc file should be generated. This option allows specific /etc files to be disabled.
type
boolean
default
{
programs.neovim.runtime.<name>.enable = true;
}
programs.neovim.runtime.<name>.source
Path of the source file.
type
path
programs.neovim.runtime.<name>.target
Name of symlink. Defaults to the attribute name.
type
string
programs.neovim.runtime.<name>.text
Text of the file.
type
null or strings concatenated with "\n"
default
{
programs.neovim.runtime.<name>.text = null;
}
programs.neovim.viAlias
Symlink
type
boolean
default
{
programs.neovim.viAlias = false;
}
programs.neovim.vimAlias
Symlink
type
boolean
default
{
programs.neovim.vimAlias = false;
}
programs.neovim.withNodeJs
Enable Node provider.
type
boolean
default
{
programs.neovim.withNodeJs = false;
}
programs.neovim.withPython3
Enable Python 3 provider.
type
boolean
default
{
programs.neovim.withPython3 = true;
}
programs.neovim.withRuby
Enable Ruby provider.
type
boolean
default
{
programs.neovim.withRuby = true;
}
services.xsettingsd.enable
Whether to enable xsettingsd.
type
boolean
example
{
services.xsettingsd.enable = true;
}
default
{
services.xsettingsd.enable = false;
}
services.xsettingsd.package
Package containing the
type
package
default
{
services.xsettingsd.package = {
_type = "literalExpression";
text = "pkgs.xsettingsd";
};
}
services.xsettingsd.settings
Xsettingsd options for configuration file. See
for documentation on these values.type
attribute set of boolean or signed integer or string
example
{
services.xsettingsd.settings = {
_type = "literalExpression";
text = ''
{
"Net/ThemeName" = "Numix";
"Xft/Antialias" = true;
"Xft/Hinting" = true;
"Xft/RGBA" = "rgb";
}
'';
};
}
default
{
services.xsettingsd.settings = {};
}
theme.colors
Base16 colors
type
attribute set of string
theme.fonts.dpi
Font dpi
type
signed integer
default
{
theme.fonts.dpi = 135;
}
theme.fonts.gui
GUI main font
type
null or submodule
theme.fonts.gui.package
Theme package
type
null or package
theme.fonts.gui.name
Theme name
type
string
action
Attr of the action code itself of the command or subcommand for each language that you want to support
type
attribute set of string
default
{
action = {
bash = "exit 0";
c = "exit(0);";
};
}
allowExtraArguments
Allow the command to receive unmatched arguments
type
boolean
default
{
allowExtraArguments = false;
}
description
Command description
type
string
default
{
description = "Example cli script generated with nix";
}
flags
Command flags
type
list of submodule
default
{
flags = [];
}
flags.*.description
Description of the flag value
type
string
default
{
flags.*.description = "";
}
flags.*.keywords
Which keywords refer to this flag
type
non-empty list of string matching the pattern -[a-zA-Z0-9]|-(-[a-z0-9]*)
default
{
flags.*.keywords = [];
}
flags.*.required
Is the value required?
type
boolean
default
{
flags.*.required = false;
}
flags.*.validator
Command to run passing the input to validate the flag value
type
string
default
{
flags.*.validator = "any";
}
flags.*.variable
Variable to store the result
type
string matching the pattern [A-Z][A-Z_]*
name
Name of the command shown on --help
type
string matching the pattern [a-zA-Z0-9_][a-zA-Z0-9_-]*
default
{
name = "example";
}
subcommands
Subcommands has all the attributes of commands, even subcommands...
type
attribute set of submodule
default
{
subcommands = {};
}
subcommands.<name>.name
This is a recursive from command
type
string
default
{
subcommands.<name>.name = "...";
}
target.bash.code
Code output
type
strings concatenated with "\n"
target.bash.drv
Package using the shell script version as a binary
type
package
target.bash.prelude
Stuff that must be added before the argument parser
type
strings concatenated with "\n"
default
{
target.bash.prelude = "";
}
target.bash.shebang
Script shebang
type
string
default
{
target.bash.shebang = "#!/usr/bin/env bash";
}
target.bash.validators
Parameter validators
type
attribute set of string
cachix.enable
Whether to enable enable cachix.
type
boolean
example
{
cachix.enable = true;
}
default
{
cachix.enable = false;
}
gc-hold.paths
Paths to hold for GC
type
list of package
default
{
gc-hold.paths = [];
}
programs.hello-world.enable
Whether to enable Hello world module PoC.
type
boolean
example
{
programs.hello-world.enable = true;
}
default
{
programs.hello-world.enable = false;
}
services.screenkey.enable
Whether to enable Screenkey.
type
boolean
example
{
services.screenkey.enable = true;
}
default
{
services.screenkey.enable = false;
}
services.screenkey.package
Screenkey package to be used
type
package
default
{
services.screenkey.package = {
drvPath = "screenkey-1.4";
name = "screenkey-1.4";
outPath = "screenkey-1.4";
type = "derivation";
};
}
services.unstore.enable
Whether to enable unstore: scheduled delete of nix-store paths that contain a file pattern.
type
boolean
example
{
services.unstore.enable = true;
}
default
{
services.unstore.enable = false;
}
services.unstore.paths
Path patterns to remove
type
list of string
default
{
services.unstore.paths = [
"job_runner.ipynb"
"flake.nix"
];
}
services.unstore.startAt
When to run the service
type
string
default
{
services.unstore.startAt = "*-*-* *:00:00";
}
vps.pgbackup.enable
Whether to enable Enable postgres backups.
type
boolean
example
{
vps.pgbackup.enable = true;
}
default
{
vps.pgbackup.enable = false;
}
vps.pgbackup.localFolder
Where to store the local backups
type
path
default
{
vps.pgbackup.localFolder = "/backups/postgres";
}
audio.enable
Whether to enable sound or not
type
boolean
default
{
audio.enable = true;
}
booting.enable
Whether to enable Enable default host configuration.
type
boolean
example
{
booting.enable = true;
}
default
{
booting.enable = false;
}
booting.portable.enable
Whether to enable Cofigure NixOS for a removable drive (compatible with both MBR and EFI loaders) TODO describe partition setup required .
type
boolean
example
{
booting.portable.enable = true;
}
default
{
booting.portable.enable = false;
}
booting.portable.device
Drive device ID (not to be confused with partition ID) in which to install GRUB. Can be gotten from ls TODO
type
string
example
{
booting.portable.device = "/dev/disk/by-id/ata-KINGSTON_SA400S37960G_0123456789ABCDEF";
}
default
{
booting.portable.device = null;
}
booting.portable.efiSysMountPoint
Mount point for EFI system
type
string
default
{
booting.portable.efiSysMountPoint = "/efi";
}
booting.tmpOnTmpfs
Whether to mount /tmp on RAM or not
type
boolean
example
{
booting.tmpOnTmpfs = false;
}
default
{
booting.tmpOnTmpfs = true;
}
booting.useOSProber
Whether to enable Whether to search for other operational systems for boot menu or not .
type
boolean
example
{
booting.useOSProber = true;
}
default
{
booting.useOSProber = false;
}
encription.enable
Whether to enable GPG agent or not
type
boolean
default
{
encription.enable = true;
}
graphics.nvidia.enable
Whether to enable Enable NVidia configuration.
type
boolean
example
{
graphics.nvidia.enable = true;
}
default
{
graphics.nvidia.enable = false;
}
gui.enable
Whether to enable Enable default gui configuration.
type
boolean
example
{
gui.enable = true;
}
default
{
gui.enable = false;
}
gui.bspwm.enable
Whether to enable Enable BSPWM (and SXHKD).
type
boolean
example
{
gui.bspwm.enable = true;
}
default
{
gui.bspwm.enable = false;
}
gui.bspwm.window.borderWidth
Window border width
type
signed integer
default
{
gui.bspwm.window.borderWidth = 3;
}
gui.bspwm.window.gap
Gap between windows
type
signed integer
default
{
gui.bspwm.window.gap = 22;
}
gui.polybar.enable
Whether to enable Enable default polybar configuration.
type
boolean
example
{
gui.polybar.enable = true;
}
default
{
gui.polybar.enable = false;
}
gui.scriptPath
Script that runs the user's graphical interface
type
string
example
{
gui.scriptPath = ".hm-xsession";
}
default
{
gui.scriptPath = ".xsession";
}
gui.xfce.enable
Whether to enable Enable BSPWM (and SXHKD).
type
boolean
example
{
gui.xfce.enable = true;
}
default
{
gui.xfce.enable = false;
}
gui.xfce.enableScreensaver
Enable the XFCE screensaver.
type
boolean
default
{
gui.xfce.enableScreensaver = true;
}
gui.xfce.enableXfwm
Enable the XFWM (default) window manager.
type
boolean
default
{
gui.xfce.enableXfwm = true;
}
gui.xfce.noDesktop
Don't install XFCE desktop components (xfdesktop and panel).
type
boolean
default
{
gui.xfce.noDesktop = false;
}
gui.xfce.thunarPlugins
A list of plugin that should be installed with Thunar.
type
list of package
example
{
gui.xfce.thunarPlugins = {
_type = "literalExpression";
text = "[ pkgs.xfce.thunar-archive-plugin ]";
};
}
default
{
gui.xfce.thunarPlugins = [];
}
keyboard.enable
Whether to enable Enable default host configuration.
type
boolean
example
{
keyboard.enable = true;
}
default
{
keyboard.enable = false;
}
keyboard.gui.layout
type
string
example
{
keyboard.gui.layout = "us";
}
default
{
keyboard.gui.layout = "us";
}
keyboard.gui.options
type
string
example
{
keyboard.gui.options = "";
}
default
{
keyboard.gui.options = "caps:swapescape";
}
keyboard.gui.variant
type
string
example
{
keyboard.gui.variant = "intl";
}
default
{
keyboard.gui.variant = null;
}
keyboard.tty.layout
type
string
example
{
keyboard.tty.layout = "de";
}
default
{
keyboard.tty.layout = "us";
}
mouse.enable
Enable default mouse configuration
type
boolean
default
{
mouse.enable = true;
}
mouse.touchPad
Enable touch pad configuration
type
boolean
default
{
mouse.touchPad = true;
}
network.enable
Whether to enable Whether to enable network configuration or not.
type
boolean
example
{
network.enable = true;
}
default
{
network.enable = false;
}
network.interfaces
Network interfaces
type
list of string
example
{
network.interfaces = [
"enp2s0"
"wlp3s0"
];
}
default
{
network.interfaces = [];
}
network.sshServer
Whether to use OpenSSH or not
type
boolean
default
{
network.sshServer = false;
}
network.useDHCP
Whether to use DHCP or not
type
boolean
default
{
network.useDHCP = true;
}
permissions.enable
Whether to enable Enable default user configurations.
type
boolean
example
{
permissions.enable = true;
}
default
{
permissions.enable = false;
}
permissions.defaultGroups
Groups every user belongs to
type
list of Concatenated string
example
{
permissions.defaultGroups = {
_type = "literalExpression";
text = "[ "lp" ]";
};
}
default
{
permissions.defaultGroups = [];
}
permissions.defaultUserShell
Default user shell
type
package
example
{
permissions.defaultUserShell = {
_type = "literalExpression";
text = "pkgs.bash";
};
}
default
{
permissions.defaultUserShell = {
drvPath = "zsh-5.8.1";
name = "zsh-5.8.1";
outPath = "zsh-5.8.1";
type = "derivation";
};
}
permissions.users
Set of users for the machine
type
attribute set
example
{
permissions.users = {
_type = "literalExpression";
text = ''
{
"marcos" = {
isNormalUser = true;
extraGroups = [ "wheel" ];
};
"family" = {
isNormalUser = true;
};
}
'';
};
}
default
{
permissions.users = {};
}
printer.enable
Enable default printing configuration
type
boolean
default
{
printer.enable = true;
}
printer.drivers
Extra printing drivers
type
list of package
example
{
printer.drivers = "[ pkgs.epson-escpr ]";
}
default
{
printer.drivers = [];
}
typeface.enable
Whether to enable Enable default font configuration.
type
boolean
example
{
typeface.enable = true;
}
default
{
typeface.enable = false;
}
typeface.console
Font for the TTY console
type
string
example
{
typeface.console = "...";
}
default
{
typeface.console = "Lat2-Terminus16";
}
variables.enable
Enable session variables configuration
type
boolean
default
{
variables.enable = true;
}
variables.definitions
Extra variables
type
attribute set of string
example
{
variables.definitions = {
_type = "literalExpression";
text = "{ EDITOR = "nano"; }";
};
}
default
{
variables.definitions = {};
}
variables.useDefault
Whether to use default environment variables or not
type
boolean
default
{
variables.useDefault = true;
}
services.duckling-proxy.enable
Whether to enable Gemini proxy to access the Web.
type
boolean
example
{
services.duckling-proxy.enable = true;
}
default
{
services.duckling-proxy.enable = false;
}
services.duckling-proxy.package
Which package this service should use.
type
package
default
{
services.duckling-proxy.package = {
drvPath = "duckling-proxy";
name = "duckling-proxy";
outPath = "duckling-proxy";
type = "derivation";
};
}
services.duckling-proxy.address
Which address this service should listen on.
type
string
default
{
services.duckling-proxy.address = "127.0.0.1";
}
services.duckling-proxy.port
Which port this service should listen on.
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
services.duckling-proxy.port = 1965;
}
services.duckling-proxy.serverCert
Path to Gemini server TLS certificate.
type
string
services.duckling-proxy.serverKey
Path to Gemini server TLS private key.
type
string
services.duckling-proxy.settings
Command-line flags, see {duckling-homepage}
type
attribute set of null or string
example
{
services.duckling-proxy.settings = {
citationMarkers = null;
citationStart = 3;
};
}
default
{
services.duckling-proxy.settings = {};
}
services.kineto.enable
Whether to enable HTTP to Gemini proxy.
type
boolean
example
{
services.kineto.enable = true;
}
default
{
services.kineto.enable = false;
}
services.kineto.package
Which package this service should use.
type
package
default
{
services.kineto.package = {
drvPath = "kineto";
name = "kineto";
outPath = "kineto";
type = "derivation";
};
}
services.kineto.address
Which address this service should listen on.
type
string
default
{
services.kineto.address = "127.0.0.1";
}
services.kineto.geminiDomain
Gemini domain to serve via HTTP.
type
string
example
{
services.kineto.geminiDomain = "gemini://example.org";
}
services.kineto.port
Which port this service should listen on.
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
services.kineto.port = "8080";
}
environment.persistence
Persistent storage locations and the files and directories to link to them. Each attribute name should be the full path to a persistent storage location.
For detailed usage, check the documentation.
type
attribute set of submodule
default
{
environment.persistence = {};
}
environment.persistence.<name>.directories
Directories to bind mount to persistent storage.
type
list of string
example
{
environment.persistence.<name>.directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
];
}
default
{
environment.persistence.<name>.directories = [];
}
environment.persistence.<name>.files
Files in /etc that should be stored in persistent storage.
type
list of string
example
{
environment.persistence.<name>.files = [
"/etc/machine-id"
"/etc/nix/id_rsa"
];
}
default
{
environment.persistence.<name>.files = [];
}
home.persistence
type
attribute set of submodule
default
{
home.persistence = {};
}
home.persistence.<name>.allowOther
Whether to allow other users, such as
type
null or boolean
example
{
home.persistence.<name>.allowOther = true;
}
default
{
home.persistence.<name>.allowOther = null;
}
home.persistence.<name>.directories
A list of directories in your home directory that you want to link to persistent storage.
type
list of string
example
{
home.persistence.<name>.directories = [
"Downloads"
"Music"
"Pictures"
"Documents"
"Videos"
"VirtualBox VMs"
".gnupg"
".ssh"
".local/share/keyrings"
".local/share/direnv"
];
}
default
{
home.persistence.<name>.directories = [];
}
home.persistence.<name>.files
A list of files in your home directory you want to link to persistent storage.
type
list of string
example
{
home.persistence.<name>.files = [
".screenrc"
];
}
default
{
home.persistence.<name>.files = [];
}
home.persistence.<name>.removePrefixDirectory
Note: This is mainly useful if you have a dotfiles repo structured for use with GNU Stow; if you don't, you can likely ignore it.
Whether to remove the first directory when linking
or mounting; e.g. for the path
type
boolean
example
{
home.persistence.<name>.removePrefixDirectory = true;
}
default
{
home.persistence.<name>.removePrefixDirectory = false;
}
kubenix.project
Name of the project
type
string
default
{
kubenix.project = "kubenix";
}
submodule.args._empty
type
unspecified
submodule.description
Module description
type
string
default
{
submodule.description = "";
}
submodule.exports
Attribute set of functions to export
type
attribute set
default
{
submodule.exports = {};
}
submodule.name
Module name
type
string
submodule.passthru
Attribute set to passthru
type
attribute set
default
{
submodule.passthru = {};
}
submodule.tags
List of submodule tags
type
list of string
default
{
submodule.tags = [];
}
submodule.version
Module version
type
string
default
{
submodule.version = "1.0.0";
}
deployment.alwaysActivate
Always run the activation script, no matter whether the configuration
has changed (the default). This behaviour can be enforced even if it's
set to false using the command line option
--always-activate on deployment.
If this is set to false, activation is done only if
the new system profile doesn't match the previous one.
type
boolean
default
{
deployment.alwaysActivate = true;
}
deployment.arguments
Attribute set representing the NixOps arguments. This is set by NixOps.
type
unspecified
deployment.hasFastConnection
If set to true, whole closure will be copied using just nix-copy-closure.
If set to false, closure will be copied first using binary substitution.
Additionally, any missing derivations copied with nix-copy-closure will be done
using --gzip flag.
Some backends set this value to true.
type
boolean
default
{
deployment.hasFastConnection = false;
}
deployment.keys
The set of keys to be deployed to the machine. Each attribute maps
a key name to a file that can be accessed as
destDir/name,
where destDir defaults to
/run/keys. Thus, { password.text = "foobar"; } causes a file
destDir/passwordto be created with contentsfoobar. The directory destDiris only accessible to root and thekeys`` group, so keep in mind
to add any users that need to have access to a particular key to this
group.
Each key also gets a systemd service <name>-key.service
which is active while the key is present and inactive while the key
is absent. Thus, { password.text = "foobar"; } gets
a password-key.service.
type
attribute set of string or key options
example
{
deployment.keys = {
password = {
text = "foobar";
};
};
}
default
{
deployment.keys = {};
}
deployment.keys.<name>.destDir
When specified, this allows changing the destDir directory of the key
file from its default value of /run/keys.
This directory will be created, its permissions changed to
0750 and ownership to root:keys.
type
path
default
{
deployment.keys.<name>.destDir = "/run/keys";
}
deployment.keys.<name>.group
The group that will be set for the key file.
type
string
default
{
deployment.keys.<name>.group = "root";
}
deployment.keys.<name>.keyCommand
When non-null, output of this command run on local machine will be
deployed to the specified key on the target machine. If the key name
is
password and echo secrettoken
is set here, the contents of the file
destDir/password
deployed will equal the output of the command echo secrettoken.
This option is especially useful when you don't want to store the secrets inside of your NixOps deployment but rather in a well-guarded place such as an encrypted file. Consider using nixpkgs.password-store as storage for such sensitive secrets.
NOTE: Either text, keyCommand or
keyFile have to be set.
type
null or list of string
example
{
deployment.keys.<name>.keyCommand = [
"pass"
"show"
"secrettoken"
];
}
default
{
deployment.keys.<name>.keyCommand = null;
}
deployment.keys.<name>.keyFile
When non-null, contents of the specified file will be deployed to the
specified key on the target machine. If the key name is
password and /foo/bar is set
here, the contents of the file
destDir/password
deployed will be the same as local file /foo/bar.
Since no serialization/deserialization of key contents is involved, there
are no limits on that content: null bytes, invalid Unicode,
/dev/random output -- anything goes.
NOTE: Either text, keyCommand or
keyFile have to be set.
type
null or path
default
{
deployment.keys.<name>.keyFile = null;
}
deployment.keys.<name>.name
The name of the key file.
type
string
example
{
deployment.keys.<name>.name = "secret.txt";
}
default
{
deployment.keys.<name>.name = "‹name›";
}
deployment.keys.<name>.permissions
The default permissions to set for the key file, needs to be in the
format accepted by chmod(1).
type
string
example
{
deployment.keys.<name>.permissions = "0640";
}
default
{
deployment.keys.<name>.permissions = "0600";
}
deployment.keys.<name>.text
When non-null, this designates the text that the key should contain. So if
the key name is password and
foobar is set here, the contents of the file
destDir/password
will be foobar.
NOTE: Either text, keyCommand or
keyFile have to be set.
type
null or string
example
{
deployment.keys.<name>.text = "super secret stuff";
}
default
{
deployment.keys.<name>.text = null;
}
deployment.keys.<name>.user
The user which will be the owner of the key file.
type
string
default
{
deployment.keys.<name>.user = "root";
}
deployment.name
The name of the NixOps deployment. This is set by NixOps.
type
string
deployment.owners
List of email addresses of the owners of the machines. Used to send email on performing certain actions.
type
list of string
default
{
deployment.owners = [];
}
deployment.privilegeEscalationCommand
A command to escalate to root privileges when using SSH as a non-root user.
This option is ignored if the targetUser option is set to root.
The program and its options are executed verbatim without shell.
It's good practice to end with "--" to indicate that the privilege escalation command should stop processing command line arguments.
type
list of string
default
{
deployment.privilegeEscalationCommand = [
"sudo"
"-H"
"--"
];
}
deployment.provisionSSHKey
This option specifies whether to let NixOps provision SSH deployment keys.
NixOps will by default generate an SSH key, store the private key in its state file, and add the public key to the remote host.
Setting this option to false will disable this behaviour
and rely on you to manage your own SSH keys by yourself and to ensure
that ssh has access to any keys it requires.
type
boolean
default
{
deployment.provisionSSHKey = true;
}
deployment.sshOptions
Extra options passed to the OpenSSH client verbatim, and are not executed by a shell.
type
list of string
default
{
deployment.sshOptions = [];
}
deployment.targetEnv
This option specifies the type of the environment in which the machine is to be deployed by NixOps.
type
string
example
{
deployment.targetEnv = "ec2";
}
default
{
deployment.targetEnv = "none";
}
deployment.targetHost
This option specifies the hostname or IP address to be used by NixOps to execute remote deployment operations.
type
string
deployment.targetPort
This option specifies the SSH port to be used by NixOps to execute remote deployment operations.
type
signed integer
deployment.targetUser
The username to be used by NixOps by SSH when connecting to the remote system.
type
string
default
{
deployment.targetUser = "root";
}
deployment.uuid
The UUID of the NixOps deployment. This is set by NixOps.
type
string
name
Name of the Command Output.
type
string
default
{
name = "{name}";
}
networking.privateIPv4
IPv4 address of this machine within in the logical network. This address can be used by other machines in the logical network to reach this machine. However, it need not be visible to the outside (i.e., publicly routable).
type
string
example
{
networking.privateIPv4 = "10.1.2.3";
}
networking.publicIPv4
Publicly routable IPv4 address of this machine.
type
null or string
example
{
networking.publicIPv4 = "198.51.100.123";
}
default
{
networking.publicIPv4 = null;
}
networking.vpnPublicKey
Public key of the machine's VPN key (set by nixops)
type
null or string
default
{
networking.vpnPublicKey = null;
}
privateKey
The generated private key.
type
string
default
{
privateKey = "";
}
publicKey
The generated public SSH key.
type
string
default
{
publicKey = "";
}
script
Text of a script which will produce a JSON value.
Warning: This uses shell features and is potentially dangerous.
Environment variables:
$out is a temp directory available for use.
type
null or string
default
{
script = null;
}
value
Result of running script.
type
null or string
default
{
value = null;
}
deployment.alwaysActivate
Always run the activation script, no matter whether the configuration
has changed (the default). This behaviour can be enforced even if it's
set to false using the command line option
--always-activate on deployment.
If this is set to false, activation is done only if
the new system profile doesn't match the previous one.
type
boolean
default
{
deployment.alwaysActivate = true;
}
deployment.ec2.accessKeyId
The AWS Access Key ID. If left empty, it defaults to the
contents of the environment variables
type
string
example
{
deployment.ec2.accessKeyId = "AKIABOGUSACCESSKEY";
}
default
{
deployment.ec2.accessKeyId = "";
}
deployment.ec2.ami
EC2 identifier of the AMI disk image used in the virtual machine. This must be a NixOS image providing SSH access.
type
string
example
{
deployment.ec2.ami = "ami-00000000";
}
deployment.ec2.associatePublicIpAddress
If instance in a subnet/VPC, whether to associate a public IP address with the instance.
type
boolean
default
{
deployment.ec2.associatePublicIpAddress = false;
}
deployment.ec2.blockDeviceMapping
Block device mapping.
With the following instances, EBS volumes are exposed as NVMe block devices: C5, C5d, i3.metal, M5, and M5d (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html). For these instances volumes should be attached as
type
attribute set of submodule
example
{
deployment.ec2.blockDeviceMapping = {
"/dev/xvdb" = {
disk = "ephemeral0";
};
"/dev/xvdg" = {
disk = "vol-00000000";
};
};
}
default
{
deployment.ec2.blockDeviceMapping = {};
}
deployment.ec2.blockDeviceMapping.<name>.cipher
The cipher used to encrypt the disk.
type
string
default
{
deployment.ec2.blockDeviceMapping.<name>.cipher = "aes-cbc-essiv:sha256";
}
deployment.ec2.blockDeviceMapping.<name>.deleteOnTermination
For automatically created EBS volumes, determines whether the volume should be deleted on instance termination.
type
boolean
deployment.ec2.blockDeviceMapping.<name>.disk
EC2 identifier of the disk to be mounted. This can be an
ephemeral disk (e.g.
type
string or resource of type ‘ebs-volume’
example
{
deployment.ec2.blockDeviceMapping.<name>.disk = "vol-00000000";
}
default
{
deployment.ec2.blockDeviceMapping.<name>.disk = "";
}
deployment.ec2.blockDeviceMapping.<name>.encrypt
Whether the EBS volume should be encrypted using LUKS.
type
boolean
default
{
deployment.ec2.blockDeviceMapping.<name>.encrypt = false;
}
deployment.ec2.blockDeviceMapping.<name>.encryptionType
Whether the EBS volume should be encrypted using LUKS or on the underlying EBS volume (Amazon EBS feature). Possible values are "luks" (default) and "ebs".
type
one of "luks", "ebs"
default
{
deployment.ec2.blockDeviceMapping.<name>.encryptionType = "luks";
}
deployment.ec2.blockDeviceMapping.<name>.fsType
Filesystem type for automatically created EBS volumes.
type
string
default
{
deployment.ec2.blockDeviceMapping.<name>.fsType = "ext4";
}
deployment.ec2.blockDeviceMapping.<name>.iops
The provisioned IOPS you want to associate with this EBS volume.
type
null or signed integer
default
{
deployment.ec2.blockDeviceMapping.<name>.iops = null;
}
deployment.ec2.blockDeviceMapping.<name>.keySize
The size of the encryption key.
type
signed integer
default
{
deployment.ec2.blockDeviceMapping.<name>.keySize = 128;
}
deployment.ec2.blockDeviceMapping.<name>.passphrase
The passphrase (key file) used to decrypt the key to access the device. If left empty, a passphrase is generated automatically; this passphrase is lost when you destroy the machine or remove the volume, unless you copy it from NixOps's state file. Note that the passphrase is stored in the Nix store of the instance, so an attacker who gains access to the EBS volume or instance store that contains the Nix store can subsequently decrypt the encrypted volume.
type
string
default
{
deployment.ec2.blockDeviceMapping.<name>.passphrase = "";
}
deployment.ec2.blockDeviceMapping.<name>.size
Volume size (in gigabytes). This may be left unset if you are creating the volume from a snapshot, in which case the size of the volume will be equal to the size of the snapshot. However, you can set a size larger than the snapshot, allowing the volume to be larger than the snapshot from which it is created.
type
signed integer
example
{
deployment.ec2.blockDeviceMapping.<name>.size = 100;
}
deployment.ec2.blockDeviceMapping.<name>.volumeType
The volume type for the EBS volume, which must be one of
type
one of "standard", "io1", "io2", "gp2", "gp3", "st1", "sc1"
default
{
deployment.ec2.blockDeviceMapping.<name>.volumeType = "standard";
}
deployment.ec2.ebsBoot
Whether you want to boot from an EBS-backed AMI. Only EBS-backed instances can be stopped and restarted, and attach other EBS volumes at boot time. This option determines the selection of the default AMI; if you explicitly specify
, it has no effect.type
boolean
default
{
deployment.ec2.ebsBoot = true;
}
deployment.ec2.ebsInitialRootDiskSize
Preferred size (G) of the root disk of the EBS-backed instance. By default, EBS-backed images have a size determined by the AMI. Only supported on creation of the instance.
type
signed integer
default
{
deployment.ec2.ebsInitialRootDiskSize = 0;
}
deployment.ec2.ebsOptimized
Whether the EC2 instance should be created as an EBS Optimized instance.
type
boolean
default
{
deployment.ec2.ebsOptimized = false;
}
deployment.ec2.elasticIPv4
Elastic IPv4 address to be associated with this machine.
type
string or resource of type ‘elastic-ip’
example
{
deployment.ec2.elasticIPv4 = "123.1.123.123";
}
default
{
deployment.ec2.elasticIPv4 = "";
}
deployment.ec2.instanceId
EC2 instance ID (set by NixOps).
type
string
default
{
deployment.ec2.instanceId = "";
}
deployment.ec2.instanceProfile
The name of the IAM Instance Profile (IIP) to associate with the instances.
type
string
example
{
deployment.ec2.instanceProfile = "rolename";
}
default
{
deployment.ec2.instanceProfile = "";
}
deployment.ec2.instanceType
EC2 instance type. See for a list of valid Amazon EC2 instance types.
type
string
example
{
deployment.ec2.instanceType = "m1.large";
}
default
{
deployment.ec2.instanceType = "m1.small";
}
deployment.ec2.keyPair
Name of the SSH key pair to be used to communicate securely
with the instance. Key pairs can be created using the
type
string or resource of type ‘ec2-keypair’
example
{
deployment.ec2.keyPair = "my-keypair";
}
deployment.ec2.physicalProperties
Attribute set containing number of CPUs and memory available to the machine.
type
attribute set of signed integer or string or boolean
example
{
deployment.ec2.physicalProperties = {
cores = 4;
memory = 14985;
};
}
default
{
deployment.ec2.physicalProperties = {};
}
deployment.ec2.placementGroup
Placement group for the instance.
type
string or resource of type ‘ec2-placement-group’
example
{
deployment.ec2.placementGroup = "my-cluster";
}
default
{
deployment.ec2.placementGroup = "";
}
deployment.ec2.privateKey
Path of the SSH private key file corresponding with
. NixOps will use this private key if set; otherwise, the key must be findable by SSH through its normal mechanisms (e.g. it should be listed intype
string
example
{
deployment.ec2.privateKey = "/home/alice/.ssh/id_rsa-my-keypair";
}
default
{
deployment.ec2.privateKey = "";
}
deployment.ec2.region
AWS region in which the instance is to be deployed. This option only applies when using EC2. It implicitly sets
.type
string
example
{
deployment.ec2.region = "us-east-1";
}
default
{
deployment.ec2.region = "";
}
deployment.ec2.securityGroupIds
Security Group IDs for the instance. Necessary if starting an instance inside a VPC/subnet. In the non-default VPC, security groups needs to be specified by ID and not name.
type
list of string
default
{
deployment.ec2.securityGroupIds = [
"default"
];
}
deployment.ec2.securityGroups
Security groups for the instance. These determine the firewall rules applied to the instance.
type
list of string or resource of type ‘ec2-security-group’
example
{
deployment.ec2.securityGroups = [
"my-group"
"my-other-group"
];
}
default
{
deployment.ec2.securityGroups = [
"default"
];
}
deployment.ec2.sourceDestCheck
If instance in a subnet/VPC, whether to enable or disable source-destination-check.
type
boolean
default
{
deployment.ec2.sourceDestCheck = true;
}
deployment.ec2.spotInstanceInterruptionBehavior
Whether to terminate, stop or hibernate the instance when it gets interrupted. For stop, spotInstanceRequestType must be set to "persistent".
type
one of "terminate", "stop", "hibernate"
default
{
deployment.ec2.spotInstanceInterruptionBehavior = "terminate";
}
deployment.ec2.spotInstancePrice
Price (in dollar cents per hour) to use for spot instances request for the machine. If the value is equal to 0 (default), then spot instances are not used.
type
signed integer
default
{
deployment.ec2.spotInstancePrice = 0;
}
deployment.ec2.spotInstanceRequestType
The type of the spot instance request. It can be either "one-time" or "persistent".
type
one of "one-time", "persistent"
default
{
deployment.ec2.spotInstanceRequestType = "one-time";
}
deployment.ec2.spotInstanceTimeout
The duration (in seconds) that the spot instance request is valid. If the request cannot be satisfied in this amount of time, the request will be cancelled automatically, and NixOps will fail with an error message. The default (0) is no timeout.
type
signed integer
default
{
deployment.ec2.spotInstanceTimeout = 0;
}
deployment.ec2.subnetId
The subnet inside a VPC to launch the instance in.
type
string or resource of type ‘vpc-subnet’
example
{
deployment.ec2.subnetId = "subnet-00000000";
}
default
{
deployment.ec2.subnetId = "";
}
deployment.ec2.tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
deployment.ec2.tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
deployment.ec2.tags = {};
}
deployment.ec2.tenancy
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. An instance with host tenancy runs on a Dedicated Host, which is an isolated server with configurations that you can control.
type
one of "default", "dedicated", "host"
default
{
deployment.ec2.tenancy = "default";
}
deployment.ec2.usePrivateIpAddress
If instance is in a subnet/VPC whether to use the private IP address for ssh connections to this host. Defaults to true in the case that you are deploying into a subnet but not associating a public ip address.
type
boolean
default
{
deployment.ec2.usePrivateIpAddress = false;
}
deployment.ec2.zone
The EC2 availability zone in which the instance should be created. If not specified, a zone is selected automatically.
type
string
example
{
deployment.ec2.zone = "us-east-1c";
}
default
{
deployment.ec2.zone = "";
}
deployment.hasFastConnection
If set to true, whole closure will be copied using just nix-copy-closure.
If set to false, closure will be copied first using binary substitution.
Additionally, any missing derivations copied with nix-copy-closure will be done
using --gzip flag.
Some backends set this value to true.
type
boolean
default
{
deployment.hasFastConnection = false;
}
deployment.keys
The set of keys to be deployed to the machine. Each attribute maps
a key name to a file that can be accessed as
destDir/name,
where destDir defaults to
/run/keys. Thus, { password.text = "foobar"; } causes a file
destDir/passwordto be created with contentsfoobar. The directory destDiris only accessible to root and thekeys`` group, so keep in mind
to add any users that need to have access to a particular key to this
group.
Each key also gets a systemd service <name>-key.service
which is active while the key is present and inactive while the key
is absent. Thus, { password.text = "foobar"; } gets
a password-key.service.
type
attribute set of string or key options
example
{
deployment.keys = {
password = {
text = "foobar";
};
};
}
default
{
deployment.keys = {};
}
deployment.keys.<name>.destDir
When specified, this allows changing the destDir directory of the key
file from its default value of /run/keys.
This directory will be created, its permissions changed to
0750 and ownership to root:keys.
type
path
default
{
deployment.keys.<name>.destDir = "/run/keys";
}
deployment.keys.<name>.group
The group that will be set for the key file.
type
string
default
{
deployment.keys.<name>.group = "root";
}
deployment.keys.<name>.keyCommand
When non-null, output of this command run on local machine will be
deployed to the specified key on the target machine. If the key name
is
password and echo secrettoken
is set here, the contents of the file
destDir/password
deployed will equal the output of the command echo secrettoken.
This option is especially useful when you don't want to store the secrets inside of your NixOps deployment but rather in a well-guarded place such as an encrypted file. Consider using nixpkgs.password-store as storage for such sensitive secrets.
NOTE: Either text, keyCommand or
keyFile have to be set.
type
null or list of string
example
{
deployment.keys.<name>.keyCommand = [
"pass"
"show"
"secrettoken"
];
}
default
{
deployment.keys.<name>.keyCommand = null;
}
deployment.keys.<name>.keyFile
When non-null, contents of the specified file will be deployed to the
specified key on the target machine. If the key name is
password and /foo/bar is set
here, the contents of the file
destDir/password
deployed will be the same as local file /foo/bar.
Since no serialization/deserialization of key contents is involved, there
are no limits on that content: null bytes, invalid Unicode,
/dev/random output -- anything goes.
NOTE: Either text, keyCommand or
keyFile have to be set.
type
null or path
default
{
deployment.keys.<name>.keyFile = null;
}
deployment.keys.<name>.name
The name of the key file.
type
string
example
{
deployment.keys.<name>.name = "secret.txt";
}
default
{
deployment.keys.<name>.name = "‹name›";
}
deployment.keys.<name>.permissions
The default permissions to set for the key file, needs to be in the
format accepted by chmod(1).
type
string
example
{
deployment.keys.<name>.permissions = "0640";
}
default
{
deployment.keys.<name>.permissions = "0600";
}
deployment.keys.<name>.text
When non-null, this designates the text that the key should contain. So if
the key name is password and
foobar is set here, the contents of the file
destDir/password
will be foobar.
NOTE: Either text, keyCommand or
keyFile have to be set.
type
null or string
example
{
deployment.keys.<name>.text = "super secret stuff";
}
default
{
deployment.keys.<name>.text = null;
}
deployment.keys.<name>.user
The user which will be the owner of the key file.
type
string
default
{
deployment.keys.<name>.user = "root";
}
deployment.owners
List of email addresses of the owners of the machines. Used to send email on performing certain actions.
type
list of string
default
{
deployment.owners = [];
}
deployment.privilegeEscalationCommand
A command to escalate to root privileges when using SSH as a non-root user.
This option is ignored if the targetUser option is set to root.
The program and its options are executed verbatim without shell.
It's good practice to end with "--" to indicate that the privilege escalation command should stop processing command line arguments.
type
list of string
default
{
deployment.privilegeEscalationCommand = [
"sudo"
"-H"
"--"
];
}
deployment.provisionSSHKey
This option specifies whether to let NixOps provision SSH deployment keys.
NixOps will by default generate an SSH key, store the private key in its state file, and add the public key to the remote host.
Setting this option to false will disable this behaviour
and rely on you to manage your own SSH keys by yourself and to ensure
that ssh has access to any keys it requires.
type
boolean
default
{
deployment.provisionSSHKey = true;
}
deployment.route53.accessKeyId
The AWS Access Key ID. If left empty, it defaults to the
contents of the environment variables
type
string
example
{
deployment.route53.accessKeyId = "AKIABOGUSACCESSKEY";
}
default
{
deployment.route53.accessKeyId = "";
}
deployment.route53.hostName
The DNS hostname to bind the public IP address to.
type
string
example
{
deployment.route53.hostName = "test.x.logicblox.com";
}
default
{
deployment.route53.hostName = "";
}
deployment.route53.private
Whether to create an A record with the instance's private address.
Make sure to use this on a Private Hosted DNS zones only, because it will appear as if the host is down at best, but may cause erroneous requests to be routed to hosts on your clients' local networks.
type
boolean
default
{
deployment.route53.private = false;
}
deployment.route53.ttl
The time to live (TTL) for the A record created for the specified DNS hostname.
type
signed integer
example
{
deployment.route53.ttl = 300;
}
default
{
deployment.route53.ttl = 300;
}
deployment.route53.usePublicDNSName
Whether to create a CNAME record with the instance's public DNS name. This will resolve inside AWS to a private IP and outside AWS to the public IP.
type
boolean
default
{
deployment.route53.usePublicDNSName = false;
}
deployment.sshOptions
Extra options passed to the OpenSSH client verbatim, and are not executed by a shell.
type
list of string
default
{
deployment.sshOptions = [];
}
deployment.targetEnv
This option specifies the type of the environment in which the machine is to be deployed by NixOps.
type
string
example
{
deployment.targetEnv = "ec2";
}
default
{
deployment.targetEnv = "none";
}
deployment.targetHost
This option specifies the hostname or IP address to be used by NixOps to execute remote deployment operations.
type
string
deployment.targetPort
This option specifies the SSH port to be used by NixOps to execute remote deployment operations.
type
signed integer
deployment.targetUser
The username to be used by NixOps by SSH when connecting to the remote system.
type
string
default
{
deployment.targetUser = "root";
}
fileSystems
type
attribute set of submodule
fileSystems.<name>.ec2
EC2 disk to be attached to this mount point. This is shorthand for defining a separate
attribute.type
null or submodule
default
{
fileSystems.<name>.ec2 = null;
}
fileSystems.<name>.ec2.cipher
The cipher used to encrypt the disk.
type
string
default
{
fileSystems.<name>.ec2.cipher = "aes-cbc-essiv:sha256";
}
fileSystems.<name>.ec2.deleteOnTermination
For automatically created EBS volumes, determines whether the volume should be deleted on instance termination.
type
boolean
fileSystems.<name>.ec2.disk
EC2 identifier of the disk to be mounted. This can be an
ephemeral disk (e.g.
type
string or resource of type ‘ebs-volume’
example
{
fileSystems.<name>.ec2.disk = "vol-00000000";
}
default
{
fileSystems.<name>.ec2.disk = "";
}
fileSystems.<name>.ec2.encrypt
Whether the EBS volume should be encrypted using LUKS.
type
boolean
default
{
fileSystems.<name>.ec2.encrypt = false;
}
fileSystems.<name>.ec2.encryptionType
Whether the EBS volume should be encrypted using LUKS or on the underlying EBS volume (Amazon EBS feature). Possible values are "luks" (default) and "ebs".
type
one of "luks", "ebs"
default
{
fileSystems.<name>.ec2.encryptionType = "luks";
}
fileSystems.<name>.ec2.fsType
Filesystem type for automatically created EBS volumes.
type
string
default
{
fileSystems.<name>.ec2.fsType = "ext4";
}
fileSystems.<name>.ec2.iops
The provisioned IOPS you want to associate with this EBS volume.
type
null or signed integer
default
{
fileSystems.<name>.ec2.iops = null;
}
fileSystems.<name>.ec2.keySize
The size of the encryption key.
type
signed integer
default
{
fileSystems.<name>.ec2.keySize = 128;
}
fileSystems.<name>.ec2.passphrase
The passphrase (key file) used to decrypt the key to access the device. If left empty, a passphrase is generated automatically; this passphrase is lost when you destroy the machine or remove the volume, unless you copy it from NixOps's state file. Note that the passphrase is stored in the Nix store of the instance, so an attacker who gains access to the EBS volume or instance store that contains the Nix store can subsequently decrypt the encrypted volume.
type
string
default
{
fileSystems.<name>.ec2.passphrase = "";
}
fileSystems.<name>.ec2.size
Volume size (in gigabytes). This may be left unset if you are creating the volume from a snapshot, in which case the size of the volume will be equal to the size of the snapshot. However, you can set a size larger than the snapshot, allowing the volume to be larger than the snapshot from which it is created.
type
signed integer
example
{
fileSystems.<name>.ec2.size = 100;
}
fileSystems.<name>.ec2.volumeType
The volume type for the EBS volume, which must be one of
type
one of "standard", "io1", "io2", "gp2", "gp3", "st1", "sc1"
default
{
fileSystems.<name>.ec2.volumeType = "standard";
}
networking.privateIPv4
IPv4 address of this machine within in the logical network. This address can be used by other machines in the logical network to reach this machine. However, it need not be visible to the outside (i.e., publicly routable).
type
string
example
{
networking.privateIPv4 = "10.1.2.3";
}
networking.publicIPv4
Publicly routable IPv4 address of this machine.
type
null or string
example
{
networking.publicIPv4 = "198.51.100.123";
}
default
{
networking.publicIPv4 = null;
}
networking.vpnPublicKey
Public key of the machine's VPN key (set by nixops)
type
null or string
default
{
networking.vpnPublicKey = null;
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
copyTags
Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.
type
boolean
default
{
copyTags = true;
}
description
A description of the lifecycle policy.
type
string
default
{
description = "lifecycle policy created by nixops.";
}
dlmName
data lifecycle manager name.
type
string
default
{
dlmName = "nixops-{uuid}-{name}";
}
excludeBootVolume
When executing an EBS Snapshot Management – Instance policy, execute all CreateSnapshots calls with the excludeBootVolume set to the supplied field. Defaults to false. Only valid for EBS Snapshot Management – Instance policies.
type
boolean
default
{
excludeBootVolume = true;
}
executionRole
IAM role used to run the operations specified by the lifecycle policy.
type
string
default
{
executionRole = "AWSDataLifecycleManagerDefaultRole";
}
policyId
The identifier of the lifecycle policy. This is set by NixOps
type
string
default
{
policyId = "";
}
region
AWS region.
type
string
resourceTypes
The resource type.
type
one of "instance", "volume"
default
{
resourceTypes = "instance";
}
retainRule
The number of snapshots to keep for each volume, up to a maximum of 1000.
type
signed integer
default
{
retainRule = 1000;
}
ruleInterval
The interval between snapshots. The supported values are 2, 3, 4, 6, 8, 12, and 24.
type
one of 2, 3, 4, 6, 8, 12, 24
default
{
ruleInterval = 12;
}
ruleIntervalUnit
The interval unit.
type
value "hours" (singular enum)
default
{
ruleIntervalUnit = "hours";
}
ruleTime
The time, in UTC, to start the operation. The supported format is hh:mm. The operation occurs within a one-hour window following the specified time.
type
string
default
{
ruleTime = "09:00";
}
tagsToAdd
The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS-added lifecycle tags.
type
attribute set of string
example
{
tagsToAdd = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tagsToAdd = {};
}
targetTags
The single tag that identifies targeted resources for this policy.
type
attribute set of string
example
{
targetTags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
targetTags = {};
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
customerGatewayId
The ID of the customer gateway.
type
string or resource of type ‘vpc-customer-gateway’
name
Name of the AWS VPN connection.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
staticRoutesOnly
Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.
type
boolean
default
{
staticRoutesOnly = false;
}
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
vpnGatewayId
The ID of the VPN gateway.
type
string or resource of type ‘aws-vpn-gateway’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
destinationCidrBlock
The IPv4 CIDR address block used for the destination match.
type
null or string
default
{
destinationCidrBlock = null;
}
name
Name of the VPN connection route.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
vpnConnectionId
The ID of the VPN connection.
type
string or resource of type ‘aws-vpn-connection’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
name
Name of the AWS VPN gateway.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
vpcId
The ID of the VPC where the VPN gateway will be attached.
type
string or resource of type ‘vpc’
zone
AWS availability zone.
type
string
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
arn
Amazon Resource Name (ARN) of the cloudwatch log group. This is set by NixOps.
type
string
default
{
arn = "";
}
name
Name of the cloudwatch log group.
type
string
default
{
name = "charon-{uuid}-{name}";
}
region
AWS region.
type
string
retentionInDays
How long to store log data in a log group
type
null or signed integer
default
{
retentionInDays = null;
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
arn
Amazon Resource Name (ARN) of the cloudwatch log stream. This is set by NixOps.
type
string
default
{
arn = "";
}
logGroupName
The name of the log group under which the log stream is to be created.
type
string
name
Name of the cloudwatch log stream.
type
string
default
{
name = "charon-{uuid}-{name}";
}
region
AWS region.
type
string
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
name
Name of the EC2 key pair.
type
string
default
{
name = "charon-{uuid}-{name}";
}
region
AWS region.
type
string
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
name
Name of the placement group.
type
string
default
{
name = "charon-{uuid}-{name}";
}
region
AWS region.
type
string
strategy
The placement strategy of the new placement group. Currently, the only acceptable value is “cluster”.
type
string
default
{
strategy = "cluster";
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
allocatedStorage
Allocated storage in GB
type
signed integer
dbName
Optional database name to be created when instance is first created.
type
string
endpoint
The endpoint address of the database instance. This is set by NixOps.
type
string
default
{
endpoint = "";
}
engine
Database engine. See <link xlink:href='http://boto.readthedocs.org/en/latest/ref/rds.html#boto.rds.RDSConnection.create_dbinstance' for valid engines.
type
string
id
Identifier for RDS database instance
type
string
default
{
id = "nixops-{uuid}-{name}";
}
instanceClass
RDS instance class. See for more information.
type
string
example
{
instanceClass = "db.m3.xlarge";
}
masterPassword
Password for master user.
type
string
masterUsername
Master username for authentication to database instance.
type
string
example
{
masterUsername = "sa";
}
multiAZ
If True, specifies the DB Instance will be deployed in multiple availability zones.
type
boolean
default
{
multiAZ = false;
}
port
Port for database instance connections.
type
signed integer
region
Amazon RDS region.
type
string
securityGroups
List of names of DBSecurityGroup to authorize on this DBInstance.
type
list of string or resource of type ‘ec2-rds-security-group’
default
{
securityGroups = [
"default"
];
}
subnetGroup
RDS Subnet Group to place this database in.
type
null or string or resource of type ‘rds-subnet-group’
default
{
subnetGroup = null;
}
vpcSecurityGroups
List of VPC security groups to authorize on this DBInstance.
type
null or list of string or resource of type ‘ec2-security-group’
default
{
vpcSecurityGroups = null;
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
description
Description of the RDS DB security group.
type
string
groupName
Name of the RDS DB security group.
type
string
region
Amazon RDS DB security group region.
type
string
rules
type
list of submodule
default
{
rules = [];
}
rules.*.cidrIp
type
null or string
default
{
rules.*.cidrIp = null;
}
rules.*.securityGroupId
type
null or string
default
{
rules.*.securityGroupId = null;
}
rules.*.securityGroupName
type
null or string
default
{
rules.*.securityGroupName = null;
}
rules.*.securityGroupOwnerId
type
null or string
default
{
rules.*.securityGroupOwnerId = null;
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
description
Informational description of the security group.
type
string
default
{
description = "NixOps-provisioned group {name}";
}
groupId
The security group ID. This is set by NixOps.
type
null or string
default
{
groupId = null;
}
name
Name of the security group.
type
string
default
{
name = "charon-{uuid}-{name}";
}
region
AWS region.
type
string
rules
The security group's rules.
type
list of submodule
default
{
rules = {};
}
rules.*.codeNumber
ICMP code number (ICMP only, -1 for all).
type
null or signed integer
default
{
rules.*.codeNumber = null;
}
rules.*.fromPort
The bottom of the allowed port range for this rule (TCP/UDP only).
type
null or signed integer
default
{
rules.*.fromPort = null;
}
rules.*.protocol
The protocol (tcp, udp, or icmp) that this rule describes. Use "-1" to specify All.
type
string
default
{
rules.*.protocol = "tcp";
}
rules.*.sourceGroup.groupName
The name of the source security group (if allowing all instances in a group access instead of an IP range).
type
null or string
default
{
rules.*.sourceGroup.groupName = null;
}
rules.*.sourceGroup.ownerId
The AWS account ID that owns the source security group.
type
null or string
default
{
rules.*.sourceGroup.ownerId = null;
}
rules.*.sourceIp
The source IP range (CIDR notation).
Can also be a reference to ElasticIP resource, which will be suffixed with /32 CIDR notation.
type
null or string or resource of type ‘elastic-ip’
default
{
rules.*.sourceIp = null;
}
rules.*.toPort
The top of the allowed port range for this rule (TCP/UDP only).
type
null or signed integer
default
{
rules.*.toPort = null;
}
rules.*.typeNumber
ICMP type number (ICMP only, -1 for all).
type
null or signed integer
default
{
rules.*.typeNumber = null;
}
vpcId
The VPC ID to create security group in (default is not set, uses default VPC in EC2-VPC account, in EC2-Classic accounts no VPC is set).
type
null or string or resource of type ‘vpc’
default
{
vpcId = null;
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
region
AWS region.
type
string
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
fileSystem
The Elastic File System to which this mount target refers.
type
string or resource of type ‘elastic-file-system’
ipAddress
The IP address of the mount target in the subnet. If unspecified, EC2 will automatically assign an address.
type
null or string
default
{
ipAddress = null;
}
region
AWS region.
type
string
securityGroups
The EC2 security groups associated with the mount target's network interface.
type
list of string
default
{
securityGroups = [];
}
subnet
The EC2 subnet in which to create this mount target.
type
string or resource of type ‘vpc-subnet’
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
address
The elastic IP address, set by NixOps.
type
string
default
{
address = "_UNKNOWN_ELASTIC_IP_";
}
region
AWS region.
type
string
example
{
region = "us-east-1";
}
vpc
Whether to allocate the address for use with instances in a VPC.
type
boolean
default
{
vpc = false;
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
assumeRolePolicy
The IAM AssumeRole policy definition (in JSON format). Empty string (default) uses the existing Assume Role Policy.
type
string
default
{
assumeRolePolicy = "";
}
name
Name of the IAM role.
type
string
default
{
name = "charon-{uuid}-{name}";
}
policy
The IAM policy definition (in JSON format).
type
string
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
description
Informational description of the subnet group.
type
string
default
{
description = "NixOps-provisioned subnet group {name}";
}
name
Name of the RDS subnet group.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region in which the instance is to be deployed.
type
string
example
{
region = "us-east-1";
}
subnetIds
The subnets inside a VPC to launch the databases in.
type
list of string or resource of type ‘vpc-subnet’
example
{
subnetIds = [
"subnet-00000000"
];
}
default
{
subnetIds = [];
}
accessKeyId
The AWS Access Key ID. If left empty, it defaults to the
contents of the environment variables
type
string
default
{
accessKeyId = "";
}
domainName
The DNS name to bind.
type
string
healthCheckId
Optional ID of an Amazon Route 53 health check.
type
string or resource of type ‘route53-health-check’
default
{
healthCheckId = "";
}
name
Name of the recordset.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
recordType
DNS record type
type
one of "A", "AAAA", "TXT", "CNAME", "MX", "NAPT", "PTR", "SRV", "SPF"
default
{
recordType = "A";
}
recordValues
The value of the DNS record (e.g. IP address in case of an A or AAA record type, or a DNS name in case of a CNAME record type)
type
list of string or resource of type ‘machine’ or resource of type ‘elastic-ip’
routingPolicy
DNS record type
type
one of "simple", "weighted", "multivalue"
default
{
routingPolicy = "simple";
}
setIdentifier
A unique identifier that differentiates among multiple resource record sets that have the same combination of DNS name and type.
type
string
default
{
setIdentifier = "";
}
ttl
The time to live (TTL) for the A record created for the specified DNS hostname.
type
signed integer
example
{
ttl = 300;
}
default
{
ttl = 300;
}
weight
Among resource record sets that have the same combination of DNS name and type, a value that determines what portion of traffic for the current resource record set is routed to the associated location. When value is 0, weighted routing policy is not used.
type
signed integer
default
{
weight = 0;
}
zoneId
The DNS hosted zone id. If null, the zoneName will be used to look up the zoneID
type
null or string or resource of type ‘route53-hosted-zone’
default
{
zoneId = null;
}
zoneName
The DNS name of the hosted zone
type
null or string
default
{
zoneName = null;
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
arn
Amazon Resource Name (ARN) of the S3 bucket. This is set by NixOps.
type
string
default
{
arn = "arn:aws:s3:::name";
}
lifeCycle
The JSON lifecycle management string to apply to the bucket.
type
string
default
{
lifeCycle = "";
}
name
Name of the S3 bucket.
type
string
default
{
name = "charon-{uuid}-{name}";
}
persistOnDestroy
If set to true
type
boolean
default
{
persistOnDestroy = false;
}
policy
The JSON Policy string to apply to the bucket.
type
string
default
{
policy = "";
}
region
Amazon S3 region.
type
string
versioning
Whether to enable S3 versioning or not. Valid values are 'Enabled' or 'Suspended'
type
one of "Suspended", "Enabled"
default
{
versioning = "Suspended";
}
website.enabled
Whether to serve the S3 bucket as public website.
type
boolean
default
{
website.enabled = false;
}
website.errorDocument
The S3 key to serve when response is an error.
type
string
default
{
website.errorDocument = "";
}
website.suffix
A suffix that is appended to a request that is for a directory on the website endpoint.
type
string
default
{
website.suffix = "index.html";
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
arn
Amazon Resource Name (ARN) of the queue. This is set by NixOps.
type
string
default
{
arn = "";
}
name
Name of the SQS queue.
type
string
default
{
name = "charon-{uuid}-{name}";
}
region
AWS region.
type
string
url
URL of the queue. This is set by NixOps.
type
string
default
{
url = "";
}
visibilityTimeout
The time interval in seconds after a message has been received until it becomes visible again.
type
signed integer
default
{
visibilityTimeout = 30;
}
enableClassicLink
Enables a VPC for ClassicLink. You can then link EC2-Classic instances to your ClassicLink-enabled VPC to allow communication over private IP addresses. You cannot enable your VPC for ClassicLink if any of your VPC’s route tables have existing routes for address ranges within the 10.0.0.0/8 IP address range , excluding local routes for VPCs in the 10.0.0.0/16 and 10.1.0.0/16 IP address ranges.
type
boolean
default
{
enableClassicLink = false;
}
enableDnsHostnames
Specifies whether DNS hostnames are provided for the instances launched in this VPC. You can only set this attribute to true if EnableDnsSupport is also true.
type
boolean
default
{
enableDnsHostnames = false;
}
enableDnsSupport
Specifies whether the DNS server provided by Amazon is enabled for the VPC.
type
boolean
default
{
enableDnsSupport = false;
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
amazonProvidedIpv6CidrBlock
Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block.
type
boolean
default
{
amazonProvidedIpv6CidrBlock = false;
}
cidrBlock
The CIDR block for the VPC
type
string
instanceTenancy
The supported tenancy options for instances launched into the VPC. Valid values are "default" and "dedicated".
type
string
default
{
instanceTenancy = "default";
}
name
Name of the VPC.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
vpcId
The VPC id generated from AWS. This is set by NixOps
type
string
default
{
vpcId = "";
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
bgpAsn
For devices that support BGP, the customer gateway's BGP ASN.
type
signed integer
name
Name of the VPC customer gateway.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
publicIp
The Internet-routable IP address for the customer gateway's outside interface. The address must be static.
type
string
region
AWS region.
type
string
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
type
The type of VPN connection that this customer gateway supports (ipsec.1 ).
type
string
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
domainName
If you're using AmazonProvidedDNS in us-east-1, specify ec2.internal. If you're using another region specify region.compute.internal (e.g ap-northeast-1.compute.internal). Otherwise specify a domain name e.g MyCompany.com. This value is used to complete unqualified DNS hostnames.
type
null or string
default
{
domainName = null;
}
domainNameServers
The IP addresses of up to 4 domain name servers, or AmazonProvidedDNS.
type
null or list of string
default
{
domainNameServers = null;
}
name
Name of the DHCP options set.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
netbiosNameServers
The IP addresses of up to 4 NetBIOS name servers.
type
null or list of string
default
{
netbiosNameServers = null;
}
netbiosNodeType
The NetBIOS node type (1,2,4 or 8).
type
null or signed integer
default
{
netbiosNodeType = null;
}
ntpServers
The IP addresses of up to 4 Network Time Protocol (NTP) servers.
type
null or list of string
default
{
ntpServers = null;
}
region
AWS region.
type
string
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
vpcId
The ID of the VPC used to associate the DHCP options to.
type
string or resource of type ‘vpc’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
name
Name of the VPC egress only internet gateway.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
vpcId
The ID of the VPC where the internet gateway will be created
type
string or resource of type ‘vpc’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
name
Name of the VPC endpoint.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
policy
A policy to attach to the endpoint that controls access to the service.
type
null or string
default
{
policy = null;
}
region
AWS region.
type
string
routeTableIds
One or more route table IDs.
type
list of string or resource of type ‘vpc-route-table’
default
{
routeTableIds = [];
}
serviceName
The AWS service name, in the form com.amazonaws.region.service.
type
string
vpcId
The ID of the VPC where the endpoint will be created.
type
string or resource of type ‘vpc’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
name
Name of the VPC internet gateway.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
vpcId
The ID of the VPC where the internet gateway will be created
type
string or resource of type ‘vpc’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
allocationId
The allocation ID of the elastic IP address.
type
string or resource of type ‘elastic-ip’
name
Name of the VPC NAT gateway.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
subnetId
The ID of the VPC subnet where the NAT gateway will be created
type
string or resource of type ‘vpc-subnet’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
description
A description for the network interface.
type
string
default
{
description = "";
}
name
Name of the VPC network interface.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
primaryPrivateIpAddress
The primary private IPv4 address of the network interface. If you don't specify an IPv4 address, Amazon EC2 selects one for you from the subnet's IPv4 CIDR range.
type
null or string
default
{
primaryPrivateIpAddress = null;
}
privateIpAddresses
One or more secondary private IPv4 addresses.
type
list of string
default
{
privateIpAddresses = [];
}
region
AWS region.
type
string
secondaryPrivateIpAddressCount
The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify privateIpAddresses in the same time.
type
null or signed integer
default
{
secondaryPrivateIpAddressCount = null;
}
securityGroups
The IDs of one or more security groups.
type
list of string or resource of type ‘ec2-security-group’
default
{
securityGroups = null;
}
sourceDestCheck
Indicates whether source/destination checking is enabled. Default value is true.
type
boolean
default
{
sourceDestCheck = true;
}
subnetId
Subnet Id to create the ENI in.
type
string or resource of type ‘vpc-subnet’
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
deviceIndex
The index of the device for the network interface attachment.
type
signed integer
instanceId
ID of the instance to attach to.
type
string or EC2 machine
name
Name of the VPC network interface attachment.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
networkInterfaceId
ENI ID to attach to.
type
string or resource of type ‘vpc-network-interface’
region
AWS region.
type
string
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
destinationCidrBlock
The IPv4 CIDR address block used for the destination match.
type
null or string
default
{
destinationCidrBlock = null;
}
destinationIpv6CidrBlock
The IPv6 CIDR block used for the destination match.
type
null or string
default
{
destinationIpv6CidrBlock = null;
}
egressOnlyInternetGatewayId
[IPv6 traffic only] The ID of an egress-only Internet gateway.
type
null or string or resource of type ‘vpc-egress-only-internet-gateway’
default
{
egressOnlyInternetGatewayId = null;
}
gatewayId
The ID of an Internet gateway or virtual private gateway attached to your VPC.
type
null or string or resource of type ‘vpc-internet-gateway’
default
{
gatewayId = null;
}
instanceId
The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.
type
null or string or EC2 machine
default
{
instanceId = null;
}
name
Name of the VPC route.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
natGatewayId
The ID of a NAT gateway.
type
null or string or resource of type ‘vpc-nat-gateway’
default
{
natGatewayId = null;
}
networkInterfaceId
The ID of a network interface.
type
null or string or resource of type ‘vpc-network-interface’
default
{
networkInterfaceId = null;
}
region
AWS region.
type
string
routeTableId
The ID of the VPC route table
type
string or resource of type ‘vpc-route-table’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
name
Name of the VPC route table.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
propagatingVgws
A list of VPN gateways for propagation.
type
list of string or resource of type ‘aws-vpn-gateway’
default
{
propagatingVgws = [];
}
region
AWS region.
type
string
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
vpcId
The ID of the VPC where the route table will be created
type
string or resource of type ‘vpc’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
name
Name of the VPC route table association.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
routeTableId
The ID of the VPC route table
type
string or resource of type ‘vpc-route-table’
subnetId
The ID of the VPC subnet where the route table will be associated
type
string or resource of type ‘vpc-subnet’
accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
cidrBlock
The CIDR block for the VPC subnet
type
string
ipv6CidrBlock
The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.
type
null or string
default
{
ipv6CidrBlock = null;
}
mapPublicIpOnLaunch
Indicates whether instances launched into the subnet should be assigned a public IP in launch. Default is false.
type
boolean
default
{
mapPublicIpOnLaunch = false;
}
name
Name of the subnet VPC.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
region
AWS region.
type
string
subnetId
The VPC subnet id generated from AWS. This is set by NixOps
type
string
default
{
subnetId = "";
}
tags
Tags assigned to the instance. Each tag name can be at most 128 characters, and each tag value can be at most 256 characters. There can be at most 10 tags.
type
attribute set of string
example
{
tags = {
foo = "bar";
xyzzy = "bla";
};
}
default
{
tags = {};
}
vpcId
The ID of the VPC where the subnet will be created
type
string or resource of type ‘vpc’
zone
The availability zone for the VPC subnet. By default AWS selects one for you.
type
string
apiKey
The Datadog API Key.
type
string
default
{
apiKey = "";
}
appKey
The Datadog APP Key.
type
string
default
{
appKey = "";
}
message
Message to send for a set of users.
type
string
monitorOptions
A dictionary of options for the monitor.
type
string
monitorTags
A list of tags to associate with your monitor.
type
list of string
default
{
monitorTags = [];
}
name
Name of the alert which will show up in the subject line of the email.
type
string
default
{
name = "datadog-monitor-{uuid}-{name}";
}
query
The query that defines the monitor.
type
string
silenced
dictionary of scopes to timestamps or None.
Each scope will be muted until the given POSIX timestamp or forever if the value is None.
type
null or string
default
{
silenced = null;
}
type
Type of the datadog resource chosen from: "metric alert" "service check" "event alert".
type
string
deployment.droplet.enableIpv6
Whether to enable IPv6 support on the droplet.
type
boolean
default
{
deployment.droplet.enableIpv6 = false;
}
deployment.droplet.authToken
The API auth token. We're checking the environment for
type
string
example
{
deployment.droplet.authToken = "8b2f4e96af3997853bfd4cd8998958eab871d9614e35d63fab45a5ddf981c4da";
}
default
{
deployment.droplet.authToken = "";
}
deployment.droplet.region
The region. See https://status.digitalocean.com/ for a list of regions.
type
string
example
{
deployment.droplet.region = "nyc3";
}
default
{
deployment.droplet.region = "";
}
deployment.droplet.size
The size identifier between
type
string
example
{
deployment.droplet.size = "512mb";
}
family
Image family to grab the latest non-deprecated image from. Must specify the project if the image family is defined as public.
type
null or string
example
{
family = "nixos-20-03";
}
default
{
family = null;
}
name
Name of an existent image or image-resource to be used. Must specify the project if the image is defined as public.
type
null or string
example
{
name = "image-2cfda297";
}
default
{
name = null;
}
project
The parent project containing a GCE image that was made public for all authenticated users.
type
null or string
example
{
project = "gcp-project";
}
default
{
project = null;
}
context
hcloud context to use.If left empty, the value of the environment variable
type
null or string
default
{
context = null;
}
deployment.hcloud.context
hcloud context to use.If left empty, the value of the environment variable
type
null or string
default
{
deployment.hcloud.context = null;
}
deployment.hcloud.image
Image ID to use for this VM. It's expected to be a NixOs system with fetchHetznerKeys enabled. Takes precedence over .
type
null or signed integer
default
{
deployment.hcloud.image = null;
}
deployment.hcloud.image_selector
Label selector for the server image. If multiple images are found, the most recent one will be used. The image is expected to be a NixOs system with fetchHetznerKeys enabled.type
string
default
{
deployment.hcloud.image_selector = "nixops";
}
deployment.hcloud.location
VM location name.
type
string
example
{
deployment.hcloud.location = "fsn1";
}
deployment.hcloud.serverType
Hetzner Cloud server type name.
type
string
example
{
deployment.hcloud.serverType = "cx11";
}
deployment.hcloud.sshKeys
List of SSH keys with root access to the machine. These will be managed with the fetch-hetzner-keys service, not by NixOS.
type
list of Concatenated string or resource of type ‘hcloud-sshkey’
default
{
deployment.hcloud.sshKeys = [];
}
deployment.hcloud.token
Hetzner Cloud API token.
If left empty, the value of the environment variable
type
null or string
default
{
deployment.hcloud.token = null;
}
deployment.hcloud.upgradeDisk
Whether to upgrade the disk when upgrading the server type. If true the server can't be downscaled back.
type
boolean
default
{
deployment.hcloud.upgradeDisk = false;
}
deployment.hcloud.volumes
List of volumes attached to the machine.
type
list of submodule
default
{
deployment.hcloud.volumes = [];
}
deployment.hcloud.volumes.*.fileSystem
Options to be forwarded to .
type
attribute set
default
{
deployment.hcloud.volumes.*.fileSystem = {};
}
deployment.hcloud.volumes.*.mountPoint
Mount point for this volume. Won't be automounted when
type
null or Concatenated string
default
{
deployment.hcloud.volumes.*.mountPoint = null;
}
deployment.hcloud.volumes.*.volume
Volume name or instance.
type
Concatenated string or resource of type ‘hcloud-volume’
name
Name of the Hetzner Cloud SSH key.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
publicKey
SSH public key
type
string
services.fetchHetznerKeys.enable
Whether to enable fetch-hetzner-keys.
type
boolean
example
{
services.fetchHetznerKeys.enable = true;
}
default
{
services.fetchHetznerKeys.enable = false;
}
token
Hetzner Cloud API token.
If left empty, the value of the environment variable
type
null or string
default
{
token = null;
}
context
hcloud context to use.If left empty, the value of the environment variable
type
null or string
default
{
context = null;
}
location
Volume location name
type
string
example
{
location = "fsn1";
}
name
Name of the Hetzner Cloud volume.
type
string
default
{
name = "nixops-{uuid}-{name}";
}
size
Size of volume, in Gb
type
signed integer
example
{
size = 10;
}
token
Hetzner Cloud API token.
If left empty, the value of the environment variable
type
null or string
default
{
token = null;
}
deployment.libvirtd.URI
Connection URI.
type
string
default
{
deployment.libvirtd.URI = "qemu:///system";
}
deployment.libvirtd.baseImage
The disk is created using the specified disk image as a base.
type
null or path
example
{
deployment.libvirtd.baseImage = "/home/alice/base-disk.qcow2";
}
default
{
deployment.libvirtd.baseImage = null;
}
deployment.libvirtd.baseImageSize
The size (G) of base image of virtual machine.
type
signed integer
default
{
deployment.libvirtd.baseImageSize = 10;
}
deployment.libvirtd.cmdline
Specify the kernel cmdline (valid only with the kernel setting).
type
string
default
{
deployment.libvirtd.cmdline = "";
}
deployment.libvirtd.domainType
Specify the type of libvirt domain to create (see '$ virsh capabilities | grep domain' for valid domain types
type
string
default
{
deployment.libvirtd.domainType = "kvm";
}
deployment.libvirtd.extraDevicesXML
Additional XML appended at the end of device tag in domain xml. See https://libvirt.org/formatdomain.html
type
string
default
{
deployment.libvirtd.extraDevicesXML = "";
}
deployment.libvirtd.extraDomainXML
Additional XML appended at the end of domain xml. See https://libvirt.org/formatdomain.html
type
string
default
{
deployment.libvirtd.extraDomainXML = "";
}
deployment.libvirtd.headless
If set VM is started in headless mode, i.e., without a visible display on the host's desktop.
type
boolean
default
{
deployment.libvirtd.headless = false;
}
deployment.libvirtd.initrd
Specify the kernel initrd (valid only with the kernel setting).
type
string
default
{
deployment.libvirtd.initrd = "";
}
deployment.libvirtd.kernel
Specify the host kernel to launch (valid for kvm).
type
string
default
{
deployment.libvirtd.kernel = "";
}
deployment.libvirtd.memorySize
Memory size (M) of virtual machine.
type
signed integer
default
{
deployment.libvirtd.memorySize = 512;
}
deployment.libvirtd.networks
Names of libvirt networks to attach the VM to.
type
list of string
default
{
deployment.libvirtd.networks = [
"default"
];
}
deployment.libvirtd.storagePool
The storage pool where the virtual disk is be created.
type
string
default
{
deployment.libvirtd.storagePool = "default";
}
deployment.libvirtd.vcpu
Number of Virtual CPUs.
type
signed integer
default
{
deployment.libvirtd.vcpu = 1;
}
services.firehol.enable
Whether to enable Firehol firewall for humans!.
type
boolean
example
{
services.firehol.enable = true;
}
default
{
services.firehol.enable = false;
}
services.firehol.interfaces
List of interfaces to use
type
attribute set of submodule or list of attribute set convertible to it
example
{
services.firehol.interfaces = {
eth1 = {
myname = "lan";
};
};
}
default
{
services.firehol.interfaces = {};
}
services.firehol.interfaces.<name>.dst
type
submodule
default
{
services.firehol.interfaces.<name>.dst = {};
}
services.firehol.interfaces.<name>.dst.deny
type
boolean
default
{
services.firehol.interfaces.<name>.dst.deny = false;
}
services.firehol.interfaces.<name>.dst.ip
type
string
default
{
services.firehol.interfaces.<name>.dst.ip = "";
}
services.firehol.interfaces.<name>.myname
Interface custom name for readability
type
string
default
{
services.firehol.interfaces.<name>.myname = "lan";
}
services.firehol.interfaces.<name>.name
Interface name
type
string
default
{
services.firehol.interfaces.<name>.name = "‹name›";
}
services.firehol.interfaces.<name>.policy
Default policy on this interface
type
one of "accept", "reject", "drop"
default
{
services.firehol.interfaces.<name>.policy = "drop";
}
services.firehol.interfaces.<name>.rules
type
list of string
default
{
services.firehol.interfaces.<name>.rules = [
"client all accept"
];
}
services.firehol.interfaces.<name>.src
type
submodule
default
{
services.firehol.interfaces.<name>.src = {};
}
services.firehol.interfaces.<name>.src.deny
type
boolean
default
{
services.firehol.interfaces.<name>.src.deny = false;
}
services.firehol.interfaces.<name>.src.ip
type
string
default
{
services.firehol.interfaces.<name>.src.ip = "";
}
services.firehol.routers
List of Routers to create
type
attribute set of submodule or list of attribute set convertible to it
example
{
services.firehol.routers = {
lan2wan = {};
};
}
default
{
services.firehol.routers = {};
}
services.firehol.routers.<name>.dst
type
submodule
default
{
services.firehol.routers.<name>.dst = {};
}
services.firehol.routers.<name>.dst.deny
type
boolean
default
{
services.firehol.routers.<name>.dst.deny = false;
}
services.firehol.routers.<name>.dst.ip
type
string
default
{
services.firehol.routers.<name>.dst.ip = "";
}
services.firehol.routers.<name>.inface
Input interface
type
string
default
{
services.firehol.routers.<name>.inface = "lan";
}
services.firehol.routers.<name>.name
Router name
type
string
default
{
services.firehol.routers.<name>.name = "‹name›";
}
services.firehol.routers.<name>.outface
Output interface
type
string
default
{
services.firehol.routers.<name>.outface = "";
}
services.firehol.routers.<name>.rules
type
list of string
default
{
services.firehol.routers.<name>.rules = [
"client all accept"
];
}
services.firehol.routers.<name>.src
type
submodule
default
{
services.firehol.routers.<name>.src = {};
}
services.firehol.routers.<name>.src.deny
type
boolean
default
{
services.firehol.routers.<name>.src.deny = false;
}
services.firehol.routers.<name>.src.ip
type
string
default
{
services.firehol.routers.<name>.src.ip = "";
}
Modules that could be found at NixOS Hardware
hardware.asus.battery.chargeUpto
Maximum level of charge for your battery, as a percentage.
type
signed integer
default
{
hardware.asus.battery.chargeUpto = 100;
}
hardware.microsoft-surface.firmware.surface-go-ath10k.replace
Whether to enable Use the "board.bin" firmware for ath10k-based WiFi on Surface Go..
type
boolean
example
{
hardware.microsoft-surface.firmware.surface-go-ath10k.replace = true;
}
default
{
hardware.microsoft-surface.firmware.surface-go-ath10k.replace = false;
}
hardware.raspberry-pi.4.audio.enable
Whether to enable configuration for audio .
type
boolean
example
{
hardware.raspberry-pi.4.audio.enable = true;
}
default
{
hardware.raspberry-pi.4.audio.enable = false;
}
hardware.raspberry-pi.4.dwc2.enable
Whether to enable Enable the UDC controller to support USB OTG gadget functions.
In order to verify that this works, connect the Raspberry Pi with another computer via the USB C cable, and then do one of:
modprobe g_serialmodprobe g_mass_storage file=/path/to/some/iso-file.iso
On the Raspberry Pi, dmesg should then show success-indicating output
that is related to the dwc2 and g_serial/g_mass_storage modules.
On the other computer, a serial/mass-storage device should pop up in
the system logs.
For more information about what gadget functions exist along with handy guides on how to test them, please refer to: https://www.kernel.org/doc/Documentation/usb/gadget-testing.txt .
type
boolean
example
{
hardware.raspberry-pi.4.dwc2.enable = true;
}
default
{
hardware.raspberry-pi.4.dwc2.enable = false;
}
hardware.raspberry-pi.4.dwc2.dr_mode
Dual role mode setting for the dwc2 USB controller driver.
type
one of "host", "peripheral", "otg"
default
{
hardware.raspberry-pi.4.dwc2.dr_mode = "otg";
}
hardware.raspberry-pi.4.fkms-3d.enable
Whether to enable Enable modesetting through fkms-3d .
type
boolean
example
{
hardware.raspberry-pi.4.fkms-3d.enable = true;
}
default
{
hardware.raspberry-pi.4.fkms-3d.enable = false;
}
hardware.raspberry-pi.4.fkms-3d.cma
Amount of CMA (contiguous memory allocator) to reserve, in MiB.
The foundation overlay defaults to 256MiB, for backward compatibility. As the Raspberry Pi 4 family of hardware has ample amount of memory, we can reserve more without issue.
Additionally, reserving too much is not an issue. The kernel will use CMA last if the memory is needed.
type
signed integer
default
{
hardware.raspberry-pi.4.fkms-3d.cma = 512;
}
hardware.raspberry-pi.4.poe-hat.enable
Whether to enable support for the Raspberry Pi POE Hat. .
type
boolean
example
{
hardware.raspberry-pi.4.poe-hat.enable = true;
}
default
{
hardware.raspberry-pi.4.poe-hat.enable = false;
}
hardware.raspberry-pi.4.tc358743.enable
Whether to enable Enable support for the Toshiba TC358743 HDMI-to-CSI-2 converter.
This can be tested with a plugged in converter device and for example running ustreamer (which starts webservice providing a camera stream): ${pkgs.ustreamer}/bin/ustreamer --persistent --dv-timings .
type
boolean
example
{
hardware.raspberry-pi.4.tc358743.enable = true;
}
default
{
hardware.raspberry-pi.4.tc358743.enable = false;
}
hardware.system76.darp6.soundSubsystemId
The subsystem ID of the sound card PCI device, for applying the headset fixup. This should be set to the value of the following file on your Darter Pro: /sys/class/sound/hwC0D0/subsystem_id If this option has the default null value, then the headset fixup will not be applied.
type
null or string matching the pattern 0x[0-9a-f]{8}
hardware.system76.darp6.soundVendorId
The vendor ID of the sound card PCI device, for applying the headset fixup. This should be set to the value of the following file on your Darter Pro: /sys/class/sound/hwC0D0/vendor_id If this option has the default null value, then the headset fixup will not be applied.
type
null or string matching the pattern 0x[0-9a-f]{8}
Modules that could be found at NUR
Sadly it won't work for all modules, so there are some commented modules :(
grep -rE '(mkOption|mkEnable|submodule)'|grep ./|cut -d':' -f1|sort -u|grep 'nix'
networking.wireguard.enableNetworkd
Whether to enable WireGuard via systemd-networkd.
type
boolean
example
{
networking.wireguard.enableNetworkd = true;
}
default
{
networking.wireguard.enableNetworkd = false;
}
programs.dma.enable
Whether to enable DragonFly Mail Agent.
type
boolean
example
{
programs.dma.enable = true;
}
default
{
programs.dma.enable = false;
}
programs.dma.package
dma package to use.
type
package
default
{
programs.dma.package = "pkgs.dma";
}
programs.dma.group
Group to run dma as.
type
string
default
{
programs.dma.group = "dma";
}
programs.dma.masquerade
Change the "envelope from" address of outgoing emails.
type
null or submodule
default
{
programs.dma.masquerade = null;
}
programs.dma.masquerade.domain
Replace the domain of the envelope from address with this.
type
null or string
example
{
programs.dma.masquerade.domain = "example.com";
}
default
{
programs.dma.masquerade.domain = null;
}
programs.dma.masquerade.user
Replace the local part of the envelope from address with this.
type
null or string
example
{
programs.dma.masquerade.user = "myuser";
}
default
{
programs.dma.masquerade.user = null;
}
programs.dma.relay
If non-null, will relay all mail through an external SMTP server.
type
null or submodule
default
{
programs.dma.relay = null;
}
programs.dma.relay.direct
If enabled, mail is sent directly to the relay, bypassing aliases and local delivery.
type
boolean
default
{
programs.dma.relay.direct = false;
}
programs.dma.relay.fingerprint
SHA-256 fingerprint of the relay's TLS certificate, used for pinning.
type
null or string
default
{
programs.dma.relay.fingerprint = null;
}
programs.dma.relay.host
Hostname or IP address of the relay SMTP server.
type
string
example
{
programs.dma.relay.host = "smtp.example.com";
}
programs.dma.relay.port
Port through which contact the relay SMTP server.
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
programs.dma.relay.port = 25;
}
default
{
programs.dma.relay.port = 25;
}
programs.dma.secureTransfer
Method through which connect to the SMTP server: through an insecure connection, requiring SMTPS or STARTTLS, or allowing STARTTLS.
type
one of false, "require-tls", "require-starttls", "allow-starttls"
default
{
programs.dma.secureTransfer = false;
}
programs.dma.setSendmail
Whether to set the system sendmail to dma.
type
boolean
default
{
programs.dma.setSendmail = true;
}
programs.dma.settings
Additional configuration.
type
attribute set of boolean or signed integer or string
default
{
programs.dma.settings = {};
}
programs.dma.user
User to run dma as (and owner of the mail spool)
type
string
default
{
programs.dma.user = "dma";
}
services.dyndnsc.enable
Whether to enable dyndnsc Dynamic DNS client.
type
boolean
example
{
services.dyndnsc.enable = true;
}
default
{
services.dyndnsc.enable = false;
}
services.dyndnsc.package
dyndnsc package to use.
type
package
default
{
services.dyndnsc.package = "pkgs.dyndnsc";
}
services.dyndnsc.profiles
Declarative profile config
type
attribute set of submodule
example
{
services.dyndnsc.profiles = {
_type = "literalExpression";
text = ''
{
"myhost_ip4" = {
preset = "nsupdate.info:ipv4";
hostname = "dynamic.example.com";
username = "me";
passwordFile = "/run/keys/dyndnsc-myhost_ip4";
};
};
'';
};
}
services.dyndnsc.profiles.<name>.extraConfig
Additional profile parameters.
type
strings concatenated with "\n"
default
{
services.dyndnsc.profiles.<name>.extraConfig = "";
}
services.dyndnsc.profiles.<name>.hostname
Hostname or domain to be updated.
type
string
example
{
services.dyndnsc.profiles.<name>.hostname = "dynamic.example.com";
}
services.dyndnsc.profiles.<name>.passwordFile
Path to a file containing the service's password.
type
path
example
{
services.dyndnsc.profiles.<name>.passwordFile = "/run/keys/dyndnsc-myprofile";
}
services.dyndnsc.profiles.<name>.preset
Preset profile to inherit.
type
null or one of "no-ip.com", "freedns.afraid.com", "nsupdate.info:ipv4", "nsupdate.info:ipv6", "dns.he.net", "dnsimple.com", "dnsdynamic.org", "hopper.pw:ipv4", "hopper.pw:ipv6", "dyn.com", "duckdns.org", "strato.com:ipv4", "strato.com:ipv6"
example
{
services.dyndnsc.profiles.<name>.preset = "dns.he.net";
}
default
{
services.dyndnsc.profiles.<name>.preset = null;
}
services.dyndnsc.profiles.<name>.username
Username to login with in the dynamic DNS service.
type
string
services.ipfs-cluster.enable
Whether to enable IPFS Cluster daemon.
type
boolean
example
{
services.ipfs-cluster.enable = true;
}
default
{
services.ipfs-cluster.enable = false;
}
services.ipfs-cluster.package
ipfs-cluster package to use.
type
package
default
{
services.ipfs-cluster.package = "pkgs.ipfs-cluster";
}
services.ipfs-cluster.bootstrapPeers
List of peers to bootstrap the node with. This option has no effect on already existing clusters.
type
list of string
default
{
services.ipfs-cluster.bootstrapPeers = [];
}
services.ipfs-cluster.consensus
Consensus component utilized by the cluster. This option has no effect on already existing clusters.
type
one of "crdt", "raft"
services.ipfs-cluster.dataDir
Directory where cluster management data lives.
type
string
default
{
services.ipfs-cluster.dataDir = "/var/lib/ipfs-cluster";
}
services.ipfs-cluster.group
Group under which the IPFS Cluster daemon runs
type
string
default
{
services.ipfs-cluster.group = "ipfs";
}
services.ipfs-cluster.secretEnvFile
File containing the cluster secret as an assignment to the CLUSTER_SECRET variable. If none is given, a secret is generated during cluster creation.
type
null or string
default
{
services.ipfs-cluster.secretEnvFile = null;
}
services.ipfs-cluster.secretFile
File containing the cluster secret.
If none is given, a secret is generated during cluster creation.
Deprecated: use services.ipfs-cluster-secretEnvFile instead.
type
null or string
default
{
services.ipfs-cluster.secretFile = null;
}
services.ipfs-cluster.settings
Additional IPFS Cluster settings. These follow the names for configuration environment variables, not for the service.json file.
type
attribute set
default
{
services.ipfs-cluster.settings = {};
}
services.ipfs-cluster.user
User under which the IPFS Cluster daemon runs
type
string
default
{
services.ipfs-cluster.user = "ipfs";
}
services.matrix-appservice-irc.enable
Whether to enable Matrix bridge to IRC.
type
boolean
example
{
services.matrix-appservice-irc.enable = true;
}
default
{
services.matrix-appservice-irc.enable = false;
}
services.matrix-appservice-irc.package
matrix-appservice-irc package to use.
type
package
default
{
services.matrix-appservice-irc.package = "pkgs.matrix-appservice-irc";
}
services.matrix-appservice-irc.botPasswordFiles
Attrset mapping IRC servers to files containing the password of the bridge bot on that server.
type
attribute set of path
example
{
services.matrix-appservice-irc.botPasswordFiles = ''
{ "chat.freenode.net" = "/etc/matrix-appservice-irc/freenode.password"; }
'';
}
default
{
services.matrix-appservice-irc.botPasswordFiles = {};
}
services.matrix-appservice-irc.settings
Additional service settings.
type
YAML value
default
{
services.matrix-appservice-irc.settings = {};
}
services.postgresqlBaseBackup.enable
Whether to enable PostgreSQL backups using pg_basebackup.
type
boolean
example
{
services.postgresqlBaseBackup.enable = true;
}
default
{
services.postgresqlBaseBackup.enable = false;
}
services.postgresqlBaseBackup.location
directory where to store the backup.
type
path
services.prometheus.birdExporter.enable
Whether to enable the prometheus bird exporter.
type
boolean
example
{
services.prometheus.birdExporter.enable = true;
}
default
{
services.prometheus.birdExporter.enable = false;
}
services.prometheus.birdExporter.birdVersion
Version of Bird to scrape.
type
one of "v1.ip4", "v1.ip6", "v1.ip46", "v2"
services.prometheus.birdExporter.extraFlags
Extra commandline options to pass to the bird exporter.
type
list of string
default
{
services.prometheus.birdExporter.extraFlags = [];
}
services.prometheus.birdExporter.group
Group under which the bird exporter shall be run.
type
string
default
{
services.prometheus.birdExporter.group = "bird-exporter";
}
services.prometheus.birdExporter.listenAddress
Address to listen on.
type
string
default
{
services.prometheus.birdExporter.listenAddress = "0.0.0.0";
}
services.prometheus.birdExporter.port
Port to listen on.
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
services.prometheus.birdExporter.port = 9324;
}
services.trust-dns.enable
Whether to enable Trust-DNS authoritative server.
type
boolean
example
{
services.trust-dns.enable = true;
}
default
{
services.trust-dns.enable = false;
}
services.trust-dns.package
Trust-DNS package to use.
type
package
default
{
services.trust-dns.package = "pkgs.trust-dns";
}
services.trust-dns.settings
Additional Trust-DNS settings.
type
TOML value
default
{
services.trust-dns.settings = {};
}
programs.fzf-fork.enable
Whether to enable fzf - a command-line fuzzy finder.
type
boolean
example
{
programs.fzf-fork.enable = true;
}
default
{
programs.fzf-fork.enable = false;
}
programs.fzf-fork.enableBashIntegration
Whether to enable Bash integration.
type
boolean
default
{
programs.fzf-fork.enableBashIntegration = true;
}
programs.fzf-fork.enableFishIntegration
Whether to enable Fish integration.
type
boolean
default
{
programs.fzf-fork.enableFishIntegration = true;
}
programs.fzf-fork.enableZshIntegration
Whether to enable Zsh integration.
type
boolean
default
{
programs.fzf-fork.enableZshIntegration = true;
}
programs.fzf-fork.package
Package providing the
type
package
default
{
programs.fzf-fork.package = {
_type = "literalExpression";
text = "pkgs.fzf";
};
}
programs.fzf-fork.changeDirWidgetCommand
The command that gets executed as the source for fzf for the ALT-C keybinding.
type
null or string
example
{
programs.fzf-fork.changeDirWidgetCommand = "fd --type d";
}
default
{
programs.fzf-fork.changeDirWidgetCommand = null;
}
programs.fzf-fork.changeDirWidgetOptions
Command line options for the ALT-C keybinding.
type
list of string
example
{
programs.fzf-fork.changeDirWidgetOptions = [
"--preview 'tree -C {} | head -200'"
];
}
default
{
programs.fzf-fork.changeDirWidgetOptions = [];
}
programs.fzf-fork.defaultCommand
The command that gets executed as the default source for fzf when running.
type
null or string
example
{
programs.fzf-fork.defaultCommand = "fd --type f";
}
default
{
programs.fzf-fork.defaultCommand = null;
}
programs.fzf-fork.defaultOptions
Extra command line options given to fzf by default.
type
list of string
example
{
programs.fzf-fork.defaultOptions = [
"--height 40%"
"--border"
];
}
default
{
programs.fzf-fork.defaultOptions = [];
}
programs.fzf-fork.fileWidgetCommand
The command that gets executed as the source for fzf for the CTRL-T keybinding.
type
null or string
example
{
programs.fzf-fork.fileWidgetCommand = "fd --type f";
}
default
{
programs.fzf-fork.fileWidgetCommand = null;
}
programs.fzf-fork.fileWidgetOptions
Command line options for the CTRL-T keybinding.
type
list of string
example
{
programs.fzf-fork.fileWidgetOptions = [
"--preview 'head {}'"
];
}
default
{
programs.fzf-fork.fileWidgetOptions = [];
}
programs.fzf-fork.historyWidgetOptions
Command line options for the CTRL-R keybinding.
type
list of string
example
{
programs.fzf-fork.historyWidgetOptions = [
"--sort"
"--exact"
];
}
default
{
programs.fzf-fork.historyWidgetOptions = [];
}
programs.fzf-fork.tmux.enableShellIntegration
Whether to enable setting
type
boolean
example
{
programs.fzf-fork.tmux.enableShellIntegration = true;
}
default
{
programs.fzf-fork.tmux.enableShellIntegration = false;
}
programs.fzf-fork.tmux.shellIntegrationOptions
If
type
list of string
example
{
programs.fzf-fork.tmux.shellIntegrationOptions = {
_type = "literalExpression";
text = "[ "-d 40%" ]";
};
}
default
{
programs.fzf-fork.tmux.shellIntegrationOptions = [];
}
programs.mcfly_with_fix.enable
Whether to enable mcfly.
type
boolean
example
{
programs.mcfly_with_fix.enable = true;
}
default
{
programs.mcfly_with_fix.enable = false;
}
programs.mcfly_with_fix.enableBashIntegration
Whether to enable Bash integration.
type
boolean
default
{
programs.mcfly_with_fix.enableBashIntegration = true;
}
programs.mcfly_with_fix.enableFishIntegration
Whether to enable Fish integration.
type
boolean
default
{
programs.mcfly_with_fix.enableFishIntegration = true;
}
programs.mcfly_with_fix.enableLightTheme
Whether to enable light mode theme.
type
boolean
default
{
programs.mcfly_with_fix.enableLightTheme = false;
}
programs.mcfly_with_fix.enableZshIntegration
Whether to enable Zsh integration.
type
boolean
default
{
programs.mcfly_with_fix.enableZshIntegration = true;
}
programs.mcfly_with_fix.keyScheme
Key scheme to use.
type
one of "emacs", "vim"
default
{
programs.mcfly_with_fix.keyScheme = "emacs";
}
services.strongdm.enable
Whether to enable strongdm.
type
boolean
example
{
services.strongdm.enable = true;
}
default
{
services.strongdm.enable = false;
}
services.systemd-cron.crons
Simplify creating cron-like systemd service + timer pairs.
type
attribute set
example
{
services.systemd-cron.crons = ''
{
myCronJob = {ExecStart="%h/bin/somescript.sh"; Description="whatever"; OnCalendar="Tue *-*-* 03:00:00";};
}
'';
}
default
{
services.systemd-cron.crons = {};
}
my.displayManager.sddm.enable
Whether to enable SDDM setup.
type
boolean
example
{
my.displayManager.sddm.enable = true;
}
default
{
my.displayManager.sddm.enable = false;
}
my.home.alacritty.enable
Whether to enable Alacritty terminal.
type
boolean
example
{
my.home.alacritty.enable = true;
}
default
{
my.home.alacritty.enable = false;
}
my.home.bat.enable
Whether to enable bat code display tool.
type
boolean
example
{
my.home.bat.enable = true;
}
default
{
my.home.bat.enable = true;
}
my.home.emacs.enable
Whether to enable Emacs daemon configuration.
type
boolean
example
{
my.home.emacs.enable = true;
}
default
{
my.home.emacs.enable = false;
}
my.home.firefox.enable
Whether to enable firefox config.
type
boolean
example
{
my.home.firefox.enable = true;
}
default
{
my.home.firefox.enable = false;
}
my.home.fish.enable
Whether to enable Fish shell.
type
boolean
example
{
my.home.fish.enable = true;
}
default
{
my.home.fish.enable = true;
}
my.home.flameshot.enable
Whether to enable flameshot autolaunch.
type
boolean
example
{
my.home.flameshot.enable = true;
}
default
{
my.home.flameshot.enable = false;
}
my.home.git.enable
Whether to enable Git configuration.
type
boolean
example
{
my.home.git.enable = true;
}
default
{
my.home.git.enable = true;
}
my.home.laptop.enable
Whether to enable Laptop settings.
type
boolean
example
{
my.home.laptop.enable = true;
}
default
{
my.home.laptop.enable = false;
}
my.home.lorri.enable
Whether to enable lorri daemon setup.
type
boolean
example
{
my.home.lorri.enable = true;
}
default
{
my.home.lorri.enable = true;
}
my.home.rofi.enable
Whether to enable rofi configuration.
type
boolean
example
{
my.home.rofi.enable = true;
}
default
{
my.home.rofi.enable = false;
}
my.home.ssh.enable
Whether to enable ssh configuration.
type
boolean
example
{
my.home.ssh.enable = true;
}
default
{
my.home.ssh.enable = true;
}
my.home.tmux.enable
Whether to enable tmux dotfiles.
type
boolean
example
{
my.home.tmux.enable = true;
}
default
{
my.home.tmux.enable = true;
}
my.home.tridactyl.enable
Whether to enable tridactyl code display tool.
type
boolean
example
{
my.home.tridactyl.enable = true;
}
default
{
my.home.tridactyl.enable = false;
}
my.home.x.enable
Whether to enable X server configuration.
type
boolean
example
{
my.home.x.enable = true;
}
default
{
my.home.x.enable = false;
}
my.home.x.cursor.enable
Whether to enable X cursor.
type
boolean
example
{
my.home.x.cursor.enable = true;
}
default
{
my.home.x.cursor.enable = false;
}
my.home.x.i3bar.networking.throughput_interfaces
type
list of string
example
{
my.home.x.i3bar.networking.throughput_interfaces = [
"wlp1s0"
];
}
default
{
my.home.x.i3bar.networking.throughput_interfaces = [];
}
my.home.x.i3bar.temperature.chip
type
string
example
{
my.home.x.i3bar.temperature.chip = "coretemp-isa-*";
}
default
{
my.home.x.i3bar.temperature.chip = "";
}
my.home.x.i3bar.temperature.inputs
type
list of string
example
{
my.home.x.i3bar.temperature.inputs = [
"Core 0"
"Core 1"
"Core 2"
"Core 3"
];
}
default
{
my.home.x.i3bar.temperature.inputs = "";
}
my.networking.externalInterface
Name of the network interface that egresses to the internet. Used for e.g. NATing internal networks.
type
null or string
example
{
my.networking.externalInterface = "eth0";
}
default
{
my.networking.externalInterface = null;
}
my.secrets
type
attribute set
my.services.borg-backup.enable
Whether to enable Enable Borg backups for this host.
type
boolean
example
{
my.services.borg-backup.enable = true;
}
default
{
my.services.borg-backup.enable = false;
}
my.services.borg-backup.exclude
Paths to exclude from backup
type
list of string
example
{
my.services.borg-backup.exclude = [
"/var/lib/docker"
"/var/lib/systemd"
"/var/lib/libvirt"
"**/target"
"/home/*/go/bin"
"/home/*/go/pkg"
];
}
default
{
my.services.borg-backup.exclude = [];
}
my.services.borg-backup.paths
Paths to backup
type
list of string
example
{
my.services.borg-backup.paths = [
"/var/lib"
"/home"
];
}
default
{
my.services.borg-backup.paths = [];
}
my.services.borg-backup.prune
pruning options for borg
type
attribute set
default
{
my.services.borg-backup.prune = {
keep = {
daily = 7;
monthly = 6;
weekly = 4;
};
};
}
my.services.borg-backup.repo
Borgbase repo info. Required.
type
string
example
{
my.services.borg-backup.repo = "deadbeef@deadbeef.repo.borgbase.com:repo";
}
default
{
my.services.borg-backup.repo = null;
}
my.services.fail2ban.enable
Whether to enable Enable fail2ban.
type
boolean
example
{
my.services.fail2ban.enable = true;
}
default
{
my.services.fail2ban.enable = false;
}
my.services.fava.enable
Whether to enable Fava.
type
boolean
example
{
my.services.fava.enable = true;
}
default
{
my.services.fava.enable = false;
}
my.services.fava.filePath
File to load in Fava
type
string
example
{
my.services.fava.filePath = "my_dir/money.beancount";
}
my.services.fava.home
Home for the fava service, where data will be stored
type
string
example
{
my.services.fava.home = "/var/lib/fava";
}
default
{
my.services.fava.home = "/var/lib/fava";
}
my.services.fava.port
Internal port for Fava
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
my.services.fava.port = 8080;
}
default
{
my.services.fava.port = 8080;
}
my.services.gitea.enable
Whether to enable Personal Git hosting with Gitea.
type
boolean
example
{
my.services.gitea.enable = true;
}
default
{
my.services.gitea.enable = false;
}
my.services.gitea.privatePort
Port to serve the app
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
my.services.gitea.privatePort = 8082;
}
default
{
my.services.gitea.privatePort = 8082;
}
my.services.jellyfin.enable
Whether to enable Jellyfin.
type
boolean
example
{
my.services.jellyfin.enable = true;
}
default
{
my.services.jellyfin.enable = false;
}
my.services.lohr.enable
Whether to enable Lohr Mirroring Daemon.
type
boolean
example
{
my.services.lohr.enable = true;
}
default
{
my.services.lohr.enable = false;
}
my.services.lohr.home
Home for the lohr service, where data will be stored
type
string
example
{
my.services.lohr.home = "/var/lib/lohr";
}
default
{
my.services.lohr.home = "/var/lib/lohr";
}
my.services.lohr.port
Internal port for Lohr daemon
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
my.services.lohr.port = 8080;
}
default
{
my.services.lohr.port = 8080;
}
my.services.matrix.enable
Whether to enable Matrix Synapse.
type
boolean
example
{
my.services.matrix.enable = true;
}
default
{
my.services.matrix.enable = false;
}
my.services.matrix.emailConfig
type
submodule
my.services.matrix.emailConfig.notifFrom
type
string
example
{
my.services.matrix.emailConfig.notifFrom = "Your Friendly %(app)s homeserver <noreply@example.com>";
}
my.services.matrix.emailConfig.smtpHost
type
string
default
{
my.services.matrix.emailConfig.smtpHost = "localhost";
}
my.services.matrix.emailConfig.smtpPass
type
string
my.services.matrix.emailConfig.smtpPort
The port to use to connect to the SMTP host.
Defaulting to STARTTLS port 587 because TLS port 465 isn't supported by synapse See https://github.com/matrix-org/synapse/issues/8046
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
my.services.matrix.emailConfig.smtpPort = 587;
}
my.services.matrix.emailConfig.smtpUser
type
string
my.services.matrix.registration_shared_secret
Shared secret to register users
type
string
example
{
my.services.matrix.registration_shared_secret = "deadbeef";
}
default
{
my.services.matrix.registration_shared_secret = null;
}
my.services.miniflux.enable
Whether to enable Serve a Miniflux instance.
type
boolean
example
{
my.services.miniflux.enable = true;
}
default
{
my.services.miniflux.enable = false;
}
my.services.miniflux.adminCredentialsFile
File containing ADMIN_USERNAME= and ADMIN_PASSWORD=
type
string
example
{
my.services.miniflux.adminCredentialsFile = "./secrets/miniflux-admin-credentials";
}
default
{
my.services.miniflux.adminCredentialsFile = null;
}
my.services.miniflux.privatePort
Port to serve the app
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
my.services.miniflux.privatePort = 8080;
}
default
{
my.services.miniflux.privatePort = 8080;
}
my.services.navidrome.enable
Whether to enable Navidrome.
type
boolean
example
{
my.services.navidrome.enable = true;
}
default
{
my.services.navidrome.enable = false;
}
my.services.navidrome.musicFolder.backup
Whether to enable backup the music folder.
type
boolean
example
{
my.services.navidrome.musicFolder.backup = true;
}
default
{
my.services.navidrome.musicFolder.backup = false;
}
my.services.navidrome.musicFolder.path
type
string
default
{
my.services.navidrome.musicFolder.path = "./music";
}
my.services.nextcloud.enable
Whether to enable NextCloud.
type
boolean
example
{
my.services.nextcloud.enable = true;
}
default
{
my.services.nextcloud.enable = false;
}
my.services.nuage.enable
Whether to enable Nuage redirect.
type
boolean
example
{
my.services.nuage.enable = true;
}
default
{
my.services.nuage.enable = false;
}
my.services.paperless.enable
Whether to enable Paperless.
type
boolean
example
{
my.services.paperless.enable = true;
}
default
{
my.services.paperless.enable = false;
}
my.services.paperless.port
Internal port for Paperless service
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
my.services.paperless.port = 8080;
}
default
{
my.services.paperless.port = 8080;
}
my.services.pipewire.enable
Whether to enable Pipewire sound backend.
type
boolean
example
{
my.services.pipewire.enable = true;
}
default
{
my.services.pipewire.enable = false;
}
my.services.postgresql-backup.enable
Whether to enable Backup SQL databases.
type
boolean
example
{
my.services.postgresql-backup.enable = true;
}
default
{
my.services.postgresql-backup.enable = false;
}
my.services.restic-backup.enable
Whether to enable Enable Restic backups for this host.
type
boolean
example
{
my.services.restic-backup.enable = true;
}
default
{
my.services.restic-backup.enable = false;
}
my.services.restic-backup.exclude
Paths to exclude from backup
type
list of string
example
{
my.services.restic-backup.exclude = [
"/var/lib/docker"
"/var/lib/systemd"
"/var/lib/libvirt"
"**/target"
"/home/*/go/bin"
"/home/*/go/pkg"
];
}
default
{
my.services.restic-backup.exclude = [];
}
my.services.restic-backup.paths
Paths to backup
type
list of string
example
{
my.services.restic-backup.paths = [
"/var/lib"
"/home"
];
}
default
{
my.services.restic-backup.paths = [];
}
my.services.restic-backup.prune
type
attribute set
default
{
my.services.restic-backup.prune = {
daily = 7;
monthly = 6;
weekly = 4;
};
}
my.services.restic-backup.repo
Restic backup repo
type
string
example
{
my.services.restic-backup.repo = "/mnt/hdd";
}
default
{
my.services.restic-backup.repo = null;
}
my.services.tailscale.enable
Whether to enable Tailscale.
type
boolean
example
{
my.services.tailscale.enable = true;
}
default
{
my.services.tailscale.enable = false;
}
my.services.tailscale.exitNode
Whether to enable Use as exit node.
type
boolean
example
{
my.services.tailscale.exitNode = true;
}
default
{
my.services.tailscale.exitNode = false;
}
my.services.tgv.enable
Whether to enable TGV redirect.
type
boolean
example
{
my.services.tgv.enable = true;
}
default
{
my.services.tgv.enable = false;
}
my.services.transmission.enable
Whether to enable Transmission torrent client.
type
boolean
example
{
my.services.transmission.enable = true;
}
default
{
my.services.transmission.enable = false;
}
my.services.transmission.password
Password of the transmission RPC user
type
string
example
{
my.services.transmission.password = "password";
}
my.services.transmission.username
Name of the transmission RPC user
type
string
example
{
my.services.transmission.username = "username";
}
default
{
my.services.transmission.username = "alarsyo";
}
my.services.vaultwarden.enable
Whether to enable Vaultwarden.
type
boolean
example
{
my.services.vaultwarden.enable = true;
}
default
{
my.services.vaultwarden.enable = false;
}
my.services.vaultwarden.privatePort
Port used internally for rocket server
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
my.services.vaultwarden.privatePort = 8081;
}
default
{
my.services.vaultwarden.privatePort = 8081;
}
my.services.vaultwarden.websocketPort
Port used for websocket connections
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
my.services.vaultwarden.websocketPort = 3012;
}
default
{
my.services.vaultwarden.websocketPort = 3012;
}
my.theme
type
submodule
default
{
my.theme = {};
}
my.theme.alacrittyTheme
type
submodule
default
{
my.theme.alacrittyTheme = {};
}
my.theme.alacrittyTheme.bright
type
submodule
default
{
my.theme.alacrittyTheme.bright = {
black = "#666666";
blue = "#7aa6da";
cyan = "#70c0b1";
green = "#b9ca4a";
magenta = "#c397d8";
red = "#d54e53";
white = "#eaeaea";
yellow = "#e7c547";
};
}
my.theme.alacrittyTheme.bright.black
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.bright.black = "#abcdef";
}
default
{
my.theme.alacrittyTheme.bright.black = "#000000";
}
my.theme.alacrittyTheme.bright.blue
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.bright.blue = "#abcdef";
}
default
{
my.theme.alacrittyTheme.bright.blue = "#000000";
}
my.theme.alacrittyTheme.bright.cyan
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.bright.cyan = "#abcdef";
}
default
{
my.theme.alacrittyTheme.bright.cyan = "#000000";
}
my.theme.alacrittyTheme.bright.green
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.bright.green = "#abcdef";
}
default
{
my.theme.alacrittyTheme.bright.green = "#000000";
}
my.theme.alacrittyTheme.bright.magenta
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.bright.magenta = "#abcdef";
}
default
{
my.theme.alacrittyTheme.bright.magenta = "#000000";
}
my.theme.alacrittyTheme.bright.red
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.bright.red = "#abcdef";
}
default
{
my.theme.alacrittyTheme.bright.red = "#000000";
}
my.theme.alacrittyTheme.bright.white
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.bright.white = "#abcdef";
}
default
{
my.theme.alacrittyTheme.bright.white = "#000000";
}
my.theme.alacrittyTheme.bright.yellow
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.bright.yellow = "#abcdef";
}
default
{
my.theme.alacrittyTheme.bright.yellow = "#000000";
}
my.theme.alacrittyTheme.cursor
type
submodule
default
{
my.theme.alacrittyTheme.cursor = {
cursor = "#c5c8c6";
text = "#1d1f21";
};
}
my.theme.alacrittyTheme.cursor.cursor
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.cursor.cursor = "#abcdef";
}
default
{
my.theme.alacrittyTheme.cursor.cursor = "#000000";
}
my.theme.alacrittyTheme.cursor.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.cursor.text = "#abcdef";
}
default
{
my.theme.alacrittyTheme.cursor.text = "#000000";
}
my.theme.alacrittyTheme.dim
type
submodule
default
{
my.theme.alacrittyTheme.dim = {
black = "#131415";
blue = "#556a7d";
cyan = "#5b7d78";
green = "#777c44";
magenta = "#75617b";
red = "#864343";
white = "#828482";
yellow = "#9e824c";
};
}
my.theme.alacrittyTheme.dim.black
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.dim.black = "#abcdef";
}
default
{
my.theme.alacrittyTheme.dim.black = "#000000";
}
my.theme.alacrittyTheme.dim.blue
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.dim.blue = "#abcdef";
}
default
{
my.theme.alacrittyTheme.dim.blue = "#000000";
}
my.theme.alacrittyTheme.dim.cyan
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.dim.cyan = "#abcdef";
}
default
{
my.theme.alacrittyTheme.dim.cyan = "#000000";
}
my.theme.alacrittyTheme.dim.green
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.dim.green = "#abcdef";
}
default
{
my.theme.alacrittyTheme.dim.green = "#000000";
}
my.theme.alacrittyTheme.dim.magenta
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.dim.magenta = "#abcdef";
}
default
{
my.theme.alacrittyTheme.dim.magenta = "#000000";
}
my.theme.alacrittyTheme.dim.red
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.dim.red = "#abcdef";
}
default
{
my.theme.alacrittyTheme.dim.red = "#000000";
}
my.theme.alacrittyTheme.dim.white
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.dim.white = "#abcdef";
}
default
{
my.theme.alacrittyTheme.dim.white = "#000000";
}
my.theme.alacrittyTheme.dim.yellow
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.dim.yellow = "#abcdef";
}
default
{
my.theme.alacrittyTheme.dim.yellow = "#000000";
}
my.theme.alacrittyTheme.normal
type
submodule
default
{
my.theme.alacrittyTheme.normal = {
black = "#1d1f21";
blue = "#81a2be";
cyan = "#8abeb7";
green = "#b5bd68";
magenta = "#b294bb";
red = "#cc6666";
white = "#c5c8c6";
yellow = "#f0c674";
};
}
my.theme.alacrittyTheme.normal.black
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.normal.black = "#abcdef";
}
default
{
my.theme.alacrittyTheme.normal.black = "#000000";
}
my.theme.alacrittyTheme.normal.blue
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.normal.blue = "#abcdef";
}
default
{
my.theme.alacrittyTheme.normal.blue = "#000000";
}
my.theme.alacrittyTheme.normal.cyan
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.normal.cyan = "#abcdef";
}
default
{
my.theme.alacrittyTheme.normal.cyan = "#000000";
}
my.theme.alacrittyTheme.normal.green
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.normal.green = "#abcdef";
}
default
{
my.theme.alacrittyTheme.normal.green = "#000000";
}
my.theme.alacrittyTheme.normal.magenta
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.normal.magenta = "#abcdef";
}
default
{
my.theme.alacrittyTheme.normal.magenta = "#000000";
}
my.theme.alacrittyTheme.normal.red
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.normal.red = "#abcdef";
}
default
{
my.theme.alacrittyTheme.normal.red = "#000000";
}
my.theme.alacrittyTheme.normal.white
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.normal.white = "#abcdef";
}
default
{
my.theme.alacrittyTheme.normal.white = "#000000";
}
my.theme.alacrittyTheme.normal.yellow
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.normal.yellow = "#abcdef";
}
default
{
my.theme.alacrittyTheme.normal.yellow = "#000000";
}
my.theme.alacrittyTheme.primary
type
submodule
default
{
my.theme.alacrittyTheme.primary = {
background = "#1d1f21";
foreground = "#c5c8c6";
};
}
my.theme.alacrittyTheme.primary.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.primary.background = "#abcdef";
}
default
{
my.theme.alacrittyTheme.primary.background = "#000000";
}
my.theme.alacrittyTheme.primary.foreground
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.alacrittyTheme.primary.foreground = "#abcdef";
}
default
{
my.theme.alacrittyTheme.primary.foreground = "#000000";
}
my.theme.batTheme
type
submodule
default
{
my.theme.batTheme = {};
}
my.theme.batTheme.name
type
string
default
{
my.theme.batTheme.name = "";
}
my.theme.i3BarTheme
type
submodule
default
{
my.theme.i3BarTheme = {};
}
my.theme.i3BarTheme.theme
type
submodule
default
{
my.theme.i3BarTheme.theme = {};
}
my.theme.i3BarTheme.theme.name
type
string
default
{
my.theme.i3BarTheme.theme.name = "plain";
}
my.theme.i3BarTheme.theme.overrides
type
attribute set of string
default
{
my.theme.i3BarTheme.theme.overrides = {};
}
my.theme.i3Theme
type
submodule
default
{
my.theme.i3Theme = {};
}
my.theme.i3Theme.background
Background color of the window. Only applications which do not cover the whole area expose the color.
type
string
default
{
my.theme.i3Theme.background = "#ffffff";
}
my.theme.i3Theme.bar
type
submodule
default
{
my.theme.i3Theme.bar = {};
}
my.theme.i3Theme.bar.activeWorkspace
Border, background and text color for a workspace button when the workspace is active.
type
submodule
default
{
my.theme.i3Theme.bar.activeWorkspace = {
background = "#5f676a";
border = "#333333";
text = "#ffffff";
};
}
my.theme.i3Theme.bar.activeWorkspace.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.activeWorkspace.background = "#abcdef";
}
default
{
my.theme.i3Theme.bar.activeWorkspace.background = "#000000";
}
my.theme.i3Theme.bar.activeWorkspace.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.activeWorkspace.border = "#abcdef";
}
default
{
my.theme.i3Theme.bar.activeWorkspace.border = "#000000";
}
my.theme.i3Theme.bar.activeWorkspace.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.activeWorkspace.text = "#abcdef";
}
default
{
my.theme.i3Theme.bar.activeWorkspace.text = "#000000";
}
my.theme.i3Theme.bar.background
Background color of the bar.
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.background = "#abcdef";
}
default
{
my.theme.i3Theme.bar.background = "#000000";
}
my.theme.i3Theme.bar.bindingMode
Border, background and text color for the binding mode indicator
type
submodule
default
{
my.theme.i3Theme.bar.bindingMode = {
background = "#900000";
border = "#2f343a";
text = "#ffffff";
};
}
my.theme.i3Theme.bar.bindingMode.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.bindingMode.background = "#abcdef";
}
default
{
my.theme.i3Theme.bar.bindingMode.background = "#000000";
}
my.theme.i3Theme.bar.bindingMode.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.bindingMode.border = "#abcdef";
}
default
{
my.theme.i3Theme.bar.bindingMode.border = "#000000";
}
my.theme.i3Theme.bar.bindingMode.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.bindingMode.text = "#abcdef";
}
default
{
my.theme.i3Theme.bar.bindingMode.text = "#000000";
}
my.theme.i3Theme.bar.focusedWorkspace
Border, background and text color for a workspace button when the workspace has focus.
type
submodule
default
{
my.theme.i3Theme.bar.focusedWorkspace = {
background = "#285577";
border = "#4c7899";
text = "#ffffff";
};
}
my.theme.i3Theme.bar.focusedWorkspace.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.focusedWorkspace.background = "#abcdef";
}
default
{
my.theme.i3Theme.bar.focusedWorkspace.background = "#000000";
}
my.theme.i3Theme.bar.focusedWorkspace.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.focusedWorkspace.border = "#abcdef";
}
default
{
my.theme.i3Theme.bar.focusedWorkspace.border = "#000000";
}
my.theme.i3Theme.bar.focusedWorkspace.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.focusedWorkspace.text = "#abcdef";
}
default
{
my.theme.i3Theme.bar.focusedWorkspace.text = "#000000";
}
my.theme.i3Theme.bar.inactiveWorkspace
Border, background and text color for a workspace button when the workspace does not have focus and is not active.
type
submodule
default
{
my.theme.i3Theme.bar.inactiveWorkspace = {
background = "#222222";
border = "#333333";
text = "#888888";
};
}
my.theme.i3Theme.bar.inactiveWorkspace.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.inactiveWorkspace.background = "#abcdef";
}
default
{
my.theme.i3Theme.bar.inactiveWorkspace.background = "#000000";
}
my.theme.i3Theme.bar.inactiveWorkspace.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.inactiveWorkspace.border = "#abcdef";
}
default
{
my.theme.i3Theme.bar.inactiveWorkspace.border = "#000000";
}
my.theme.i3Theme.bar.inactiveWorkspace.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.inactiveWorkspace.text = "#abcdef";
}
default
{
my.theme.i3Theme.bar.inactiveWorkspace.text = "#000000";
}
my.theme.i3Theme.bar.separator
Text color to be used for the separator.
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.separator = "#abcdef";
}
default
{
my.theme.i3Theme.bar.separator = "#666666";
}
my.theme.i3Theme.bar.statusline
Text color to be used for the statusline.
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.statusline = "#abcdef";
}
default
{
my.theme.i3Theme.bar.statusline = "#ffffff";
}
my.theme.i3Theme.bar.urgentWorkspace
Border, background and text color for a workspace button when the workspace contains a window with the urgency hint set.
type
submodule
default
{
my.theme.i3Theme.bar.urgentWorkspace = {
background = "#900000";
border = "#2f343a";
text = "#ffffff";
};
}
my.theme.i3Theme.bar.urgentWorkspace.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.urgentWorkspace.background = "#abcdef";
}
default
{
my.theme.i3Theme.bar.urgentWorkspace.background = "#000000";
}
my.theme.i3Theme.bar.urgentWorkspace.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.urgentWorkspace.border = "#abcdef";
}
default
{
my.theme.i3Theme.bar.urgentWorkspace.border = "#000000";
}
my.theme.i3Theme.bar.urgentWorkspace.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.bar.urgentWorkspace.text = "#abcdef";
}
default
{
my.theme.i3Theme.bar.urgentWorkspace.text = "#000000";
}
my.theme.i3Theme.focused
A window which currently has the focus.
type
submodule
default
{
my.theme.i3Theme.focused = {
background = "#285577";
border = "#4c7899";
childBorder = "#285577";
indicator = "#2e9ef4";
text = "#ffffff";
};
}
my.theme.i3Theme.focused.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focused.background = "#abcdef";
}
default
{
my.theme.i3Theme.focused.background = "#000000";
}
my.theme.i3Theme.focused.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focused.border = "#abcdef";
}
default
{
my.theme.i3Theme.focused.border = "#000000";
}
my.theme.i3Theme.focused.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focused.childBorder = "#abcdef";
}
default
{
my.theme.i3Theme.focused.childBorder = "#000000";
}
my.theme.i3Theme.focused.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focused.indicator = "#abcdef";
}
default
{
my.theme.i3Theme.focused.indicator = "#000000";
}
my.theme.i3Theme.focused.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focused.text = "#abcdef";
}
default
{
my.theme.i3Theme.focused.text = "#000000";
}
my.theme.i3Theme.focusedInactive
A window which is the focused one of its container, but it does not have the focus at the moment.
type
submodule
default
{
my.theme.i3Theme.focusedInactive = {
background = "#5f676a";
border = "#333333";
childBorder = "#5f676a";
indicator = "#484e50";
text = "#ffffff";
};
}
my.theme.i3Theme.focusedInactive.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focusedInactive.background = "#abcdef";
}
default
{
my.theme.i3Theme.focusedInactive.background = "#000000";
}
my.theme.i3Theme.focusedInactive.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focusedInactive.border = "#abcdef";
}
default
{
my.theme.i3Theme.focusedInactive.border = "#000000";
}
my.theme.i3Theme.focusedInactive.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focusedInactive.childBorder = "#abcdef";
}
default
{
my.theme.i3Theme.focusedInactive.childBorder = "#000000";
}
my.theme.i3Theme.focusedInactive.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focusedInactive.indicator = "#abcdef";
}
default
{
my.theme.i3Theme.focusedInactive.indicator = "#000000";
}
my.theme.i3Theme.focusedInactive.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.focusedInactive.text = "#abcdef";
}
default
{
my.theme.i3Theme.focusedInactive.text = "#000000";
}
my.theme.i3Theme.placeholder
Background and text color are used to draw placeholder window contents (when restoring layouts). Border and indicator are ignored.
type
submodule
default
{
my.theme.i3Theme.placeholder = {
background = "#0c0c0c";
border = "#000000";
childBorder = "#0c0c0c";
indicator = "#000000";
text = "#ffffff";
};
}
my.theme.i3Theme.placeholder.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.placeholder.background = "#abcdef";
}
default
{
my.theme.i3Theme.placeholder.background = "#000000";
}
my.theme.i3Theme.placeholder.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.placeholder.border = "#abcdef";
}
default
{
my.theme.i3Theme.placeholder.border = "#000000";
}
my.theme.i3Theme.placeholder.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.placeholder.childBorder = "#abcdef";
}
default
{
my.theme.i3Theme.placeholder.childBorder = "#000000";
}
my.theme.i3Theme.placeholder.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.placeholder.indicator = "#abcdef";
}
default
{
my.theme.i3Theme.placeholder.indicator = "#000000";
}
my.theme.i3Theme.placeholder.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.placeholder.text = "#abcdef";
}
default
{
my.theme.i3Theme.placeholder.text = "#000000";
}
my.theme.i3Theme.unfocused
A window which is not focused.
type
submodule
default
{
my.theme.i3Theme.unfocused = {
background = "#222222";
border = "#333333";
childBorder = "#222222";
indicator = "#292d2e";
text = "#888888";
};
}
my.theme.i3Theme.unfocused.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.unfocused.background = "#abcdef";
}
default
{
my.theme.i3Theme.unfocused.background = "#000000";
}
my.theme.i3Theme.unfocused.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.unfocused.border = "#abcdef";
}
default
{
my.theme.i3Theme.unfocused.border = "#000000";
}
my.theme.i3Theme.unfocused.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.unfocused.childBorder = "#abcdef";
}
default
{
my.theme.i3Theme.unfocused.childBorder = "#000000";
}
my.theme.i3Theme.unfocused.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.unfocused.indicator = "#abcdef";
}
default
{
my.theme.i3Theme.unfocused.indicator = "#000000";
}
my.theme.i3Theme.unfocused.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.unfocused.text = "#abcdef";
}
default
{
my.theme.i3Theme.unfocused.text = "#000000";
}
my.theme.i3Theme.urgent
A window which has its urgency hint activated.
type
submodule
default
{
my.theme.i3Theme.urgent = {
background = "#900000";
border = "#2f343a";
childBorder = "#900000";
indicator = "#900000";
text = "#ffffff";
};
}
my.theme.i3Theme.urgent.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.urgent.background = "#abcdef";
}
default
{
my.theme.i3Theme.urgent.background = "#000000";
}
my.theme.i3Theme.urgent.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.urgent.border = "#abcdef";
}
default
{
my.theme.i3Theme.urgent.border = "#000000";
}
my.theme.i3Theme.urgent.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.urgent.childBorder = "#abcdef";
}
default
{
my.theme.i3Theme.urgent.childBorder = "#000000";
}
my.theme.i3Theme.urgent.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.urgent.indicator = "#abcdef";
}
default
{
my.theme.i3Theme.urgent.indicator = "#000000";
}
my.theme.i3Theme.urgent.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.theme.i3Theme.urgent.text = "#abcdef";
}
default
{
my.theme.i3Theme.urgent.text = "#000000";
}
my.themes
type
attribute set of submodule
my.themes.<name>.alacrittyTheme
type
submodule
default
{
my.themes.<name>.alacrittyTheme = {};
}
my.themes.<name>.alacrittyTheme.bright
type
submodule
default
{
my.themes.<name>.alacrittyTheme.bright = {
black = "#666666";
blue = "#7aa6da";
cyan = "#70c0b1";
green = "#b9ca4a";
magenta = "#c397d8";
red = "#d54e53";
white = "#eaeaea";
yellow = "#e7c547";
};
}
my.themes.<name>.alacrittyTheme.bright.black
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.bright.black = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.bright.black = "#000000";
}
my.themes.<name>.alacrittyTheme.bright.blue
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.bright.blue = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.bright.blue = "#000000";
}
my.themes.<name>.alacrittyTheme.bright.cyan
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.bright.cyan = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.bright.cyan = "#000000";
}
my.themes.<name>.alacrittyTheme.bright.green
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.bright.green = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.bright.green = "#000000";
}
my.themes.<name>.alacrittyTheme.bright.magenta
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.bright.magenta = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.bright.magenta = "#000000";
}
my.themes.<name>.alacrittyTheme.bright.red
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.bright.red = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.bright.red = "#000000";
}
my.themes.<name>.alacrittyTheme.bright.white
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.bright.white = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.bright.white = "#000000";
}
my.themes.<name>.alacrittyTheme.bright.yellow
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.bright.yellow = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.bright.yellow = "#000000";
}
my.themes.<name>.alacrittyTheme.cursor
type
submodule
default
{
my.themes.<name>.alacrittyTheme.cursor = {
cursor = "#c5c8c6";
text = "#1d1f21";
};
}
my.themes.<name>.alacrittyTheme.cursor.cursor
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.cursor.cursor = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.cursor.cursor = "#000000";
}
my.themes.<name>.alacrittyTheme.cursor.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.cursor.text = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.cursor.text = "#000000";
}
my.themes.<name>.alacrittyTheme.dim
type
submodule
default
{
my.themes.<name>.alacrittyTheme.dim = {
black = "#131415";
blue = "#556a7d";
cyan = "#5b7d78";
green = "#777c44";
magenta = "#75617b";
red = "#864343";
white = "#828482";
yellow = "#9e824c";
};
}
my.themes.<name>.alacrittyTheme.dim.black
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.dim.black = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.dim.black = "#000000";
}
my.themes.<name>.alacrittyTheme.dim.blue
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.dim.blue = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.dim.blue = "#000000";
}
my.themes.<name>.alacrittyTheme.dim.cyan
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.dim.cyan = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.dim.cyan = "#000000";
}
my.themes.<name>.alacrittyTheme.dim.green
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.dim.green = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.dim.green = "#000000";
}
my.themes.<name>.alacrittyTheme.dim.magenta
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.dim.magenta = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.dim.magenta = "#000000";
}
my.themes.<name>.alacrittyTheme.dim.red
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.dim.red = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.dim.red = "#000000";
}
my.themes.<name>.alacrittyTheme.dim.white
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.dim.white = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.dim.white = "#000000";
}
my.themes.<name>.alacrittyTheme.dim.yellow
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.dim.yellow = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.dim.yellow = "#000000";
}
my.themes.<name>.alacrittyTheme.normal
type
submodule
default
{
my.themes.<name>.alacrittyTheme.normal = {
black = "#1d1f21";
blue = "#81a2be";
cyan = "#8abeb7";
green = "#b5bd68";
magenta = "#b294bb";
red = "#cc6666";
white = "#c5c8c6";
yellow = "#f0c674";
};
}
my.themes.<name>.alacrittyTheme.normal.black
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.normal.black = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.normal.black = "#000000";
}
my.themes.<name>.alacrittyTheme.normal.blue
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.normal.blue = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.normal.blue = "#000000";
}
my.themes.<name>.alacrittyTheme.normal.cyan
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.normal.cyan = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.normal.cyan = "#000000";
}
my.themes.<name>.alacrittyTheme.normal.green
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.normal.green = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.normal.green = "#000000";
}
my.themes.<name>.alacrittyTheme.normal.magenta
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.normal.magenta = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.normal.magenta = "#000000";
}
my.themes.<name>.alacrittyTheme.normal.red
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.normal.red = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.normal.red = "#000000";
}
my.themes.<name>.alacrittyTheme.normal.white
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.normal.white = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.normal.white = "#000000";
}
my.themes.<name>.alacrittyTheme.normal.yellow
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.normal.yellow = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.normal.yellow = "#000000";
}
my.themes.<name>.alacrittyTheme.primary
type
submodule
default
{
my.themes.<name>.alacrittyTheme.primary = {
background = "#1d1f21";
foreground = "#c5c8c6";
};
}
my.themes.<name>.alacrittyTheme.primary.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.primary.background = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.primary.background = "#000000";
}
my.themes.<name>.alacrittyTheme.primary.foreground
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.alacrittyTheme.primary.foreground = "#abcdef";
}
default
{
my.themes.<name>.alacrittyTheme.primary.foreground = "#000000";
}
my.themes.<name>.batTheme
type
submodule
default
{
my.themes.<name>.batTheme = {};
}
my.themes.<name>.batTheme.name
type
string
default
{
my.themes.<name>.batTheme.name = "";
}
my.themes.<name>.i3BarTheme
type
submodule
default
{
my.themes.<name>.i3BarTheme = {};
}
my.themes.<name>.i3BarTheme.theme
type
submodule
default
{
my.themes.<name>.i3BarTheme.theme = {};
}
my.themes.<name>.i3BarTheme.theme.name
type
string
default
{
my.themes.<name>.i3BarTheme.theme.name = "plain";
}
my.themes.<name>.i3BarTheme.theme.overrides
type
attribute set of string
default
{
my.themes.<name>.i3BarTheme.theme.overrides = {};
}
my.themes.<name>.i3Theme
type
submodule
default
{
my.themes.<name>.i3Theme = {};
}
my.themes.<name>.i3Theme.background
Background color of the window. Only applications which do not cover the whole area expose the color.
type
string
default
{
my.themes.<name>.i3Theme.background = "#ffffff";
}
my.themes.<name>.i3Theme.bar
type
submodule
default
{
my.themes.<name>.i3Theme.bar = {};
}
my.themes.<name>.i3Theme.bar.activeWorkspace
Border, background and text color for a workspace button when the workspace is active.
type
submodule
default
{
my.themes.<name>.i3Theme.bar.activeWorkspace = {
background = "#5f676a";
border = "#333333";
text = "#ffffff";
};
}
my.themes.<name>.i3Theme.bar.activeWorkspace.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.activeWorkspace.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.activeWorkspace.background = "#000000";
}
my.themes.<name>.i3Theme.bar.activeWorkspace.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.activeWorkspace.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.activeWorkspace.border = "#000000";
}
my.themes.<name>.i3Theme.bar.activeWorkspace.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.activeWorkspace.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.activeWorkspace.text = "#000000";
}
my.themes.<name>.i3Theme.bar.background
Background color of the bar.
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.background = "#000000";
}
my.themes.<name>.i3Theme.bar.bindingMode
Border, background and text color for the binding mode indicator
type
submodule
default
{
my.themes.<name>.i3Theme.bar.bindingMode = {
background = "#900000";
border = "#2f343a";
text = "#ffffff";
};
}
my.themes.<name>.i3Theme.bar.bindingMode.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.bindingMode.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.bindingMode.background = "#000000";
}
my.themes.<name>.i3Theme.bar.bindingMode.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.bindingMode.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.bindingMode.border = "#000000";
}
my.themes.<name>.i3Theme.bar.bindingMode.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.bindingMode.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.bindingMode.text = "#000000";
}
my.themes.<name>.i3Theme.bar.focusedWorkspace
Border, background and text color for a workspace button when the workspace has focus.
type
submodule
default
{
my.themes.<name>.i3Theme.bar.focusedWorkspace = {
background = "#285577";
border = "#4c7899";
text = "#ffffff";
};
}
my.themes.<name>.i3Theme.bar.focusedWorkspace.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.focusedWorkspace.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.focusedWorkspace.background = "#000000";
}
my.themes.<name>.i3Theme.bar.focusedWorkspace.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.focusedWorkspace.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.focusedWorkspace.border = "#000000";
}
my.themes.<name>.i3Theme.bar.focusedWorkspace.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.focusedWorkspace.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.focusedWorkspace.text = "#000000";
}
my.themes.<name>.i3Theme.bar.inactiveWorkspace
Border, background and text color for a workspace button when the workspace does not have focus and is not active.
type
submodule
default
{
my.themes.<name>.i3Theme.bar.inactiveWorkspace = {
background = "#222222";
border = "#333333";
text = "#888888";
};
}
my.themes.<name>.i3Theme.bar.inactiveWorkspace.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.inactiveWorkspace.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.inactiveWorkspace.background = "#000000";
}
my.themes.<name>.i3Theme.bar.inactiveWorkspace.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.inactiveWorkspace.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.inactiveWorkspace.border = "#000000";
}
my.themes.<name>.i3Theme.bar.inactiveWorkspace.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.inactiveWorkspace.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.inactiveWorkspace.text = "#000000";
}
my.themes.<name>.i3Theme.bar.separator
Text color to be used for the separator.
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.separator = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.separator = "#666666";
}
my.themes.<name>.i3Theme.bar.statusline
Text color to be used for the statusline.
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.statusline = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.statusline = "#ffffff";
}
my.themes.<name>.i3Theme.bar.urgentWorkspace
Border, background and text color for a workspace button when the workspace contains a window with the urgency hint set.
type
submodule
default
{
my.themes.<name>.i3Theme.bar.urgentWorkspace = {
background = "#900000";
border = "#2f343a";
text = "#ffffff";
};
}
my.themes.<name>.i3Theme.bar.urgentWorkspace.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.urgentWorkspace.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.urgentWorkspace.background = "#000000";
}
my.themes.<name>.i3Theme.bar.urgentWorkspace.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.urgentWorkspace.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.urgentWorkspace.border = "#000000";
}
my.themes.<name>.i3Theme.bar.urgentWorkspace.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.bar.urgentWorkspace.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.bar.urgentWorkspace.text = "#000000";
}
my.themes.<name>.i3Theme.focused
A window which currently has the focus.
type
submodule
default
{
my.themes.<name>.i3Theme.focused = {
background = "#285577";
border = "#4c7899";
childBorder = "#285577";
indicator = "#2e9ef4";
text = "#ffffff";
};
}
my.themes.<name>.i3Theme.focused.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focused.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focused.background = "#000000";
}
my.themes.<name>.i3Theme.focused.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focused.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focused.border = "#000000";
}
my.themes.<name>.i3Theme.focused.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focused.childBorder = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focused.childBorder = "#000000";
}
my.themes.<name>.i3Theme.focused.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focused.indicator = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focused.indicator = "#000000";
}
my.themes.<name>.i3Theme.focused.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focused.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focused.text = "#000000";
}
my.themes.<name>.i3Theme.focusedInactive
A window which is the focused one of its container, but it does not have the focus at the moment.
type
submodule
default
{
my.themes.<name>.i3Theme.focusedInactive = {
background = "#5f676a";
border = "#333333";
childBorder = "#5f676a";
indicator = "#484e50";
text = "#ffffff";
};
}
my.themes.<name>.i3Theme.focusedInactive.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focusedInactive.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focusedInactive.background = "#000000";
}
my.themes.<name>.i3Theme.focusedInactive.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focusedInactive.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focusedInactive.border = "#000000";
}
my.themes.<name>.i3Theme.focusedInactive.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focusedInactive.childBorder = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focusedInactive.childBorder = "#000000";
}
my.themes.<name>.i3Theme.focusedInactive.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focusedInactive.indicator = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focusedInactive.indicator = "#000000";
}
my.themes.<name>.i3Theme.focusedInactive.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.focusedInactive.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.focusedInactive.text = "#000000";
}
my.themes.<name>.i3Theme.placeholder
Background and text color are used to draw placeholder window contents (when restoring layouts). Border and indicator are ignored.
type
submodule
default
{
my.themes.<name>.i3Theme.placeholder = {
background = "#0c0c0c";
border = "#000000";
childBorder = "#0c0c0c";
indicator = "#000000";
text = "#ffffff";
};
}
my.themes.<name>.i3Theme.placeholder.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.placeholder.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.placeholder.background = "#000000";
}
my.themes.<name>.i3Theme.placeholder.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.placeholder.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.placeholder.border = "#000000";
}
my.themes.<name>.i3Theme.placeholder.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.placeholder.childBorder = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.placeholder.childBorder = "#000000";
}
my.themes.<name>.i3Theme.placeholder.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.placeholder.indicator = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.placeholder.indicator = "#000000";
}
my.themes.<name>.i3Theme.placeholder.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.placeholder.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.placeholder.text = "#000000";
}
my.themes.<name>.i3Theme.unfocused
A window which is not focused.
type
submodule
default
{
my.themes.<name>.i3Theme.unfocused = {
background = "#222222";
border = "#333333";
childBorder = "#222222";
indicator = "#292d2e";
text = "#888888";
};
}
my.themes.<name>.i3Theme.unfocused.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.unfocused.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.unfocused.background = "#000000";
}
my.themes.<name>.i3Theme.unfocused.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.unfocused.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.unfocused.border = "#000000";
}
my.themes.<name>.i3Theme.unfocused.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.unfocused.childBorder = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.unfocused.childBorder = "#000000";
}
my.themes.<name>.i3Theme.unfocused.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.unfocused.indicator = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.unfocused.indicator = "#000000";
}
my.themes.<name>.i3Theme.unfocused.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.unfocused.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.unfocused.text = "#000000";
}
my.themes.<name>.i3Theme.urgent
A window which has its urgency hint activated.
type
submodule
default
{
my.themes.<name>.i3Theme.urgent = {
background = "#900000";
border = "#2f343a";
childBorder = "#900000";
indicator = "#900000";
text = "#ffffff";
};
}
my.themes.<name>.i3Theme.urgent.background
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.urgent.background = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.urgent.background = "#000000";
}
my.themes.<name>.i3Theme.urgent.border
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.urgent.border = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.urgent.border = "#000000";
}
my.themes.<name>.i3Theme.urgent.childBorder
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.urgent.childBorder = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.urgent.childBorder = "#000000";
}
my.themes.<name>.i3Theme.urgent.indicator
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.urgent.indicator = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.urgent.indicator = "#000000";
}
my.themes.<name>.i3Theme.urgent.text
type
string matching the pattern #[0-9a-f]{6}
example
{
my.themes.<name>.i3Theme.urgent.text = "#abcdef";
}
default
{
my.themes.<name>.i3Theme.urgent.text = "#000000";
}
my.wakeonwlan.interfaces
Wireless interfaces where you want to enable WoWLAN
type
attribute set of submodule
example
{
my.wakeonwlan.interfaces = {
_type = "literalExpression";
text = ''
{
phy0.methods = [
"magic-packet"
"disconnect"
"gtk-rekey-failure"
"eap-identity-request"
"rfkill-release"
];
phy2.methods = [ "any" ];
}
'';
};
}
default
{
my.wakeonwlan.interfaces = {};
}
my.wakeonwlan.interfaces.<name>.methods
Wake-On-WiFiLan methods for this interface.
type
list of one of "4way-handshake", "any", "disconnect", "eap-identity-request", "gtk-rekey-failure", "magic-packet", "rfkill-release"
my.home.bluetooth.enable
Whether to enable bluetooth configuration.
type
boolean
example
{
my.home.bluetooth.enable = true;
}
default
{
my.home.bluetooth.enable = false;
}
my.home.feh.enable
Whether to enable feh configuration.
type
boolean
example
{
my.home.feh.enable = true;
}
default
{
my.home.feh.enable = false;
}
my.home.firefox.enable
Whether to enable firefox configuration.
type
boolean
example
{
my.home.firefox.enable = true;
}
default
{
my.home.firefox.enable = false;
}
my.home.firefox.ff2mpv.enable
ff2mpv configuration
type
boolean
example
{
my.home.firefox.ff2mpv.enable = false;
}
default
{
my.home.firefox.ff2mpv.enable = false;
}
my.home.firefox.tridactyl.enable
tridactyl configuration
type
boolean
example
{
my.home.firefox.tridactyl.enable = false;
}
default
{
my.home.firefox.tridactyl.enable = false;
}
my.home.flameshot.enable
Whether to enable flameshot configuration.
type
boolean
example
{
my.home.flameshot.enable = true;
}
default
{
my.home.flameshot.enable = false;
}
my.home.gammastep.enable
Whether to enable gammastep configuration.
type
boolean
example
{
my.home.gammastep.enable = true;
}
default
{
my.home.gammastep.enable = false;
}
my.home.gammastep.temperature.day
Colour temperature to use during the day
type
signed integer
example
{
my.home.gammastep.temperature.day = 1000;
}
default
{
my.home.gammastep.temperature.day = 6500;
}
my.home.gammastep.temperature.night
Colour temperature to use during the night
type
signed integer
example
{
my.home.gammastep.temperature.night = 1000;
}
default
{
my.home.gammastep.temperature.night = 2000;
}
my.home.gammastep.times.dawn
Dawn time
type
string
example
{
my.home.gammastep.times.dawn = "12:00-14:00";
}
default
{
my.home.gammastep.times.dawn = "6:00-7:30";
}
my.home.gammastep.times.dusk
Dawn time
type
string
example
{
my.home.gammastep.times.dusk = "12:00-14:00";
}
default
{
my.home.gammastep.times.dusk = "18:30-20:00";
}
my.home.gtk.enable
Whether to enable GTK configuration.
type
boolean
example
{
my.home.gtk.enable = true;
}
default
{
my.home.gtk.enable = false;
}
my.home.mpv.enable
Whether to enable mpv configuration.
type
boolean
example
{
my.home.mpv.enable = true;
}
default
{
my.home.mpv.enable = false;
}
my.home.nm-applet.enable
Whether to enable network-manager-applet configuration.
type
boolean
example
{
my.home.nm-applet.enable = true;
}
default
{
my.home.nm-applet.enable = false;
}
my.home.power-alert.enable
Whether to enable power-alert configuration.
type
boolean
example
{
my.home.power-alert.enable = true;
}
default
{
my.home.power-alert.enable = false;
}
my.home.terminal.colors.background
Background color
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.background = "#abcdef";
}
default
{
my.home.terminal.colors.background = "#161616";
}
my.home.terminal.colors.black
Black
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.black = "#abcdef";
}
default
{
my.home.terminal.colors.black = "#222222";
}
my.home.terminal.colors.blackBold
Black bold
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.blackBold = "#abcdef";
}
default
{
my.home.terminal.colors.blackBold = "#666666";
}
my.home.terminal.colors.blue
Blue
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.blue = "#abcdef";
}
default
{
my.home.terminal.colors.blue = "#66aabb";
}
my.home.terminal.colors.blueBold
Blue bold
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.blueBold = "#abcdef";
}
default
{
my.home.terminal.colors.blueBold = "#aaccbb";
}
my.home.terminal.colors.cursor
Cursor color
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.cursor = "#abcdef";
}
default
{
my.home.terminal.colors.cursor = "#ffffff";
}
my.home.terminal.colors.cyan
Cyan
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.cyan = "#abcdef";
}
default
{
my.home.terminal.colors.cyan = "#6d878d";
}
my.home.terminal.colors.cyanBold
Cyan bold
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.cyanBold = "#abcdef";
}
default
{
my.home.terminal.colors.cyanBold = "#42717b";
}
my.home.terminal.colors.foreground
Foreground color
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.foreground = "#abcdef";
}
default
{
my.home.terminal.colors.foreground = "#ffffff";
}
my.home.terminal.colors.foregroundBold
Foreground bold color
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.foregroundBold = "#abcdef";
}
default
{
my.home.terminal.colors.foregroundBold = "#ffffff";
}
my.home.terminal.colors.green
Green
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.green = "#abcdef";
}
default
{
my.home.terminal.colors.green = "#b7ce42";
}
my.home.terminal.colors.greenBold
Green bold
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.greenBold = "#abcdef";
}
default
{
my.home.terminal.colors.greenBold = "#bde077";
}
my.home.terminal.colors.magenta
Magenta
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.magenta = "#abcdef";
}
default
{
my.home.terminal.colors.magenta = "#b7416e";
}
my.home.terminal.colors.magentaBold
Magenta bold
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.magentaBold = "#abcdef";
}
default
{
my.home.terminal.colors.magentaBold = "#e16a98";
}
my.home.terminal.colors.red
Red
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.red = "#abcdef";
}
default
{
my.home.terminal.colors.red = "#e84f4f";
}
my.home.terminal.colors.redBold
Red bold
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.redBold = "#abcdef";
}
default
{
my.home.terminal.colors.redBold = "#d23d3d";
}
my.home.terminal.colors.white
White
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.white = "#abcdef";
}
default
{
my.home.terminal.colors.white = "#dddddd";
}
my.home.terminal.colors.whiteBold
White bold
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.whiteBold = "#abcdef";
}
default
{
my.home.terminal.colors.whiteBold = "#cccccc";
}
my.home.terminal.colors.yellow
Yellow
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.yellow = "#abcdef";
}
default
{
my.home.terminal.colors.yellow = "#fea63c";
}
my.home.terminal.colors.yellowBold
Yellow bold
type
string matching the pattern #[0-9a-f]{6}
example
{
my.home.terminal.colors.yellowBold = "#abcdef";
}
default
{
my.home.terminal.colors.yellowBold = "#ffe863";
}
my.home.terminal.program
Which terminal to use for home session
type
null or value "termite" (singular enum)
example
{
my.home.terminal.program = "termite";
}
default
{
my.home.terminal.program = null;
}
my.home.udiskie.enable
Whether to enable udiskie configuration.
type
boolean
example
{
my.home.udiskie.enable = true;
}
default
{
my.home.udiskie.enable = false;
}
my.home.x.enable
Whether to enable X server configuration.
type
boolean
example
{
my.home.x.enable = true;
}
default
{
my.home.x.enable = false;
}
my.home.zathura.enable
Whether to enable zathura configuration.
type
boolean
example
{
my.home.zathura.enable = true;
}
default
{
my.home.zathura.enable = false;
}
my.profiles.bluetooth.enable
Whether to enable bluetooth profile.
type
boolean
example
{
my.profiles.bluetooth.enable = true;
}
default
{
my.profiles.bluetooth.enable = false;
}
my.profiles.devices.enable
Whether to enable devices profile.
type
boolean
example
{
my.profiles.devices.enable = true;
}
default
{
my.profiles.devices.enable = false;
}
my.profiles.gtk.enable
Whether to enable bluetooth profile.
type
boolean
example
{
my.profiles.gtk.enable = true;
}
default
{
my.profiles.gtk.enable = false;
}
my.profiles.laptop.enable
Whether to enable laptop profile.
type
boolean
example
{
my.profiles.laptop.enable = true;
}
default
{
my.profiles.laptop.enable = false;
}
my.profiles.wm.windowManager
Which window manager to use
type
null or value "i3" (singular enum)
example
{
my.profiles.wm.windowManager = "i3";
}
default
{
my.profiles.wm.windowManager = null;
}
my.profiles.x.enable
Whether to enable X profile.
type
boolean
example
{
my.profiles.x.enable = true;
}
default
{
my.profiles.x.enable = false;
}
boot.modprobe.enable
type
boolean
default
{
boot.modprobe.enable = false;
}
boot.modprobe.modules
type
attribute set of submodule
default
{
boot.modprobe.modules = {};
}
boot.modprobe.modules.<name>.aliases
type
list of string
default
{
boot.modprobe.modules.<name>.aliases = [];
}
boot.modprobe.modules.<name>.blacklist
type
boolean
default
{
boot.modprobe.modules.<name>.blacklist = false;
}
boot.modprobe.modules.<name>.extraConfig
type
strings concatenated with "\n"
default
{
boot.modprobe.modules.<name>.extraConfig = "";
}
boot.modprobe.modules.<name>.includeInInitrd
type
boolean
default
{
boot.modprobe.modules.<name>.includeInInitrd = true;
}
boot.modprobe.modules.<name>.installCommands
type
list of string
default
{
boot.modprobe.modules.<name>.installCommands = [];
}
boot.modprobe.modules.<name>.modprobeConfig
type
strings concatenated with "\n"
boot.modprobe.modules.<name>.moduleName
type
string
default
{
boot.modprobe.modules.<name>.moduleName = "‹name›";
}
boot.modprobe.modules.<name>.options
type
attribute set of unspecified
default
{
boot.modprobe.modules.<name>.options = {};
}
boot.modprobe.modules.<name>.removeCommands
type
list of string
default
{
boot.modprobe.modules.<name>.removeCommands = [];
}
fileSystems
type
attribute set of submodule
fileSystems.<name>.crypttab.enable
Whether to enable crypttab.
type
boolean
example
{
fileSystems.<name>.crypttab.enable = true;
}
default
{
fileSystems.<name>.crypttab.enable = false;
}
fileSystems.<name>.crypttab.options
type
list of string
default
{
fileSystems.<name>.crypttab.options = [
"luks"
];
}
hardware.pulseaudio.bluetooth.enable
Whether to enable pulseaudio bluetooth.
type
boolean
example
{
hardware.pulseaudio.bluetooth.enable = true;
}
default
{
hardware.pulseaudio.bluetooth.enable = false;
}
hardware.pulseaudio.bluetooth.provider
type
one of "auto", "native", "ofono"
default
{
hardware.pulseaudio.bluetooth.provider = "native";
}
hardware.pulseaudio.clearDefaults
type
boolean
default
{
hardware.pulseaudio.clearDefaults = false;
}
hardware.pulseaudio.defaults.sink
type
null or string
default
{
hardware.pulseaudio.defaults.sink = null;
}
hardware.pulseaudio.defaults.source
type
null or string
default
{
hardware.pulseaudio.defaults.source = null;
}
hardware.pulseaudio.loadModule
type
list of submodule or string convertible to it
default
{
hardware.pulseaudio.loadModule = [];
}
hardware.pulseaudio.loadModule.*.module
type
string
hardware.pulseaudio.loadModule.*.opts
type
attribute set of null or string or signed integer or boolean or floating point number or attribute set of null or string or signed integer or boolean or floating point number or list of null or string or signed integer or boolean or floating point number
default
{
hardware.pulseaudio.loadModule.*.opts = {};
}
hardware.pulseaudio.samples
type
attribute set of path
default
{
hardware.pulseaudio.samples = {};
}
hardware.pulseaudio.x11bell.enable
Whether to enable x11bell.
type
boolean
example
{
hardware.pulseaudio.x11bell.enable = true;
}
default
{
hardware.pulseaudio.x11bell.enable = false;
}
hardware.pulseaudio.x11bell.display
type
string
default
{
hardware.pulseaudio.x11bell.display = ":0";
}
hardware.pulseaudio.x11bell.sample
type
string
default
{
hardware.pulseaudio.x11bell.sample = "x11-bell";
}
hardware.pulseaudio.x11bell.samplePath
type
path
default
{
hardware.pulseaudio.x11bell.samplePath = "${pkgs.sound-theme-freedesktop}/share/sounds/freedesktop/stereo/message.oga";
}
home.shell.aliases
type
attribute set of string
default
{
home.shell.aliases = {};
}
home.shell.functions
type
attribute set of strings concatenated with "\n"
default
{
home.shell.functions = {};
}
programs.bash.localVariables
type
attribute set of string
default
{
programs.bash.localVariables = {};
}
programs.filebin.enable
Whether to enable filebin path monitor.
type
boolean
example
{
programs.filebin.enable = true;
}
default
{
programs.filebin.enable = false;
}
programs.filebin.config
type
attribute set of string
default
{
programs.filebin.config = {};
}
programs.filebin.extraConfig
type
strings concatenated with "\n"
default
{
programs.filebin.extraConfig = "";
}
programs.filebin.extraConfigFiles
type
list of path
default
{
programs.filebin.extraConfigFiles = [];
}
programs.git.bitbucket.enable
type
boolean
default
{
programs.git.bitbucket.enable = true;
}
programs.git.bitbucket.sharedRepos
type
attribute set of submodule
default
{
programs.git.bitbucket.sharedRepos = {};
}
programs.git.bitbucket.sharedRepos.<name>.user
User to reference from programs.git.bitbucket.users
type
string
programs.git.bitbucket.teams
type
attribute set of submodule
default
{
programs.git.bitbucket.teams = {};
}
programs.git.bitbucket.teams.<name>.user
User to reference from programs.git.bitbucket.users
type
string
programs.git.bitbucket.users
type
attribute set of submodule
default
{
programs.git.bitbucket.users = {};
}
programs.git.bitbucket.users.<name>.email
git commit email address
type
null or string
default
{
programs.git.bitbucket.users.<name>.email = null;
}
programs.git.bitbucket.users.<name>.id
Bitbucket user ID
type
null or string
default
{
programs.git.bitbucket.users.<name>.id = null;
}
programs.git.bitbucket.users.<name>.name
git commit name
type
null or string
default
{
programs.git.bitbucket.users.<name>.name = null;
}
programs.git.bitbucket.users.<name>.signingKey
GPG signing key
type
null or string
default
{
programs.git.bitbucket.users.<name>.signingKey = null;
}
programs.git.bitbucket.users.<name>.sshKeyPrivate
SSH Key
type
null or path
default
{
programs.git.bitbucket.users.<name>.sshKeyPrivate = null;
}
programs.git.bitbucket.users.<name>.sshKeyPublic
SSH Key
type
null or path
default
{
programs.git.bitbucket.users.<name>.sshKeyPublic = null;
}
programs.git.bitbucket.users.<name>.username
Bitbucket user name
type
string
default
{
programs.git.bitbucket.users.<name>.username = "‹name›";
}
programs.git.configEmail
type
attribute set of submodule
default
{
programs.git.configEmail = {};
}
programs.git.configEmail.<name>.aliases
git-config-email short name aliases
type
list of string
default
{
programs.git.configEmail.<name>.aliases = [];
}
programs.git.configEmail.<name>.email
git commit email address
type
string
programs.git.configEmail.<name>.name
git commit full name
type
string
programs.git.configEmail.<name>.signingKey
git-config-email GPG signing key
type
null or string
default
{
programs.git.configEmail.<name>.signingKey = null;
}
programs.git.gitHub.enable
type
boolean
default
{
programs.git.gitHub.enable = true;
}
programs.git.gitHub.orgs
type
attribute set of submodule
default
{
programs.git.gitHub.orgs = {};
}
programs.git.gitHub.orgs.<name>.user
User to reference from programs.git.gitHub.users
type
string
programs.git.gitHub.sharedRepos
type
attribute set of submodule
default
{
programs.git.gitHub.sharedRepos = {};
}
programs.git.gitHub.sharedRepos.<name>.user
User to reference from programs.git.gitHub.users
type
string
programs.git.gitHub.users
type
attribute set of submodule
default
{
programs.git.gitHub.users = {};
}
programs.git.gitHub.users.<name>.email
git commit email address
type
null or string
default
{
programs.git.gitHub.users.<name>.email = null;
}
programs.git.gitHub.users.<name>.keysHash
Fixed-output derivation hash
type
string
programs.git.gitHub.users.<name>.name
git commit name
type
null or string
default
{
programs.git.gitHub.users.<name>.name = null;
}
programs.git.gitHub.users.<name>.signingKey
GPG signing key
type
null or string
default
{
programs.git.gitHub.users.<name>.signingKey = null;
}
programs.git.gitHub.users.<name>.sshKeyPrivate
SSH Key
type
null or path
default
{
programs.git.gitHub.users.<name>.sshKeyPrivate = null;
}
programs.git.gitHub.users.<name>.sshKeyPublic
SSH Key
type
null or path
default
{
programs.git.gitHub.users.<name>.sshKeyPublic = null;
}
programs.imv.enable
Whether to enable imv image viewer.
type
boolean
example
{
programs.imv.enable = true;
}
default
{
programs.imv.enable = false;
}
programs.imv.package
type
package
default
{
programs.imv.package = "pkgs.imv";
}
programs.imv.aliases
type
attribute set of string
default
{
programs.imv.aliases = {};
}
programs.imv.config
type
attribute set of null or boolean or signed integer or string or string
programs.imv.config.background
type
null or value "checks" (singular enum) or string
default
{
programs.imv.config.background = "000000";
}
programs.imv.config.fullscreen
type
null or boolean
default
{
programs.imv.config.fullscreen = "false";
}
programs.imv.config.height
type
null or signed integer
default
{
programs.imv.config.height = "720";
}
programs.imv.config.list_files_at_exit
type
null or boolean
default
{
programs.imv.config.list_files_at_exit = "false";
}
programs.imv.config.loop_input
type
null or boolean
default
{
programs.imv.config.loop_input = "true";
}
programs.imv.config.recursively
type
null or boolean
default
{
programs.imv.config.recursively = "false";
}
programs.imv.config.scaling_mode
type
null or one of "none", "shrink", "full", "crop"
default
{
programs.imv.config.scaling_mode = "full";
}
programs.imv.config.slideshow_duration
type
null or signed integer
default
{
programs.imv.config.slideshow_duration = "0";
}
programs.imv.config.suppress_default_binds
type
null or boolean
default
{
programs.imv.config.suppress_default_binds = "false";
}
programs.imv.config.title_text
type
null or string
default
{
programs.imv.config.title_text = null;
}
programs.imv.config.upscaling_method
type
null or one of "linear", "nearest_neighbour"
default
{
programs.imv.config.upscaling_method = "linear";
}
programs.imv.config.width
type
null or signed integer
default
{
programs.imv.config.width = "1280";
}
programs.imv.configContent
type
attribute set of attribute set of INI atom (null, bool, int, float or string)
programs.imv.initialPan.x
type
signed integer
default
{
programs.imv.initialPan.x = "50%";
}
programs.imv.initialPan.y
type
signed integer
default
{
programs.imv.initialPan.y = "50%";
}
programs.imv.overlay.enable
type
null or boolean
default
{
programs.imv.overlay.enable = "false";
}
programs.imv.overlay.alpha
type
null or 8 bit unsigned integer; between 0 and 255 (both inclusive)
default
{
programs.imv.overlay.alpha = "0xff";
}
programs.imv.overlay.backgroundAlpha
type
null or 8 bit unsigned integer; between 0 and 255 (both inclusive)
default
{
programs.imv.overlay.backgroundAlpha = "0xc3";
}
programs.imv.overlay.backgroundColor
type
null or string
default
{
programs.imv.overlay.backgroundColor = "000000";
}
programs.imv.overlay.color
type
null or string
default
{
programs.imv.overlay.color = "ffffff";
}
programs.imv.overlay.font
type
null or string
default
{
programs.imv.overlay.font = "Monospace:24";
}
programs.imv.overlay.position
type
null or one of "bottom", "top"
default
{
programs.imv.overlay.position = "top";
}
programs.imv.overlay.text
type
null or string
default
{
programs.imv.overlay.text = null;
}
programs.kakoune.colors
kakoune color schemes
type
list of path
default
{
programs.kakoune.colors = [];
}
programs.kakoune.pluginsExt
kakoune plugins
type
list of package
default
{
programs.kakoune.pluginsExt = [];
}
programs.less.enable
Whether to enable less.
type
boolean
example
{
programs.less.enable = true;
}
default
{
programs.less.enable = false;
}
programs.less.lesskey.extraConfig
type
strings concatenated with "\n"
default
{
programs.less.lesskey.extraConfig = "";
}
programs.ncmpcpp.mpdHost
type
null or string
default
{
programs.ncmpcpp.mpdHost = null;
}
programs.ncmpcpp.mpdPassword
type
null or string
default
{
programs.ncmpcpp.mpdPassword = null;
}
programs.ncmpcpp.mpdPort
type
null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
programs.ncmpcpp.mpdPort = null;
}
programs.ncpamixer.enable
Whether to enable ncpamixer.
type
boolean
example
{
programs.ncpamixer.enable = true;
}
default
{
programs.ncpamixer.enable = false;
}
programs.ncpamixer.extraConfig
type
attribute set of string or signed integer or boolean
default
{
programs.ncpamixer.extraConfig = {};
}
programs.ncpamixer.keybinds
type
attribute set of one of "switch", "select", "quit", "dropdown", "quit", "mute", "set_default", "volume_up", "volume_down", "volume_up", "volume_down", "move_up", "move_down", "move_up", "move_down", "page_up", "page_down", "tab_next", "tab_prev", "tab_playback", "tab_recording", "tab_output", "tab_input", "tab_config", "tab_playback", "tab_recording", "tab_output", "tab_input", "tab_config", "move_last", "move_first", "set_volume_0", "set_volume_10", "set_volume_20", "set_volume_30", "set_volume_40", "set_volume_50", "set_volume_60", "set_volume_70", "set_volume_80", "set_volume_90", "set_volume_100"
default
{
programs.ncpamixer.keybinds = {};
}
programs.ncpamixer.theme
type
string
default
{
programs.ncpamixer.theme = "default";
}
programs.ncpamixer.themes
type
attribute set of attribute set of string or signed integer or boolean
default
{
programs.ncpamixer.themes = {};
}
programs.pulsemixer.enable
Whether to enable pulsemixer.
type
boolean
example
{
programs.pulsemixer.enable = true;
}
default
{
programs.pulsemixer.enable = false;
}
programs.pulsemixer.package
type
package
default
{
programs.pulsemixer.package = "pkgs.pulsemixer";
}
programs.pulsemixer.config.general
type
attribute set of signed integer or string or boolean
default
{
programs.pulsemixer.config.general = {};
}
programs.pulsemixer.config.renames
type
attribute set of string
default
{
programs.pulsemixer.config.renames = {};
}
programs.pulsemixer.config.style
type
attribute set of string
default
{
programs.pulsemixer.config.style = {};
}
programs.pulsemixer.config.ui
type
attribute set of signed integer or string or boolean
default
{
programs.pulsemixer.config.ui = {};
}
programs.pulsemixer.configContent
type
attribute set of attribute set of INI atom (null, bool, int, float or string)
programs.rustfmt.enable
Whether to enable rustfmt.
type
boolean
example
{
programs.rustfmt.enable = true;
}
default
{
programs.rustfmt.enable = false;
}
programs.rustfmt.package
type
null or package
default
{
programs.rustfmt.package = "pkgs.rustfmt";
}
programs.rustfmt.config
type
attribute set
default
{
programs.rustfmt.config = {};
}
programs.rustfmt.extraConfig
type
strings concatenated with "\n"
default
{
programs.rustfmt.extraConfig = "";
}
programs.ssh.knownHosts
SSH host keys to allow connections to
type
list of string
default
{
programs.ssh.knownHosts = [];
}
programs.ssh.strictHostKeyChecking
Decide how keys are automatically added to known_hosts
type
one of "yes", "ask", "accept-new", "no"
default
{
programs.ssh.strictHostKeyChecking = "ask";
}
programs.syncplay.enable
Whether to enable syncplay.
type
boolean
example
{
programs.syncplay.enable = true;
}
default
{
programs.syncplay.enable = false;
}
programs.syncplay.package
type
package
example
{
programs.syncplay.package = "pkgs.syncplay-cli";
}
default
{
programs.syncplay.package = "pkgs.syncplay";
}
programs.syncplay.args
type
list of string
default
{
programs.syncplay.args = "[ "--no-store" ]";
}
programs.syncplay.config
type
attribute set of attribute set of null or boolean or signed integer or floating point number or string or list of string or attribute set of null or boolean or signed integer or floating point number or string or list of string
default
{
programs.syncplay.config = {};
}
programs.syncplay.configIni
type
strings concatenated with "\n"
programs.syncplay.defaultRoom
type
null or string
default
{
programs.syncplay.defaultRoom = null;
}
programs.syncplay.extraConfig
type
strings concatenated with "\n"
default
{
programs.syncplay.extraConfig = "";
}
programs.syncplay.gui
type
boolean
default
{
programs.syncplay.gui = true;
}
programs.syncplay.player
type
path
default
{
programs.syncplay.player = "${pkgs.mpv}/bin/mpv";
}
programs.syncplay.playerArgs
type
list of string
default
{
programs.syncplay.playerArgs = [];
}
programs.syncplay.server.host
type
null or string
default
{
programs.syncplay.server.host = null;
}
programs.syncplay.server.password
type
null or string
default
{
programs.syncplay.server.password = null;
}
programs.syncplay.server.port
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
programs.syncplay.server.port = 8999;
}
programs.syncplay.trustedDomains
type
list of string
programs.syncplay.username
type
string
default
{
programs.syncplay.username = "${config.home.username}";
}
programs.taskwarrior.activeContext
The active context applies a permanent filter to all task commands.
type
null or string
default
{
programs.taskwarrior.activeContext = null;
}
programs.taskwarrior.aliases
Provide an alternate name for a command.
type
attribute set of string
default
{
programs.taskwarrior.aliases = {
rm = "delete";
};
}
programs.taskwarrior.contexts
User-defined context filters.
type
attribute set of string
example
{
programs.taskwarrior.contexts = {
work = "project:work";
};
}
default
{
programs.taskwarrior.contexts = {};
}
programs.taskwarrior.reports
Specify custom taskwarrior reports.
type
attribute set of submodule
example
{
programs.taskwarrior.reports = {
_type = "literalExpression";
text = ''
{
short = {
description = "My custom filter";
filter = "status:pending +READY";
columns = [
{
label = "ID";
id = "id";
}
{
label = "Description";
id = "description";
format = "count";
}
{
id = "urgency";
label = "Urgency";
sort.order = "descending";
}
];
};
};
'';
};
}
default
{
programs.taskwarrior.reports = {};
}
programs.taskwarrior.reports.<name>.columns
The report's columns and their formatting specifiers.
type
list of submodule
programs.taskwarrior.reports.<name>.columns.*.format
Optional formatting specifier for the column value.
See the command 'task columns' for a full list of supported formats.
type
null or string
default
{
programs.taskwarrior.reports.<name>.columns.*.format = null;
}
programs.taskwarrior.reports.<name>.columns.*.id
Column value type name.
See the command 'task columns' for a full list of options and examples.
type
string
programs.taskwarrior.reports.<name>.columns.*.label
The label for the column that will be used when generating the report.
type
null or string
default
{
programs.taskwarrior.reports.<name>.columns.*.label = null;
}
programs.taskwarrior.reports.<name>.columns.*.sort
Set this to sort the report based on the value in this column.
type
null or submodule
default
{
programs.taskwarrior.reports.<name>.columns.*.sort = null;
}
programs.taskwarrior.reports.<name>.columns.*.sort.order
Column data sort order.
type
one of "ascending", "descending"
default
{
programs.taskwarrior.reports.<name>.columns.*.sort.order = "ascending";
}
programs.taskwarrior.reports.<name>.columns.*.sort.priority
The order in which the column is sorted, where zero is the highest priority.
Use this when the column display order differs from the sort order.
type
signed integer
default
{
programs.taskwarrior.reports.<name>.columns.*.sort.priority = 1000;
}
programs.taskwarrior.reports.<name>.columns.*.sort.visualBreak
Indicates that there are breaks after the column values change.
A listing break is simply a blank line that provides a visual grouping.
type
boolean
default
{
programs.taskwarrior.reports.<name>.columns.*.sort.visualBreak = false;
}
programs.taskwarrior.reports.<name>.dateFormat
Used by the 'due date' column.
See the DATES section in 'man 5 taskrc' for details.
type
null or string
default
{
programs.taskwarrior.reports.<name>.dateFormat = null;
}
programs.taskwarrior.reports.<name>.description
The description when running the 'task help' command.
type
null or string
default
{
programs.taskwarrior.reports.<name>.description = null;
}
programs.taskwarrior.reports.<name>.filter
Only tasks matching the filter criteria are displayed in the generated report.
type
null or string
default
{
programs.taskwarrior.reports.<name>.filter = null;
}
programs.taskwarrior.taskd.authorityCertificate
Specifies the path to the CA certificate in the event that your Taskserver is using a self-signed certificate.
type
null or path
default
{
programs.taskwarrior.taskd.authorityCertificate = null;
}
programs.taskwarrior.taskd.clientCertificate
Specifies the path to the client certificate used for identification with the Taskserver.
type
path
programs.taskwarrior.taskd.clientCredentials
User identification for the Taskserver, which includes a private key.
type
null or string
example
{
programs.taskwarrior.taskd.clientCredentials = "<organization>/<user>/<key>";
}
default
{
programs.taskwarrior.taskd.clientCredentials = null;
}
programs.taskwarrior.taskd.clientKey
Specifies the path to the client key used for encrypted communication with the Taskserver.
type
path
programs.taskwarrior.taskd.server
Specifies the hostname and port of the Taskserver.
Hostname may be an IPv4 or IPv6 address, or domain. Port is an integer.
type
null or string
example
{
programs.taskwarrior.taskd.server = "host.name:53589";
}
default
{
programs.taskwarrior.taskd.server = null;
}
programs.taskwarrior.taskd.trust
This settings allows you to override the trust level when server certificates are validated.
With 'allow all', the server certificate is trusted automatically.
With 'ignore hostname', the server certificate is verified but the hostname is ignored.
With 'strict', the server certificate is verified.
type
one of "strict", "ignore hostname", "allow all"
default
{
programs.taskwarrior.taskd.trust = "strict";
}
programs.taskwarrior.userDefinedAttributes
Custom UDA definitions.
type
attribute set of submodule
default
{
programs.taskwarrior.userDefinedAttributes = {};
}
programs.taskwarrior.userDefinedAttributes.<name>.color
Color any task that has this attribute.
type
null or submodule
default
{
programs.taskwarrior.userDefinedAttributes.<name>.color = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.color.background
Background color.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.color.background = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.color.foreground
Foreground color.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.color.foreground = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.default
Default value when using the 'task add' command.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.default = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.indicator
The character or string to show in the 'uda.indicator' report column.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.indicator = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.label
A default report label for the attribute.
type
string
programs.taskwarrior.userDefinedAttributes.<name>.noneColor
Color any task that does not have this attribute.
type
null or submodule
default
{
programs.taskwarrior.userDefinedAttributes.<name>.noneColor = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.noneColor.background
Background color.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.noneColor.background = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.noneColor.foreground
Foreground color.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.noneColor.foreground = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.type
The value type of the attribute.
type
one of "string", "numeric", "date", "duration"
programs.taskwarrior.userDefinedAttributes.<name>.urgencyCoefficient
Task urgency coefficient based on the presence of this attribute.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.urgencyCoefficient = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.values
A list of acceptable values for a string attribute.
type
list of submodule
default
{
programs.taskwarrior.userDefinedAttributes.<name>.values = [];
}
programs.taskwarrior.userDefinedAttributes.<name>.values.*.color
Color any task that has this value.
type
null or submodule
default
{
programs.taskwarrior.userDefinedAttributes.<name>.values.*.color = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.values.*.color.background
Background color.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.values.*.color.background = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.values.*.color.foreground
Foreground color.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.values.*.color.foreground = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.values.*.urgencyCoefficient
Task urgency coefficient used when this value is set.
type
null or string
default
{
programs.taskwarrior.userDefinedAttributes.<name>.values.*.urgencyCoefficient = null;
}
programs.taskwarrior.userDefinedAttributes.<name>.values.*.value
Acceptable attribute value.
type
string
services.filebin.enable
Whether to enable filebin path monitor.
type
boolean
example
{
services.filebin.enable = true;
}
default
{
services.filebin.enable = false;
}
services.filebin.notify
type
boolean
default
{
services.filebin.notify = true;
}
services.filebin.path
type
path
default
{
services.filebin.path = "/run/filebin";
}
services.filebin.user
type
null or string
default
{
services.filebin.user = null;
}
services.konawall.enable
Whether to enable enable konawall.
type
boolean
example
{
services.konawall.enable = true;
}
default
{
services.konawall.enable = false;
}
services.konawall.package
type
package
default
{
services.konawall.package = {
drvPath = "konawall-rs-0.1.0";
name = "konawall-rs-0.1.0";
outPath = "konawall-rs-0.1.0";
type = "derivation";
};
}
services.konawall.commonTags
type
list of string
default
{
services.konawall.commonTags = [
"score:>=200"
"width:>=1600"
];
}
services.konawall.interval
How often to rotate backgrounds (specify as a systemd interval)
type
null or string
example
{
services.konawall.interval = "20m";
}
default
{
services.konawall.interval = null;
}
services.konawall.konashow
type
package
default
{
services.konawall.konashow = {
drvPath = "konashow";
name = "konashow";
outPath = "konashow";
type = "derivation";
};
}
services.konawall.mode
type
one of "random", "shuffle", "map"
default
{
services.konawall.mode = "random";
}
services.konawall.tagList
type
list of list of string
default
{
services.konawall.tagList = [
[
"nobody"
]
];
}
services.konawall.tags
type
list of string
default
{
services.konawall.tags = [
"nobody"
];
}
services.lorri.useNix
type
boolean
default
{
services.lorri.useNix = true;
}
services.mosh.enable
Whether to enable mosh-server.
type
boolean
example
{
services.mosh.enable = true;
}
default
{
services.mosh.enable = false;
}
services.mosh.package
type
package
default
{
services.mosh.package = "pkgs.mosh";
}
services.mosh.extraArguments
type
list of string
default
{
services.mosh.extraArguments = [];
}
services.mosh.ports.from
type
null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
services.mosh.ports.from = "30000";
}
default
{
services.mosh.ports.from = null;
}
services.mosh.ports.to
type
null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
services.mosh.ports.to = "40000";
}
default
{
services.mosh.ports.to = null;
}
services.offlineimap.enable
Whether to enable offlineimap sync.
type
boolean
example
{
services.offlineimap.enable = true;
}
default
{
services.offlineimap.enable = false;
}
services.offlineimap.package
type
package
default
{
services.offlineimap.package = "pkgs.offlineimap";
}
services.offlineimap.period
Periodic sync only
type
null or string
example
{
services.offlineimap.period = "hourly";
}
default
{
services.offlineimap.period = null;
}
services.sshd.authorizedKeys
SSH public keys to allow logins from
type
list of string
default
{
services.sshd.authorizedKeys = [];
}
systemd.package
type
package
default
{
systemd.package = "pkgs.systemd";
}
systemd.watchdog.enable
Whether to enable runtime watchdog.
type
boolean
example
{
systemd.watchdog.enable = true;
}
default
{
systemd.watchdog.enable = false;
}
systemd.watchdog.rebootTimeout
type
null or string
default
{
systemd.watchdog.rebootTimeout = "10min";
}
systemd.watchdog.timeout
type
string
default
{
systemd.watchdog.timeout = "60s";
}
xdg.userDirs.absolute
type
attribute set of path
xcompose.enable
Whether to enable Enable user XCompose configuration.
type
boolean
example
{
xcompose.enable = true;
}
default
{
xcompose.enable = false;
}
xcompose.rules
User compose rules.
type
list of submodule or submodule or submodule
example
{
xcompose.rules = {
_type = "literalExpression";
text = ''
let
ruleOn = rule: events: rule // { inherit events; };
minusOn = ruleOn
{ result = { string = "−"; keysym = "U2212"; };
comment = "MINUS SIGN"; };
in [
{ include = "%L"; }
{ commentLines = ""; } # blank line
(minusOn [ "<Multi_key>" "<underscore>" "<minus>" ])
(minusOn [ "<Multi_key>" "<minus>" "<underscore>" ])
]
'';
};
}
default
{
xcompose.rules = [];
}
programs.lsd.enable
Whether to enable
type
boolean
example
{
programs.lsd.enable = true;
}
default
{
programs.lsd.enable = false;
}
programs.deadd-notification-center.enable
Whether to enable deadd notification center.
type
boolean
example
{
programs.deadd-notification-center.enable = true;
}
default
{
programs.deadd-notification-center.enable = false;
}
programs.deadd-notification-center.package
Package to use. Binary is expected to be called "deadd-notification-center".
type
package
default
{
programs.deadd-notification-center.package = "pkgs.deadd-notification-center";
}
programs.deadd-notification-center.settings
Settings for the notification center. More information about the settings can be found on the project's homepage.
type
TOML value
example
{
programs.deadd-notification-center.settings = {
_type = "literalExpression";
text = ''
{
notification-center = {
marginTop = 30;
width = 500;
};
notification-center-notification-popup = {
width = 300;
shortenBody = 3;
};
colors = {
background = "rgba(29, 27, 20, 0.7)";
notiBackground = "rgba(9, 0, 0, 0.6)";
};
}
'';
};
}
default
{
programs.deadd-notification-center.settings = {};
}
programs.deadd-notification-center.systemd.enable
Whether to enable deadd notification center systemd service.
type
boolean
example
{
programs.deadd-notification-center.systemd.enable = true;
}
default
{
programs.deadd-notification-center.systemd.enable = false;
}
programs.workrave.enable
Whether to enable Workrave.
type
boolean
example
{
programs.workrave.enable = true;
}
default
{
programs.workrave.enable = false;
}
programs.workrave.blockMode
0 = No blocking 1 = Block input 2 = Block input and screen
type
signed integer
default
{
programs.workrave.blockMode = 1;
}
programs.workrave.dailyLimit.enable
type
boolean
default
{
programs.workrave.dailyLimit.enable = true;
}
programs.workrave.dailyLimit.ignorable
type
boolean
default
{
programs.workrave.dailyLimit.ignorable = true;
}
programs.workrave.dailyLimit.limit
type
signed integer
default
{
programs.workrave.dailyLimit.limit = 14400;
}
programs.workrave.dailyLimit.skippable
type
boolean
default
{
programs.workrave.dailyLimit.skippable = true;
}
programs.workrave.dailyLimit.snooze
type
signed integer
default
{
programs.workrave.dailyLimit.snooze = 1200;
}
programs.workrave.extraConfig
type
attribute set
default
{
programs.workrave.extraConfig = {};
}
programs.workrave.gui.applet
type
boolean
default
{
programs.workrave.gui.applet = true;
}
programs.workrave.gui.mainWindow
type
boolean
default
{
programs.workrave.gui.mainWindow = true;
}
programs.workrave.gui.trayIcon
type
boolean
default
{
programs.workrave.gui.trayIcon = true;
}
programs.workrave.microPause.enable
type
boolean
default
{
programs.workrave.microPause.enable = true;
}
programs.workrave.microPause.autoReset
type
signed integer
default
{
programs.workrave.microPause.autoReset = 30;
}
programs.workrave.microPause.ignorable
type
boolean
default
{
programs.workrave.microPause.ignorable = true;
}
programs.workrave.microPause.limit
type
signed integer
default
{
programs.workrave.microPause.limit = 300;
}
programs.workrave.microPause.skippable
type
boolean
default
{
programs.workrave.microPause.skippable = true;
}
programs.workrave.microPause.snooze
type
signed integer
default
{
programs.workrave.microPause.snooze = 150;
}
programs.workrave.restBreak.enable
type
boolean
default
{
programs.workrave.restBreak.enable = true;
}
programs.workrave.restBreak.autoReset
type
signed integer
default
{
programs.workrave.restBreak.autoReset = 60;
}
programs.workrave.restBreak.ignorable
type
boolean
default
{
programs.workrave.restBreak.ignorable = true;
}
programs.workrave.restBreak.limit
type
signed integer
default
{
programs.workrave.restBreak.limit = 2700;
}
programs.workrave.restBreak.skippable
type
boolean
default
{
programs.workrave.restBreak.skippable = true;
}
programs.workrave.restBreak.snooze
type
signed integer
default
{
programs.workrave.restBreak.snooze = 180;
}
programs.workrave.sound.enable
type
boolean
default
{
programs.workrave.sound.enable = true;
}
programs.workrave.sound.volume
type
signed integer
default
{
programs.workrave.sound.volume = 100;
}
services.apt-cacher-ng.enable
Whether to enable apt-cacher-ng.
type
boolean
example
{
services.apt-cacher-ng.enable = true;
}
default
{
services.apt-cacher-ng.enable = false;
}
services.apt-cacher-ng.enableNixCache
enable cache.nixos.org caching via PfilePatternEx and VfilePatternEx.
to use the apt-cacher-ng in your nixos configuration: nix.binary-cache = [ http://acng-host:port/nixos ];
These options cannot be used in extraConfig, use SVfilePattern and SPfilePattern or disable this option.
type
boolean
default
{
services.apt-cacher-ng.enableNixCache = true;
}
services.apt-cacher-ng.bindAddress
listen address of apt-cacher-ng. Defaults to every interface.
type
string
example
{
services.apt-cacher-ng.bindAddress = "localhost 192.168.7.254 publicNameOnMainInterface";
}
default
{
services.apt-cacher-ng.bindAddress = "";
}
services.apt-cacher-ng.cacheDir
Path to apt-cacher-ng cache directory. Will be created and chowned to acng-user
type
string
default
{
services.apt-cacher-ng.cacheDir = "/var/cache/acng/cache";
}
services.apt-cacher-ng.cacheExpiration
number of days before packages expire in the cache without being requested.
type
signed integer
default
{
services.apt-cacher-ng.cacheExpiration = 4;
}
services.apt-cacher-ng.extraConfig
extra config appended to the generated acng.conf
type
strings concatenated with "\n"
default
{
services.apt-cacher-ng.extraConfig = "";
}
services.apt-cacher-ng.logDir
Path to apt-cacher-ng log directory. Will be created and chowned to acng-user
type
string
default
{
services.apt-cacher-ng.logDir = "/var/cache/acng/log";
}
services.apt-cacher-ng.port
port of apt-cacher-ng
type
signed integer
default
{
services.apt-cacher-ng.port = 3142;
}
services.check-battery.enable
Whether to enable Warn when battery is almost empty.
type
boolean
example
{
services.check-battery.enable = true;
}
default
{
services.check-battery.enable = false;
}
services.check-battery.interval
Interval in seconds at which battery level is checked.
type
string
default
{
services.check-battery.interval = "60";
}
services.check-battery.threshold
Must be formatted as 00:00:00
This is string compared to the level shown by acpi -b.
type
string
default
{
services.check-battery.threshold = "00:45:00";
}
services.etlegacy.enable
Whether to enable ET: legacy dedicated server.
type
boolean
example
{
services.etlegacy.enable = true;
}
default
{
services.etlegacy.enable = false;
}
services.etlegacy.package
etlegacy package to run
type
package
default
{
services.etlegacy.package = "pkgs.legacy";
}
services.etlegacy.bind
Bind on this network IP, it not specified will bind on all IP's.
type
null or string
default
{
services.etlegacy.bind = null;
}
services.etlegacy.configFile
The server's configuration file.
type
path
services.etlegacy.openFirewall
Whether to automatically open the specified UDP port in the firewall.
type
boolean
default
{
services.etlegacy.openFirewall = true;
}
services.etlegacy.port
The port to which the service should bind.
type
signed integer
default
{
services.etlegacy.port = 27960;
}
services.etlegacy.stateDirName
Name of the directory under /var/lib holding the server's data.
type
string
default
{
services.etlegacy.stateDirName = "etlegacy";
}
services.gnome-keyring-daemon.enable
Whether to enable GNOME Keyring.
type
boolean
example
{
services.gnome-keyring-daemon.enable = true;
}
default
{
services.gnome-keyring-daemon.enable = false;
}
services.gnome-keyring-daemon.components
The GNOME keyring components to start. If empty then the default set of components will be started.
type
list of one of "pkcs11", "secrets", "ssh"
default
{
services.gnome-keyring-daemon.components = [];
}
services.gnome-keyring-daemon.executable
The gnome-keyring-daemon needs to have the cap_ipc_lock capability, otherwise you get error messages like these: https://unix.stackexchange.com/questions/112030/gnome-keyring-daemon-insufficient-process-capabilities-unsecure-memory-might-g
NixOS can create the wrapper for you by enabling:
services.gnome3.keyring-daemon.enable = true;
If you're using sway you need to disable the PAM service, since then you need DBus to work:
security.pam.services.login.enableGnomeKeyring = mkForce false;
type
string
example
{
services.gnome-keyring-daemon.executable = "/run/wrappers/bin/gnome-keyring-daemon";
}
default
{
services.gnome-keyring-daemon.executable = "${pkgs.gnome3.gnome-keyring}/bin/gnome-keyring-daemon";
}
services.import-garmin-connect.enable
Whether to enable Import Garmin Connect.
type
boolean
example
{
services.import-garmin-connect.enable = true;
}
default
{
services.import-garmin-connect.enable = false;
}
services.import-garmin-connect.influx.db
type
string
default
{
services.import-garmin-connect.influx.db = "garmin";
}
services.import-garmin-connect.influx.host
type
string
example
{
services.import-garmin-connect.influx.host = "127.0.0.1";
}
default
{
services.import-garmin-connect.influx.host = "localhost";
}
services.import-garmin-connect.influx.port
type
signed integer
default
{
services.import-garmin-connect.influx.port = 8086;
}
services.import-garmin-connect.interval
OnCalendar specification
type
string
default
{
services.import-garmin-connect.interval = "hourly";
}
services.import-garmin-connect.profiles
Profiles
type
attribute set of submodule
services.import-garmin-connect.profiles.<name>.passwordFile
Password file
type
string
services.import-garmin-connect.profiles.<name>.profile
Profile name
type
string
services.import-garmin-connect.profiles.<name>.username
Username
type
string
services.mako.enable
Whether to enable Mako, lightweight notification daemon for Wayland .
type
boolean
example
{
services.mako.enable = true;
}
default
{
services.mako.enable = false;
}
services.mako.actions
Applications may request an action to be associated with activating a notification. Disabling this will cause mako to ignore these requests.
type
null or boolean
default
{
services.mako.actions = true;
}
services.mako.anchor
Show notifications at the specified position on the output. Supported values are top-right, top-center, top-left, bottom-right, bottom-center, bottom-left, and center.
type
null or one of "top-right", "top-center", "top-left", "bottom-right", "bottom-center", "bottom-left", "center"
default
{
services.mako.anchor = "top-right";
}
services.mako.backgroundColor
Set popup background color to a specific color, represented in hex color code.
type
null or string
default
{
services.mako.backgroundColor = "#285577FF";
}
services.mako.borderColor
Set popup border color to a specific color, represented in hex color code.
type
null or string
default
{
services.mako.borderColor = "#4C7899FF";
}
services.mako.borderRadius
Set popup corner radius to the specified number of pixels.
type
null or signed integer
default
{
services.mako.borderRadius = 0;
}
services.mako.borderSize
Set popup border size to the specified number of pixels.
type
null or signed integer
default
{
services.mako.borderSize = 1;
}
services.mako.defaultTimeout
Set the default timeout to timeout in milliseconds. To disable the timeout, set it to zero.
type
null or signed integer
default
{
services.mako.defaultTimeout = 0;
}
services.mako.font
Font to use, in Pango format.
type
null or string
default
{
services.mako.font = "monospace 10";
}
services.mako.format
Set notification format string to format. See FORMAT SPECIFIERS for more information. To change this for grouped notifications, set it within a grouped criteria.
type
null or string
default
{
services.mako.format = "<b>%s</b>\n%b";
}
services.mako.groupBy
A comma-separated list of criteria fields that will be compared to other visible notifications to determine if this one should form a group with them. All listed criteria must be exactly equal for two notifications to group.
type
null or string
default
{
services.mako.groupBy = null;
}
services.mako.height
Set maximum height of notification popups. Notifications whose text takes up less space are shrunk to fit.
type
null or signed integer
default
{
services.mako.height = 100;
}
services.mako.iconPath
Paths to search for icons when a notification specifies a name
instead of a full path. Colon-delimited. This approximates the search
algorithm used by the XDG Icon Theme Specification, but does not
support any of the theme metadata. Therefore, if you want to search
parent themes, you'll need to add them to the path manually.
type
null or string
default
{
services.mako.iconPath = null;
}
services.mako.icons
Whether or not to show icons in notifications.
type
null or boolean
default
{
services.mako.icons = true;
}
services.mako.ignoreTimeout
If set, mako will ignore the expire timeout sent by notifications and use the one provided by default-timeout instead.
type
null or boolean
default
{
services.mako.ignoreTimeout = false;
}
services.mako.layer
Arrange mako at the specified layer, relative to normal windows. Supported values are background, bottom, top, and overlay. Using overlay will cause notifications to be displayed above fullscreen windows, though this may also occur at top depending on your compositor.
type
null or one of "background", "bottom", "top", "overlay"
default
{
services.mako.layer = "top";
}
services.mako.margin
Set margin of each edge specified in pixels. Specify single value to apply margin on all sides. Two comma-seperated values will set vertical and horizontal edges seperately. Four comma-seperated will give each edge a seperate value. For example: 10,20,5 will set top margin to 10, left and right to 20 and bottom to five.
type
null or string
default
{
services.mako.margin = "10";
}
services.mako.markup
If 1, enable Pango markup. If 0, disable Pango markup. If enabled, Pango markup will be interpreted in your format specifier and in the body of notifications.
type
null or boolean
default
{
services.mako.markup = true;
}
services.mako.maxIconSize
Set maximum icon size to the specified number of pixels.
type
null or signed integer
default
{
services.mako.maxIconSize = 64;
}
services.mako.maxVisible
Set maximum number of visible notifications. Set -1 to show all.
type
null or signed integer
default
{
services.mako.maxVisible = 5;
}
services.mako.output
Show notifications on the specified output. If empty, notifications will appear on the focused output. Requires the compositor to support the Wayland protocol xdg-output-unstable-v1 version 2.
type
null or string
default
{
services.mako.output = null;
}
services.mako.padding
Set padding of each edge specified in pixels. Specify single value to apply margin on all sides. Two comma-seperated values will set vertical and horizontal edges seperately. Four comma-seperated will give each edge a seperate value. For example: 10,20,5 will set top margin to 10, left and right to 20 and bottom to five.
type
null or string
default
{
services.mako.padding = "5";
}
services.mako.progressColor
Set popup progress indicator color to a specific color,
represented in hex color code. To draw the progress
indicator on top of the background color, use the
type
null or string
default
{
services.mako.progressColor = "over #5588AAFF";
}
services.mako.sections
type
list of submodule
services.mako.sections.*.actions
Applications may request an action to be associated with activating a notification. Disabling this will cause mako to ignore these requests.
type
null or boolean
default
{
services.mako.sections.*.actions = null;
}
services.mako.sections.*.backgroundColor
Set popup background color to a specific color, represented in hex color code.
type
null or string
default
{
services.mako.sections.*.backgroundColor = null;
}
services.mako.sections.*.borderColor
Set popup border color to a specific color, represented in hex color code.
type
null or string
default
{
services.mako.sections.*.borderColor = null;
}
services.mako.sections.*.borderRadius
Set popup corner radius to the specified number of pixels.
type
null or signed integer
default
{
services.mako.sections.*.borderRadius = null;
}
services.mako.sections.*.borderSize
Set popup border size to the specified number of pixels.
type
null or signed integer
default
{
services.mako.sections.*.borderSize = null;
}
services.mako.sections.*.criteria
type
list of attribute set of string
example
{
services.mako.sections.*.criteria = "[]";
}
services.mako.sections.*.defaultTimeout
Set the default timeout to timeout in milliseconds. To disable the timeout, set it to zero.
type
null or signed integer
default
{
services.mako.sections.*.defaultTimeout = null;
}
services.mako.sections.*.font
Font to use, in Pango format.
type
null or string
default
{
services.mako.sections.*.font = null;
}
services.mako.sections.*.format
Set notification format string to format. See FORMAT SPECIFIERS for more information. To change this for grouped notifications, set it within a grouped criteria.
type
null or string
default
{
services.mako.sections.*.format = null;
}
services.mako.sections.*.groupBy
A comma-separated list of criteria fields that will be compared to other visible notifications to determine if this one should form a group with them. All listed criteria must be exactly equal for two notifications to group.
type
null or string
default
{
services.mako.sections.*.groupBy = null;
}
services.mako.sections.*.height
Set maximum height of notification popups. Notifications whose text takes up less space are shrunk to fit.
type
null or signed integer
default
{
services.mako.sections.*.height = null;
}
services.mako.sections.*.iconPath
Paths to search for icons when a notification specifies a name
instead of a full path. Colon-delimited. This approximates the search
algorithm used by the XDG Icon Theme Specification, but does not
support any of the theme metadata. Therefore, if you want to search
parent themes, you'll need to add them to the path manually.
type
null or string
default
{
services.mako.sections.*.iconPath = null;
}
services.mako.sections.*.icons
Whether or not to show icons in notifications.
type
null or boolean
default
{
services.mako.sections.*.icons = null;
}
services.mako.sections.*.ignoreTimeout
If set, mako will ignore the expire timeout sent by notifications and use the one provided by default-timeout instead.
type
null or boolean
default
{
services.mako.sections.*.ignoreTimeout = null;
}
services.mako.sections.*.margin
Set margin of each edge specified in pixels. Specify single value to apply margin on all sides. Two comma-seperated values will set vertical and horizontal edges seperately. Four comma-seperated will give each edge a seperate value. For example: 10,20,5 will set top margin to 10, left and right to 20 and bottom to five.
type
null or string
default
{
services.mako.sections.*.margin = null;
}
services.mako.sections.*.markup
If 1, enable Pango markup. If 0, disable Pango markup. If enabled, Pango markup will be interpreted in your format specifier and in the body of notifications.
type
null or boolean
default
{
services.mako.sections.*.markup = null;
}
services.mako.sections.*.maxIconSize
Set maximum icon size to the specified number of pixels.
type
null or signed integer
default
{
services.mako.sections.*.maxIconSize = null;
}
services.mako.sections.*.padding
Set padding of each edge specified in pixels. Specify single value to apply margin on all sides. Two comma-seperated values will set vertical and horizontal edges seperately. Four comma-seperated will give each edge a seperate value. For example: 10,20,5 will set top margin to 10, left and right to 20 and bottom to five.
type
null or string
default
{
services.mako.sections.*.padding = null;
}
services.mako.sections.*.progressColor
Set popup progress indicator color to a specific color,
represented in hex color code. To draw the progress
indicator on top of the background color, use the
type
null or string
default
{
services.mako.sections.*.progressColor = null;
}
services.mako.sections.*.textColor
Set popup text color to a specific color, represented in hex color code.
type
null or string
default
{
services.mako.sections.*.textColor = null;
}
services.mako.sections.*.width
Set width of notification popups in specified number of pixels.
type
null or signed integer
default
{
services.mako.sections.*.width = null;
}
services.mako.sort
Sorts incoming notifications by time and/or priority in ascending(+) or descending(-) order.
type
null or one of "+time", "-time", "+priority", "-priority"
default
{
services.mako.sort = "-time";
}
services.mako.textColor
Set popup text color to a specific color, represented in hex color code.
type
null or string
default
{
services.mako.textColor = "#FFFFFFFF";
}
services.mako.width
Set width of notification popups in specified number of pixels.
type
null or signed integer
default
{
services.mako.width = 300;
}
services.nginx.sso.enable
Whether to enable nginx-sso service.
type
boolean
example
{
services.nginx.sso.enable = true;
}
default
{
services.nginx.sso.enable = false;
}
services.nginx.sso.package
The nginx-sso package that should be used.
type
package
default
{
services.nginx.sso.package = "pkgs.nginx-sso";
}
services.nginx.sso.configuration
nginx-sso configuration (documentation) as a Nix attribute set.
type
attribute set of unspecified
example
{
services.nginx.sso.configuration = {
_type = "literalExpression";
text = ''
{
listen = { addr = "127.0.0.1"; port = 8080; };
providers.token.tokens = {
myuser = "MyToken";
};
acl = {
rule_sets = [
{
rules = [ { field = "x-application"; equals = "MyApp"; } ];
allow = [ "myuser" ];
}
];
};
}
'';
};
}
default
{
services.nginx.sso.configuration = {};
}
services.nginx.sso.secrets
Inserts values in the configuration yaml with the contents read from the secret file.
type
attribute set of path
example
{
services.nginx.sso.secrets = {
_type = "literalExpression";
text = ''
{
".cookie.authentication_key" = "/secrets/nginx-sso/authentication_key";
}
'';
};
}
default
{
services.nginx.sso.secrets = {};
}
services.prometheus.nats-exporter.enable
Whether to enable the prometheus nats exporter.
type
boolean
example
{
services.prometheus.nats-exporter.enable = true;
}
default
{
services.prometheus.nats-exporter.enable = false;
}
services.prometheus.nats-exporter.extraFlags
Extra command line flags to pass to the exporter. See:
https://github.com/nats-io/prometheus-nats-exporter#usagetype
list of string
default
{
services.prometheus.nats-exporter.extraFlags = [];
}
services.prometheus.nats-exporter.listenAddress
Address to listen on.
type
string
default
{
services.prometheus.nats-exporter.listenAddress = "0.0.0.0";
}
services.prometheus.nats-exporter.port
Port to listen on.
type
signed integer
default
{
services.prometheus.nats-exporter.port = 7777;
}
services.prometheus.nats-exporter.url
NATS monitor endpoint to query.
type
string
default
{
services.prometheus.nats-exporter.url = "http://127.0.0.1:8222";
}
services.prometheus.nvme-collector.enable
Whether to enable the prometheus nvme collector.
type
boolean
example
{
services.prometheus.nvme-collector.enable = true;
}
default
{
services.prometheus.nvme-collector.enable = false;
}
services.prometheus.nvme-collector.interval
Interval to collect nvme metrics on.
type
string
default
{
services.prometheus.nvme-collector.interval = "2m";
}
services.prometheus.nvme-collector.textfileDir
Textfile directory that node-exporter is watching
type
string
default
{
services.prometheus.nvme-collector.textfileDir = "/var/lib/prometheus/node-exporter/textfile";
}
services.prometheus.smartmon-collector.enable
Whether to enable the prometheus smartmon collector.
type
boolean
example
{
services.prometheus.smartmon-collector.enable = true;
}
default
{
services.prometheus.smartmon-collector.enable = false;
}
services.prometheus.smartmon-collector.interval
Interval to collect smartmon information on.
type
string
default
{
services.prometheus.smartmon-collector.interval = "2m";
}
services.prometheus.smartmon-collector.textfileDir
Textfile directory that node-exporter is watching
type
string
default
{
services.prometheus.smartmon-collector.textfileDir = "/var/lib/prometheus/node-exporter/textfile";
}
services.prometheus.unbound-exporter.enable
Whether to enable the prometheus unbound exporter.
type
boolean
example
{
services.prometheus.unbound-exporter.enable = true;
}
default
{
services.prometheus.unbound-exporter.enable = false;
}
services.prometheus.unbound-exporter.controlCert
type
string
services.prometheus.unbound-exporter.controlKey
type
string
services.prometheus.unbound-exporter.listenAddress
Address to listen on.
type
string
default
{
services.prometheus.unbound-exporter.listenAddress = "0.0.0.0";
}
services.prometheus.unbound-exporter.port
Port to listen on.
type
signed integer
default
{
services.prometheus.unbound-exporter.port = 9167;
}
services.prometheus.unbound-exporter.serverCA
type
string
services.random-wallpaper.enable
Whether to enable random desktop wallpaper.
type
boolean
example
{
services.random-wallpaper.enable = true;
}
default
{
services.random-wallpaper.enable = false;
}
services.random-wallpaper.altMapping
type
attribute set of list of string
example
{
services.random-wallpaper.altMapping = {
1080x1920 = [
"vertical"
];
1368x768 = [
"1920x1080"
];
};
}
default
{
services.random-wallpaper.altMapping = {};
}
services.random-wallpaper.backend
type
one of "xorg", "sway"
default
{
services.random-wallpaper.backend = "xorg";
}
services.random-wallpaper.directories
type
list of string
services.random-wallpaper.interval
The duration between changing wallpaper image, set to null to only set wallpaper when logging in. Should be formatted as a duration understood by systemd.
type
null or string
default
{
services.random-wallpaper.interval = null;
}
services.solaredge-influx.enable
Whether to enable Import Solaredge data into InfluxDB.
type
boolean
example
{
services.solaredge-influx.enable = true;
}
default
{
services.solaredge-influx.enable = false;
}
services.solaredge-influx.apiKeyFile
File path to the API key
type
string
services.solaredge-influx.energy.interval
OnUnitActiveSec specification
type
string
default
{
services.solaredge-influx.energy.interval = "15min";
}
services.solaredge-influx.energy.period
Period to scrape in minutes
type
signed integer
default
{
services.solaredge-influx.energy.period = 60;
}
services.solaredge-influx.influx.db
type
string
default
{
services.solaredge-influx.influx.db = "power";
}
services.solaredge-influx.influx.host
type
string
example
{
services.solaredge-influx.influx.host = "127.0.0.1";
}
default
{
services.solaredge-influx.influx.host = "localhost";
}
services.solaredge-influx.influx.port
type
signed integer
default
{
services.solaredge-influx.influx.port = 8086;
}
services.solaredge-influx.inverter.interval
OnUnitActiveSec specification
type
string
default
{
services.solaredge-influx.inverter.interval = "60min";
}
services.solaredge-influx.inverter.period
Period to scrape in minutes
type
signed integer
default
{
services.solaredge-influx.inverter.period = 120;
}
services.solaredge-influx.inverter.serial
Serial number of the inverter
type
string
services.solaredge-influx.power.interval
OnUnitActiveSec specification
type
string
default
{
services.solaredge-influx.power.interval = "15min";
}
services.solaredge-influx.power.period
Period to scrape in minutes
type
signed integer
default
{
services.solaredge-influx.power.period = 60;
}
services.solaredge-influx.siteId
Solaredge site id
type
signed integer
services.solaredge-influx.versionCheck.interval
OnCalendar specification
type
string
default
{
services.solaredge-influx.versionCheck.interval = "daily";
}
services.swayidle.enable
Whether to enable Idle manager for Wayland.
type
boolean
example
{
services.swayidle.enable = true;
}
default
{
services.swayidle.enable = false;
}
services.swayidle.events
type
list of submodule
example
{
services.swayidle.events = ''
[
{ event = "before-sleep"; command = "swaylock"; }
{ event = "lock"; command = "lock"; }
]
'';
}
default
{
services.swayidle.events = [];
}
services.swayidle.events.*.command
Command to run when event occurs
type
string
services.swayidle.events.*.event
type
one of "before-sleep", "after-resume", "lock", "unlock"
services.swayidle.extraArgs
type
list of string
default
{
services.swayidle.extraArgs = [];
}
services.swayidle.timeouts
type
list of submodule
default
{
services.swayidle.timeouts = [];
}
services.swayidle.timeouts.*.command
Command to run after timeout seconds of inactivity
type
string
services.swayidle.timeouts.*.resumeCommand
Command to run when there is activity again
type
null or string
default
{
services.swayidle.timeouts.*.resumeCommand = null;
}
services.swayidle.timeouts.*.timeout
Timeout in seconds
type
positive integer, meaning >0
example
{
services.swayidle.timeouts.*.timeout = 60;
}
services.wordpress
Specification of one or more WordPress sites to serve via NGINX.
type
attribute set of submodule
default
{
services.wordpress = {};
}
services.wordpress.<name>.package
Which WordPress package to use.
type
package
default
{
services.wordpress.<name>.package = {
drvPath = "wordpress-5.9.3";
name = "wordpress-5.9.3";
outPath = "wordpress-5.9.3";
type = "derivation";
};
}
services.wordpress.<name>.database.createLocally
Create the database and database user locally.
type
boolean
default
{
services.wordpress.<name>.database.createLocally = true;
}
services.wordpress.<name>.database.host
Database host address.
type
string
default
{
services.wordpress.<name>.database.host = "localhost";
}
services.wordpress.<name>.database.name
Database name.
type
string
default
{
services.wordpress.<name>.database.name = "wordpress";
}
services.wordpress.<name>.database.passwordFile
A file containing the password corresponding to
.type
null or path
example
{
services.wordpress.<name>.database.passwordFile = "/run/keys/wordpress-dbpassword";
}
default
{
services.wordpress.<name>.database.passwordFile = null;
}
services.wordpress.<name>.database.port
Database host port.
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
services.wordpress.<name>.database.port = 3306;
}
services.wordpress.<name>.database.socket
Path to the unix socket file to use for authentication.
type
null or path
default
{
services.wordpress.<name>.database.socket = "/run/mysqld/mysqld.sock";
}
services.wordpress.<name>.database.tablePrefix
The $table_prefix is the value placed in the front of your database tables. Change the value if you want to use something other than wp_ for your database prefix. Typically this is changed if you are installing multiple WordPress blogs in the same database.
See .
type
string
default
{
services.wordpress.<name>.database.tablePrefix = "wp_";
}
services.wordpress.<name>.database.user
Database user.
type
string
default
{
services.wordpress.<name>.database.user = "wordpress";
}
services.wordpress.<name>.extraConfig
Any additional text to be appended to the wp-config.php configuration file. This is a PHP script. For configuration settings, see .
type
strings concatenated with "\n"
example
{
services.wordpress.<name>.extraConfig = ''
define( 'AUTOSAVE_INTERVAL', 60 ); // Seconds
'';
}
default
{
services.wordpress.<name>.extraConfig = "";
}
services.wordpress.<name>.hostName
Hostname for this wordpress installation
type
string
example
{
services.wordpress.<name>.hostName = "wordpress.local";
}
services.wordpress.<name>.https
type
boolean
default
{
services.wordpress.<name>.https = true;
}
services.wordpress.<name>.maxUploadSize
Defines the upload limit for files. This changes the relevant options in php.ini and nginx if enabled.
type
string
default
{
services.wordpress.<name>.maxUploadSize = "128M";
}
services.wordpress.<name>.phpOptions
Options for PHP's php.ini file for nextcloud.
type
attribute set of string
default
{
services.wordpress.<name>.phpOptions = {
catch_workers_output = "yes";
display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
expose_php = "Off";
"opcache.enable_cli" = "1";
"opcache.fast_shutdown" = "1";
"opcache.interned_strings_buffer" = "8";
"opcache.max_accelerated_files" = "10000";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "1";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
short_open_tag = "Off";
};
}
services.wordpress.<name>.plugins
List of path(s) to respective plugin(s) which are copied from the 'plugins' directory.
type
list of path
example
{
services.wordpress.<name>.plugins = ''
# Wordpress plugin 'embed-pdf-viewer' installation example
embedPdfViewerPlugin = pkgs.stdenv.mkDerivation {
name = "embed-pdf-viewer-plugin";
# Download the theme from the wordpress site
src = pkgs.fetchurl {
url = "https://downloads.wordpress.org/plugin/embed-pdf-viewer.2.0.3.zip";
sha256 = "1rhba5h5fjlhy8p05zf0p14c9iagfh96y91r36ni0rmk6y891lyd";
};
# We need unzip to build this package
buildInputs = [ pkgs.unzip ];
# Installing simply means copying all files to the output directory
installPhase = "mkdir -p $out; cp -R * $out/";
};
And then pass this theme to the themes list like this:
plugins = [ embedPdfViewerPlugin ];
'';
}
default
{
services.wordpress.<name>.plugins = [];
}
services.wordpress.<name>.pluginsPath
Path to the directory containing the plugins. This option can't be used together with 'plugins'.
type
null or path
default
{
services.wordpress.<name>.pluginsPath = null;
}
services.wordpress.<name>.poolConfig
Options for the WordPress PHP pool. See the documentation on
type
attribute set of string or signed integer or boolean
default
{
services.wordpress.<name>.poolConfig = {
pm = "dynamic";
"pm.max_children" = 32;
"pm.max_requests" = 500;
"pm.max_spare_servers" = 4;
"pm.min_spare_servers" = 2;
"pm.start_servers" = 2;
};
}
services.wordpress.<name>.themes
List of path(s) to respective theme(s) which are copied from the 'theme' directory.
type
list of path
example
{
services.wordpress.<name>.themes = ''
# Let's package the responsive theme
responsiveTheme = pkgs.stdenv.mkDerivation {
name = "responsive-theme";
# Download the theme from the wordpress site
src = pkgs.fetchurl {
url = "https://downloads.wordpress.org/theme/responsive.3.14.zip";
sha256 = "0rjwm811f4aa4q43r77zxlpklyb85q08f9c8ns2akcarrvj5ydx3";
};
# We need unzip to build this package
buildInputs = [ pkgs.unzip ];
# Installing simply means copying all files to the output directory
installPhase = "mkdir -p $out; cp -R * $out/";
};
And then pass this theme to the themes list like this:
themes = [ responsiveTheme ];
'';
}
default
{
services.wordpress.<name>.themes = [];
}
services.wordpress.<name>.themesPath
Path to the directory containing the themes. This option can't be used together with 'themes'.
type
null or path
default
{
services.wordpress.<name>.themesPath = null;
}
services.wordpress.<name>.uploadsDir
This directory is used for uploads of pictures. The directory passed here is automatically created and permissions adjusted as required.
type
path
default
{
services.wordpress.<name>.uploadsDir = "/var/lib/wordpress/‹name›/uploads";
}
xdg.apps
Configure XDG default apps for mime types.
type
attribute set of submodule
default
{
xdg.apps = {};
}
xdg.apps.<name>.package
type
null or package
default
{
xdg.apps.<name>.package = null;
}
xdg.apps.<name>.mimeTypes
type
list of string
xdg.apps.<name>.name
type
string
doom-emacs-config.enable
Whether to enable Doom Emacs.
type
boolean
example
{
doom-emacs-config.enable = true;
}
default
{
doom-emacs-config.enable = false;
}
doom-emacs-config.doomd
location of the doom.d directory
type
path
example
{
doom-emacs-config.doomd = "${builtins.getEnv "HOME"}/doom.d";
}
default
{
doom-emacs-config.doomd = "/nix/store/87bwrcgh3w79vbwzk6lc391p4z8qiwwd-nix-doom-emacs-src/test/doom.d";
}
environment.persistence
Persistent storage locations and the files and directories to link to them. Each attribute name should be the full path to a persistent storage location.
For detailed usage, check the documentation.
type
attribute set of submodule
default
{
environment.persistence = {};
}
environment.persistence.<name>.directories
Directories to bind mount to persistent storage.
type
list of string
example
{
environment.persistence.<name>.directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
];
}
default
{
environment.persistence.<name>.directories = [];
}
environment.persistence.<name>.files
Files in /etc that should be stored in persistent storage.
type
list of string
example
{
environment.persistence.<name>.files = [
"/etc/machine-id"
"/etc/nix/id_rsa"
];
}
default
{
environment.persistence.<name>.files = [];
}
fetchBackground.enable
whether to enable fetching a background from the fetch
type
boolean
default
{
fetchBackground.enable = false;
}
fetchBackground.url
url to fetch background from
type
string
default
{
fetchBackground.url = "https://source.unsplash.com/random";
}
home-manager.backupFileExtension
On activation move existing files by appending the given file extension rather than exiting with an error.
type
null or string
example
{
home-manager.backupFileExtension = "backup";
}
default
{
home-manager.backupFileExtension = null;
}
home-manager.extraSpecialArgs
Extra
type
attribute set
example
{
home-manager.extraSpecialArgs = {
_type = "literalExpression";
text = "{ inherit emacs-overlay; }";
};
}
default
{
home-manager.extraSpecialArgs = {};
}
home-manager.sharedModules
Extra modules added to all users.
type
list of Home Manager modules
example
{
home-manager.sharedModules = {
_type = "literalExpression";
text = "[ { home.packages = [ nixpkgs-fmt ]; } ]";
};
}
default
{
home-manager.sharedModules = [];
}
home-manager.useGlobalPkgs
Whether to enable using the system configuration's
type
boolean
example
{
home-manager.useGlobalPkgs = true;
}
default
{
home-manager.useGlobalPkgs = false;
}
home-manager.useUserPackages
Whether to enable installation of user packages through the
option. .type
boolean
example
{
home-manager.useUserPackages = true;
}
default
{
home-manager.useUserPackages = false;
}
home-manager.verbose
Whether to enable verbose output on activation.
type
boolean
example
{
home-manager.verbose = true;
}
default
{
home-manager.verbose = false;
}
homeBinds
Bind mounts in your home folder
type
list of string
default
{
homeBinds = [];
}
mainUser
Name for the default user of the system
type
string
default
{
mainUser = "erik";
}
nixExperimental.enable
Whether to enable whether to set up the experimental version of nix.
type
boolean
example
{
nixExperimental.enable = true;
}
default
{
nixExperimental.enable = false;
}
persistRoot
type
string
default
{
persistRoot = "/nix/persist";
}
privateConfig.enable
Whether to enable Enable the private home-manager configuration.
type
boolean
example
{
privateConfig.enable = true;
}
default
{
privateConfig.enable = false;
}
tmpfs-setup.enable
this option will enable an impermanence implementation if enabled. don't touch otherwise
type
boolean
default
{
tmpfs-setup.enable = false;
}
virtualisation.hugepages.enable
Whether to enable Hugepages.
type
boolean
example
{
virtualisation.hugepages.enable = true;
}
default
{
virtualisation.hugepages.enable = false;
}
virtualisation.hugepages.defaultPageSize
Default size of huge pages. You can use suffixes K, M, and G to specify KB, MB, and GB.
type
string matching the pattern [0-9]*[kKmMgG]
default
{
virtualisation.hugepages.defaultPageSize = "1M";
}
virtualisation.hugepages.numPages
Number of huge pages to allocate at boot.
type
positive integer, meaning >0
default
{
virtualisation.hugepages.numPages = 1;
}
virtualisation.hugepages.pageSize
Size of huge pages that are allocated at boot. You can use suffixes K, M, and G to specify KB, MB, and GB.
type
string matching the pattern [0-9]*[kKmMgG]
default
{
virtualisation.hugepages.pageSize = "1M";
}
virtualisation.libvirtd.clearEmulationCapabilities
type
boolean
default
{
virtualisation.libvirtd.clearEmulationCapabilities = true;
}
virtualisation.libvirtd.deviceACL
type
list of string
default
{
virtualisation.libvirtd.deviceACL = [];
}
virtualisation.sharedMemoryFiles
type
attribute set of submodule
default
{
virtualisation.sharedMemoryFiles = {};
}
virtualisation.sharedMemoryFiles.<name>.group
Group of the memory file
type
string
default
{
virtualisation.sharedMemoryFiles.<name>.group = "root";
}
virtualisation.sharedMemoryFiles.<name>.mode
Group of the memory file
type
string
default
{
virtualisation.sharedMemoryFiles.<name>.mode = "0600";
}
virtualisation.sharedMemoryFiles.<name>.user
Owner of the memory file
type
string
default
{
virtualisation.sharedMemoryFiles.<name>.user = "root";
}
virtualisation.vfio.enable
Whether to enable VFIO Configuration.
type
boolean
example
{
virtualisation.vfio.enable = true;
}
default
{
virtualisation.vfio.enable = false;
}
virtualisation.vfio.IOMMUType
Type of the IOMMU used
type
one of "intel", "amd"
example
{
virtualisation.vfio.IOMMUType = "intel";
}
virtualisation.vfio.applyACSpatch
If set, the following things will happen:
- The ACS override patch is applied
- Applies the i915-vga-arbiter patch
- Adds pcie_acs_override=downstream to the command line
type
boolean
default
{
virtualisation.vfio.applyACSpatch = false;
}
virtualisation.vfio.blacklistNvidia
Add Nvidia GPU modules to blacklist
type
boolean
default
{
virtualisation.vfio.blacklistNvidia = false;
}
virtualisation.vfio.devices
PCI IDs of devices to bind to vfio-pci
type
list of string matching the pattern [0-9a-f]{4}:[0-9a-f]{4}
example
{
virtualisation.vfio.devices = [
"10de:1b80"
"10de:10f0"
];
}
default
{
virtualisation.vfio.devices = [];
}
virtualisation.vfio.disableEFIfb
Disables the usage of the EFI framebuffer on boot.
type
boolean
example
{
virtualisation.vfio.disableEFIfb = true;
}
default
{
virtualisation.vfio.disableEFIfb = false;
}
virtualisation.vfio.ignoreMSRs
Enables or disables kvm guest access to model-specific registers
type
boolean
example
{
virtualisation.vfio.ignoreMSRs = true;
}
default
{
virtualisation.vfio.ignoreMSRs = false;
}
veracrypt
Declarative veracrypt mounts as systemd services. Takes an attribute set where names correspond to the mount point. Does not support protecting hidden volume yet. Note that NTFS volumes don't carry linux file permissions and will be owned by root, unless uidUser, uidGroup, and umask options are used to adjust permissions.
type
attribute set of submodule
default
{
veracrypt = {};
}
veracrypt.<name>.device
Path to device or container file to mount
type
string
veracrypt.<name>.extraCommandLineOptions
Extra command line options for veracrypt
type
strings concatenated with " "
example
{
veracrypt.<name>.extraCommandLineOptions = "--fs-options='umask=007,uid=1000,gid=1000'";
}
default
{
veracrypt.<name>.extraCommandLineOptions = "";
}
veracrypt.<name>.extraFSOptions
Extra filesystem mount options.
type
list of string
default
{
veracrypt.<name>.extraFSOptions = [];
}
veracrypt.<name>.extraUnitEntries
Extra entries in the [Unit] section of the systemd unit
type
strings concatenated with "\n"
example
{
veracrypt.<name>.extraUnitEntries = "Wants=dev-sda6.device";
}
default
{
veracrypt.<name>.extraUnitEntries = "";
}
veracrypt.<name>.gidGroup
The group to own the filesystem. Sets the gid mount option. Keep null to omit.
type
null or string
example
{
veracrypt.<name>.gidGroup = "users";
}
default
{
veracrypt.<name>.gidGroup = null;
}
veracrypt.<name>.keyfiles
List of paths to keyfiles
type
list of string
default
{
veracrypt.<name>.keyfiles = [];
}
veracrypt.<name>.onBoot
Whether to have systemd mount this volume on boot
type
boolean
default
{
veracrypt.<name>.onBoot = true;
}
veracrypt.<name>.passwordFile
Path to a file containing the password. Don't set for an empty password.
type
null or string
default
{
veracrypt.<name>.passwordFile = null;
}
veracrypt.<name>.pim
type
unsigned integer, meaning >=0
default
{
veracrypt.<name>.pim = 0;
}
veracrypt.<name>.uidUser
The user to own the filesystem. Sets the uid mount option. Keep null to omit.
type
null or string
example
{
veracrypt.<name>.uidUser = "admin";
}
default
{
veracrypt.<name>.uidUser = null;
}
veracrypt.<name>.umask
The umask mount option. Keep null to omit.
type
null or string
example
{
veracrypt.<name>.umask = "000";
}
default
{
veracrypt.<name>.umask = null;
}
services.freshrss.enable
Whether to enable FreshRSS.
type
boolean
example
{
services.freshrss.enable = true;
}
default
{
services.freshrss.enable = false;
}
services.freshrss.admin
Administrator username. It will be used to login to FreshRSS.
type
string
example
{
services.freshrss.admin = "admin";
}
default
{
services.freshrss.admin = "admin";
}
services.freshrss.dataDir
Location of FreshRSS data directory.
type
string
default
{
services.freshrss.dataDir = "/var/lib/freshrss/data";
}
services.freshrss.database.createLocally
Create the database and database user locally. Has no effect if database.type is sqlite.
type
boolean
default
{
services.freshrss.database.createLocally = true;
}
services.freshrss.database.name
Name of the database. Has no effect if database.type is sqlite.
type
string
default
{
services.freshrss.database.name = "freshrss";
}
services.freshrss.database.type
What type of database to use.
type
one of "sqlite", "pgsql"
default
{
services.freshrss.database.type = "sqlite";
}
services.freshrss.database.user
The database user. Has no effect if database.type is sqlite.
type
string
default
{
services.freshrss.database.user = "freshrss";
}
services.freshrss.extensionsDir
Location of FreshRSS extensions directory.
type
string
default
{
services.freshrss.extensionsDir = "/var/lib/freshrss/extensions";
}
services.freshrss.group
Group under which the FreshRSS run. It will be created if it doesn't exist.
type
string
example
{
services.freshrss.group = "freshrss";
}
default
{
services.freshrss.group = "freshrss";
}
services.freshrss.initialPassword
Specifies the initial password for the admin, i.e. the password assigned if the user does not already exist. The password specified here is world-readable in the Nix store, so it should be changed promptly.
type
string
example
{
services.freshrss.initialPassword = "correcthorsebatterystaple";
}
services.freshrss.interval
How often FreshRSS is updated. See systemd.time(7) for more information about the format.
type
string
default
{
services.freshrss.interval = "*:0/30";
}
services.freshrss.pool
Name of existing phpfpm pool that is used to run web-application. If not specified a pool will be created automatically with default values.
type
string
default
{
services.freshrss.pool = "freshrss";
}
services.freshrss.user
User account under which FreshRSS run. If it's freshrss it will be created.
type
string
example
{
services.freshrss.user = "freshrss";
}
default
{
services.freshrss.user = "freshrss";
}
services.freshrss.virtualHost
Name of the nginx virtualhost to use and setup. If null, do not setup any virtualhost.
type
null or string
default
{
services.freshrss.virtualHost = "freshrss";
}
nix.supportedPlatforms
extra platforms that nix will run binaries for
type
list of string
default
{
nix.supportedPlatforms = [];
}
qemu-user.aarch64
Whether to enable enable 64bit arm emulation.
type
boolean
example
{
qemu-user.aarch64 = true;
}
default
{
qemu-user.aarch64 = false;
}
qemu-user.arm
Whether to enable enable 32bit arm emulation.
type
boolean
example
{
qemu-user.arm = true;
}
default
{
qemu-user.arm = false;
}
qemu-user.riscv64
Whether to enable enable 64bit riscv emulation.
type
boolean
example
{
qemu-user.riscv64 = true;
}
default
{
qemu-user.riscv64 = false;
}
allvm.useDirectS3URL
Use Direct S3 for ALLVM cache. Hydra builders should use this to avoid CloudFront's negative cache.
type
boolean
default
{
allvm.useDirectS3URL = false;
}
fonts.powerline-symbols.enable
Whether to enable PowerlineSymbols font and configuration.
type
boolean
example
{
fonts.powerline-symbols.enable = true;
}
default
{
fonts.powerline-symbols.enable = false;
}
fonts.powerline-symbols.enableDefaultFonts
Include upstream's list of fonts by default
type
boolean
default
{
fonts.powerline-symbols.enableDefaultFonts = true;
}
fonts.powerline-symbols.fonts
Font family names that will use glyphs from the PowerlineSymbol font before using original as "fallback".
type
list of string
default
{
fonts.powerline-symbols.fonts = [];
}
gtk.enable
Whether to enable Gtk theming configuration.
type
boolean
example
{
gtk.enable = true;
}
default
{
gtk.enable = false;
}
gtk.cursorTheme
The cursor theme to use.
type
null or submodule
example
{
gtk.cursorTheme = {
_type = "literalExpression";
text = ''
{
name = "Adwaita";
package = pkgs.gnome3.adwaita-icon-theme;
};
'';
};
}
default
{
gtk.cursorTheme = null;
}
gtk.font
The font to use in GTK+ applications.
type
null or submodule
example
{
gtk.font = {
_type = "literalExpression";
text = ''
{
name = "Cantarell 11";
package = pkgs.cantarell-fonts;
};
'';
};
}
default
{
gtk.font = null;
}
gtk.gtk2
Whether to enable theming for obsolete GTK2 engine.
type
boolean
default
{
gtk.gtk2 = true;
}
gtk.iconTheme
The icon theme to use.
type
null or submodule
example
{
gtk.iconTheme = {
_type = "literalExpression";
text = ''
{
name = "Adwaita";
package = pkgs.gnome3.adwaita-icon-theme;
};
'';
};
}
default
{
gtk.iconTheme = null;
}
gtk.theme
The GTK+ theme to use.
type
null or submodule
example
{
gtk.theme = {
_type = "literalExpression";
text = ''
{
name = "Adwaita";
package = pkgs.gnome-themes-extra;
};
'';
};
}
default
{
gtk.theme = null;
}
hardware.logitech-k380.enable
Whether to make function keys default on Logitech k380 bluetooth keyboard.
type
boolean
default
{
hardware.logitech-k380.enable = false;
}
hardware.steam.enable
Whether to enable Steam headless server.
type
boolean
example
{
hardware.steam.enable = true;
}
default
{
hardware.steam.enable = false;
}
hardware.steam.autorun
Whether to enable run by default.
type
boolean
example
{
hardware.steam.autorun = true;
}
default
{
hardware.steam.autorun = false;
}
hardware.steam.devid
type
string
example
{
hardware.steam.devid = "0000:07:00.0,1";
}
hardware.steam.resolution
type
string
default
{
hardware.steam.resolution = "1920x1080";
}
hardware.steam.user
type
string
hardware.steam.wayland
Whether to enable via Wayland.
type
boolean
example
{
hardware.steam.wayland = true;
}
default
{
hardware.steam.wayland = false;
}
hardware.steam.xorg
Whether to enable via X.Org.
type
boolean
example
{
hardware.steam.xorg = true;
}
default
{
hardware.steam.xorg = false;
}
hardware.wifi.enable
Whether to enable Wifi hacks .
type
boolean
example
{
hardware.wifi.enable = true;
}
default
{
hardware.wifi.enable = false;
}
hardware.wifi.interface
type
string
programs.bambootracker.enable
Whether to enable BambooTracker program .
type
boolean
example
{
programs.bambootracker.enable = true;
}
default
{
programs.bambootracker.enable = false;
}
programs.pipewire.enable
Whether to enable the PipeWire sound server .
type
boolean
example
{
programs.pipewire.enable = true;
}
default
{
programs.pipewire.enable = false;
}
programs.pulseaudio.enable
Whether to enable the PulseAudio sound server .
type
boolean
example
{
programs.pulseaudio.enable = true;
}
default
{
programs.pulseaudio.enable = false;
}
qt5.enable
Whether to enable Qt5 theming configuration.
type
boolean
example
{
qt5.enable = true;
}
default
{
qt5.enable = false;
}
qt5.platformTheme
Selects the platform theme to use for Qt5 applications.
type
one of "gtk2", "gtk3"
example
{
qt5.platformTheme = "gnome";
}
qt5.style
Selects the style to use for Qt5 applications.
type
one of "adwaita", "adwaita-dark", "cleanlooks", "gtk2", "motif", "plastique"
example
{
qt5.style = "adwaita";
}
services.jack.enable
Whether to enable JACK Audio Connection Kit. You must be in "wheel" group .
type
boolean
example
{
services.jack.enable = true;
}
default
{
services.jack.enable = false;
}
services.job.enable
Whether to enable Programs for job .
type
boolean
example
{
services.job.enable = true;
}
default
{
services.job.enable = false;
}
services.nvidia.enable
Whether to enable the Nvidia Optimus support .
type
boolean
example
{
services.nvidia.enable = true;
}
default
{
services.nvidia.enable = false;
}
services.server.enable
Whether to enable Support for my home server .
type
boolean
example
{
services.server.enable = true;
}
default
{
services.server.enable = false;
}
programs.fzf.bash.keyBindings.enable
Enable the fzf Bash key-bindings and completion.
type
boolean
default
{
programs.fzf.bash.keyBindings.enable = false;
}
services.btrbk.enable
Whether to start the btrbk snapshotting service.
type
boolean
default
{
services.btrbk.enable = false;
}
services.btrbk.config
The literal contents of btrbk.conf except for the volume.
type
strings concatenated with "\n"
default
{
services.btrbk.config = "";
}
services.btrbk.volume
The volume to mount
type
string
default
{
services.btrbk.volume = "";
}
services.electrum-personal-server.enable
Whether to enable Enable the Electrum Personal Server as a systemd user service. Requires services.bitcoind.
type
boolean
example
{
services.electrum-personal-server.enable = true;
}
default
{
services.electrum-personal-server.enable = false;
}
services.electrum-personal-server.package
The package providing the Electrum Personal Server.
type
package
default
{
services.electrum-personal-server.package = "pkgs.electrum-personal-server";
}
services.electrum-personal-server.configFile
The user-specific configuration file path.
type
string
example
{
services.electrum-personal-server.configFile = "$HOME/.config/electrum-personal-server/config.ini";
}
default
{
services.electrum-personal-server.configFile = "$HOME/.config/electrum-personal-server/config.ini";
}
services.electrumx.enable
Whether to enable Enable electrumx, an electrum-server implementation..
type
boolean
example
{
services.electrumx.enable = true;
}
default
{
services.electrumx.enable = false;
}
services.electrumx.package
The package providing electrumx.
type
package
default
{
services.electrumx.package = "pkgs.electrumx";
}
services.electrumx.coin
Must be a NAME from one of the Coin classes in https://github.com/spesmilo/electrumx/blob/master/electrumx/lib/coins.py For example, Bitcoin.
type
string
example
{
services.electrumx.coin = "Bitcoin";
}
default
{
services.electrumx.coin = "Bitcoin";
}
services.electrumx.daemonUrl
A list of daemon URLs (ex. Bitcoin Core RPC). If more than one is provided ElectrumX will initially connect to the first, and failover to subsequent ones round-robin style if one stops working.
The leading http:// is optional, as is the trailing slash. The :port part is also optional and will default to the standard RPC port for COIN and NET if omitted.
type
list of string
example
{
services.electrumx.daemonUrl = "[ 'username:password@localhost:8332' 'https://username:password@somebtcnode.com:8332' ]";
}
default
{
services.electrumx.daemonUrl = [];
}
services.electrumx.dbDirectory
The path to the database directory.
type
string
example
{
services.electrumx.dbDirectory = "/var/lib/electrumx";
}
default
{
services.electrumx.dbDirectory = "/var/lib/electrumx";
}
services.electrumx.eventLoopPolicy
The name of an event loop policy to replace the default asyncio policy.
type
one of "asyncio", "uvloop"
default
{
services.electrumx.eventLoopPolicy = "asyncio";
}
services.electrumx.group
The group as which to run electrumx.
type
string
default
{
services.electrumx.group = "electrumx";
}
services.electrumx.net
Must be a NET from one of the Coin classes in https://github.com/spesmilo/electrumx/blob/master/electrumx/lib/coins.py. Defaults to mainnet.
type
string
example
{
services.electrumx.net = "mainnet";
}
default
{
services.electrumx.net = "mainnet";
}
services.electrumx.peer.announce
When true, ElectrumX will announce itself to peers.
If peer discovery is off this environment variable has no effect, because ElectrumX only announces itself to peers when doing peer discovery if it notices it is not present in the peer’s returned list.
type
boolean
default
{
services.electrumx.peer.announce = true;
}
services.electrumx.peer.blacklistUrl
URL to retrieve a list of blacklisted peers. If not set, a coin-specific default is used.
type
string
default
{
services.electrumx.peer.blacklistUrl = "";
}
services.electrumx.peer.discovery
If on, ElectrumX will occasionally connect to and verify its network of peer servers.
If off, peer discovery is disabled and a hard-coded default list of servers will be read in and served. If set to self then peer discovery is disabled and the server will only return itself in the peers list.
type
one of "on", "off", "self"
example
{
services.electrumx.peer.discovery = "self";
}
default
{
services.electrumx.peer.discovery = "on";
}
services.electrumx.peer.tor.enable
Allow/disallow electrumx to use a Tor proxy.
type
boolean
default
{
services.electrumx.peer.tor.enable = false;
}
services.electrumx.peer.tor.forceProxy
By default peer discovery happens over the clear internet. Enable this to force peer discovery to be done via the proxy. This might be useful if you are running a Tor service exclusively and wish to keep your IP address private.
type
boolean
default
{
services.electrumx.peer.tor.forceProxy = false;
}
services.electrumx.peer.tor.host
The host where your Tor proxy is running.
type
string
default
{
services.electrumx.peer.tor.host = "localhost";
}
services.electrumx.peer.tor.port
The port on which the Tor proxy is running.
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
example
{
services.electrumx.peer.tor.port = 9051;
}
default
{
services.electrumx.peer.tor.port = 9050;
}
services.electrumx.reportServices
A list of services ElectrumX will advertize and other servers in the server network (if peer discovery is enabled), and any successful connection.
This must be set correctly, taking account of your network, firewall and router setup, for clients and other servers to see how to connect to your server. If not set or empty, no services are advertized.
type
list of string
example
{
services.electrumx.reportServices = "[ 'tcp://sv.usebsv.com:50001 'ssl://sv.usebsv.com:50002' ]";
}
default
{
services.electrumx.reportServices = [];
}
services.electrumx.services
A list of services ElectrumX will accept incoming connections for.
This determines what interfaces and ports the server listens on, so must be set correctly for any connection to the server to succeed. If unset or empty, ElectrumX will not listen for any incoming connections.
type
list of string
example
{
services.electrumx.services = "[ 'rpc://127.0.0.1:50002 'tcp://myelectrumx.net:50002' ]";
}
default
{
services.electrumx.services = [
"rpc://"
];
}
services.electrumx.ssl.certfile
The filesystem path to your SSL certificate file.
type
path
example
{
services.electrumx.ssl.certfile = "/etc/electrumx/server.crt";
}
services.electrumx.ssl.keyfile
The filesystem path to your SSL keu file.
type
path
example
{
services.electrumx.ssl.keyfile = "/etc/electrumx/server.key";
}
services.electrumx.user
The user as which to run electrumx.
type
string
default
{
services.electrumx.user = "electrumx";
}
services.atlas.enable
Whether to enable Atlas service.
type
boolean
example
{
services.atlas.enable = true;
}
default
{
services.atlas.enable = false;
}
services.pounce.enable
Whether to enable Pounce
type
boolean
default
{
services.pounce.enable = false;
}
services.pounce.package
type
package
default
{
services.pounce.package = "pkgs.pounce";
}
services.pounce.certFP
type
null or path
example
{
services.pounce.certFP = "/etc/pounce/libera-user.pem";
}
default
{
services.pounce.certFP = null;
}
services.pounce.dataDir
type
path
example
{
services.pounce.dataDir = "/home/john/.znc";
}
default
{
services.pounce.dataDir = "/var/lib/pounce";
}
services.pounce.extraConfig
Extra configuration
type
strings concatenated with "\n"
default
{
services.pounce.extraConfig = "";
}
services.pounce.group
Group to own the Pounce process.
type
string
example
{
services.pounce.group = "users";
}
default
{
services.pounce.group = "pounce";
}
services.pounce.hashedPass
type
string
default
{
services.pounce.hashedPass = "";
}
services.pounce.hostAddress
type
string
default
{
services.pounce.hostAddress = "127.0.0.1";
}
services.pounce.hostPort
type
signed integer
default
{
services.pounce.hostPort = 6697;
}
services.pounce.ircHost
type
string
default
{
services.pounce.ircHost = "";
}
services.pounce.ircHostPort
type
signed integer
default
{
services.pounce.ircHostPort = 6697;
}
services.pounce.ircNick
type
string
default
{
services.pounce.ircNick = "";
}
services.pounce.ircPass
type
string
default
{
services.pounce.ircPass = "";
}
services.pounce.ircUser
type
string
default
{
services.pounce.ircUser = "";
}
services.pounce.joinChannels
type
list of string
default
{
services.pounce.joinChannels = [];
}
services.pounce.sslCa
type
null or path
example
{
services.pounce.sslCa = "~/.config/pounce/pouncecert.pem";
}
default
{
services.pounce.sslCa = null;
}
services.pounce.sslCert
type
null or path
example
{
services.pounce.sslCert = "/etc/letsencrypt/cert/cert.crt";
}
default
{
services.pounce.sslCert = null;
}
services.pounce.sslKey
type
null or path
example
{
services.pounce.sslKey = "/etc/letsencrypt/cert/private.key";
}
default
{
services.pounce.sslKey = null;
}
services.pounce.user
The name of an existing user account to use to own the Pounce server process. If not specified, a default user will be created.
type
string
example
{
services.pounce.user = "john";
}
default
{
services.pounce.user = "pounce";
}
boot.loader.unifiedKernelImage.enable
A unified kernel image is a single EFI PE executable combining an EFI stub loader, a kernel image, an initramfs image, and the kernel command line.
type
boolean
default
{
boot.loader.unifiedKernelImage.enable = false;
}
programs.vscode.extensions
List of extensions to install.
type
list of path
default
{
programs.vscode.extensions = [];
}
programs.vscode.homeDir
User home directory for who to install the extensions.
type
null or string
default
{
programs.vscode.homeDir = null;
}
programs.vscode.user
User name for who to install the extensions.
type
null or string
default
{
programs.vscode.user = null;
}
secrets.fullPaths
set of full paths to secrets
type
attribute set of path
default
{
secrets.fullPaths = {};
}
secrets.keys
Keys to upload to server
type
list of unspecified
default
{
secrets.keys = [];
}
secrets.location
Location where to put the keys
type
path
default
{
secrets.location = "/var/secrets";
}
services.duplyBackup.enable
Whether to enable remote backups.
type
boolean
default
{
services.duplyBackup.enable = false;
}
services.duplyBackup.profiles
type
attribute set of submodule
services.duplyBackup.profiles.<name>.excludeFile
Content to put in exclude file
type
strings concatenated with "\n"
default
{
services.duplyBackup.profiles.<name>.excludeFile = "";
}
services.duplyBackup.profiles.<name>.rootDir
Path to backup
type
path
services.fiche.enable
Whether to enable Enable fiche’s service.
type
boolean
example
{
services.fiche.enable = true;
}
default
{
services.fiche.enable = false;
}
services.fiche.dataDir
Directory where to place the pastes
type
path
default
{
services.fiche.dataDir = "/var/lib/fiche";
}
services.fiche.domain
Domain
type
string
services.fiche.https
Whether to enable Use https.
type
boolean
example
{
services.fiche.https = true;
}
default
{
services.fiche.https = false;
}
services.fiche.port
Port to listen to
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
services.filesWatcher
Files to watch and trigger service reload or restart of service when changed.
type
attribute set of submodule
default
{
services.filesWatcher = {};
}
services.filesWatcher.<name>.paths
Paths to watch that should trigger a reload of the service
type
list of string
services.filesWatcher.<name>.restart
Whether to enable Restart service rather than reloading it.
type
boolean
example
{
services.filesWatcher.<name>.restart = true;
}
default
{
services.filesWatcher.<name>.restart = false;
}
services.filesWatcher.<name>.waitTime
Time to wait before reloading/restarting the service. Set 0 to not wait.
type
signed integer
default
{
services.filesWatcher.<name>.waitTime = 5;
}
services.openarc.enable
Whether to enable the OpenARC sender authentication system.
type
boolean
default
{
services.openarc.enable = false;
}
services.openarc.configFile
Additional OpenARC configuration.
type
null or path
default
{
services.openarc.configFile = null;
}
services.openarc.group
Group for the daemon.
type
string
default
{
services.openarc.group = "opendmarc";
}
services.openarc.socket
Socket which is used for communication with OpenARC.
type
string
default
{
services.openarc.socket = "local:/run/openarc/openarc.sock";
}
services.openarc.user
User for the daemon.
type
string
default
{
services.openarc.user = "opendmarc";
}
services.opendmarc.enable
Whether to enable the OpenDMARC sender authentication system.
type
boolean
default
{
services.opendmarc.enable = false;
}
services.opendmarc.configFile
Additional OpenDMARC configuration.
type
null or path
default
{
services.opendmarc.configFile = null;
}
services.opendmarc.group
Group for the daemon.
type
string
default
{
services.opendmarc.group = "opendmarc";
}
services.opendmarc.socket
Socket which is used for communication with OpenDMARC.
type
string
default
{
services.opendmarc.socket = "local:/run/opendmarc/opendmarc.sock";
}
services.opendmarc.user
User for the daemon.
type
string
default
{
services.opendmarc.user = "opendmarc";
}
services.rsyncBackup.mountpoint
Path to the base folder for backups
type
path
services.rsyncBackup.profiles
Profiles to backup
type
attribute set of submodule
default
{
services.rsyncBackup.profiles = {};
}
services.rsyncBackup.profiles.<name>.host
host to connect to
type
string
services.rsyncBackup.profiles.<name>.host_key
Host key to use as known host
type
string
services.rsyncBackup.profiles.<name>.host_key_type
Host key type
type
string
services.rsyncBackup.profiles.<name>.keep
Number of backups to keep
type
signed integer
default
{
services.rsyncBackup.profiles.<name>.keep = 7;
}
services.rsyncBackup.profiles.<name>.login
login to connect to
type
string
services.rsyncBackup.profiles.<name>.parts
folders to backup in the host
type
attribute set of submodule
services.rsyncBackup.profiles.<name>.parts.<name>.args
additional arguments for rsync
type
null or string
default
{
services.rsyncBackup.profiles.<name>.parts.<name>.args = null;
}
services.rsyncBackup.profiles.<name>.parts.<name>.exclude_from
Paths to exclude from the backup
type
list of path
default
{
services.rsyncBackup.profiles.<name>.parts.<name>.exclude_from = [];
}
services.rsyncBackup.profiles.<name>.parts.<name>.files_from
Paths to take for the backup (if empty: whole folder minus exclude_from)
type
list of path
default
{
services.rsyncBackup.profiles.<name>.parts.<name>.files_from = [];
}
services.rsyncBackup.profiles.<name>.parts.<name>.remote_folder
Path to backup
type
path
services.rsyncBackup.profiles.<name>.port
port to connect to
type
string
default
{
services.rsyncBackup.profiles.<name>.port = "22";
}
services.rsyncBackup.ssh_key_private
Private key for the backup
type
string
services.rsyncBackup.ssh_key_public
Public key for the backup
type
string
services.websites.certs
Default websites configuration for certificates as accepted by acme
type
unspecified
services.websites.env
Each type of website to enable will target a distinct httpd server
type
attribute set of submodule
default
{
services.websites.env = {};
}
services.websites.env.<name>.enable
Whether to enable Enable websites of this type.
type
boolean
example
{
services.websites.env.<name>.enable = true;
}
default
{
services.websites.env.<name>.enable = false;
}
services.websites.env.<name>.adminAddr
Admin e-mail address of the instance
type
string
services.websites.env.<name>.extraConfig
Additional configuration to append to Apache
type
list of strings concatenated with "\n"
default
{
services.websites.env.<name>.extraConfig = [];
}
services.websites.env.<name>.fallbackVhost
The fallback vhost that will be defined as first vhost in Apache
type
submodule
services.websites.env.<name>.fallbackVhost.certName
type
string
services.websites.env.<name>.fallbackVhost.extraConfig
type
list of strings concatenated with "\n"
default
{
services.websites.env.<name>.fallbackVhost.extraConfig = [];
}
services.websites.env.<name>.fallbackVhost.forceSSL
Automatically create a corresponding non-ssl vhost that will only redirect to the ssl version
type
boolean
default
{
services.websites.env.<name>.fallbackVhost.forceSSL = true;
}
services.websites.env.<name>.fallbackVhost.hosts
type
list of string
services.websites.env.<name>.fallbackVhost.root
type
null or path
services.websites.env.<name>.httpdName
Name of the httpd instance to assign this type to
type
string
services.websites.env.<name>.ips
ips to listen to
type
list of string
default
{
services.websites.env.<name>.ips = [];
}
services.websites.env.<name>.modules
Additional modules to load in Apache
type
list of string
default
{
services.websites.env.<name>.modules = [];
}
services.websites.env.<name>.nosslVhost
A default nossl vhost for captive portals
type
submodule
default
{
services.websites.env.<name>.nosslVhost = {};
}
services.websites.env.<name>.nosslVhost.enable
Whether to enable Add default no-ssl vhost for this instance.
type
boolean
example
{
services.websites.env.<name>.nosslVhost.enable = true;
}
default
{
services.websites.env.<name>.nosslVhost.enable = false;
}
services.websites.env.<name>.nosslVhost.host
The hostname to use for this vhost
type
string
services.websites.env.<name>.nosslVhost.indexFile
The index file to show.
type
string
default
{
services.websites.env.<name>.nosslVhost.indexFile = "index.html";
}
services.websites.env.<name>.nosslVhost.root
The root folder to serve
type
path
default
{
services.websites.env.<name>.nosslVhost.root = "/nix/store/9igw1ny9f9bhlv98wlf91jr4n3r0ib98-nosslVhost";
}
services.websites.env.<name>.vhostConfs
List of vhosts to define for Apache
type
attribute set of submodule
default
{
services.websites.env.<name>.vhostConfs = {};
}
services.websites.env.<name>.vhostConfs.<name>.addToCerts
Use these to certificates. Is ignored (considered true) if certMainHost is not null
type
boolean
default
{
services.websites.env.<name>.vhostConfs.<name>.addToCerts = false;
}
services.websites.env.<name>.vhostConfs.<name>.certMainHost
Use that host as 'main host' for acme certs
type
null or string
default
{
services.websites.env.<name>.vhostConfs.<name>.certMainHost = null;
}
services.websites.env.<name>.vhostConfs.<name>.certName
type
string
services.websites.env.<name>.vhostConfs.<name>.extraConfig
type
list of strings concatenated with "\n"
default
{
services.websites.env.<name>.vhostConfs.<name>.extraConfig = [];
}
services.websites.env.<name>.vhostConfs.<name>.forceSSL
Automatically create a corresponding non-ssl vhost that will only redirect to the ssl version
type
boolean
default
{
services.websites.env.<name>.vhostConfs.<name>.forceSSL = true;
}
services.websites.env.<name>.vhostConfs.<name>.hosts
type
list of string
services.websites.env.<name>.vhostConfs.<name>.root
type
null or path
services.websites.env.<name>.vhostNoSSLConfs
List of no ssl vhosts to define for Apache
type
attribute set of submodule
default
{
services.websites.env.<name>.vhostNoSSLConfs = {};
}
services.websites.env.<name>.vhostNoSSLConfs.<name>.extraConfig
type
list of strings concatenated with "\n"
default
{
services.websites.env.<name>.vhostNoSSLConfs.<name>.extraConfig = [];
}
services.websites.env.<name>.vhostNoSSLConfs.<name>.hosts
type
list of string
services.websites.env.<name>.vhostNoSSLConfs.<name>.root
type
null or path
services.websites.env.<name>.watchPaths
Paths to watch that should trigger a reload of httpd
type
list of string
default
{
services.websites.env.<name>.watchPaths = [];
}
services.websites.webappDirs
Defines a symlink between /run/current-system/webapps and a store app directory to be used in http configuration. Permits to avoid restarting httpd when only the folder name changes.
type
attribute set of path
default
{
services.websites.webappDirs = {};
}
services.websites.webappDirsName
Name of the webapp dir to create in /run/current-system
type
string
default
{
services.websites.webappDirsName = "webapps";
}
services.websites.webappDirsPaths
Full paths of the webapp dir
type
attribute set of path
default
{
services.websites.webappDirsPaths = {};
}
services.webstats.dataDir
The directory where Goaccess stores its data.
type
path
default
{
services.webstats.dataDir = "/var/lib/goaccess";
}
services.webstats.sites
Sites to generate stats
type
list of submodule
default
{
services.webstats.sites = [];
}
services.webstats.sites.*.conf
use custom goaccess configuration file instead of the default one.
type
null or path
default
{
services.webstats.sites.*.conf = null;
}
services.webstats.sites.*.name
Domain name. Corresponds to the Apache file name and the folder name in which the state will be saved.
type
string
services.xserver.windowManager.instantwm.enable
Whether to enable instantwm.
type
boolean
example
{
services.xserver.windowManager.instantwm.enable = true;
}
default
{
services.xserver.windowManager.instantwm.enable = false;
}
services.fancontrol.enable
Whether to enable fancontrol from lm_sensors.
type
boolean
example
{
services.fancontrol.enable = true;
}
default
{
services.fancontrol.enable = false;
}
services.fancontrol.package
The package used for this service.
type
package
default
{
services.fancontrol.package = "pkgs.lm_sensors";
}
services.fancontrol.extraConfig
Extra content of /etc/fanconfig. You should generate this configuration by running pwmconfig, after loading the necessary kernel modules.
type
strings concatenated with "\n"
default
{
services.fancontrol.extraConfig = "";
}
services.fancontrol.extraModules
Extra kernel modules to load for sensors. These are suggested by sensors-detect.
type
list of string
default
{
services.fancontrol.extraModules = [];
}
services.fancontrol.interval
The polling interval.
type
signed integer
default
{
services.fancontrol.interval = 10;
}
services.papermc.enable
If enabled, start a Minecraft Server. The server data will be loaded from and saved to
.type
boolean
default
{
services.papermc.enable = false;
}
services.papermc.package
Version of papermc to run.
type
package
example
{
services.papermc.package = {
_type = "literalExpression";
text = "pkgs.papermc_1_12_2";
};
}
default
{
services.papermc.package = "pkgs.papermc";
}
services.papermc.dataDir
Directory to store Minecraft database and other state/data files.
type
path
default
{
services.papermc.dataDir = "/var/lib/minecraft";
}
services.papermc.declarative
Whether to use a declarative Minecraft server configuration.
Only if set to
type
boolean
default
{
services.papermc.declarative = false;
}
services.papermc.eula
Whether you agree to
Mojangs EULA. This option must be set totype
boolean
default
{
services.papermc.eula = false;
}
services.papermc.jvmOpts
JVM options for the Minecraft server.
type
strings concatenated with " "
example
{
services.papermc.jvmOpts = "-Xmx2048M -Xms4092M -XX:+UseG1GC -XX:+CMSIncrementalPacing -XX:+CMSClassUnloadingEnabled -XX:ParallelGCThreads=2 -XX:MinHeapFreeRatio=5 -XX:MaxHeapFreeRatio=10";
}
default
{
services.papermc.jvmOpts = "-Xmx2048M -Xms2048M";
}
services.papermc.openFirewall
Whether to open ports in the firewall for the server.
type
boolean
default
{
services.papermc.openFirewall = false;
}
services.papermc.plugins
Plugin list
type
list of path or package
default
{
services.papermc.plugins = [];
}
services.papermc.serverProperties
Minecraft server properties for the server.properties file. Only has
an effect when
is set to
type
attribute set of boolean or signed integer or string
example
{
services.papermc.serverProperties = {
_type = "literalExpression";
text = ''
{
server-port = 43000;
difficulty = 3;
gamemode = 1;
max-players = 5;
motd = "NixOS Minecraft server!";
white-list = true;
enable-rcon = true;
"rcon.password" = "hunter2";
}
'';
};
}
default
{
services.papermc.serverProperties = {};
}
services.papermc.whitelist
Whitelisted players, only has an effect when
istype
attribute set of Minecraft UUID
example
{
services.papermc.whitelist = {
_type = "literalExpression";
text = ''
{
username1 = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
username2 = "yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy";
};
'';
};
}
default
{
services.papermc.whitelist = {};
}
services.qbvpn.enable
Whether to enable qBittorrent + OpenVPN inside Docker.
type
boolean
example
{
services.qbvpn.enable = true;
}
default
{
services.qbvpn.enable = false;
}
services.qbvpn.bittorrentPort
Bittorrent TCP+UDP ports
type
signed integer
default
{
services.qbvpn.bittorrentPort = 8999;
}
services.qbvpn.configDir
Config directory
type
path
default
{
services.qbvpn.configDir = "/var/qbittorrent/etc";
}
services.qbvpn.downloadDir
Download directory
type
path
default
{
services.qbvpn.downloadDir = "/var/qbittorrent/downloads";
}
services.qbvpn.webuiPort
WebUI TCP port
type
signed integer
default
{
services.qbvpn.webuiPort = 8080;
}
services.ams.enable
Whether to enable HPE Agentless Management Service.
type
boolean
example
{
services.ams.enable = true;
}
default
{
services.ams.enable = false;
}
programs.fish.completions
Completions to add to fish.
type
attribute set of submodule
default
{
programs.fish.completions = {};
}
programs.fish.completions.<name>.body
Body of the file.
type
null or strings concatenated with "\n"
default
{
programs.fish.completions.<name>.body = null;
}
programs.fish.completions.<name>.source
Path of the source file. The file name must not start with a period.
type
path
programs.fish.functions
Functions to add to fish.
type
attribute set of submodule
default
{
programs.fish.functions = {};
}
programs.fish.functions.<name>.body
Body of the file.
type
null or strings concatenated with "\n"
default
{
programs.fish.functions.<name>.body = null;
}
programs.fish.functions.<name>.source
Path of the source file. The file name must not start with a period.
type
path
programs.fish.plugins
The plugins to add to fish.
Built with
type
list of package
default
{
programs.fish.plugins = [];
}
kampka.profiles.desktop.enable
Whether to enable A minimal profile for desktop systems.
type
boolean
example
{
kampka.profiles.desktop.enable = true;
}
default
{
kampka.profiles.desktop.enable = false;
}
kampka.profiles.headless.enable
Whether to enable A minimal profile for a headless system.
type
boolean
example
{
kampka.profiles.headless.enable = true;
}
default
{
kampka.profiles.headless.enable = false;
}
kampka.programs.firefox.enable
Whether to enable Firefox with strict settings.
type
boolean
example
{
kampka.programs.firefox.enable = true;
}
default
{
kampka.programs.firefox.enable = false;
}
kampka.programs.firefox.userPolicies
Policies allow additional control over Firefox settings in addition or sometimes beyond the scope of userSettings. The set defined here must serialize to a key/value pair where keys are always strings and values are the Nix representations of the JSON value valid for the given key. See https://github.com/mozilla/policy-templates/blob/master/README.md for details.
type
attribute set
example
{
kampka.programs.firefox.userPolicies = {
DisableFirefoxScreenshots = true;
Extensions = {
Install = [
"//path/to/xpi"
];
};
};
}
default
{
kampka.programs.firefox.userPolicies = {};
}
kampka.programs.firefox.userSettings
Setting to be applied to firefox as hard defaults. These settings cannot be changed via UI, about:config or remote sync/API. The set defined here must serialize to a key/value pair where keys are always strings and values are the Nix representations of the JSON value valid for the given key. All valid key/value pairs are listed in about:config. See also https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/A_brief_guide_to_Mozilla_preferences
type
attribute set
example
{
kampka.programs.firefox.userSettings = {
"browser.search.region" = "US";
"browser.startup.page" = 1;
"geo.enabled" = true;
};
}
default
{
kampka.programs.firefox.userSettings = {};
}
kampka.programs.nix-search.enable
Whether to enable nix-search - accelerated nix-env search.
type
boolean
example
{
kampka.programs.nix-search.enable = true;
}
default
{
kampka.programs.nix-search.enable = false;
}
kampka.programs.zsh-history.enable
Whether to enable A CLI to provide enhanced history for your shell.
type
boolean
example
{
kampka.programs.zsh-history.enable = true;
}
default
{
kampka.programs.zsh-history.enable = false;
}
kampka.programs.zsh-history.package
type
package
default
{
kampka.programs.zsh-history.package = {
drvPath = "zsh-history-2019-12-10";
name = "zsh-history-2019-12-10";
outPath = "zsh-history-2019-12-10";
type = "derivation";
};
}
kampka.services.dns-cache.enable
Whether to enable dns cache service with dns-over-tls.
type
boolean
example
{
kampka.services.dns-cache.enable = true;
}
default
{
kampka.services.dns-cache.enable = false;
}
kampka.services.dns-cache.dnsmasq
type
submodule
default
{
kampka.services.dns-cache.dnsmasq = {};
}
kampka.services.dns-cache.dnsmasq.allServers
Enables querying all configured servers, using the first positive result
type
boolean
default
{
kampka.services.dns-cache.dnsmasq.allServers = true;
}
kampka.services.dns-cache.dnsmasq.bogusPriv
Bogus private reverse lookups. All reverse lookups for private IP ranges (ie 192.168.x.x, etc) which are not found in /etc/hosts or the DHCP leases file are answered with "no such domain" rather than being forwarded upstream. The set of prefixes affected is the list given in RFC6303, for IPv4 and IPv6.
type
boolean
default
{
kampka.services.dns-cache.dnsmasq.bogusPriv = false;
}
kampka.services.dns-cache.dnsmasq.cache-size
Amount of DNS resolves to cache
type
signed integer
default
{
kampka.services.dns-cache.dnsmasq.cache-size = 1500;
}
kampka.services.dns-cache.dnsmasq.dhcp
DNSMasq dhcp options
type
list of submodule
default
{
kampka.services.dns-cache.dnsmasq.dhcp = [];
}
kampka.services.dns-cache.dnsmasq.dhcp.*.domain
type
submodule
kampka.services.dns-cache.dnsmasq.dhcp.*.domain.local
type
boolean
default
{
kampka.services.dns-cache.dnsmasq.dhcp.*.domain.local = true;
}
kampka.services.dns-cache.dnsmasq.dhcp.*.domain.name
type
string
kampka.services.dns-cache.dnsmasq.dhcp.*.domain.network
type
null or string
example
{
kampka.services.dns-cache.dnsmasq.dhcp.*.domain.network = "10.0.0.0/8";
}
default
{
kampka.services.dns-cache.dnsmasq.dhcp.*.domain.network = null;
}
kampka.services.dns-cache.dnsmasq.dhcp.*.host
Enable the DHCP server. Addresses will be given out from the range
type
list of submodule
default
{
kampka.services.dns-cache.dnsmasq.dhcp.*.host = [];
}
kampka.services.dns-cache.dnsmasq.dhcp..host..hardwareAddress
The hardware address (MAC) of the machine requesting a lease.
type
string
kampka.services.dns-cache.dnsmasq.dhcp..host..ipAddress
The IP address leased to the given hardware address
type
string
kampka.services.dns-cache.dnsmasq.dhcp..host..leaseTime
The lease time is in seconds, or minutes (eg 45m) or hours (eg 1h) or 'infinite'. The minimum lease time is two minutes.
type
string
default
{
kampka.services.dns-cache.dnsmasq.dhcp.*.host.*.leaseTime = "infinite";
}
kampka.services.dns-cache.dnsmasq.dhcp..host..name
The hostname to assign to the given hardware address
type
string
kampka.services.dns-cache.dnsmasq.dhcp..host..staticRecord
If set, a static A record will be added for the host
type
boolean
default
{
kampka.services.dns-cache.dnsmasq.dhcp.*.host.*.staticRecord = true;
}
kampka.services.dns-cache.dnsmasq.dhcp.*.range
Specify per host parameters for the DHCP server. This allows a machine with a particular hardware address to be always allocated the same hostname, IP address and lease time.
type
list of submodule
default
{
kampka.services.dns-cache.dnsmasq.dhcp.*.range = [];
}
kampka.services.dns-cache.dnsmasq.dhcp..range..endAddr
The end address of the dhcp range
type
string
kampka.services.dns-cache.dnsmasq.dhcp..range..interface
The name of the network interface this lease range is associated with.
type
string
kampka.services.dns-cache.dnsmasq.dhcp..range..leaseTime
The lease time is in seconds, or minutes (eg 45m) or hours (eg 1h) or 'infinite'. If not given, the default lease time is one hour. The minimum lease time is two minutes.
type
string
default
{
kampka.services.dns-cache.dnsmasq.dhcp.*.range.*.leaseTime = "1h";
}
kampka.services.dns-cache.dnsmasq.dhcp..range..startAddr
The start address of the dhcp range
type
string
kampka.services.dns-cache.dnsmasq.extraConfig
type
string
default
{
kampka.services.dns-cache.dnsmasq.extraConfig = "";
}
kampka.services.dns-cache.dnsmasq.interfaces
List of network interfaces to bind to.
type
list of string
default
{
kampka.services.dns-cache.dnsmasq.interfaces = [
"lo"
];
}
kampka.services.dns-cache.dnsmasq.logQueries
If enabled, DNSMasq logs all DNS queries
type
boolean
default
{
kampka.services.dns-cache.dnsmasq.logQueries = false;
}
kampka.services.dns-cache.dnsmasq.noNegCache
Disable negative result caching
type
boolean
default
{
kampka.services.dns-cache.dnsmasq.noNegCache = true;
}
kampka.services.dns-cache.dnsmasq.validateDnsSec
If enabled, causes DNSMasq to validate DNSSEC records
type
boolean
default
{
kampka.services.dns-cache.dnsmasq.validateDnsSec = true;
}
kampka.services.dns-cache.upstreamServers
List of upstream dns servers
type
list of submodule
default
{
kampka.services.dns-cache.upstreamServers = [
{
address = "46.182.19.48";
tlsAuthName = "dns2.digitalcourage.de";
tlsPubkeyPinset = {
digest = "sha256";
value = "v7rm6OtQQD3x/wbsdHDZjiDg+utMZvnoX3jq3Vi8tGU=";
};
}
{
address = "2a02:2970:1002::18";
tlsAuthName = "dns2.digitalcourage.de";
tlsPubkeyPinset = {
digest = "sha256";
value = "v7rm6OtQQD3x/wbsdHDZjiDg+utMZvnoX3jq3Vi8tGU=";
};
}
{
address = "80.241.218.68";
tlsAuthName = "fdns1.dismail.de";
tlsPubkeyPinset = {
digest = "sha256";
value = "MMi3E2HZr5A5GL+badqe3tzEPCB00+OmApZqJakbqUU=";
};
}
{
address = "2a02:c205:3001:4558::1";
tlsAuthName = "fdns1.dismail.de";
tlsPubkeyPinset = {
digest = "sha256";
value = "MMi3E2HZr5A5GL+badqe3tzEPCB00+OmApZqJakbqUU=";
};
}
{
address = "159.69.114.157";
tlsAuthName = "fdns2.dismail.de";
tlsPubkeyPinset = {
digest = "sha256";
value = "yJYDim2Wb6tbxUB3yA5ElU/FsRZZhyMXye8sXhKEd1w=";
};
}
{
address = "2a01:4f8:c17:739a::2";
tlsAuthName = "fdns2.dismail.de";
tlsPubkeyPinset = {
digest = "sha256";
value = "yJYDim2Wb6tbxUB3yA5ElU/FsRZZhyMXye8sXhKEd1w=";
};
}
];
}
kampka.services.dns-cache.upstreamServers.*.address
IP address of the upstream DNS server
type
string
example
{
kampka.services.dns-cache.upstreamServers.*.address = "1.1.1.1";
}
kampka.services.dns-cache.upstreamServers.*.tlsAuthName
DNS name for which the certificate has to be valid
type
string
kampka.services.dns-cache.upstreamServers.*.tlsPubkeyPinset
type
submodule
kampka.services.dns-cache.upstreamServers.*.tlsPubkeyPinset.digest
Hash algorithm of the certificate hash
type
string
example
{
kampka.services.dns-cache.upstreamServers.*.tlsPubkeyPinset.digest = "sha256";
}
default
{
kampka.services.dns-cache.upstreamServers.*.tlsPubkeyPinset.digest = "sha256";
}
kampka.services.dns-cache.upstreamServers.*.tlsPubkeyPinset.value
Base64 encoded hash of servers TLS certificate
type
string
kampka.services.luksopen.devices
The list of luks devices to be opened.
type
list of submodule
example
{
kampka.services.luksopen.devices = [
{
source = "/dev/sda";
target = "root";
}
];
}
default
{
kampka.services.luksopen.devices = [];
}
kampka.services.luksopen.devices.*.keyFile
The key file used for decrytion.
type
path
kampka.services.luksopen.devices.*.source
The source device to be openeds
type
string
kampka.services.luksopen.devices.*.target
The target device name
type
string
kampka.services.matrix.enable
Whether to enable matrix home server.
type
boolean
example
{
kampka.services.matrix.enable = true;
}
default
{
kampka.services.matrix.enable = false;
}
kampka.services.matrix.matrix
type
submodule
kampka.services.matrix.matrix.clientPort
The client port used by the home server for clients to connect
type
signed integer
default
{
kampka.services.matrix.matrix.clientPort = 8008;
}
kampka.services.matrix.matrix.dataDir
The directory used by the matrix server to store additional state, like user uploaded files etc.
type
string
default
{
kampka.services.matrix.matrix.dataDir = "/var/lib/matrix-synapse";
}
kampka.services.matrix.matrix.federationPort
The federation port used by the home server
type
signed integer
default
{
kampka.services.matrix.matrix.federationPort = 8448;
}
kampka.services.matrix.matrix.hostName
The full hostname the matrix server is reached at
type
string
kampka.services.matrix.matrix.registration_shared_secret
The registration shared secret
type
string
kampka.services.matrix.matrix.serverName
The public server name of the matrix server
type
string
kampka.services.matrix.matrix.uploadSizeMB
The maximum upload size for files in MB
type
signed integer
default
{
kampka.services.matrix.matrix.uploadSizeMB = 100;
}
kampka.services.matrix.riot
type
submodule
kampka.services.matrix.riot.enable
Whether to enable riot web interface.
type
boolean
example
{
kampka.services.matrix.riot.enable = true;
}
default
{
kampka.services.matrix.riot.enable = false;
}
kampka.services.matrix.riot.hostName
The hostname of the riot web interface
type
string
kampka.services.matrix.turn
type
submodule
kampka.services.matrix.turn.enable
Whether to enable turn server.
type
boolean
example
{
kampka.services.matrix.turn.enable = true;
}
default
{
kampka.services.matrix.turn.enable = false;
}
kampka.services.matrix.turn.hostName
The hostname of the turn server
type
string
kampka.services.matrix.turn.max-port
The highest available UDP port of the turn port range
type
signed integer
default
{
kampka.services.matrix.turn.max-port = 44999;
}
kampka.services.matrix.turn.min-port
The lowest available UDP port of the turn port range
type
signed integer
default
{
kampka.services.matrix.turn.min-port = 49152;
}
kampka.services.matrix.turn.relay-ips
A list of public IPs the turn server advertises on
type
list of string
kampka.services.matrix.turn.turn_shared_secret
The turn shared secret file
type
string
kampka.services.msmtp-mailqueue.enable
Whether to enable sendmail drop-in replacement with mail queue for msmtp.
type
boolean
example
{
kampka.services.msmtp-mailqueue.enable = true;
}
default
{
kampka.services.msmtp-mailqueue.enable = false;
}
kampka.services.msmtp-mailqueue.accountDefault
Name of the default account. Must match one of the account names in accounts.
type
string
kampka.services.msmtp-mailqueue.accounts
type
list of submodule
kampka.services.msmtp-mailqueue.accounts.*.from
The from: mail address used for sending mails
type
string
default
{
kampka.services.msmtp-mailqueue.accounts.*.from = "root";
}
kampka.services.msmtp-mailqueue.accounts.*.host
hostname of the smtp server to use
type
string
kampka.services.msmtp-mailqueue.accounts.*.name
The name of the account
type
string
kampka.services.msmtp-mailqueue.accounts.*.password-file
The file containing the server password used for authentication (plain-text)
type
string
kampka.services.msmtp-mailqueue.accounts.*.port
SMTP port of the server
type
signed integer
default
{
kampka.services.msmtp-mailqueue.accounts.*.port = 587;
}
kampka.services.msmtp-mailqueue.accounts.*.user
The server user name used for authentication
type
string
kampka.services.msmtp-mailqueue.aliases
type
list of submodule
kampka.services.msmtp-mailqueue.aliases.*.aliases
A list of aliases for the local address
type
list of string
kampka.services.msmtp-mailqueue.aliases.*.name
The local address
type
string
kampka.services.msmtp-mailqueue.gpgKeys
PGP public keys used for encrypting the mail.
type
list of path
default
{
kampka.services.msmtp-mailqueue.gpgKeys = [];
}
kampka.services.msmtp-mailqueue.interval
The interval at which to trigger a queue flush. Valid values must conform to systemd.time(7) format.
type
string
default
{
kampka.services.msmtp-mailqueue.interval = "15min";
}
kampka.services.msmtp-mailqueue.mailDir
Directory where the mail queue is stored.
type
string
default
{
kampka.services.msmtp-mailqueue.mailDir = "/var/spool/msmtpq";
}
kampka.services.msmtp-relay.enable
Whether to enable msmtp-relay.
type
boolean
example
{
kampka.services.msmtp-relay.enable = true;
}
default
{
kampka.services.msmtp-relay.enable = false;
}
kampka.services.msmtp-relay.accountDefault
Name of the default account. Must match one of the account names in accounts.
type
string
kampka.services.msmtp-relay.accounts
type
list of submodule
kampka.services.msmtp-relay.accounts.*.from
The from: mail address used for sending mails
type
string
default
{
kampka.services.msmtp-relay.accounts.*.from = "root";
}
kampka.services.msmtp-relay.accounts.*.host
hostname of the smtp server to use
type
string
kampka.services.msmtp-relay.accounts.*.name
The name of the account
type
string
kampka.services.msmtp-relay.accounts.*.password-file
The file containing the server password used for authentication (plain-text)
type
string
kampka.services.msmtp-relay.accounts.*.port
SMTP port of the server
type
signed integer
default
{
kampka.services.msmtp-relay.accounts.*.port = 465;
}
kampka.services.msmtp-relay.accounts.*.user
The server user name used for authentication
type
string
kampka.services.msmtp-relay.aliases
type
list of submodule
kampka.services.msmtp-relay.aliases.*.aliases
A list of aliases for the local address
type
list of string
kampka.services.msmtp-relay.aliases.*.name
The local address
type
string
kampka.services.nginx.enable
Whether to enable nginx.
type
boolean
example
{
kampka.services.nginx.enable = true;
}
default
{
kampka.services.nginx.enable = false;
}
kampka.services.nginx.openFirewallPorts
Whether or not to open the default ports (80, 443) in the firewall.
type
boolean
default
{
kampka.services.nginx.openFirewallPorts = true;
}
kampka.services.nixops-auto-upgrade.enable
Whether to enable nixops-auto-upgrade.
type
boolean
example
{
kampka.services.nixops-auto-upgrade.enable = true;
}
default
{
kampka.services.nixops-auto-upgrade.enable = false;
}
kampka.services.nixops-auto-upgrade.configurationPath
The path of the nix configuration used for running the auto upgrades. Typically, this is ./. in your configuration.nix Note that this path must include all files required to compile the configuration, eg. imports from ../ are not easily supported.
type
path
example
{
kampka.services.nixops-auto-upgrade.configurationPath = "/nix/store/r6jp4syfmjnj2hz93j57nd0xdn2zyhrc-nixops-auto-upgrade";
}
kampka.services.nixops-auto-upgrade.nixPath
The NIX_PATH used as a basis for the unattended upgrades. These paths must be resolvable on the remote host. Therefore, it makes sense to use paths that are resolvable via network, eg. http
type
string
example
{
kampka.services.nixops-auto-upgrade.nixPath = "nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-19.03.tar.gz";
}
kampka.services.ntp.enable
Whether to enable NTP service.
type
boolean
example
{
kampka.services.ntp.enable = true;
}
default
{
kampka.services.ntp.enable = false;
}
kampka.services.ntp.allowAddress
IP addresses or ranges that are allowed to synchronize from this service
type
list of string
example
{
kampka.services.ntp.allowAddress = [
"10.10.0.1"
"10.20.0.0/16"
];
}
default
{
kampka.services.ntp.allowAddress = [];
}
kampka.services.ntp.timeServers
The list of time servers used.
type
list of string
default
{
kampka.services.ntp.timeServers = [
"ptbtime1.ptb.de"
"ptbtime2.ptb.de"
"ptbtime3.ptb.de"
];
}
kampka.services.systemd-failure-email.enable
Whether to enable systemd-failure-email.
type
boolean
example
{
kampka.services.systemd-failure-email.enable = true;
}
default
{
kampka.services.systemd-failure-email.enable = false;
}
kampka.services.systemd-failure-email.receipient
The user or address to receive failure emails.
type
string
default
{
kampka.services.systemd-failure-email.receipient = "root";
}
kampka.services.systemd-failure-email.services
A list of services that should generate emails on failure
type
list of string
default
{
kampka.services.systemd-failure-email.services = [];
}
services.batsky.enable
Whether to enable batsky.
type
boolean
example
{
services.batsky.enable = true;
}
default
{
services.batsky.enable = false;
}
services.batsky.package
type
package
default
{
services.batsky.package = " pkgs.nur.repos.kapack.batsky";
}
services.batsky.args
Basic options for Batsky.
type
null or string
default
{
services.batsky.args = "-d -l /tmp/batsky.log";
}
services.batsky.controller
Hostname which controls the forgered time.
type
null or string
default
{
services.batsky.controller = null;
}
services.batsky.ctrl_args
Basic options for controller.
type
null or string
default
{
services.batsky.ctrl_args = " '-d -l /tmp/batsky-controller.log'";
}
services.bs-munge.enable
Whether to enable bs-munge service.
type
boolean
example
{
services.bs-munge.enable = true;
}
default
{
services.bs-munge.enable = false;
}
services.bs-munge.password
The path to a daemon's secret key.
type
path
default
{
services.bs-munge.password = "/etc/munge/munge.key";
}
services.cigri.package
type
package
default
{
services.cigri.package = "pkgs.nur.repos.kapack.cigri";
}
services.cigri.client.enable
Whether to enable CiGri client.
type
boolean
example
{
services.cigri.client.enable = true;
}
default
{
services.cigri.client.enable = false;
}
services.cigri.database.dbname
Name of the postgresql database
type
string
default
{
services.cigri.database.dbname = "cigri";
}
services.cigri.database.host
Host of the postgresql server.
type
string
default
{
services.cigri.database.host = "localhost";
}
services.cigri.database.passwordFile
A file containing the usernames/passwords for database, content example:
DATABASE_USER_NAME="cigri" DATABASE_USER_PASSWORD="cigri"
type
null or path
example
{
services.cigri.database.passwordFile = "/run/keys/cigri-dbpassword";
}
default
{
services.cigri.database.passwordFile = null;
}
services.cigri.dbserver.enable
Whether to enable CiGri database.
type
boolean
example
{
services.cigri.dbserver.enable = true;
}
default
{
services.cigri.dbserver.enable = false;
}
services.cigri.extraConfig
Extra configuration options that will replace default.
type
attribute set
example
{
services.cigri.extraConfig = {
DEFAULT_JOB_RESOURCES = "/resource_id=1";
LOG_LEVEL = "3";
};
}
default
{
services.cigri.extraConfig = {};
}
services.cigri.server.enable
Whether to enable CiGri server.
type
boolean
example
{
services.cigri.server.enable = true;
}
default
{
services.cigri.server.enable = false;
}
services.cigri.server.api_SSL
Whether to enable Enable API_SSL.
type
boolean
example
{
services.cigri.server.api_SSL = true;
}
default
{
services.cigri.server.api_SSL = false;
}
services.cigri.server.api_base
Base location to Cigir's Rest API.
type
string
default
{
services.cigri.server.api_base = "/cigri-api";
}
services.cigri.server.api_port
Port to access to Cigir's Rest API.
type
signed integer
default
{
services.cigri.server.api_port = 80;
}
services.cigri.server.host
Host of the CiGri server.
type
string
default
{
services.cigri.server.host = "localhost";
}
services.cigri.server.logfile
Specify the log file name.
type
string
example
{
services.cigri.server.logfile = "/var/cigri/state/home/cigri.log";
}
default
{
services.cigri.server.logfile = "/dev/null";
}
services.cigri.server.statePath
Cigri state directory. Configuration, repositories and logs, among other things, are stored here.
The directory will be created automatically if it doesn't exist already.
type
string
default
{
services.cigri.server.statePath = "/var/cigri/state";
}
services.cigri.server.web.enable
Whether to enable Web server to serve rest-api.
type
boolean
example
{
services.cigri.server.web.enable = true;
}
default
{
services.cigri.server.web.enable = false;
}
services.my-startup.enable
Whether to enable My startup .
type
boolean
example
{
services.my-startup.enable = true;
}
default
{
services.my-startup.enable = false;
}
services.my-startup.path
Path to tools used by provided script
type
path
default
{
services.my-startup.path = [];
}
services.my-startup.script
Script File to execute a start time
type
string
default
{
services.my-startup.script = "/etc/my-startup.sh";
}
services.oar.package
type
package
default
{
services.oar.package = "pkgs.nur.repos.kapack.oar";
}
services.oar.client.enable
Whether to enable OAR client.
type
boolean
example
{
services.oar.client.enable = true;
}
default
{
services.oar.client.enable = false;
}
services.oar.database.dbname
Name of the postgresql database
type
string
default
{
services.oar.database.dbname = "oar";
}
services.oar.database.host
Host of the postgresql server.
type
string
default
{
services.oar.database.host = "localhost";
}
services.oar.database.passwordFile
A file containing the usernames/passwords for database, content example:
DataBase user name
DB_BASE_LOGIN="oar"
DataBase user password
DB_BASE_PASSWD="oar"
DataBase read only user name
DB_BASE_LOGIN_RO="oar_ro"
DataBase read only user password
DB_BASE_PASSWD_RO="oar_ro"
type
null or path
example
{
services.oar.database.passwordFile = "/run/keys/oar-dbpassword";
}
default
{
services.oar.database.passwordFile = null;
}
services.oar.dbserver.enable
Whether to enable OAR database.
type
boolean
example
{
services.oar.dbserver.enable = true;
}
default
{
services.oar.dbserver.enable = false;
}
services.oar.extraConfig
Extra configuration options that will replace default.
type
attribute set
example
{
services.oar.extraConfig = {
LOG_LEVEL = "3";
OARSUB_DEFAULT_RESOURCES = "/resource_id=1";
};
}
default
{
services.oar.extraConfig = {};
}
services.oar.node.enable
Whether to enable OAR node.
type
boolean
example
{
services.oar.node.enable = true;
}
default
{
services.oar.node.enable = false;
}
services.oar.node.register.enable
Whether to enable Register node into OAR server.
type
boolean
example
{
services.oar.node.register.enable = true;
}
default
{
services.oar.node.register.enable = false;
}
services.oar.node.register.add
Execute oarnodesseting
type
boolean
default
{
services.oar.node.register.add = true;
}
services.oar.node.register.extraCommand
Extra command called once after registration
type
string
default
{
services.oar.node.register.extraCommand = "";
}
services.oar.oarHomeDir
Home for oar user
type
string
default
{
services.oar.oarHomeDir = "/var/lib/oar";
}
services.oar.privateKeyFile
Private key for oar user
type
string
default
{
services.oar.privateKeyFile = "/run/keys/oar_id_rsa_key";
}
services.oar.publicKeyFile
Public key for oar user
type
string
default
{
services.oar.publicKeyFile = "/run/keys/oar_id_rsa_key.pub";
}
services.oar.server.enable
Whether to enable OAR server.
type
boolean
example
{
services.oar.server.enable = true;
}
default
{
services.oar.server.enable = false;
}
services.oar.server.host
Host of the OAR server.
type
string
default
{
services.oar.server.host = "localhost";
}
services.oar.web.enable
Whether to enable OAR web server and rest-api.
type
boolean
example
{
services.oar.web.enable = true;
}
default
{
services.oar.web.enable = false;
}
services.oar.web.drawgantt.enable
Whether to enable Drawgantt web page.
type
boolean
example
{
services.oar.web.drawgantt.enable = true;
}
default
{
services.oar.web.drawgantt.enable = false;
}
services.oar.web.extraConfig
Extra configuration to append to Nginx's one.
type
string
default
{
services.oar.web.extraConfig = "";
}
services.oar.web.monika.enable
Whether to enable Monkia resources' status web page.
type
boolean
example
{
services.oar.web.monika.enable = true;
}
default
{
services.oar.web.monika.enable = false;
}
services.oar.web.proxy.enable
Whether to enable Enable proxy service based on Traefik.
type
boolean
example
{
services.oar.web.proxy.enable = true;
}
default
{
services.oar.web.proxy.enable = false;
}
services.oar.web.proxy.configOptions
Config for Traefik.
type
attribute set
default
{
services.oar.web.proxy.configOptions = {
defaultentrypoints = [
"http"
];
file = {
filename = "/etc/oar/proxy/rules_oar_traefik.toml";
watch = true;
};
wss = {
protocol = "http";
};
};
}
services.oar.web.proxy.entryPointHttp
Entry Point for proxy server (example "server:5000").
type
string
default
{
services.oar.web.proxy.entryPointHttp = "";
}
services.phpfpm0.extraConfig
Extra configuration that should be put in the global section of
the PHP-FPM configuration file. Do not specify the options
type
null or strings concatenated with "\n"
default
{
services.phpfpm0.extraConfig = null;
}
services.phpfpm0.phpOptions
Options appended to the PHP configuration file
type
strings concatenated with "\n"
example
{
services.phpfpm0.phpOptions = ''
date.timezone = "CET"
'';
}
default
{
services.phpfpm0.phpOptions = "";
}
services.phpfpm0.phpPackage
The PHP package to use for running the PHP-FPM service.
type
package
default
{
services.phpfpm0.phpPackage = "pkgs.php";
}
services.phpfpm0.pools
PHP-FPM pools. If no pools are defined, the PHP-FPM service is disabled.
type
attribute set of submodule
example
{
services.phpfpm0.pools = {
_type = "literalExpression";
text = ''
{
mypool = {
user = "php";
group = "php";
phpPackage = pkgs.php;
settings = ''
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
'';
}
}
'';
};
}
default
{
services.phpfpm0.pools = {};
}
services.phpfpm0.pools.<name>.extraConfig
Extra lines that go into the pool configuration.
See the documentation on
type
null or strings concatenated with "\n"
default
{
services.phpfpm0.pools.<name>.extraConfig = null;
}
services.phpfpm0.pools.<name>.group
Group account under which this pool runs.
type
string
services.phpfpm0.pools.<name>.listen
The address on which to accept FastCGI requests.
type
string
example
{
services.phpfpm0.pools.<name>.listen = "/path/to/unix/socket";
}
default
{
services.phpfpm0.pools.<name>.listen = "";
}
services.phpfpm0.pools.<name>.phpEnv
Environment variables used for this PHP-FPM pool.
type
attribute set of string
example
{
services.phpfpm0.pools.<name>.phpEnv = {
_type = "literalExpression";
text = ''
{
HOSTNAME = "$HOSTNAME";
TMP = "/tmp";
TMPDIR = "/tmp";
TEMP = "/tmp";
}
'';
};
}
default
{
services.phpfpm0.pools.<name>.phpEnv = {};
}
services.phpfpm0.pools.<name>.phpOptions
"Options appended to the PHP configuration file
type
strings concatenated with "\n"
services.phpfpm0.pools.<name>.phpPackage
The PHP package to use for running this PHP-FPM pool.
type
package
default
{
services.phpfpm0.pools.<name>.phpPackage = "config.services.phpfpm.phpPackage";
}
services.phpfpm0.pools.<name>.settings
PHP-FPM pool directives. Refer to the "List of pool directives" section of
for details. Note that settings names must be enclosed in quotes (e.g.type
attribute set of string or signed integer or boolean
example
{
services.phpfpm0.pools.<name>.settings = {
_type = "literalExpression";
text = ''
{
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
}
'';
};
}
default
{
services.phpfpm0.pools.<name>.settings = {};
}
services.phpfpm0.pools.<name>.socket
Path to the unix socket file on which to accept FastCGI requests.
type
string
services.phpfpm0.pools.<name>.user
User account under which this pool runs.
type
string
services.phpfpm0.settings
PHP-FPM global directives. Refer to the "List of global php-fpm.conf directives" section of
for details. Note that settings names must be enclosed in quotes (e.g.type
attribute set of string or signed integer or boolean
default
{
services.phpfpm0.settings = {};
}
hardware.xpadneo.enable
Whether to enable the xpadneo driver for Xbox One wireless controllers.
type
boolean
example
{
hardware.xpadneo.enable = true;
}
default
{
hardware.xpadneo.enable = false;
}
programs.bash.undistractMe.enable
Whether to enable notifications when long-running terminal commands complete.
type
boolean
example
{
programs.bash.undistractMe.enable = true;
}
default
{
programs.bash.undistractMe.enable = false;
}
programs.bash.undistractMe.playSound
Whether to enable notification sounds when long-running terminal commands complete.
type
boolean
example
{
programs.bash.undistractMe.playSound = true;
}
default
{
programs.bash.undistractMe.playSound = false;
}
programs.bash.undistractMe.timeout
Number of seconds it would take for a command to be considered long-running.
type
signed integer
default
{
programs.bash.undistractMe.timeout = 10;
}
programs.gamemode.enable
Whether to enable GameMode to optimise system performance on demand.
type
boolean
example
{
programs.gamemode.enable = true;
}
default
{
programs.gamemode.enable = false;
}
programs.gamemode.enableRenice
Whether to enable CAP_SYS_NICE on gamemoded to support lowering process niceness.
type
boolean
example
{
programs.gamemode.enableRenice = true;
}
default
{
programs.gamemode.enableRenice = true;
}
programs.gamemode.settings
System-wide configuration for GameMode (/etc/gamemode.ini). See gamemoded(8) man page for available settings.
type
attribute set of attribute set of INI atom (null, bool, int, float or string)
example
{
programs.gamemode.settings = {
_type = "literalExpression";
text = ''
{
general = {
renice = 10;
};
# Warning: GPU optimisations have the potential to damage hardware
gpu = {
apply_gpu_optimisations = "accept-responsibility";
gpu_device = 0;
amd_performance_level = "high";
};
custom = {
start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'";
end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'";
};
}
'';
};
}
default
{
programs.gamemode.settings = {};
}
services.bluetooth-autoconnect.enable
Whether to enable bluetooth autoconnect to automatically connect to all paired and trusted bluetooth devices.
type
boolean
example
{
services.bluetooth-autoconnect.enable = true;
}
default
{
services.bluetooth-autoconnect.enable = false;
}
services.replay-sorcery.enable
Whether to enable the ReplaySorcery service for instant-replays.
type
boolean
example
{
services.replay-sorcery.enable = true;
}
default
{
services.replay-sorcery.enable = false;
}
services.replay-sorcery.enableSysAdminCapability
Whether to enable the system admin capability to support hardware accelerated video capture. This is equivalent to running ReplaySorcery as root, so use with caution.
type
boolean
example
{
services.replay-sorcery.enableSysAdminCapability = true;
}
default
{
services.replay-sorcery.enableSysAdminCapability = false;
}
services.replay-sorcery.autoStart
Automatically start ReplaySorcery when graphical-session.target starts.
type
boolean
default
{
services.replay-sorcery.autoStart = false;
}
services.replay-sorcery.settings
System-wide configuration for ReplaySorcery (/etc/replay-sorcery.conf).
type
attribute set of string or signed integer
example
{
services.replay-sorcery.settings = {
_type = "literalExpression";
text = ''
{
videoInput = "hwaccel"; # requires `services.replay-sorcery.enableSysAdminCapability = true`
videoFramerate = 60;
}
'';
};
}
default
{
services.replay-sorcery.settings = {};
}
services.jicofo.enable
Whether to enable Jitsi Conference Focus - component of Jitsi Meet.
type
boolean
example
{
services.jicofo.enable = true;
}
default
{
services.jicofo.enable = false;
}
services.jicofo.bridgeMuc
JID of the internal MUC used to communicate with Videobridges.
type
string
example
{
services.jicofo.bridgeMuc = "jvbbrewery@internal.meet.example.org";
}
services.jicofo.componentPasswordFile
Path to file containing component secret.
type
string
example
{
services.jicofo.componentPasswordFile = "/run/keys/jicofo-component";
}
services.jicofo.config
Contents of the
type
attribute set of string
example
{
services.jicofo.config = {
_type = "literalExpression";
text = ''
{
"org.jitsi.jicofo.auth.URL" = "XMPP:jitsi-meet.example.com";
}
'';
};
}
default
{
services.jicofo.config = {};
}
services.jicofo.userDomain
Domain part of the JID for XMPP user connection.
type
string
example
{
services.jicofo.userDomain = "auth.meet.example.org";
}
services.jicofo.userName
User part of the JID for XMPP user connection.
type
string
default
{
services.jicofo.userName = "focus";
}
services.jicofo.userPasswordFile
Path to file containing password for XMPP user connection.
type
string
example
{
services.jicofo.userPasswordFile = "/run/keys/jicofo-user";
}
services.jicofo.xmppDomain
Domain name of the XMMP server to which to connect as a component.
If null, is used.
type
null or string
example
{
services.jicofo.xmppDomain = "meet.example.org";
}
services.jicofo.xmppHost
Hostname of the XMPP server to connect to.
type
string
example
{
services.jicofo.xmppHost = "localhost";
}
services.jitsi-meet.enable
Whether to enable Jitsi Meet - Secure, Simple and Scalable Video Conferences.
type
boolean
example
{
services.jitsi-meet.enable = true;
}
default
{
services.jitsi-meet.enable = false;
}
services.jitsi-meet.config
Client-side web application settings that override the defaults in
See for default configuration with comments.
type
attribute set
example
{
services.jitsi-meet.config = {
_type = "literalExpression";
text = ''
{
enableWelcomePage = false;
defaultLang = "fi";
}
'';
};
}
default
{
services.jitsi-meet.config = {};
}
services.jitsi-meet.extraConfig
Text to append to
Can be used to insert JavaScript logic to determine user's region in cascading bridges setup.
type
strings concatenated with "\n"
default
{
services.jitsi-meet.extraConfig = "";
}
services.jitsi-meet.hostName
Hostname of the Jitsi Meet instance.
type
string
example
{
services.jitsi-meet.hostName = "meet.example.org";
}
services.jitsi-meet.interfaceConfig
Client-side web-app interface settings that override the defaults in
See for default configuration with comments.
type
attribute set
example
{
services.jitsi-meet.interfaceConfig = {
_type = "literalExpression";
text = ''
{
SHOW_JITSI_WATERMARK = false;
SHOW_WATERMARK_FOR_GUESTS = false;
}
'';
};
}
default
{
services.jitsi-meet.interfaceConfig = {};
}
services.jitsi-meet.jicofo.enable
Whether to enable JiCoFo instance and configure it to connect to Prosody.
Additional configuration is possible with .
type
boolean
default
{
services.jitsi-meet.jicofo.enable = true;
}
services.jitsi-meet.nginx.enable
Whether to enable nginx virtual host that will serve the javascript application and act as a proxy for the XMPP server. Further nginx configuration can be done by adapting
. It is highly recommended to enable the and options:type
boolean
default
{
services.jitsi-meet.nginx.enable = true;
}
services.jitsi-meet.prosody.enable
Whether to configure Prosody to relay XMPP messages between Jitsi Meet components. Turn this off if you want to configure it manually.
type
boolean
default
{
services.jitsi-meet.prosody.enable = true;
}
services.jitsi-meet.videobridge.enable
Whether to enable Jitsi Videobridge instance and configure it to connect to Prosody.
Additional configuration is possible with .
type
boolean
default
{
services.jitsi-meet.videobridge.enable = true;
}
services.jitsi-meet.videobridge.passwordFile
File containing password to the Prosody account for videobridge.
If
type
null or string
example
{
services.jitsi-meet.videobridge.passwordFile = "/run/keys/videobridge";
}
default
{
services.jitsi-meet.videobridge.passwordFile = null;
}
services.jitsi-videobridge.enable
Whether to enable Jitsi Videobridge, a WebRTC compatible video router.
type
boolean
example
{
services.jitsi-videobridge.enable = true;
}
default
{
services.jitsi-videobridge.enable = false;
}
services.jitsi-videobridge.config
Videobridge configuration.
See for default configuration with comments.
type
attribute set
example
{
services.jitsi-videobridge.config = {
_type = "literalExpression";
text = ''
{
videobridge = {
ice.udp.port = 5000;
websockets = {
enabled = true;
server-id = "jvb1";
};
};
}
'';
};
}
default
{
services.jitsi-videobridge.config = {};
}
services.jitsi-videobridge.extraProperties
Additional Java properties passed to jitsi-videobridge.
type
attribute set of string
default
{
services.jitsi-videobridge.extraProperties = {};
}
services.jitsi-videobridge.nat.localAddress
Local address when running behind NAT.
type
null or string
example
{
services.jitsi-videobridge.nat.localAddress = "192.168.1.42";
}
default
{
services.jitsi-videobridge.nat.localAddress = null;
}
services.jitsi-videobridge.nat.publicAddress
Public address when running behind NAT.
type
null or string
example
{
services.jitsi-videobridge.nat.publicAddress = "1.2.3.4";
}
default
{
services.jitsi-videobridge.nat.publicAddress = null;
}
services.jitsi-videobridge.openFirewall
Whether to open ports in the firewall for the videobridge.
type
boolean
default
{
services.jitsi-videobridge.openFirewall = false;
}
services.jitsi-videobridge.xmppConfigs
XMPP servers to connect to.
See for more information.
type
attribute set of submodule
example
{
services.jitsi-videobridge.xmppConfigs = {
_type = "literalExpression";
text = ''
{
"localhost" = {
hostName = "localhost";
userName = "jvb";
domain = "auth.xmpp.example.org";
passwordFile = "/var/lib/jitsi-meet/videobridge-secret";
mucJids = "jvbbrewery@internal.xmpp.example.org";
};
}
'';
};
}
default
{
services.jitsi-videobridge.xmppConfigs = {};
}
services.jitsi-videobridge.xmppConfigs.<name>.disableCertificateVerification
Whether to skip validation of the server's certificate.
type
boolean
default
{
services.jitsi-videobridge.xmppConfigs.<name>.disableCertificateVerification = false;
}
services.jitsi-videobridge.xmppConfigs.<name>.domain
Domain part of JID of the XMPP user, if it is different from hostName.
type
null or string
example
{
services.jitsi-videobridge.xmppConfigs.<name>.domain = "auth.xmpp.example.org";
}
default
{
services.jitsi-videobridge.xmppConfigs.<name>.domain = null;
}
services.jitsi-videobridge.xmppConfigs.<name>.hostName
Hostname of the XMPP server to connect to. Name of the attribute set is used by default.
type
string
example
{
services.jitsi-videobridge.xmppConfigs.<name>.hostName = "xmpp.example.org";
}
services.jitsi-videobridge.xmppConfigs.<name>.mucJids
JID of the MUC to join. JiCoFo needs to be configured to join the same MUC.
type
string
example
{
services.jitsi-videobridge.xmppConfigs.<name>.mucJids = "jvbbrewery@internal.xmpp.example.org";
}
services.jitsi-videobridge.xmppConfigs.<name>.mucNickname
Videobridges use the same XMPP account and need to be distinguished by the nickname (aka resource part of the JID). By default, system hostname is used.
type
string
services.jitsi-videobridge.xmppConfigs.<name>.passwordFile
File containing the password for the user.
type
string
example
{
services.jitsi-videobridge.xmppConfigs.<name>.passwordFile = "/run/keys/jitsi-videobridge-xmpp1";
}
services.jitsi-videobridge.xmppConfigs.<name>.userName
User part of the JID.
type
string
default
{
services.jitsi-videobridge.xmppConfigs.<name>.userName = "jvb";
}
kreisys.bobthefish.enable
Whether to enable Enable Bob the fish.
type
boolean
example
{
kreisys.bobthefish.enable = true;
}
default
{
kreisys.bobthefish.enable = false;
}
kreisys.bobthefish.colorScheme
Available themes:
dark. The default bobthefish theme. light. A lighter version of the default theme. solarized (or solarized-dark), solarized-light. Dark and light variants of Solarized. base16 (or base16-dark), base16-light. Dark and light variants of the default Base16 theme. zenburn. An adaptation of Zenburn. gruvbox. An adaptation of gruvbox. dracula. An adaptation of dracula.
Some of these may not look right if your terminal does not support 24 bit color, in which case you can try one of the terminal schemes (below). However, if you're using Solarized, Base16 (default), or Zenburn in your terminal and the terminal does support 24 bit color, the built in schemes will look nicer.
There are several scheme that use whichever colors you currently have loaded into your terminal. The advantage of using the schemes that fall through to the terminal colors is that they automatically adapt to something acceptable whenever you change the 16 colors in your terminal profile.
terminal (or terminal-dark or terminal-dark-black) terminal-dark-white. Same as terminal, but use white as the foreground color on top of colored segments (in case your colors are very dark). terminal-light (or terminal-light-white) terminal-light-black. Same as terminal-light, but use black as the foreground color on top of colored segments (in case your colors are very bright). For some terminal themes, like dark base16 themes, the path segments in the prompt will be indistinguishable from the background. In those cases, try one of the following variations; they are identical to the terminal schemes except for using bright black (brgrey) and dull white (grey) in the place of black and bright white.
terminal2 (or terminal2-dark or terminal2-dark-black) terminal2-dark-white terminal2-light (or terminal2-light-white) terminal2-light-black
type
one of "dark", "light", "solarized", "solarized-dark", "solarized-light", "base16", "base16-dark", "base16-light", "zenburn", "gruvbox", "dracula", "terminal", "terminal-dark", "terminal-dark-black", "terminal-dark-white", "terminal-light", "terminal-light-white", "terminal-light-black", "terminal2", "terminal2-dark", "terminal2-dark-black", "terminal2-dark-white", "terminal2-light", "terminal2-light-white", "terminal2-light-black"
default
{
kreisys.bobthefish.colorScheme = "base16";
}
kreisys.bobthefish.defaultUser
When this user is logged in, their username will not be displayed in the prompt.
type
Concatenated string
default
{
kreisys.bobthefish.defaultUser = "root";
}
kreisys.bobthefish.useNerdFonts
Set to true if you have a nerd fonts patched font.
type
boolean
default
{
kreisys.bobthefish.useNerdFonts = false;
}
kreisys.cachix.enable
Whether to enable Enable Cachix cache for kreisys NUR.
type
boolean
example
{
kreisys.cachix.enable = true;
}
default
{
kreisys.cachix.enable = false;
}
services.consul.advertise_addr
IP address to publish to nodes in the same datacenter.
type
Concatenated string
default
{
services.consul.advertise_addr = "{{ GetInterfaceIP "eth0" }}";
}
services.consul.advertise_addr_wan
IP address to publish to federated nodes.
type
null or Concatenated string
default
{
services.consul.advertise_addr_wan = null;
}
services.consul.checks
Check definitions
type
list of attribute set
default
{
services.consul.checks = [];
}
services.consul.datacenter
type
Concatenated string
default
{
services.consul.datacenter = "us-east-1";
}
services.consul.server
Be a server.
type
boolean
default
{
services.consul.server = false;
}
services.consul.services
Service definitions
type
list of attribute set
default
{
services.consul.services = [];
}
services.consul.translate_wan_addrs
If set to true, Consul will prefer a node's configured WAN address when servicing DNS and HTTP requests for a node in a remote datacenter. This allows the node to be reached within its own datacenter using its local address, and reached from other datacenters using its WAN address, which is useful in hybrid setups with mixed networks. This is enabled by default.
type
boolean
default
{
services.consul.translate_wan_addrs = true;
}
services.consul.ui
Serve web ui.
type
boolean
default
{
services.consul.ui = false;
}
services.yabai.enable
Whether to enable the yabai window manager.
type
boolean
default
{
services.yabai.enable = false;
}
services.yabai.package
This option specifies the yabai package to use.
type
package
example
{
services.yabai.package = {
_type = "literalExpression";
text = "pkgs.yabai";
};
}
services.yabai.config
Commands for
type
strings concatenated with "\n"
default
{
services.yabai.config = "";
}
programs.tprofile.enable
Wheather to enable tprofile.
type
boolean
default
{
programs.tprofile.enable = false;
}
services.commit-notifier.enable
Whether to enable commit-notifier service.
type
boolean
default
{
services.commit-notifier.enable = false;
}
services.commit-notifier.package
commit-notifier derivation to use.
type
package
default
{
services.commit-notifier.package = "pkgs.nur.repos.linyinfeng.commit-notifier";
}
services.commit-notifier.cron
Update cron expression.
type
string
services.commit-notifier.rustLog
RUST_LOG environment variable;
type
string
default
{
services.commit-notifier.rustLog = "info";
}
services.commit-notifier.tokenFile
Token file for commit-notifier.
type
string
services.dot-tar.enable
Whether to enable dot-tar service.
type
boolean
default
{
services.dot-tar.enable = false;
}
services.dot-tar.package
dot-tar derivation to use.
type
package
default
{
services.dot-tar.package = "pkgs.nur.repos.linyinfeng.dot-tar";
}
services.dot-tar.config
Configuration to use.
type
null or attribute set
default
{
services.dot-tar.config = null;
}
services.dot-tar.configFile
Configuration file to use.
type
null or string
default
{
services.dot-tar.configFile = null;
}
services.trojan.enable
Whether to enable trojan service.
type
boolean
default
{
services.trojan.enable = false;
}
services.trojan.package
Trojan derivation to use.
type
package
default
{
services.trojan.package = "pkgs.nur.repos.linyinfeng.trojan";
}
services.trojan.config
Configuration for trojan service.
type
null or attribute set
default
{
services.trojan.config = null;
}
services.trojan.configFile
Configuration file for trojan service.
type
null or path
default
{
services.trojan.configFile = null;
}
services.trojan.extraOptions
Extra command line options for trojan service.
type
strings concatenated with " "
example
{
services.trojan.extraOptions = "--log LOG_FILE_PATH";
}
default
{
services.trojan.extraOptions = "";
}
services.trojan.group
Group to run trojan.
type
string
default
{
services.trojan.group = "nogroup";
}
services.trojan.user
User to run trojan.
type
string
default
{
services.trojan.user = "nobody";
}
services.vlmcsd.enable
Whether to enable vlmcsd service.
type
boolean
default
{
services.vlmcsd.enable = false;
}
services.vlmcsd.package
Vlmcsd derivation to use.
type
package
default
{
services.vlmcsd.package = "pkgs.nur.repos.linyinfeng.vlmcsd";
}
services.vlmcsd.extraOptions
Extra command line options for vlmcsd service.
type
strings concatenated with " "
example
{
services.vlmcsd.extraOptions = "-L 0.0.0.0:1688 -L [::]:1688";
}
default
{
services.vlmcsd.extraOptions = "";
}
files
type
list of submodule
default
{
files = [];
}
files.*.content
type
null or Concatenated string
default
{
files.*.content = null;
}
files.*.dest
type
Concatenated string
files.*.src
type
null or path
default
{
files.*.src = null;
}
users.users
type
attribute set of submodule
users.users.<name>.files
type
list of submodule
default
{
users.users.<name>.files = [];
}
users.users.<name>.files.*.content
type
null or Concatenated string
default
{
users.users.<name>.files.*.content = null;
}
users.users.<name>.files.*.dest
type
Concatenated string
users.users.<name>.files.*.src
type
null or path
default
{
users.users.<name>.files.*.src = null;
}
cachix.enable
Whether to enable enable cachix.
type
boolean
example
{
cachix.enable = true;
}
default
{
cachix.enable = false;
}
gc-hold.paths
Paths to hold for GC
type
list of package
default
{
gc-hold.paths = [];
}
magit.enable
Whether to enable magit.
type
boolean
example
{
magit.enable = true;
}
default
{
magit.enable = false;
}
programs.adskipped-spotify.enable
Whether to enable enable spotify with adskipper.
type
boolean
example
{
programs.adskipped-spotify.enable = true;
}
default
{
programs.adskipped-spotify.enable = false;
}
programs.hello-world.enable
Whether to enable Hello world module PoC.
type
boolean
example
{
programs.hello-world.enable = true;
}
default
{
programs.hello-world.enable = false;
}
services.cloudflared.enable
Whether to enable Enable cloudflared daemon.
type
boolean
example
{
services.cloudflared.enable = true;
}
default
{
services.cloudflared.enable = false;
}
services.espanso.enable
Whether to enable Espanso: cross platform text expander in Rust.
type
boolean
example
{
services.espanso.enable = true;
}
default
{
services.espanso.enable = false;
}
services.espanso.config
Espanso configuration
type
YAML value
default
{
services.espanso.config = {
matches = [
{
replace = "Hi there!";
trigger = ":espanso";
}
{
replace = "{{mydate}}";
trigger = ":date";
vars = [
{
name = "mydate";
params = {
format = "%m/%d/%Y";
};
type = "date";
}
];
}
{
replace = "{{output}}";
trigger = ":shell";
vars = [
{
name = "output";
params = {
cmd = "echo Hello from your shell";
};
type = "shell";
}
];
}
];
};
}
services.vercel-ddns.enable
Whether to enable Enable vercel-ddns service.
type
boolean
example
{
services.vercel-ddns.enable = true;
}
default
{
services.vercel-ddns.enable = false;
}
services.vercel-ddns.domain
The base domain to attach this machine to
type
string
services.vercel-ddns.fetch-ip
Bash expression to get the current ip
type
string
default
{
services.vercel-ddns.fetch-ip = "curl ifconfig.me";
}
services.vercel-ddns.names
The names of this machine subdomains
type
list of string
services.vercel-ddns.vercelTokenFile
The autorization token for authentication
type
path
vps.pgbackup.enable
Whether to enable Enable postgres backups.
type
boolean
example
{
vps.pgbackup.enable = true;
}
default
{
vps.pgbackup.enable = false;
}
vps.pgbackup.localFolder
Where to store the local backups
type
path
default
{
vps.pgbackup.localFolder = "/backups/postgres";
}
hardware.argonone.enable
Whether to enable the driver for Argon One Raspberry Pi case fan and power button.
type
boolean
example
{
hardware.argonone.enable = true;
}
default
{
hardware.argonone.enable = false;
}
hardware.argonone.package
The package implementing the Argon One driver
type
package
default
{
hardware.argonone.package = "nur.argononed";
}
hardware.openrgb.enable
Whether to enable OpenRGB.
type
boolean
example
{
hardware.openrgb.enable = true;
}
default
{
hardware.openrgb.enable = false;
}
hardware.openrgb.package
The package implementing OpenRGB.
type
package
default
{
hardware.openrgb.package = "pkgs.openrgb";
}
services.jitsi-meet.enable
Whether to enable Jitsi Meet - Secure, Simple and Scalable Video Conferences.
type
boolean
example
{
services.jitsi-meet.enable = true;
}
default
{
services.jitsi-meet.enable = false;
}
services.jitsi-meet.package
type
package
default
{
services.jitsi-meet.package = {
drvPath = "jitsi-meet-1.0.4025";
name = "jitsi-meet-1.0.4025";
outPath = "jitsi-meet-1.0.4025";
type = "derivation";
};
}
services.jitsi-meet.config
Client-side web application settings that override the defaults in
See for default configuration with comments.
type
attribute set
example
{
services.jitsi-meet.config = {
_type = "literalExpression";
text = ''
{
enableWelcomePage = false;
defaultLang = "fi";
}
'';
};
}
default
{
services.jitsi-meet.config = {};
}
services.jitsi-meet.hostName
Hostname of the Jitsi Meet instance.
type
string
example
{
services.jitsi-meet.hostName = "meet.example.org";
}
services.jitsi-meet.interfaceConfig
Client-side web-app interface settings that override the defaults in
See for default configuration with comments.
type
attribute set
example
{
services.jitsi-meet.interfaceConfig = {
_type = "literalExpression";
text = ''
{
SHOW_JITSI_WATERMARK = false;
SHOW_WATERMARK_FOR_GUESTS = false;
}
'';
};
}
default
{
services.jitsi-meet.interfaceConfig = {};
}
services.jitsi-meet.jicofo.package
type
package
default
{
services.jitsi-meet.jicofo.package = {
drvPath = "jicofo-1.0-549";
name = "jicofo-1.0-549";
outPath = "jicofo-1.0-549";
type = "derivation";
};
}
services.jitsi-meet.jicofo.config
Contents of the
type
attribute set of string
example
{
services.jitsi-meet.jicofo.config = {
_type = "literalExpression";
text = ''
{
"org.jitsi.jicofo.auth.URL" = "XMPP:jitsi-meet.example.com";
}
'';
};
}
default
{
services.jitsi-meet.jicofo.config = {};
}
services.jitsi-meet.nginx.enable
Whether to enable nginx virtual host that will serve the javascript application and act as a proxy for the XMPP server. Further nginx configuration can be done by adapting
. It is highly recommended to enable the and options:type
boolean
default
{
services.jitsi-meet.nginx.enable = true;
}
services.jitsi-meet.prosody.enable
Whether to configure Prosody to relay XMPP messages between Jitsi Meet components. Turn this off if you want to configure it manually.
type
boolean
default
{
services.jitsi-meet.prosody.enable = true;
}
services.jitsi-meet.videobridge.enable
Whether to enable Jitsi Videobridge instance and configure it to connect to Prosody.
Additional configuration is possible with .
type
boolean
default
{
services.jitsi-meet.videobridge.enable = true;
}
services.jitsi-videobridge.enable
Whether to enable Jitsi Videobridge, a WebRTC compatible video router.
type
boolean
example
{
services.jitsi-videobridge.enable = true;
}
default
{
services.jitsi-videobridge.enable = false;
}
services.jitsi-videobridge.package
type
package
default
{
services.jitsi-videobridge.package = {
drvPath = "jitsi-videobridge2-2.1-183-gdbddd169";
name = "jitsi-videobridge2-2.1-183-gdbddd169";
outPath = "jitsi-videobridge2-2.1-183-gdbddd169";
type = "derivation";
};
}
services.jitsi-videobridge.config
Videobridge configuration.
See for default configuration with comments.
type
attribute set
example
{
services.jitsi-videobridge.config = {
_type = "literalExpression";
text = ''
{
videobridge = {
ice.udp.port = 5000;
websockets = {
enabled = true;
server-id = "jvb1";
};
};
}
'';
};
}
default
{
services.jitsi-videobridge.config = {};
}
services.jitsi-videobridge.extraProperties
Additional Java properties passed to jitsi-videobridge.
type
attribute set of string
default
{
services.jitsi-videobridge.extraProperties = {};
}
services.jitsi-videobridge.nat.localAddress
Local address when running behind NAT.
type
null or string
example
{
services.jitsi-videobridge.nat.localAddress = "192.168.1.42";
}
default
{
services.jitsi-videobridge.nat.localAddress = null;
}
services.jitsi-videobridge.nat.publicAddress
Public address when running behind NAT.
type
null or string
example
{
services.jitsi-videobridge.nat.publicAddress = "1.2.3.4";
}
default
{
services.jitsi-videobridge.nat.publicAddress = null;
}
services.jitsi-videobridge.openFirewall
Whether to open ports in the firewall for the videobridge.
type
boolean
default
{
services.jitsi-videobridge.openFirewall = false;
}
services.jitsi-videobridge.xmppConfigs
XMPP servers to connect to.
See for more information.
type
attribute set of submodule
example
{
services.jitsi-videobridge.xmppConfigs = {
_type = "literalExpression";
text = ''
{
"localhost" = {
hostName = "localhost";
userName = "jvb";
domain = "auth.xmpp.example.org";
passwordFile = "/var/lib/jitsi-meet/videobridge-secret";
mucJids = "jvbbrewery@internal.xmpp.example.org";
};
}
'';
};
}
default
{
services.jitsi-videobridge.xmppConfigs = {};
}
services.jitsi-videobridge.xmppConfigs.<name>.disableCertificateVerification
Whether to skip validation of the server's certificate.
type
boolean
default
{
services.jitsi-videobridge.xmppConfigs.<name>.disableCertificateVerification = false;
}
services.jitsi-videobridge.xmppConfigs.<name>.domain
Domain part of JID of the XMPP user, if it is different from hostName.
type
null or string
example
{
services.jitsi-videobridge.xmppConfigs.<name>.domain = "auth.xmpp.example.org";
}
default
{
services.jitsi-videobridge.xmppConfigs.<name>.domain = null;
}
services.jitsi-videobridge.xmppConfigs.<name>.hostName
Hostname of the XMPP server to connect to. Name of the attribute set is used by default.
type
string
example
{
services.jitsi-videobridge.xmppConfigs.<name>.hostName = "xmpp.example.org";
}
services.jitsi-videobridge.xmppConfigs.<name>.mucJids
JID of the MUC to join. JiCoFo needs to be configured to join the same MUC.
type
string
example
{
services.jitsi-videobridge.xmppConfigs.<name>.mucJids = "jvbbrewery@internal.xmpp.example.org";
}
services.jitsi-videobridge.xmppConfigs.<name>.mucNickname
Videobridges use the same XMPP account and need to be distinguished by the nickname (aka resource part of the JID). By default, system hostname is used.
type
string
services.jitsi-videobridge.xmppConfigs.<name>.passwordFile
File containing the password for the user.
type
string
example
{
services.jitsi-videobridge.xmppConfigs.<name>.passwordFile = "/run/keys/jitsi-videobridge-xmpp1";
}
services.jitsi-videobridge.xmppConfigs.<name>.userName
User part of the JID.
type
string
default
{
services.jitsi-videobridge.xmppConfigs.<name>.userName = "jvb";
}
services.prometheus-exporters-lnd.enable
Whether to enable the prometheus lnd (Lightning Network Daemon) exporter.
type
boolean
example
{
services.prometheus-exporters-lnd.enable = true;
}
default
{
services.prometheus-exporters-lnd.enable = false;
}
services.prometheus-exporters-lnd.extraFlags
Extra commandline options to pass to the lnd exporter.
type
list of string
default
{
services.prometheus-exporters-lnd.extraFlags = [];
}
services.prometheus-exporters-lnd.firewallFilter
type
string
example
{
services.prometheus-exporters-lnd.firewallFilter = {
_type = "literalExpression";
text = ''
"-i eth0 -p tcp -m tcp --dport 9092"
'';
};
}
default
{
services.prometheus-exporters-lnd.firewallFilter = "-p tcp -m tcp --dport 9092";
}
services.prometheus-exporters-lnd.group
type
string
default
{
services.prometheus-exporters-lnd.group = "lnd-exporter";
}
services.prometheus-exporters-lnd.listenAddress
Address to listen on.
type
string
default
{
services.prometheus-exporters-lnd.listenAddress = "0.0.0.0";
}
services.prometheus-exporters-lnd.lndHost
lnd instance gRPC address:port.
type
string
default
{
services.prometheus-exporters-lnd.lndHost = "localhost:10009";
}
services.prometheus-exporters-lnd.lndMacaroonDir
Path to lnd macaroons.
type
path
services.prometheus-exporters-lnd.lndTlsPath
Path to lnd TLS certificate.
type
path
services.prometheus-exporters-lnd.openFirewall
Open port in firewall for incoming connections.
type
boolean
default
{
services.prometheus-exporters-lnd.openFirewall = false;
}
services.prometheus-exporters-lnd.port
Port to listen on.
type
signed integer
default
{
services.prometheus-exporters-lnd.port = 9092;
}
services.prometheus-exporters-lnd.user
type
string
default
{
services.prometheus-exporters-lnd.user = "lnd-exporter";
}
services.rtl.enable
Whether to enable Ride The Lightning - A full function web browser app for LND and C-Lightning.
type
boolean
example
{
services.rtl.enable = true;
}
default
{
services.rtl.enable = false;
}
services.rtl.host
Host for the rtl node server.
type
string
default
{
services.rtl.host = "localhost";
}
services.rtl.port
Port for the rtl node server.
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
services.rtl.port = 3003;
}
programs.base.enable
type
boolean
default
{
programs.base.enable = false;
}
programs.crostini.enable
type
boolean
default
{
programs.crostini.enable = false;
}
programs.crostini.docker
type
attribute set
default
{
programs.crostini.docker = {};
}
programs.dev.enable
type
boolean
default
{
programs.dev.enable = false;
}
services.docker.enable
Whether to enable Docker
type
boolean
default
{
services.docker.enable = false;
}
services.docker.sudo
Whether to use Sudo to run docker (necessary for Crostini)
type
boolean
default
{
services.docker.sudo = true;
}
services.unison.enable
Whether to enable unison.
type
boolean
example
{
services.unison.enable = true;
}
default
{
services.unison.enable = false;
}
services.unison.package
type
package
default
{
services.unison.package = {
drvPath = "unison-2.52.0";
name = "unison-2.52.0";
outPath = "unison-2.52.0";
type = "derivation";
};
}
services.unison.cpuQuota
type
signed integer
default
{
services.unison.cpuQuota = 75;
}
services.unison.profiles
type
attribute set of attribute set
default
{
services.unison.profiles = {};
}
services.unison.stateDir
type
path
default
{
services.unison.stateDir = "/var/lib/unison";
}
services.throttled-custom.enable
Whether to enable the Lenovo throttling fix.
type
boolean
example
{
services.throttled-custom.enable = true;
}
default
{
services.throttled-custom.enable = false;
}
services.xserver.windowManager.sxmo.enable
Enable Sxmo as a window manager.
type
boolean
default
{
services.xserver.windowManager.sxmo.enable = false;
}
services.xserver.windowManager.sxmo.enablePinePhoneGps
Set up GPS on the PinePhone modem.
type
boolean
default
{
services.xserver.windowManager.sxmo.enablePinePhoneGps = true;
}
services.xserver.windowManager.sxmo.suspendTimeout
The default suspend timeout for sxmo_screenlock.
type
signed integer
default
{
services.xserver.windowManager.sxmo.suspendTimeout = 70;
}
services.xserver.windowManager.sxmo.wallpaperImage
The default image to set as Sxmo's wallpaper.
This setting will be ignored if ~/.config/sxmo/xinit exists in the user's directory.
type
unspecified
default
{
services.xserver.windowManager.sxmo.wallpaperImage = {
drvPath = "nix-wallpaper-mosaic-blue.png";
name = "nix-wallpaper-mosaic-blue.png";
outPath = "nix-wallpaper-mosaic-blue.png";
type = "derivation";
};
}
services.iwd-autocaptiveauth.enable
Whether to enable iwd auto authenticate to captive portals.
type
boolean
example
{
services.iwd-autocaptiveauth.enable = true;
}
default
{
services.iwd-autocaptiveauth.enable = false;
}
services.opensnitch.enable
Whether to enable opensnitch.
type
boolean
example
{
services.opensnitch.enable = true;
}
default
{
services.opensnitch.enable = false;
}
services.opensnitch.extraRules
Set of JSON attribute sets describing default opensnitch rules that are written to /etc/opensnitch/rules.
type
attribute set of attribute set
example
{
services.opensnitch.extraRules = ''
{
kerberos_rule = {
action = "allow";
operator = {
type = "list";
list = [
{
type = "simple";
operand = "dest.host";
data = "kerberos.example.domain";
}
{
type = "simple";
operand = "dest.port";
data = "88";
}
];
};
};
}
'';
}
default
{
services.opensnitch.extraRules = [];
}
services.opensnitch.startUserService
If enabled, run the opensnitch-ui process as a user service in the graphical session. All users' UI processes share the config specified in uiConfig. If this is disabled, opensnitch-ui must be run by some other means.
type
boolean
default
{
services.opensnitch.startUserService = true;
}
services.opensnitch.uiConfig
JSON attribute set for opensnitch-ui config file.
type
attribute set
example
{
services.opensnitch.uiConfig = ''
{
default_timeout = 15;
default_action = "allow";
default_duration = "until restart";
}
'';
}
default
{
services.opensnitch.uiConfig = {
default_action = "deny";
default_duration = "once";
default_timeout = 60;
};
}
services.opensnitch.whitelistHosts
List of destination hosts for which to create default (regexp) allow rules, regardless of other connection properties.
type
list of attribute set
example
{
services.opensnitch.whitelistHosts = "[ { host = "*.nixos.org" } { ip = "127.0.0.1" } ]";
}
default
{
services.opensnitch.whitelistHosts = [];
}
services.opensnitch.whitelistPackages
List of packages for which to generate rules to allow connections from all processes that are located below a package's store path. Intended for process rules which should survive NixOS updates.
type
list of package
default
{
services.opensnitch.whitelistPackages = [
{
drvPath = "nix-2.8.1";
name = "nix-2.8.1";
outPath = "nix-2.8.1";
type = "derivation";
}
];
}
services.cryptpad.enable
Whether to enable the Cryptpad service.
type
boolean
example
{
services.cryptpad.enable = true;
}
default
{
services.cryptpad.enable = false;
}
services.cryptpad.package
Cryptpad package to use.
type
package
default
{
services.cryptpad.package = "pkgs.cryptpad";
}
services.cryptpad.settings
Cryptpad settings using Nix.
type
attribute set of An attribute set with valid types being an integer, boolean, string, an array of strings, or another attrset with the same possible values.
default
{
services.cryptpad.settings = null;
}
services.gonic.enable
Whether to enable gonic music streaming service.
type
boolean
example
{
services.gonic.enable = true;
}
default
{
services.gonic.enable = false;
}
services.gonic.group
Group account under which gonic runs
type
string
default
{
services.gonic.group = "gonic";
}
services.gonic.listen.address
Address to listen on
type
string
default
{
services.gonic.listen.address = "0.0.0.0";
}
services.gonic.listen.port
Port to listen on
type
signed integer
default
{
services.gonic.listen.port = 4747;
}
services.gonic.musicPath
Path to music collection
type
string
default
{
services.gonic.musicPath = "";
}
services.gonic.podcastPath
Path to podcast collection
type
string
default
{
services.gonic.podcastPath = "";
}
services.gonic.scanInterval
Interval in minutes to check for new music
type
null or signed integer
default
{
services.gonic.scanInterval = null;
}
services.gonic.user
User account under which gonic runs
type
string
default
{
services.gonic.user = "gonic";
}
services.vlmcsd.enable
Whether to enable vlmcsd service.
type
boolean
example
{
services.vlmcsd.enable = true;
}
default
{
services.vlmcsd.enable = false;
}
services.vlmcsd.disconnectClients
Disconnect clients after each request
type
boolean
default
{
services.vlmcsd.disconnectClients = false;
}
services.vlmcsd.disconnectTimeout
Disconnect client after
type
signed integer
default
{
services.vlmcsd.disconnectTimeout = 30;
}
services.vlmcsd.listen.address
Address to listen on
type
string
default
{
services.vlmcsd.listen.address = "0.0.0.0";
}
services.vlmcsd.listen.port
Port to listen on
type
signed integer
default
{
services.vlmcsd.listen.port = 1688;
}
services.vlmcsd.openFirewall
Open ports in the firewall for vlmcsd
type
boolean
default
{
services.vlmcsd.openFirewall = false;
}
services.autocutsel.enable
Whether to enable autocutsel.
type
unspecified
default
{
services.autocutsel.enable = false;
}
services.batteryNotifier.enable
Whether to enable battery notifier.
type
unspecified
default
{
services.batteryNotifier.enable = false;
}
services.batteryNotifier.device
Device to monitor.
type
unspecified
default
{
services.batteryNotifier.device = "BAT0";
}
services.batteryNotifier.notifyCapacity
Battery level at which a notification shall be sent.
type
unspecified
default
{
services.batteryNotifier.notifyCapacity = 10;
}
services.batteryNotifier.suspendCapacity
Battery level at which a suspend unless connected shall be sent.
type
unspecified
default
{
services.batteryNotifier.suspendCapacity = 5;
}
services.bloop.install
Whether to enable Bloop build server.
type
boolean
default
{
services.bloop.install = false;
}
services.dunst.enable
Whether to enable dunst. A notification service.
type
unspecified
default
{
services.dunst.enable = false;
}
services.udiskie.enable
Whether to enable udiskie. An automatic external disk mount tool.
type
unspecified
default
{
services.udiskie.enable = false;
}
services.weechat.enable
Whether to enable weechat relay service.
type
unspecified
default
{
services.weechat.enable = false;
}
services.weechat.home
Where weechat configuration is stored.
type
unspecified
default
{
services.weechat.home = "/var/weechat";
}
services.weechat.portsToOpen
Relay ports to open.
type
unspecified
default
{
services.weechat.portsToOpen = [];
}
services.weechat.withMatrix
Whether to enable weechat matrix plugin.
type
unspecified
default
{
services.weechat.withMatrix = false;
}
services.weechat.withSlack
Whether to enable wee-slack plugin.
type
unspecified
default
{
services.weechat.withSlack = false;
}
services.yabai.enable
Whether to enable the yabai window manager.
type
boolean
default
{
services.yabai.enable = false;
}
services.yabai.package
This option specifies the yabai package to use.
type
package
example
{
services.yabai.package = {
_type = "literalExpression";
text = "pkgs.yabai";
};
}
services.yabai.bar.enable
Whether to enable the yabai window manager.
type
boolean
default
{
services.yabai.bar.enable = false;
}
services.yabai.bar.config
Bar settings for
type
strings concatenated with "\n"
default
{
services.yabai.bar.config = ''
yabai -m config status_bar_text_font "Helvetica Neue:Bold:12.0"
yabai -m config status_bar_icon_font "FontAwesome:Regular:12.0"
yabai -m config status_bar_background_color 0xff202020
yabai -m config status_bar_foreground_color 0xffa8a8a8
yabai -m config status_bar_space_icon_strip I II III IV V VI VII VIII IX X
yabai -m config status_bar_power_icon_strip
yabai -m config status_bar_space_icon
yabai -m config status_bar_clock_icon
'';
}
services.yabai.config
Global settings for
type
strings concatenated with "\n"
default
{
services.yabai.config = ''
# global settings
yabai -m config mouse_follows_focus off
yabai -m config focus_follows_mouse off
yabai -m config window_placement second_child
yabai -m config window_topmost off
yabai -m config window_opacity off
yabai -m config window_opacity_duration 0.0
yabai -m config window_shadow on
yabai -m config window_border off
yabai -m config window_border_width 4
yabai -m config active_window_border_color 0xff775759
yabai -m config normal_window_border_color 0xff505050
yabai -m config insert_window_border_color 0xffd75f5f
yabai -m config active_window_opacity 1.0
yabai -m config normal_window_opacity 0.90
yabai -m config split_ratio 0.50
yabai -m config auto_balance off
yabai -m config mouse_modifier fn
yabai -m config mouse_action1 move
yabai -m config mouse_action2 resize
# general space settings
yabai -m config layout bsp
yabai -m config top_padding 20
yabai -m config bottom_padding 20
yabai -m config left_padding 20
yabai -m config right_padding 20
yabai -m config window_gap 10
'';
}
priegger.services.cachix.enable
Whether to enable Enable Cachix cache for priegger NUR.
type
boolean
example
{
priegger.services.cachix.enable = true;
}
default
{
priegger.services.cachix.enable = false;
}
priegger.services.docker.enable
Whether to enable This option enables docker and adds monitoring..
type
boolean
example
{
priegger.services.docker.enable = true;
}
default
{
priegger.services.docker.enable = false;
}
priegger.services.nginx.enable
Whether to enable Enable the Nginx Web Server, set some defaults and enable monitoring..
type
boolean
example
{
priegger.services.nginx.enable = true;
}
default
{
priegger.services.nginx.enable = false;
}
priegger.services.prometheus.enable
Whether to enable Enable the Prometheus monitoring daemon and some exporters..
type
boolean
example
{
priegger.services.prometheus.enable = true;
}
default
{
priegger.services.prometheus.enable = false;
}
priegger.services.prometheus.exporters.node.textfileDirectory
Path to the promethes node exporter textfile directory. This option is read-only.
type
string
priegger.services.reresolve-dns.enable
Whether to enable update kernel DNS entries for wireguard remote endpoints.
type
boolean
example
{
priegger.services.reresolve-dns.enable = true;
}
default
{
priegger.services.reresolve-dns.enable = false;
}
priegger.services.reresolve-dns.interval
The interval at which to trigger a DNS update. Valid values must conform to systemd.time(7) format.
type
string
default
{
priegger.services.reresolve-dns.interval = "minutely";
}
priegger.services.smtp-to-sendmail.enable
Whether to enable Enable the SMTP to sendmail bridge..
type
boolean
example
{
priegger.services.smtp-to-sendmail.enable = true;
}
default
{
priegger.services.smtp-to-sendmail.enable = false;
}
priegger.services.tor.enable
Whether to enable Enable the Tor daemon. By default, the daemon is run without relay, exit or bridge connectivity..
type
boolean
example
{
priegger.services.tor.enable = true;
}
default
{
priegger.services.tor.enable = false;
}
benchmarks
type
attribute set of submodule
benchmarks.<name>.enable
Enable test
type
boolean
default
{
benchmarks.<name>.enable = true;
}
benchmarks.<name>.bench
type
attribute set
benchmarks.<name>.extraSetup
Shell code insterted at the beginning of the script
type
strings concatenated with "\n"
default
{
benchmarks.<name>.extraSetup = "";
}
benchmarks.<name>.params
Parameters to create a benchmark for
type
list of attribute set
default
{
benchmarks.<name>.params = [];
}
benchmarks.<name>.slurmParams
Options for sbatch
type
list of string
default
{
benchmarks.<name>.slurmParams = [];
}
label
Label for test run
type
string
slurm
Generate a slurm script instead of standard shell script
type
boolean
default
{
slurm = false;
}
slurmParams
Options for sbatch
type
list of string
default
{
slurmParams = [];
}
containers
type
attribute set of submodule
containers.<name>.enableDockerSupport
Whether support for the Docker daemon should be added to this declarative container. Note, this will disable a number of important isolation features of this container and should only be enabled if you fully trust the container to access your system as a whole.
type
boolean
example
{
containers.<name>.enableDockerSupport = true;
}
default
{
containers.<name>.enableDockerSupport = false;
}
gtk.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
gtk.enableBase16Theme = false;
}
default
{
gtk.enableBase16Theme = true;
}
programs.bat.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
programs.bat.enableBase16Theme = false;
}
default
{
programs.bat.enableBase16Theme = true;
}
programs.emacs.init.enable
Whether to enable Emacs configuration.
type
boolean
example
{
programs.emacs.init.enable = true;
}
default
{
programs.emacs.init.enable = false;
}
programs.emacs.init.packageQuickstart
Whether to enable package-quickstart. This will make sure that
type
boolean
default
{
programs.emacs.init.packageQuickstart = true;
}
programs.emacs.init.earlyInit
Configuration lines to add in
type
strings concatenated with "\n"
default
{
programs.emacs.init.earlyInit = "";
}
programs.emacs.init.postlude
Configuration lines to add in the end of
type
strings concatenated with "\n"
default
{
programs.emacs.init.postlude = "";
}
programs.emacs.init.prelude
Configuration lines to add in the beginning of
type
strings concatenated with "\n"
default
{
programs.emacs.init.prelude = "";
}
programs.emacs.init.recommendedGcSettings
Whether to enable recommended garbage collection settings.
type
boolean
example
{
programs.emacs.init.recommendedGcSettings = true;
}
default
{
programs.emacs.init.recommendedGcSettings = false;
}
programs.emacs.init.startupTimer
Whether to enable Emacs startup duration timer.
type
boolean
example
{
programs.emacs.init.startupTimer = true;
}
default
{
programs.emacs.init.startupTimer = false;
}
programs.emacs.init.usePackage
Attribute set of use-package configurations.
type
attribute set of submodule
example
{
programs.emacs.init.usePackage = {
_type = "literalExpression";
text = ''
{
dhall-mode = {
mode = [ ''"\\.dhall\\'"'' ];
};
}
'';
};
}
default
{
programs.emacs.init.usePackage = {};
}
programs.emacs.init.usePackage.<name>.enable
Whether to enable Emacs package ‹name›.
type
boolean
example
{
programs.emacs.init.usePackage.<name>.enable = true;
}
default
{
programs.emacs.init.usePackage.<name>.enable = false;
}
programs.emacs.init.usePackage.<name>.package
The package to use for this module. Either the package name within the Emacs package set or a function taking the Emacs package set and returning a package.
type
name of package or function from epkgs to package
default
{
programs.emacs.init.usePackage.<name>.package = "‹name›";
}
programs.emacs.init.usePackage.<name>.after
The entries to use for .
type
list of string
default
{
programs.emacs.init.usePackage.<name>.after = [];
}
programs.emacs.init.usePackage.<name>.bind
The entries to use for .
type
attribute set of string
example
{
programs.emacs.init.usePackage.<name>.bind = {
M-<down> = "drag-stuff-down";
M-<up> = "drag-stuff-up";
};
}
default
{
programs.emacs.init.usePackage.<name>.bind = {};
}
programs.emacs.init.usePackage.<name>.bindKeyMap
The entries to use for .
type
attribute set of string
example
{
programs.emacs.init.usePackage.<name>.bindKeyMap = {
"C-c p" = "projectile-command-map";
};
}
default
{
programs.emacs.init.usePackage.<name>.bindKeyMap = {};
}
programs.emacs.init.usePackage.<name>.bindLocal
The entries to use for local keymaps in .
type
attribute set of attribute set of string
example
{
programs.emacs.init.usePackage.<name>.bindLocal = {
helm-command-map = {
"C-c h" = "helm-execute-persistent-action";
};
};
}
default
{
programs.emacs.init.usePackage.<name>.bindLocal = {};
}
programs.emacs.init.usePackage.<name>.chords
The entries to use for .
type
attribute set of string
example
{
programs.emacs.init.usePackage.<name>.chords = {
jj = "ace-jump-char-mode";
jk = "ace-jump-word-mode";
};
}
default
{
programs.emacs.init.usePackage.<name>.chords = {};
}
programs.emacs.init.usePackage.<name>.command
The entries to use for .
type
list of string
default
{
programs.emacs.init.usePackage.<name>.command = [];
}
programs.emacs.init.usePackage.<name>.config
Code to place in the section.
type
strings concatenated with "\n"
default
{
programs.emacs.init.usePackage.<name>.config = "";
}
programs.emacs.init.usePackage.<name>.defer
The setting.
type
boolean or positive integer, meaning >0
default
{
programs.emacs.init.usePackage.<name>.defer = false;
}
programs.emacs.init.usePackage.<name>.defines
The entries to use for .
type
list of string
default
{
programs.emacs.init.usePackage.<name>.defines = [];
}
programs.emacs.init.usePackage.<name>.demand
The setting.
type
boolean
default
{
programs.emacs.init.usePackage.<name>.demand = false;
}
programs.emacs.init.usePackage.<name>.diminish
The entries to use for .
type
list of string
default
{
programs.emacs.init.usePackage.<name>.diminish = [];
}
programs.emacs.init.usePackage.<name>.extraConfig
Additional lines to place in the use-package configuration.
type
strings concatenated with "\n"
default
{
programs.emacs.init.usePackage.<name>.extraConfig = "";
}
programs.emacs.init.usePackage.<name>.extraPackages
Extra packages to add to .
type
list of package
default
{
programs.emacs.init.usePackage.<name>.extraPackages = [];
}
programs.emacs.init.usePackage.<name>.functions
The entries to use for .
type
list of string
default
{
programs.emacs.init.usePackage.<name>.functions = [];
}
programs.emacs.init.usePackage.<name>.hook
The entries to use for .
type
list of string
default
{
programs.emacs.init.usePackage.<name>.hook = [];
}
programs.emacs.init.usePackage.<name>.init
The entries to use for .
type
strings concatenated with "\n"
default
{
programs.emacs.init.usePackage.<name>.init = "";
}
programs.emacs.init.usePackage.<name>.mode
The entries to use for .
type
list of string
default
{
programs.emacs.init.usePackage.<name>.mode = [];
}
programs.emacs.init.usePackageVerbose
Whether to enable verbose use-package mode.
type
boolean
example
{
programs.emacs.init.usePackageVerbose = true;
}
default
{
programs.emacs.init.usePackageVerbose = false;
}
programs.gnome-terminal.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
programs.gnome-terminal.enableBase16Theme = false;
}
default
{
programs.gnome-terminal.enableBase16Theme = true;
}
programs.jq.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
programs.jq.enableBase16Theme = false;
}
default
{
programs.jq.enableBase16Theme = true;
}
programs.rofi.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
programs.rofi.enableBase16Theme = false;
}
default
{
programs.rofi.enableBase16Theme = true;
}
services.dunst.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
services.dunst.enableBase16Theme = false;
}
default
{
services.dunst.enableBase16Theme = true;
}
services.polybar.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
services.polybar.enableBase16Theme = false;
}
default
{
services.polybar.enableBase16Theme = true;
}
services.screen-locker.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
services.screen-locker.enableBase16Theme = false;
}
default
{
services.screen-locker.enableBase16Theme = true;
}
services.xscreensaver.enableBase16Theme
Enable Base16 theme.
type
boolean
example
{
services.xscreensaver.enableBase16Theme = false;
}
default
{
services.xscreensaver.enableBase16Theme = true;
}
theme.base16.colors.base00
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base00 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base01
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base01 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base02
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base02 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base03
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base03 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base04
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base04 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base05
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base05 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base06
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base06 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base07
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base07 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base08
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base08 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base09
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base09 = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base0A
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base0A = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base0B
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base0B = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base0C
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base0C = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base0D
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base0D = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base0E
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base0E = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.colors.base0F
Color value. Either a hexadecimal or decimal RGB triplet must be given. If a hexadecimal triplet is given then the decimal triplet is automatically populated, and vice versa. That is, the example could be equivalently written
And
red dec: 177, red hex: b1, rgb hex: b12a2a
.
type
submodule
example
{
theme.base16.colors.base0F = {
dec = {
b = 42;
g = 42;
r = 177;
};
};
}
theme.base16.kind
Whether theme is dark or light. The default value is determined by a basic heuristic, if an incorrect value is found then this option must be set explicitly.
type
one of "dark", "light"
example
{
theme.base16.kind = "dark";
}
default
{
theme.base16.kind = {
_type = "literalExpression";
text = ''
"light", if sum of RGB components of base00 color ≥ 382,
"dark", otherwise
'';
};
}
theme.base16.name
The theme name.
type
string
example
{
theme.base16.name = "My-Fine-Theme";
}
pronote-timetable-fetch.enable
Whether to enable NodeJS script to fetch a pronote timetable using Pronote-API.
type
boolean
example
{
pronote-timetable-fetch.enable = true;
}
default
{
pronote-timetable-fetch.enable = false;
}
pronote-timetable-fetch.password
The pronote password to use
type
string
default
{
pronote-timetable-fetch.password = "";
}
pronote-timetable-fetch.url
The pronote url to log in
type
string
default
{
pronote-timetable-fetch.url = "";
}
pronote-timetable-fetch.username
The pronote username to use (in base64)
type
string
default
{
pronote-timetable-fetch.username = "";
}
pronotebot.enable
Whether to enable Pronote bot to open pronote or to open the physics and chemistry book at a specified page.
type
boolean
example
{
pronotebot.enable = true;
}
default
{
pronotebot.enable = false;
}
pronotebot.firefox_profile
The firefox profile to use
type
string
default
{
pronotebot.firefox_profile = "";
}
pronotebot.password
The pronote password to use
type
string
default
{
pronotebot.password = "";
}
pronotebot.username
The pronote username to use
type
string
default
{
pronotebot.username = "";
}
services.hamiltonsamba.enable
Whether to enable Hamilton's samba shares.
type
boolean
example
{
services.hamiltonsamba.enable = true;
}
default
{
services.hamiltonsamba.enable = false;
}
services.numworks.enable
Enable numworks udev rules.
type
boolean
default
{
services.numworks.enable = false;
}
services.redshift-auto.enable
Whether to enable Redshift service that automatically triggers when your eyes are tired of the blue light..
type
boolean
example
{
services.redshift-auto.enable = true;
}
default
{
services.redshift-auto.enable = false;
}
services.redshift-auto.lightColour
How many kelvins do you want when working the day ? The lower, the more red.
type
string
default
{
services.redshift-auto.lightColour = "5000";
}
services.redshift-auto.nightColour
How many kelvins do you want when working late ? The lower, the more red thus the better it is for your eyes.
type
string
default
{
services.redshift-auto.nightColour = "3000";
}
services.redshift-auto.onCalendar
When in the evening do you want your screen to be more respectful of you eyes ? Default is at 4 pm. See systemd.time(7) for more information about the format.
type
string
default
{
services.redshift-auto.onCalendar = "*-*-* 16:00:00";
}
services.scottslounge.enable
Whether to enable Thelounge scott's server.
type
boolean
example
{
services.scottslounge.enable = true;
}
default
{
services.scottslounge.enable = false;
}
services.scottslounge.port
TCP port to listen on for http connections.
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
services.scottslounge.port = 9000;
}
services.simplehaproxy.enable
Whether to enable Simple haproxy wrapper for declarative reverse-proxies.
type
boolean
example
{
services.simplehaproxy.enable = true;
}
default
{
services.simplehaproxy.enable = false;
}
services.simplehaproxy.proxies
Declarative reverse-proxy config
type
attribute set of submodule
example
{
services.simplehaproxy.proxies = {
_type = "literalExpression";
text = ''
{
"testserver" = {
listenPort = 8080;
backendPort = 8080;
backendAddress = "10.0.2.4";
};
};
'';
};
}
default
{
services.simplehaproxy.proxies = {};
}
services.simplehaproxy.proxies.<name>.backendAddress
Address of the backend server
type
string
default
{
services.simplehaproxy.proxies.<name>.backendAddress = "10.0.2.4";
}
services.simplehaproxy.proxies.<name>.backendPort
Port on which the backend server listens
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
services.simplehaproxy.proxies.<name>.backendPort = 80;
}
services.simplehaproxy.proxies.<name>.listenPort
Port for haproxy to listen to
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
services.simplehaproxy.proxies.<name>.listenPort = 80;
}
services.unoconv.enable
Whether to enable Unoconv webservice.
type
boolean
example
{
services.unoconv.enable = true;
}
default
{
services.unoconv.enable = false;
}
services.unoconv.port
Port for unoconv to listen
type
16 bit unsigned integer; between 0 and 65535 (both inclusive)
default
{
services.unoconv.port = 2002;
}
services.xserver.displayManager.lightdm.greeters.slick.enable
Whether to enable linuxmint-greeter as the lightdm greeter.
type
boolean
default
{
services.xserver.displayManager.lightdm.greeters.slick.enable = false;
}
sync-database.enable
Whether to enable Keepass databases 1.x/2.x management utility to synchronize them accross ssh servers and phones.
type
boolean
example
{
sync-database.enable = true;
}
default
{
sync-database.enable = false;
}
sync-database.adb_pull_command
Python 3 format string command to pull files to phone
type
attribute set
default
{
sync-database.adb_pull_command = {
args = "pull {source} {dest}";
command = "adb";
};
}
sync-database.adb_push_command
Python 3 format string command to push files to phone
type
attribute set
default
{
sync-database.adb_push_command = {
args = "push {source} {dest}";
command = "adb";
};
}
sync-database.backup_history_directory
Directory to put the backup tarballs of older passwords
type
string
default
{
sync-database.backup_history_directory = "~/.local/share/passwords/history_backup";
}
sync-database.hosts
SSH server hosts configuration
type
attribute set
example
{
sync-database.hosts = {
host1 = {
port = 22;
user = "root";
};
};
}
default
{
sync-database.hosts = {};
}
sync-database.passwords_directory
Directory where password databases are stored accros your servers and localhost.
type
string
default
{
sync-database.passwords_directory = "~/.local/share/passwords";
}
sync-database.phone_backup_history_directory
Directory to put the backup tarballs of older passwords
type
string
default
{
sync-database.phone_backup_history_directory = "/storage/sdcard/passwords/history_backup";
}
sync-database.phone_passwords_directory
Directory where password databases are stored in your phone.
type
string
default
{
sync-database.phone_passwords_directory = "/storage/sdcard/passwords";
}
programs.aerc.enable
Whether to enable aerc is an email client for your terminal.
type
boolean
example
{
programs.aerc.enable = true;
}
default
{
programs.aerc.enable = false;
}
programs.aerc.package
aerc package to install.
type
package
default
{
programs.aerc.package = {
_type = "literalExpression";
text = "pkgs.aerc";
};
}
programs.aerc.fullName
Full name.
type
string
default
{
programs.aerc.fullName = "";
}
programs.aerc.gPassword
Google app password.
type
string
default
{
programs.aerc.gPassword = "";
}
programs.aerc.gUsername
Google username.
type
string
default
{
programs.aerc.gUsername = "";
}
programs.goldendict.enable
Whether to enable A feature-rich dictionary lookup program.
type
boolean
example
{
programs.goldendict.enable = true;
}
default
{
programs.goldendict.enable = false;
}
programs.goldendict.package
GoldenDict package to install.
type
package
default
{
programs.goldendict.package = {
_type = "literalExpression";
text = "pkgs.goldendict";
};
}
programs.gpxsee.enable
Whether to enable GPS log file viewer and analyzer.
type
boolean
example
{
programs.gpxsee.enable = true;
}
default
{
programs.gpxsee.enable = false;
}
programs.gpxsee.package
GPXSee package to install.
type
package
example
{
programs.gpxsee.package = "pkgs.nur.repos.sikmir.gpxsee-bin";
}
default
{
programs.gpxsee.package = {
_type = "literalExpression";
text = "pkgs.gpxsee";
};
}
programs.gpxsee.demPackage
DEM package to install.
type
null or package
example
{
programs.gpxsee.demPackage = "pkgs.nur.repos.sikmir.dem";
}
default
{
programs.gpxsee.demPackage = null;
}
programs.gpxsee.mapPackages
Map packages to install.
type
list of package
example
{
programs.gpxsee.mapPackages = [
"pkgs.nur.repos.sikmir.gpxsee-maps"
"pkgs.nur.repos.sikmir.maptourist"
];
}
default
{
programs.gpxsee.mapPackages = [];
}
programs.gpxsee.poiPackages
POI packages to install.
type
list of package
example
{
programs.gpxsee.poiPackages = [
"pkgs.nur.repos.sikmir.poi.geocachingSu"
"pkgs.nur.repos.sikmir.poi.westra"
];
}
default
{
programs.gpxsee.poiPackages = [];
}
programs.gpxsee.stylePackage
QtPBFImagePlugin style package to install.
type
null or package
example
{
programs.gpxsee.stylePackage = "pkgs.nur.repos.sikmir.qtpbfimageplugin-styles";
}
default
{
programs.gpxsee.stylePackage = null;
}
programs.josm.enable
Whether to enable An extensible editor for OpenStreetMap.
type
boolean
example
{
programs.josm.enable = true;
}
default
{
programs.josm.enable = false;
}
programs.josm.package
JOSM package to install.
type
package
default
{
programs.josm.package = {
_type = "literalExpression";
text = "pkgs.josm";
};
}
programs.josm.accessTokenKey
OAuth Access Token Key.
type
string
default
{
programs.josm.accessTokenKey = "";
}
programs.josm.accessTokenSecret
OAuth Access Token Secret.
type
string
default
{
programs.josm.accessTokenSecret = "";
}
programs.merkaartor.enable
Whether to enable OpenStreetMap editor.
type
boolean
example
{
programs.merkaartor.enable = true;
}
default
{
programs.merkaartor.enable = false;
}
programs.merkaartor.package
Merkaartor package to install.
type
package
default
{
programs.merkaartor.package = {
_type = "literalExpression";
text = "pkgs.merkaartor";
};
}
programs.merkaartor.password
OSM password.
type
string
default
{
programs.merkaartor.password = "";
}
programs.merkaartor.user
OSM user.
type
string
default
{
programs.merkaartor.user = "";
}
programs.nnn.enable
Whether to enable The missing terminal file manager for X.
type
boolean
example
{
programs.nnn.enable = true;
}
default
{
programs.nnn.enable = false;
}
programs.nnn.package
nnn package to install.
type
package
default
{
programs.nnn.package = {
_type = "literalExpression";
text = "pkgs.nnn";
};
}
programs.nnn.pluginsPackage
nnn plugins package to install.
type
null or package
default
{
programs.nnn.pluginsPackage = null;
}
programs.openorienteering-mapper.enable
Whether to enable An orienteering mapmaking program.
type
boolean
example
{
programs.openorienteering-mapper.enable = true;
}
default
{
programs.openorienteering-mapper.enable = false;
}
programs.openorienteering-mapper.package
OpenOrienteering Mapper package to install.
type
package
example
{
programs.openorienteering-mapper.package = "pkgs.nur.repos.sikmir.openorienteering-mapper-bin";
}
default
{
programs.openorienteering-mapper.package = {
_type = "literalExpression";
text = "pkgs.openorienteering-mapper";
};
}
programs.qmapshack.enable
Whether to enable Consumer grade GIS software.
type
boolean
example
{
programs.qmapshack.enable = true;
}
default
{
programs.qmapshack.enable = false;
}
programs.qmapshack.package
QMapShack package to install.
type
package
example
{
programs.qmapshack.package = "pkgs.nur.repos.sikmir.qmapshack-bin";
}
default
{
programs.qmapshack.package = {
_type = "literalExpression";
text = "pkgs.qmapshack";
};
}
programs.qmapshack.demPackages
DEM packages to install.
type
list of package
example
{
programs.qmapshack.demPackages = [
"pkgs.nur.repos.sikmir.dem"
];
}
default
{
programs.qmapshack.demPackages = [];
}
programs.qmapshack.mapPackages
Map packages to install.
type
list of package
example
{
programs.qmapshack.mapPackages = [
"pkgs.nur.repos.sikmir.qmapshack-onlinemaps"
"pkgs.nur.repos.sikmir.maptourist"
];
}
default
{
programs.qmapshack.mapPackages = [];
}
programs.qmapshack.routinoPackages
Routino DB packages to install.
type
list of package
example
{
programs.qmapshack.routinoPackages = [
"pkgs.nur.repos.sikmir.routinodb"
];
}
default
{
programs.qmapshack.routinoPackages = [];
}
programs.slack-term.enable
Whether to enable Slack client for your terminal.
type
boolean
example
{
programs.slack-term.enable = true;
}
default
{
programs.slack-term.enable = false;
}
programs.slack-term.package
slack-term package to install.
type
package
default
{
programs.slack-term.package = {
_type = "literalExpression";
text = "pkgs.slack-term";
};
}
programs.slack-term.token
Slack token.
type
string
programs.ncmpcpp.enable
Whether to enable Whether to enable ncmpcpp..
type
boolean
example
{
programs.ncmpcpp.enable = true;
}
default
{
programs.ncmpcpp.enable = false;
}
programs.ncmpcpp.package
Package to use for ncmpcpp.
type
package
default
{
programs.ncmpcpp.package = {
drvPath = "ncmpcpp-0.9.2";
name = "ncmpcpp-0.9.2";
outPath = "ncmpcpp-0.9.2";
type = "derivation";
};
}
programs.ncmpcpp.bindings
Key bindings for ncmpcpp. This is a set where the names are keys
(e.g.:
type
attribute set of list of string or list of string
example
{
programs.ncmpcpp.bindings = {
3 = [
"show_search_engine"
"reset_search_engine"
];
enter = [
"play_item"
];
shift-k = [
[
"select_item"
"scroll_up"
]
];
};
}
default
{
programs.ncmpcpp.bindings = {};
}
programs.ncmpcpp.config
Configuration for ncmpcpp. The format is very straightforward, with
two exceptions: booleans are translated to
type
attribute set of string or signed integer or boolean or path or list of string or signed integer or boolean or path
example
{
programs.ncmpcpp.config = {
mpd_port = 6600;
visualizer_color = [
"blue"
"cyan"
"green"
"yellow"
"magenta"
"red"
];
visualizer_in_stereo = true;
visualizer_sync_interval = 30;
visualizer_type = "wave";
};
}
default
{
programs.ncmpcpp.config = {};
}
programs.ncmpcpp.configDirectory
Directory in
If the value is an empty string, the
type
string
default
{
programs.ncmpcpp.configDirectory = "ncmpcpp";
}
services.mpdscribble.enable
Whether to enable Whether to enable mpdscribble..
type
boolean
example
{
services.mpdscribble.enable = true;
}
default
{
services.mpdscribble.enable = false;
}
services.mpdscribble.package
Package to use for mpdscribble.
type
package
default
{
services.mpdscribble.package = {
drvPath = "mpdscribble-0.24";
name = "mpdscribble-0.24";
outPath = "mpdscribble-0.24";
type = "derivation";
};
}
services.mpdscribble.config
type
attribute set of string or signed integer or boolean or path or list of string or attribute set of string or signed integer or boolean or path or list of string
example
{
services.mpdscribble.config = {
host = "localhost";
"libre.fm" = {
password = "myPassword";
url = "https://turtle.libre.fm/";
username = "myUsername";
};
port = 6600;
verbose = 2;
};
}
default
{
services.mpdscribble.config = {};
}
services.mpdscribble.extraConfig
Extra configuration that will be appended to the end.
type
strings concatenated with "\n"
default
{
services.mpdscribble.extraConfig = "";
}
programs.shell-environments.environments
The environments to create shortcuts for.
type
list of submodule
example
{
programs.shell-environments.environments = ''
[{
name = "fluff";
extraPackages = with pkgs; [ neofetch cmatrix sl ];
include = [ "base-editors" ];
bashrc = \'\'
# You can set up your environment further here
alias sl="sl -F -10"
\'\';
}]
'';
}
default
{
programs.shell-environments.environments = [];
}
programs.shell-environments.environments.*.bashrc
type
string
default
{
programs.shell-environments.environments.*.bashrc = "";
}
programs.shell-environments.environments.*.excludeBase
type
boolean
default
{
programs.shell-environments.environments.*.excludeBase = false;
}
programs.shell-environments.environments.*.extraPackages
type
list of package
default
{
programs.shell-environments.environments.*.extraPackages = [];
}
programs.shell-environments.environments.*.include
type
list of string
default
{
programs.shell-environments.environments.*.include = [];
}
programs.shell-environments.environments.*.name
type
string
programs.shell-environments.modules
Composable modules able to be used in environments.
type
attribute set of submodule
example
{
programs.shell-environments.modules = ''
{
base-editors = {
extraPackages = with pkgs; [ vim nano ]; # Add emacs (or ed) in here if you want to
bashrc = \'\'
export EDITOR=vi
export VISUAL=vi
\'\';
};
}
'';
}
default
{
programs.shell-environments.modules = {};
}
programs.shell-environments.modules.<name>.bashrc
type
string
default
{
programs.shell-environments.modules.<name>.bashrc = "";
}
programs.shell-environments.modules.<name>.extraPackages
type
list of package
default
{
programs.shell-environments.modules.<name>.extraPackages = [];
}
programs.shell-environments.modules.<name>.include
type
list of string
default
{
programs.shell-environments.modules.<name>.include = [];
}
binfmt.golang
Whether to enable golang.
type
boolean
example
{
binfmt.golang = true;
}
default
{
binfmt.golang = false;
}
binfmt.java
Whether to enable java binfmt.
type
boolean
example
{
binfmt.java = true;
}
default
{
binfmt.java = false;
}
binfmt.racket
Whether to enable racket.
type
boolean
example
{
binfmt.racket = true;
}
default
{
binfmt.racket = false;
}
binfmt.tcc
Whether to enable tcc.
type
boolean
example
{
binfmt.tcc = true;
}
default
{
binfmt.tcc = false;
}
binfmt.wine
Whether to enable wine.
type
boolean
example
{
binfmt.wine = true;
}
default
{
binfmt.wine = false;
}
environment.files
Unsafe file management with the API of environment.etc, but usable everywhere
type
attribute set of submodule
default
{
environment.files = {};
}
environment.files.<name>.directories
type
attribute set of submodule
default
{
environment.files.<name>.directories = {};
}
environment.files.<name>.directories.<name>.enable
Whether this file should be generated. This option allows specific files to be disabled.
type
boolean
default
{
environment.files.<name>.directories.<name>.enable = true;
}
environment.files.<name>.directories.<name>.gid
GID of created file.
type
null or signed integer
default
{
environment.files.<name>.directories.<name>.gid = null;
}
environment.files.<name>.directories.<name>.group
Group name of created file.
Changing this option takes precedence over
type
null or string
default
{
environment.files.<name>.directories.<name>.group = null;
}
environment.files.<name>.directories.<name>.mode
type
null or string
example
{
environment.files.<name>.directories.<name>.mode = "0600";
}
default
{
environment.files.<name>.directories.<name>.mode = null;
}
environment.files.<name>.directories.<name>.source
Path of the source file.
type
null or path
default
{
environment.files.<name>.directories.<name>.source = null;
}
environment.files.<name>.directories.<name>.uid
UID of created file.
type
null or signed integer
default
{
environment.files.<name>.directories.<name>.uid = null;
}
environment.files.<name>.directories.<name>.user
User name of created file.
Changing this option takes precedence over
type
null or string
default
{
environment.files.<name>.directories.<name>.user = null;
}
environment.files.<name>.files
type
attribute set of submodule
default
{
environment.files.<name>.files = {};
}
environment.files.<name>.files.<name>.enable
Whether this file should be generated. This option allows specific files to be disabled.
type
boolean
default
{
environment.files.<name>.files.<name>.enable = true;
}
environment.files.<name>.files.<name>.gid
GID of created file.
type
null or signed integer
default
{
environment.files.<name>.files.<name>.gid = null;
}
environment.files.<name>.files.<name>.group
Group name of created file.
Changing this option takes precedence over
type
null or string
default
{
environment.files.<name>.files.<name>.group = null;
}
environment.files.<name>.files.<name>.mode
type
null or string
example
{
environment.files.<name>.files.<name>.mode = "0600";
}
default
{
environment.files.<name>.files.<name>.mode = null;
}
environment.files.<name>.files.<name>.source
Path of the source file.
type
path
environment.files.<name>.files.<name>.text
Text of the file.
type
null or strings concatenated with "\n"
default
{
environment.files.<name>.files.<name>.text = null;
}
environment.files.<name>.files.<name>.uid
UID of created file.
type
null or signed integer
default
{
environment.files.<name>.files.<name>.uid = null;
}
environment.files.<name>.files.<name>.user
User name of created file.
Changing this option takes precedence over
type
null or string
default
{
environment.files.<name>.files.<name>.user = null;
}
environment.files.<name>.root
type
string
default
{
environment.files.<name>.root = "";
}
services.auto-tinc.networks
type
attribute set of submodule
default
{
services.auto-tinc.networks = {};
}
services.auto-tinc.networks.<name>.package
type
package
default
{
services.auto-tinc.networks.<name>.package = {
drvPath = "tinc-1.1pre18";
name = "tinc-1.1pre18";
outPath = "tinc-1.1pre18";
type = "derivation";
};
}
services.auto-tinc.networks.<name>.entry
type
list of string
services.auto-tinc.networks.<name>.hostDNS
Whether to enable Host DNS server for this network on this node.
type
boolean
example
{
services.auto-tinc.networks.<name>.hostDNS = true;
}
default
{
services.auto-tinc.networks.<name>.hostDNS = false;
}
services.auto-tinc.networks.<name>.hosts
type
attribute set of submodule
default
{
services.auto-tinc.networks.<name>.hosts = {};
}
services.auto-tinc.networks.<name>.hosts.<name>.config
type
string
default
{
services.auto-tinc.networks.<name>.hosts.<name>.config = "";
}
services.auto-tinc.networks.<name>.hosts.<name>.ipv4Suffix
type
null or string
default
{
services.auto-tinc.networks.<name>.hosts.<name>.ipv4Suffix = null;
}
services.auto-tinc.networks.<name>.hosts.<name>.ipv6Suffix
type
null or string
default
{
services.auto-tinc.networks.<name>.hosts.<name>.ipv6Suffix = null;
}
services.auto-tinc.networks.<name>.ipv4Prefix
type
null or string
default
{
services.auto-tinc.networks.<name>.ipv4Prefix = null;
}
services.auto-tinc.networks.<name>.ipv6Prefix
type
null or string
default
{
services.auto-tinc.networks.<name>.ipv6Prefix = "fd7f:8482:73b2::";
}
services.auto-tinc.networks.<name>.trusted
type
boolean
default
{
services.auto-tinc.networks.<name>.trusted = false;
}
services.duplicity.enable
Whether to enable duplicity.
type
boolean
example
{
services.duplicity.enable = true;
}
default
{
services.duplicity.enable = false;
}
services.duplicity.package
type
package
default
{
services.duplicity.package = {
drvPath = "duplicity-0.8.20";
name = "duplicity-0.8.20";
outPath = "duplicity-0.8.20";
type = "derivation";
};
}
services.duplicity.cpuQuota
type
signed integer
default
{
services.duplicity.cpuQuota = 75;
}
services.duplicity.stateDir
type
path
default
{
services.duplicity.stateDir = "/var/lib/duplicity";
}
services.duplicity.stores
type
attribute set of submodule
default
{
services.duplicity.stores = {};
}
services.duplicity.stores.<name>.dir
type
string
services.duplicity.stores.<name>.exclude
type
list of string
default
{
services.duplicity.stores.<name>.exclude = [];
}
services.duplicity.stores.<name>.expiration
type
string
default
{
services.duplicity.stores.<name>.expiration = "30D";
}
services.duplicity.stores.<name>.extraArgs
type
list of string
default
{
services.duplicity.stores.<name>.extraArgs = [];
}
services.duplicity.stores.<name>.include
type
list of string
default
{
services.duplicity.stores.<name>.include = [];
}
services.duplicity.stores.<name>.numFullToKeep
type
signed integer
default
{
services.duplicity.stores.<name>.numFullToKeep = 3;
}
services.duplicity.stores.<name>.numRetries
type
signed integer
default
{
services.duplicity.stores.<name>.numRetries = 3;
}
services.duplicity.stores.<name>.postHook
type
string
default
{
services.duplicity.stores.<name>.postHook = "";
}
services.duplicity.stores.<name>.preHook
type
string
default
{
services.duplicity.stores.<name>.preHook = "";
}
services.duplicity.stores.<name>.remote
type
string
services.duplicity.stores.<name>.time
type
string
default
{
services.duplicity.stores.<name>.time = "04:04";
}
services.duplicity.stores.<name>.volSize
type
signed integer
default
{
services.duplicity.stores.<name>.volSize = 250;
}
services.hydra-poll.jobs
type
attribute set of submodule
default
{
services.hydra-poll.jobs = {};
}
services.hydra-poll.jobs.<name>.endpoint.name
type
Concatenated string
services.hydra-poll.jobs.<name>.endpoint.url
type
Concatenated string
services.hydra-poll.jobs.<name>.interval
type
Concatenated string
services.hydra-poll.jobs.<name>.job
type
Concatenated string
services.hydra-poll.jobs.<name>.jobset
type
Concatenated string
services.hydra-poll.jobs.<name>.project
type
Concatenated string
services.hydra-poll.jobs.<name>.root
type
path
services.unison.enable
Whether to enable unison.
type
boolean
example
{
services.unison.enable = true;
}
default
{
services.unison.enable = false;
}
services.unison.package
type
package
default
{
services.unison.package = {
drvPath = "unison-2.52.0";
name = "unison-2.52.0";
outPath = "unison-2.52.0";
type = "derivation";
};
}
services.unison.cpuQuota
type
signed integer
default
{
services.unison.cpuQuota = 75;
}
services.unison.profiles
type
attribute set of attribute set
default
{
services.unison.profiles = {};
}
services.unison.stateDir
type
path
default
{
services.unison.stateDir = "/var/lib/unison";
}
services.writefreely.enable
Whether to enable writefreely.
type
unspecified
default
{
services.writefreely.enable = false;
}
services.writefreely.config
Set options in the writefreely ini file. You must set the following options: app.host app.site_description app.site_name server.port All other values will use defaults set in the module.
type
unspecified
default
{
services.writefreely.config = {};
}
services.writefreely.configFile
Path to the writefreely ini file. Overrides the config option. You need to provide a fully working configuration file and setup all paths yourself. You MUST set templates_parent_dir, static_parent_dir and pages_parent_dir in the [server] section or writefreely will probably fail.
type
unspecified
default
{
services.writefreely.configFile = null;
}
services.writefreely.dataPath
Writefreely working directory. Important if you use relative paths in your config.
type
unspecified
default
{
services.writefreely.dataPath = "/var/lib/writefreely";
}
services.writefreely.defaultUserPass
Add an inital user. Format: USER:PASSWORD
type
unspecified
default
{
services.writefreely.defaultUserPass = null;
}
services.writefreely.group
The group to run writefreely as (default same as user)
type
unspecified
default
{
services.writefreely.group = "writefreely";
}
services.writefreely.user
The user to run writefreely as
type
unspecified
default
{
services.writefreely.user = "writefreely";
}
services.tox-node.enable
Whether to enable Tox Node service.
type
boolean
example
{
services.tox-node.enable = true;
}
default
{
services.tox-node.enable = false;
}
services.tox-node.keysFile
type
Concatenated string
default
{
services.tox-node.keysFile = "/var/lib/tox-node/keys";
}
services.tox-node.lanDiscovery
type
boolean
default
{
services.tox-node.lanDiscovery = true;
}
services.tox-node.logType
type
Concatenated string
default
{
services.tox-node.logType = "Stderr";
}
services.tox-node.motd
type
Concatenated string
default
{
services.tox-node.motd = "Hi from tox-rs! I'm up {{uptime}}. TCP: incoming {{tcp_packets_in}}, outgoing {{tcp_packets_out}}, UDP: incoming {{udp_packets_in}}, outgoing {{udp_packets_out}}";
}
services.tox-node.tcpAddresses
type
list of Concatenated string
default
{
services.tox-node.tcpAddresses = [
"0.0.0.0:33445"
];
}
services.tox-node.tcpConnectionLimit
type
signed integer
default
{
services.tox-node.tcpConnectionLimit = 8192;
}
services.tox-node.threads
type
signed integer
default
{
services.tox-node.threads = 1;
}
services.tox-node.udpAddress
type
Concatenated string
default
{
services.tox-node.udpAddress = "0.0.0.0:33445";
}
core.home-manager.enable
Enable core.home-manager
type
boolean
default
{
core.home-manager.enable = true;
}
core.nix.enable
Enable core.nix
type
boolean
default
{
core.nix.enable = true;
}
core.nix.buildCores
Maximum number of concurrent tasks during one build.
type
signed integer
example
{
core.nix.buildCores = 4;
}
default
{
core.nix.buildCores = 2;
}
core.nix.gcDates
Specification (in the format described by systemd.time(7)) of the time at which the garbage collector will run.
type
string
default
{
core.nix.gcDates = "daily";
}
core.nix.localCaches
List of local nix caches
type
list of string
default
{
core.nix.localCaches = [
"http://nix.cache.home"
];
}
core.nix.olderThan
Number of day to keep when garbage collect
type
string
default
{
core.nix.olderThan = "15d";
}
core.nur.enable
Enable core.nur
type
boolean
default
{
core.nur.enable = true;
}
hardware.sane.extraConfig
type
attribute set of strings concatenated with "\n"
example
{
hardware.sane.extraConfig = {
some-backend = "# some lines to add to its .conf";
};
}
default
{
hardware.sane.extraConfig = {};
}
nix.supportedPlatforms
extra platforms that nix will run binaries for
type
list of string
default
{
nix.supportedPlatforms = [];
}
profiles.avahi.enable
Enable avahi profile
type
boolean
default
{
profiles.avahi.enable = false;
}
profiles.base.enable
Enable base profile
type
boolean
default
{
profiles.base.enable = true;
}
profiles.desktop.enable
Enable desktop profile
type
boolean
default
{
profiles.desktop.enable = false;
}
profiles.desktop.autoLogin
Enable auto login
type
boolean
default
{
profiles.desktop.autoLogin = false;
}
profiles.desktop.avahi
Enable avahi with the desktop profile
type
boolean
default
{
profiles.desktop.avahi = true;
}
profiles.desktop.flatpak
Enable flatpak with the desktop profile
type
boolean
default
{
profiles.desktop.flatpak = true;
}
profiles.desktop.networkmanager
Enable networkmanager with the desktop profile
type
boolean
default
{
profiles.desktop.networkmanager = true;
}
profiles.desktop.printing
Enable printing with the desktop profile
type
boolean
default
{
profiles.desktop.printing = true;
}
profiles.desktop.pulseaudio
Enable pulseaudio with the desktop profile
type
boolean
default
{
profiles.desktop.pulseaudio = true;
}
profiles.desktop.scanning
Enable scanning with the desktop profile
type
boolean
default
{
profiles.desktop.scanning = true;
}
profiles.desktop.syncthing
Enable syncthing with the desktop profile
type
boolean
default
{
profiles.desktop.syncthing = true;
}
profiles.dev.enable
Enable dev profile
type
boolean
default
{
profiles.dev.enable = false;
}
profiles.dev.vscode.enable
Whether to enable Enable VS Code profile.
type
boolean
example
{
profiles.dev.vscode.enable = true;
}
default
{
profiles.dev.vscode.enable = false;
}
profiles.docker.enable
Enable docker profile
type
boolean
default
{
profiles.docker.enable = false;
}
profiles.docker.package
docker package to be used
type
package
default
{
profiles.docker.package = {
drvPath = "docker-20.10.16";
name = "docker-20.10.16";
outPath = "docker-20.10.16";
type = "derivation";
};
}
profiles.docker.runcPackage
runc package to be used
type
package
default
{
profiles.docker.runcPackage = {
drvPath = "runc-1.1.2";
name = "runc-1.1.2";
outPath = "runc-1.1.2";
type = "derivation";
};
}
profiles.gaming.enable
Enable gaming profile
type
boolean
default
{
profiles.gaming.enable = false;
}
profiles.git.enable
Enable git profile
type
boolean
default
{
profiles.git.enable = false;
}
profiles.home
Whether to enable Enable home profile.
type
boolean
example
{
profiles.home = true;
}
default
{
profiles.home = false;
}
profiles.i18n.enable
Enable i18n profile
type
boolean
default
{
profiles.i18n.enable = true;
}
profiles.ipfs.enable
Enable ipfs profile
type
boolean
default
{
profiles.ipfs.enable = false;
}
profiles.ipfs.autoMount
Automount /ipfs and /ipns
type
boolean
default
{
profiles.ipfs.autoMount = true;
}
profiles.ipfs.extraConfig
Extra ipfs daemon configuration
type
attribute set
default
{
profiles.ipfs.extraConfig = {
Datastore = {
StorageMax = "40GB";
};
};
}
profiles.ipfs.localDiscovery
Enable local discovery, switch profile to server if disable
type
boolean
default
{
profiles.ipfs.localDiscovery = true;
}
profiles.laptop.enable
Enable laptop profile
type
boolean
default
{
profiles.laptop.enable = false;
}
profiles.mail.enable
Enable mail profile
type
boolean
default
{
profiles.mail.enable = true;
}
profiles.mails.enable
Whether to enable Enable mails configuration.
type
boolean
example
{
profiles.mails.enable = true;
}
default
{
profiles.mails.enable = false;
}
profiles.mails.frequency
Frequency at which the mail should be checked
type
string
default
{
profiles.mails.frequency = "*:0/30";
}
profiles.mails.sync
Whether to enable Enable sync mail service.
type
boolean
example
{
profiles.mails.sync = true;
}
default
{
profiles.mails.sync = false;
}
profiles.nix-auto-update.enable
Enable nix-auto-update profile
type
boolean
default
{
profiles.nix-auto-update.enable = true;
}
profiles.nix-auto-update.autoUpgrade
Automatically try to upgrade the system
type
boolean
default
{
profiles.nix-auto-update.autoUpgrade = true;
}
profiles.nix-auto-update.dates
Specification (in the format described by systemd.time(7)) of the time at which the auto-update will run.
type
string
default
{
profiles.nix-auto-update.dates = "weekly";
}
profiles.nix-auto-update.version
System version (NixOS)
type
string
default
{
profiles.nix-auto-update.version = "20.03";
}
profiles.printing.enable
Enable printing profile
type
boolean
default
{
profiles.printing.enable = false;
}
profiles.pulseaudio.enable
Enable pulseaudio profile
type
boolean
default
{
profiles.pulseaudio.enable = false;
}
profiles.pulseaudio.tcp
Enable pulseaudio tcp
type
boolean
default
{
profiles.pulseaudio.tcp = false;
}
profiles.qemu-user.aarch64
Whether to enable enable 64bit arm emulation.
type
boolean
example
{
profiles.qemu-user.aarch64 = true;
}
default
{
profiles.qemu-user.aarch64 = false;
}
profiles.qemu-user.arm
Whether to enable enable 32bit arm emulation.
type
boolean
example
{
profiles.qemu-user.arm = true;
}
default
{
profiles.qemu-user.arm = false;
}
profiles.qemu-user.riscv64
Whether to enable enable 64bit riscv emulation.
type
boolean
example
{
profiles.qemu-user.riscv64 = true;
}
default
{
profiles.qemu-user.riscv64 = false;
}
profiles.scanning.enable
Enable scanning profile
type
boolean
default
{
profiles.scanning.enable = false;
}
profiles.ssh.enable
Enable ssh profile
type
boolean
default
{
profiles.ssh.enable = false;
}
profiles.ssh.forwardX11
Whether to allow X11 connections to be forwarded.
type
boolean
default
{
profiles.ssh.forwardX11 = false;
}
profiles.syncthing.enable
Enable syncthing profile
type
boolean
default
{
profiles.syncthing.enable = false;
}
profiles.virtualization.enable
Enable virtualization profile
type
boolean
default
{
profiles.virtualization.enable = false;
}
profiles.virtualization.listenTCP
Make libvirt listen to TCP
type
boolean
default
{
profiles.virtualization.listenTCP = false;
}
profiles.virtualization.nested
Enable nested virtualization
type
boolean
default
{
profiles.virtualization.nested = false;
}
profiles.wireguard.server.enable
Enable wireguard.server profile
type
boolean
default
{
profiles.wireguard.server.enable = false;
}
profiles.yubikey.enable
Enable yubikey profile
type
boolean
default
{
profiles.yubikey.enable = false;
}
profiles.zsh.enable
Enable zsh profile
type
boolean
default
{
profiles.zsh.enable = true;
}
programs.podman.enable
Whether to configure podman
type
boolean
default
{
programs.podman.enable = false;
}
programs.podman.package
podman package to be used
type
package
default
{
programs.podman.package = {
drvPath = "podman-wrapper-4.1.0";
name = "podman-wrapper-4.1.0";
outPath = "podman-wrapper-4.1.0";
type = "derivation";
};
}
programs.podman.cniPackage
cni package to be used
type
package
default
{
programs.podman.cniPackage = {
drvPath = "cni-0.8.1";
name = "cni-0.8.1";
outPath = "cni-0.8.1";
type = "derivation";
};
}
programs.podman.cniPluginsPackage
cni-plugins package to be used
type
package
default
{
programs.podman.cniPluginsPackage = {
drvPath = "cni-plugins-1.1.1";
name = "cni-plugins-1.1.1";
outPath = "cni-plugins-1.1.1";
type = "derivation";
};
}
programs.podman.conmonPackage
conmon package to be used
type
package
default
{
programs.podman.conmonPackage = {
drvPath = "conmon-2.1.0";
name = "conmon-2.1.0";
outPath = "conmon-2.1.0";
type = "derivation";
};
}
programs.podman.runcPackage
runc package to be used
type
package
default
{
programs.podman.runcPackage = {
drvPath = "runc-1.1.2";
name = "runc-1.1.2";
outPath = "runc-1.1.2";
type = "derivation";
};
}
services.emacs-server.enable
Whether to enable the Emacs daemon.
type
boolean
example
{
services.emacs-server.enable = true;
}
default
{
services.emacs-server.enable = false;
}
services.emacs-server.package
The Emacs package to use for running the daemon.
type
package
services.emacs-server.extraOptions
The extra command-line options to pass to
type
strings concatenated with " "
default
{
services.emacs-server.extraOptions = "";
}
services.emacs-server.name
Name of the emacs server
type
string
default
{
services.emacs-server.name = "default";
}
services.emacs-server.shell
The shell used for starting Emacs.
type
string
services.nix-binary-cache.enable
Enable nix-binary-cache
type
boolean
default
{
services.nix-binary-cache.enable = false;
}
services.nix-binary-cache.aliases
server aliases to serve
type
list of string
default
{
services.nix-binary-cache.aliases = [];
}
services.nix-binary-cache.domain
domain to serve
type
string
services.wireguard.enable
Whether to enable a reverse SSH proxy.
type
boolean
default
{
services.wireguard.enable = false;
}
services.wireguard.allowedIPs
The peer (server) allowedIPs
type
list of string
default
{
services.wireguard.allowedIPs = [
"10.100.0.0/24"
];
}
services.wireguard.endpoint
The endpoint IP to target
type
string
services.wireguard.endpointPort
The endpoint Port to target
type
signed integer
default
{
services.wireguard.endpointPort = 51820;
}
services.wireguard.endpointPublicKey
The peer (server) public key
type
string
services.wireguard.ips
The client IPs
type
list of string
virtualisation.buildkitd.enable
This option enables buildkitd
type
boolean
default
{
virtualisation.buildkitd.enable = false;
}
virtualisation.buildkitd.package
Buildkitd package to be used in the module
type
package
example
{
virtualisation.buildkitd.package = {
drvPath = "buildkit-0.10.3";
name = "buildkit-0.10.3";
outPath = "buildkit-0.10.3";
type = "derivation";
};
}
default
{
virtualisation.buildkitd.package = {
drvPath = "buildkit-0.10.3";
name = "buildkit-0.10.3";
outPath = "buildkit-0.10.3";
type = "derivation";
};
}
virtualisation.buildkitd.packages
List of packages to be added to buildkitd service path
type
list of package
default
{
virtualisation.buildkitd.packages = [
{
drvPath = "runc-1.1.2";
name = "runc-1.1.2";
outPath = "runc-1.1.2";
type = "derivation";
}
{
drvPath = "git-2.36.0";
name = "git-2.36.0";
outPath = "git-2.36.0";
type = "derivation";
}
];
}
virtualisation.buildkitd.extraOptions
The extra command-line options to pass to
type
strings concatenated with " "
default
{
virtualisation.buildkitd.extraOptions = "";
}
virtualisation.buildkitd.listenOptions
A list of unix and tcp buildkitd should listen to. The format follows ListenStream as described in systemd.socket(5).
type
list of string
default
{
virtualisation.buildkitd.listenOptions = [
"/run/buildkitd/buildkitd.sock"
];
}
virtualisation.containerd.enable
This option enables containerd, a daemon that manages linux containers.
type
boolean
default
{
virtualisation.containerd.enable = false;
}
virtualisation.containerd.package
Containerd package to be used in the module
type
package
example
{
virtualisation.containerd.package = {
drvPath = "containerd-1.6.4";
name = "containerd-1.6.4";
outPath = "containerd-1.6.4";
type = "derivation";
};
}
default
{
virtualisation.containerd.package = {
drvPath = "containerd-1.6.4";
name = "containerd-1.6.4";
outPath = "containerd-1.6.4";
type = "derivation";
};
}
virtualisation.containerd.packages
List of packages to be added to containerd service path
type
list of package
default
{
virtualisation.containerd.packages = [
{
drvPath = "runc-1.1.2";
name = "runc-1.1.2";
outPath = "runc-1.1.2";
type = "derivation";
}
];
}
virtualisation.containerd.extraOptions
The extra command-line options to pass to
type
strings concatenated with " "
default
{
virtualisation.containerd.extraOptions = "";
}
virtualisation.containerd.listenOptions
A list of unix and tcp containerd should listen to. The format follows ListenStream as described in systemd.socket(5).
type
list of string
default
{
virtualisation.containerd.listenOptions = [
"/run/containerd/containerd.sock"
];
}
looking-glass-module.enable
Whether to enable LookingGlass kernel module.
type
boolean
example
{
looking-glass-module.enable = true;
}
default
{
looking-glass-module.enable = false;
}
looking-glass-module.kernel
Linux kernel to build the module with
type
package
example
{
looking-glass-module.kernel = "pkgs.linuxPackages_5_10.kernel";
}
looking-glass-module.sizes
Sizes of shared memory devices
type
list of unsigned integer, meaning >=0
example
{
looking-glass-module.sizes = "[128 64]";
}
looking-glass-module.user
Owner of devices in /dev/kvmfr*. The user can open the device for rendering in LookingGlass client.
type
string
example
{
looking-glass-module.user = "jane";
}
qemuVerbatimConfig.enable
Whether to enable qemuVerbatimConfig module.
type
boolean
example
{
qemuVerbatimConfig.enable = true;
}
default
{
qemuVerbatimConfig.enable = false;
}
qemuVerbatimConfig.extraCgroupDeviceAclList
list of devices to add to cgroup_device_acl
type
list of string
example
{
qemuVerbatimConfig.extraCgroupDeviceAclList = "[ /dev/input/by-id/KEYBOARD_NAME ]";
}
default
{
qemuVerbatimConfig.extraCgroupDeviceAclList = [];
}
qemuVerbatimConfig.kvmfrDeviceCount
Number of kvmfr devices. Used for adding kvmfr devices to cgroup_device_acl automatically
type
unsigned integer, meaning >=0
example
{
qemuVerbatimConfig.kvmfrDeviceCount = "1";
}
default
{
qemuVerbatimConfig.kvmfrDeviceCount = 0;
}
services.amdgpu.cards
A list of cards to enable fan configuration for. The identifiers for each device can be found in /sys/class/drm/ as card0, card1, etc.
type
list of string
example
{
services.amdgpu.cards = [
"card0"
"card1"
];
}
default
{
services.amdgpu.cards = [
"card0"
];
}
services.amdgpu.fan.enable
Whether to enable amdgpu-fan.
type
boolean
example
{
services.amdgpu.fan.enable = true;
}
default
{
services.amdgpu.fan.enable = false;
}
services.amdgpu.fan.package
type
package
default
{
services.amdgpu.fan.package = "pkgs.amdgpu-fan";
}
services.amdgpu.fan.speedMatrix
A list of temperature-fan speed pairs. The temperature is specified in degrees celcius, and speed is specified in %.
type
list of list of signed integer
example
{
services.amdgpu.fan.speedMatrix = [
[
0
0
]
[
40
30
]
[
60
50
]
[
80
100
]
];
}
default
{
services.amdgpu.fan.speedMatrix = [
[
0
0
]
[
30
33
]
[
45
50
]
[
60
66
]
[
65
69
]
[
70
75
]
[
75
89
]
[
80
100
]
];
}
services.amdgpu.pwm.enable
Whether to enable amdgpu-pwm.
type
boolean
example
{
services.amdgpu.pwm.enable = true;
}
default
{
services.amdgpu.pwm.enable = false;
}
services.dunst.enable
Whether to enable dunst.
type
boolean
example
{
services.dunst.enable = true;
}
default
{
services.dunst.enable = false;
}
services.dunst.package
type
package
default
{
services.dunst.package = {
drvPath = "dunst-1.8.1";
name = "dunst-1.8.1";
outPath = "dunst-1.8.1";
type = "derivation";
};
}
services.dunst.configFile
Path to dunstrc configuration file.
type
null or path
default
{
services.dunst.configFile = null;
}
services.dunst.settings
Configuration set alternative to
type
null or attribute set
example
{
services.dunst.settings = {
global = {
follow = "none";
monitor = 0;
};
};
}
default
{
services.dunst.settings = null;
}
services.radeon-profile-daemon.enable
Whether to enable radeon-profile-daemon.
type
boolean
example
{
services.radeon-profile-daemon.enable = true;
}
default
{
services.radeon-profile-daemon.enable = false;
}
services.radeon-profile-daemon.package
type
package
default
{
services.radeon-profile-daemon.package = "pkgs.radeon-profile-daemon";
}
services.bukkit-server.enable
If enabled, start a Minecraft Server. The server data will be loaded from and saved to
.type
boolean
default
{
services.bukkit-server.enable = false;
}
services.bukkit-server.package
Version of minecraft-server to run.
type
package
example
{
services.bukkit-server.package = {
_type = "literalExpression";
text = "pkgs.minecraft-server_1_12_2";
};
}
default
{
services.bukkit-server.package = "pkgs.minecraft-server";
}
services.bukkit-server.additionalSettingsFiles
Additional settings files for bukkit servers, like paper.yml
type
attribute set of YAML value
example
{
services.bukkit-server.additionalSettingsFiles = {
_type = "literalExpression";
text = ''
{
"paper.yml" = {
settings.unsupported-settings = {
allow-permanent-block-break-exploits = true;
};
};
}
'';
};
}
default
{
services.bukkit-server.additionalSettingsFiles = {};
}
services.bukkit-server.dataDir
Directory to store Minecraft database and other state/data files.
type
path
default
{
services.bukkit-server.dataDir = "/var/lib/minecraft";
}
services.bukkit-server.declarative
Whether to use a declarative Minecraft server configuration.
Only if set to
type
boolean
default
{
services.bukkit-server.declarative = false;
}
services.bukkit-server.eula
Whether you agree to
Mojangs EULA. This option must be set totype
boolean
default
{
services.bukkit-server.eula = false;
}
services.bukkit-server.jvmOpts
JVM options for the Minecraft server.
type
strings concatenated with " "
example
{
services.bukkit-server.jvmOpts = "-Xmx2048M -Xms4092M -XX:+UseG1GC -XX:+CMSIncrementalPacing -XX:+CMSClassUnloadingEnabled -XX:ParallelGCThreads=2 -XX:MinHeapFreeRatio=5 -XX:MaxHeapFreeRatio=10";
}
default
{
services.bukkit-server.jvmOpts = "-Xmx2048M -Xms2048M";
}
services.bukkit-server.openFirewall
Whether to open ports in the firewall for the server.
type
boolean
default
{
services.bukkit-server.openFirewall = false;
}
services.bukkit-server.serverProperties
Minecraft server properties for the server.properties file. Only has
an effect when
is set to
type
attribute set of boolean or signed integer or string
example
{
services.bukkit-server.serverProperties = {
_type = "literalExpression";
text = ''
{
server-port = 43000;
difficulty = 3;
gamemode = 1;
max-players = 5;
motd = "NixOS Minecraft server!";
white-list = true;
enable-rcon = true;
"rcon.password" = "hunter2";
}
'';
};
}
default
{
services.bukkit-server.serverProperties = {};
}
services.bukkit-server.whitelist
Whitelisted players, only has an effect when
istype
attribute set of Minecraft UUID
example
{
services.bukkit-server.whitelist = {
_type = "literalExpression";
text = ''
{
username1 = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
username2 = "yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy";
};
'';
};
}
default
{
services.bukkit-server.whitelist = {};
}
services.restic.backups
Periodic backups to create with Restic.
type
attribute set of submodule
example
{
services.restic.backups = {
localbackup = {
initialize = true;
passwordFile = "/etc/nixos/secrets/restic-password";
paths = [
"/home"
];
repository = "/mnt/backup-hdd";
};
remotebackup = {
extraOptions = [
"sftp.command='ssh backup@host -i /etc/nixos/secrets/backup-private-key -s sftp'"
];
passwordFile = "/etc/nixos/secrets/restic-password";
paths = [
"/home"
];
repository = "sftp:backup@host:/backups/home";
timerConfig = {
OnCalendar = "00:05";
RandomizedDelaySec = "5h";
};
};
};
}
default
{
services.restic.backups = {};
}
services.restic.backups.<name>.dynamicFilesFrom
A script that produces a list of files to back up. The results of this command are given to the '--files-from' option.
type
null or string
example
{
services.restic.backups.<name>.dynamicFilesFrom = "find /home/matt/git -type d -name .git";
}
default
{
services.restic.backups.<name>.dynamicFilesFrom = null;
}
services.restic.backups.<name>.extraBackupArgs
Extra arguments passed to restic backup.
type
list of string
example
{
services.restic.backups.<name>.extraBackupArgs = [
"--exclude-file=/etc/nixos/restic-ignore"
];
}
default
{
services.restic.backups.<name>.extraBackupArgs = [];
}
services.restic.backups.<name>.extraOptions
Extra extended options to be passed to the restic --option flag.
type
list of string
example
{
services.restic.backups.<name>.extraOptions = [
"sftp.command='ssh backup@192.168.1.100 -i /home/user/.ssh/id_rsa -s sftp'"
];
}
default
{
services.restic.backups.<name>.extraOptions = [];
}
services.restic.backups.<name>.initialize
Create the repository if it doesn't exist.
type
boolean
default
{
services.restic.backups.<name>.initialize = false;
}
services.restic.backups.<name>.passwordFile
Read the repository password from a file.
type
string
example
{
services.restic.backups.<name>.passwordFile = "/etc/nixos/restic-password";
}
services.restic.backups.<name>.paths
Which paths to backup. If null or an empty array, no backup command will be run. This can be used to create a prune-only job.
type
null or list of string
example
{
services.restic.backups.<name>.paths = [
"/var/lib/postgresql"
"/home/user/backup"
];
}
default
{
services.restic.backups.<name>.paths = null;
}
services.restic.backups.<name>.postStart
A script that runs before after a backup is executed.
type
null or string
example
{
services.restic.backups.<name>.postStart = "program-that-saves-alot continue";
}
default
{
services.restic.backups.<name>.postStart = null;
}
services.restic.backups.<name>.preStart
A script that runs before a backup is executed.
type
null or string
example
{
services.restic.backups.<name>.preStart = "program-that-saves-alot pause";
}
default
{
services.restic.backups.<name>.preStart = null;
}
services.restic.backups.<name>.pruneOpts
A list of options (--keep-* et al.) for 'restic forget --prune', to automatically prune old snapshots. The 'forget' command is run after the 'backup' command, so keep that in mind when constructing the --keep-* options.
type
list of string
example
{
services.restic.backups.<name>.pruneOpts = [
"--keep-daily 7"
"--keep-weekly 5"
"--keep-monthly 12"
"--keep-yearly 75"
];
}
default
{
services.restic.backups.<name>.pruneOpts = [];
}
services.restic.backups.<name>.rcloneConfig
Configuration for the rclone remote being used for backup. See the remote's specific options under rclone's docs at
. When specifying option names, use the "config" name specified in the docs. For example, to settype
null or attribute set of string or boolean
example
{
services.restic.backups.<name>.rcloneConfig = {
account = "xxx";
hard_delete = true;
key = "xxx";
type = "b2";
};
}
default
{
services.restic.backups.<name>.rcloneConfig = null;
}
services.restic.backups.<name>.rcloneConfigFile
Path to the file containing rclone configuration. This file
must contain configuration for the remote specified in this backup
set and also must be readable by root. Options set in
type
null or path
default
{
services.restic.backups.<name>.rcloneConfigFile = null;
}
services.restic.backups.<name>.rcloneOptions
Options to pass to rclone to control its behavior.
See for
available options. When specifying option names, strip the
leading
type
null or attribute set of string or boolean
example
{
services.restic.backups.<name>.rcloneOptions = {
bwlimit = "10M";
drive-use-trash = "true";
};
}
default
{
services.restic.backups.<name>.rcloneOptions = null;
}
services.restic.backups.<name>.repository
repository to backup to.
type
string
example
{
services.restic.backups.<name>.repository = "sftp:backup@192.168.1.100:/backups/‹name›";
}
services.restic.backups.<name>.s3CredentialsFile
file containing the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY for an S3-hosted repository, in the format of an EnvironmentFile as described by systemd.exec(5)
type
null or string
default
{
services.restic.backups.<name>.s3CredentialsFile = null;
}
services.restic.backups.<name>.timerConfig
When to run the backup. See man systemd.timer for details.
type
attribute set of systemd option
example
{
services.restic.backups.<name>.timerConfig = {
OnCalendar = "00:05";
RandomizedDelaySec = "5h";
};
}
default
{
services.restic.backups.<name>.timerConfig = {
OnCalendar = "daily";
};
}
services.restic.backups.<name>.user
As which user the backup should run.
type
string
example
{
services.restic.backups.<name>.user = "postgresql";
}
default
{
services.restic.backups.<name>.user = "root";
}