Appendix A. Configuration Options

Whether to enable the unified cgroup hierarchy (cgroupsv2). This feature is experimental.

Type: boolean

Default: false

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "cirrusfb"
  "i2c_piix4"
]

Declared by:

Type: signed integer

Default: 4

Declared by:

If enabled, NixOS will set up a kernel that will boot on crash, and leave the user in systemd rescue to be able to save the crashed kernel dump at /proc/vmcore. It also activates the NMI watchdog.

Type: boolean

Default: false

Declared by:

Enable the serial console.

Type: boolean

Default: false

Declared by:

Specify the baud rate of the serial port.

Type: signed integer

Default: 115200

Declared by:

Specify the serial port for debug output.

Type: string

Default: "ttyS0"

Declared by:

Enable the VGA console.

Type: boolean

Default: true

Declared by:

Attempt to reset a standard VGA device.

Type: boolean

Default: true

Declared by:

shell commands to be executed after makedumpfile outputs /dmesg

Type: string

Default: ""

Declared by:

parameters that will be passed to the kernel kexec-ed on crash.

Type: list of string

Default:

[
  "1"
  "boot.shell_on_fail"
  "loglevel=8"
]

Declared by:

The amount of memory reserved for the crashdump kernel. If you choose a too high value, dmesg will mention "crashkernel reservation failed".

Type: string

Default: "512M"

Declared by:

Type: string

Default: "50%"

Example: "256m"

Declared by:

Type: string

Default: "5%"

Example: "32m"

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example:

''
  options parport_pc io=0x378 irq=7 dma=1
''

Declared by:

Type: list of package

Default: [ ]

Example: [ config.boot.kernelPackages.nvidia_x11 ]

Declared by:

Whether to enable the NixOS initial RAM disk (initrd). This may be needed to perform some initialisation tasks (like mounting network/encrypted file systems) before continuing the boot process.

Type: boolean

Default: "!config.boot.isContainer"

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "sata_nv"
  "ext3"
]

Declared by:

Type: boolean (read only)

Default: false

Declared by:

Type: boolean

Default: true

Declared by:

Type: list of string

Default: [ ]

Declared by:

Add network connectivity support to initrd. The network may be configured using the ip kernel parameter, as described in the kernel documentation. Otherwise, if networking.useDHCP is enabled, an IP address is acquired using DHCP. You should add the module(s) required for your network card to boot.initrd.availableKernelModules. lspci -v | grep -iA8 'network\|ethernet' will tell you which.

Type: boolean

Default: false

Declared by:

Whether to clear the configuration of the interfaces that were set up in the initrd right before stage 2 takes over. Stage 2 will do the regular network configuration based on the NixOS networking options.

Type: boolean

Default: true

Declared by:

Shell commands to be executed after stage 1 of the boot has initialised the network.

Type: strings concatenated with "\n"

Default: ""

Declared by:

Set clock in initrd using NTP servers in networking.timeServers

Type: boolean

Default: true

Declared by:

Type: boolean

Default: false

Declared by:

Type: list of string

Default: config.users.users.root.openssh.authorizedKeys.keys

Declared by:

Type: strings concatenated with "\n"

Default: ""

Declared by:

Type: list of (string or path)

Default: [ ]

Example:

[
  "/etc/secrets/initrd/ssh_host_rsa_key"
  "/etc/secrets/initrd/ssh_host_ed25519_key"
]

Declared by:

Type: boolean

Default: false

Declared by:

Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: 22

Declared by:

Type: null or string

Default: "\"/bin/ash\""

Declared by:

Additional command-line arguments passed verbatim to udhcpc if boot.initrd.network.enable and networking.useDHCP are enabled.

Type: list of string

Default: [ ]

Declared by:

Whether to use DHCP in the initrd.

Type: null or boolean

Default: null

Declared by:

Shell commands to be executed immediately after stage 1 of the boot has loaded kernel modules and created device nodes in /dev.

Type: strings concatenated with "\n"

Default: ""

Declared by:

Shell commands to be executed immediately after the stage 1 filesystems have been mounted.

Type: strings concatenated with "\n"

Default: ""

Declared by:

Shell commands to be executed before the failure prompt is shown.

Type: strings concatenated with "\n"

Default: ""

Declared by:

Shell commands to be executed immediately before LVM discovery. vpsAdminOS actually does not support LVM, this is just for compatibility with other modules.

Type: strings concatenated with "\n"

Default: ""

Declared by:

Type: list of string

Default: [ ]

Declared by:

Names of supported filesystem types in the initial ramdisk.

Type: list of string

Default: [ ]

Example:

[
  "btrfs"
]

Declared by:

Type: boolean (read only)

Default: false

Declared by:

Type: unspecified value

Declared by:

Type: unspecified value

Declared by:

Type: boolean (read only)

Default: false

Declared by:

Type: unspecified value

Declared by:

Type: unspecified value

Declared by:

Include hardware support kernel modules in initrd (so e.g. zfs sees disks)

Type: boolean

Default: true

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: true

Declared by:

Type: boolean

Default: true

Example: true

Declared by:

Type: string

Default: ""

Example: "my secret seed"

Declared by:

Type: attribute set of (sysctl option value)

Default: { }

Example:

{ "net.ipv4.tcp_syncookies" = false; "vm.swappiness" = 60; }

Declared by:

Type: null or unsigned integer, meaning >=0

Default: null

Declared by:

Type: list of string

Default: [ ]

Declared by:

base linux kernel package

Type: package

Default: <derivation linux-6.1.56>

Declared by:

Type: raw value

Default: pkgs.linuxPackages

Example: pkgs.linuxKernel.packages.linux_5_10

Declared by:

Type: list of string, with spaces inside double quotes

Default: [ ]

Declared by:

Type: list of (attribute set)

Default: [ ]

Example:

[
  {
    name = "foo";
    patch = ./foo.patch;
    extraStructuredConfig.FOO = lib.kernel.yes;
    features.foo = true;
  }
]

Declared by:

TODO

Type: string

Default: "6.1.56"

Declared by:

Type: boolean

Default: false

Declared by:

Type: string

Default: "/boot"

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: false

Declared by:

Type: null or string

Default: null

Example: "#7EBAE4"

Declared by:

Type: signed integer

Default: 100

Example: 120

Declared by:

Type: string

Default: ""

Example: "Stable 2.6.21"

Declared by:

Type: boolean

Default: false

Declared by:

Type: signed integer or string

Default: "0"

Declared by:

Type: string

Default: ""

Example: "/dev/disk/by-id/wwn-0x500001234567890a"

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "/dev/disk/by-id/wwn-0x500001234567890a"
]

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: false

Declared by:

Type: null or string

Default: "--class nixos --unrestricted"

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example:

''
  serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
  terminal_input --append serial
  terminal_output --append serial
''

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example:

''
  # GRUB 1 example (not GRUB 2 compatible)
  title Windows
    chainloader (hd0,1)+1
  
  # GRUB 2 example
  menuentry "Windows 7" {
    chainloader (hd0,4)+1
  }
  
  # GRUB 2 with UEFI example, chainloading another distro
  menuentry "Fedora" {
    set root=(hd1,1)
    chainloader /efi/fedora/grubx64.efi
  }
''

Declared by:

Type: boolean

Default: false

Declared by:

Type: attribute set of path

Default: { }

Example:

{ "memtest.bin" = "${pkgs.memtest86plus}/memtest.bin"; }

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "--modules=nativedisk ahci pata part_gpt part_msdos diskfilter mdraid1x lvm ext2"
]

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example:

''
  # the example below generates detached signatures that GRUB can verify
  # https://www.gnu.org/software/grub/manual/grub/grub.html#Using-digital-signatures
  ''${pkgs.findutils}/bin/find /boot -not -path "/boot/efi/*" -type f -name '*.sig' -delete
  old_gpg_home=$GNUPGHOME
  export GNUPGHOME="$(mktemp -d)"
  ''${pkgs.gnupg}/bin/gpg --import ''${priv_key} > /dev/null 2>&1
  ''${pkgs.findutils}/bin/find /boot -not -path "/boot/efi/*" -type f -exec ''${pkgs.gnupg}/bin/gpg --detach-sign "{}" \; > /dev/null 2>&1
  rm -rf $GNUPGHOME
  export GNUPGHOME=$old_gpg_home
''

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example: "root (hd0)"

Declared by:

Type: strings concatenated with "\n"

Default: ""

Declared by:

Type: null or path

Default: "${pkgs.grub2}/share/grub/unicode.pf2"

Declared by:

Type: null or signed integer

Default: null

Example: 16

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: false

Declared by:

Type: one of "uuid", "label", "provided"

Default: "uuid"

Declared by:

Type: string

Default: "1024x768"

Example: "auto"

Declared by:

Type: string

Default: "auto"

Example: "1024x768"

Declared by:

Type: string

Default: "text"

Example: "keep"

Declared by:

Type: string

Default: "keep"

Example: "text"

Declared by:

Type: attribute set of (path or string)

Default: { }

Example:

{ demo = ''
    #!ipxe
    dhcp
    chain http://boot.ipxe.org/demo/boot.php
  '';
}

Declared by:

Type: list of (submodule)

Default: [ ]

Example:

[
  {
    devices = [
      "/dev/disk/by-id/wwn-0x500001234567890a"
    ];
    path = "/boot1";
  }
  {
    devices = [
      "/dev/disk/by-id/wwn-0x500009876543210a"
    ];
    path = "/boot2";
  }
]

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "/dev/disk/by-id/wwn-0x500001234567890a"
  "/dev/disk/by-id/wwn-0x500009876543210a"
]

Declared by:

Type: null or string

Default: null

Example: "VpsAdminOS-fsid"

Declared by:

Type: null or string

Default: null

Example: "/boot1/efi"

Declared by:

Type: string

Example: "/boot1"

Declared by:

Type: null or path

Example: ./my-background.png

Declared by:

Type: one of "normal", "stretch"

Default: "stretch"

Declared by:

Type: string

Default: "/nix/store"

Declared by:

Type: null or string

Default: "--class nixos"

Declared by:

Type: null or path

Default: null

Example: pkgs.nixos-grub2-theme

Declared by:

Type: boolean

Default: false

Declared by:

Type: attribute set of (submodule)

Default: { }

Example:

{
  root = {
    hashedPasswordFile = "/path/to/file";
  };
}

Declared by:

Type: null or string

Default: null

Example: "grub.pbkdf2.sha512.10000.674DFFDEF76E13EA...2CC972B102CF4355"

Declared by:

Type: null or string

Default: null

Example: "/path/to/file"

Declared by:

Type: null or string

Default: null

Example: "Pa$$w0rd!"

Declared by:

Type: null or string

Default: null

Example: "/path/to/file"

Declared by:

Type: boolean

Default: false

Declared by:

Type: null or signed integer

Default: 5

Declared by:

Type: boolean

Default: true

Example: true

Declared by:

Shell commands to be executed just before runit is started.

Type: strings concatenated with "\n"

Default: ""

Example: "rm -f /var/log/messages"

Declared by:

Action to take automatically if stage-1 fails. n - create new pool (may also erase disks and run partitioning if configured) i - interactive shell r - reboot * - ignore Useful for unattended installations and testing.

Type: one of "", "n", "i", "r", "*"

Default: ""

Declared by:

mount proc with hidepid=2

Type: boolean

Default: false

Declared by:

QEMU runner

Type: boolean

Default: false

Declared by:

Disks available within the VM

Type: list of (submodule)

Default:

[
  {
    create = true;
    device = "sda.img";
    size = "8G";
    type = "file";
  }
]

Declared by:

Create the device if it does not exist. Applicable only for file-backed devices.

Type: boolean

Default: false

Declared by:

Path to the disk device

Type: string

Declared by:

Device size

Type: string

Default: ""

Declared by:

Device type

Type: one of "file", "blockdev"

Declared by:

Extra command-line arguments passed to qemu

Type: list of string

Default: [ ]

Declared by:

Name of the bridge interface on the host to use

Type: string

Declared by:

Type: one of "user", "bridge"

Default: "user"

Declared by:

Type: string

Default: "10.0.2.3"

Declared by:

Type: string

Default: "10.0.2.2"

Declared by:

Type: null or string

Default: "tcp::2222-:22"

Declared by:

Type: string

Default: "10.0.2.0/24"

Declared by:

Filesystems shared between the host and the VM (the guest)

Type: list of (submodule)

Default: [ ]

Declared by:

Target mountpoint in the guest

Type: path

Declared by:

Handle for mounting

Type: string

Declared by:

Source directory on the host

Type: string

Declared by:

Directory where qemu-related files are stored, e.g. socket files, disk files, etc.

Type: string

Default: "~/.osvm-qemu/\${config.networking.hostName}"

Declared by:

Type: boolean

Default: false

Declared by:

Type: string

Default: "25%"

Example: "256m"

Declared by:

Type: list of string (with check: non-empty without trailing slash)

Default: [ ]

Example:

[
  "/persist"
]

Declared by:

Type: null or string (with check: non-empty)

Default: null

Example: "/dev/sda"

Declared by:

Type: string (with check: non-empty)

Default: "auto"

Example: "ext3"

Declared by:

Type: string (with check: non-empty without trailing slash)

Example: "/mnt/usb"

Declared by:

Type: non-empty (list of string (with check: non-empty))

Default:

[
  "defaults"
]

Example:

[
  "data=journal"
]

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "btrfs"
]

Declared by:

Type: boolean

Default: false

Declared by:

Directories used to search disk devices. This should be a path under /dev containing stable names for all devices needed, as import may fail if device nodes are renamed concurrently with a device failing.

Type: list of string

Default:

[
  "/dev/disk/by-id"
]

Declared by:

Forcibly import the ZFS root pool(s) during early boot.

Type: boolean

Default: false

Declared by:

Type: submodule

Default: { }

Declared by:

spl module load time options

Type: attribute set of (module option value)

Default: { }

Example:

{ "spl_taskq_thread_priority" = true; "spl_taskq_thread_sequential" = 2; }

Declared by:

zfs module load time options

Type: attribute set of (module option value)

Default: { }

Example:

{ "zfs_arc_min" = 1073741824; }

Declared by:

Type: attribute set of (submodule)

Default: { }

Declared by:

Devices used for secondary read cache (L2ARC).

Type: list of string

Default: [ ]

Example:

[
  "sde2"
  "sdf2"
]

Declared by:

Declaratively create ZFS file systems or volumes and configure properties. Dataset names are relative to the pool and optionally may start with a slash. Configured properties are passed directly to ZFS, see man zfs(8) for more information. No dataset is ever destroyed and properties removed from the configuration are not unset once deployed. To reset a property, set its value to `inherit`.

Type: attribute set of (submodule)

Default:

{
  "/" = { };
}

Example:

{
  "/" = {
    properties = {
      sharenfs = "on";
    };
  };
  data = {
    properties = {
      quota = "100G";
    };
  };
  volume = {
    properties = {
      volsize = "50G";
    };
    type = "volume";
  };
}

Declared by:

ZFS properties, see man zfs(8).

Type: attribute set of (string or signed integer)

Default: { }

Declared by:

Dataset type

Type: one of "filesystem", "volume"

Default: "filesystem"

Declared by:

Determines whether disks are partitioned and zpool is created when the pool cannot be imported, suggesting it does not exist. Do not enable this in production, existing pools might fail to import for unforeseen reasons and recreating them will result in data loss.

Type: boolean

Default: false

Declared by:

Pool ID used for importing.

Type: null or string

Default: null

Declared by:

Number of attempts to cleanly import the pool with all devices present. After the attempts are spent, even a degraded pool will be imported. If the pool still can't be imported, the service will either fail or create the pool if option boot.zfs.pools.<name>.doCreate is enabled.

Type: 3 or more

Default: 60

Declared by:

Import the pool into osctld to be used for containers.

Type: boolean

Default: false

Declared by:

Pool layout to pass to zpool create. The pool can be created either manually using script do-create-pool-<pool> or automatically when boot.zfs.pools.<pool>.doCreate is set and the pool cannot be imported.

Type: list of (submodule)

Default: [ ]

Declared by:

List of device names.

Type: list of string

Declared by:

Virtual device type, see man zpool(8) for more information.

Type: one of "stripe", "mirror", "raidz", "raidz1", "raidz2", "raidz3"

Default: "stripe"

Example: "mirror"

Declared by:

Devices used for ZFS Intent Log (ZIL).

Type: list of (submodule)

Default: [ ]

Example:

{
  devices = [
    "sde1"
    "sdf1"
  ];
  mirror = true;
}

Declared by:

List of device names.

Type: list of string

Declared by:

Determines whether the log devices will be mirrored or not.

Type: boolean

Declared by:

Partition disks This creates a sfdisk input for simple partitioning, X in 'pX' means partition number. If sizeGB is not specified the rest of the dist will be used for this partition.

Type: attribute set of attribute set of (submodule)

Default: { }

Example:

{
  sde = {
    p1 = {
      sizeGB = 20;
    };
    p2 = {
      sizeGB = 10;
      type = "fd";
    };
    p3 = { };
  };
}

Declared by:

Partition size in gigabytes

Type: null or positive integer, meaning >0

Default: null

Declared by:

Partition type (list with `sfdisk -T`)

Type: value "fd" (singular enum)

Default: "fd"

Declared by:

zpool properties, see man zpool(8) for more information.

Type: attribute set of (string or signed integer)

Default: { }

Example:

{
  readonly = "on";
}

Declared by:

Enables periodic scrubbing

Type: boolean

Default: false

Declared by:

Optionally override the auto-generated command used to pause scrub of the pool. Defaults to scrubctl pause <pool>.

Type: null or string

Default: null

Declared by:

Date and time expression for when to pause a running scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.

Type: list of string

Default: [ ]

Declared by:

Optionally override the auto-generated command used to resume scrub of the pool. Defaults to scrubctl resume <pool>.

Type: null or string

Default: null

Declared by:

Date and time expression for when to resume a paused scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.

Type: list of string

Default: [ ]

Declared by:

Optionally override the auto-generated command used to scrub the pool. Defaults to scrubctl start <pool>.

Type: null or string

Default: null

Declared by:

Date and time expression for when to scrub the pool in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.

Type: list of string

Default: [ ]

Declared by:

Determines whether ZFS filesystems with sharenfs set should be exported. When set to always, zfs share is run every time the service is started. When set to once, filesystems are exported only once for this pool, e.g. when the service is restarted on upgrade, filesystems are not reexported. off disables automated exporting completely.

Type: one of "always", "once", "off"

Default: "always"

Declared by:

List of devices to be used as hot spares.

Type: list of string

Default: [ ]

Declared by:

Wipe disks prior to disk partitioning and pool creation (dangerous!). Uses dd to erase first and last 1024 sectors of the device.

Type: list of string

Default: [ ]

Example:

[
  "sda"
  "sdb"
]

Declared by:

TODO

Type: package

Default: <derivation zfs-user-2.0-vpsadminos>

Declared by:

Type: boolean

Default: false

Declared by:

Type: attribute set of (submodule)

Default: { }

Example:

{ example-configuration-file =
    { source = "/nix/store/.../etc/dir/file.conf.example";
      mode = "0440";
    };
  "default/useradd".text = "GROUP=100 ...";
}

Declared by:

Type: boolean

Default: true

Declared by:

Type: signed integer

Default: 0

Declared by:

Type: string

Default: "+0"

Declared by:

Type: string

Default: "symlink"

Example: "0600"

Declared by:

Type: path

Declared by:

Type: string

Declared by:

Type: null or strings concatenated with "\n"

Default: null

Declared by:

Type: signed integer

Default: 0

Declared by:

Type: string

Default: "+0"

Declared by:

Type: strings concatenated with "\n"

Default: ""

Declared by:

List of additional package outputs to be symlinked into /run/current-system/sw.

Type: list of string

Default: [ ]

Example:

[
  "doc"
  "info"
  "docdev"
]

Declared by:

Type: strings concatenated with "\n"

Default: ""

Declared by:

Type: boolean

Default: false

Declared by:

Type: strings concatenated with "\n"

Default: ""

Declared by:

Type: boolean

Default: false

Declared by:

Type: strings concatenated with "\n"

Default: ""

Declared by:

List of directories to be symlinked in /run/current-system/sw.

Type: list of string

Default: [ ]

Example:

[
  "/"
]

Declared by:

Type: attribute set of list of string

Example:

{
  MANPATH = [
    "/man"
    "/share/man"
  ];
  PATH = [
    "/bin"
  ];
}

Declared by:

Type: attribute set of list of string

Example:

{
  MANPATH = [
    "/man"
    "/share/man"
  ];
  PATH = [
    "/bin"
  ];
}

Declared by:

Type: list of string

Default: [ ]

Declared by:

Type: attribute set of ((list of string) or string or path)

Default: { }

Declared by:

Type: attribute set of (null or string or path)

Example:

{
  l = null;
  ll = "ls -l";
}

Declared by:

Type: strings concatenated with "\n"

Default: ""

Declared by:

Type: list of (package or path)

Default: [ ]

Example: [ pkgs.bashInteractive pkgs.zsh ]

Declared by:

Type: list of package

Default: [ ]

Example: [ pkgs.firefox pkgs.thunderbird ]

Declared by:

Type: attribute set of ((list of string) or string or path)

Default: { }

Example:

{
  EDITOR = "nvim";
  VISUAL = "nvim";
}

Declared by:

Type: attribute set of (submodule)

Default: { }

Example:

{
  "/".device = "/dev/hda1";
  "/data" = {
    device = "/dev/hda2";
    fsType = "ext3";
    options = [ "data=journal" ];
  };
  "/bigdisk".label = "bigdisk";
}

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: false

Declared by:

Type: list of string (with check: non-empty without trailing slash)

Default: [ ]

Example:

[
  "/persist"
]

Declared by:

Type: null or string (with check: non-empty)

Default: null

Example: "/dev/sda"

Declared by:

Type: string

Default: ""

Declared by:

Type: string (with check: non-empty)

Default: "auto"

Example: "ext3"

Declared by:

Type: null or string (with check: non-empty)

Default: null

Example: "root-partition"

Declared by:

Type: string (with check: non-empty without trailing slash)

Example: "/mnt/usb"

Declared by:

If set, this file system will be mounted in the initial ramdisk. By default, this applies to the root file system and to the file system containing /nix/store.

Type: boolean

Default: false

Declared by:

Type: boolean

Default: false

Declared by:

Type: non-empty (list of string (with check: non-empty))

Default:

[
  "defaults"
]

Example:

[
  "data=journal"
]

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: config.hardware.enableAllFirmware

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: false

Declared by:

Type: list of package

Default: [ ]

Declared by:

Type: boolean

Default: false

Declared by:

Type: string

Default: "en_US.UTF-8"

Example: "nl_NL.UTF-8"

Declared by:

Type: attribute set of string

Default: { }

Example:

{
  LC_MESSAGES = "en_US.UTF-8";
  LC_TIME = "de_DE.UTF-8";
}

Declared by:

Type: path

Default:

pkgs.glibcLocales.override {
  allLocales = any (x: x == "all") config.i18n.supportedLocales;
  locales = config.i18n.supportedLocales;
}

Example: pkgs.glibcLocales

Declared by:

Type: list of string

Default:

unique
  (builtins.map (l: (replaceStrings [ "utf8" "utf-8" "UTF8" ] [ "UTF-8" "UTF-8" "UTF-8" ] l) + "/UTF-8") (
    [
      "C.UTF-8"
      "en_US.UTF-8"
      config.i18n.defaultLocale
    ] ++ (attrValues (filterAttrs (n: v: n != "LANGUAGE") config.i18n.extraLocaleSettings))
  ))

Example:

[
  "en_US.UTF-8/UTF-8"
  "nl_NL.UTF-8/UTF-8"
  "nl_NL/ISO-8859-1"
]

Declared by:

Type: unspecified value

Declared by:

Type: attribute set of (attribute set)

Default: { }

Declared by:

Type: floating point number

Declared by:

Type: floating point number

Declared by:

Type: one of "manual", "geoclue2"

Default: "manual"

Declared by:

Whether to install the HTML manual.

Type: boolean

Default: false

Declared by:

Whether to install a JSON formatted list of all vpsAdminOS options. This can be located at <profile directory>/share/doc/vpsadminos/options.json, and may be used for navigating definitions, auto-completing, and other miscellaneous tasks.

Type: boolean

Default: false

Example: true

Declared by:

Whether to install the configuration manual page. The manual can be reached by man configuration.nix.

Type: boolean

Default: true

Example: false

Declared by:

Type: unspecified value

Default: true

Declared by:

use Chrony daemon for network time synchronization

Type: boolean

Default: true

Declared by:

Custom set of commands used to set-up networking

Type: strings concatenated with "\n"

Default: ""

Example:

''
  
            ip addr add 10.0.0.1 dev ix0
            ip link set ix0 up
          ''

Declared by:

use DHCP to obtain IP

Type: boolean

Default: false

Declared by:

Whether to enable Enable dhcpd for lxc containers.

Type: boolean

Default: false

Example: true

Declared by:

The domain. It can be left empty if it is auto-detected through DHCP.

Type: null or string

Default: null

Example: "home"

Declared by:

Additional verbatim entries to be appended to /etc/hosts.

Type: strings concatenated with "\n"

Default: ""

Example: "192.168.0.1 lanlocalhost"

Declared by:

Type: boolean

Default: true

Declared by:

Type: package

Default: if config.networking.nftables.enable then "pkgs.nftables" else "pkgs.iptables"

Example: pkgs.iptables-legacy

Declared by:

Type: boolean

Default: true

Declared by:

Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: [ ]

Example:

[
  {
    from = 8999;
    to = 9003;
  }
]

Declared by:

Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: [ ]

Example:

[
  22
  80
]

Declared by:

Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: [ ]

Example:

[
  {
    from = 60000;
    to = 61000;
  }
]

Declared by:

Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: [ ]

Example:

[
  53
]

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean or one of "strict", "loose"

Default: { _type = "literalMD"; text = "`true` except if the iptables based firewall is in use and the kernel lacks rpfilter support"; }

Example: "loose"

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "ftp"
  "irc"
  "sane"
  "sip"
  "tftp"
  "amanda"
  "h323"
  "netbios_sn"
  "pptp"
  "snmp"
]

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example: "iptables -A INPUT -p icmp -j ACCEPT"

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example: "iifname wg0 accept"

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example: "ip6 saddr { fc00::/7, fe80::/10 } tcp dport 24800 accept"

Declared by:

Type: list of package

Default: [ ]

Example: [ pkgs.ipset ]

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example: "iptables -P INPUT ACCEPT"

Declared by:

Type: boolean

Default: false

Declared by:

Type: attribute set of (submodule)

Default: { }

Declared by:

Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: [ ]

Example:

[
  {
    from = 8999;
    to = 9003;
  }
]

Declared by:

Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: [ ]

Example:

[
  22
  80
]

Declared by:

Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: [ ]

Example:

[
  {
    from = 60000;
    to = 61000;
  }
]

Declared by:

Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default: [ ]

Example:

[
  53
]

Declared by:

Type: boolean

Default: true

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: true

Declared by:

Type: boolean

Default: false

Declared by:

Type: null or strings concatenated with " "

Default: null

Example: "--limit 1/minute --limit-burst 5"

Declared by:

Type: boolean

Default: false

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "enp0s2"
]

Declared by:

Type: unspecified value

Declared by:

machine hostname

Type: string

Default: "default"

Declared by:

Locally defined maps of hostnames to IP addresses.

Type: attribute set of list of string

Default: { }

Example:

{
  "127.0.0.1" = [ "foo.bar.baz" ];
  "192.168.0.2" = [ "fileserver.local" "nameserver.local" ];
};

Declared by:

create lxc bridge interface

Type: boolean

Default: false

Declared by:

The list of nameservers. It can be left empty if it is auto-detected through DHCP.

Type: list of string

Default: [ ]

Example:

[
  "208.67.222.222"
  "208.67.220.220"
]

Declared by:

enable NAT for containers

Type: boolean

Default: true

Declared by:

Type: unspecified value

Declared by:

Type: boolean

Default: false

Declared by:

Type: boolean

Default: true

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example:

sed 's/skgid meadow/skgid nogroup/g' -i ruleset.conf

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example:

''
  # Check out https://wiki.nftables.org/ for better documentation.
  # Table for both IPv4 and IPv6.
  table inet filter {
    # Block all incoming connections traffic except SSH and "ping".
    chain input {
      type filter hook input priority 0;
  
      # accept any localhost traffic
      iifname lo accept
  
      # accept traffic originated from us
      ct state {established, related} accept
  
      # ICMP
      # routers may also want: mld-listener-query, nd-router-solicit
      ip6 nexthdr icmpv6 icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert } accept
      ip protocol icmp icmp type { destination-unreachable, router-advertisement, time-exceeded, parameter-problem } accept
  
      # allow "ping"
      ip6 nexthdr icmpv6 icmpv6 type echo-request accept
      ip protocol icmp icmp type echo-request accept
  
      # accept SSH connections (required for a server)
      tcp dport 22 accept
  
      # count and drop any other traffic
      counter drop
    }
  
    # Allow all outgoing connections.
    chain output {
      type filter hook output priority 0;
      accept
    }
  
    chain forward {
      type filter hook forward priority 0;
      accept
    }
  }
''

Declared by:

Type: null or path

Default: null

Declared by:

Set of commands run prior to any other network configuration

Type: strings concatenated with "\n"

Default: ""

Declared by:

The list of search paths used when resolving domain names.

Type: list of string

Default: [ ]

Example:

[
  "example.com"
  "local.domain"
]

Declared by:

use static networking configuration

Type: boolean

Default: false

Declared by:

gateway IP address for static networking configuration

Type: string

Default: "10.0.2.2"

Declared by:

interface for static networking configuration

Type: string

Default: "eth0"

Declared by:

IP address for static networking configuration

Type: string

Default: "10.0.2.15"

Declared by:

route

Type: string

Default: "10.0.2.0/24"

Declared by:

The set of NTP servers from which to synchronise.

Type: unspecified value

Default:

[
  "0.nixos.pool.ntp.org"
  "1.nixos.pool.ntp.org"
  "2.nixos.pool.ntp.org"
  "3.nixos.pool.ntp.org"
]

Declared by:

Alias of networking.dhcp.

Type: boolean

Declared by:

A list URLs which are queried. We are online when any one of these sends a HTTP response.

Type: list of string

Default:

[
  "http://1.1.1.1"
  "http://vpsadminos.org"
]

Declared by:

Which method to use to check network connectivity

Type: one of "ping", "http"

Default: "ping"

Declared by:

A list of hosts which are pinged. We are online when any one of these pongs back.

Type: list of string

Default:

[
  "8.8.8.8"
  "1.1.1.1"
]

Declared by:

Type: boolean

Default: true

Declared by:

Type: package

Default: pkgs.nix

Declared by:

Type: list of (submodule)

Default: [ ]

Declared by:

Type: string

Example: "nixbuilder.example.org"

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "big-parallel"
]

Declared by:

Type: signed integer

Default: 1

Declared by:

Type: one of <null>, "ssh", "ssh-ng"

Default: "ssh"

Example: "ssh-ng"

Declared by:

Type: null or string

Default: null

Declared by:

Type: signed integer

Default: 1

Declared by:

Type: null or string

Default: null

Example: "/root/.ssh/id_buildhost_builduser"

Declared by:

Type: null or string

Default: null

Example: "builder"

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "kvm"
  "big-parallel"
]

Declared by:

Type: null or string

Default: null

Example: "x86_64-linux"

Declared by:

Type: list of string

Default: [ ]

Example:

[
  "x86_64-linux"
  "aarch64-linux"
]

Declared by:

Type: boolean

Default: true

Declared by:

Type: boolean

Default: true

Declared by:

Type: boolean

Default: true

Declared by:

Whether to enable Enable nix daemon.

Type: boolean

Default: false

Example: true

Declared by:

Type: one of "other", "batch", "idle"

Default: "other"

Example: "batch"

Declared by:

Type: one of "best-effort", "idle"

Default: "best-effort"

Example: "idle"

Declared by:

Type: signed integer

Default: 4

Example: 1

Declared by:

Type: boolean

Default: false

Declared by:

Type: strings concatenated with "\n"

Default: ""

Example:

''
  keep-outputs = true
  keep-derivations = true
''

Declared by:

Type: list of string

Default:

''
  if nix.channel.enable
  then [
    "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos"
    "nixos-config=/etc/nixos/configuration.nix"
    "/nix/var/nix/profiles/per-user/root/channels"
  ]
  else [];
''

Declared by:

Type: signed integer

Declared by:

Type: attribute set of (submodule)

Default: { }

Declared by:

Type: boolean

Default: true

Declared by:

Type: null or (attribute set)

Default: null

Example: nixpkgs

Declared by:

Type: attribute set of (string or signed integer or boolean or path or package)

Example:

{
  id = "nixpkgs";
  type = "indirect";
}

Declared by:

Type: attribute set of (string or signed integer or boolean or path or package)

Example:

{
  owner = "my-org";
  repo = "my-nixpkgs";
  type = "github";
}

Declared by:

Type: attribute set of (Nix config atom (null, bool, int, float, str, path or package) or list of (Nix config atom (null, bool, int, float, str, path or package)))

Default: { }

Example:

{
  use-sandbox = true;
  show-trace = true;

  system-features = [ "big-parallel" "kvm" "recursive-nix" ];
  sandbox-paths = { "/bin/sh" = "${pkgs.busybox-sandbox-shell.out}/bin/busybox"; };
}

Declared by:

Type: list of string

Default:

[
  "*"
]

Example:

[
  "@wheel"
  "@builders"
  "alice"
  "bob"
]

Declared by:

Type: boolean

Default: false

Example: true

Declared by:

Type: signed integer

Default: 0

Example: 64

Declared by: