boot.enableUnifiedCgroupHierarchy
Whether to enable the unified cgroup hierarchy (cgroupsv2). This feature is experimental.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
boot.blacklistedKernelModules
Type: list of string
Default: [ ]
Example:
[ "cirrusfb" "i2c_piix4" ]
Declared by:
<nixpkgs/nixos/modules/system/boot/modprobe.nix>
|
boot.consoleLogLevel
Type: signed integer
Default: 4
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.crashDump.enable
If enabled, NixOS will set up a kernel that will boot on crash, and leave the user in systemd rescue to be able to save the crashed kernel dump at /proc/vmcore. It also activates the NMI watchdog.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleSerial.enable
Enable the serial console.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleSerial.baudRate
Specify the baud rate of the serial port.
Type: signed integer
Default: 115200
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleSerial.port
Specify the serial port for debug output.
Type: string
Default: "ttyS0"
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleVGA.enable
Enable the VGA console.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleVGA.reset
Attempt to reset a standard VGA device.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.execAfterDump
shell commands to be executed after makedumpfile outputs /dmesg
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.kernelParams
parameters that will be passed to the kernel kexec-ed on crash.
Type: list of string
Default:
[ "1" "boot.shell_on_fail" "loglevel=8" ]
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.reservedMemory
The amount of memory reserved for the crashdump kernel. If you choose a too high value, dmesg will mention "crashkernel reservation failed".
Type: string
Default: "512M"
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.devShmSize
Type: string
Default: "50%"
Example: "256m"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.devSize
Type: string
Default: "5%"
Example: "32m"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.extraModprobeConfig
Type: strings concatenated with "\n"
Default: ""
Example:
'' options parport_pc io=0x378 irq=7 dma=1 ''
Declared by:
<nixpkgs/nixos/modules/system/boot/modprobe.nix>
|
boot.extraModulePackages
Type: list of package
Default: [ ]
Example: [ config.boot.kernelPackages.nvidia_x11 ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.enable
Whether to enable the NixOS initial RAM disk (initrd). This may be needed to perform some initialisation tasks (like mounting network/encrypted file systems) before continuing the boot process.
Type: boolean
Default: "!config.boot.isContainer"
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.availableKernelModules
Type: list of string
Default: [ ]
Example:
[ "sata_nv" "ext3" ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.checkJournalingFS
Type: boolean (read only)
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.includeDefaultModules
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.kernelModules
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.network.enable
Add network connectivity support to initrd. The network may be
configured using the ip
kernel parameter,
as described in the
kernel documentation. Otherwise, if
networking.useDHCP
is enabled, an IP address
is acquired using DHCP.
You should add the module(s) required for your network card to
boot.initrd.availableKernelModules.
lspci -v | grep -iA8 'network\|ethernet'
will tell you which.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.flushBeforeStage2
Whether to clear the configuration of the interfaces that were set up in the initrd right before stage 2 takes over. Stage 2 will do the regular network configuration based on the NixOS networking options.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.postCommands
Shell commands to be executed after stage 1 of the boot has initialised the network.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.setClock
Set clock in initrd using NTP servers in networking.timeServers
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.ssh.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.authorizedKeys
Type: list of string
Default: config.users.users.root.openssh.authorizedKeys.keys
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.hostKeys
Type: list of (string or path)
Default: [ ]
Example:
[ "/etc/secrets/initrd/ssh_host_rsa_key" "/etc/secrets/initrd/ssh_host_ed25519_key" ]
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.ignoreEmptyHostKeys
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.port
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: 22
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.shell
Type: null or string
Default: "\"/bin/ash\""
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.udhcpc.extraArgs
Additional command-line arguments passed verbatim to udhcpc if
boot.initrd.network.enable
and networking.useDHCP
are enabled.
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.useDHCP
Whether to use DHCP in the initrd.
Type: null or boolean
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.postDeviceCommands
Shell commands to be executed immediately after stage 1 of the
boot has loaded kernel modules and created device nodes in
/dev
.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.postMountCommands
Shell commands to be executed immediately after the stage 1 filesystems have been mounted.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.preFailCommands
Shell commands to be executed before the failure prompt is shown.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.preLVMCommands
Shell commands to be executed immediately before LVM discovery. vpsAdminOS actually does not support LVM, this is just for compatibility with other modules.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.prepend
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.supportedFilesystems
Names of supported filesystem types in the initial ramdisk.
Type: list of string
Default: [ ]
Example:
[ "btrfs" ]
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.systemd.enable
Type: boolean (read only)
Default: false
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
boot.initrd.systemd.contents
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
boot.initrd.systemd.managerEnvironment
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
boot.initrd.systemd.network.enable
Type: boolean (read only)
Default: false
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
boot.initrd.systemd.services
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
boot.initrd.systemd.storePaths
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
boot.initrd.withHwSupport
Include hardware support kernel modules in initrd (so e.g. zfs sees disks)
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/config/kernel.nix>
|
boot.isContainer
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
boot.isLiveSystem
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
boot.kernel.enable
Type: boolean
Default: true
Example: true
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernel.randstructSeed
Type: string
Default: ""
Example: "my secret seed"
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernel.sysctl
Type: attribute set of (sysctl option value)
Default: { }
Example:
{ "net.ipv4.tcp_syncookies" = false; "vm.swappiness" = 60; }
Declared by:
<nixpkgs/nixos/modules/config/sysctl.nix>
|
boot.kernel.sysctl."net.core.rmem_max"
Type: null or unsigned integer, meaning >=0
Default: null
Declared by:
<nixpkgs/nixos/modules/config/sysctl.nix>
|
boot.kernelModules
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelPackage
base linux kernel package
Type: package
Default: <derivation linux-6.1.56>
Declared by:
<vpsadminos/os/modules/config/kernel.nix>
|
boot.kernelPackages
Type: raw value
Default: pkgs.linuxPackages
Example: pkgs.linuxKernel.packages.linux_5_10
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelParams
Type: list of string, with spaces inside double quotes
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelPatches
Type: list of (attribute set)
Default: [ ]
Example:
[ { name = "foo"; patch = ./foo.patch; extraStructuredConfig.FOO = lib.kernel.yes; features.foo = true; } ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelVersion
TODO
Type: string
Default: "6.1.56"
Declared by:
<vpsadminos/os/modules/config/kernel.nix>
|
boot.loader.efi.canTouchEfiVariables
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/efi.nix>
|
boot.loader.efi.efiSysMountPoint
Type: string
Default: "/boot"
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/efi.nix>
|
boot.loader.generationsDir.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix>
|
boot.loader.generationsDir.copyKernels
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix>
|
boot.loader.grub.enable
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.enableCryptodisk
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.backgroundColor
Type: null or string
Default: null
Example: "#7EBAE4"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.configurationLimit
Type: signed integer
Default: 100
Example: 120
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.configurationName
Type: string
Default: ""
Example: "Stable 2.6.21"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.copyKernels
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.default
Type: signed integer or string
Default: "0"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.device
Type: string
Default: ""
Example: "/dev/disk/by-id/wwn-0x500001234567890a"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.devices
Type: list of string
Default: [ ]
Example:
[ "/dev/disk/by-id/wwn-0x500001234567890a" ]
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.efiInstallAsRemovable
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.efiSupport
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.entryOptions
Type: null or string
Default: "--class nixos --unrestricted"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraConfig
Type: strings concatenated with "\n"
Default: ""
Example:
'' serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1 terminal_input --append serial terminal_output --append serial ''
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraEntries
Type: strings concatenated with "\n"
Default: ""
Example:
'' # GRUB 1 example (not GRUB 2 compatible) title Windows chainloader (hd0,1)+1 # GRUB 2 example menuentry "Windows 7" { chainloader (hd0,4)+1 } # GRUB 2 with UEFI example, chainloading another distro menuentry "Fedora" { set root=(hd1,1) chainloader /efi/fedora/grubx64.efi } ''
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraEntriesBeforeNixOS
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraFiles
Type: attribute set of path
Default: { }
Example:
{ "memtest.bin" = "${pkgs.memtest86plus}/memtest.bin"; }
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraGrubInstallArgs
Type: list of string
Default: [ ]
Example:
[ "--modules=nativedisk ahci pata part_gpt part_msdos diskfilter mdraid1x lvm ext2" ]
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraInstallCommands
Type: strings concatenated with "\n"
Default: ""
Example:
'' # the example below generates detached signatures that GRUB can verify # https://www.gnu.org/software/grub/manual/grub/grub.html#Using-digital-signatures ''${pkgs.findutils}/bin/find /boot -not -path "/boot/efi/*" -type f -name '*.sig' -delete old_gpg_home=$GNUPGHOME export GNUPGHOME="$(mktemp -d)" ''${pkgs.gnupg}/bin/gpg --import ''${priv_key} > /dev/null 2>&1 ''${pkgs.findutils}/bin/find /boot -not -path "/boot/efi/*" -type f -exec ''${pkgs.gnupg}/bin/gpg --detach-sign "{}" \; > /dev/null 2>&1 rm -rf $GNUPGHOME export GNUPGHOME=$old_gpg_home ''
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraPerEntryConfig
Type: strings concatenated with "\n"
Default: ""
Example: "root (hd0)"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraPrepareConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.font
Type: null or path
Default: "${pkgs.grub2}/share/grub/unicode.pf2"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.fontSize
Type: null or signed integer
Default: null
Example: 16
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.forceInstall
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.forcei686
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.fsIdentifier
Type: one of "uuid", "label", "provided"
Default: "uuid"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.gfxmodeBios
Type: string
Default: "1024x768"
Example: "auto"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.gfxmodeEfi
Type: string
Default: "auto"
Example: "1024x768"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.gfxpayloadBios
Type: string
Default: "text"
Example: "keep"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.gfxpayloadEfi
Type: string
Default: "keep"
Example: "text"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.ipxe
Type: attribute set of (path or string)
Default: { }
Example:
{ demo = '' #!ipxe dhcp chain http://boot.ipxe.org/demo/boot.php ''; }
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/ipxe.nix>
|
boot.loader.grub.mirroredBoots
Type: list of (submodule)
Default: [ ]
Example:
[ { devices = [ "/dev/disk/by-id/wwn-0x500001234567890a" ]; path = "/boot1"; } { devices = [ "/dev/disk/by-id/wwn-0x500009876543210a" ]; path = "/boot2"; } ]
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.mirroredBoots.*.devices
Type: list of string
Default: [ ]
Example:
[ "/dev/disk/by-id/wwn-0x500001234567890a" "/dev/disk/by-id/wwn-0x500009876543210a" ]
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.mirroredBoots.*.efiBootloaderId
Type: null or string
Default: null
Example: "VpsAdminOS-fsid"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.mirroredBoots.*.efiSysMountPoint
Type: null or string
Default: null
Example: "/boot1/efi"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.mirroredBoots.*.path
Type: string
Example: "/boot1"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.splashImage
Type: null or path
Example: ./my-background.png
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.splashMode
Type: one of "normal", "stretch"
Default: "stretch"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.storePath
Type: string
Default: "/nix/store"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.subEntryOptions
Type: null or string
Default: "--class nixos"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.theme
Type: null or path
Default: null
Example: pkgs.nixos-grub2-theme
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.useOSProber
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users
Type: attribute set of (submodule)
Default: { }
Example:
{ root = { hashedPasswordFile = "/path/to/file"; }; }
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users.<name>.hashedPassword
Type: null or string
Default: null
Example: "grub.pbkdf2.sha512.10000.674DFFDEF76E13EA...2CC972B102CF4355"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users.<name>.hashedPasswordFile
Type: null or string
Default: null
Example: "/path/to/file"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users.<name>.password
Type: null or string
Default: null
Example: "Pa$$w0rd!"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users.<name>.passwordFile
Type: null or string
Default: null
Example: "/path/to/file"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.zfsSupport
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.timeout
Type: null or signed integer
Default: 5
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/loader.nix>
|
boot.modprobeConfig.enable
Type: boolean
Default: true
Example: true
Declared by:
<nixpkgs/nixos/modules/system/boot/modprobe.nix>
|
boot.postBootCommands
Shell commands to be executed just before runit is started.
Type: strings concatenated with "\n"
Default: ""
Example: "rm -f /var/log/messages"
Declared by:
<vpsadminos/os/modules/system/boot/stage-2.nix>
|
boot.predefinedFailAction
Action to take automatically if stage-1 fails. n - create new pool (may also erase disks and run partitioning if configured) i - interactive shell r - reboot * - ignore Useful for unattended installations and testing.
Type: one of "", "n", "i", "r", "*"
Default: ""
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
boot.procHidePid
mount proc with hidepid=2
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/stage-2.nix>
|
boot.qemu.enable
QEMU runner
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks
Disks available within the VM
Type: list of (submodule)
Default:
[ { create = true; device = "sda.img"; size = "8G"; type = "file"; } ]
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks.*.create
Create the device if it does not exist. Applicable only for file-backed devices.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks.*.device
Path to the disk device
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks.*.size
Device size
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks.*.type
Device type
Type: one of "file", "blockdev"
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.extraQemuOptions
Extra command-line arguments passed to qemu
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.network.bridge.link
Name of the bridge interface on the host to use
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.network.mode
Type: one of "user", "bridge"
Default: "user"
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.network.user.dns
Type: string
Default: "10.0.2.3"
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.network.user.host
Type: string
Default: "10.0.2.2"
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.network.user.hostForward
Type: null or string
Default: "tcp::2222-:22"
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.network.user.network
Type: string
Default: "10.0.2.0/24"
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.sharedFileSystems
Filesystems shared between the host and the VM (the guest)
Type: list of (submodule)
Default: [ ]
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.sharedFileSystems.*.guestPath
Target mountpoint in the guest
Type: path
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.sharedFileSystems.*.handle
Handle for mounting
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.sharedFileSystems.*.hostPath
Source directory on the host
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.stateDir
Directory where qemu-related files are stored, e.g. socket files, disk files, etc.
Type: string
Default: "~/.osvm-qemu/\${config.networking.hostName}"
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.readOnlyNixStore
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/stage-2.nix>
|
boot.runSize
Type: string
Default: "25%"
Example: "256m"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.depends
Type: list of string (with check: non-empty without trailing slash)
Default: [ ]
Example:
[ "/persist" ]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.device
Type: null or string (with check: non-empty)
Default: null
Example: "/dev/sda"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.fsType
Type: string (with check: non-empty)
Default: "auto"
Example: "ext3"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.mountPoint
Type: string (with check: non-empty without trailing slash)
Example: "/mnt/usb"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.options
Type: non-empty (list of string (with check: non-empty))
Default:
[ "defaults" ]
Example:
[ "data=journal" ]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.supportedFilesystems
Type: list of string
Default: [ ]
Example:
[ "btrfs" ]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.vesa
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.zfs.devNodes
Directories used to search disk devices. This should be a path under /dev containing stable names for all devices needed, as import may fail if device nodes are renamed concurrently with a device failing.
Type: list of string
Default:
[ "/dev/disk/by-id" ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.forceImportRoot
Forcibly import the ZFS root pool(s) during early boot.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.moduleParams
Type: submodule
Default: { }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.moduleParams.spl
spl module load time options
Type: attribute set of (module option value)
Default: { }
Example:
{ "spl_taskq_thread_priority" = true; "spl_taskq_thread_sequential" = 2; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.moduleParams.zfs
zfs module load time options
Type: attribute set of (module option value)
Default: { }
Example:
{ "zfs_arc_min" = 1073741824; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.cache
Devices used for secondary read cache (L2ARC).
Type: list of string
Default: [ ]
Example:
[ "sde2" "sdf2" ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.datasets
Declaratively create ZFS file systems or volumes and configure properties. Dataset names are relative to the pool and optionally may start with a slash. Configured properties are passed directly to ZFS, see man zfs(8) for more information. No dataset is ever destroyed and properties removed from the configuration are not unset once deployed. To reset a property, set its value to `inherit`.
Type: attribute set of (submodule)
Default:
{ "/" = { }; }
Example:
{ "/" = { properties = { sharenfs = "on"; }; }; data = { properties = { quota = "100G"; }; }; volume = { properties = { volsize = "50G"; }; type = "volume"; }; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.datasets.<name>.properties
ZFS properties, see man zfs(8).
Type: attribute set of (string or signed integer)
Default: { }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.datasets.<name>.type
Dataset type
Type: one of "filesystem", "volume"
Default: "filesystem"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.doCreate
Determines whether disks are partitioned and zpool is created when the pool cannot be imported, suggesting it does not exist. Do not enable this in production, existing pools might fail to import for unforeseen reasons and recreating them will result in data loss.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.guid
Pool ID used for importing.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.importAttempts
Number of attempts to cleanly import the pool with all devices present.
After the attempts are spent, even a degraded pool will be imported.
If the pool still can't be imported, the service will either fail
or create the pool if option
boot.zfs.pools.<name>.doCreate
is enabled.
Type: 3 or more
Default: 60
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.install
Import the pool into osctld to be used for containers.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.layout
Pool layout to pass to zpool create. The pool can be created either
manually using script do-create-pool-<pool>
or automatically when boot.zfs.pools.<pool>.doCreate
is set and the pool cannot be imported.
Type: list of (submodule)
Default: [ ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.layout.*.devices
List of device names.
Type: list of string
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.layout.*.type
Virtual device type, see man zpool(8) for more information.
Type: one of "stripe", "mirror", "raidz", "raidz1", "raidz2", "raidz3"
Default: "stripe"
Example: "mirror"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.log
Devices used for ZFS Intent Log (ZIL).
Type: list of (submodule)
Default: [ ]
Example:
{ devices = [ "sde1" "sdf1" ]; mirror = true; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.log.*.devices
List of device names.
Type: list of string
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.log.*.mirror
Determines whether the log devices will be mirrored or not.
Type: boolean
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.partition
Partition disks This creates a sfdisk input for simple partitioning, X in 'pX' means partition number. If sizeGB is not specified the rest of the dist will be used for this partition.
Type: attribute set of attribute set of (submodule)
Default: { }
Example:
{ sde = { p1 = { sizeGB = 20; }; p2 = { sizeGB = 10; type = "fd"; }; p3 = { }; }; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.partition.<name>.<name>.sizeGB
Partition size in gigabytes
Type: null or positive integer, meaning >0
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.partition.<name>.<name>.type
Partition type (list with `sfdisk -T`)
Type: value "fd" (singular enum)
Default: "fd"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.properties
zpool properties, see man zpool(8) for more information.
Type: attribute set of (string or signed integer)
Default: { }
Example:
{ readonly = "on"; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.enable
Enables periodic scrubbing
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.pauseCommand
Optionally override the auto-generated command used to pause scrub
of the pool.
Defaults to scrubctl pause <pool>
.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.pauseIntervals
Date and time expression for when to pause a running scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.resumeCommand
Optionally override the auto-generated command used to resume scrub
of the pool.
Defaults to scrubctl resume <pool>
.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.resumeIntervals
Date and time expression for when to resume a paused scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.startCommand
Optionally override the auto-generated command used to scrub
the pool.
Defaults to scrubctl start <pool>
.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.startIntervals
Date and time expression for when to scrub the pool in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.share
Determines whether ZFS filesystems with sharenfs set should be
exported.
When set to always
, zfs share
is run every time the service is started. When set to
once
, filesystems are exported only once for this
pool, e.g. when the service is restarted on upgrade, filesystems are
not reexported. off
disables automated exporting
completely.
Type: one of "always", "once", "off"
Default: "always"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.spare
List of devices to be used as hot spares.
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.wipe
Wipe disks prior to disk partitioning and pool creation (dangerous!). Uses dd to erase first and last 1024 sectors of the device.
Type: list of string
Default: [ ]
Example:
[ "sda" "sdb" ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfsUserPackage
TODO
Type: package
Default: <derivation zfs-user-2.0-vpsadminos>
Declared by:
<vpsadminos/os/modules/config/kernel.nix>
|
environment.enableDebugInfo
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/debug-info.nix>
|
environment.etc
Type: attribute set of (submodule)
Default: { }
Example:
{ example-configuration-file = { source = "/nix/store/.../etc/dir/file.conf.example"; mode = "0440"; }; "default/useradd".text = "GROUP=100 ..."; }
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.gid
Type: signed integer
Default: 0
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.group
Type: string
Default: "+0"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.mode
Type: string
Default: "symlink"
Example: "0600"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.source
Type: path
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.target
Type: string
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.text
Type: null or strings concatenated with "\n"
Default: null
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.uid
Type: signed integer
Default: 0
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.user
Type: string
Default: "+0"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.extraInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.extraOutputsToInstall
List of additional package outputs to be symlinked into /run/current-system/sw
.
Type: list of string
Default: [ ]
Example:
[ "doc" "info" "docdev" ]
Declared by:
<vpsadminos/os/modules/config/system-path.nix>
|
environment.extraSetup
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/config/system-path.nix>
|
environment.homeBinInPath
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.interactiveShellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.localBinInPath
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.loginShellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.pathsToLink
List of directories to be symlinked in /run/current-system/sw
.
Type: list of string
Default: [ ]
Example:
[ "/" ]
Declared by:
<vpsadminos/os/modules/config/system-path.nix>
|
environment.profileRelativeEnvVars
Type: attribute set of list of string
Example:
{ MANPATH = [ "/man" "/share/man" ]; PATH = [ "/bin" ]; }
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.profileRelativeSessionVariables
Type: attribute set of list of string
Example:
{ MANPATH = [ "/man" "/share/man" ]; PATH = [ "/bin" ]; }
Declared by:
<nixpkgs/nixos/modules/config/system-environment.nix>
|
environment.profiles
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.sessionVariables
Type: attribute set of ((list of string) or string or path)
Default: { }
Declared by:
<nixpkgs/nixos/modules/config/system-environment.nix>
|
environment.shellAliases
Type: attribute set of (null or string or path)
Example:
{ l = null; ll = "ls -l"; }
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.shellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.shells
Type: list of (package or path)
Default: [ ]
Example: [ pkgs.bashInteractive pkgs.zsh ]
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.systemPackages
Type: list of package
Default: [ ]
Example: [ pkgs.firefox pkgs.thunderbird ]
Declared by:
<vpsadminos/os/modules/config/system-path.nix>
|
environment.variables
Type: attribute set of ((list of string) or string or path)
Default: { }
Example:
{ EDITOR = "nvim"; VISUAL = "nvim"; }
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
fileSystems
Type: attribute set of (submodule)
Default: { }
Example:
{ "/".device = "/dev/hda1"; "/data" = { device = "/dev/hda2"; fsType = "ext3"; options = [ "data=journal" ]; }; "/bigdisk".label = "bigdisk"; }
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.autoFormat
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.autoResize
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.depends
Type: list of string (with check: non-empty without trailing slash)
Default: [ ]
Example:
[ "/persist" ]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.device
Type: null or string (with check: non-empty)
Default: null
Example: "/dev/sda"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.formatOptions
Type: string
Default: ""
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.fsType
Type: string (with check: non-empty)
Default: "auto"
Example: "ext3"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.label
Type: null or string (with check: non-empty)
Default: null
Example: "root-partition"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.mountPoint
Type: string (with check: non-empty without trailing slash)
Example: "/mnt/usb"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.neededForBoot
If set, this file system will be mounted in the initial
ramdisk. By default, this applies to the root file system
and to the file system containing
/nix/store
.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
fileSystems.<name>.noCheck
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.options
Type: non-empty (list of string (with check: non-empty))
Default:
[ "defaults" ]
Example:
[ "data=journal" ]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
hardware.enableAllFirmware
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/hardware/all-firmware.nix>
|
hardware.enableRedistributableFirmware
Type: boolean
Default: config.hardware.enableAllFirmware
Declared by:
<nixpkgs/nixos/modules/hardware/all-firmware.nix>
|
hardware.cpu.amd.updateMicrocode
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/hardware/cpu/amd-microcode.nix>
|
hardware.cpu.intel.updateMicrocode
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/hardware/cpu/intel-microcode.nix>
|
hardware.firmware
Type: list of package
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/hardware/eudev.nix>
|
hardware.wirelessRegulatoryDatabase
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/hardware/all-firmware.nix>
|
i18n.defaultLocale
Type: string
Default: "en_US.UTF-8"
Example: "nl_NL.UTF-8"
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.extraLocaleSettings
Type: attribute set of string
Default: { }
Example:
{ LC_MESSAGES = "en_US.UTF-8"; LC_TIME = "de_DE.UTF-8"; }
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.glibcLocales
Type: path
Default:
pkgs.glibcLocales.override { allLocales = any (x: x == "all") config.i18n.supportedLocales; locales = config.i18n.supportedLocales; }
Example: pkgs.glibcLocales
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.supportedLocales
Type: list of string
Default:
unique (builtins.map (l: (replaceStrings [ "utf8" "utf-8" "UTF8" ] [ "UTF-8" "UTF-8" "UTF-8" ] l) + "/UTF-8") ( [ "C.UTF-8" "en_US.UTF-8" config.i18n.defaultLocale ] ++ (attrValues (filterAttrs (n: v: n != "LANGUAGE") config.i18n.extraLocaleSettings)) ))
Example:
[ "en_US.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "nl_NL/ISO-8859-1" ]
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
krb5
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
lib
Type: attribute set of (attribute set)
Default: { }
Declared by:
<nixpkgs/nixos/modules/misc/lib.nix>
|
location.latitude
Type: floating point number
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
location.longitude
Type: floating point number
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
location.provider
Type: one of "manual", "geoclue2"
Default: "manual"
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
manual.html.enable
Whether to install the HTML manual.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/misc/manual.nix>
|
manual.json.enable
Whether to install a JSON formatted list of all vpsAdminOS
options. This can be located at
<profile directory>/share/doc/vpsadminos/options.json
,
and may be used for navigating definitions, auto-completing,
and other miscellaneous tasks.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/misc/manual.nix>
|
manual.manpages.enable
Whether to install the configuration manual page. The manual can be reached by man configuration.nix.
Type: boolean
Default: true
Example: false
Declared by:
<vpsadminos/os/modules/misc/manual.nix>
|
networking.enableIPv6
Type: unspecified value
Default: true
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
networking.chronyd
use Chrony daemon for network time synchronization
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/networking/chronyd.nix>
|
networking.custom
Custom set of commands used to set-up networking
Type: strings concatenated with "\n"
Default: ""
Example:
'' ip addr add 10.0.0.1 dev ix0 ip link set ix0 up ''
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.dhcp
use DHCP to obtain IP
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.dhcpd
Whether to enable Enable dhcpd for lxc containers.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/networking/dhcpd.nix>
|
networking.domain
The domain. It can be left empty if it is auto-detected through DHCP.
Type: null or string
Default: null
Example: "home"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.extraHosts
Additional verbatim entries to be appended to /etc/hosts
.
Type: strings concatenated with "\n"
Default: ""
Example: "192.168.0.1 lanlocalhost"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.firewall.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.package
Type: package
Default: if config.networking.nftables.enable then "pkgs.nftables" else "pkgs.iptables"
Example: pkgs.iptables-legacy
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowPing
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedTCPPortRanges
Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: [ ]
Example:
[ { from = 8999; to = 9003; } ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedTCPPorts
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: [ ]
Example:
[ 22 80 ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedUDPPortRanges
Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: [ ]
Example:
[ { from = 60000; to = 61000; } ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedUDPPorts
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: [ ]
Example:
[ 53 ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.autoLoadConntrackHelpers
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.checkReversePath
Type: boolean or one of "strict", "loose"
Default:
{
_type = "literalMD"; text = "`true` except if the iptables based firewall is in use and the kernel lacks rpfilter support";
}
Example: "loose"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.connectionTrackingModules
Type: list of string
Default: [ ]
Example:
[ "ftp" "irc" "sane" "sip" "tftp" "amanda" "h323" "netbios_sn" "pptp" "snmp" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.extraCommands
Type: strings concatenated with "\n"
Default: ""
Example: "iptables -A INPUT -p icmp -j ACCEPT"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall-iptables.nix>
|
networking.firewall.extraForwardRules
Type: strings concatenated with "\n"
Default: ""
Example: "iifname wg0 accept"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall-nftables.nix>
|
networking.firewall.extraInputRules
Type: strings concatenated with "\n"
Default: ""
Example: "ip6 saddr { fc00::/7, fe80::/10 } tcp dport 24800 accept"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall-nftables.nix>
|
networking.firewall.extraPackages
Type: list of package
Default: [ ]
Example: [ pkgs.ipset ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.extraStopCommands
Type: strings concatenated with "\n"
Default: ""
Example: "iptables -P INPUT ACCEPT"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall-iptables.nix>
|
networking.firewall.filterForward
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces
Type: attribute set of (submodule)
Default: { }
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces.<name>.allowedTCPPortRanges
Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: [ ]
Example:
[ { from = 8999; to = 9003; } ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces.<name>.allowedTCPPorts
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: [ ]
Example:
[ 22 80 ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces.<name>.allowedUDPPortRanges
Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: [ ]
Example:
[ { from = 60000; to = 61000; } ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces.<name>.allowedUDPPorts
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: [ ]
Example:
[ 53 ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedConnections
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedPackets
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedUnicastsOnly
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logReversePathDrops
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.pingLimit
Type: null or strings concatenated with " "
Default: null
Example: "--limit 1/minute --limit-burst 5"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.rejectPackets
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.trustedInterfaces
Type: list of string
Default: [ ]
Example:
[ "enp0s2" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.hostId
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
networking.hostName
machine hostname
Type: string
Default: "default"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.hosts
Locally defined maps of hostnames to IP addresses.
Type: attribute set of list of string
Default: { }
Example:
{ "127.0.0.1" = [ "foo.bar.baz" ]; "192.168.0.2" = [ "fileserver.local" "nameserver.local" ]; };
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.lxcbr
create lxc bridge interface
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.nameservers
The list of nameservers. It can be left empty if it is auto-detected through DHCP.
Type: list of string
Default: [ ]
Example:
[ "208.67.222.222" "208.67.220.220" ]
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.nat
enable NAT for containers
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.networkmanager
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
networking.nftables.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/nftables.nix>
|
networking.nftables.checkRuleset
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/nftables.nix>
|
networking.nftables.preCheckRuleset
Type: strings concatenated with "\n"
Default: ""
Example:
sed 's/skgid meadow/skgid nogroup/g' -i ruleset.conf
Declared by:
<nixpkgs/nixos/modules/services/networking/nftables.nix>
|
networking.nftables.ruleset
Type: strings concatenated with "\n"
Default: ""
Example:
'' # Check out https://wiki.nftables.org/ for better documentation. # Table for both IPv4 and IPv6. table inet filter { # Block all incoming connections traffic except SSH and "ping". chain input { type filter hook input priority 0; # accept any localhost traffic iifname lo accept # accept traffic originated from us ct state {established, related} accept # ICMP # routers may also want: mld-listener-query, nd-router-solicit ip6 nexthdr icmpv6 icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert } accept ip protocol icmp icmp type { destination-unreachable, router-advertisement, time-exceeded, parameter-problem } accept # allow "ping" ip6 nexthdr icmpv6 icmpv6 type echo-request accept ip protocol icmp icmp type echo-request accept # accept SSH connections (required for a server) tcp dport 22 accept # count and drop any other traffic counter drop } # Allow all outgoing connections. chain output { type filter hook output priority 0; accept } chain forward { type filter hook forward priority 0; accept } } ''
Declared by:
<nixpkgs/nixos/modules/services/networking/nftables.nix>
|
networking.nftables.rulesetFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/nftables.nix>
|
networking.preConfig
Set of commands run prior to any other network configuration
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.search
The list of search paths used when resolving domain names.
Type: list of string
Default: [ ]
Example:
[ "example.com" "local.domain" ]
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.enable
use static networking configuration
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.gw
gateway IP address for static networking configuration
Type: string
Default: "10.0.2.2"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.interface
interface for static networking configuration
Type: string
Default: "eth0"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.ip
IP address for static networking configuration
Type: string
Default: "10.0.2.15"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.route
route
Type: string
Default: "10.0.2.0/24"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.timeServers
The set of NTP servers from which to synchronise.
Type: unspecified value
Default:
[ "0.nixos.pool.ntp.org" "1.nixos.pool.ntp.org" "2.nixos.pool.ntp.org" "3.nixos.pool.ntp.org" ]
Declared by:
<vpsadminos/os/modules/services/networking/chronyd.nix>
|
networking.useDHCP
Alias of networking.dhcp
.
Type: boolean
Declared by:
<vpsadminos/os/modules/rename.nix>
|
networking.waitOnline.http.urls
A list URLs which are queried. We are online when any one of these sends a HTTP response.
Type: list of string
Default:
[ "http://1.1.1.1" "http://vpsadminos.org" ]
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.waitOnline.method
Which method to use to check network connectivity
Type: one of "ping", "http"
Default: "ping"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.waitOnline.ping.hosts
A list of hosts which are pinged. We are online when any one of these pongs back.
Type: list of string
Default:
[ "8.8.8.8" "1.1.1.1" ]
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
nix.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/system/nix-daemon.nix>
|
nix.package
Type: package
Default: pkgs.nix
Declared by:
<nixpkgs/nixos/modules/services/system/nix-daemon.nix>
|
nix.buildMachines
Type: list of (submodule)
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.hostName
Type: string
Example: "nixbuilder.example.org"
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.mandatoryFeatures
Type: list of string
Default: [ ]
Example:
[ "big-parallel" ]
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.maxJobs
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.protocol
Type: one of <null>, "ssh", "ssh-ng"
Default: "ssh"
Example: "ssh-ng"
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.publicHostKey
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.speedFactor
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.sshKey
Type: null or string
Default: null
Example: "/root/.ssh/id_buildhost_builduser"
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.sshUser
Type: null or string
Default: null
Example: "builder"
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.supportedFeatures
Type: list of string
Default: [ ]
Example:
[ "kvm" "big-parallel" ]
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.system
Type: null or string
Default: null
Example: "x86_64-linux"
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.buildMachines.*.systems
Type: list of string
Default: [ ]
Example:
[ "x86_64-linux" "aarch64-linux" ]
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.channel.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/nix-channel.nix>
|
nix.checkAllErrors
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.checkConfig
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.daemon.enable
Whether to enable Enable nix daemon.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/misc/nix-daemon.nix>
|
nix.daemonCPUSchedPolicy
Type: one of "other", "batch", "idle"
Default: "other"
Example: "batch"
Declared by:
<nixpkgs/nixos/modules/services/system/nix-daemon.nix>
|
nix.daemonIOSchedClass
Type: one of "best-effort", "idle"
Default: "best-effort"
Example: "idle"
Declared by:
<nixpkgs/nixos/modules/services/system/nix-daemon.nix>
|
nix.daemonIOSchedPriority
Type: signed integer
Default: 4
Example: 1
Declared by:
<nixpkgs/nixos/modules/services/system/nix-daemon.nix>
|
nix.distributedBuilds
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/nix-remote-build.nix>
|
nix.extraOptions
Type: strings concatenated with "\n"
Default: ""
Example:
'' keep-outputs = true keep-derivations = true ''
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.nixPath
Type: list of string
Default:
'' if nix.channel.enable then [ "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos" "nixos-config=/etc/nixos/configuration.nix" "/nix/var/nix/profiles/per-user/root/channels" ] else []; ''
Declared by:
<nixpkgs/nixos/modules/config/nix-channel.nix>
|
nix.nrBuildUsers
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/services/system/nix-daemon.nix>
|
nix.registry
Type: attribute set of (submodule)
Default: { }
Declared by:
<nixpkgs/nixos/modules/config/nix-flakes.nix>
|
nix.registry.<name>.exact
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/nix-flakes.nix>
|
nix.registry.<name>.flake
Type: null or (attribute set)
Default: null
Example: nixpkgs
Declared by:
<nixpkgs/nixos/modules/config/nix-flakes.nix>
|
nix.registry.<name>.from
Type: attribute set of (string or signed integer or boolean or path or package)
Example:
{ id = "nixpkgs"; type = "indirect"; }
Declared by:
<nixpkgs/nixos/modules/config/nix-flakes.nix>
|
nix.registry.<name>.to
Type: attribute set of (string or signed integer or boolean or path or package)
Example:
{ owner = "my-org"; repo = "my-nixpkgs"; type = "github"; }
Declared by:
<nixpkgs/nixos/modules/config/nix-flakes.nix>
|
nix.settings
Type: attribute set of (Nix config atom (null, bool, int, float, str, path or package) or list of (Nix config atom (null, bool, int, float, str, path or package)))
Default: { }
Example:
{ use-sandbox = true; show-trace = true; system-features = [ "big-parallel" "kvm" "recursive-nix" ]; sandbox-paths = { "/bin/sh" = "${pkgs.busybox-sandbox-shell.out}/bin/busybox"; }; }
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.allowed-users
Type: list of string
Default:
[ "*" ]
Example:
[ "@wheel" "@builders" "alice" "bob" ]
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.auto-optimise-store
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.cores
Type: signed integer
Default: 0
Example: 64
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.extra-sandbox-paths
Type: list of string
Default: [ ]
Example:
[ "/dev" "/proc" ]
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.max-jobs
Type: signed integer or value "auto" (singular enum)
Default: "auto"
Example: 64
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.require-sigs
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.sandbox
Type: boolean or value "relaxed" (singular enum)
Default: true
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.substituters
Type: list of string
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.system-features
Type: list of string
Example:
[ "kvm" "big-parallel" "gccarch-skylake" ]
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.trusted-public-keys
Type: list of string
Example:
[ "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" ]
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.trusted-substituters
Type: list of string
Default: [ ]
Example:
[ "https://hydra.nixos.org/" ]
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nix.settings.trusted-users
Type: list of string
Default:
[ "root" ]
Example:
[ "root" "alice" "@wheel" ]
Declared by:
<nixpkgs/nixos/modules/config/nix.nix>
|
nixpkgs.buildPlatform
Type: string or (attribute set)
Default: config.nixpkgs.hostPlatform
Example:
{ config = "x86_64-unknown-linux-gnu"; system = "x86_64-linux"; }
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.config
Type: nixpkgs config
Default: { }
Example:
{ allowBroken = true; allowUnfree = true; }
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.crossSystem
Type: null or (attribute set)
Default: null
Example:
{ config = "aarch64-unknown-linux-gnu"; system = "aarch64-linux"; }
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.hostPlatform
Type: string or (attribute set)
Default: (import "${nixos}/../lib").lib.systems.examples.aarch64-multiplatform
Example:
{ config = "aarch64-unknown-linux-gnu"; system = "aarch64-linux"; }
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.localSystem
Type: attribute set
Default: (import "${nixos}/../lib").lib.systems.examples.aarch64-multiplatform
Example:
{ config = "aarch64-unknown-linux-gnu"; system = "aarch64-linux"; }
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.overlays
Type: list of (nixpkgs overlay)
Default: [ ]
Example:
[ (self: super: { openssh = super.openssh.override { hpnSupport = true; kerberos = self.libkrb5; }; }) ]
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.pkgs
Type: An evaluation of Nixpkgs; the top level attribute set of packages
Default:
import "${nixos}/.." { inherit (cfg) config overlays localSystem crossSystem; }
Example: import <nixpkgs> {}
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.system
Type: string
Default:
{
_type = "literalMD"; text = "Traditionally `builtins.currentSystem`, but unset when invoking NixOS through `lib.nixosSystem`.\n";
}
Example: "i686-linux"
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
os.channel-registration.enable
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/installer/cd-dvd/channel.nix>
|
osctl.exporter.enable
Enable osctl-exporter.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/osctl-exporter.nix>
|
osctl.exporter.listenAddress
Address to listen on.
Type: string
Default: "0.0.0.0"
Declared by:
<vpsadminos/os/modules/osctl/osctl-exporter.nix>
|
osctl.exporter.port
Port to listen on.
Type: signed integer
Default: 9101
Declared by:
<vpsadminos/os/modules/osctl/osctl-exporter.nix>
|
osctl.exportfs.enable
Enable osctl-exportfs integration.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/osctl-exportfs.nix>
|
osctl.pools
osctl pools to configure
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers
osctl containers to include
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.arch
Architecture of the distribution to install, must be compatible with the host's architecture.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.autostart
Autostart options See also https://vpsadminos.org/containers/auto-starting/
Type: null or (submodule)
Default: null
Example:
{ delay = 5; enable = true; priority = 1000; }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.autostart.enable
Whether to enable Enable container autostart.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.autostart.delay
Autostart delay
Type: positive integer, meaning >0
Default: 5
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.autostart.priority
Autostart priority
Type: positive integer, meaning >0
Default: 1000
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams
CGroup parameters See also https://vpsadminos.org/containers/resources/
Type: list of (submodule)
Default: [ ]
Example:
[ { name = "memory.limit_in_bytes"; subsystem = "memory"; value = "10G"; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams.*.name
CGroup parameter name
Type: string
Example: "memory.limit_in_bytes"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams.*.subsystem
CGroup subsystem name. If left empty, it is deduced from cgroup parameter name.
Type: string
Default: ""
Example: "memory"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams.*.value
CGroup parameter value
Type: string
Example: "10G"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams.*.version
CGroup parameter version
Type: one of 1, 2
Default: 1
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.config
A specification of the desired configuration of this container, as a NixOS module.
Type: Toplevel NixOS config
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices
Devices allowed in this group See also https://vpsadminos.org/containers/devices/
Type: list of (submodule)
Default: [ ]
Example:
[ { major = 10; minor = 229; mode = "rw"; name = "/dev/fuse"; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.major
Device major ID
Type: string
Example: "229"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.minor
Device minor ID
Type: string
Example: "10"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.mode
Device access mode.
r
for read, w
for write
and m
for mknod.
Type: one of "r", "rw", "w", "m", "wm", "rm", "rwm"
Example: "rwm"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.name
Device name
Type: string
Default: ""
Example: "/dev/fuse"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.provide
Determines whether the device should be provided to descendant groups, i.e. whether they should inherit it.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.type
Device type
Type: one of "char", "block"
Example: "char"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.distribution
Name of the distribution to install.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.group
Name of an osctl group declared by osctl.groups
that
the container belongs to.
Type: string
Default: "/default"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.on-create
on-create
hook is run in the host's namespace
after the container was created and configured, but before it is
started. The script hook's exit status is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.on-start
on-start
is run in the host's namespace, after
the container has been mounted and right before its init process is
executed. If on-start
exits with a non-zero
status, the container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.on-stop
on-stop
is run in the host's namespace when the
container enters state stopping
. The hook's exit
status is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.post-create
post-create
hook is run in the host's namespace
after the container was created, configured and started. The script
hook's exit status is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.post-mount
post-mount
is run in the container's mount
namespace, after its rootfs and all LXC mount entries are mounted.
The path to the container's runtime rootfs is in environment variable
OSCTL_CT_ROOTFS_MOUNT
. If
post-mount
exits with a non-zero status, the
container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.post-start
post-start
is run in the host's namespace after
the container entered state running
. The
container's init PID is passed in environment varible
OSCTL_CT_INIT_PID
. The script hook's exit status
is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.post-stop
post-stop
is run in the host's namespace when
the container enters state stopped
. The hook's
exit status is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.pre-create
pre-create
hook is run in the host's namespace
before the container is created. If pre-create
exits with status `1`, the creation attempt will be aborted
and retried repeatedly, as the container's runit service restarts
until the hook script exits with `0`. If
pre-create
exits with status `2`, the container
will not be created and the runit service will not be automatically
restarted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.pre-mount
pre-mount
is run in the container's mount
namespace, before its rootfs is mounted. The path to the container's
runtime rootfs is in environment variable
OSCTL_CT_ROOTFS_MOUNT
. If
pre-mount
exits with a non-zero status, the
container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.pre-start
pre-start
hook is run in the host's namespace
before the container is mounted. The container's cgroups have
already been configured and distribution-support code has been run.
If pre-start
exits with a non-zero status, the
container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.pre-stop
pre-stop
hook is run in the host's namespace when
the container is being stopped using ct stop
. If
pre-stop
exits with a non-zero exit status,
the container will not be stopped. This hook is not called when the
container is shutdown from the inside.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.veth-down
veth-down
hook is run in the host's namespace
when the veth pair is removed. Names of the removed veth interfaces
are available in environment variables
OSCTL_HOST_VETH
and
OSCTL_CT_VETH
. The hook's exit status is not
evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.veth-up
veth-up
hook is run in the host's namespace when
the veth pair is created. Names of created veth interfaces are
available in environment variables OSCTL_HOST_VETH
and OSCTL_CT_VETH
. If veth-up
exits with a non-zero status, the container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.image.path
Path to container image.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.image.repository
Name of the remote repository the container image is searched in.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces
Network interface configuration See also https://vpsadminos.org/user-guide/networking/
Type: list of (submodule)
Default: [ ]
Example:
[ { ipv4 = { addresses = [ { address = "10.0.0.1"; prefixLength = 16; } ]; }; link = "lxcbr0"; name = "eth0"; type = "bridge"; } { ipv4 = { addresses = [ { address = "172.17.66.66"; prefixLength = 32; } ]; }; ipv6 = { addresses = [ { address = "2a03:3b40:7:667::1"; prefixLength = 64; } ]; }; name = "eth1"; type = "routed"; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.dhcp
Determines whether the interface is configured using DHCP client within the container, (type = "bridge" only)
Type: null or boolean
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.hwaddr
Network interface hardware address
Type: string
Default: ""
Example: "52:54:00:2d:09:26"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.addresses
List of IPv4 addresses that will be statically assigned to the interface.
Type: list of (submodule)
Default: [ ]
Example:
[ { address = "10.0.0.1"; prefixLength = 16; } { address = "192.168.1.1"; prefixLength = 24; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.addresses.*.address
IPv4 address.
Type: string
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.addresses.*.prefixLength
Subnet mask of the address, specified as the number of
bits in the prefix (24
).
Type: signed integer
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.gateway
IPv4 gateway for statically configured bridged interfaces.
Set to auto
to use the primary address from
the linked interface, none
to do not set any
gateway or an IPv4 address.
(type = "bridge" only)
Type: string
Default: "auto"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.routes
List of IPv4 addresses that will be routed to the interface.
Type: list of (submodule)
Default: [ ]
Example:
[ { address = "10.0.0.0"; prefixLength = 16; } { address = "192.168.1.0"; prefixLength = 24; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.routes.*.address
IPv4 address.
Type: string
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.routes.*.prefixLength
Subnet mask of the address, specified as the number of
bits in the prefix (24
).
Type: signed integer
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.addresses
List of IPv6 addresses that will be statically assigned to the interface.
Type: list of (submodule)
Default: [ ]
Example:
[ { address = "2a03:3b40:7:666::"; prefixLength = 64; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.addresses.*.address
IPv6 address.
Type: string
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.addresses.*.prefixLength
Subnet mask of the address, specified as the number of
bits in the prefix (64
).
Type: signed integer
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.gateway
IPv6 gateway for statically configured bridged interfaces.
Set to auto
to use the primary address from
the linked interface, none
to do not set any
gateway or an IPv6 address.
(type = "bridge" only)
Type: string
Default: "auto"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.routes
List of IPv6 addresses that will be routed to the interface.
Type: list of (submodule)
Default: [ ]
Example:
[ { address = "2a03:3b40:7:666::"; prefixLength = 64; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.routes.*.address
IPv4 address.
Type: string
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.routes.*.prefixLength
Subnet mask of the address, specified as the number of
bits in the prefix (24
).
Type: signed integer
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.link
Link this network interface to bridge (type = "bridge" only)
Type: string
Default: ""
Example: "lxcbr0"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.name
Network interface name
Type: string
Example: "eth0"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.type
Network interface type
Type: one of "bridge", "routed"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts
Container mounts See also https://vpsadminos.org/user-guide/mounts/
Type: list of (submodule)
Default: [ ]
Example:
[ { fs = "/var/shared"; mountpoint = "/mnt"; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.automount
Mount automatically
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.dataset
Relative path to containers dataset
Type: null or string
Default: null
Example: "subdataset"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.fs
Filesystem mountpoint (host side)
Type: string
Default: ""
Example: "/var/shared"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.mountpoint
Filesystem mountpoint (container side)
Type: string
Example: "/mnt"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.opts
Mount options
Type: string
Default: "bind,create=dir,rw"
Example: "bind,create=dir,rw"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.type
Mount type
Type: value "bind" (singular enum)
Default: "bind"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.nesting
Whether to enable Enable container nesting.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.path
As an alternative to specifying
config
, you can specify the path to
the evaluated NixOS system configuration, typically a
symlink to a system profile.
Type: path
Example: "/nix/var/nix/profiles/containers/webserver"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.as
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.as.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.as.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.core
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.core.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.core.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.cpu
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.cpu.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.cpu.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.data
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.data.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.data.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.fsize
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.fsize.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.fsize.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.memlock
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.memlock.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.memlock.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.msgqueue
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.msgqueue.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.msgqueue.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nice
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nice.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nice.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nofile
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default:
{ hard = 1048576; soft = 1024; }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nofile.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nofile.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nproc
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nproc.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nproc.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rss
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rss.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rss.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rtprio
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rtprio.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rtprio.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rttime
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rttime.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rttime.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.sigpending
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.sigpending.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.sigpending.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.stack
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.stack.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.stack.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.resolvers
List of nameservers
Type: list of string
Default: [ ]
Example:
[ "1.1.1.1" "10.0.0.1" ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.seccomp
Path to seccomp profile
Type: string
Default: ""
Example: "/run/osctl/configs/lxc/common.seccomp"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.startMenu
Start menu options
Type: null or (submodule)
Default:
{ enable = true; }
Example:
{ enable = true; timeout = 5; }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.startMenu.enable
Whether to enable Enable container start menu.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.startMenu.timeout
Number of seconds before the system is automatically started
Type: positive integer, meaning >0
Default: 5
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.user
Name of an osctl user declared by osctl.users
that
the container belongs to. If not provided, a new user is created with
its name matching the container ID. If such user already exists, it
is used instead.
Type: null or string
Default: null
Example: "myuser01"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.variant
Template variant for use with osctl remote repositories.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.vendor
Template vendor for use with osctl remote repositories.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.version
Version of the distribution to install.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.destroyMethod
If set to manual
, the garbage collector has to be
run manually for every pool by the user by calling script
gc-sweep-‹pool
. When set to auto
,
the garbage collector is run in the background by runit service
gc-<pool>
. Options
osctl.pools.<pool>.pure
and
osctl.pools.<pool>.destroyUndeclared
are honored
in the automated mode. Destructive operations using the manual
invocation have to be enabled using command-line options.
Type: one of "manual", "auto"
Default: "manual"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.destroyUndeclared
Determines whether declarative users, groups and containers removed from Nix configuration should be deleted from the system or not. When turned off, undeclared containers are stopped, but not destroyed. When enabled, undeclared containers, groups and users are destroyed. WARNING: enabling this option is dangerous, as it will irreversibly destroy containers that are not defined by the current system. For example, if you temporarily roll back the system for whatever reason, containers that were not declared in the older version will be destroyed.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups
osctl groups to include.
In addition to groups defined by this options, there are always two
groups present: /
and /default
.
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams
CGroup parameters See also https://vpsadminos.org/containers/resources/
Type: list of (submodule)
Default: [ ]
Example:
[ { name = "memory.limit_in_bytes"; subsystem = "memory"; value = "10G"; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams.*.name
CGroup parameter name
Type: string
Example: "memory.limit_in_bytes"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams.*.subsystem
CGroup subsystem name. If left empty, it is deduced from cgroup parameter name.
Type: string
Default: ""
Example: "memory"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams.*.value
CGroup parameter value
Type: string
Example: "10G"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams.*.version
CGroup parameter version
Type: one of 1, 2
Default: 1
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices
Devices allowed in this group See also https://vpsadminos.org/containers/devices/
Type: list of (submodule)
Default: [ ]
Example:
[ { major = 10; minor = 229; mode = "rw"; name = "/dev/fuse"; } ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.major
Device major ID
Type: string
Example: "229"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.minor
Device minor ID
Type: string
Example: "10"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.mode
Device access mode.
r
for read, w
for write
and m
for mknod.
Type: one of "r", "rw", "w", "m", "wm", "rm", "rwm"
Example: "rwm"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.name
Device name
Type: string
Default: ""
Example: "/dev/fuse"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.provide
Determines whether the device should be provided to descendant groups, i.e. whether they should inherit it.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.type
Device type
Type: one of "char", "block"
Example: "char"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges
ID ranges are used to track user/group ID allocations into user namespace maps. There is one default ID range on each pool, with the possibility of creating custom ID ranges. User namespace maps allocated from one ID range are guaranteed to be unique, i.e. no two containers can share the same user/group IDs, making them isolated. Created ID ranges cannot be declaratively modified. Delete them manually or using the garbage collector, then recreate them if changes are needed.
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.blockCount
How many blocks from
osctl.pools.<pool>.idRanges.<range>.startId
should the range include. Defines the maximum number of user namespace
maps that can be allocated from this range.
Type: unsigned integer, meaning >=0
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.blockSize
Number of user/group IDs that make up the minimum allocation unit
Type: unsigned integer, meaning >=0
Default: 65536
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.startId
The first user/group ID
Type: unsigned integer, meaning >=0
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.table
Allocate blocks from the range. Allocated blocks removed from configuration will not be automatically freed.
Type: list of (submodule)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.table.*.count
Number of blocks to allocate
Type: unsigned integer, meaning >=0
Default: 1
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.table.*.index
Index of the starting block
Type: unsigned integer, meaning >=0
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.table.*.owner
Optional allocation owner
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.parallelStart
Number of containers to start in parallel during pool import.
Type: positive integer, meaning >0
Default: 2
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.parallelStop
Number of containers to stop in parallel during pool export.
Type: positive integer, meaning >0
Default: 4
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.pure
Determines whether the pool contains only users, groups and containers declared by Nix configuration. Users, groups and containers that are not declared are deleted when found. WARNING: enabling this option will cause all manually created containers, groups and users to be irreversibly destroyed, with any data they contained.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.repositories
Remote osctl repositories for container images
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.repositories.<name>.enabled
Enable/disable the repository.
Disabled repositories are included in the system, but they are not
search for images until reenabled, which may be done manually
using osctl
.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.repositories.<name>.url
HTTP URL to the remote repository
Type: string
Example: "https://images.vpsadminos.org"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users
osctl users to include
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users.<name>.gidMap
GID mapping for the user namespace, see man subgid(5).
Type: list of string
Default: [ ]
Example:
[ "0:666000:65536" ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users.<name>.idRange.blockIndex
Block index from the ID range that should be used to create UID/GID mapping.
Type: null or unsigned integer, meaning >=0
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users.<name>.idRange.name
Name of an ID range from the same pool that should be used to allocate UID/GID IDs.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users.<name>.uidMap
UID mapping for the user namespace, see man subuid(5).
Type: list of string
Default: [ ]
Example:
[ "0:666000:65536" ]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.test-shell.enable
Enable test shell integration.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/test-shell.nix>
|
osctld.settings
osctld configuration options
Type: JSON value
Default: { }
Declared by:
<vpsadminos/os/modules/osctl/osctld.nix>
|
powerManagement.cpuFreqGovernor
CPU frequency scaling governor to use
Type: string
Default: "performance"
Example: "ondemand"
Declared by:
<vpsadminos/os/modules/tasks/cpu-freq.nix>
|
programs.bash.enableCompletion
Type: boolean
Default: true
Example: true
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash-completion.nix>
|
programs.bash.interactiveShellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.loginShellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.promptInit
Type: strings concatenated with "\n"
Default:
'' # Provide a nice prompt if the terminal supports it. if [ "$TERM" != "dumb" ] || [ -n "$INSIDE_EMACS" ]; then PROMPT_COLOR="1;31m" ((UID)) && PROMPT_COLOR="1;32m" if [ -n "$INSIDE_EMACS" ] || [ "$TERM" = "eterm" ] || [ "$TERM" = "eterm-color" ]; then # Emacs term mode doesn't support xterm title escape sequence (\e]0;) PS1="\n\[\033[$PROMPT_COLOR\][\u@\h:\w]\\$\[\033[0m\] " else PS1="\n\[\033[$PROMPT_COLOR\][\[\e]0;\u@\h: \w\a\]\u@\h:\w]\\$\[\033[0m\] " fi if test "$TERM" = "xterm"; then PS1="\[\033]2;\h:\u:\w\007\]$PS1" fi fi ''
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.root.historyControl
Controlling how commands are saved on the history list.
Type: list of (one of "erasedups", "ignoredups", "ignorespace")
Default: [ ]
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historyFile
Location of the bash history file.
Type: string
Default: "$HOME/.bash_history"
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historyFileSize
Number of history lines to keep on file.
Type: signed integer
Default: 100000
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historyIgnore
List of commands that should not be saved to the history list.
Type: list of string
Default: [ ]
Example:
[ "ls" "cd" "exit" ]
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historyPools
Names of ZFS pools where programs.bash.root.historyFile
is mirrored.
If the root file system is not persistent, shell history is lost
between reboots. It's not recommented to set
programs.bash.root.historyFile
to a location on
ZFS pools, because in case of its failure interactive shell sessions
would hang while trying to load the history file.
It is better to mirror the history file while possible, but its
inaccessibility will not prevent bash from working. The history file
is restored from the persistent storage during boot.
Type: list of string
Default: [ ]
Example:
[ "tank" ]
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historySize
Number of history lines to keep in memory.
Type: signed integer
Default: 10000
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.shellOptions
Shell options to set.
Type: list of string
Default:
[ "histappend" "checkwinsize" "extglob" "globstar" "checkjobs" ]
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.shellAliases
Type: attribute set of (null or string or path)
Default: { }
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.shellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.htop.enable
Enable htop
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/programs/htop.nix>
|
programs.less.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.clearDefaultCommands
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.commands
Type: attribute set of string
Default: { }
Example:
{ h = "noaction 5\\e("; l = "noaction 5\\e)"; }
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.configFile
Type: null or path
Default: null
Example: "${pkgs.my-configs}/lesskey"
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.envVariables
Type: attribute set of string
Default:
{ LESS = "-R"; }
Example:
{ LESS = "--quit-if-one-screen"; }
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.lessclose
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.lessopen
Type: null or string
Default: "|${pkgs.lesspipe}/bin/lesspipe.sh %s"
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.lineEditingKeys
Type: attribute set of string
Default: { }
Example:
{ e = "abort"; }
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.ssh.enableAskPassword
Type: boolean
Default: config.services.xserver.enable
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.package
Type: package
Default: pkgs.openssh
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.agentPKCS11Whitelist
Type: null or string
Default: null
Example: "${pkgs.opensc}/lib/opensc-pkcs11.so"
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.agentTimeout
Type: null or string
Default: null
Example: "1h"
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.askPassword
Type: string
Default: "${pkgs.x11_ssh_askpass}/libexec/x11-ssh-askpass"
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.ciphers
Type: null or (list of string)
Default: null
Example:
[ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.forwardX11
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.hostKeyAlgorithms
Type: list of string
Default: [ ]
Example:
[ "ssh-ed25519" "ssh-rsa" ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.kexAlgorithms
Type: null or (list of string)
Default: null
Example:
[ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts
Type: attribute set of (submodule)
Default: { }
Example:
{ myhost = { extraHostNames = [ "myhost.mydomain.com" "10.10.1.4" ]; publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub; }; "myhost2.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIRuJ8p1Fi+m6WkHV0KWnRfpM1WxoW8XAS+XvsSKsTK"; "myhost2.net/dsa" = { hostNames = [ "myhost2.net" ]; publicKeyFile = ./pubkeys/myhost2_ssh_host_dsa_key.pub; }; }
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.certAuthority
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.extraHostNames
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.hostNames
Type: list of string
Default: [ ‹name› ] ++ config.programs.ssh.knownHosts.<name>.extraHostNames
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.publicKey
Type: null or string
Default: null
Example: "ecdsa-sha2-nistp521 AAAAE2VjZHN...UEPg=="
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.publicKeyFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHostsFiles
Type: list of path
Default: [ ]
Example:
[ ./known_hosts (writeText "github.keys" '' github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl '') ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.macs
Type: null or (list of string)
Default: null
Example:
[ "hmac-sha2-512-etm@openssh.com" "hmac-sha1" ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.pubkeyAcceptedKeyTypes
Type: list of string
Default: [ ]
Example:
[ "ssh-ed25519" "ssh-rsa" ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.setXAuthLocation
Type: boolean
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.startAgent
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.vim.package
Type: package
Default: pkgs.vim
Example: pkgs.vim-full
Declared by:
<nixpkgs/nixos/modules/programs/vim.nix>
|
programs.vim.defaultEditor
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/vim.nix>
|
runit.defaultRunlevel
Name of a runlevel that is entered by default on boot.
Type: string
Default: "default"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.halt.hooks
Halt hooks
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.halt.hooks.<name>.enable
Enable the hook
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.halt.hooks.<name>.source
Path to an executable file
Type: path
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.halt.reasonTemplates
Halt reason templates
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.halt.reasonTemplates.<name>.enable
Enable the halt reason template
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.halt.reasonTemplates.<name>.source
Path of the source file. If it is a text file, its contents are appended to the default halt reason. If it is an executable file, it is run.
Type: path
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.halt.reasonTemplates.<name>.text
Text appended to the default reason
Type: null or strings concatenated with "\n"
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services
System services
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.check
Called to check service status.
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.alarm
Override runsv control for alarm
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.continue
Override runsv control for continue
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.down
Override runsv control for down
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.exit
Override runsv control for exit
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.hangup
Override runsv control for hangup
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.intr
Override runsv control for intr
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.kill
Override runsv control for kill
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.pause
Override runsv control for pause
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.quit
Override runsv control for quit
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.terminate
Override runsv control for terminate
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.up
Override runsv control for up
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.usr1
Override runsv control for usr1
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.usr2
Override runsv control for usr2
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.finish
Called after services.runit.<service>.run
exits.
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.includeHelpers
Include helper functions, see ./helpers.sh
.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.killMode
Specifies how should processes started by this service be killed.
If set to control-group
, all processes are sent
SIGTERM
. If set to process
,
only the main process receives SIGTERM
.
Type: one of "control-group", "process"
Default: "control-group"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.enable
Whether to enable Start svlogd for the service..
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.linePrefix
Tells svlogd to prefix each line to be written to the log directory, to standard error, or through UDP. If not set, it is set to include machine hostname and service name.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.logFiles
Sets the number of old log files svlogd should maintain. If svlogd sees more old log files in log after log file rotation, it deletes the oldest one. Default is 10. If set to zero, svlogd doesn’t remove old log files.
Type: unsigned integer, meaning >=0
Default: 10
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.logStandardError
Log messages the service writes to stderr.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.maxFileSize
Sets the maximum file size of current when svlogd should rotate the current log file to size bytes. Default is 1000000. If fileSize is zero, svlogd doesn’t rotate log files.
Type: unsigned integer, meaning >=0
Default: 1000000
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.minLogFiles
Sets the minimum number of old log files svlogd should maintain. It must be less than logFiles. If it is set, and svlogd cannot write to current because the filesystem is full, and it sees more than minLogFiles old log files, it deletes the oldest one.
Type: unsigned integer, meaning >=0
Default: 0
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.run
Called to start log service.
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.sendOnly
Send messages only via UDP, don't store them in the log directory.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.sendTo
Tells svlogd to transmit the first len characters of selected log messages to the IP address a.b.c.d, port number port. If port isn’t set, the default port for syslog is used (514). len can be set through the -l option, see below. If svlogd has trouble sending udp packets, it writes error messages to the log directory. Attention: logging through udp is unreliable, and should be used in private networks only.
Type: string
Default: ""
Example: "a.b.c.d[:port]"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.timeout
Sets the maximum age of the current log file when svlogd should rotate the current log file to timeout seconds. If current is timeout seconds old, and is not empty, svlogd forces log file rotation.
Type: unsigned integer, meaning >=0
Default: 0
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.onChange
The action switch-to-configuration should perform when the service is changed.
Type: one of "restart", "reload", "ignore"
Default: "restart"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.oneShot
Oneshot services are used to perform one-time tasks, there are no long-running processes monitored by runsv. Oneshot services are not restarted after they successfully exit.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.reloadMethod
Defines how should the service be reloaded. The value is the command given to runit's sv. See man sv(8) for available options.
Type: string
Default: "reload"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.run
Called to start the service.
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.runlevels
Runlevels the service is started in.
Type: list of string
Default:
[ "default" ]
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.stage1
runit runs /etc/runit/1 and waits for it to terminate. The system’s one time tasks are done here. /etc/runit/1 has full control of /dev/console to be able to start an emergency shell if the one time initialization tasks fail. If /etc/runit/1 crashes, or exits 100, runit will skip stage 2 and enter stage 3.
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.stage2
runit runs /etc/runit/2, which should not return until system shutdown; if it crashes, or exits 111, it will be restarted. Normally /etc/runit/2 starts runsvdir(8). runit is able to handle the ctrl-alt-del keyboard request in stage 2.
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.stage3
If runit is told to shutdown the system, or stage 2 returns, it terminates stage 2 if it is running, and runs /etc/runit/3. The systems tasks to shutdown and possibly halt or reboot the system are done here. If stage 3 returns, runit checks if the file /etc/runit/reboot exists and has the execute by owner permission set. If so, the system is rebooted, it’s halted otherwise.
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
security.apparmor.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.enableCache
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.enableOnBoot
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/security/apparmor.nix>
|
security.apparmor.packages
Type: list of package
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.includes
Type: attribute set of strings concatenated with "\n"
Default: { }
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.killUnconfinedConfinables
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.policies
Type: attribute set of (submodule)
Default: { }
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.policies.<name>.enable
Type: boolean
Default: true
Example: false
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.policies.<name>.enforce
Type: boolean
Default: true
Example: false
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.policies.<name>.profile
Type: strings concatenated with "\n"
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.pam.enableEcryptfs
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableFscrypt
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableOTPW
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableSSHAgentAuth
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.krb5.enable
Type: boolean
Default: config.krb5.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits
Type: list of (submodule)
Default: [ ]
Example:
[ { domain = "ftp"; item = "nproc"; type = "hard"; value = "0"; } { domain = "@student"; item = "maxlogins"; type = "-"; value = "4"; } ]
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits.*.domain
Type: string
Example: "@wheel"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits.*.item
Type: one of "core", "data", "fsize", "memlock", "nofile", "rss", "stack", "cpu", "nproc", "as", "maxlogins", "maxsyslogins", "priority", "locks", "sigpending", "msgqueue", "nice", "rtprio"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits.*.type
Type: one of "-", "hard", "soft"
Default: "-"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits.*.value
Type: string or signed integer
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.makeHomeDir.skelDirectory
Type: string
Default: "/var/empty"
Example: "/etc/skel"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.mount.enable
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
security.pam.oath.enable
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
security.pam.p11.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.p11.control
Type: one of "required", "requisite", "sufficient", "optional"
Default: "sufficient"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services
Type: attribute set of (submodule)
Default: { }
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.enableAppArmor
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.enableGnomeKeyring
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.enableKwallet
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.allowNullPassword
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.duoSecurity.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.failDelay.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.failDelay.delay
Type: signed integer
Default: 3000000
Example: 1000000
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.forwardXAuth
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.fprintAuth
Type: boolean
Default: config.services.fprintd.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.gnupg.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.gnupg.noAutostart
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.gnupg.storeOnly
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.googleAuthenticator.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.googleOsLoginAccountVerification
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.googleOsLoginAuthentication
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits
Type: list of (submodule)
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits.*.domain
Type: string
Example: "@wheel"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits.*.item
Type: one of "core", "data", "fsize", "memlock", "nofile", "rss", "stack", "cpu", "nproc", "as", "maxlogins", "maxsyslogins", "priority", "locks", "sigpending", "msgqueue", "nice", "rtprio"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits.*.type
Type: one of "-", "hard", "soft"
Default: "-"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits.*.value
Type: string or signed integer
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.logFailures
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.makeHomeDir
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.mysqlAuth
Type: boolean
Default: config.users.mysql.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.name
Type: string
Example: "sshd"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.nodelay
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.oathAuth
Type: boolean
Default: config.security.pam.oath.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.otpwAuth
Type: boolean
Default: config.security.pam.enableOTPW
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.p11Auth
Type: boolean
Default: config.security.pam.p11.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.pamMount
Type: boolean
Default: config.security.pam.mount.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.requireWheel
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.rootOK
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.setEnvironment
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.setLoginUid
Type: boolean
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.showMotd
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.sshAgentAuth
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.sssdStrictAccess
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.startSession
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.text
Type: null or strings concatenated with "\n"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.ttyAudit.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.ttyAudit.enablePattern
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.ttyAudit.disablePattern
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.ttyAudit.openOnly
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.u2fAuth
Type: boolean
Default: config.security.pam.u2f.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.unixAuth
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.updateWtmp
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.usbAuth
Type: boolean
Default: config.security.pam.usb.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.usshAuth
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.yubicoAuth
Type: boolean
Default: config.security.pam.yubico.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.zfs
Type: boolean
Default: config.security.pam.zfs.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.appId
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.authFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.control
Type: one of "required", "requisite", "sufficient", "optional"
Default: "sufficient"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.cue
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.debug
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.interactive
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.origin
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.usb.enable
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
security.pam.ussh.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.authorizedPrincipals
Type: null or strings concatenated with ","
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.authorizedPrincipalsFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.caFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.control
Type: one of "required", "requisite", "sufficient", "optional"
Default: "sufficient"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.group
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.challengeResponsePath
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.control
Type: one of "required", "requisite", "sufficient", "optional"
Default: "sufficient"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.debug
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.id
Type: string
Example: "42"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.mode
Type: one of "client", "challenge-response"
Default: "client"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.zfs.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.zfs.homes
Type: string
Default: "rpool/home"
Example: "rpool/home"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.zfs.noUnmount
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pki.caCertificateBlacklist
Type: list of string
Default: [ ]
Example:
[ "WoSign" "WoSign China" "CA WoSign ECC Root" "Certification Authority of WoSign G2" ]
Declared by:
<nixpkgs/nixos/modules/security/ca.nix>
|
security.pki.certificateFiles
Type: list of path
Default: [ ]
Example: [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]
Declared by:
<nixpkgs/nixos/modules/security/ca.nix>
|
security.pki.certificates
Type: list of string
Default: [ ]
Example:
[ '' NixOS.org ========= -----BEGIN CERTIFICATE----- MIIGUDCCBTigAwIBAgIDD8KWMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 ... -----END CERTIFICATE----- '' ]
Declared by:
<nixpkgs/nixos/modules/security/ca.nix>
|
security.sudo.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.package
Type: package
Default: pkgs.sudo
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.configFile
Type: strings concatenated with "\n"
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.execWheelOnly
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules
Type: list of (submodule)
Default: [ ]
Example:
[ # Allow execution of any command by all users in group sudo, # requiring a password. { groups = [ "sudo" ]; commands = [ "ALL" ]; } # Allow execution of "/home/root/secret.sh" by user `backup`, `database` # and the group with GID `1006` without a password. { users = [ "backup" "database" ]; groups = [ 1006 ]; commands = [ { command = "/home/root/secret.sh"; options = [ "SETENV" "NOPASSWD" ]; } ]; } # Allow all users of group `bar` to run two executables as user `foo` # with arguments being pre-set. { groups = [ "bar" ]; runAs = "foo"; commands = [ "/home/baz/cmd1.sh hello-sudo" { command = ''/home/baz/cmd2.sh ""''; options = [ "SETENV" ]; } ]; } ]
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.commands
Type: list of (string or (submodule))
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.groups
Type: list of (string or signed integer)
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.host
Type: string
Default: "ALL"
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.runAs
Type: string
Default: "ALL:ALL"
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.users
Type: list of (string or signed integer)
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.wheelNeedsPassword
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.virtualisation
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
security.wrapperDirSize
Type: string
Default: "50%"
Example: "10G"
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers
Type: attribute set of (submodule)
Default: { }
Example:
{ # a setuid root program doas = { setuid = true; owner = "root"; group = "root"; source = "${pkgs.doas}/bin/doas"; }; # a setgid program locate = { setgid = true; owner = "root"; group = "mlocate"; source = "${pkgs.locate}/bin/locate"; }; # a program with the CAP_NET_RAW capability ping = { owner = "root"; group = "root"; capabilities = "cap_net_raw+ep"; source = "${pkgs.iputils.out}/bin/ping"; }; }
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.capabilities
Type: strings concatenated with ","
Default: ""
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.group
Type: string
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.owner
Type: string
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.permissions
Type: file mode string
Default: "u+rx,g+x,o+x"
Example: "a+rx"
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.program
Type: null or string
Default: "‹name›"
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.setgid
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.setuid
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.source
Type: path
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
services.apcupsd.enable
Whether to enable the APC UPS daemon. apcupsd monitors your UPS and permits orderly shutdown of your computer in the event of a power failure. User manual: http://www.apcupsd.com/manual/manual.html. Note that apcupsd runs as root (to allow shutdown of computer). You can check the status of your UPS with the "apcaccess" command.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/monitoring/apcupsd.nix>
|
services.apcupsd.configText
Contents of the runtime configuration file, apcupsd.conf. The default settings makes apcupsd autodetect USB UPSes, limit network access to localhost and shutdown the system when the battery level is below 50 percent, or when the UPS has calculated that it has 5 minutes or less of remaining power-on time. See man apcupsd.conf for details.
Type: strings concatenated with "\n"
Default:
'' UPSTYPE usb NISIP 127.0.0.1 BATTERYLEVEL 50 MINUTES 5 ''
Declared by:
<vpsadminos/os/modules/services/monitoring/apcupsd.nix>
|
services.apcupsd.hooks
Each attribute in this option names an apcupsd event and the string value it contains will be executed in a shell, in response to that event (prior to the default action). See "man apccontrol" for the list of events and what they represent. A hook script can stop apccontrol from doing its default action by exiting with value 99. Do not do this unless you know what you're doing.
Type: attribute set of strings concatenated with "\n"
Default: { }
Example:
{ doshutdown = "# shell commands to notify that the computer is shutting down"; }
Declared by:
<vpsadminos/os/modules/services/monitoring/apcupsd.nix>
|
services.avahi
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.bird2.enable
Whether to enable BIRD Internet Routing Daemon.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.checkConfig
Whether the config should be checked at build time.
When the config can't be checked during build time, for example when it includes
other files, either disable this option or use preCheckConfig
to create
the included files before checking.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.config
BIRD Internet Routing Daemon configuration file. http://bird.network.cz/
Type: strings concatenated with "\n"
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.group
Group the bird daemon runs as
Type: string (read only)
Default: "bird2"
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.preCheckConfig
Commands to execute before the config file check. The file to be checked will be
available as bird2.conf
in the current directory.
Files created with this option will not be available at service runtime, only during
build time checking.
Type: strings concatenated with "\n"
Default: ""
Example:
'' echo "cost 100;" > include.conf ''
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.preStartCommands
Commands executed before the bird daemon is started
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.user
User the bird daemon runs as
Type: string (read only)
Default: "bird2"
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.build-vpsadminos-container-image-repository
This module provides interface for building vpsAdminOS container image repositories in a virtual machine running vpsAdminOS.
Type: attribute set of (submodule)
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.enable
Whether to enable Enable the systemd service for this repository .
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.buildScripts
Build scripts for use with osctl-image
Type: path
Default: /nix/store/j9z89z7xnvjavkhywpz7x1249riassds-git-a0eae40/image-scripts
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.cacheDirectory
Directory where built images are stored
Type: path
Default: "/var/lib/vpsadminos-container-image-repository/‹name›/cache"
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.logDirectory
Directory where build log files are stored
Type: path
Default: "/var/lib/vpsadminos-container-image-repository/‹name›/log"
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osModules
Modules included in the vpsAdminOS virtual machine
This list should include at least a module which configures option
services.osctl.image-repository.<name>
from vpsAdminOS for the repository of the same name.
Type: list of anything
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks
Disks available within the VM
Type: list of (submodule)
Example:
[ { create = true; device = "sda.img"; size = "8G"; type = "file"; } ]
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks.*.create
Create the device if it does not exist. Applicable only for file-backed devices.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks.*.device
Path to the disk device
Type: string
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks.*.size
Device size
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks.*.type
Device type
Type: one of "file", "blockdev"
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.postRunCommands
Bash commands run after the build VM has exited. It is also run when the built has failed.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.repositoryDirectory
Directory where the resulting container image repository is stored
Type: path
Default: "/var/lib/vpsadminos-container-image-repository/‹name›/repository"
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.cgmanager
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.cron.enable
Whether to enable the Vixie cron daemon.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/scheduling/cron.nix>
|
services.cron.cronFiles
A list of extra crontab files that will be read and appended to the main crontab file when the cron service starts.
Type: list of path
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/scheduling/cron.nix>
|
services.cron.mailto
Email address to which job output will be mailed.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/scheduling/cron.nix>
|
services.cron.systemCronJobs
A list of Cron jobs to be appended to the system-wide
crontab. See the manual page for crontab for the expected
format. If you want to get the results mailed you must setuid
sendmail. See security.wrappers
If neither /var/cron/cron.deny nor /var/cron/cron.allow exist only root
will is allowed to have its own crontab file. The /var/cron/cron.deny file
is created automatically for you. So every user can use a crontab.
Many nixos modules set systemCronJobs, so if you decide to disable vixie cron
and enable another cron daemon, you may want it to get its system crontab
based on systemCronJobs.
Type: list of string
Default: [ ]
Example:
[ "* * * * * test ls -l / > /tmp/cronout 2>&1" "* * * * * eelco echo Hello World > /home/eelco/cronout" ]
Declared by:
<vpsadminos/os/modules/services/scheduling/cron.nix>
|
services.dhcpd4.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.authoritative
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.configFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.extraConfig
Type: strings concatenated with "\n"
Default: ""
Example:
'' option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; option routers 192.168.1.5; option domain-name-servers 130.161.158.4, 130.161.33.17, 130.161.180.1; option domain-name "example.org"; subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; } ''
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.extraFlags
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.interfaces
Type: list of string
Default:
[ "eth0" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.machines
Type: list of (submodule)
Default: [ ]
Example:
[ { ethernetAddress = "00:16:76:9a:32:1d"; hostName = "foo"; ipAddress = "192.168.1.10"; } { ethernetAddress = "00:19:d1:1d:c4:9a"; hostName = "bar"; ipAddress = "192.168.1.11"; } ]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.machines.*.ethernetAddress
Type: string
Example: "00:16:76:9a:32:1d"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.machines.*.hostName
Type: string
Example: "foo"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.machines.*.ipAddress
Type: string
Example: "192.168.1.10"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.authoritative
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.configFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.extraConfig
Type: strings concatenated with "\n"
Default: ""
Example:
'' option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; option routers 192.168.1.5; option domain-name-servers 130.161.158.4, 130.161.33.17, 130.161.180.1; option domain-name "example.org"; subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; } ''
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.extraFlags
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.interfaces
Type: list of string
Default:
[ "eth0" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.machines
Type: list of (submodule)
Default: [ ]
Example:
[ { ethernetAddress = "00:16:76:9a:32:1d"; hostName = "foo"; ipAddress = "192.168.1.10"; } { ethernetAddress = "00:19:d1:1d:c4:9a"; hostName = "bar"; ipAddress = "192.168.1.11"; } ]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.machines.*.ethernetAddress
Type: string
Example: "00:16:76:9a:32:1d"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.machines.*.hostName
Type: string
Example: "foo"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.machines.*.ipAddress
Type: string
Example: "192.168.1.10"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.fprintd
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.geoclue2
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.haveged.enable
Whether to enable to haveged entropy daemon, which refills /dev/random when low.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/security/haveged.nix>
|
services.haveged.refill_threshold
The number of bits of available entropy beneath which haveged should refill the entropy pool.
Type: signed integer
Default: 1024
Declared by:
<vpsadminos/os/modules/services/security/haveged.nix>
|
services.homed.enable
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.kanidm.enablePam
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.live-patches.enable
When enabled, live-patches utility is added to system path along with compiled live patch kernel modules. Note, patches are automatically loaded only upon machine boot, live-patches util has to be called manually to load them when deploying onto a running machine.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/livepatches/default.nix>
|
services.logrotate.enable
Whether to enable Enable log rotation.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.logrotate.extraConfig
Additional text to append to logrotate.conf
Type: string
Default: ""
Example:
'' /var/log/wtmp { monthly minsize 1M create 0664 root utmp rotate 1 } ''
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.logrotate.logFiles
Type: list of (submodule)
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.logrotate.logFiles.*.config
logrotate configuration
Type: string
Example:
'' daily rotate 7 dateext copytruncate notifempty nocompress ''
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.logrotate.logFiles.*.files
Files to rotate
Type: list of string
Example:
[ "/var/log/messages" "/var/log/*.log" ]
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.lxcfs.enable
Enable system-wide LXCFS instance
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/virtualisation/lxcfs.nix>
|
services.munin-node.enable
Enable Munin Node agent. Munin node listens on 0.0.0.0 and by default accepts connections only from 127.0.0.1 for security reasons. See http://guide.munin-monitoring.org/en/latest/architecture/index.html.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.disabledPlugins
Munin plugins to disable, even if
munin-node-configure --suggest
tries to enable
them. To disable a wildcard plugin, use an actual wildcard, as in
the example.
munin_stats is disabled by default as it tries to read
/var/log/munin/munin-update.log
for timing
information, and the NixOS build of Munin does not write this file.
Type: list of string
Default:
[ "munin_stats" ]
Example:
[ "diskstats" "zfs_usage_*" ]
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.extraAutoPlugins
Additional Munin plugins to autoconfigure, using
munin-node-configure --suggest
. These should be
the actual paths to the plugin files (or directories containing them),
not just their names.
If you want to manually enable individual plugins instead, use
services.munin-node.extraPlugins
.
Note that only plugins that have the 'autoconfig' capability will do
anything if listed here, since plugins that cannot autoconfigure
won't be automatically enabled by
munin-node-configure
.
Plugins will be copied into the Nix store, and it will attempt to
modify them to run properly by fixing hardcoded references to
/bin
, /usr/bin
,
/sbin
, and /usr/sbin
.
Type: list of path
Default: [ ]
Example:
[ /src/munin-contrib/plugins/zfs /src/munin-contrib/plugins/ssh ];
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.extraConfig
munin-node.conf
extra configuration. See
http://guide.munin-monitoring.org/en/latest/reference/munin-node.conf.html
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.extraPluginConfig
plugin-conf.d
extra plugin configuration. See
http://guide.munin-monitoring.org/en/latest/plugin/use.html
Type: strings concatenated with "\n"
Default: ""
Example:
'' [fail2ban_*] user root ''
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.extraPlugins
Additional Munin plugins to activate. Keys are the name of the plugin
symlink, values are the path to the underlying plugin script. You
can use the same plugin script multiple times (e.g. for wildcard
plugins).
Note that these plugins do not participate in autoconfiguration. If
you want to autoconfigure additional plugins, use
services.munin-node.extraAutoPlugins
.
Plugins enabled in this manner take precedence over autoconfigured
plugins.
Plugins will be copied into the Nix store, and it will attempt to
modify them to run properly by fixing hardcoded references to
/bin
, /usr/bin
,
/sbin
, and /usr/sbin
.
Type: attribute set of path
Default: { }
Example:
{ zfs_usage_bigpool = /src/munin-contrib/plugins/zfs/zfs_usage_; zfs_usage_smallpool = /src/munin-contrib/plugins/zfs/zfs_usage_; zfs_list = /src/munin-contrib/plugins/zfs/zfs_list; };
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.nfs.server.enable
Whether to enable Enable NFS server.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.exports
Contents of the /etc/exports file. See exports(5) for the format.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.lockdPort
Use a fixed port for the NFS lock manager kernel module
(lockd/nlockmgr
). This is useful if the
NFS server is behind a firewall.
Type: null or signed integer
Default: null
Example: 4001
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.mountdPort
Use fixed port for rpc.mountd, useful if server is behind firewall.
Type: null or signed integer
Default: null
Example: 4002
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.allowedVersions
This option can be used to request that rpc.nfsd offer certain versions of NFS. The current version of rpc.nfsd can support major NFS versions 2,3,4 and the minor versions 4.0, 4.1 and 4.2.
Type: list of (one of "2", "3", "4", "4.0", "4.1", "4.2")
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.disallowedVersions
This option can be used to request that rpc.nfsd does not offer certain versions of NFS. The current version of rpc.nfsd can support major NFS versions 2,3,4 and the minor versions 4.0, 4.1 and 4.2.
Type: list of (one of "2", "3", "4", "4.0", "4.1", "4.2")
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.nproc
Specify the number of NFS server threads. By default, eight threads are started. However, for optimum performance several threads should be used.
Type: positive integer, meaning >0
Default: 8
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.port
Configure port for rpc.nfsd, useful if server is behind firewall.
Type: signed integer
Default: 2049
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.syslog
By default, rpc.nfsd logs error messages (and debug messages, if enabled) to stderr. This option makes rpc.nfsd log these messages to syslog instead. Note that errors encountered during option processing will still be logged to stderr regardless of this option.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.tcp
Instruct the kernel nfs server to open and listen on a TCP socket.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.udp
Instruct the kernel nfs server to open and listen on a UDP socket.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.statdPort
Use a fixed port for rpc.statd. This is useful if the NFS server is behind a firewall.
Type: null or signed integer
Default: null
Example: 4000
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nscd
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.opensmtpd.enable
Whether to enable the OpenSMTPD server.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.package
The OpenSMTPD package to use.
Type: package
Default: "pkgs.opensmtpd"
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.addSendmailToSystemPath
Whether to add OpenSMTPD's sendmail binary to the system path or not.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.extraServerArgs
Extra command line arguments provided when the smtpd process is started.
Type: list of string
Default: [ ]
Example:
[ "-v" "-P mta" ]
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.procPackages
Packages to search for filters, tables, queues, and schedulers. Add OpenSMTPD-extras here if you want to use the filters, etc. from that package.
Type: list of package
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.serverConfiguration
The contents of the smtpd.conf configuration file. See the OpenSMTPD documentation for syntax information.
Type: null or strings concatenated with "\n"
Default: null
Example:
'' listen on lo accept for any deliver to lmtp localhost:24 ''
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.openssh.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.allowSFTP
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.authorizedKeysCommand
Type: string
Default: "none"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.authorizedKeysCommandUser
Type: string
Default: "nobody"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.authorizedKeysFiles
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.banner
Type: null or strings concatenated with "\n"
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.hostKeys
Type: list of (attribute set)
Default:
[ { bits = 4096; path = "/etc/ssh/ssh_host_rsa_key"; type = "rsa"; } { path = "/etc/ssh/ssh_host_ed25519_key"; type = "ed25519"; } ]
Example:
[ { bits = 4096; openSSHFormat = true; path = "/etc/ssh/ssh_host_rsa_key"; rounds = 100; type = "rsa"; } { comment = "key comment"; path = "/etc/ssh/ssh_host_ed25519_key"; rounds = 100; type = "ed25519"; } ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.knownHosts
Type: attribute set of (submodule)
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.knownHosts.<name>.certAuthority
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.knownHosts.<name>.extraHostNames
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.knownHosts.<name>.hostNames
Type: list of string
Default: [ ‹name› ] ++ config.services.openssh.knownHosts.<name>.extraHostNames
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.knownHosts.<name>.publicKey
Type: null or string
Default: null
Example: "ecdsa-sha2-nistp521 AAAAE2VjZHN...UEPg=="
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.knownHosts.<name>.publicKeyFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.listenAddresses
Type: list of (submodule)
Default: [ ]
Example:
[ { addr = "192.168.3.1"; port = 22; } { addr = "0.0.0.0"; port = 64022; } ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.listenAddresses.*.addr
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.listenAddresses.*.port
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.moduliFile
Type: path
Example: "/etc/my-local-ssh-moduli;"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.openFirewall
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.ports
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[ 22 ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings
Type: attribute set of (atom (null, bool, int, float or string))
Default: { }
Example:
{ UseDns = true; PasswordAuthentication = false; }
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.Ciphers
Type: list of string
Default:
[ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" "aes128-gcm@openssh.com" "aes256-ctr" "aes192-ctr" "aes128-ctr" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.GatewayPorts
Type: string
Default: "no"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.KbdInteractiveAuthentication
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.KexAlgorithms
Type: list of string
Default:
[ "sntrup761x25519-sha512@openssh.com" "curve25519-sha256" "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.LogLevel
Type: one of "QUIET", "FATAL", "ERROR", "INFO", "VERBOSE", "DEBUG", "DEBUG1", "DEBUG2", "DEBUG3"
Default: "INFO"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.Macs
Type: list of string
Default:
[ "hmac-sha2-512-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "umac-128-etm@openssh.com" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.PasswordAuthentication
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.PermitRootLogin
Type: one of "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
Default: "prohibit-password"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.UseDns
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.settings.X11Forwarding
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.sftpFlags
Type: list of string
Default: [ ]
Example:
[ "-f AUTHPRIV" "-l INFO" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.sftpServerExecutable
Type: string
Example: "internal-sftp"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.startWhenNeeded
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.osctl.image-repository
Configure container image repositories
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.enableCronJob
Enable cron job run at
osctl.image-repository.<name>.buildInterval
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.buildDataset
Name of a dataset used to build images
Type: string
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.buildInterval
Date and time expression for when to build images in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: null or string
Default: "0 4 * * *"
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.buildScriptDir
Path to directory with image build scripts for use with osctl-image
Type: string
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.cacheDir
Path to directory where built images are cached before added to the repository.
Type: string
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.defaultVendor
Name of the default image vendor
Type: string
Example: "vpsadminos"
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection
Garbage collection of old images
Type: list of (submodule)
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.arch
Regular expression to match image arch
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.distribution
Regular expression to match image distribution
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.keep
Number of matched images to keep
Type: signed integer
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.variant
Regular expression to match image variant
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.vendor
Regular expression to match image vendor
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.version
Regular expression to match image version
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images
Configure container images
Type: attribute set of attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images.<name>.<name>.keepFailedTests
Keep containers of failed tests for further analysis
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images.<name>.<name>.name
Optional image name
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images.<name>.<name>.rebuild
Rebuild the image even if it is found in cacheDir
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images.<name>.<name>.tags
Image tags
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.keepAllFailedTests
Keep containers of all failed tests for further analysis
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.logDir
Directory where build logs will be stored.
Type: string
Default: "/tmp"
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.path
Path to the generated image repository.
Type: string
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.postBuild
Shell commands run after all images were built, or attempted to be built
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.rebuildAll
Rebuild all images, even when they're found in cacheDir
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.vendors
Vendors
Type: attribute set of (submodule)
Default: { }
Example:
{ vpsadminos = { defaultVariant = "minimal"; }; }
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.vendors.<name>.defaultVariant
Name of the default image variant
Type: string
Example: "minimal"
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.prometheus.exporters
Type: submodule
Default: { }
Example:
{ node = { enable = true; }; }
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.enable
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.configFile
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.extraFlags
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.firewallFilter
Type: null or string
Default: null
Example:
"-i eth0 -p tcp -m tcp --dport 9290"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.group
Type: string
Default: "root"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.listenAddress
Type: string
Default: "0.0.0.0"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.openFirewall
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.port
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: 9290
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.user
Type: string
Default: "root"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.ipmi.webConfigFile
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.enable
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.enabledCollectors
Type: list of string
Default: [ ]
Example:
[ "systemd" ]
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.disabledCollectors
Type: list of string
Default: [ ]
Example:
[ "timex" ]
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.extraFlags
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.firewallFilter
Type: null or string
Default: null
Example:
"-i eth0 -p tcp -m tcp --dport 9100"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.group
Type: string
Default: "root"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.listenAddress
Type: string
Default: "0.0.0.0"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.openFirewall
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.port
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: 9100
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.node.user
Type: string
Default: "root"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/exporters.nix>
|
services.prometheus.exporters.osbench.enable
Whether to enable Enable osbench exporter.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_files.enable
Enable osbench test create_files
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_files.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_files.testDirectory
Directory in which test files are created
Type: path
Default: "/tmp"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_processes.enable
Enable osbench test create_processes
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_processes.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_threads.enable
Enable osbench test create_threads
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_threads.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.launch_programs.enable
Enable osbench test launch_programs
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.launch_programs.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.mem_alloc.enable
Enable osbench test mem_alloc
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.mem_alloc.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.rpcbind.enable
Whether to enable Enable rpcbind service.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/networking/rpcbind.nix>
|
services.rsyslogd.extraConfig
Additional text to append to syslog.conf
Type: string
Default: ""
Example: "news.* -/var/log/news"
Declared by:
<vpsadminos/os/modules/services/logging/rsyslog.nix>
|
services.rsyslogd.forward
Forward logs over TCP to a set of hosts
Type: list of string
Default: [ ]
Example:
[ "10.0.0.1:11514" ]
Declared by:
<vpsadminos/os/modules/services/logging/rsyslog.nix>
|
services.rsyslogd.hostName
Optional hostname
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/logging/rsyslog.nix>
|
services.samba
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.sshd.enable
Type: boolean
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.sssd
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.udev.packages
List of packages containing udev rules.
Type: list of path
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/hardware/eudev.nix>
|
services.udev.extraRules
Additional udev rules
Type: strings concatenated with "\n"
Default: ""
Example:
'' KERNEL=="eth*", ATTR{address}=="00:1D:60:B9:6D:4F", NAME="my_fast_network_card" ''
Declared by:
<vpsadminos/os/modules/services/hardware/eudev.nix>
|
services.udev.path
Packages added to the PATH
environment variable when
executing programs from Udev rules.
Type: list of path
Default: [ ]
Declared by:
<vpsadminos/os/modules/services/hardware/eudev.nix>
|
services.xserver
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.zfs.autoScrub.enable
Enables periodic scrubbing of ZFS pools.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.autoScrub.pauseIntervals
Date and time expression for when to pause a running scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.autoScrub.pools
List of ZFS pools to periodically scrub. If empty, all pools will be scrubbed.
Type: list of string
Default: [ ]
Example:
[ "tank" ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.autoScrub.resumeIntervals
Date and time expression for when to resume a paused scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.autoScrub.startIntervals
Date and time expression for when to scrub the pool in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default: [ ]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.vdevlog.enable
Enable vdevlog, a service which keeps persistent track of vdev errors
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.vdevlog.metricsDirectory
Directory where file with prometheus metrics will be stored
Type: null or string
Default: "/run/metrics"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.zed.settings
Type: attribute set of (string or signed integer or boolean or list of string)
Example:
{ ZED_DEBUG_LOG = "/tmp/zed.debug.log"; ZED_EMAIL_ADDR = [ "root" ]; ZED_EMAIL_PROG = "mail"; ZED_EMAIL_OPTS = "-s '@SUBJECT@' @ADDRESS@"; ZED_NOTIFY_INTERVAL_SECS = 3600; ZED_NOTIFY_VERBOSE = false; ZED_USE_ENCLOSURE_LEDS = true; ZED_SCRUB_AFTER_RESILVER = false; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.zed.zedlets
ZEDLET executable to install to /etc/zfs/zed.d, see man zed(8)
Type: attribute set of (submodule)
Default: { }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.zed.zedlets.<name>.enable
Enable the ZEDLET
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.zed.zedlets.<name>.script
Script invoked by the ZEDLET, must include shebang
Type: null or strings concatenated with "\n"
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.zed.zedlets.<name>.source
Executable called by ZED
Type: path
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.znapzend.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.autoCreation
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.compressed
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.lowmemRecurse
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.oracleMode
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.recvu
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.sendRaw
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.skipIntermediates
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.zfsGetType
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.logLevel
Type: one of "debug", "info", "warning", "err", "alert"
Default: "debug"
Example: "warning"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.logTo
Type: string
Default: "syslog::daemon"
Example: "/var/log/znapzend.log"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.noDestroy
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.pure
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup
Type: attribute set of (submodule)
Default: { }
Example:
{ "tank/home" = { # Make snapshots of tank/home every hour, keep those for 1 day, # keep every days snapshot for 1 month, etc. plan = "1d=>1h,1m=>1d,1y=>1m"; recursive = true; # Send all those snapshots to john@example.com:rtank/john as well destinations.remote = { host = "john@example.com"; dataset = "rtank/john"; }; }; };
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.dataset
Type: string
Example: "tank/home"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations
Type: attribute set of (submodule)
Default: { }
Example:
{ local = { dataset = "btank/backup"; presend = "zpool import -N btank"; postsend = "zpool export btank"; }; remote = { host = "john@example.com"; dataset = "tank/john"; }; };
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.dataset
Type: string
Example: "tank/main"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.host
Type: null or string
Default: null
Example: "john@example.com"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.label
Type: string
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.plan
Type: string
Example: "1h=>10min,1d=>1h,1w=>1d,1m=>1w,1y=>1m"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.postsend
Type: null or string
Default: null
Example: "ssh root@bserv zpool export tank"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.presend
Type: null or string
Default: null
Example: "ssh root@bserv zpool import -Nf tank"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.mbuffer.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.mbuffer.port
Type: null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: null
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.mbuffer.size
Type: string of the form number{b|k|M|G}
Default: "1G"
Example: "128M"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.plan
Type: string
Example: "1h=>10min,1d=>1h,1w=>1d,1m=>1w,1y=>1m"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.postsnap
Type: null or string
Default: null
Example:
"${pkgs.coreutils}/bin/kill `${pkgs.coreutils}/bin/cat /tmp/mariadblock.pid`;${pkgs.coreutils}/bin/rm /tmp/mariadblock.pid"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.presnap
Type: null or string
Default: null
Example:
''${pkgs.mariadb}/bin/mysql -e "set autocommit=0;flush tables with read lock;\\! ${pkgs.coreutils}/bin/sleep 600" & ${pkgs.coreutils}/bin/echo $! > /tmp/mariadblock.pid ; sleep 10''
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.recursive
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.sendDelay
Type: signed integer
Default: 0
Example: 60
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.timestampFormat
Type: string containing all of the characters %Y, %m, %d, %H, %M, %S
Default: "%Y-%m-%d-%H%M%S"
Example: "znapzend-%m.%d.%Y-%H%M%SZ"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
swapDevices
Type: list of (submodule)
Default: [ ]
Example:
[ { device = "/dev/hda7"; } { device = "/var/swapfile"; } { label = "bigswap"; } ]
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.device
Type: non-empty string
Example: "/dev/sda3"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.discardPolicy
Type: null or one of "once", "pages", "both"
Default: null
Example: "once"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.label
Type: string
Example: "swap"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.options
Type: list of non-empty string
Default:
[ "defaults" ]
Example:
[ "nofail" ]
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.priority
Type: null or signed integer
Default: null
Example: 2048
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption
Type: (submodule) or boolean convertible to it
Default: false
Example:
{ cipher = "serpent-xts-plain64"; enable = true; source = "/dev/random"; }
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.allowDiscards
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.cipher
Type: string
Default: "aes-xts-plain64"
Example: "serpent-xts-plain64"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.keySize
Type: null or signed integer
Default: null
Example: "512"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.sectorSize
Type: null or signed integer
Default: null
Example: "4096"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.source
Type: string
Default: "/dev/urandom"
Example: "/dev/random"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.size
Type: null or signed integer
Default: null
Example: 2048
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
system.activationScripts
Type: attribute set of (string or (submodule))
Default: { }
Example:
{ stdio.text = '' # Needed by some programs. ln -sfn /proc/self/fd /dev/fd ln -sfn /proc/self/fd/0 /dev/stdin ln -sfn /proc/self/fd/1 /dev/stdout ln -sfn /proc/self/fd/2 /dev/stderr ''; }
Declared by:
<nixpkgs/nixos/modules/system/activation/activation-script.nix>
|
system.boot.restrict-proc-sysfs.enable
Restrict access to proc, sysfs and any other filesystem contents
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/restrict-proc-sysfs>
|
system.boot.restrict-proc-sysfs.config
Config passed to ./restrict-dirs.rb Each line represents a rule for a path. The first word is a command, the second word is the path. The command can be one of: restrict, skip and grant. Empty lines and lines beginning with a hash are ignored. restrict is used to deny access from containers to the path, skip does not change the access mode and grant will give read-write access to containers and all their users, even unprivileged ones. The path can contain patterns, which are expanded. Rules are evaluated from the top. There can be more than one rule for one path, the last rule will be used. This makes it possible to e.g. use wildcards with exceptions: restrict /sys/class/* skip /sys/class/net The rules above will restrict access to the contents of /sys/class, except for directory /sys/class/net.
Type: strings concatenated with "\n"
Default:
'' restrict /proc/bus restrict /proc/interrupts restrict /proc/sched_debug restrict /proc/spl restrict /sys/block restrict /sys/bus/* skip /sys/bus/pci restrict /sys/class/* skip /sys/class/dmi skip /sys/class/mem skip /sys/class/misc skip /sys/class/net skip /sys/class/pci_bus skip /sys/class/tty skip /sys/dev/block restrict /sys/devices/* skip /sys/devices/pci* skip /sys/devices/system restrict /sys/devices/system/* skip /sys/devices/system/cpu skip /sys/devices/system/node skip /sys/devices/virtual restrict /sys/devices/virtual/* skip /sys/devices/virtual/dmi skip /sys/devices/virtual/mem skip /sys/devices/virtual/misc skip /sys/devices/virtual/net skip /sys/devices/virtual/tty restrict /sys/firmware restrict /sys/module/*/sections grant /sys/module/nf_conntrack/parameters/* restrict /sys/power ''
Declared by:
<vpsadminos/os/modules/system/boot/restrict-proc-sysfs>
|
system.build
Type: lazy attribute set of unspecified value
Default: { }
Declared by:
<nixpkgs/nixos/modules/system/build.nix>
|
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.build.dist
Type: package (read only)
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.build.squashfs
Type: package (read only)
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.build.toplevel
Type: package (read only)
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.checks
Type: list of package
Default: [ ]
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.codeName
The vpsAdminOS release code name (e.g. Emu
).
Type: string (read only)
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
system.extraDependencies
Type: list of package
Default: [ ]
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.forbiddenDependenciesRegex
Type: string
Default: ""
Example: "-dev$"
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.includeBuildDependencies
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.name
Type: string
Default:
if config.networking.hostName == "" then "unnamed" else config.networking.hostName;
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.nssDatabases.group
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.nssDatabases.hosts
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.nssDatabases.passwd
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.nssDatabases.services
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.nssDatabases.shadow
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.replaceRuntimeDependencies
Type: list of (submodule)
Default: [ ]
Example: [ ({ original = pkgs.openssl; replacement = pkgs.callPackage /path/to/openssl { }; }) ]
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.replaceRuntimeDependencies.*.original
Type: package
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.replaceRuntimeDependencies.*.replacement
Type: package
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.secretsDir
Path to a directory containing secret keys and other files that should
not be stored in the Nix store. The directory's base name has to be
secrets
.
If the sandbox is enabled (nix.useSandbox = true;
)
on the build machine, you need to add your directory with secrets
to nix.sandboxPaths
and then set this option to the
path within the sandbox. For example, if your secrets on the build
machine are stored in /home/vpsadminos/secrets
, you
could set
nix.sandboxPaths = [ "/secrets=/home/vpsadminos/secrets" ];
on the build machine and system.secretsDir = "/secrets";
in vpsAdminOS config.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/activation/secrets.nix>
|
system.stateVersion
Every once in a while, a new vpsAdminOS release may change configuration defaults in a way incompatible with stateful data. For instance, if the default version of PostgreSQL changes, the new version will probably be unable to read your existing databases. To prevent such breakage, you can set the value of this option to the vpsAdminOS release with which you want to be compatible. The effect is that vpsAdminOS will option defaults corresponding to the specified release (such as using an older version of PostgreSQL).
Type: string
Default: "23.05.0"
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
system.storeOverlaySize
Size of the tmpfs filesystems used as an overlay for /nix/store. See option size in man tmpfs(5) for possible values.
Type: string
Default: "2G"
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.userActivationScripts
Type: attribute set of (string or (submodule))
Default: { }
Example:
{ plasmaSetup = { text = '' ${pkgs.libsForQt5.kservice}/bin/kbuildsycoca5" ''; deps = []; }; }
Declared by:
<nixpkgs/nixos/modules/system/activation/activation-script.nix>
|
system.vpsadminos.codeName
Type: string (read only)
Default: "Stoat"
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
system.vpsadminos.label
Type: string matching the pattern [a-zA-Z0-9:_\.-]*
Declared by:
<vpsadminos/os/modules/misc/label.nix>
|
system.vpsadminos.release
Type: string (read only)
Default: "23.05.0"
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
system.vpsadminos.tags
Type: list of string
Default: [ ]
Example:
[ "with-xen" ]
Declared by:
<vpsadminos/os/modules/misc/label.nix>
|
system.vpsadminos.variant_id
Type: null or string matching the pattern ^[a-z0-9._-]+$
Default: null
Example: "installer"
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
systemd.package
Type: unspecified value
Default: "/not-on-vpsadminos"
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.packages
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.globalEnvironment
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.services
Type: attribute set of unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.sockets
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.targets
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.tmpfiles
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.user
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
time.hardwareClockInLocalTime
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
time.timeZone
Type: null or string without spaces
Default: null
Example: "America/New_York"
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
tty.autologin.enable
Whether to enable Enable autologin on ttys.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/ttys/agetty.nix>
|
tty.autologin.user
Autologin user
Type: string
Default: "root"
Declared by:
<vpsadminos/os/modules/services/ttys/agetty.nix>
|
tty.spawnSerial
Number of serial TTYs (STTYs) spawned (for /dev/ttyS0)
Type: integer between 0 and 10 (both inclusive)
Default: 1
Declared by:
<vpsadminos/os/modules/services/ttys/agetty.nix>
|
tty.spawnStandard
Number of TTYs spawned, set to 0 to disable
Type: integer between 0 and 10 (both inclusive)
Default: 4
Declared by:
<vpsadminos/os/modules/services/ttys/agetty.nix>
|
users.allowNoPasswordLogin
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.defaultUserShell
Type: path or package
Example: pkgs.zsh
Declared by:
<nixpkgs/nixos/modules/programs/shadow.nix>
|
users.enforceIdUniqueness
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups
Type: attribute set of (submodule)
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name>.gid
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name>.members
Type: list of string, not containing newlines or colons
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name>.name
Type: string, not containing newlines or colons
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers
Type: attribute set of (submodule)
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.packages
Type: list of package
Default: [ ]
Example: [ pkgs.firefox pkgs.thunderbird ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.autoSubUidGidRange
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.createHome
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.cryptHomeLuks
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.description
Type: string, not containing newlines or colons
Default: ""
Example: "Alice Q. User"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.extraGroups
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.group
Type: string
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.hashedPassword
Type: null or string, not containing newlines or colons
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.home
Type: path, not containing newlines or colons
Default: "/var/empty"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.homeMode
Type: string matching the pattern [0-7]{1,5}
Default: "700"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.initialHashedPassword
Type: null or string, not containing newlines or colons
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.initialPassword
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.isNormalUser
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.isSystemUser
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.name
Type: string, not containing newlines or colons
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.openssh.authorizedKeys.keyFiles
Type: list of path
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.extraUsers.<name>.openssh.authorizedKeys.keys
Type: list of (optionally newline-terminated) single-line string
Default: [ ]
Example:
[ "ssh-rsa AAAAB3NzaC1yc2etc/etc/etcjwrsh8e596z6J0l7 example@host" "ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ foo@bar" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.extraUsers.<name>.pamMount
Type: attribute set of string
Default: { }
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.password
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.passwordFile
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.shell
Type: null or package or path, not containing newlines or colons
Default: pkgs.shadow
Example: pkgs.bashInteractive
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subGidRanges
Type: list of (submodule)
Default: [ ]
Example:
[ { count = 1; startGid = 100; } { count = 999; startGid = 1001; } ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subGidRanges.*.count
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subGidRanges.*.startGid
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subUidRanges
Type: list of (submodule)
Default: [ ]
Example:
[ { count = 1; startUid = 1000; } { count = 65534; startUid = 100001; } ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subUidRanges.*.count
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subUidRanges.*.startUid
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.uid
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.useDefaultShell
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.groups
Type: attribute set of (submodule)
Default: { }
Example:
{ hackers = { }; students = { gid = 1001; }; }
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.groups.<name>.gid
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.groups.<name>.members
Type: list of string, not containing newlines or colons
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.groups.<name>.name
Type: string, not containing newlines or colons
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.ldap.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.base
Type: string
Example: "dc=example,dc=org"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.distinguishedName
Type: string
Default: ""
Example: "cn=admin,dc=example,dc=com"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.passwordFile
Type: string
Default: "/etc/ldap/bind.password"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.policy
Type: one of "hard_open", "hard_init", "soft"
Default: "hard_open"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.timeLimit
Type: signed integer
Default: 30
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.rootpwmoddn
Type: string
Default: ""
Example: "cn=admin,dc=example,dc=com"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.rootpwmodpwFile
Type: string
Default: ""
Example: "/run/keys/nslcd.rootpwmodpw"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.loginPam
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.nsswitch
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.server
Type: string
Example: "ldap://ldap.example.org/"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.timeLimit
Type: signed integer
Default: 0
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.useTLS
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.motd
Type: null or strings concatenated with "\n"
Default: null
Example: "Today is Sweetmorn, the 4th day of The Aftermath in the YOLD 3178."
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
users.motdFile
Type: null or path
Default: null
Example: "/etc/motd"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
users.mutableUsers
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.mysql.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.database
Type: string
Example: "auth"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.host
Type: string
Example: "localhost"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss
Type: submodule
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getgrent
Type: null or string
Default: null
Example:
SELECT name,password,gid FROM groups
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getgrgid
Type: null or string
Default: null
Example:
SELECT name,password,gid FROM groups WHERE gid='%1$u' LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getgrnam
Type: null or string
Default: null
Example:
SELECT name,password,gid FROM groups WHERE name='%1$s' LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getpwent
Type: null or string
Default: null
Example:
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' FROM users
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getpwnam
Type: null or string
Default: null
Example:
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' \ FROM users \ WHERE username='%1$s' \ LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getpwuid
Type: null or string
Default: null
Example:
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' \ FROM users \ WHERE uid='%1$u' \ LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getspent
Type: null or string
Default: null
Example:
SELECT username,password,'1','0','99999','0','0','-1','0' FROM users
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getspnam
Type: null or string
Default: null
Example:
SELECT username,password,'1','0','99999','0','0','-1','0' \ FROM users \ WHERE username='%1$s' \ LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.gidsbymem
Type: null or string
Default: null
Example:
SELECT gid FROM grouplist WHERE username='%1$s'
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.memsbygid
Type: null or string
Default: null
Example:
SELECT username FROM grouplist WHERE gid='%1$u'
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam
Type: submodule
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.cryptDefault
Type: null or one of "md5", "sha256", "sha512", "blowfish"
Default: null
Example: "blowfish"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.disconnectEveryOperation
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.hostColumn
Type: string
Example: "host"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.msgColumn
Type: string
Example: "msg"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.pidColumn
Type: string
Example: "pid"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.rHostColumn
Type: string
Example: "rhost"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.table
Type: string
Example: "logs"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.timeColumn
Type: string
Example: "timestamp"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.userColumn
Type: string
Example: "user"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.passwordColumn
Type: string
Example: "password"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.passwordCrypt
Type: one of "0", "plain", "1", "Y", "2", "mysql", "3", "md5", "4", "sha1", "5", "drupal7", "6", "joomla15", "7", "ssha", "8", "sha512", "9", "sha256"
Example: "2"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.statusColumn
Type: null or string
Default: null
Example: "status"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.table
Type: string
Example: "users"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.updateTable
Type: null or string
Default: null
Example: "users_updates"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.userColumn
Type: string
Example: "username"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.verbose
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.where
Type: null or string
Default: null
Example: "host.name='web' AND user.active=1"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.passwordFile
Type: path
Example: "/run/secrets/mysql-auth-db-passwd"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.user
Type: string
Example: "nss-user"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.users
Type: attribute set of (submodule)
Default: { }
Example:
{ alice = { createHome = true; description = "Alice Q. User"; extraGroups = [ "wheel" ]; group = "users"; home = "/home/alice"; shell = "/bin/sh"; uid = 1234; }; }
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.users.<name>.packages
Type: list of package
Default: [ ]
Example: [ pkgs.firefox pkgs.thunderbird ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.autoSubUidGidRange
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.createHome
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.cryptHomeLuks
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.description
Type: string, not containing newlines or colons
Default: ""
Example: "Alice Q. User"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.extraGroups
Type: list of string
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.group
Type: string
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.hashedPassword
Type: null or string, not containing newlines or colons
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.home
Type: path, not containing newlines or colons
Default: "/var/empty"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.homeMode
Type: string matching the pattern [0-7]{1,5}
Default: "700"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.initialHashedPassword
Type: null or string, not containing newlines or colons
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.initialPassword
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.isNormalUser
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.isSystemUser
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.name
Type: string, not containing newlines or colons
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.openssh.authorizedKeys.keyFiles
Type: list of path
Default: [ ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.users.<name>.openssh.authorizedKeys.keys
Type: list of (optionally newline-terminated) single-line string
Default: [ ]
Example:
[ "ssh-rsa AAAAB3NzaC1yc2etc/etc/etcjwrsh8e596z6J0l7 example@host" "ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ foo@bar" ]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.users.<name>.pamMount
Type: attribute set of string
Default: { }
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.password
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.passwordFile
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.shell
Type: null or package or path, not containing newlines or colons
Default: pkgs.shadow
Example: pkgs.bashInteractive
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subGidRanges
Type: list of (submodule)
Default: [ ]
Example:
[ { count = 1; startGid = 100; } { count = 999; startGid = 1001; } ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subGidRanges.*.count
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subGidRanges.*.startGid
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subUidRanges
Type: list of (submodule)
Default: [ ]
Example:
[ { count = 1; startUid = 1000; } { count = 65534; startUid = 100001; } ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subUidRanges.*.count
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subUidRanges.*.startUid
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.uid
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.useDefaultShell
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
virtualisation.lxc.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.defaultConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.lxcfs.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxcfs.nix>
|
virtualisation.lxc.systemConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.usernetConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|