boot.enableUnifiedCgroupHierarchy
Whether to enable the unified cgroup hierarchy (cgroupsv2). This feature is experimental.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
boot.blacklistedKernelModules
Type: list of string
Default:
[
]
Example:
[
"cirrusfb" "i2c_piix4"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/modprobe.nix>
|
boot.consoleLogLevel
Type: signed integer
Default: 4
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.crashDump.enable
If enabled, NixOS will set up a kernel that will boot on crash, and leave the user in systemd rescue to be able to save the crashed kernel dump at /proc/vmcore. It also activates the NMI watchdog.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleSerial.enable
Enable the serial console.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleSerial.baudRate
Specify the baud rate of the serial port.
Type: signed integer
Default: 115200
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleSerial.port
Specify the serial port for debug output.
Type: string
Default: "ttyS0"
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleVGA.enable
Enable the VGA console.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.consoleVGA.reset
Attempt to reset a standard VGA device.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.execAfterDump
shell commands to be executed after makedumpfile outputs /dmesg
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.kernelParams
parameters that will be passed to the kernel kexec-ed on crash.
Type: list of string
Default:
[
"1" "boot.shell_on_fail" "loglevel=8"
]
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.crashDump.reservedMemory
The amount of memory reserved for the crashdump kernel. If you choose a too high value, dmesg will mention "crashkernel reservation failed".
Type: string
Default: "512M"
Declared by:
<vpsadminos/os/modules/misc/crashdump.nix>
|
boot.devShmSize
Type: string
Default: "50%"
Example: "256m"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.devSize
Type: string
Default: "5%"
Example: "32m"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.extraModprobeConfig
Type: strings concatenated with "\n"
Default: ""
Example:
'' options parport_pc io=0x378 irq=7 dma=1 ''
Declared by:
<nixpkgs/nixos/modules/system/boot/modprobe.nix>
|
boot.extraModulePackages
Type: list of package
Default:
[
]
Example: [ config.boot.kernelPackages.nvidia_x11 ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.enable
Whether to enable the NixOS initial RAM disk (initrd). This may be needed to perform some initialisation tasks (like mounting network/encrypted file systems) before continuing the boot process.
Type: boolean
Default: "!config.boot.isContainer"
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.availableKernelModules
Type: list of string
Default:
[
]
Example:
[
"sata_nv" "ext3"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.includeDefaultModules
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.kernelModules
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.initrd.network.enable
Add network connectivity support to initrd. The network may be
configured using the ip
kernel parameter,
as described in the
kernel documentation. Otherwise, if
networking.useDHCP
is enabled, an IP address
is acquired using DHCP.
You should add the module(s) required for your network card to
boot.initrd.availableKernelModules.
lspci -v | grep -iA8 'network\|ethernet'
will tell you which.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.flushBeforeStage2
Whether to clear the configuration of the interfaces that were set up in the initrd right before stage 2 takes over. Stage 2 will do the regular network configuration based on the NixOS networking options.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.postCommands
Shell commands to be executed after stage 1 of the boot has initialised the network.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.setClock
Set clock in initrd using NTP servers in networking.timeServers
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.ssh.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.authorizedKeys
Type: list of string
Default: config.users.users.root.openssh.authorizedKeys.keys
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.hostKeys
Type: list of (string or path)
Default:
[
]
Example:
[
"/etc/secrets/initrd/ssh_host_rsa_key" "/etc/secrets/initrd/ssh_host_ed25519_key"
]
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.port
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: 22
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.ssh.shell
Type: string
Default: "/bin/ash"
Declared by:
<nixpkgs/nixos/modules/system/boot/initrd-ssh.nix>
|
boot.initrd.network.udhcpc.extraArgs
Additional command-line arguments passed verbatim to udhcpc if
boot.initrd.network.enable
and networking.useDHCP
are enabled.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.network.useDHCP
Whether to use DHCP in the initrd.
Type: null or boolean
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/initrd-network.nix>
|
boot.initrd.postDeviceCommands
Shell commands to be executed immediately after stage 1 of the
boot has loaded kernel modules and created device nodes in
/dev
.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.postMountCommands
Shell commands to be executed immediately after the stage 1 filesystems have been mounted.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.preFailCommands
Shell commands to be executed before the failure prompt is shown.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.preLVMCommands
Shell commands to be executed immediately before LVM discovery. vpsAdminOS actually does not support LVM, this is just for compatibility with other modules.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.supportedFilesystems
Names of supported filesystem types in the initial ramdisk.
Type: list of string
Default:
[
]
Example:
[
"btrfs"
]
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
boot.initrd.systemd
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
boot.initrd.withHwSupport
Include hardware support kernel modules in initrd (so e.g. zfs sees disks)
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/config/kernel.nix>
|
boot.isContainer
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
boot.kernel.enable
Type: boolean
Default: true
Example: true
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernel.randstructSeed
Type: string
Default: ""
Example: "my secret seed"
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernel.sysctl
Type: attribute set of (sysctl option value)
Default:
{
}
Example:
{ "net.ipv4.tcp_syncookies" = false; "vm.swappiness" = 60; }
Declared by:
<nixpkgs/nixos/modules/config/sysctl.nix>
|
boot.kernel.sysctl."net.core.rmem_max"
Type: null or unsigned integer, meaning >=0
Default: null
Declared by:
<nixpkgs/nixos/modules/config/sysctl.nix>
|
boot.kernelModules
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelPackage
base linux kernel package
Type: package
Default: (build of linux-5.10.164)
Declared by:
<vpsadminos/os/modules/config/kernel.nix>
|
boot.kernelPackages
Type: raw value
Default: pkgs.linuxPackages
Example: pkgs.linuxKernel.packages.linux_5_10
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelParams
Type: list of string, with spaces inside double quotes
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelPatches
Type: list of (attribute set)
Default:
[
]
Example: [ pkgs.kernelPatches.ubuntu_fan_4_4 ]
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.kernelVersion
TODO
Type: string
Default: "5.10.164"
Declared by:
<vpsadminos/os/modules/config/kernel.nix>
|
boot.loader.efi.canTouchEfiVariables
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/efi.nix>
|
boot.loader.efi.efiSysMountPoint
Type: string
Default: "/boot"
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/efi.nix>
|
boot.loader.generationsDir.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix>
|
boot.loader.generationsDir.copyKernels
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/generations-dir/generations-dir.nix>
|
boot.loader.grub.enable
Whether to enable the GNU GRUB boot loader.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.enableCryptodisk
Enable support for encrypted partitions. GRUB should automatically unlock the correct encrypted partition and look for filesystems.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.backgroundColor
Background color to be used for GRUB to fill the areas the image isn't filling.
This options has no effect for GRUB 1.
Type: null or string
Default: null
Example: "#7EBAE4"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.configurationLimit
Maximum of configurations in boot menu. GRUB has problems when there are too many entries.
Type: signed integer
Default: 100
Example: 120
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.configurationName
GRUB entry name instead of default.
Type: string
Default: ""
Example: "Stable 2.6.21"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.copyKernels
Whether the GRUB menu builder should copy kernels and initial ramdisks to /boot. This is done automatically if /boot is on a different partition than /.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.default
Index of the default menu item to be booted. Can also be set to "saved", which will make GRUB select the menu item that was used at the last boot.
Type: signed integer or string
Default: "0"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.device
The device on which the GRUB boot loader will be installed.
The special value nodev
means that a GRUB
boot menu will be generated, but GRUB itself will not
actually be installed. To install GRUB on multiple devices,
use boot.loader.grub.devices
.
Type: string
Default: ""
Example: "/dev/disk/by-id/wwn-0x500001234567890a"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.devices
The devices on which the boot loader, GRUB, will be
installed. Can be used instead of device
to
install GRUB onto multiple devices.
Type: list of string
Default:
[
]
Example:
[
"/dev/disk/by-id/wwn-0x500001234567890a"
]
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.efiInstallAsRemovable
Whether to invoke grub-install
with
--removable
.
Unless you turn this on, GRUB will install itself somewhere in
boot.loader.efi.efiSysMountPoint
(exactly where
depends on other config variables). If you've set
boot.loader.efi.canTouchEfiVariables
*AND* you
are currently booted in UEFI mode, then GRUB will use
efibootmgr
to modify the boot order in the
EFI variables of your firmware to include this location. If you are
*not* booted in UEFI mode at the time GRUB is being installed, the
NVRAM will not be modified, and your system will not find GRUB at
boot time. However, GRUB will still return success so you may miss
the warning that gets printed ("efibootmgr: EFI variables
are not supported on this system.
").
If you turn this feature on, GRUB will install itself in a
special location within efiSysMountPoint
(namely
EFI/boot/boot$arch.efi
) which the firmwares
are hardcoded to try first, regardless of NVRAM EFI variables.
To summarize, turn this on if:
You are installing vpsAdminOS and want it to boot in UEFI mode, but you are currently booted in legacy mode
You want to make a drive that will boot regardless of the NVRAM state of the computer (like a USB "removable" drive)
You simply dislike the idea of depending on NVRAM state to make your drive bootable
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.efiSupport
Whether GRUB should be built with EFI support. EFI support is only available for GRUB v2. This option is ignored for GRUB v1.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraConfig
Additional GRUB commands inserted in the configuration file just before the menu entries.
Type: strings concatenated with "\n"
Default: ""
Example:
'' serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1 terminal_input --append serial terminal_output --append serial ''
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraEntries
Any additional entries you want added to the GRUB boot menu.
Type: strings concatenated with "\n"
Default: ""
Example:
'' # GRUB 1 example (not GRUB 2 compatible) title Windows chainloader (hd0,1)+1 # GRUB 2 example menuentry "Windows 7" { chainloader (hd0,4)+1 } # GRUB 2 with UEFI example, chainloading another distro menuentry "Fedora" { set root=(hd1,1) chainloader /efi/fedora/grubx64.efi } ''
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraEntriesBeforeVpsAdminOS
Whether extraEntries are included before the default option.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraFiles
A set of files to be copied to /boot
.
Each attribute name denotes the destination file name in
/boot
, while the corresponding
attribute value specifies the source file.
Type: attribute set of path
Default:
{
}
Example:
{ "memtest.bin" = "${pkgs.memtest86plus}/memtest.bin"; }
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraGrubInstallArgs
Additional arguments passed to grub-install
.
A use case for this is to build specific GRUB2 modules
directly into the GRUB2 kernel image, so that they are available
and activated even in the grub rescue
shell.
They are also necessary when the BIOS/UEFI is bugged and cannot
correctly read large disks (e.g. above 2 TB), so GRUB2's own
nativedisk
and related modules can be used
to use its own disk drivers. The example shows one such case.
This is also useful for booting from USB.
See the
GRUB source code
for which disk modules are available.
The list elements are passed directly as argv
arguments to the grub-install
program, in order.
Type: list of string
Default:
[
]
Example:
[
"--modules=nativedisk ahci pata part_gpt part_msdos diskfilter mdraid1x lvm ext2"
]
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraInstallCommands
Additional shell commands inserted in the bootloader installer script after generating menu entries.
Type: strings concatenated with "\n"
Default: ""
Example:
'' # the example below generates detached signatures that GRUB can verify # https://www.gnu.org/software/grub/manual/grub/grub.html#Using-digital-signatures ''${pkgs.findutils}/bin/find /boot -not -path "/boot/efi/*" -type f -name '*.sig' -delete old_gpg_home=$GNUPGHOME export GNUPGHOME="$(mktemp -d)" ''${pkgs.gnupg}/bin/gpg --import ''${priv_key} > /dev/null 2>&1 ''${pkgs.findutils}/bin/find /boot -not -path "/boot/efi/*" -type f -exec ''${pkgs.gnupg}/bin/gpg --detach-sign "{}" \; > /dev/null 2>&1 rm -rf $GNUPGHOME export GNUPGHOME=$old_gpg_home ''
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraPerEntryConfig
Additional GRUB commands inserted in the configuration file at the start of each vpsAdminOS menu entry.
Type: strings concatenated with "\n"
Default: ""
Example: "root (hd0)"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.extraPrepareConfig
Additional bash commands to be run at the script that prepares the GRUB menu entries.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.font
Path to a TrueType, OpenType, or pf2 font to be used by Grub.
Type: null or path
Default: "${pkgs.grub2}/share/grub/unicode.pf2"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.fontSize
Font size for the grub menu. Ignored unless font
is set to a ttf or otf font.
Type: null or signed integer
Default: null
Example: 16
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.forceInstall
Whether to try and forcibly install GRUB even if problems are detected. It is not recommended to enable this unless you know what you are doing.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.forcei686
Whether to force the use of a ia32 boot loader on x64 systems. Required to install and run vpsAdminOS on 64bit x86 systems with 32bit (U)EFI.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.fsIdentifier
Determines how GRUB will identify devices when generating the configuration file. A value of uuid / label signifies that grub will always resolve the uuid or label of the device before using it in the configuration. A value of provided means that GRUB will use the device name as show in df or mount. Note, zfs zpools / datasets are ignored and will always be mounted using their labels.
Type: one of "uuid", "label", "provided"
Default: "uuid"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.gfxmodeBios
The gfxmode to pass to GRUB when loading a graphical boot interface under BIOS.
Type: string
Default: "1024x768"
Example: "auto"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.gfxmodeEfi
The gfxmode to pass to GRUB when loading a graphical boot interface under EFI.
Type: string
Default: "auto"
Example: "1024x768"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.gfxpayloadBios
The gfxpayload to pass to GRUB when loading a graphical boot interface under BIOS.
Type: string
Default: "text"
Example: "keep"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.gfxpayloadEfi
The gfxpayload to pass to GRUB when loading a graphical boot interface under EFI.
Type: string
Default: "keep"
Example: "text"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.ipxe
Set of iPXE scripts available for booting from the GRUB boot menu.
Type: attribute set of (path or string)
Default:
{
}
Example:
{ demo = '' #!ipxe dhcp chain http://boot.ipxe.org/demo/boot.php ''; }
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/ipxe.nix>
|
boot.loader.grub.mirroredBoots
Mirror the boot configuration to multiple partitions and install grub to the respective devices corresponding to those partitions.
Type: list of (submodule)
Default:
[
]
Example:
[
{
devices =
[
"/dev/disk/by-id/wwn-0x500001234567890a"
]
; path = "/boot1";
}
{
devices =
[
"/dev/disk/by-id/wwn-0x500009876543210a"
]
; path = "/boot2";
}
]
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.mirroredBoots.*.devices
The path to the devices which will have the GRUB MBR written. Note these are typically device paths and not paths to partitions.
Type: list of string
Default:
[
]
Example:
[
"/dev/disk/by-id/wwn-0x500001234567890a" "/dev/disk/by-id/wwn-0x500009876543210a"
]
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.mirroredBoots.*.efiBootloaderId
The id of the bootloader to store in efi nvram.
The default is to name it vpsAdminOS and append the path or efiSysMountPoint.
This is only used if boot.loader.efi.canTouchEfiVariables
is true.
Type: null or string
Default: null
Example: "vpsAdminOS-fsid"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.mirroredBoots.*.efiSysMountPoint
The path to the efi system mount point. Usually this is the same partition as the above path and can be left as null.
Type: null or string
Default: null
Example: "/boot1/efi"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.mirroredBoots.*.path
The path to the boot directory where GRUB will be written. Generally this boot path should double as an EFI path.
Type: string
Example: "/boot1"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.splashImage
Background image used for GRUB.
Set to null
to run GRUB in text mode.
For grub 1: It must be a 640x480, 14-colour image in XPM format, optionally compressed with gzip or bzip2.
For grub 2: File must be one of .png, .tga, .jpg, or .jpeg. JPEG images must not be progressive. The image will be scaled if necessary to fit the screen.
Type: null or path
Example: ./my-background.png
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.splashMode
Whether to stretch the image or show the image in the top-left corner unstretched.
This options has no effect for GRUB 1.
Type: one of "normal", "stretch"
Default: "stretch"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.storePath
Path to the Nix store when looking for kernels at boot. Only makes sense when copyKernels is false.
Type: string
Default: "/nix/store"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.theme
Grub theme to be used.
This options has no effect for GRUB 1.
Type: null or path
Default: null
Example: pkgs.nixos-grub2-theme
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.trustedBoot.enable
Enable trusted boot. GRUB will measure all critical components during the boot process to offer TCG (TPM) support.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.trustedBoot.isHPLaptop
Use a special version of TrustedGRUB that is needed by some HP laptops and works only for the HP laptops.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.trustedBoot.systemHasTPM
Assertion that the target system has an activated TPM. It is a safety check before allowing the activation of 'trustedBoot.enable'. TrustedBoot WILL FAIL TO BOOT YOUR SYSTEM if no TPM is available.
Type: string
Default: ""
Example: "YES_TPM_is_activated"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.useOSProber
If set to true, append entries for other OSs detected by os-prober.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users
User accounts for GRUB. When specified, the GRUB command line and all boot options except the default are password-protected. All passwords and hashes provided will be stored in /boot/grub/grub.cfg, and will be visible to any local user who can read this file. Additionally, any passwords and hashes provided directly in a Nix configuration (as opposed to external files) will be copied into the Nix store, and will be visible to all local users.
Type: attribute set of (submodule)
Default:
{
}
Example:
{
root =
{
hashedPasswordFile = "/path/to/file";
}
;
}
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users.<name>.hashedPassword
Specifies the password hash for the account, generated with grub-mkpasswd-pbkdf2. This hash will be copied to the Nix store, and will be visible to all local users.
Type: null or string
Default: null
Example: "grub.pbkdf2.sha512.10000.674DFFDEF76E13EA...2CC972B102CF4355"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users.<name>.hashedPasswordFile
Specifies the path to a file containing the password hash for the account, generated with grub-mkpasswd-pbkdf2. This hash will be stored in /boot/grub/grub.cfg, and will be visible to any local user who can read this file.
Type: null or string
Default: null
Example: "/path/to/file"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users.<name>.password
Specifies the clear text password for the account. This password will be copied to the Nix store, and will be visible to all local users.
Type: null or string
Default: null
Example: "Pa$$w0rd!"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.users.<name>.passwordFile
Specifies the path to a file containing the clear text password for the account. This password will be stored in /boot/grub/grub.cfg, and will be visible to any local user who can read this file.
Type: null or string
Default: null
Example: "/path/to/file"
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.version
The version of GRUB to use: 1
for GRUB
Legacy (versions 0.9x), or 2
(the
default) for GRUB 2.
Type: signed integer
Default: 2
Example: 1
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.grub.zfsSupport
Whether GRUB should be built against libzfs. ZFS support is only available for GRUB v2. This option is ignored for GRUB v1.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/loader/grub/grub.nix>
|
boot.loader.timeout
Type: null or signed integer
Default: 5
Declared by:
<nixpkgs/nixos/modules/system/boot/loader/loader.nix>
|
boot.modprobeConfig.enable
Type: boolean
Default: true
Example: true
Declared by:
<nixpkgs/nixos/modules/system/boot/modprobe.nix>
|
boot.postBootCommands
Shell commands to be executed just before runit is started.
Type: strings concatenated with "\n"
Default: ""
Example: "rm -f /var/log/messages"
Declared by:
<vpsadminos/os/modules/system/boot/stage-2.nix>
|
boot.predefinedFailAction
Action to take automatically if stage-1 fails. n - create new pool (may also erase disks and run partitioning if configured) i - interactive shell r - reboot * - ignore Useful for unattended installations and testing.
Type: one of "", "n", "i", "r", "*"
Default: ""
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
boot.procHidePid
mount proc with hidepid=2
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/stage-2.nix>
|
boot.qemu.enable
QEMU runner
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks
Disks available within the VM
Type: list of (submodule)
Default:
[
{
create = true; device = "sda.img"; size = "8G"; type = "file";
}
]
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks.*.create
Create the device if it does not exist. Applicable only for file-backed devices.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks.*.device
Path to the disk device
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks.*.size
Device size
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.qemu.disks.*.type
Device type
Type: one of "file", "blockdev"
Declared by:
<vpsadminos/os/modules/system/boot/qemu.nix>
|
boot.runSize
Type: string
Default: "25%"
Example: "256m"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.depends
Type: list of string (with check: non-empty without trailing slash)
Default:
[
]
Example:
[
"/persist"
]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.device
Type: null or string (with check: non-empty)
Default: null
Example: "/dev/sda"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.fsType
Type: string (with check: non-empty)
Default: "auto"
Example: "ext3"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.mountPoint
Type: string (with check: non-empty without trailing slash)
Example: "/mnt/usb"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.specialFileSystems.<name>.options
Type: list of string (with check: non-empty)
Default:
[
"defaults"
]
Example:
[
"data=journal"
]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.supportedFilesystems
Type: list of string
Default:
[
]
Example:
[
"btrfs"
]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
boot.vesa
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/system/boot/kernel.nix>
|
boot.zfs.devNodes
Directories used to search disk devices. This should be a path under /dev containing stable names for all devices needed, as import may fail if device nodes are renamed concurrently with a device failing.
Type: list of string
Default:
[
"/dev/disk/by-id"
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.forceImportRoot
Forcibly import the ZFS root pool(s) during early boot.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.moduleParams
Type: submodule
Default:
{
}
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.moduleParams.spl
spl module load time options
Type: attribute set of (module option value)
Default:
{
}
Example:
{ "spl_taskq_thread_priority" = true; "spl_taskq_thread_sequential" = 2; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.moduleParams.zfs
zfs module load time options
Type: attribute set of (module option value)
Default:
{
}
Example:
{ "zfs_arc_min" = 1073741824; }
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.cache
Devices used for secondary read cache (L2ARC).
Type: list of string
Default:
[
]
Example:
[
"sde2" "sdf2"
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.datasets
Declaratively create ZFS file systems or volumes and configure properties. Dataset names are relative to the pool and optionally may start with a slash. Configured properties are passed directly to ZFS, see man zfs(8) for more information. No dataset is ever destroyed and properties removed from the configuration are not unset once deployed. To reset a property, set its value to `inherit`.
Type: attribute set of (submodule)
Default:
{
/ =
{
properties =
{
xattr =
{
_type = "override"; content = "sa"; priority = 1000;
}
;
}
;
}
;
}
Example:
{
/ =
{
properties =
{
sharenfs = "on";
}
;
}
; data =
{
properties =
{
quota = "100G";
}
;
}
; volume =
{
properties =
{
volsize = "50G";
}
; type = "volume";
}
;
}
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.datasets.<name>.properties
ZFS properties, see man zfs(8).
Type: attribute set
Default:
{
}
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.datasets.<name>.type
Dataset type
Type: one of "filesystem", "volume"
Default: "filesystem"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.doCreate
Determines whether disks are partitioned and zpool is created when the pool cannot be imported, suggesting it does not exist. Do not enable this in production, existing pools might fail to import for unforeseen reasons and recreating them will result in data loss.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.guid
Pool ID used for importing.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.importAttempts
Number of attempts to cleanly import the pool with all devices present.
After the attempts are spent, even a degraded pool will be imported.
If the pool still can't be imported, the service will either fail
or create the pool if option
boot.zfs.pools.<name>.doCreate
is enabled.
Type: 3 or more
Default: 60
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.install
Import the pool into osctld to be used for containers.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.layout
Pool layout to pass to zpool create. The pool can be created either
manually using script do-create-pool-<pool>
or automatically when boot.zfs.pools.<pool>.doCreate
is set and the pool cannot be imported.
Type: list of (submodule)
Default:
[
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.layout.*.devices
List of device names.
Type: list of string
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.layout.*.type
Virtual device type, see man zpool(8) for more information.
Type: one of "stripe", "mirror", "raidz", "raidz1", "raidz2", "raidz3"
Default: "stripe"
Example: "mirror"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.log
Devices used for ZFS Intent Log (ZIL).
Type: list of (submodule)
Default:
[
]
Example:
{
devices =
[
"sde1" "sdf1"
]
; mirror = true;
}
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.log.*.devices
List of device names.
Type: list of string
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.log.*.mirror
Determines whether the log devices will be mirrored or not.
Type: boolean
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.partition
Partition disks This creates a sfdisk input for simple partitioning, X in 'pX' means partition number. If sizeGB is not specified the rest of the dist will be used for this partition.
Type: attribute set of attribute set of (submodule)
Default:
{
}
Example:
{
sde =
{
p1 =
{
sizeGB = 20;
}
; p2 =
{
sizeGB = 10; type = "fd";
}
; p3 =
{
}
;
}
;
}
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.partition.<name>.<name>.sizeGB
Partition size in gigabytes
Type: null or positive integer, meaning >0
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.partition.<name>.<name>.type
Partition type (list with `sfdisk -T`)
Type: value "fd" (singular enum)
Default: "fd"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.properties
zpool properties, see man zpool(8) for more information.
Type: attribute set
Default:
{
}
Example:
{
readonly = "on";
}
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.enable
Enables periodic scrubbing
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.pauseCommand
Optionally override the auto-generated command used to pause scrub
of the pool.
Defaults to scrubctl pause <pool>
.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.pauseIntervals
Date and time expression for when to pause a running scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.resumeCommand
Optionally override the auto-generated command used to resume scrub
of the pool.
Defaults to scrubctl resume <pool>
.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.resumeIntervals
Date and time expression for when to resume a paused scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.startCommand
Optionally override the auto-generated command used to scrub
the pool.
Defaults to scrubctl start <pool>
.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.scrub.startIntervals
Date and time expression for when to scrub the pool in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.share
Determines whether ZFS filesystems with sharenfs set should be
exported.
When set to always
, zfs share
is run every time the service is started. When set to
once
, filesystems are exported only once for this
pool, e.g. when the service is restarted on upgrade, filesystems are
not reexported. off
disables automated exporting
completely.
Type: one of "always", "once", "off"
Default: "always"
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.spare
List of devices to be used as hot spares.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfs.pools.<name>.wipe
Wipe disks prior to disk partitioning and pool creation (dangerous!). Uses dd to erase first and last 1024 sectors of the device.
Type: list of string
Default:
[
]
Example:
[
"sda" "sdb"
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
boot.zfsUserPackage
TODO
Type: package
Default: (build of zfs-user-2.0-vpsadminos)
Declared by:
<vpsadminos/os/modules/config/kernel.nix>
|
environment.enableDebugInfo
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/debug-info.nix>
|
environment.etc
Type: attribute set of (submodule)
Default:
{
}
Example:
{ example-configuration-file = { source = "/nix/store/.../etc/dir/file.conf.example"; mode = "0440"; }; "default/useradd".text = "GROUP=100 ..."; }
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.gid
Type: signed integer
Default: 0
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.group
Type: string
Default: "+0"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.mode
Type: string
Default: "symlink"
Example: "0600"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.source
Type: path
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.target
Type: string
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.text
Type: null or strings concatenated with "\n"
Default: null
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.uid
Type: signed integer
Default: 0
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.etc.<name>.user
Type: string
Default: "+0"
Declared by:
<nixpkgs/nixos/modules/system/etc/etc.nix>
|
environment.extraInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.extraOutputsToInstall
List of additional package outputs to be symlinked into /run/current-system/sw
.
Type: list of string
Default:
[
]
Example:
[
"doc" "info" "docdev"
]
Declared by:
<vpsadminos/os/modules/config/system-path.nix>
|
environment.homeBinInPath
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.interactiveShellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.localBinInPath
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.loginShellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.pathsToLink
List of directories to be symlinked in /run/current-system/sw
.
Type: list of string
Default:
[
]
Example:
[
"/"
]
Declared by:
<vpsadminos/os/modules/config/system-path.nix>
|
environment.profileRelativeEnvVars
Type: attribute set of list of string
Example:
{
MANPATH =
[
"/man" "/share/man"
]
; PATH =
[
"/bin"
]
;
}
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.profileRelativeSessionVariables
Type: attribute set of list of string
Example:
{
MANPATH =
[
"/man" "/share/man"
]
; PATH =
[
"/bin"
]
;
}
Declared by:
<nixpkgs/nixos/modules/config/system-environment.nix>
|
environment.profiles
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.sessionVariables
Type: attribute set of (string or list of string)
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/config/system-environment.nix>
|
environment.shellAliases
Type: attribute set of (null or string or path)
Example:
{
l = null; ll = "ls -l";
}
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.shellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.shells
Type: list of (package or path)
Default:
[
]
Example: [ pkgs.bashInteractive pkgs.zsh ]
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
environment.systemPackages
Type: list of package
Default:
[
]
Example: [ pkgs.firefox pkgs.thunderbird ]
Declared by:
<vpsadminos/os/modules/config/system-path.nix>
|
environment.variables
Type: attribute set of (string or list of string)
Default:
{
}
Example:
{
EDITOR = "nvim"; VISUAL = "nvim";
}
Declared by:
<nixpkgs/nixos/modules/config/shells-environment.nix>
|
fileSystems
Type: attribute set of (submodule)
Default:
{
}
Example:
{ "/".device = "/dev/hda1"; "/data" = { device = "/dev/hda2"; fsType = "ext3"; options = [ "data=journal" ]; }; "/bigdisk".label = "bigdisk"; }
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.autoFormat
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.autoResize
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.depends
Type: list of string (with check: non-empty without trailing slash)
Default:
[
]
Example:
[
"/persist"
]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.device
Type: null or string (with check: non-empty)
Default: null
Example: "/dev/sda"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.formatOptions
Type: string
Default: ""
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.fsType
Type: string (with check: non-empty)
Default: "auto"
Example: "ext3"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.label
Type: null or string (with check: non-empty)
Default: null
Example: "root-partition"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.mountPoint
Type: string (with check: non-empty without trailing slash)
Example: "/mnt/usb"
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.neededForBoot
If set, this file system will be mounted in the initial
ramdisk. By default, this applies to the root file system
and to the file system containing
/nix/store
.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/stage-1.nix>
|
fileSystems.<name>.noCheck
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
fileSystems.<name>.options
Type: list of string (with check: non-empty)
Default:
[
"defaults"
]
Example:
[
"data=journal"
]
Declared by:
<nixpkgs/nixos/modules/tasks/filesystems.nix>
|
hardware.enableAllFirmware
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/hardware/all-firmware.nix>
|
hardware.enableRedistributableFirmware
Type: boolean
Default: config.hardware.enableAllFirmware
Declared by:
<nixpkgs/nixos/modules/hardware/all-firmware.nix>
|
hardware.firmware
Type: list of package
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/hardware/eudev.nix>
|
hardware.wirelessRegulatoryDatabase
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/hardware/all-firmware.nix>
|
i18n.defaultLocale
Type: string
Default: "en_US.UTF-8"
Example: "nl_NL.UTF-8"
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.extraLocaleSettings
Type: attribute set of string
Default:
{
}
Example:
{
LC_MESSAGES = "en_US.UTF-8"; LC_TIME = "de_DE.UTF-8";
}
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.glibcLocales
Type: path
Default:
pkgs.glibcLocales.override { allLocales = any (x: x == "all") config.i18n.supportedLocales; locales = config.i18n.supportedLocales; }
Example: pkgs.glibcLocales
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
i18n.supportedLocales
Type: list of string
Default:
unique (builtins.map (l: (replaceStrings [ "utf8" "utf-8" "UTF8" ] [ "UTF-8" "UTF-8" "UTF-8" ] l) + "/UTF-8") ( [ "C.UTF-8" config.i18n.defaultLocale ] ++ (attrValues (filterAttrs (n: v: n != "LANGUAGE") config.i18n.extraLocaleSettings)) ))
Example:
[
"en_US.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "nl_NL/ISO-8859-1"
]
Declared by:
<nixpkgs/nixos/modules/config/i18n.nix>
|
krb5
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
lib
Type: attribute set of (attribute set)
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/misc/lib.nix>
|
location.latitude
Type: floating point number
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
location.longitude
Type: floating point number
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
location.provider
Type: one of "manual", "geoclue2"
Default: "manual"
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
manual.html.enable
Whether to install the HTML manual.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/misc/manual.nix>
|
manual.json.enable
Whether to install a JSON formatted list of all vpsAdminOS
options. This can be located at
<profile directory>/share/doc/vpsadminos/options.json
,
and may be used for navigating definitions, auto-completing,
and other miscellaneous tasks.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/misc/manual.nix>
|
manual.manpages.enable
Whether to install the configuration manual page. The manual can be reached by man configuration.nix.
Type: boolean
Default: true
Example: false
Declared by:
<vpsadminos/os/modules/misc/manual.nix>
|
networking.enableIPv6
Type: unspecified value
Default: true
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
networking.chronyd
use Chrony daemon for network time synchronization
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/networking/chronyd.nix>
|
networking.custom
Custom set of commands used to set-up networking
Type: strings concatenated with "\n"
Default: ""
Example:
'' ip addr add 10.0.0.1 dev ix0 ip link set ix0 up ''
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.dhcp
use DHCP to obtain IP
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.dhcpd
Whether to enable Enable dhcpd for lxc containers.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/networking/dhcpd.nix>
|
networking.domain
The domain. It can be left empty if it is auto-detected through DHCP.
Type: null or string
Default: null
Example: "home"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.extraHosts
Additional verbatim entries to be appended to /etc/hosts
.
Type: strings concatenated with "\n"
Default: ""
Example: "192.168.0.1 lanlocalhost"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.firewall.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.package
Type: package
Default: pkgs.iptables
Example: pkgs.iptables-legacy
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowPing
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedTCPPortRanges
Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
]
Example:
[
{
from = 8999; to = 9003;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedTCPPorts
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
]
Example:
[
22 80
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedUDPPortRanges
Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
]
Example:
[
{
from = 60000; to = 61000;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.allowedUDPPorts
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
]
Example:
[
53
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.autoLoadConntrackHelpers
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.checkReversePath
Type: boolean or one of "strict", "loose"
Default:
{
_type = "literalMD"; text = "`true` if supported by the chosen kernel";
}
Example: "loose"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.connectionTrackingModules
Type: list of string
Default:
[
]
Example:
[
"ftp" "irc" "sane" "sip" "tftp" "amanda" "h323" "netbios_sn" "pptp" "snmp"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.extraCommands
Type: strings concatenated with "\n"
Default: ""
Example: "iptables -A INPUT -p icmp -j ACCEPT"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.extraPackages
Type: list of package
Default:
[
]
Example: [ pkgs.ipset ]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.extraStopCommands
Type: strings concatenated with "\n"
Default: ""
Example: "iptables -P INPUT ACCEPT"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces.<name>.allowedTCPPortRanges
Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
]
Example:
[
{
from = 8999; to = 9003;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces.<name>.allowedTCPPorts
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
]
Example:
[
22 80
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces.<name>.allowedUDPPortRanges
Type: list of attribute set of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
]
Example:
[
{
from = 60000; to = 61000;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.interfaces.<name>.allowedUDPPorts
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
]
Example:
[
53
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedConnections
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedPackets
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logRefusedUnicastsOnly
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.logReversePathDrops
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.pingLimit
Type: null or strings concatenated with " "
Default: null
Example: "--limit 1/minute --limit-burst 5"
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.rejectPackets
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.firewall.trustedInterfaces
Type: list of string
Default:
[
]
Example:
[
"enp0s2"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/firewall.nix>
|
networking.hostId
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
networking.hostName
machine hostname
Type: string
Default: "default"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.hosts
Locally defined maps of hostnames to IP addresses.
Type: attribute set of list of string
Default:
{
}
Example:
{ "127.0.0.1" = [ "foo.bar.baz" ]; "192.168.0.2" = [ "fileserver.local" "nameserver.local" ]; };
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.lxcbr
create lxc bridge interface
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.nameservers
The list of nameservers. It can be left empty if it is auto-detected through DHCP.
Type: list of string
Default:
[
]
Example:
[
"208.67.222.222" "208.67.220.220"
]
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.nat
enable NAT for containers
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.preConfig
Set of commands run prior to any other network configuration
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.search
The list of search paths used when resolving domain names.
Type: list of string
Default:
[
]
Example:
[
"example.com" "local.domain"
]
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.enable
use static networking configuration
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.gw
gateway IP address for static networking configuration
Type: string
Default: "10.0.2.2"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.interface
interface for static networking configuration
Type: string
Default: "eth0"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.ip
IP address for static networking configuration
Type: string
Default: "10.0.2.15"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.static.route
route
Type: string
Default: "10.0.2.0/24"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.timeServers
The set of NTP servers from which to synchronise.
Type: unspecified value
Default:
[
"0.nixos.pool.ntp.org" "1.nixos.pool.ntp.org" "2.nixos.pool.ntp.org" "3.nixos.pool.ntp.org"
]
Declared by:
<vpsadminos/os/modules/services/networking/chronyd.nix>
|
networking.useDHCP
Alias of networking.dhcp
.
Type: boolean
Declared by:
<vpsadminos/os/modules/rename.nix>
|
networking.waitOnline.http.urls
A list URLs which are queried. We are online when any one of these sends a HTTP response.
Type: list of string
Default:
[
"http://1.1.1.1" "http://vpsadminos.org"
]
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.waitOnline.method
Which method to use to check network connectivity
Type: one of "ping", "http"
Default: "ping"
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
networking.waitOnline.ping.hosts
A list of hosts which are pinged. We are online when any one of these pongs back.
Type: list of string
Default:
[
"8.8.8.8" "1.1.1.1"
]
Declared by:
<vpsadminos/os/modules/tasks/network-interfaces.nix>
|
nix.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.package
Type: package
Default: pkgs.nix
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines
Type: list of (submodule)
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.hostName
Type: string
Example: "nixbuilder.example.org"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.mandatoryFeatures
Type: list of string
Default:
[
]
Example:
[
"big-parallel"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.maxJobs
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.protocol
Type: one of <null>, "ssh", "ssh-ng"
Default: "ssh"
Example: "ssh-ng"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.publicHostKey
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.speedFactor
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.sshKey
Type: null or string
Default: null
Example: "/root/.ssh/id_buildhost_builduser"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.sshUser
Type: null or string
Default: null
Example: "builder"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.supportedFeatures
Type: list of string
Default:
[
]
Example:
[
"kvm" "big-parallel"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.system
Type: null or string
Default: null
Example: "x86_64-linux"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.buildMachines.*.systems
Type: list of string
Default:
[
]
Example:
[
"x86_64-linux" "aarch64-linux"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.checkAllErrors
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.checkConfig
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.daemon.enable
Whether to enable Enable nix daemon.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/misc/nix-daemon.nix>
|
nix.daemonCPUSchedPolicy
Type: one of "other", "batch", "idle"
Default: "other"
Example: "batch"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.daemonIOSchedClass
Type: one of "best-effort", "idle"
Default: "best-effort"
Example: "idle"
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.daemonIOSchedPriority
Type: signed integer
Default: 4
Example: 1
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.distributedBuilds
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.extraOptions
Type: strings concatenated with "\n"
Default: ""
Example:
'' keep-outputs = true keep-derivations = true ''
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.nixPath
Type: list of string
Default:
[
"nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos" "nixos-config=/etc/nixos/configuration.nix" "/nix/var/nix/profiles/per-user/root/channels"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.nrBuildUsers
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.readOnlyStore
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.registry
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.registry.<name>.exact
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.registry.<name>.flake
Type: null or (attribute set)
Default: null
Example: nixpkgs
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.registry.<name>.from
Type: attribute set of (string or signed integer or boolean or path or package)
Example:
{
id = "nixpkgs"; type = "indirect";
}
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.registry.<name>.to
Type: attribute set of (string or signed integer or boolean or path or package)
Example:
{
owner = "my-org"; repo = "my-nixpkgs"; type = "github";
}
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings
Type: attribute set of (Nix config atom (null, bool, int, float, str, path or package) or list of (Nix config atom (null, bool, int, float, str, path or package)))
Default:
{
}
Example:
{ use-sandbox = true; show-trace = true; system-features = [ "big-parallel" "kvm" "recursive-nix" ]; sandbox-paths = { "/bin/sh" = "${pkgs.busybox-sandbox-shell.out}/bin/busybox"; }; }
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.allowed-users
Type: list of string
Default:
[
"*"
]
Example:
[
"@wheel" "@builders" "alice" "bob"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.auto-optimise-store
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.cores
Type: signed integer
Default: 0
Example: 64
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.extra-sandbox-paths
Type: list of string
Default:
[
]
Example:
[
"/dev" "/proc"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.max-jobs
Type: signed integer or value "auto" (singular enum)
Default: "auto"
Example: 64
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.require-sigs
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.sandbox
Type: boolean or value "relaxed" (singular enum)
Default: true
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.substituters
Type: list of string
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.system-features
Type: list of string
Example:
[
"kvm" "big-parallel" "gccarch-skylake"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.trusted-public-keys
Type: list of string
Example:
[
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.trusted-substituters
Type: list of string
Default:
[
]
Example:
[
"https://hydra.nixos.org/"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nix.settings.trusted-users
Type: list of string
Default:
[
"root"
]
Example:
[
"root" "alice" "@wheel"
]
Declared by:
<nixpkgs/nixos/modules/services/misc/nix-daemon.nix>
|
nixpkgs.buildPlatform
Type: string or (attribute set)
Default: config.nixpkgs.hostPlatform
Example:
{
config = "x86_64-unknown-linux-gnu"; system = "x86_64-linux";
}
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.config
Type: nixpkgs config
Default:
{
}
Example:
{ allowBroken = true; allowUnfree = true; }
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.crossSystem
Type: null or (attribute set)
Default: null
Example:
{
config = "aarch64-unknown-linux-gnu"; system = "aarch64-linux";
}
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.hostPlatform
Type: string or (attribute set)
Default: (import "${nixos}/../lib").lib.systems.examples.aarch64-multiplatform
Example:
{
config = "aarch64-unknown-linux-gnu"; system = "aarch64-linux";
}
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.localSystem
Type: attribute set
Default: (import "${nixos}/../lib").lib.systems.examples.aarch64-multiplatform
Example:
{
config = "aarch64-unknown-linux-gnu"; system = "aarch64-linux";
}
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.overlays
Type: list of (nixpkgs overlay)
Default:
[
]
Example:
[ (self: super: { openssh = super.openssh.override { hpnSupport = true; kerberos = self.libkrb5; }; }) ]
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.pkgs
Type: An evaluation of Nixpkgs; the top level attribute set of packages
Default:
import "${nixos}/.." { inherit (cfg) config overlays localSystem crossSystem; }
Example: import <nixpkgs> {}
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
nixpkgs.system
Type: string
Default:
{
_type = "literalMD"; text = "Traditionally `builtins.currentSystem`, but unset when invoking NixOS through `lib.nixosSystem`.\n";
}
Example: "i686-linux"
Declared by:
<nixpkgs/nixos/modules/misc/nixpkgs.nix>
|
os.channel-registration.enable
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/installer/cd-dvd/channel.nix>
|
osctl.exporter.enable
Enable osctl-exporter.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/osctl-exporter.nix>
|
osctl.exporter.listenAddress
Address to listen on.
Type: string
Default: "0.0.0.0"
Declared by:
<vpsadminos/os/modules/osctl/osctl-exporter.nix>
|
osctl.exporter.port
Port to listen on.
Type: signed integer
Default: 9101
Declared by:
<vpsadminos/os/modules/osctl/osctl-exporter.nix>
|
osctl.exportfs.enable
Enable osctl-exportfs integration.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/osctl-exportfs.nix>
|
osctl.pools
osctl pools to configure
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers
osctl containers to include
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.arch
Architecture of the distribution to install, must be compatible with the host's architecture.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.autostart
Autostart options See also https://vpsadminos.org/containers/auto-starting/
Type: null or (submodule)
Default: null
Example:
{
delay = 5; enable = true; priority = 1000;
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.autostart.enable
Whether to enable Enable container autostart.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.autostart.delay
Autostart delay
Type: positive integer, meaning >0
Default: 5
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.autostart.priority
Autostart priority
Type: positive integer, meaning >0
Default: 1000
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams
CGroup parameters See also https://vpsadminos.org/containers/resources/
Type: list of (submodule)
Default:
[
]
Example:
[
{
name = "memory.limit_in_bytes"; subsystem = "memory"; value = "10G";
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams.*.name
CGroup parameter name
Type: string
Example: "memory.limit_in_bytes"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams.*.subsystem
CGroup subsystem name. If left empty, it is deduced from cgroup parameter name.
Type: string
Default: ""
Example: "memory"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams.*.value
CGroup parameter value
Type: string
Example: "10G"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.cgparams.*.version
CGroup parameter version
Type: one of 1, 2
Default: 1
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.config
A specification of the desired configuration of this container, as a NixOS module.
Type: Toplevel NixOS config
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices
Devices allowed in this group See also https://vpsadminos.org/containers/devices/
Type: list of (submodule)
Default:
[
]
Example:
[
{
major = 10; minor = 229; mode = "rw"; name = "/dev/fuse";
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.major
Device major ID
Type: string
Example: "229"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.minor
Device minor ID
Type: string
Example: "10"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.mode
Device access mode.
r
for read, w
for write
and m
for mknod.
Type: one of "r", "rw", "w", "m", "wm", "rm", "rwm"
Example: "rwm"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.name
Device name
Type: string
Default: ""
Example: "/dev/fuse"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.provide
Determines whether the device should be provided to descendant groups, i.e. whether they should inherit it.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.devices.*.type
Device type
Type: one of "char", "block"
Example: "char"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.distribution
Name of the distribution to install.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.group
Name of an osctl group declared by osctl.groups
that
the container belongs to.
Type: string
Default: "/default"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.on-create
on-create
hook is run in the host's namespace
after the container was created and configured, but before it is
started. The script hook's exit status is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.on-start
on-start
is run in the host's namespace, after
the container has been mounted and right before its init process is
executed. If on-start
exits with a non-zero
status, the container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.on-stop
on-stop
is run in the host's namespace when the
container enters state stopping
. The hook's exit
status is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.post-create
post-create
hook is run in the host's namespace
after the container was created, configured and started. The script
hook's exit status is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.post-mount
post-mount
is run in the container's mount
namespace, after its rootfs and all LXC mount entries are mounted.
The path to the container's runtime rootfs is in environment variable
OSCTL_CT_ROOTFS_MOUNT
. If
post-mount
exits with a non-zero status, the
container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.post-start
post-start
is run in the host's namespace after
the container entered state running
. The
container's init PID is passed in environment varible
OSCTL_CT_INIT_PID
. The script hook's exit status
is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.post-stop
post-stop
is run in the host's namespace when
the container enters state stopped
. The hook's
exit status is not evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.pre-create
pre-create
hook is run in the host's namespace
before the container is created. If pre-create
exits with status `1`, the creation attempt will be aborted
and retried repeatedly, as the container's runit service restarts
until the hook script exits with `0`. If
pre-create
exits with status `2`, the container
will not be created and the runit service will not be automatically
restarted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.pre-mount
pre-mount
is run in the container's mount
namespace, before its rootfs is mounted. The path to the container's
runtime rootfs is in environment variable
OSCTL_CT_ROOTFS_MOUNT
. If
pre-mount
exits with a non-zero status, the
container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.pre-start
pre-start
hook is run in the host's namespace
before the container is mounted. The container's cgroups have
already been configured and distribution-support code has been run.
If pre-start
exits with a non-zero status, the
container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.pre-stop
pre-stop
hook is run in the host's namespace when
the container is being stopped using ct stop
. If
pre-stop
exits with a non-zero exit status,
the container will not be stopped. This hook is not called when the
container is shutdown from the inside.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.veth-down
veth-down
hook is run in the host's namespace
when the veth pair is removed. Names of the removed veth interfaces
are available in environment variables
OSCTL_HOST_VETH
and
OSCTL_CT_VETH
. The hook's exit status is not
evaluated.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.hooks.veth-up
veth-up
hook is run in the host's namespace when
the veth pair is created. Names of created veth interfaces are
available in environment variables OSCTL_HOST_VETH
and OSCTL_CT_VETH
. If veth-up
exits with a non-zero status, the container's start is aborted.
Type: null or path
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.image.path
Path to container image.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.image.repository
Name of the remote repository the container image is searched in.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces
Network interface configuration See also https://vpsadminos.org/user-guide/networking/
Type: list of (submodule)
Default:
[
]
Example:
[
{
ipv4 =
{
addresses =
[
{
address = "10.0.0.1"; prefixLength = 16;
}
]
;
}
; link = "lxcbr0"; name = "eth0"; type = "bridge";
}
{
ipv4 =
{
addresses =
[
{
address = "172.17.66.66"; prefixLength = 32;
}
]
;
}
; ipv6 =
{
addresses =
[
{
address = "2a03:3b40:7:667::1"; prefixLength = 64;
}
]
;
}
; name = "eth1"; type = "routed";
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.dhcp
Determines whether the interface is configured using DHCP client within the container, (type = "bridge" only)
Type: null or boolean
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.hwaddr
Network interface hardware address
Type: string
Default: ""
Example: "52:54:00:2d:09:26"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.addresses
List of IPv4 addresses that will be statically assigned to the interface.
Type: list of (submodule)
Default:
[
]
Example:
[
{
address = "10.0.0.1"; prefixLength = 16;
}
{
address = "192.168.1.1"; prefixLength = 24;
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.addresses.*.address
IPv4 address.
Type: string
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.addresses.*.prefixLength
Subnet mask of the address, specified as the number of
bits in the prefix (24
).
Type: signed integer
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.gateway
IPv4 gateway for statically configured bridged interfaces.
Set to auto
to use the primary address from
the linked interface, none
to do not set any
gateway or an IPv4 address.
(type = "bridge" only)
Type: string
Default: "auto"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.routes
List of IPv4 addresses that will be routed to the interface.
Type: list of (submodule)
Default:
[
]
Example:
[
{
address = "10.0.0.0"; prefixLength = 16;
}
{
address = "192.168.1.0"; prefixLength = 24;
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.routes.*.address
IPv4 address.
Type: string
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv4.routes.*.prefixLength
Subnet mask of the address, specified as the number of
bits in the prefix (24
).
Type: signed integer
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.addresses
List of IPv6 addresses that will be statically assigned to the interface.
Type: list of (submodule)
Default:
[
]
Example:
[
{
address = "2a03:3b40:7:666::"; prefixLength = 64;
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.addresses.*.address
IPv6 address.
Type: string
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.addresses.*.prefixLength
Subnet mask of the address, specified as the number of
bits in the prefix (64
).
Type: signed integer
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.gateway
IPv6 gateway for statically configured bridged interfaces.
Set to auto
to use the primary address from
the linked interface, none
to do not set any
gateway or an IPv6 address.
(type = "bridge" only)
Type: string
Default: "auto"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.routes
List of IPv6 addresses that will be routed to the interface.
Type: list of (submodule)
Default:
[
]
Example:
[
{
address = "2a03:3b40:7:666::"; prefixLength = 64;
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.routes.*.address
IPv4 address.
Type: string
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.ipv6.routes.*.prefixLength
Subnet mask of the address, specified as the number of
bits in the prefix (24
).
Type: signed integer
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.link
Link this network interface to bridge (type = "bridge" only)
Type: string
Default: ""
Example: "lxcbr0"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.name
Network interface name
Type: string
Example: "eth0"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.interfaces.*.type
Network interface type
Type: one of "bridge", "routed"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts
Container mounts See also https://vpsadminos.org/user-guide/mounts/
Type: list of (submodule)
Default:
[
]
Example:
[
{
fs = "/var/shared"; mountpoint = "/mnt";
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.automount
Mount automatically
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.dataset
Relative path to containers dataset
Type: null or string
Default: null
Example: "subdataset"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.fs
Filesystem mountpoint (host side)
Type: string
Default: ""
Example: "/var/shared"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.mountpoint
Filesystem mountpoint (container side)
Type: string
Example: "/mnt"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.opts
Mount options
Type: string
Default: "bind,create=dir,rw"
Example: "bind,create=dir,rw"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.mounts.*.type
Mount type
Type: value "bind" (singular enum)
Default: "bind"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.nesting
Whether to enable Enable container nesting.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.path
As an alternative to specifying
config
, you can specify the path to
the evaluated NixOS system configuration, typically a
symlink to a system profile.
Type: path
Example: "/nix/var/nix/profiles/containers/webserver"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.as
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.as.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.as.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.core
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.core.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.core.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.cpu
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.cpu.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.cpu.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.data
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.data.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.data.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.fsize
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.fsize.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.fsize.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.memlock
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.memlock.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.memlock.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.msgqueue
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.msgqueue.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.msgqueue.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nice
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nice.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nice.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nofile
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default:
{
hard = 1048576; soft = 1024;
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nofile.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nofile.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nproc
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nproc.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.nproc.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rss
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rss.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rss.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rtprio
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rtprio.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rtprio.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rttime
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rttime.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.rttime.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.sigpending
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.sigpending.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.sigpending.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.stack
Process resource limit, see man prlimit(2) and https://vpsadminos.org/containers/resources/#process-resource-limits
Type: null or (submodule)
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.stack.hard
Hard limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.prlimits.stack.soft
Soft limit
Type: positive integer, meaning >0 or value "unlimited" (singular enum)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.resolvers
List of nameservers
Type: list of string
Default:
[
]
Example:
[
"1.1.1.1" "10.0.0.1"
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.seccomp
Path to seccomp profile
Type: string
Default: ""
Example: "/run/osctl/configs/lxc/common.seccomp"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.startMenu
Start menu options
Type: null or (submodule)
Default:
{
enable = true;
}
Example:
{
enable = true; timeout = 5;
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.startMenu.enable
Whether to enable Enable container start menu.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.startMenu.timeout
Number of seconds before the system is automatically started
Type: positive integer, meaning >0
Default: 5
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.user
Name of an osctl user declared by osctl.users
that
the container belongs to. If not provided, a new user is created with
its name matching the container ID. If such user already exists, it
is used instead.
Type: null or string
Default: null
Example: "myuser01"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.variant
Template variant for use with osctl remote repositories.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.vendor
Template vendor for use with osctl remote repositories.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.containers.<name>.version
Version of the distribution to install.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.destroyMethod
If set to manual
, the garbage collector has to be
run manually for every pool by the user by calling script
gc-sweep-‹pool
. When set to auto
,
the garbage collector is run in the background by runit service
gc-<pool>
. Options
osctl.pools.<pool>.pure
and
osctl.pools.<pool>.destroyUndeclared
are honored
in the automated mode. Destructive operations using the manual
invocation have to be enabled using command-line options.
Type: one of "manual", "auto"
Default: "manual"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.destroyUndeclared
Determines whether declarative users, groups and containers removed from Nix configuration should be deleted from the system or not. When turned off, undeclared containers are stopped, but not destroyed. When enabled, undeclared containers, groups and users are destroyed. WARNING: enabling this option is dangerous, as it will irreversibly destroy containers that are not defined by the current system. For example, if you temporarily roll back the system for whatever reason, containers that were not declared in the older version will be destroyed.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups
osctl groups to include.
In addition to groups defined by this options, there are always two
groups present: /
and /default
.
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams
CGroup parameters See also https://vpsadminos.org/containers/resources/
Type: list of (submodule)
Default:
[
]
Example:
[
{
name = "memory.limit_in_bytes"; subsystem = "memory"; value = "10G";
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams.*.name
CGroup parameter name
Type: string
Example: "memory.limit_in_bytes"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams.*.subsystem
CGroup subsystem name. If left empty, it is deduced from cgroup parameter name.
Type: string
Default: ""
Example: "memory"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams.*.value
CGroup parameter value
Type: string
Example: "10G"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.cgparams.*.version
CGroup parameter version
Type: one of 1, 2
Default: 1
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices
Devices allowed in this group See also https://vpsadminos.org/containers/devices/
Type: list of (submodule)
Default:
[
]
Example:
[
{
major = 10; minor = 229; mode = "rw"; name = "/dev/fuse";
}
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.major
Device major ID
Type: string
Example: "229"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.minor
Device minor ID
Type: string
Example: "10"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.mode
Device access mode.
r
for read, w
for write
and m
for mknod.
Type: one of "r", "rw", "w", "m", "wm", "rm", "rwm"
Example: "rwm"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.name
Device name
Type: string
Default: ""
Example: "/dev/fuse"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.provide
Determines whether the device should be provided to descendant groups, i.e. whether they should inherit it.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.groups.<name>.devices.*.type
Device type
Type: one of "char", "block"
Example: "char"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges
ID ranges are used to track user/group ID allocations into user namespace maps. There is one default ID range on each pool, with the possibility of creating custom ID ranges. User namespace maps allocated from one ID range are guaranteed to be unique, i.e. no two containers can share the same user/group IDs, making them isolated. Created ID ranges cannot be declaratively modified. Delete them manually or using the garbage collector, then recreate them if changes are needed.
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.blockCount
How many blocks from
osctl.pools.<pool>.idRanges.<range>.startId
should the range include. Defines the maximum number of user namespace
maps that can be allocated from this range.
Type: unsigned integer, meaning >=0
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.blockSize
Number of user/group IDs that make up the minimum allocation unit
Type: unsigned integer, meaning >=0
Default: 65536
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.startId
The first user/group ID
Type: unsigned integer, meaning >=0
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.table
Allocate blocks from the range. Allocated blocks removed from configuration will not be automatically freed.
Type: list of (submodule)
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.table.*.count
Number of blocks to allocate
Type: unsigned integer, meaning >=0
Default: 1
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.table.*.index
Index of the starting block
Type: unsigned integer, meaning >=0
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.idRanges.<name>.table.*.owner
Optional allocation owner
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.parallelStart
Number of containers to start in parallel during pool import.
Type: positive integer, meaning >0
Default: 2
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.parallelStop
Number of containers to stop in parallel during pool export.
Type: positive integer, meaning >0
Default: 4
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.pure
Determines whether the pool contains only users, groups and containers declared by Nix configuration. Users, groups and containers that are not declared are deleted when found. WARNING: enabling this option will cause all manually created containers, groups and users to be irreversibly destroyed, with any data they contained.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.repositories
Remote osctl repositories for container images
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.repositories.<name>.enabled
Enable/disable the repository.
Disabled repositories are included in the system, but they are not
search for images until reenabled, which may be done manually
using osctl
.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.repositories.<name>.url
HTTP URL to the remote repository
Type: string
Example: "https://images.vpsadminos.org"
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users
osctl users to include
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users.<name>.gidMap
GID mapping for the user namespace, see man subgid(5).
Type: list of string
Default:
[
]
Example:
[
"0:666000:65536"
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users.<name>.idRange.blockIndex
Block index from the ID range that should be used to create UID/GID mapping.
Type: null or unsigned integer, meaning >=0
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users.<name>.idRange.name
Name of an ID range from the same pool that should be used to allocate UID/GID IDs.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.pools.<name>.users.<name>.uidMap
UID mapping for the user namespace, see man subuid(5).
Type: list of string
Default:
[
]
Example:
[
"0:666000:65536"
]
Declared by:
<vpsadminos/os/modules/osctl/pools.nix>
|
osctl.test-shell.enable
Enable test shell integration.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/osctl/test-shell.nix>
|
osctld.settings
osctld configuration options
Type: JSON value
Default:
{
}
Declared by:
<vpsadminos/os/modules/osctl/osctld.nix>
|
powerManagement.cpuFreqGovernor
CPU frequency scaling governor to use
Type: string
Default: "performance"
Example: "ondemand"
Declared by:
<vpsadminos/os/modules/tasks/cpu-freq.nix>
|
programs.bash.enableCompletion
Type: boolean
Default: true
Example: true
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash-completion.nix>
|
programs.bash.interactiveShellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.loginShellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.promptInit
Type: strings concatenated with "\n"
Default:
'' # Provide a nice prompt if the terminal supports it. if [ "$TERM" != "dumb" ] || [ -n "$INSIDE_EMACS" ]; then PROMPT_COLOR="1;31m" ((UID)) && PROMPT_COLOR="1;32m" if [ -n "$INSIDE_EMACS" ] || [ "$TERM" = "eterm" ] || [ "$TERM" = "eterm-color" ]; then # Emacs term mode doesn't support xterm title escape sequence (\e]0;) PS1="\n\[\033[$PROMPT_COLOR\][\u@\h:\w]\\$\[\033[0m\] " else PS1="\n\[\033[$PROMPT_COLOR\][\[\e]0;\u@\h: \w\a\]\u@\h:\w]\\$\[\033[0m\] " fi if test "$TERM" = "xterm"; then PS1="\[\033]2;\h:\u:\w\007\]$PS1" fi fi ''
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.root.historyControl
Controlling how commands are saved on the history list.
Type: list of (one of "erasedups", "ignoredups", "ignorespace")
Default:
[
]
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historyFile
Location of the bash history file.
Type: string
Default: "$HOME/.bash_history"
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historyFileSize
Number of history lines to keep on file.
Type: signed integer
Default: 100000
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historyIgnore
List of commands that should not be saved to the history list.
Type: list of string
Default:
[
]
Example:
[
"ls" "cd" "exit"
]
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historyPools
Names of ZFS pools where programs.bash.root.historyFile
is mirrored.
If the root file system is not persistent, shell history is lost
between reboots. It's not recommented to set
programs.bash.root.historyFile
to a location on
ZFS pools, because in case of its failure interactive shell sessions
would hang while trying to load the history file.
It is better to mirror the history file while possible, but its
inaccessibility will not prevent bash from working. The history file
is restored from the persistent storage during boot.
Type: list of string
Default:
[
]
Example:
[
"tank"
]
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.historySize
Number of history lines to keep in memory.
Type: signed integer
Default: 10000
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.root.shellOptions
Shell options to set.
Type: list of string
Default:
[
"histappend" "checkwinsize" "extglob" "globstar" "checkjobs"
]
Declared by:
<vpsadminos/os/modules/programs/bash.nix>
|
programs.bash.shellAliases
Type: attribute set of (null or string or path)
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.bash.shellInit
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/programs/bash/bash.nix>
|
programs.htop.enable
Enable htop
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/programs/htop.nix>
|
programs.less.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.clearDefaultCommands
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.commands
Type: attribute set of string
Default:
{
}
Example:
{
h = ''noaction 5\e(''; l = ''noaction 5\e)'';
}
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.configFile
Type: null or path
Default: null
Example: "${pkgs.my-configs}/lesskey"
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.envVariables
Type: attribute set of string
Default:
{
LESS = "-R";
}
Example:
{
LESS = "--quit-if-one-screen";
}
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.lessclose
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.lessopen
Type: null or string
Default: "|${pkgs.lesspipe}/bin/lesspipe.sh %s"
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.less.lineEditingKeys
Type: attribute set of string
Default:
{
}
Example:
{
e = "abort";
}
Declared by:
<nixpkgs/nixos/modules/programs/less.nix>
|
programs.ssh.enableAskPassword
Type: boolean
Default: config.services.xserver.enable
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.package
Type: package
Default: pkgs.openssh
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.agentPKCS11Whitelist
Type: null or string
Default: null
Example: "${pkgs.opensc}/lib/opensc-pkcs11.so"
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.agentTimeout
Type: null or string
Default: null
Example: "1h"
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.askPassword
Type: string
Default: "${pkgs.x11_ssh_askpass}/libexec/x11-ssh-askpass"
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.ciphers
Type: null or (list of string)
Default: null
Example:
[
"chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com"
]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.forwardX11
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.hostKeyAlgorithms
Type: list of string
Default:
[
]
Example:
[
"ssh-ed25519" "ssh-rsa"
]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.kexAlgorithms
Type: null or (list of string)
Default: null
Example:
[
"curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256"
]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts
Type: attribute set of (submodule)
Default:
{
}
Example:
{ myhost = { extraHostNames = [ "myhost.mydomain.com" "10.10.1.4" ]; publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub; }; "myhost2.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIRuJ8p1Fi+m6WkHV0KWnRfpM1WxoW8XAS+XvsSKsTK"; "myhost2.net/dsa" = { hostNames = [ "myhost2.net" ]; publicKeyFile = ./pubkeys/myhost2_ssh_host_dsa_key.pub; }; }
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.certAuthority
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.extraHostNames
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.hostNames
Type: list of string
Default: [ ‹name› ] ++ config.programs.ssh.knownHosts.<name>.extraHostNames
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.publicKey
Type: null or string
Default: null
Example: "ecdsa-sha2-nistp521 AAAAE2VjZHN...UEPg=="
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHosts.<name>.publicKeyFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.knownHostsFiles
Type: list of path
Default:
[
]
Example:
[ ./known_hosts (writeText "github.keys" '' github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl '') ]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.macs
Type: null or (list of string)
Default: null
Example:
[
"hmac-sha2-512-etm@openssh.com" "hmac-sha1"
]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.pubkeyAcceptedKeyTypes
Type: list of string
Default:
[
]
Example:
[
"ssh-ed25519" "ssh-rsa"
]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.setXAuthLocation
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
<nixpkgs/nixos/modules/programs/ssh.nix>
|
programs.ssh.startAgent
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
runit.defaultRunlevel
Name of a runlevel that is entered by default on boot.
Type: string
Default: "default"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services
System services
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.check
Called to check service status.
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.alarm
Override runsv control for alarm
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.continue
Override runsv control for continue
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.down
Override runsv control for down
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.exit
Override runsv control for exit
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.hangup
Override runsv control for hangup
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.intr
Override runsv control for intr
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.kill
Override runsv control for kill
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.pause
Override runsv control for pause
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.quit
Override runsv control for quit
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.terminate
Override runsv control for terminate
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.up
Override runsv control for up
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.usr1
Override runsv control for usr1
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.control.usr2
Override runsv control for usr2
If the script exits with 0
, runsv refrains from sending
the service the corresponding signal. See man runsv(8) for more information.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.finish
Called after services.runit.<service>.run
exits.
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.includeHelpers
Include helper functions, see ./helpers.sh
.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.killMode
Specifies how should processes started by this service be killed.
If set to control-group
, all processes are sent
SIGTERM
. If set to process
,
only the main process receives SIGTERM
.
Type: one of "control-group", "process"
Default: "control-group"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.enable
Whether to enable Start svlogd for the service..
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.linePrefix
Tells svlogd to prefix each line to be written to the log directory, to standard error, or through UDP. If not set, it is set to include machine hostname and service name.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.logFiles
Sets the number of old log files svlogd should maintain. If svlogd sees more old log files in log after log file rotation, it deletes the oldest one. Default is 10. If set to zero, svlogd doesn’t remove old log files.
Type: unsigned integer, meaning >=0
Default: 10
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.logStandardError
Log messages the service writes to stderr.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.maxFileSize
Sets the maximum file size of current when svlogd should rotate the current log file to size bytes. Default is 1000000. If fileSize is zero, svlogd doesn’t rotate log files.
Type: unsigned integer, meaning >=0
Default: 1000000
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.minLogFiles
Sets the minimum number of old log files svlogd should maintain. It must be less than logFiles. If it is set, and svlogd cannot write to current because the filesystem is full, and it sees more than minLogFiles old log files, it deletes the oldest one.
Type: unsigned integer, meaning >=0
Default: 0
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.run
Called to start log service.
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.sendOnly
Send messages only via UDP, don't store them in the log directory.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.sendTo
Tells svlogd to transmit the first len characters of selected log messages to the IP address a.b.c.d, port number port. If port isn’t set, the default port for syslog is used (514). len can be set through the -l option, see below. If svlogd has trouble sending udp packets, it writes error messages to the log directory. Attention: logging through udp is unreliable, and should be used in private networks only.
Type: string
Default: ""
Example: "a.b.c.d[:port]"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.log.timeout
Sets the maximum age of the current log file when svlogd should rotate the current log file to timeout seconds. If current is timeout seconds old, and is not empty, svlogd forces log file rotation.
Type: unsigned integer, meaning >=0
Default: 0
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.onChange
The action switch-to-configuration should perform when the service is changed.
Type: one of "restart", "reload", "ignore"
Default: "restart"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.oneShot
Oneshot services are used to perform one-time tasks, there are no long-running processes monitored by runsv. Oneshot services are not restarted after they successfully exit.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.reloadMethod
Defines how should the service be reloaded. The value is the command given to runit's sv. See man sv(8) for available options.
Type: string
Default: "reload"
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.run
Called to start the service.
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.services.<name>.runlevels
Runlevels the service is started in.
Type: list of string
Default:
[
"default"
]
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.stage1
runit runs /etc/runit/1 and waits for it to terminate. The system’s one time tasks are done here. /etc/runit/1 has full control of /dev/console to be able to start an emergency shell if the one time initialization tasks fail. If /etc/runit/1 crashes, or exits 100, runit will skip stage 2 and enter stage 3.
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.stage2
runit runs /etc/runit/2, which should not return until system shutdown; if it crashes, or exits 111, it will be restarted. Normally /etc/runit/2 starts runsvdir(8). runit is able to handle the ctrl-alt-del keyboard request in stage 2.
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
runit.stage3
If runit is told to shutdown the system, or stage 2 returns, it terminates stage 2 if it is running, and runs /etc/runit/3. The systems tasks to shutdown and possibly halt or reboot the system are done here. If stage 3 returns, runit checks if the file /etc/runit/reboot exists and has the execute by owner permission set. If so, the system is rebooted, it’s halted otherwise.
Type: string
Declared by:
<vpsadminos/os/modules/system/boot/runit>
|
security.apparmor.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.enableCache
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.packages
Type: list of package
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.includes
Type: attribute set of strings concatenated with "\n"
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.killUnconfinedConfinables
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.policies
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.policies.<name>.enable
Type: boolean
Default: true
Example: false
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.policies.<name>.enforce
Type: boolean
Default: true
Example: false
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.apparmor.policies.<name>.profile
Type: strings concatenated with "\n"
Declared by:
<nixpkgs/nixos/modules/security/apparmor.nix>
|
security.pam.enableEcryptfs
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableFscrypt
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableOTPW
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.enableSSHAgentAuth
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.krb5.enable
Type: boolean
Default: config.krb5.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits
Type: list of (submodule)
Default:
[
]
Example:
[
{
domain = "ftp"; item = "nproc"; type = "hard"; value = "0";
}
{
domain = "@student"; item = "maxlogins"; type = "-"; value = "4";
}
]
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits.*.domain
Type: string
Example: "@wheel"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits.*.item
Type: one of "core", "data", "fsize", "memlock", "nofile", "rss", "stack", "cpu", "nproc", "as", "maxlogins", "maxsyslogins", "priority", "locks", "sigpending", "msgqueue", "nice", "rtprio"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits.*.type
Type: one of "-", "hard", "soft"
Default: "-"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.loginLimits.*.value
Type: string or signed integer
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.makeHomeDir.skelDirectory
Type: string
Default: "/var/empty"
Example: "/etc/skel"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.mount.enable
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
security.pam.oath.enable
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
security.pam.p11.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.p11.control
Type: one of "required", "requisite", "sufficient", "optional"
Default: "sufficient"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.enableAppArmor
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.enableGnomeKeyring
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.enableKwallet
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.allowNullPassword
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.duoSecurity.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.failDelay.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.failDelay.delay
Type: signed integer
Default: 3000000
Example: 1000000
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.forwardXAuth
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.fprintAuth
Type: boolean
Default: config.services.fprintd.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.gnupg.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.gnupg.noAutostart
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.gnupg.storeOnly
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.googleAuthenticator.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.googleOsLoginAccountVerification
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.googleOsLoginAuthentication
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits
Type: list of (submodule)
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits.*.domain
Type: string
Example: "@wheel"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits.*.item
Type: one of "core", "data", "fsize", "memlock", "nofile", "rss", "stack", "cpu", "nproc", "as", "maxlogins", "maxsyslogins", "priority", "locks", "sigpending", "msgqueue", "nice", "rtprio"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits.*.type
Type: one of "-", "hard", "soft"
Default: "-"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.limits.*.value
Type: string or signed integer
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.logFailures
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.makeHomeDir
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.mysqlAuth
Type: boolean
Default: config.users.mysql.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.name
Type: string
Example: "sshd"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.nodelay
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.oathAuth
Type: boolean
Default: config.security.pam.oath.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.otpwAuth
Type: boolean
Default: config.security.pam.enableOTPW
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.p11Auth
Type: boolean
Default: config.security.pam.p11.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.pamMount
Type: boolean
Default: config.security.pam.mount.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.requireWheel
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.rootOK
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.setEnvironment
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.setLoginUid
Type: boolean
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.showMotd
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.sshAgentAuth
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.sssdStrictAccess
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.startSession
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.text
Type: null or strings concatenated with "\n"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.ttyAudit.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.ttyAudit.enablePattern
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.ttyAudit.disablePattern
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.ttyAudit.openOnly
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.u2fAuth
Type: boolean
Default: config.security.pam.u2f.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.unixAuth
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.updateWtmp
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.usbAuth
Type: boolean
Default: config.security.pam.usb.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.usshAuth
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.services.<name>.yubicoAuth
Type: boolean
Default: config.security.pam.yubico.enable
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.appId
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.authFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.control
Type: one of "required", "requisite", "sufficient", "optional"
Default: "sufficient"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.cue
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.debug
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.interactive
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.u2f.origin
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.usb.enable
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
security.pam.ussh.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.authorizedPrincipals
Type: null or strings concatenated with ","
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.authorizedPrincipalsFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.caFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.control
Type: one of "required", "requisite", "sufficient", "optional"
Default: "sufficient"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.ussh.group
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.challengeResponsePath
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.control
Type: one of "required", "requisite", "sufficient", "optional"
Default: "sufficient"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.debug
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.id
Type: string
Example: "42"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pam.yubico.mode
Type: one of "client", "challenge-response"
Default: "client"
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
security.pki.caCertificateBlacklist
Type: list of string
Default:
[
]
Example:
[
"WoSign" "WoSign China" "CA WoSign ECC Root" "Certification Authority of WoSign G2"
]
Declared by:
<nixpkgs/nixos/modules/security/ca.nix>
|
security.pki.certificateFiles
Type: list of path
Default:
[
]
Example: [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ]
Declared by:
<nixpkgs/nixos/modules/security/ca.nix>
|
security.pki.certificates
Type: list of string
Default:
[
]
Example:
[ '' NixOS.org ========= -----BEGIN CERTIFICATE----- MIIGUDCCBTigAwIBAgIDD8KWMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 ... -----END CERTIFICATE----- '' ]
Declared by:
<nixpkgs/nixos/modules/security/ca.nix>
|
security.sudo.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.package
Type: package
Default: pkgs.sudo
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.configFile
Type: strings concatenated with "\n"
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.execWheelOnly
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules
Type: list of (submodule)
Default:
[
]
Example:
[ # Allow execution of any command by all users in group sudo, # requiring a password. { groups = [ "sudo" ]; commands = [ "ALL" ]; } # Allow execution of "/home/root/secret.sh" by user `backup`, `database` # and the group with GID `1006` without a password. { users = [ "backup" "database" ]; groups = [ 1006 ]; commands = [ { command = "/home/root/secret.sh"; options = [ "SETENV" "NOPASSWD" ]; } ]; } # Allow all users of group `bar` to run two executables as user `foo` # with arguments being pre-set. { groups = [ "bar" ]; runAs = "foo"; commands = [ "/home/baz/cmd1.sh hello-sudo" { command = ''/home/baz/cmd2.sh ""''; options = [ "SETENV" ]; } ]; } ]
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.commands
Type: list of (string or (submodule))
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.groups
Type: list of (string or signed integer)
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.host
Type: string
Default: "ALL"
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.runAs
Type: string
Default: "ALL:ALL"
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.extraRules.*.users
Type: list of (string or signed integer)
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.sudo.wheelNeedsPassword
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/security/sudo.nix>
|
security.virtualisation
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
security.wrapperDirSize
Type: string
Default: "50%"
Example: "10G"
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers
Type: attribute set of (submodule)
Default:
{
}
Example:
{ # a setuid root program doas = { setuid = true; owner = "root"; group = "root"; source = "${pkgs.doas}/bin/doas"; }; # a setgid program locate = { setgid = true; owner = "root"; group = "mlocate"; source = "${pkgs.locate}/bin/locate"; }; # a program with the CAP_NET_RAW capability ping = { owner = "root"; group = "root"; capabilities = "cap_net_raw+ep"; source = "${pkgs.iputils.out}/bin/ping"; }; }
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.capabilities
Type: strings concatenated with ","
Default: ""
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.group
Type: string
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.owner
Type: string
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.permissions
Type: file mode string
Default: "u+rx,g+x,o+x"
Example: "a+rx"
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.program
Type: null or string
Default: "‹name›"
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.setgid
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.setuid
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
security.wrappers.<name>.source
Type: path
Declared by:
<nixpkgs/nixos/modules/security/wrappers/default.nix>
|
services.apcupsd.enable
Whether to enable the APC UPS daemon. apcupsd monitors your UPS and permits orderly shutdown of your computer in the event of a power failure. User manual: http://www.apcupsd.com/manual/manual.html. Note that apcupsd runs as root (to allow shutdown of computer). You can check the status of your UPS with the "apcaccess" command.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/monitoring/apcupsd.nix>
|
services.apcupsd.configText
Contents of the runtime configuration file, apcupsd.conf. The default settings makes apcupsd autodetect USB UPSes, limit network access to localhost and shutdown the system when the battery level is below 50 percent, or when the UPS has calculated that it has 5 minutes or less of remaining power-on time. See man apcupsd.conf for details.
Type: strings concatenated with "\n"
Default:
'' UPSTYPE usb NISIP 127.0.0.1 BATTERYLEVEL 50 MINUTES 5 ''
Declared by:
<vpsadminos/os/modules/services/monitoring/apcupsd.nix>
|
services.apcupsd.hooks
Each attribute in this option names an apcupsd event and the string value it contains will be executed in a shell, in response to that event (prior to the default action). See "man apccontrol" for the list of events and what they represent. A hook script can stop apccontrol from doing its default action by exiting with value 99. Do not do this unless you know what you're doing.
Type: attribute set of strings concatenated with "\n"
Default:
{
}
Example:
{
doshutdown = "# shell commands to notify that the computer is shutting down";
}
Declared by:
<vpsadminos/os/modules/services/monitoring/apcupsd.nix>
|
services.avahi
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.bird2.enable
Whether to enable BIRD Internet Routing Daemon.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.checkConfig
Whether the config should be checked at build time.
When the config can't be checked during build time, for example when it includes
other files, either disable this option or use preCheckConfig
to create
the included files before checking.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.config
BIRD Internet Routing Daemon configuration file. http://bird.network.cz/
Type: strings concatenated with "\n"
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.group
Group the bird daemon runs as
Type: string (read only)
Default: "bird2"
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.preCheckConfig
Commands to execute before the config file check. The file to be checked will be
available as bird2.conf
in the current directory.
Files created with this option will not be available at service runtime, only during
build time checking.
Type: strings concatenated with "\n"
Default: ""
Example:
'' echo "cost 100;" > include.conf ''
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.preStartCommands
Commands executed before the bird daemon is started
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.bird2.user
User the bird daemon runs as
Type: string (read only)
Default: "bird2"
Declared by:
<vpsadminos/os/modules/services/networking/bird.nix>
|
services.build-vpsadminos-container-image-repository
This module provides interface for building vpsAdminOS container image repositories in a virtual machine running vpsAdminOS.
Type: attribute set of (submodule)
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.enable
Whether to enable Enable the systemd service for this repository .
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.buildScripts
Build scripts for use with osctl-image
Type: package
Default: (build of source)
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.cacheDirectory
Directory where built images are stored
Type: path
Default: "/var/lib/vpsadminos-container-image-repository/‹name›/cache"
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.logDirectory
Directory where build log files are stored
Type: path
Default: "/var/lib/vpsadminos-container-image-repository/‹name›/log"
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osModules
Modules included in the vpsAdminOS virtual machine
This list should include at least a module which configures option
services.osctl.image-repository.<name>
from vpsAdminOS for the repository of the same name.
Type: list of anything
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks
Disks available within the VM
Type: list of (submodule)
Example:
[
{
create = true; device = "sda.img"; size = "8G"; type = "file";
}
]
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks.*.create
Create the device if it does not exist. Applicable only for file-backed devices.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks.*.device
Path to the disk device
Type: string
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks.*.size
Device size
Type: string
Default: ""
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.osVm.disks.*.type
Device type
Type: one of "file", "blockdev"
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.postRunCommands
Bash commands run after the build VM has exited. It is also run when the built has failed.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.build-vpsadminos-container-image-repository.<name>.repositoryDirectory
Directory where the resulting container image repository is stored
Type: path
Default: "/var/lib/vpsadminos-container-image-repository/‹name›/repository"
Declared by:
<vpsadminos/os/modules/services/misc/build-vpsadminos-container-image-repository/options.nix>
|
services.cgmanager
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.cron.enable
Whether to enable the Vixie cron daemon.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/scheduling/cron.nix>
|
services.cron.cronFiles
A list of extra crontab files that will be read and appended to the main crontab file when the cron service starts.
Type: list of path
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/scheduling/cron.nix>
|
services.cron.mailto
Email address to which job output will be mailed.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/scheduling/cron.nix>
|
services.cron.systemCronJobs
A list of Cron jobs to be appended to the system-wide
crontab. See the manual page for crontab for the expected
format. If you want to get the results mailed you must setuid
sendmail. See security.wrappers
If neither /var/cron/cron.deny nor /var/cron/cron.allow exist only root
will is allowed to have its own crontab file. The /var/cron/cron.deny file
is created automatically for you. So every user can use a crontab.
Many nixos modules set systemCronJobs, so if you decide to disable vixie cron
and enable another cron daemon, you may want it to get its system crontab
based on systemCronJobs.
Type: list of string
Default:
[
]
Example:
[ "* * * * * test ls -l / > /tmp/cronout 2>&1" "* * * * * eelco echo Hello World > /home/eelco/cronout" ]
Declared by:
<vpsadminos/os/modules/services/scheduling/cron.nix>
|
services.dhcpd4.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.authoritative
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.configFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.extraConfig
Type: strings concatenated with "\n"
Default: ""
Example:
'' option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; option routers 192.168.1.5; option domain-name-servers 130.161.158.4, 130.161.33.17, 130.161.180.1; option domain-name "example.org"; subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; } ''
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.extraFlags
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.interfaces
Type: list of string
Default:
[
"eth0"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.machines
Type: list of (submodule)
Default:
[
]
Example:
[
{
ethernetAddress = "00:16:76:9a:32:1d"; hostName = "foo"; ipAddress = "192.168.1.10";
}
{
ethernetAddress = "00:19:d1:1d:c4:9a"; hostName = "bar"; ipAddress = "192.168.1.11";
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.machines.*.ethernetAddress
Type: string
Example: "00:16:76:9a:32:1d"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.machines.*.hostName
Type: string
Example: "foo"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd4.machines.*.ipAddress
Type: string
Example: "192.168.1.10"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.authoritative
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.configFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.extraConfig
Type: strings concatenated with "\n"
Default: ""
Example:
'' option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; option routers 192.168.1.5; option domain-name-servers 130.161.158.4, 130.161.33.17, 130.161.180.1; option domain-name "example.org"; subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; } ''
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.extraFlags
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.interfaces
Type: list of string
Default:
[
"eth0"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.machines
Type: list of (submodule)
Default:
[
]
Example:
[
{
ethernetAddress = "00:16:76:9a:32:1d"; hostName = "foo"; ipAddress = "192.168.1.10";
}
{
ethernetAddress = "00:19:d1:1d:c4:9a"; hostName = "bar"; ipAddress = "192.168.1.11";
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.machines.*.ethernetAddress
Type: string
Example: "00:16:76:9a:32:1d"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.machines.*.hostName
Type: string
Example: "foo"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.dhcpd6.machines.*.ipAddress
Type: string
Example: "192.168.1.10"
Declared by:
<nixpkgs/nixos/modules/services/networking/dhcpd.nix>
|
services.fprintd
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.geoclue2
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.haveged.enable
Whether to enable to haveged entropy daemon, which refills /dev/random when low.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/security/haveged.nix>
|
services.haveged.refill_threshold
The number of bits of available entropy beneath which haveged should refill the entropy pool.
Type: signed integer
Default: 1024
Declared by:
<vpsadminos/os/modules/services/security/haveged.nix>
|
services.live-patches.enable
When enabled, live-patches utility is added to system path along with compiled live patch kernel modules. Note, patches are automatically loaded only upon machine boot, live-patches util has to be called manually to load them when deploying onto a running machine.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/livepatches/default.nix>
|
services.logrotate.enable
Whether to enable Enable log rotation.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.logrotate.extraConfig
Additional text to append to logrotate.conf
Type: string
Default: ""
Example:
'' /var/log/wtmp { monthly minsize 1M create 0664 root utmp rotate 1 } ''
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.logrotate.logFiles
Type: list of (submodule)
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.logrotate.logFiles.*.config
logrotate configuration
Type: string
Example:
'' daily rotate 7 dateext copytruncate notifempty nocompress ''
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.logrotate.logFiles.*.files
Files to rotate
Type: list of string
Example:
[
"/var/log/messages" "/var/log/*.log"
]
Declared by:
<vpsadminos/os/modules/services/logging/logrotate.nix>
|
services.lxcfs.enable
Enable system-wide LXCFS instance
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/virtualisation/lxcfs.nix>
|
services.munin-node.enable
Enable Munin Node agent. Munin node listens on 0.0.0.0 and by default accepts connections only from 127.0.0.1 for security reasons. See http://guide.munin-monitoring.org/en/latest/architecture/index.html.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.disabledPlugins
Munin plugins to disable, even if
munin-node-configure --suggest
tries to enable
them. To disable a wildcard plugin, use an actual wildcard, as in
the example.
munin_stats is disabled by default as it tries to read
/var/log/munin/munin-update.log
for timing
information, and the NixOS build of Munin does not write this file.
Type: list of string
Default:
[
"munin_stats"
]
Example:
[
"diskstats" "zfs_usage_*"
]
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.extraAutoPlugins
Additional Munin plugins to autoconfigure, using
munin-node-configure --suggest
. These should be
the actual paths to the plugin files (or directories containing them),
not just their names.
If you want to manually enable individual plugins instead, use
services.munin-node.extraPlugins
.
Note that only plugins that have the 'autoconfig' capability will do
anything if listed here, since plugins that cannot autoconfigure
won't be automatically enabled by
munin-node-configure
.
Plugins will be copied into the Nix store, and it will attempt to
modify them to run properly by fixing hardcoded references to
/bin
, /usr/bin
,
/sbin
, and /usr/sbin
.
Type: list of path
Default:
[
]
Example:
[ /src/munin-contrib/plugins/zfs /src/munin-contrib/plugins/ssh ];
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.extraConfig
munin-node.conf
extra configuration. See
http://guide.munin-monitoring.org/en/latest/reference/munin-node.conf.html
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.extraPluginConfig
plugin-conf.d
extra plugin configuration. See
http://guide.munin-monitoring.org/en/latest/plugin/use.html
Type: strings concatenated with "\n"
Default: ""
Example:
'' [fail2ban_*] user root ''
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.munin-node.extraPlugins
Additional Munin plugins to activate. Keys are the name of the plugin
symlink, values are the path to the underlying plugin script. You
can use the same plugin script multiple times (e.g. for wildcard
plugins).
Note that these plugins do not participate in autoconfiguration. If
you want to autoconfigure additional plugins, use
services.munin-node.extraAutoPlugins
.
Plugins enabled in this manner take precedence over autoconfigured
plugins.
Plugins will be copied into the Nix store, and it will attempt to
modify them to run properly by fixing hardcoded references to
/bin
, /usr/bin
,
/sbin
, and /usr/sbin
.
Type: attribute set of path
Default:
{
}
Example:
{ zfs_usage_bigpool = /src/munin-contrib/plugins/zfs/zfs_usage_; zfs_usage_smallpool = /src/munin-contrib/plugins/zfs/zfs_usage_; zfs_list = /src/munin-contrib/plugins/zfs/zfs_list; };
Declared by:
<vpsadminos/os/modules/services/monitoring/munin.nix>
|
services.nfs.server.enable
Whether to enable Enable NFS server.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.exports
Contents of the /etc/exports file. See exports(5) for the format.
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.lockdPort
Use a fixed port for the NFS lock manager kernel module
(lockd/nlockmgr
). This is useful if the
NFS server is behind a firewall.
Type: null or signed integer
Default: null
Example: 4001
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.mountdPort
Use fixed port for rpc.mountd, useful if server is behind firewall.
Type: null or signed integer
Default: null
Example: 4002
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.allowedVersions
This option can be used to request that rpc.nfsd offer certain versions of NFS. The current version of rpc.nfsd can support major NFS versions 2,3,4 and the minor versions 4.0, 4.1 and 4.2.
Type: list of (one of "2", "3", "4", "4.0", "4.1", "4.2")
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.disallowedVersions
This option can be used to request that rpc.nfsd does not offer certain versions of NFS. The current version of rpc.nfsd can support major NFS versions 2,3,4 and the minor versions 4.0, 4.1 and 4.2.
Type: list of (one of "2", "3", "4", "4.0", "4.1", "4.2")
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.nproc
Specify the number of NFS server threads. By default, eight threads are started. However, for optimum performance several threads should be used.
Type: positive integer, meaning >0
Default: 8
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.port
Configure port for rpc.nfsd, useful if server is behind firewall.
Type: signed integer
Default: 2049
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.syslog
By default, rpc.nfsd logs error messages (and debug messages, if enabled) to stderr. This option makes rpc.nfsd log these messages to syslog instead. Note that errors encountered during option processing will still be logged to stderr regardless of this option.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.tcp
Instruct the kernel nfs server to open and listen on a TCP socket.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.nfsd.udp
Instruct the kernel nfs server to open and listen on a UDP socket.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nfs.server.statdPort
Use a fixed port for rpc.statd. This is useful if the NFS server is behind a firewall.
Type: null or signed integer
Default: null
Example: 4000
Declared by:
<vpsadminos/os/modules/services/network-filesystems/nfs.nix>
|
services.nscd
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.opensmtpd.enable
Whether to enable the OpenSMTPD server.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.package
The OpenSMTPD package to use.
Type: package
Default: "pkgs.opensmtpd"
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.addSendmailToSystemPath
Whether to add OpenSMTPD's sendmail binary to the system path or not.
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.extraServerArgs
Extra command line arguments provided when the smtpd process is started.
Type: list of string
Default:
[
]
Example:
[
"-v" "-P mta"
]
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.procPackages
Packages to search for filters, tables, queues, and schedulers. Add OpenSMTPD-extras here if you want to use the filters, etc. from that package.
Type: list of package
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.opensmtpd.serverConfiguration
The contents of the smtpd.conf configuration file. See the OpenSMTPD documentation for syntax information.
Type: null or strings concatenated with "\n"
Default: null
Example:
'' listen on lo accept for any deliver to lmtp localhost:24 ''
Declared by:
<vpsadminos/os/modules/services/mail/opensmtpd.nix>
|
services.openssh.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.allowSFTP
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.authorizedKeysCommand
Type: string
Default: "none"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.authorizedKeysCommandUser
Type: string
Default: "nobody"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.authorizedKeysFiles
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.banner
Type: null or strings concatenated with "\n"
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.ciphers
Type: list of string
Default:
[
"chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" "aes128-gcm@openssh.com" "aes256-ctr" "aes192-ctr" "aes128-ctr"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.forwardX11
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.gatewayPorts
Type: string
Default: "no"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.hostKeys
Type: list of (attribute set)
Default:
[
{
bits = 4096; path = "/etc/ssh/ssh_host_rsa_key"; type = "rsa";
}
{
path = "/etc/ssh/ssh_host_ed25519_key"; type = "ed25519";
}
]
Example:
[
{
bits = 4096; openSSHFormat = true; path = "/etc/ssh/ssh_host_rsa_key"; rounds = 100; type = "rsa";
}
{
comment = "key comment"; path = "/etc/ssh/ssh_host_ed25519_key"; rounds = 100; type = "ed25519";
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.kbdInteractiveAuthentication
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.kexAlgorithms
Type: list of string
Default:
[
"sntrup761x25519-sha512@openssh.com" "curve25519-sha256" "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.knownHosts
Type: attribute set of (submodule)
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.knownHosts.<name>.certAuthority
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.knownHosts.<name>.extraHostNames
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.knownHosts.<name>.hostNames
Type: list of string
Default: [ ‹name› ] ++ config.services.openssh.knownHosts.<name>.extraHostNames
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.knownHosts.<name>.publicKey
Type: null or string
Default: null
Example: "ecdsa-sha2-nistp521 AAAAE2VjZHN...UEPg=="
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.knownHosts.<name>.publicKeyFile
Type: null or path
Default: null
Declared by:
<nixpkgs/nixos/modules/programs/ssh.nix>
|
services.openssh.listenAddresses
Type: list of (submodule)
Default:
[
]
Example:
[
{
addr = "192.168.3.1"; port = 22;
}
{
addr = "0.0.0.0"; port = 64022;
}
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.listenAddresses.*.addr
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.listenAddresses.*.port
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.logLevel
Type: one of "QUIET", "FATAL", "ERROR", "INFO", "VERBOSE", "DEBUG", "DEBUG1", "DEBUG2", "DEBUG3"
Default: "INFO"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.macs
Type: list of string
Default:
[
"hmac-sha2-512-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "umac-128-etm@openssh.com" "hmac-sha2-512" "hmac-sha2-256" "umac-128@openssh.com"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.moduliFile
Type: path
Example: "/etc/my-local-ssh-moduli;"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.openFirewall
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.passwordAuthentication
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.permitRootLogin
Type: one of "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
Default: "prohibit-password"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.ports
Type: list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
[
22
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.sftpFlags
Type: list of string
Default:
[
]
Example:
[
"-f AUTHPRIV" "-l INFO"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.sftpServerExecutable
Type: string
Example: "internal-sftp"
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.startWhenNeeded
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.openssh.useDns
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.osctl.image-repository
Configure container image repositories
Type: attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.enableCronJob
Enable cron job run at
osctl.image-repository.<name>.buildInterval
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.buildDataset
Name of a dataset used to build images
Type: string
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.buildInterval
Date and time expression for when to build images in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: null or string
Default: "0 4 * * *"
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.buildScriptDir
Path to directory with image build scripts for use with osctl-image
Type: string
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.cacheDir
Path to directory where built images are cached before added to the repository.
Type: string
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.defaultVendor
Name of the default image vendor
Type: string
Example: "vpsadminos"
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection
Garbage collection of old images
Type: list of (submodule)
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.arch
Regular expression to match image arch
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.distribution
Regular expression to match image distribution
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.keep
Number of matched images to keep
Type: signed integer
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.variant
Regular expression to match image variant
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.vendor
Regular expression to match image vendor
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.garbageCollection.*.version
Regular expression to match image version
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images
Configure container images
Type: attribute set of attribute set of (submodule)
Default:
{
}
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images.<name>.<name>.keepFailedTests
Keep containers of failed tests for further analysis
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images.<name>.<name>.name
Optional image name
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images.<name>.<name>.rebuild
Rebuild the image even if it is found in cacheDir
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.images.<name>.<name>.tags
Image tags
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.keepAllFailedTests
Keep containers of all failed tests for further analysis
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.logDir
Directory where build logs will be stored.
Type: string
Default: "/tmp"
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.path
Path to the generated image repository.
Type: string
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.postBuild
Shell commands run after all images were built, or attempted to be built
Type: strings concatenated with "\n"
Default: ""
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.rebuildAll
Rebuild all images, even when they're found in cacheDir
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.vendors
Vendors
Type: attribute set of (submodule)
Default:
{
}
Example:
{
vpsadminos =
{
defaultVariant = "minimal";
}
;
}
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.osctl.image-repository.<name>.vendors.<name>.defaultVariant
Name of the default image variant
Type: string
Example: "minimal"
Declared by:
<vpsadminos/os/modules/services/osctl/image-repository>
|
services.prometheus.exporters.node.enable
Whether to enable Enable node_exporter service.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/node_exporter.nix>
|
services.prometheus.exporters.node.enabledCollectors
Collectors to enable. The collectors listed here are enabled in addition to the default ones.
Type: list of string
Default:
[
"runit" "nfs" "textfile"
]
Example: ''[ "nfs" ]''
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/node_exporter.nix>
|
services.prometheus.exporters.node.disabledCollectors
Collectors to disable which are enabled by default.
Type: list of string
Default:
[
"systemd"
]
Example: ''[ "timex" ]''
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/node_exporter.nix>
|
services.prometheus.exporters.node.extraFlags
Extra commandline options to pass to node_exporter.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/node_exporter.nix>
|
services.prometheus.exporters.node.listenAddress
Address to listen on.
Type: string
Default: "0.0.0.0"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/node_exporter.nix>
|
services.prometheus.exporters.node.port
Port to listen on.
Type: signed integer
Default: 9100
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/node_exporter.nix>
|
services.prometheus.exporters.osbench.enable
Whether to enable Enable osbench exporter.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_files.enable
Enable osbench test create_files
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_files.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_files.testDirectory
Directory in which test files are created
Type: path
Default: "/tmp"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_processes.enable
Enable osbench test create_processes
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_processes.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_threads.enable
Enable osbench test create_threads
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.create_threads.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.launch_programs.enable
Enable osbench test launch_programs
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.launch_programs.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.mem_alloc.enable
Enable osbench test mem_alloc
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.prometheus.exporters.osbench.tests.mem_alloc.cronInterval
Date and time expression in a crontab format for when to run the test
Type: string
Default: "*/1 * * * *"
Declared by:
<vpsadminos/os/modules/services/monitoring/prometheus/osbench>
|
services.rpcbind.enable
Whether to enable Enable rpcbind service.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/networking/rpcbind.nix>
|
services.rsyslogd.extraConfig
Additional text to append to syslog.conf
Type: string
Default: ""
Example: "news.* -/var/log/news"
Declared by:
<vpsadminos/os/modules/services/logging/rsyslog.nix>
|
services.rsyslogd.forward
Forward logs over TCP to a set of hosts
Type: list of string
Default:
[
]
Example:
[
"10.0.0.1:11514"
]
Declared by:
<vpsadminos/os/modules/services/logging/rsyslog.nix>
|
services.rsyslogd.hostName
Optional hostname
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/services/logging/rsyslog.nix>
|
services.samba
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.sshd.enable
Type: boolean
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
services.sssd
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.udev.packages
List of packages containing udev rules.
Type: list of path
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/hardware/eudev.nix>
|
services.udev.extraRules
Additional udev rules
Type: strings concatenated with "\n"
Default: ""
Example:
'' KERNEL=="eth*", ATTR{address}=="00:1D:60:B9:6D:4F", NAME="my_fast_network_card" ''
Declared by:
<vpsadminos/os/modules/services/hardware/eudev.nix>
|
services.udev.path
Packages added to the PATH
environment variable when
executing programs from Udev rules.
Type: list of path
Default:
[
]
Declared by:
<vpsadminos/os/modules/services/hardware/eudev.nix>
|
services.xserver
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
services.zfs.autoScrub.enable
Enables periodic scrubbing of ZFS pools.
Type: boolean
Default: false
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.autoScrub.pauseIntervals
Date and time expression for when to pause a running scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.autoScrub.pools
List of ZFS pools to periodically scrub. If empty, all pools will be scrubbed.
Type: list of string
Default:
[
]
Example:
[
"tank"
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.autoScrub.resumeIntervals
Date and time expression for when to resume a paused scrub in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.zfs.autoScrub.startIntervals
Date and time expression for when to scrub the pool in a crontab format, i.e. minute, hour, day of month, month and day of month separated by spaces.
Type: list of string
Default:
[
]
Declared by:
<vpsadminos/os/modules/tasks/filesystems/zfs>
|
services.znapzend.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.autoCreation
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.compressed
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.lowmemRecurse
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.oracleMode
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.recvu
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.sendRaw
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.skipIntermediates
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.features.zfsGetType
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.logLevel
Type: one of "debug", "info", "warning", "err", "alert"
Default: "debug"
Example: "warning"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.logTo
Type: string
Default: "syslog::daemon"
Example: "/var/log/znapzend.log"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.noDestroy
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.pure
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup
Type: attribute set of (submodule)
Default:
{
}
Example:
{ "tank/home" = { # Make snapshots of tank/home every hour, keep those for 1 day, # keep every days snapshot for 1 month, etc. plan = "1d=>1h,1m=>1d,1y=>1m"; recursive = true; # Send all those snapshots to john@example.com:rtank/john as well destinations.remote = { host = "john@example.com"; dataset = "rtank/john"; }; }; };
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.enable
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.dataset
Type: string
Example: "tank/home"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations
Type: attribute set of (submodule)
Default:
{
}
Example:
{ local = { dataset = "btank/backup"; presend = "zpool import -N btank"; postsend = "zpool export btank"; }; remote = { host = "john@example.com"; dataset = "tank/john"; }; };
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.dataset
Type: string
Example: "tank/main"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.host
Type: null or string
Default: null
Example: "john@example.com"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.label
Type: string
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.plan
Type: string
Example: "1h=>10min,1d=>1h,1w=>1d,1m=>1w,1y=>1m"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.postsend
Type: null or string
Default: null
Example: "ssh root@bserv zpool export tank"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.destinations.<name>.presend
Type: null or string
Default: null
Example: "ssh root@bserv zpool import -Nf tank"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.mbuffer.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.mbuffer.port
Type: null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default: null
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.mbuffer.size
Type: string of the form number{b|k|M|G}
Default: "1G"
Example: "128M"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.plan
Type: string
Example: "1h=>10min,1d=>1h,1w=>1d,1m=>1w,1y=>1m"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.postsnap
Type: null or string
Default: null
Example:
"${pkgs.coreutils}/bin/kill `${pkgs.coreutils}/bin/cat /tmp/mariadblock.pid`;${pkgs.coreutils}/bin/rm /tmp/mariadblock.pid"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.presnap
Type: null or string
Default: null
Example:
''${pkgs.mariadb}/bin/mysql -e "set autocommit=0;flush tables with read lock;\\! ${pkgs.coreutils}/bin/sleep 600" & ${pkgs.coreutils}/bin/echo $! > /tmp/mariadblock.pid ; sleep 10''
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.recursive
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.sendDelay
Type: signed integer
Default: 0
Example: 60
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
services.znapzend.zetup.<name>.timestampFormat
Type: string containing all of the characters %Y, %m, %d, %H, %M, %S
Default: "%Y-%m-%d-%H%M%S"
Example: "znapzend-%m.%d.%Y-%H%M%SZ"
Declared by:
<nixpkgs/nixos/modules/services/backup/znapzend.nix>
|
swapDevices
Type: list of (submodule)
Default:
[
]
Example:
[
{
device = "/dev/hda7";
}
{
device = "/var/swapfile";
}
{
label = "bigswap";
}
]
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.device
Type: string
Example: "/dev/sda3"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.discardPolicy
Type: null or one of "once", "pages", "both"
Default: null
Example: "once"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.label
Type: string
Example: "swap"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.options
Type: list of non-empty string
Default:
[
"defaults"
]
Example:
[
"nofail"
]
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.priority
Type: null or signed integer
Default: null
Example: 2048
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption
Type: (submodule) or boolean convertible to it
Default: false
Example:
{
cipher = "serpent-xts-plain64"; enable = true; source = "/dev/random";
}
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.allowDiscards
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.cipher
Type: string
Default: "aes-xts-plain64"
Example: "serpent-xts-plain64"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.randomEncryption.source
Type: string
Default: "/dev/urandom"
Example: "/dev/random"
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
swapDevices.*.size
Type: null or signed integer
Default: null
Example: 2048
Declared by:
<nixpkgs/nixos/modules/config/swap.nix>
|
system.activationScripts
Type: attribute set of (string or (submodule))
Default:
{
}
Example:
{ stdio.text = '' # Needed by some programs. ln -sfn /proc/self/fd /dev/fd ln -sfn /proc/self/fd/0 /dev/stdin ln -sfn /proc/self/fd/1 /dev/stdout ln -sfn /proc/self/fd/2 /dev/stderr ''; }
Declared by:
<nixpkgs/nixos/modules/system/activation/activation-script.nix>
|
system.boot.restrict-proc-sysfs.enable
Restrict access to proc, sysfs and any other filesystem contents
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/boot/restrict-proc-sysfs>
|
system.boot.restrict-proc-sysfs.config
Config passed to ./restrict-dirs.rb Each line represents a rule for a path. The first word is a command, the second word is the path. The command can be one of: restrict, skip and grant. Empty lines and lines beginning with a hash are ignored. restrict is used to deny access from containers to the path, skip does not change the access mode and grant will give read-write access to containers and all their users, even unprivileged ones. The path can contain patterns, which are expanded. Rules are evaluated from the top. There can be more than one rule for one path, the last rule will be used. This makes it possible to e.g. use wildcards with exceptions: restrict /sys/class/* skip /sys/class/net The rules above will restrict access to the contents of /sys/class, except for directory /sys/class/net.
Type: strings concatenated with "\n"
Default:
'' restrict /proc/bus restrict /proc/interrupts restrict /proc/sched_debug restrict /proc/spl restrict /sys/block restrict /sys/bus/* skip /sys/bus/pci restrict /sys/class/* skip /sys/class/dmi skip /sys/class/mem skip /sys/class/misc skip /sys/class/net skip /sys/class/pci_bus skip /sys/class/tty skip /sys/dev/block restrict /sys/devices/* skip /sys/devices/pci* skip /sys/devices/system restrict /sys/devices/system/* skip /sys/devices/system/cpu skip /sys/devices/system/node skip /sys/devices/virtual restrict /sys/devices/virtual/* skip /sys/devices/virtual/dmi skip /sys/devices/virtual/mem skip /sys/devices/virtual/misc skip /sys/devices/virtual/net skip /sys/devices/virtual/tty restrict /sys/firmware restrict /sys/module/*/sections grant /sys/module/nf_conntrack/parameters/* restrict /sys/power ''
Declared by:
<vpsadminos/os/modules/system/boot/restrict-proc-sysfs>
|
system.build
Type: lazy attribute set of unspecified value
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/system/build.nix>
|
system.extraDependencies
A list of packages that should be included in the system closure but not otherwise made available to users. This is primarily used by the installation tests.
Type: list of package
Default:
[
]
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.nssDatabases.group
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.nssDatabases.hosts
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.nssDatabases.passwd
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.nssDatabases.services
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.nssDatabases.shadow
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/nsswitch.nix>
|
system.osCodeName
The vpsAdminOS release code name (e.g. Emu
).
Type: string (read only)
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
system.osLabel
Label to be used in the names of generated outputs and boot labels.
Type: string
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
system.osRelease
The vpsAdminOS release (e.g. 16.03
).
Type: string (read only)
Default: "22.11.0"
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
system.secretsDir
Path to a directory containing secret keys and other files that should
not be stored in the Nix store. The directory's base name has to be
secrets
.
If the sandbox is enabled (nix.useSandbox = true;
)
on the build machine, you need to add your directory with secrets
to nix.sandboxPaths
and then set this option to the
path within the sandbox. For example, if your secrets on the build
machine are stored in /home/vpsadminos/secrets
, you
could set
nix.sandboxPaths = [ "/secrets=/home/vpsadminos/secrets" ];
on the build machine and system.secretsDir = "/secrets";
in vpsAdminOS config.
Type: null or string
Default: null
Declared by:
<vpsadminos/os/modules/system/activation/secrets.nix>
|
system.stateVersion
Every once in a while, a new vpsAdminOS release may change configuration defaults in a way incompatible with stateful data. For instance, if the default version of PostgreSQL changes, the new version will probably be unable to read your existing databases. To prevent such breakage, you can set the value of this option to the vpsAdminOS release with which you want to be compatible. The effect is that vpsAdminOS will option defaults corresponding to the specified release (such as using an older version of PostgreSQL).
Type: string
Default: "22.11.0"
Declared by:
<vpsadminos/os/modules/misc/version.nix>
|
system.storeOverlaySize
Size of the tmpfs filesystems used as an overlay for /nix/store. See option size in man tmpfs(5) for possible values.
Type: string
Default: "2G"
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|
system.userActivationScripts
Type: attribute set of (string or (submodule))
Default:
{
}
Example:
{ plasmaSetup = { text = '' ${pkgs.libsForQt5.kservice}/bin/kbuildsycoca5" ''; deps = []; }; }
Declared by:
<nixpkgs/nixos/modules/system/activation/activation-script.nix>
|
systemd.package
Type: unspecified value
Default: "/not-on-vpsadminos"
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.packages
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.globalEnvironment
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.services
Type: attribute set of unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.sockets
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.targets
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.tmpfiles
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
systemd.user
Type: unspecified value
Declared by:
<vpsadminos/os/modules/nixos-compat.nix>
|
time.hardwareClockInLocalTime
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
time.timeZone
Type: null or string without spaces
Default: null
Example: "America/New_York"
Declared by:
<nixpkgs/nixos/modules/config/locale.nix>
|
tty.autologin.enable
Whether to enable Enable autologin on ttys.
Type: boolean
Default: false
Example: true
Declared by:
<vpsadminos/os/modules/services/ttys/agetty.nix>
|
tty.autologin.user
Autologin user
Type: string
Default: "root"
Declared by:
<vpsadminos/os/modules/services/ttys/agetty.nix>
|
tty.spawnSerial
Number of serial TTYs (STTYs) spawned (for /dev/ttyS0)
Type: integer between 0 and 10 (both inclusive)
Default: 1
Declared by:
<vpsadminos/os/modules/services/ttys/agetty.nix>
|
tty.spawnStandard
Number of TTYs spawned, set to 0 to disable
Type: integer between 0 and 10 (both inclusive)
Default: 4
Declared by:
<vpsadminos/os/modules/services/ttys/agetty.nix>
|
users.allowNoPasswordLogin
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.defaultUserShell
Type: path or package
Example: pkgs.zsh
Declared by:
<nixpkgs/nixos/modules/programs/shadow.nix>
|
users.enforceIdUniqueness
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups
Type: attribute set of (submodule)
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name>.gid
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name>.members
Type: list of string, not containing newlines or colons
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraGroups.<name>.name
Type: string, not containing newlines or colons
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers
Type: attribute set of (submodule)
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.packages
Type: list of package
Default:
[
]
Example: [ pkgs.firefox pkgs.thunderbird ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.autoSubUidGidRange
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.createHome
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.cryptHomeLuks
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.description
Type: string, not containing newlines or colons
Default: ""
Example: "Alice Q. User"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.extraGroups
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.group
Type: string
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.hashedPassword
Type: null or string, not containing newlines or colons
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.home
Type: path, not containing newlines or colons
Default: "/var/empty"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.homeMode
Type: string matching the pattern [0-7]{1,5}
Default: "700"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.initialHashedPassword
Type: null or string, not containing newlines or colons
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.initialPassword
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.isNormalUser
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.isSystemUser
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.name
Type: string, not containing newlines or colons
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.openssh.authorizedKeys.keyFiles
Type: list of path
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.extraUsers.<name>.openssh.authorizedKeys.keys
Type: list of (optionally newline-terminated) single-line string
Default:
[
]
Example:
[
"ssh-rsa AAAAB3NzaC1yc2etc/etc/etcjwrsh8e596z6J0l7 example@host" "ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ foo@bar"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.extraUsers.<name>.pamMount
Type: attribute set of string
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.password
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.passwordFile
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.shell
Type: null or package or path, not containing newlines or colons
Default: pkgs.shadow
Example: pkgs.bashInteractive
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subGidRanges
Type: list of (submodule)
Default:
[
]
Example:
[
{
count = 1; startGid = 100;
}
{
count = 999; startGid = 1001;
}
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subGidRanges.*.count
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subGidRanges.*.startGid
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subUidRanges
Type: list of (submodule)
Default:
[
]
Example:
[
{
count = 1; startUid = 1000;
}
{
count = 65534; startUid = 100001;
}
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subUidRanges.*.count
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.subUidRanges.*.startUid
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.uid
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.extraUsers.<name>.useDefaultShell
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.groups
Type: attribute set of (submodule)
Default:
{
}
Example:
{
hackers =
{
}
; students =
{
gid = 1001;
}
;
}
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.groups.<name>.gid
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.groups.<name>.members
Type: list of string, not containing newlines or colons
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.groups.<name>.name
Type: string, not containing newlines or colons
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.ldap.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.base
Type: string
Example: "dc=example,dc=org"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.distinguishedName
Type: string
Default: ""
Example: "cn=admin,dc=example,dc=com"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.passwordFile
Type: string
Default: "/etc/ldap/bind.password"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.policy
Type: one of "hard_open", "hard_init", "soft"
Default: "hard_open"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.bind.timeLimit
Type: signed integer
Default: 30
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.rootpwmoddn
Type: string
Default: ""
Example: "cn=admin,dc=example,dc=com"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.daemon.rootpwmodpwFile
Type: string
Default: ""
Example: "/run/keys/nslcd.rootpwmodpw"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.extraConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.loginPam
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.nsswitch
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.server
Type: string
Example: "ldap://ldap.example.org/"
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.timeLimit
Type: signed integer
Default: 0
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.ldap.useTLS
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/ldap.nix>
|
users.motd
Type: null or strings concatenated with "\n"
Default: null
Example: "Today is Sweetmorn, the 4th day of The Aftermath in the YOLD 3178."
Declared by:
<nixpkgs/nixos/modules/security/pam.nix>
|
users.mutableUsers
Type: boolean
Default: true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.mysql.enable
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.database
Type: string
Example: "auth"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.host
Type: string
Example: "localhost"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss
Type: submodule
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getgrent
Type: null or string
Default: null
Example:
SELECT name,password,gid FROM groups
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getgrgid
Type: null or string
Default: null
Example:
SELECT name,password,gid FROM groups WHERE gid='%1$u' LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getgrnam
Type: null or string
Default: null
Example:
SELECT name,password,gid FROM groups WHERE name='%1$s' LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getpwent
Type: null or string
Default: null
Example:
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' FROM users
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getpwnam
Type: null or string
Default: null
Example:
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' \ FROM users \ WHERE username='%1$s' \ LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getpwuid
Type: null or string
Default: null
Example:
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' \ FROM users \ WHERE uid='%1$u' \ LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getspent
Type: null or string
Default: null
Example:
SELECT username,password,'1','0','99999','0','0','-1','0' FROM users
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.getspnam
Type: null or string
Default: null
Example:
SELECT username,password,'1','0','99999','0','0','-1','0' \ FROM users \ WHERE username='%1$s' \ LIMIT 1
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.gidsbymem
Type: null or string
Default: null
Example:
SELECT gid FROM grouplist WHERE username='%1$s'
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.nss.memsbygid
Type: null or string
Default: null
Example:
SELECT username FROM grouplist WHERE gid='%1$u'
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam
Type: submodule
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.cryptDefault
Type: null or one of "md5", "sha256", "sha512", "blowfish"
Default: null
Example: "blowfish"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.disconnectEveryOperation
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.hostColumn
Type: string
Example: "host"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.msgColumn
Type: string
Example: "msg"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.pidColumn
Type: string
Example: "pid"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.rHostColumn
Type: string
Example: "rhost"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.table
Type: string
Example: "logs"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.timeColumn
Type: string
Example: "timestamp"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.logging.userColumn
Type: string
Example: "user"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.passwordColumn
Type: string
Example: "password"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.passwordCrypt
Type: one of "0", "plain", "1", "Y", "2", "mysql", "3", "md5", "4", "sha1", "5", "drupal7", "6", "joomla15", "7", "ssha", "8", "sha512", "9", "sha256"
Example: "2"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.statusColumn
Type: null or string
Default: null
Example: "status"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.table
Type: string
Example: "users"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.updateTable
Type: null or string
Default: null
Example: "users_updates"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.userColumn
Type: string
Example: "username"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.verbose
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.pam.where
Type: null or string
Default: null
Example: "host.name='web' AND user.active=1"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.passwordFile
Type: path
Example: "/run/secrets/mysql-auth-db-passwd"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.mysql.user
Type: string
Example: "nss-user"
Declared by:
<nixpkgs/nixos/modules/config/mysql.nix>
|
users.users
Type: attribute set of (submodule)
Default:
{
}
Example:
{
alice =
{
createHome = true; description = "Alice Q. User"; extraGroups =
[
"wheel"
]
; group = "users"; home = "/home/alice"; shell = "/bin/sh"; uid = 1234;
}
;
}
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.users.<name>.packages
Type: list of package
Default:
[
]
Example: [ pkgs.firefox pkgs.thunderbird ]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.autoSubUidGidRange
Type: boolean
Default: false
Example: true
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.createHome
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.cryptHomeLuks
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.description
Type: string, not containing newlines or colons
Default: ""
Example: "Alice Q. User"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.extraGroups
Type: list of string
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.group
Type: string
Default: ""
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.hashedPassword
Type: null or string, not containing newlines or colons
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.home
Type: path, not containing newlines or colons
Default: "/var/empty"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.homeMode
Type: string matching the pattern [0-7]{1,5}
Default: "700"
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.initialHashedPassword
Type: null or string, not containing newlines or colons
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.initialPassword
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.isNormalUser
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.isSystemUser
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.name
Type: string, not containing newlines or colons
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.openssh.authorizedKeys.keyFiles
Type: list of path
Default:
[
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.users.<name>.openssh.authorizedKeys.keys
Type: list of (optionally newline-terminated) single-line string
Default:
[
]
Example:
[
"ssh-rsa AAAAB3NzaC1yc2etc/etc/etcjwrsh8e596z6J0l7 example@host" "ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ foo@bar"
]
Declared by:
<nixpkgs/nixos/modules/services/networking/ssh/sshd.nix>
|
users.users.<name>.pamMount
Type: attribute set of string
Default:
{
}
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.password
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.passwordFile
Type: null or string
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.shell
Type: null or package or path, not containing newlines or colons
Default: pkgs.shadow
Example: pkgs.bashInteractive
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subGidRanges
Type: list of (submodule)
Default:
[
]
Example:
[
{
count = 1; startGid = 100;
}
{
count = 999; startGid = 1001;
}
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subGidRanges.*.count
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subGidRanges.*.startGid
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subUidRanges
Type: list of (submodule)
Default:
[
]
Example:
[
{
count = 1; startUid = 1000;
}
{
count = 65534; startUid = 100001;
}
]
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subUidRanges.*.count
Type: signed integer
Default: 1
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.subUidRanges.*.startUid
Type: signed integer
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.uid
Type: null or signed integer
Default: null
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
users.users.<name>.useDefaultShell
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/config/users-groups.nix>
|
virtualisation.lxc.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.defaultConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.lxcfs.enable
Type: boolean
Default: false
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxcfs.nix>
|
virtualisation.lxc.systemConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
virtualisation.lxc.usernetConfig
Type: strings concatenated with "\n"
Default: ""
Declared by:
<nixpkgs/nixos/modules/virtualisation/lxc.nix>
|
vpsadminos.nix
enable nix-daemon and a writeable store
Type: boolean
Default: true
Declared by:
<vpsadminos/os/modules/system/activation/top-level.nix>
|