W
C
I
I
T
SLAM(5) File Formats Manual SLAM(5)

SLAMSLAM configuration options

System Layer Abstraction Modules is a collection of Nix modules for composing an operating base layer as well as high-level subsystems. Each SLAM import provides a set of configuration options, a set of derived configuration values, or both.

Importing modular services into SLAM is encouraged and SLAM service-managers are in turn exposed as modular services at pkgs.alt.slam.service-modules.

When declaring SLAM services consider the following:

  • Within either SLAM or SLAM service managers loaded as modular services:
    • The primary service manager is declared at config.system.serviceManager.
    • s6 services are declared at config.system.s6.rc.services.
    • Synit daemons are declared at config.system.synit.services.
    • Local modular services are declared at config.system.services.

  • Within modular services only:
    • Modular services are declared to the parent at config.services.
    • An s6 service is declared at config.s6.rc.service.
    • A Synit service is declared at config.synit.daemon.

It covers only the modules imported at the moment it was generated and the set of available options is variable and depends on which modules are imported.

Additional arguments passed to each module in addition to ones like lib, config, pkgs, and modulesPath.

This option is also available to all submodules. Submodules do not inherit args from their parent module, nor do they provide args to their parent module or sibling submodules. The sole exception to this is the argument name which is provided by parent modules to a submodule and contains the attribute name the submodule is bound to, or a unique generated name if it is not bound to an attribute.

Some arguments are already passed by default, of which the following be changed with this option:

lib
The Nixpkgs library.
config
The results of all options after merging the values from all modules together.
options
The options declared in all modules.
specialArgs
The specialArgs argument passed to lib.evalModules.
pkgs
The Nixpkgs package set.
All attributes of specialArgs
Whereas option values can generally depend on other option values thanks to laziness, this does not apply to imports, which must be computed statically before anything else.

For this reason, callers of the module system can provide specialArgs which are available during import resolution.

specialArgs includes slamPath which is the location of the modules directory within the SLAM repositiory and modulesPath which is the location of the modules directory within the NixOS repository.

lazy attribute set of raw value
lib/modules.nix

Whether to enable the validation of bootspec documents for each build. This will introduce Go in the build-time closure as we are relying on Cuelang for schema validation. Enable this option if you want to ascertain that your documents are correct

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/bootspec.nix

User-defined data that extends the bootspec document.

To reduce incompatibility and prevent names from clashing between applications, it is to use a unique namespace for your extensions.

attribute set of anything
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/bootspec.nix

The package to use for bootspec.

package
pkgs.bootspec
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/bootspec.nix

A list of additional packages supplying kernel modules.

list of package
[ ]
[ config.boot.kernelPackages.nvidia_x11 ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

Which hardware-manager to start on boot.

one of mdevd, udev
"mdevd"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot

The PID 1 command line as a closure-list.

attribute set of (submodule)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/init.nix

List of argument groups that must precede this one.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/init.nix

Group of arguments for the pid1 command-line.

string or list of (string or absolute path)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/init.nix

Environment variables to start PID 1 with.

attribute set of string
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/init.nix

Stage 2 boot script.

read-only absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/init.nix

The set of kernel modules in the initial ramdisk used during the boot process. This set must include all modules necessary for mounting the root device. That is, it should include modules for the physical device (e.g., SCSI drivers) and for the file system (e.g., ext3). The set specified here is automatically closed under the module dependency relation, i.e., all dependencies of the modules list here are included automatically. The modules listed here are available in the initrd, but are only loaded on demand (e.g., the ext3 module is loaded automatically when an ext3 filesystem is mounted, and modules for PCI devices are loaded when they match the PCI ID of a device in your system). To force a module to be loaded, include it in boot.initrd.kernelModules.

list of string
[ ]
[
  "sata_nv"
  "ext3"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

The compressor to use on the initrd image. May be any of:

  • The name of one of the predefined compressors, see pkgs/build-support/kernel/initrd-compressor-meta.nix for the definitions.
  • A function which, given the nixpkgs package set, returns the path to a compressor tool, e.g. ‘pkgs: ${pkgs.pigz}/bin/pigz’ - (not recommended, because it does not work when cross-compiling) the full path to a compressor tool, e.g. ‘${pkgs.pigz}/bin/pigz
The given program should read data from stdin and write it to stdout compressed.
string or function that evaluates to a(n) string
if the kernel supports it (5.9+), gzip if not
"xz"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

Arguments to pass to the compressor for the initrd image, or null to use the compressor's defaults.

null or (list of string)
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

Contents of the initrd.

list of (submodule)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

Source of file content to inserting into the initrd.

absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

Location of file content within the initrd.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

Whether to enable the NixOS initial RAM disk (initrd). This may be needed to perform some initialisation tasks (like mounting network/encrypted file systems) before continuing the boot process.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

List of modules that are always loaded by the initrd.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

Composite mount script.

read-only unspecified value
Concatenated execline.
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

Execline snippets for mounting file-systems during stage 1.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

List of dependencies. The script will run after these.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

Execline script to be enclosed by an "if" block.

strings concatenated with 0
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

the initrd to use for your system... use a module to build one

package
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/initrd

Whether to enable the 9P protocol.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/9p.nix

Whether to enable btrfs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/btrfs.nix

Support packages for btrfs.

list of package
[ pkgs.btrfs-progs ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/btrfs.nix

Whether to enable EROFS.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/erofs.nix

Whether to enable ext2.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/ext2.nix

Support packages for ext2.

list of package
[ pkgs.e2fsprogs ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/ext2.nix

Whether to enable ext4.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/ext4.nix

Support packages for ext4.

list of package
[ pkgs.e2fsprogs ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/ext4.nix

Whether to enable f2fs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/f2fs.nix

Support packages for f2fs.

list of package
[ pkgs.f2fs-tools ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/f2fs.nix

Whether to enable FUSE.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/fuse.nix

Whether to enable the file-system placeholder.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/special.nix

Whether to enable overlayfs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/overlayfs.nix

Whether to enable tmpfs.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/tmpfs.nix

Whether to enable FAT.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/vfat.nix

Support packages for FAT file-systems.

list of package
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/vfat.nix

Whether to enable XFS.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/xfs.nix

Support packages for XFS.

list of package
[ pkgs.xfsprogs.bin ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/xfs.nix

Whether to enable ZFS.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/zfs.nix

Support packages for ZFS.

list of package
[ pkgs.zfs ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/zfs.nix

Whether to enable the Linux kernel. This is useful for systemd-like containers which do not require a kernel.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

Provides a custom seed for the RANDSTRUCT security option of the Linux kernel. Note that RANDSTRUCT is only enabled in NixOS hardened kernels. Using a custom seed requires building the kernel and dependent packages locally, since this customization happens at build time.

string
""
"my secret seed"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

Runtime parameters of the Linux kernel, as set by sysctl(8). Note that sysctl parameters names must be enclosed in quotes (e.g. ‘vm.swappiness’ instead of ‘vm.swappiness’). The value of each parameter may be a string, integer, boolean, or null (signifying the option will not appear at all).

open submodule of attribute set of (sysctl option value)
{ }
{ "net.ipv4.tcp_syncookies" = false; "vm.swappiness" = 60; }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/sysctl.nix

The maximum receive socket buffer size in bytes. In case of conflicting values, the highest will be used.

null or (unsigned integer, meaning >=0)
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/sysctl.nix

The maximum send socket buffer size in bytes. In case of conflicting values, the highest will be used.

null or (unsigned integer, meaning >=0)
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/sysctl.nix

The maximum number of memory map areas a process may have. In case of conflicting values, the highest will be used.

null or (unsigned integer, meaning >=0)
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/sysctl.nix

The set of kernel modules to be loaded in the second stage of the boot process. Note that modules that are needed to mount the root file system should be added to boot.initrd.availableKernelModules or boot.initrd.kernelModules.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

This option allows you to override the Linux kernel used by NixOS. Since things like external kernel module packages are tied to the kernel you're using, it also overrides those. This option is a function that takes Nixpkgs as an argument (as a convenience), and returns an attribute set containing at the very least an attribute kernel. Additional attributes may be needed depending on your configuration. For instance, if you use the NVIDIA X driver, then it also needs to contain an attribute nvidia_x11.

Please note that we strictly support kernel versions that are maintained by the Linux developers only. More information on the availability of kernel versions is documented in the Linux section of the manual.

raw value
pkgs.linuxPackages
pkgs.linuxKernel.packages.linux_5_10
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

Parameters added to the kernel command line.

list of string, with spaces inside double quotes
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

A list of additional patches to apply to the kernel.

Every item should be an attribute set with the following attributes:

{
  # descriptive name, required
  name = "foo";

  # path or derivation that contains the patch source
  # (required, but can be null if only config changes
  # are needed)
  patch = ./foo.patch;

  # attrset of extra configuration parameters without the CONFIG_ prefix
  # (optional) values should generally be lib.kernel.yes,
  # lib.kernel.no or lib.kernel.module
  extraStructuredConfig = {
    FOO = lib.kernel.yes;
  };

  # attrset of extra "features" the kernel is considered to have
  # (may be checked by other NixOS modules, optional)
  features = {
    foo = true;
  };

  # extra configuration options in string form without the CONFIG_ prefix
  # (optional, multiple lines allowed to specify multiple options)
  # (deprecated, use extraStructuredConfig instead)
  extraConfig = "FOO y";
}

There's a small set of existing kernel patches in Nixpkgs, available as ‘pkgs.kernelPatches’, that follow this format and can be used directly.

list of (attribute set)
[ ]
[
  {
    name = "foo";
    patch = ./foo.patch;
    extraStructuredConfig.FOO = lib.kernel.yes;
    features.foo = true;
  }
  {
    name = "foo-ml-mbox";
    patch = (fetchurl {
      url = "https://lore.kernel.org/lkml/19700205182810.58382-1-email@domain/t.mbox.gz";
      hash = "sha256-...";
    });
  }
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/kernel.nix

Whether the installation process is allowed to modify EFI boot variables.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Where the EFI System Partition is mounted.

string
"/boot"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Execline scripts for bootloader installation.

attribute set of ((submodule) or string convertible to it)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/loader.nix

List of dependencies. The script will run after these.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/loader.nix

Execline script to be enclosed by an "if" block. The following variables will be substituted before execution: - $toplevel The top-level derivation being installed. - $boot The boot directory of the system installation.

strings concatenated with 0
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/loader.nix

Whether to enable modprobe config. This is useful for systems like containers which do not require a kernel.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/modprobe.nix

Whether to enable the 9P protocol.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/9p.nix

Whether to enable btrfs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/btrfs.nix

Support packages for btrfs.

list of package
[ pkgs.btrfs-progs ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/btrfs.nix

Whether to enable EFI varfs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/efivarfs.nix

Whether to enable EROFS.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/erofs.nix

Whether to enable ext2.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/ext2.nix

Support packages for ext2.

list of package
[ pkgs.e2fsprogs ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/ext2.nix

Whether to enable ext4.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/ext4.nix

Support packages for ext4.

list of package
[ pkgs.e2fsprogs ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/ext4.nix

Whether to enable f2fs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/f2fs.nix

Support packages for f2fs.

list of package
[ pkgs.f2fs-tools ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/f2fs.nix

Whether to enable FUSE.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/fuse.nix

Whether to enable mergefs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/fuse.mergerfs.nix

Whether to enable the file-system placeholder.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/special.nix

Whether to enable overlayfs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/overlayfs.nix

Whether to enable tmpfs.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/tmpfs.nix

Whether to enable FAT.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/vfat.nix

Support packages for FAT file-systems.

list of package
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/vfat.nix

Whether to enable XFS.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/xfs.nix

Support packages for XFS.

list of package
[ pkgs.xfsprogs.bin ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/xfs.nix

Whether to enable ZFS.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/zfs.nix

Support packages for ZFS.

list of package
[ pkgs.zfs ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/zfs.nix

List of ZFS pools to import at boot. Defaults to the pools necessary for booting.

list of string
[
  "jug"
  "bucket"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/zfs.nix

List of ZFS dataset names to load keys for during boot.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/zfs.nix

Whether to enable install developer documentation.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/documentation

Whether to install share/doc directories into the system environment.

unspecified value
"config.documentation.enable"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/documentation

Whether to enable install system documentation.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/documentation

Whether to install info pages into the system environment.

unspecified value
"config.documentation.enable"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/documentation

Whether to install manual pages into the system environment.

unspecified value
"config.documentation.enable"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/documentation

Package providing the man program.

package
pkgs.man
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/documentation

Package of this manual.

read-only unspecified value
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/documentation

List of functions to apply to each option declarations

list of anything
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/documentation

Set of files that have to be linked in /etc.

attribute set of (submodule)
{ }
{ example-configuration-file =
    { source = "/nix/store/.../etc/dir/file.conf.example";
      mode = "0440";
    };
  "default/useradd".text = "GROUP=100 ...";
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

Whether this /etc file should be generated. This option allows specific /etc files to be disabled.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

GID of created file. Only takes effect when the file is copied (that is, the mode is not ‘symlink’).

signed integer
0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

Group name of created file. Only takes effect when the file is copied (that is, the mode is not ‘symlink’ ). Changing this option takes precedence over gid.

string
"+0"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

If set to something else than ‘symlink’, the file is copied instead of symlinked, with the given file mode.

string
"symlink"
"0600"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

Path of the source file.

absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

Name of symlink (relative to /etc). Defaults to the attribute name.

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

Text of the file.

null or strings concatenated with 0
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

UID of created file. Only takes effect when the file is copied (that is, the mode is not ‘symlink’ ).

signed integer
0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

User name of created file. Only takes effect when the file is copied (that is, the mode is not ‘symlink’). Changing this option takes precedence over uid.

string
"+0"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/etc/options.nix

List of package outputs to install. If not specified then only the default outputs are installed and outputs such as "doc" or "man" are not.

list of string
[ ]
[
  "man"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/path

Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at the out environment variable.

strings concatenated with 0
""
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/path

List of directories to symlink into /lib.

list of absolute path
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/links.nix

Composite package produced by buildEnv.

read-only absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/path

List of directories to be symlinked in /run/current-system/sw.

list of string
[ ]
[
  "/"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/path

List of packages to register in /etc/shells.

list of (package or absolute path)
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/shells

List of packages available in the standard system environment.

list of package
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/environment/path

The file systems to be mounted. It must include an entry for the root directory ( ‘mountPoint = /’ ). Each entry in the list is an attribute set with the following fields: mountPoint, device, fsType (a file system type recognised by mount; defaults to auto,) and options (the mount options passed to mount using the -o flag; defaults to ‘[ defaults ]’).

Instead of specifying device, you can also specify a volume label ( label) for file systems that support it, such as ext2/ext3 (see mke2fs(8) ).

attribute set of (submodule)
{ }
{
  "/".device = "/dev/hda1";
  "/data" = {
    device = "/dev/hda2";
    fsType = "ext3";
    options = [ "data=journal" ];
  };
  "/bigdisk".label = "bigdisk";
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/overlayfs.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

List of paths that should be mounted before this one. This filesystem's device and mountPoint are always checked and do not need to be included explicitly. If a path is added to this list, any other filesystem whose mount point is a parent of the path will be mounted before this filesystem. The paths do not need to actually be the mountPoint of some other filesystem.

list of string (with check: non-empty without trailing slash)
[ ]
[
  "/persist"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

Location of the device.

null or non-empty string
null
"/dev/sda"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

Type of the file system.

non-empty string
"auto"
"ext3"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

Label of the device (if any).

null or non-empty string
null
"root-partition"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

Location of the mounted file system.

string (with check: non-empty without trailing slash)
"/mnt/usb"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

Whether this file-system must be mounted before entering stage 2 of booting.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

Disable running fsck on this filesystem.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

Options used to mount the file system.

non-empty (list of non-empty string)
[
  "defaults"
]
[
  "data=journal"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/options.nix

The list of path(s) to the lowerdir(s).

To create a writable overlay, you MUST provide a upperdir and a workdir.

You can create a read-only overlay when you provide multiple (at least 2!) lowerdirs and neither an upperdir nor a workdir.

null or (non-empty (list of (string or path in the Nix store)))
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/overlayfs.nix

The path to the upperdir.

If this is null, a read-only overlay is created using the lowerdir.

If the filesystem is neededForBoot, this will be prefixed with /sysroot, unless useStage1BaseDirectories is set to ‘true’.

If you set this to some value you MUST also set workdir.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/overlayfs.nix

If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot.

Disabling this can be useful to create an overlay over directories which aren't on the real root.

Disabling this does not work with the scripted (i.e. non-systemd) initrd.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/overlayfs.nix

The path to the workdir.

If the filesystem is neededForBoot, this will be prefixed with /sysroot, unless useStage1BaseDirectories is set to ‘true’.

This MUST be set if you set upperdir.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/filesystems/overlayfs.nix

Enable a basic set of fonts providing several styles and families and reasonable coverage of Unicode.

boolean
false
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/fonts/packages.nix

Allow bitmap fonts. Set to ‘false’ to ban all bitmap fonts.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Allow Type-1 fonts. Default is ‘false’ because of poor rendering.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Enable font antialiasing. At high resolution (> 200 DPI), antialiasing has no visible effect; users of such displays may want to disable this option.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Generate system fonts cache for 32-bit applications.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

System-wide default emoji font(s). Multiple fonts may be listed in case a font does not support all emoji.

Note that fontconfig matches color emoji fonts preferentially, so if you want to use a black and white font while having a color font installed (eg. Noto Color Emoji installed alongside Noto Emoji), fontconfig will still choose the color font even when it is later in the list.

list of string
[
  "Noto Color Emoji"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

System-wide default monospace font(s). Multiple fonts may be listed in case multiple languages must be supported.

list of string
[
  "DejaVu Sans Mono"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

System-wide default sans serif font(s). Multiple fonts may be listed in case multiple languages must be supported.

list of string
[
  "DejaVu Sans"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

System-wide default serif font(s). Multiple fonts may be listed in case multiple languages must be supported.

list of string
[
  "DejaVu Serif"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

If enabled, a Fontconfig configuration file will be built pointing to a set of default fonts. If you don't care about running X11 applications or any other program that uses Fontconfig, you can leave this option off and prevent a dependency on all those fonts.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Enable the autohinter in place of the default interpreter. The results are usually lower quality than correctly-hinted fonts, but better than unhinted fonts.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Enable font hinting. Hinting aligns glyphs to pixel boundaries to improve rendering sharpness at low resolution. At high resolution (> 200 dpi) hinting will do nothing (at best); users of such displays may want to disable this option.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Hintstyle is the amount of font reshaping done to line up to the grid.

slight will make the font more fuzzy to line up to the grid but will be better in retaining font shape, while full will be a crisp font that aligns well to the pixel grid but will lose a greater amount of font shape.

one of none, slight, medium, full
"slight"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Include the user configuration from ~/.config/fontconfig/fonts.conf or ~/.config/fontconfig/conf.d.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

System-wide customization file contents, has higher priority than defaultFonts settings.

strings concatenated with 0
""
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

FreeType LCD filter. At high resolution (> 200 DPI), LCD filtering has no visible effect; users of such displays may want to select none.

one of none, default, light, legacy
"default"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Subpixel order. The overwhelming majority of displays are rgb in their normal orientation. Select vrgb for mounting such a display 90 degrees clockwise from its normal orientation or vbgr for mounting 90 degrees counter-clockwise. Select bgr in the unlikely event of mounting 180 degrees from the normal orientation. Reverse these directions in the improbable event that the display's native subpixel order is bgr.

one of rgb, bgr, vrgb, vbgr, none
"none"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

Use embedded bitmaps in fonts like Calibri.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/fonts/fontconfig.nix

List of primary font packages.

list of absolute path
[ ]
[ pkgs.dejavu_fonts ]
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/fonts/packages.nix

Binary keymap file. If unset then this is generated from the hardware.console.keyMap option.

absolute path
"Binary form of hardware.console.keyMap."
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/console.nix

Whether to configure the console at boot.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/console.nix

The keyboard mapping table for the virtual consoles. This option may have no effect if hardware.console.binaryKeyMap is set.

string or absolute path
"defkeymap"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/console.nix

Turn VESA screen blanking on or off.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/console.nix

List of packages containing firmware files. Such files will be loaded automatically if the kernel asks for them (i.e., when it has detected specific hardware that requires firmware to function). If multiple packages contain firmware files with the same name, the first package in the list takes precedence. Note that you must rebuild your system if you add files to any of these directories.

list of package
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware

Whether to enable hardware accelerated graphics drivers.

This is required to allow most graphical applications and environments to use hardware rendering, video encode/decode acceleration, etc.

This option should be enabled by default by the corresponding modules, so you do not usually have to set it yourself.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/graphics.nix

On 64-bit systems, whether to also install 32-bit drivers for 32-bit applications (such as Wine).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/graphics.nix

Additional packages to add to the default graphics driver lookup path. This can be used to add OpenCL drivers, VA-API/VDPAU drivers, etc.

intel-media-driver supports hardware Broadwell (2014) or newer. Older hardware should use the mostly unmaintained intel-vaapi-driver driver.
list of package
[ ]
with pkgs; [ intel-media-driver intel-ocl intel-vaapi-driver ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/graphics.nix

Additional packages to add to 32-bit graphics driver lookup path on 64-bit systems. Used when enable32Bit is set. This can be used to add OpenCL drivers, VA-API/VDPAU drivers, etc.

intel-media-driver supports hardware Broadwell (2014) or newer. Older hardware should use the mostly unmaintained intel-vaapi-driver driver.
list of package
[ ]
with pkgs.pkgsi686Linux; [ intel-media-driver intel-vaapi-driver ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/graphics.nix

Whether to enable support for i2c devices. Access to these devices is granted to users in the hardware.i2c.group group.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/i2c.nix

Group to own the /dev/i2c-* devices.

If you want non-root users to be able to access these i2c devices, add them to this group.
If left as the default value this group will automatically be created on system activation, otherwise you are responsible for ensuring the group exists before system activation has completed.
string
"i2c"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/hardware/i2c.nix

The default locale. It determines the language for program messages, the format for dates and times, sort order, and so on. It also determines the character set, such as UTF-8.

string
"C.UTF-8"
"en_IE.UTF-8"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/i18n

A set of additional system-wide locale settings other than LANG which can be configured with i18n.defaultLocale.

attribute set of string
{ }
{
  LC_MESSAGES = "en_IE/UTF-8";
  LC_NUMERIC = "kn_IN/UTF-8";
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/i18n

Customized pkg.glibcLocales package. Changing this option can disable handling of i18n.defaultLocale and supportedLocale.

absolute path
pkgs.glibcLocales.override {
  allLocales = lib.any (x: x == "all") config.i18n.supportedLocales;
  locales = config.i18n.supportedLocales;
}
pkgs.glibcLocales
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/i18n

List of locales that the system should support. The value ‘all’ means that all locales supported by Glibc will be installed. A full list of supported locales can be found at https://sourceware.org/git/?p=glibc.git;a=blob;f=localedata/SUPPORTED.

list of string
lib.unique
  (builtins.map (l: (lib.replaceStrings [ "utf8" "utf-8" "UTF8" ] [ "UTF-8" "UTF-8" "UTF-8" ] l) + "/UTF-8") (
    [
      "C.UTF-8"
      config.i18n.defaultLocale
    ] ++ (lib.attrValues (lib.filterAttrs (n: v: n != "LANGUAGE") config.i18n.extraLocaleSettings))
  ))
[
  "kk_KZ/PT154"
  "kk_KZ.UTF-8/UTF-8"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/i18n

This option allows modules to define helper functions, constants, etc.

attribute set of (attribute set)
{ }
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/misc/lib.nix

List of maintainers of each module. This option should be defined at most once per module.

The option value is not a list of maintainers, but an attribute set that maps module file names to lists of maintainers.

list of (maintainer)
[ ]
[ lib.maintainers.alice lib.maintainers.bob ]
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/modules/generic/meta-maintainers.nix

Primary network domain name for this system.

string
""
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Primary fully qualified domain name for this system.

string
"machine"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

The 32-bit host ID of the machine, formatted as 8 hexadecimal characters.

You should try to make this ID unique among your machines. You can generate a random 32-bit ID using the following commands:

head -c 8 /etc/machine-id
(this derives it from the machine-id that systemd generates) or 
head -c4 /dev/urandom | od -A none -t x4
The primary use case is to ensure when using ZFS that a pool isn't imported accidentally on a wrong machine.
null or string
null
"4e98920d"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Internal host name for this system.

string
"slam"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Locally defined maps of hostnames to IP addresses.

attribute set of list of string
{
  "127.0.0.1" = [ "foo.bar.baz" ];
  "192.168.0.2" = [ "fileserver.local" "nameserver.local" ];
};
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

List of statically configured IPv4 addresses.

list of (submodule)
[ ]
[
  {
    device = "eth0";
    local = "192.0.2.7";
    prefixLength = 24;
  }
  {
    device = "eth1";
    local = "203.0.113.175";
    prefixLength = 32;
  }
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network attachment device.

string
"eth0"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Local address.

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network prefix length.

signed integer
32
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

List of statically configured IPv6 routes.

list of (submodule)
[ ]
[
  {
    device = "eth0";
    prefix = "192.0.2.0";
    prefixLengh = 24;
  }
  {
    device = "eth0";
    gateway = "192.0.2.1";
  }
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network attachment device.

string
"eth0"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network gateway to use as a default route.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Route addressing prefix.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network prefix length.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

List of statically configured IPv6 addresses.

list of (submodule)
[ ]
[
  {
    device = "eth0";
    local = "2001:db8:1::3";
    prefixLength = 64;
  }
  {
    device = "eth1";
    local = "fd12:3456::7";
    prefixLength = 48;
  }
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network attachment device.

string
"eth0"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Local address.

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network prefix length.

signed integer
128
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

List of statically configured IPv6 routes.

list of (submodule)
[ ]
[
  {
    device = "eth0";
    prefix = "2001:db8:1::";
    prefixLengh = 64;
  }
  {
    device = "eth0";
    gateway = "2001:db8:1::1";
  }
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network attachment device.

string
"eth0"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network gateway to use as a default route.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Route addressing prefix.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

Network prefix length.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/networking

The network definitions to automatically connect to when wpa_supplicant is running. If this parameter is left empty wpa_supplicant will use /etc/wpa_supplicant.conf as the configuration file.

attribute set of (submodule)
{ }
{
  # SSID with no spaces or special characters
  # (password will be written to /nix/store!)
  echelon = {

    psk = "abcdefgh";
  };

  # safe version of the above: read PSK from the
  # variable psk_echelon, defined in secretsFile,
  # this won't leak into /nix/store
  echelon = {
    pskRaw = "ext:psk_echelon";
  };

  # SSID with spaces and/or special characters
  # (password will be written to /nix/store!)        };
  "echelon's AP" = {
    psk = "ijklmnop";
  };

  # Public wireless network
  "free.wifi" = { };
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Use this option to configure advanced authentication methods like EAP. See wpa_supplicant.conf(5) for example configurations.

Be aware that this will be written to the Nix store in plaintext! Use an external reference like ext:secretname for secrets.
Mutually exclusive with psk and Va pskRaw .
null or string
null
  eap=PEAP
  identity="user@example.com"
  password=ext:example_password
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

The list of authentication protocols accepted by this network. This corresponds to the key_mgmt option in wpa_supplicant.

list of (one of WPA-PSK, WPA-EAP, IEEE8021X, NONE, WPA-NONE, FT-PSK, FT-EAP, FT-EAP-SHA384, WPA-PSK-SHA256, WPA-EAP-SHA256, SAE, FT-SAE, WPA-EAP-SUITE-B, WPA-EAP-SUITE-B-192, OSEN, FILS-SHA256, FILS-SHA384, FT-FILS-SHA256, FT-FILS-SHA384, OWE, DPP)
[
  "WPA-PSK"
  "WPA-EAP"
  "SAE"
  "FT-PSK"
  "FT-EAP"
  "FT-SAE"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Extra configuration lines appended to the network block. See wpa_supplicant.conf(5) for available options.

string
""
  bssid_blacklist=02:11:22:33:44:55 02:22:aa:44:55:66
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Set this to ‘true’ if the SSID of the network is hidden.

boolean
false
{ echelon = {
    hidden = true;
    psk = "abcdefgh";
  };
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

By default, all networks will get same priority group (0). If some of the networks are more desirable, this field can be used to change the order in which wpa_supplicant goes through the networks when selecting a BSS. The priority groups will be iterated in decreasing priority (i.e., the larger the priority value, the sooner the network is matched against the scan results). Within each priority group, networks will be selected based on security policy, signal strength, etc.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

The network's pre-shared key in plaintext defaulting to being a network without any authentication.

Be aware that this will be written to the Nix store in plaintext! Use pskRaw with an external reference to keep it safe.
Mutually exclusive with pskRaw.
null or string matching the pattern [[:print:]]{8,63}
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Either the raw pre-shared key in hexadecimal format or the name of the secret (as defined inside the secretsFile and prefixed with Dq ext: ) containing the network pre-shared key.

Be aware that this will be written to the Nix store in plaintext! Always use an external reference.
The external secret can be either the plaintext passphrase or the raw pre-shared key.
Mutually exclusive with psk and auth.
null or string matching the pattern ([[:xdigit:]]{64})|(ext:[^=]+)
null
"ext:name_of_the_secret_here"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

evaluation of Nixpkgs; the top level attribute set of packages
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/nixpkgs

Whether to enable [bash](https://www.gnu.org/software/bash/).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/bash

The package to use for `bash`.

package
pkgs.bashInteractive
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/bash

Whether to enable [brightnessctl](https://github.com/Hummer12007/brightnessctl).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/brightnessctl

The package to use for `brightnessctl`.

package
pkgs.brightnessctl.override {
  logindSupport = config.services.elogind.enable;
  udevSupport = config.services.udev.enable;

  systemdLibs = config.services.elogind.package;
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/brightnessctl

Whether to enable [doas](https://github.com/Duncaen/OpenDoas).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/doas

The package to use for `doas`.

package
pkgs.doas
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/doas

Whether to enable [fish](https://fishshell.com/).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/fish

The package to use for `fish`.

package
pkgs.fish
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/fish

Whether to enable [gnome-keyring](https://gitlab.gnome.org/GNOME/gnome-keyring).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/gnome-keyring

Whether to enable GRUB2 bootloader.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/grub

Whether to enable [hyprland](https://github.com/hyprwm/Hyprland).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/hyprland

The package to use for `hyprland`.

package
pkgs.hyprland
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/hyprland

Whether to enable [hyprlock](https://github.com/hyprwm/hyprlock).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/hyprlock

The package to use for `hyprlock`.

package
pkgs.hyprlock
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/hyprlock

Whether to enable [labwc](https://github.com/labwc/labwc).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/labwc

The package to use for `labwc`.

package
pkgs.labwc
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/labwc

A set of files to be copied to {file}`/boot`. Each attribute name denotes the destination file name in {file}`/boot`, while the corresponding attribute value specifies the source file.

attribute set of absolute path
{ }
{ "efi/memtest86/memtest86.efi" = "${pkgs.memtest86-efi}/BOOTX64.efi"; }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Device to install the BIOS version of limine on.

string
"nodev"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Whether or not to install limine for BIOS.

boolean
!config.programs.limine.efiSupport && pkgs.stdenv.hostPlatform.isx86
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Whether to enable debug logging.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Whether or not to install the limine EFI files as removable.

boolean
!config.boot.loader.efi.canTouchEfiVariables
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Whether or not to install the limine EFI files.

boolean
pkgs.stdenv.hostPlatform.isEfi
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Whether to enable [limine](https://limine-bootloader.org/) as the system bootloader.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Whether or not to enroll the config. Only works on EFI!

boolean
programs.limine.settings.hash_mismatch_panic
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

A string which is appended to the end of limine.conf. The config format can be found [here](https://codeberg.org/Limine/Limine/src/branch/v10.x/CONFIG.md).

strings concatenated with 0
""
/memtest86
  protocol: chainload
  path: boot():///efi/memtest86/memtest86.efi
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Force installation even if the safety checks fail, use absolutely only if necessary!

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Maximum number of latest generations in the boot menu. Useful to prevent boot partition of running out of disk space. `null` means no limit i.e. all generations that were not garbage collected yet.

null or signed integer
null
50
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

The package to use for `limine`.

package
pkgs.limine
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

The 1-based index of the dedicated partition for limine's second stage.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

`limine` configuration. See [upstream documentation](https://codeberg.org/Limine/Limine/src/branch/v10.x/CONFIG.md) for additional details.

open submodule of attribute set of (atom (null, bool, int, float or string))
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

If set to `false`, the editor will not be accessible.

::: {.note} It is recommended to set this to `false`, as it allows gaining `root` access by passing `init=/bin/sh` as a kernel parameter. :::

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

If set to `false`, do not panic if there is a hash mismatch for a file, but print a warning instead.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Specifies the timeout in seconds before the first _entry_ is automatically booted. If set to `"no"`, disable automatic boot. If set to `0`, boots default entry instantly.

signed integer or value no (singular enum)
5
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

A list of wallpapers. If more than one is specified, a random one will be selected at boot.

list of absolute path
[ ]
[ pkgs.nixos-artwork.wallpapers.simple-dark-gray-bootloader.gnomeFilePath ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

The style which will be used to display the wallpaper image.

one of centered, streched, tiled
"streched"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Whether to validate file checksums before booting.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine

Whether to enable [niri](https://github.com/YaLTeR/niri).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/niri

The package to use for `niri`.

package
pkgs.niri
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/niri

Whether to enable [openresolv](https://roy.marples.name/projects/openresolv).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/openresolv

The package to use for `openresolv`.

package
pkgs.openresolv
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/openresolv

openresolv configuration. See resolvconf.conf(5) for additional details.

attribute set of (atom (null, bool, int, float or string) or a non-empty list of them)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/openresolv

Environment variables to pass to `cage`. See [upstream documentation](https://github.com/cage-kiosk/cage/blob/master/cage.1.scd#environment) for additional details.

attribute set of string
{ }
{
  XKB_DEFAULT_LAYOUT = "us";
  XKB_DEFAULT_VARIANT = "dvorak";
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/regreet

Additional arguments to pass to `cage`. See [upstream documentation](https://github.com/cage-kiosk/cage/blob/master/cage.1.scd#options) for additional details.

list of string
[
  "-s"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/regreet

The package to use for `cage`.

package
pkgs.cage
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/regreet

Whether to enable debug logging.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/regreet

Whether to enable [regreet](https://github.com/rharish101/ReGreet).

::: {.note} `regreet` will be run using [cage](https://www.hjdskes.nl/projects/cage/) as a compositor and can be configured using the `programs.regreet.compositor.*` options. :::

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/regreet

The package to use for `regreet`.

package
pkgs.regreet
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/regreet

`regreet` configuration. See [upstream documentation](https://github.com/rharish101/ReGreet/blob/main/regreet.sample.toml) for additional details.

TOML value
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/regreet

Whether to enable [seahorse](https://gitlab.gnome.org/GNOME/seahorse).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/seahorse

Whether to enable [shadow](https://github.com/shadow-maint/shadow).

::: {.warning} The `shadow` authentication suite provides critical programs such as `su`, `login`, `passwd`. :::

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

The package to use for `shadow`.

package
pkgs.shadow
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

shadow configuration. See login.defs(5) for additional details.

open submodule of attribute set of (atom (null, bool, int, float or string))
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Indicate if login is allowed if we can't cd to the home directory.

one of yes, no
"yes"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

This defines the system default encryption algorithm for encrypting passwords.

one of YESCRYPT, SHA512, SHA256, MD5, DES
"YESCRYPT"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Range of group IDs used for the creation of regular groups by useradd, groupadd, or newusers.

signed integer
29999
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Range of group IDs used for the creation of regular groups by useradd, groupadd, or newusers.

signed integer
1000
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Range of group IDs used for the creation of system groups by useradd, groupadd, or newusers

signed integer
999
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Range of group IDs used for the creation of system groups by useradd, groupadd, or newusers

signed integer
400
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Range of user IDs used for the creation of system users by useradd or newusers.

signed integer
999
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Range of user IDs used for the creation of system users by useradd or newusers.

signed integer
400
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

The terminal permissions: the login tty will be owned by the TTYGROUP group, and the permissions will be set to TTYPERM.

string
"tty"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

The terminal permissions: the login tty will be owned by the TTYGROUP group, and the permissions will be set to TTYPERM.

string
"0620"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Range of user IDs used for the creation of regular users by useradd or newusers.

signed integer
29999
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Range of user IDs used for the creation of regular users by useradd or newusers.

signed integer
1000
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

The file mode creation mask is initialized to this value.

string
"077"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/shadow

Whether to enable [sudo](https://www.sudo.ws/).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/sudo

The package to use for `sudo`.

package
pkgs.sudo
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/sudo

Whether to enable [sway](https://swaywm.org).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/sway

The package to use for `sway`.

package
pkgs.sway
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/sway

Whether to enable [virtualbox](https://www.virtualbox.org/).

::: {.note} In order to pass USB devices from the host to guests, a user needs to be added to the `vboxusers` group. :::

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/virtualbox

The package to use for `virtualbox`.

package
pkgs.virtualbox
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/virtualbox

Whether to enable [zzz](https://github.com/jirutka/zzz).

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/zzz

The package to use for `zzz`.

package
<derivation zzz-0.2.0>
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/zzz

The selected module which should implement functionality for the providers.bootloader contract.

one of limine, none
"none"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/limine/providers.bootloader.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/bootloader

The full path to a program of your choosing which performs the bootloader installation process.

The program will be called with an argument pointing to the output of the system's toplevel.

absolute path
pkgs.writeShellScript "no-bootloader" ''
  echo 'Warning: do not know how to make this configuration bootable; please enable a boot loader.' 1>&2
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/bootloader

The selected module which should implement functionality for the providers.privileges contract.

one of sudo, doas, none
"none"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/sudo/providers.privileges.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/doas/providers.privileges.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

The command to be used by modules requiring privilege escalation.

main program, path or command
"/run/wrappers/bin/sudo"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

A list of rules which provide a way to temporarily elevate the privileges of a command for a given user or group.

list of (submodule)
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

Arguments that must be provided to the command. When empty, the command must be run without any arguments.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

The command the user or group members are allowed to run.

::: {.note} It is best practice to specify absolute paths. :::

main program, path or command
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

The groups that are able to run this command.

list of non-empty string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

Whether the user is required to enter a password.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

The user the command is allowed to run as, or `"*"` for allowing the command to run as any user.

non-empty string
"root"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

The users that are able to run this command.

list of non-empty string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/privileges

The selected module which should implement functionality for the providers.resumeAndSuspend contract.

one of zzz, none
"none"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/programs/zzz/providers.resume-and-suspend.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/resume-and-suspend

A set of hooks which are to be run on system _suspend_ or _resume_.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/resume-and-suspend

Shell commands to execute when the `event` is triggered.

strings concatenated with 0
""
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/resume-and-suspend

Whether this hook should be executed on the given `event`.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/resume-and-suspend

The event type.

one of suspend, resume
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/resume-and-suspend

Order of this hook in relation to the others. The semantics are the same as with `lib.mkOrder`. Smaller values are inserted first.

integer between 0 and 9999 (both inclusive)
1000
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/resume-and-suspend

The selected module which should implement functionality for the providers.scheduler contract.

one of fcron, none, cron, anacron
"none"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron/providers.scheduler.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/scheduler https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron/providers.scheduler.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron/providers.scheduler.nix

Whether the selected providers.scheduler implementation supports running tasks as a specified user.

boolean
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/scheduler

A set of tasks which are to be run at specified intervals.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/scheduler

The command this task should execute at specified interval s.

main program, path or command
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/scheduler

The interval at which this task should run its specified command. Accepts either a standard crontab(5) expression or one of: or

If a standard crontab(5) expression is provided this value will be passed directly to the scheduler implementation and execute exactly as specified.

If one of the special values or is provided then the underlying scheduler implementation will use its features to decide when best to run.

string
"15 * * * *"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/scheduler

The user this task should run as, subject to provider.scheduler implementation capabilities. See providers.scheduler.supportedFeatures and your selected backend implementation for additional details.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/providers/scheduler

Whether to enable debugging.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

Whether to enable Pluggable Authentication Modules.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

Set of rules for pam_env.

attribute set of (submodule)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

Default value of environment variable.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

Value to overidde environment variable with.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

PAM impleementation package.

package
"linux-pam"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

PAM service descriptions.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

Whether to enable Pluggable Authentication Module.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

Name of this module.

string
"‹name›"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

Authentication rules for this module.

attribute set of ((submodule) or string convertible to it)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

List of rules that must precede this one.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

PAM control flag, module and arguments

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/pam

(Read-only) the path to the final bundle of certificate authorities as a single file.

read-only absolute path
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/security/ca.nix

A list of blacklisted CA certificate names that won't be imported from the Mozilla Trust Store into {file}`/etc/ssl/certs/ca-certificates.crt`. Use the names from that file.

list of string
[ ]
[
  "WoSign"
  "WoSign China"
  "CA WoSign ECC Root"
  "Certification Authority of WoSign G2"
]
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/security/ca.nix

A list of files containing trusted root certificates in PEM format. These are concatenated to form {file}`/etc/ssl/certs/ca-certificates.crt`, which is used by many programs that use OpenSSL, such as {command}`curl` and {command}`git`.

list of absolute path
[ ]
[ "${pkgs.dn42-cacert}/etc/ssl/certs/dn42-ca.crt" ]
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/security/ca.nix

A list of trusted root certificates in PEM format.

list of string
[ ]
[ ''
    NixOS.org
    =========
    -----BEGIN CERTIFICATE-----
    MIIGUDCCBTigAwIBAgIDD8KWMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ
    TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
    ...
    -----END CERTIFICATE-----
  ''
]
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/security/ca.nix

Whether to enable usage of a compatibility bundle.

Such a bundle consists exclusively of `BEGIN CERTIFICATE` and no `BEGIN TRUSTED CERTIFICATE`, which is an OpenSSL specific PEM format.

It is known to be incompatible with certain software stacks.

Nevertheless, enabling this will strip all additional trust rules provided by the certificates themselves. This can have security consequences depending on your usecases

boolean
false
true
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/security/ca.nix

Size limit for the /run/wrappers tmpfs. Look at mount(8), tmpfs size option, for the accepted syntax. Do not set to less than 64MB.

string
"50%"
"10G"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

This option effectively allows adding setuid/setgid bits, capabilities, changing file ownership and permissions of a program without directly modifying it. This works by creating a wrapper program under the security.wrapperDir directory, which is then added to the shell PATH.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

A comma-separated list of capability clauses to be given to the wrapper program. The format for capability clauses is described in the “TEXTUAL REPRESENTATION” section of the cap_from_text(3) manual page. For a list of capabilities supported by the system, check the capabilities(7) manual page.

cap_setpcap, which is required for the wrapper program to be able to raise caps into the Ambient set is NOT raised to the Ambient set so that the real program cannot modify its own capabilities!! This may be too restrictive for cases in which the real program needs cap_setpcap but it at least leans on the side security paranoid vs. too relaxed.

strings concatenated with,
""
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

The group of the wrapper program.

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

The owner of the wrapper program.

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

The permissions of the wrapper program. The format is that of a symbolic or numeric file mode understood by chmod.

file mode string
"u+rx,g+x,o+x"
"a+rx"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

The name of the wrapper program. Defaults to the attribute name.

null or string
"‹name›"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

Whether to add the setgid bit the wrapper program.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

Whether to add the setuid bit the wrapper program.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

The absolute path to the program to be wrapped.

absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/security/wrappers

Whether to enable .Lk https://sourceforge.net/projects/acpid2/ acpid as a system service.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/acpid

acpid handlers.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/acpid

Shell commands to execute when the event is triggered.

strings concatenated with 0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/acpid

Event type.

string
"button/power.*" "button/lid.*" "ac_adapter.*" "button/mute.*" "button/volumedown.*" "cd/play.*" "cd/next.*"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/acpid

Whether to enable .Lk https://github.com/cronie-crond/cronie anacron as a system service. The cron module will also be imported and services.cron.enable set to true

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

Additional arguments to pass to anacron. See anacron(8) for additional details.

list of string
[ ]
[
  "-s"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

The cronie package to use.

package
pkgs.cronie
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

anacrontab configuration. See anacrontab(5) for additional details.

open submodule of attribute set of string
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

If defined (and non-empty), the standard output and error descriptors of job processes are not redirected and e-mailed.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

Preferred hour of start of the job. If the hour is missed job will be skipped.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

Allows delaying job startups by random amount of minutes with upper limit specified by this value. The random scaling factor is determined during the cron daemon startup so it remains constant for the whole run time of the daemon.

The maximum number of minutes that will be added to the delay in minutes variable which is specified for each job. A RANDOM_DELAY set to 12 would therefore add, randomly, between 0 and 12 minutes to the delay in minutes for each job in that particular anacrontab. When set to 0, no random delay is added.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

An interval (in hours) when scheduled jobs can be run. In case this time interval is missed, for example, due to a power down, then scheduled jobs are not executed that day.

null or string matching the pattern ^([[:digit:]]+)-([[:digit:]]+)$
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

A list of anacron jobs to be appended to the system-wide anacrontab.

list of non-empty string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/anacron

Users allowed to use at. See at.allow(5) for additional details.

null or (list of string)
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/atd

Users who are not allowed to use ‘at’. See at.deny(5) for additional details.

null or (list of string)
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/atd

Whether to enable .Lk https://tracker.debian.org/pkg/at atd as a system service.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/atd

Additional arguments to pass to atd. See atd(8) for additional details.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/atd

Whether to enable debug logging.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/bluetooth

Whether to enable .Lk https://www.bluez.org/ bluez as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/bluetooth

The bluez package to use.

package
pkgs.bluez
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/bluetooth

bluez configuration. See upstream documentation for additional details.

attribute set of section of an INI file (attrs of INI atom (null, bool, int, float or string))
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/bluetooth

Path to a Chrony configuration file.

absolute path
<derivation chrony.conf>
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/chronyd

Whether to enable chrony as a system service.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/chronyd

The package to use for chrony.

package
pkgs.chrony
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/chronyd

Whether to enable .Lk https://github.com/cronie-crond/cronie cronie as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

Additional arguments to pass to cron. See cron(8) for additional details.

list of string
[ ]
[
  "-s"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

The package to use for cron.

package
pkgs.cronie
pkgs.cron.override {
  sendmailPath = "/run/wrappers/bin/sendmail";
};
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

crontab configuration. See crontab(5) for additional details.

open submodule of attribute set of string
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

The encoding for email notifications. This is useful for properly displaying special characters or when sending emails in a format other than plain text.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

The MIME type and character encoding for the output of a cron job when it is sent via email. This allows the mail client to properly display the output, especially if it contains rich text or is not plain ASCII.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

The time zone specific for the cron table. The user should enter a time according to the specified time zone into the table. The time used for writing into a log file is taken from the local time zone, where the daemon is running.

null or string
null
config.time.timeZone
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

If MAILFROM is defined (and non-empty), it is used as the envelope sender address, otherwise, the username of the executing user is used. This variable is also inherited from the cron process environment. Both MAILFROM and MAILTO variables are expanded, so setting them as in the following example works as expected:

MAILFROM=cron-$USER@cron.com

USER is replaced by the system user.

null or non-empty string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

If MAILTO is defined (and non-empty), mail is sent to the specified address. If MAILTO is defined but empty (‘MAILTO = ’), no mail is sent. Otherwise, mail is sent to the owner of the crontab.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

Packages added to the cron PATH environment variable.

list of (absolute path or package)
[
  /run/wrappers
  pkgs.busybox
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

Allows delaying job startups by random amount of minutes with upper limit specified by this value. The random scaling factor is determined during the cron daemon startup so it remains constant for the whole run time of the daemon.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

The shell used to execute commands.

absolute path
lib.getExe pkgs.bash
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

A list of cron jobs to be appended to the system-wide crontab.

list of non-empty string
[ ]
[ "* * * * *  test   ls -l / > /tmp/cronout 2>&1"
  "* * * * *  eelco  echo Hello World > /home/eelco/cronout"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/cron

Whether to enable debug logging.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dbus

Whether to enable .Lk https://www.freedesktop.org/wiki/Software/dbus/ dbus as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dbus

The package to use for dbus.

package
pkgs.dbus
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dbus

Packages whose D-Bus configuration files should be included in the configuration of the D-Bus system-wide or session-wide message bus. Specifically, files in the following directories will be included into their respective DBus configuration paths: {file}`«pkg»/etc/dbus-1/system.d` {file}`«pkg»/share/dbus-1/system.d` {file}`«pkg»/share/dbus-1/system-services` {file}`«pkg»/etc/dbus-1/session.d` {file}`«pkg»/share/dbus-1/session.d` {file}`«pkg»/share/dbus-1/services`

list of absolute path
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dbus

Whether to enable .Lk https://github.com/ddccontrol/ddccontrol ddccontrol as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/ddccontrol

The ddcontrol package to use.

package
pkgs.ddcontrol
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/ddccontrol

Path to dhcpcd configuration file.

absolute path
"Generated configuration file."
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dhcpcd

Whether to enable dhcpcd as a system service.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dhcpcd

The package to use for dhcpcd.

package
pkgs.dhcpcd.override {
  withUdev = config.services.udev.enable;
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dhcpcd

Free-form settings to generate a dhcpcd configuration file from.

open submodule of attribute set of (atom (null, bool, int, float or string) or a non-empty list of them)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dhcpcd

Disable printing of kernel messages to the console and enable dmesg running as a dedicated service.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dmesg

List of command-line options to pass to the dmesg service.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/dmesg

Whether to enable debug logging.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/earlyoom

Whether to enable [earlyoom](https://github.com/rfjakob/earlyoom) as a system service.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/earlyoom

Additional arguments to pass to earlyoom. See earlyoom(1) for additional details.

list of string
[ ]
[
  "-r"
  "3600"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/earlyoom

The package to use for `earlyoom`.

package
pkgs.earlyoom
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/earlyoom

Whether to enable .Lk https://github.com/elogind/elogind elogind as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/elogind

The package to use for elogind.

package
pkgs.elogind
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/elogind

Users allowed to use fcrontab and fcrondyn. The special name ‘all’ acts for everyone.

list of string
[
  "all"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

Whether to enable debug logging.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

Users who are not allowed to use fcrontab and fcrondyn. The special name ‘all’ acts for everyone.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

Whether to enable .Lk http://fcron.free.fr) fcron as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

Additional arguments to pass to fcron. See fcron(8) for additional details.

list of string
[ ]
[
  "--maxserial"
  "5"
  "--firstsleep"
  "60"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

The fcron package to use.

package
pkgs.fcron
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

fcron configuration. See fcron.conf(5) for additional details.

open submodule of attribute set of (atom (null, bool, int, float or string))
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

Location of mailer program called by fcron to send job output.

absolute path
"/run/wrappers/bin/sendmail"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

Location of default shell called by fcron when running a job. When fcron` runs a job, fcron uses the value of SHELL from the fcrontab if any, otherwise it uses the value from fcron.conf if any, or in last resort the value from /etc/passwd.

absolute path
lib.getExe pkgs.bash
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

A list of cron jobs to be appended to the system-wide fcrontab(5).

list of non-empty string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fcron

Whether to enable .Lk https://fprint.freedesktop.org/ fprintd as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fprintd

The package to use for fprintd.

package
pkgs.fprintd
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fprintd

Whether to enable periodic fstrim(8) task

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fstrim

The interval at which this task should run its specified command. Accepts either a standard crontab(5) expression or one of: or

If a standard crontab(5) expression is provided this value will be passed directly to the scheduler implementation and execute exactly as specified.

If one of the special values or is provided then the underlying scheduler implementation will use its features to decide when best to run.

string
"weekly"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fstrim

Whether to enable debug logging.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fwupd

Whether to enable .Lk https://fwupd.org/) fwupd as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fwupd

The fwupd package to use.

package
pkgs.fwupd
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fwupd

fwupd configuration. See fwupd.conf(5) for additional details.

open submodule of attribute set of section of an INI file (attrs of INI atom (null, bool, int, float or string) or a non-empty list of them)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fwupd

Idle timeout.

signed integer
0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/fwupd

Whether to enable getty services.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/getty

The list of tty devices on which to start a login prompt.

list of string
[
  "tty1"
  "tty2"
  "tty3"
  "tty4"
  "tty5"
  "tty6"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/getty

Whether to enable greetd as a system service.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/greetd

greetd configuration. See greetd(5) for additional details.

TOML value
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/greetd

Whether to enable debug logging.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/incus

Whether to enable .Lk https://linuxcontainers.org/incus incus as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/incus

The incus-lts package to use.

package
pkgs.incus-lts
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/incus

Whether to enable .Lk https://github.com/coastalwhite/lemurs lemurs as a system service.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/lemurs

The lemurs package to use.

package
pkgs.lemurs
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/lemurs

lemurs configuration. Ses upstream documentation for additional details.

TOML value
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/lemurs

Whether to enable logrotate.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/logrotate

The logrotate package to use.

package
pkgs.logrotate
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/logrotate

Rules for logrotate.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/logrotate

Rule text.

strings concatenated with 0
""
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/logrotate

Mdeved rules for coldplug events during the initramfs stage of booting.

strings concatenated with 0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/mdevd

Whether to enable debug logging.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/mdevd

Whether the mdevd hardware event manager has been enabled by config.boot.hardwareManager.

read-only unspecified value
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/mdevd

Mdevd rules for hotplug events. These rules are active after the initial mdevd daemon has coldbooted with the services.mdevd.coldplug rules.

strings concatenated with 0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/mdevd

After mdevd has handled the uevents, rebroadcast them to the netlink groups identified by the nlgroups mask.

A value that intersects with ‘4’ will make the daemon rebroadcast kernel uevents to libudev-zero.

null or (unsigned integer, meaning >=0)
4
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/mdevd

The mdevd package to use.

package
pkgs.alt.slam.mdevd
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/mdevd

Configuration file for nftables.

absolute path
<derivation nftables.conf>
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nftables

Whether to enable .Lk https://netfilter.org/projects/nftables/ nftables

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nftables

The nftables package to use.

package
pkgs.nftables
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nftables

Whether to enable the Nix daemon as a system service. Disabling Nix makes the system hard to modify and the Nix programs and configuration will not be made available.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

Number of “nixbld” user accounts created to perform secure concurrent builds. If you receive an error message saying that “all build users are currently in use”, you should increase this value.

signed integer
8
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

The package to use for nix.

package
pkgs.nix
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

Configuration for Nix, see https://nixos.org/manual/nix/stable/command-ref/conf-file.html or nix.conf(5) for available options. The value declared here will be translated directly to the key-value pairs Nix expects. You can use ‘nix-instantiate --eval --strict '<nixpkgs/nixos>' -A config.nix.settings’ to view the current value. By default it is empty. Nix configurations defined under nix.* will be translated and applied to this option. In addition, configuration specified in nix.extraOptions will be appended verbatim to the resulting config file.

open submodule of attribute set of (Nix config atom (null, bool, int, float, str, path or package) or list of (Nix config atom (null, bool, int, float, str, path or package)))
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

A list of names of users (separated by whitespace) that are allowed to connect to the Nix daemon. As with nix.settings.trusted-users, you can specify groups by prefixing them with ‘@’. Also, you can allow all users by specifying ‘*’. The default is ‘*’. Note that trusted users are always allowed to connect.

list of string
[
  "*"
]
[
  "@wheel"
  "@builders"
  "alice"
  "bob"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

If set to true, Nix automatically detects files in the store that have identical contents, and replaces them with hard links to a single copy. This saves disk space. If set to false (the default), you can still run nix-store --optimise to get rid of duplicate files.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

This option defines the maximum number of concurrent tasks during one build. It affects, e.g., -j option for make. The special value 0 means that the builder should use all available CPU cores in the system. Some builds may become non-deterministic with this option; use with care! Packages will only be affected if enableParallelBuilding is set for them.

signed integer
0
64
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

This option defines the maximum number of jobs that Nix will try to build in parallel. The default is auto, which means it will use all available logical cores. It is recommend to set it to the total number of logical cores in your system (e.g., 16 for two CPUs with 4 cores each and hyper-threading).

signed integer or value auto (singular enum)
"auto"
64
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

If enabled (the default), Nix will only download binaries from binary caches if they are cryptographically signed with any of the keys listed in nix.settings.trusted-public-keys. If disabled, signatures are neither required nor checked, so it's strongly recommended that you use only trustworthy caches using authenticated transport.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

If set, Nix will perform builds in a sandboxed environment that it will set up automatically for each build. This prevents impurities in builds by disallowing access to dependencies outside of the Nix store by using network and mount namespaces in a chroot environment.

This is enabled by default even though it has a possible performance impact due to the initial setup time of a sandbox for each build. It doesn't affect derivation hashes, so changing this option will not trigger a rebuild of packages.

When set to ‘relaxed’, this option permits derivations that set ‘__noChroot = true;’ to run outside of the sandboxed environment. Exercise caution when using this mode of operation! It is intended to be a quick hack when building with packages that are not easily setup to be built reproducibly.

boolean or value relaxed (singular enum)
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

List of binary cache URLs used to obtain pre-built binaries of Nix packages. No caches are added by default.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

The set of features supported by the machine. Derivations can express dependencies on system features through the requiredSystemFeatures attribute.

list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

List of public keys used to sign binary caches. If nix.settings.trusted-public-keys is enabled then Nix will use a binary from a binary cache if and only if it is signed by of the keys listed here. No keys are added by default.

list of string
[ ]
[
  "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

List of binary cache URLs that non-root users can use (in addition to those specified using nix.settings.substituters by passing ‘--option binary-caches’ to Nix commands.

list of string
[ ]
[
  "https://hydra.nixos.org/"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

A list of names of users that have additional rights when connecting to the Nix daemon, such as the ability to specify additional binary caches, or to import unsigned NARs. You can also specify groups by prefixing them with ‘@’; for instance, ‘@wheel’ means all users in the wheel group.

list of string
[
  "root"
  "alice"
  "@wheel"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/nix-daemon

Whether to enable the OpenSMTPD server.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/opensmtpd

Extra command line arguments provided when the smtpd process is started.

list of string
[ ]
[
  "-v"
  "-P mta"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/opensmtpd

The opensmtpd package to use.

package
pkgs.opensmtpd
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/opensmtpd

Packages to search for filters, tables, queues, and schedulers.

Add packages here if you want to use them as as such, for example from the opensmtpd-table-* packages.

list of package
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/opensmtpd

The contents of the smtpd.conf configuration file. See the OpenSMTPD documentation for syntax information.

strings concatenated with 0
  listen on lo
  accept for any deliver to lmtp localhost:24
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/opensmtpd

Whether to set the system sendmail to OpenSMTPD's.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/opensmtpd

Whether to enable [openssh](https://www.openssh.com/) as a system service.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

The package to use for `openssh`.

package
pkgs.openssh
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

openssh configuration. See sshd_config(5) for additional details.

open submodule of attribute set of (atom (null, bool, int, float or string))
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Specifies which address family should be used by sshd(8).

one of any, inet, inet6
"any"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

The contents of the specified file are sent to the remote user before authentication is allowed. If the argument is `none` then no banner is displayed.

value none (singular enum) or absolute path
"none"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Allowed ciphers

Defaults to recommended settings from both <https://stribika.github.io/2015/01/04/secure-secure-shell.html> and <https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67>

list of string
[
  "chacha20-poly1305@openssh.com"
  "aes256-gcm@openssh.com"
  "aes128-gcm@openssh.com"
  "aes256-ctr"
  "aes192-ctr"
  "aes128-ctr"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

TODO: description

list of absolute path
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Specifies whether keyboard-interactive authentication is allowed.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Allowed key exchange algorithms

Uses the lower bound recommended in both <https://stribika.github.io/2015/01/04/secure-secure-shell.html> and <https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67>

list of string
[
  "sntrup761x25519-sha512@openssh.com"
  "curve25519-sha256"
  "curve25519-sha256@libssh.org"
  "diffie-hellman-group-exchange-sha256"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Gives the verbosity level that is used when logging messages from sshd(8). Logging with a level violates the privacy of users and is not recommended.

one of QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, DEBUG3
"INFO"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Allowed MACs

Defaults to recommended settings from both <https://stribika.github.io/2015/01/04/secure-secure-shell.html> and <https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67>

list of string
[
  "hmac-sha2-512-etm@openssh.com"
  "hmac-sha2-256-etm@openssh.com"
  "umac-128-etm@openssh.com"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Specifies whether password authentication is allowed.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Whether the root user can login using ssh.

one of yes, without-password, prohibit-password, forced-commands-only, no
"prohibit-password"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Specifies the port number that sshd(8) listens on.

list of 16 bit unsigned integer; between 0 and 65535 (both inclusive)
[
  22
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Whether sshd should check file modes and ownership of directories

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Whether to enable PAM authentication.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Whether to enable file transfer sessions using SFTP.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Command with optional arguments to execute upon SFTP requests.

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Optional arguments to pass to the SFTP executable.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/openssh

Specifies which users are considered “administrators”, for those actions that require the user to authenticate as an administrator (i.e. have an `auth_admin` value). By default, this is all users in the `wheel` group.

list of string
[
  "unix-group:wheel"
]
[
  "unix-user:alice"
  "unix-group:admin"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/polkit

Whether to enable debug logging.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/polkit

Whether to enable .Lk https://github.com/polkit-org/polkit polkit as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/polkit

Any polkit rules to be added to config (in JavaScript ;-). See: <https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html#polkit-rules>

strings concatenated with 0
""
  /* Log authorization checks. */
  polkit.addRule(function(action, subject) {
    // Make sure to set { services.polkit.debug = true; } in configuration.nix
    polkit.log("user " +  subject.user + " is attempting action " + action.id + " from PID " + subject.pid);
  });

  /* Allow any local user to do anything (dangerous!). */
  polkit.addRule(function(action, subject) {
    if (subject.local) return "yes";
  });
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/polkit

The polkit package to use.

package
pkgs.polkit
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/polkit

Whether to enable .Lk https://gitlab.freedesktop.org/upower/power-profiles-daemon power-profiles-daemon as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/power-profiles-daemon

The power-profiles-daemon package to use.

package
pkgs.power-profiles-daemon
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/power-profiles-daemon

Whether to enable debug logging.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/rtkit

Whether to enable .Lk https://gitlab.freedesktop.org/pipewire/rtkit rtkit as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/rtkit

The rtkit package to use.

package
pkgs.rtkit
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/rtkit

Whether to enable .Lk https://github.com/sddm/sddm sddm as a system service.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/sddm

Extra settings merged in and overwriting defaults in sddm.conf.

attribute set of section of an INI file (attrs of INI atom (null, bool, int, float or string))
{ }
{
  Autologin = {
    Session = "plasma.desktop";
    User = "john";
  };
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/sddm

Whether to enable debug logging.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/seatd

Whether to enable seatd as a system service.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/seatd

Group to own the seatd socket. If you want non-root users to be able to access the seatd session, add them to this group.

string
"seat"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/seatd

The seatd package to use.

package
pkgs.alt.slam.seatd
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/seatd

Whether to enable the Syndev uevent monitor. The uvent dataspace will be bound to ‘<oid uevents>’.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/syndev

Subscribe to events on the specified netlink group. Mdevd usually subscribes to group 1, so set this to a mask not intersecting with 1, and set services.mdevd.nlgroups to a value that intersects with the nlgroup set here.

unsigned integer, meaning >=0
2
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/syndev

The syndev package to use.

package
pkgs.alt.sam.syndev
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/syndev

Whether to enable tlp as a system service.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/tlp

The package to use for tlp.

package
pkgs.tlp
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/tlp

tlp configuration. See upstream documentation for additional details.

attribute set of (atom (null, bool, int, float or string) or a non-empty list of them)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/tlp

Whether to enable debug logging.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/udev

Whether to enable as a system service.

read-only boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/udev

The package to use for eudev.

package
pkgs.eudev
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/udev

List of packages containing udev rules. All files found in /package/etc/udev/rules.d and /package/lib/udev/rules.d will be included.

list of absolute path
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/udev

Packages added to the PATH environment variable when executing programs from Udev rules. The busybox and util-linux packages are automatically included.

list of absolute path
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/udev

Whether to enable .Lk https://upower.freedesktop.org/ upower as a system service

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/upower

The upower package to use.

package
pkgs.upower
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/upower

upower configuration. See upstream documentation for additional details.

open submodule of attribute set of section of an INI file (attrs of INI atom (null, bool, int, float or string))
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/upower

Whether to allow configuring networks “imperatively” (e.g. via wpa_supplicant_gui) and declaratively via networking.wireless.networks.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Whether to enable the DBus control interface. This is only needed when using NetworkManager or connman.

boolean
length cfg.interfaces < 2
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Force a specific wpa_supplicant driver.

string
"nl80211,wext"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Whether to enable wpa_supplicant.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Extra lines appended to the configuration file. See wpa_supplicant.conf(5) for available options.

string
""
  p2p_disabled=1
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Whether to fall back to WPA2 authentication protocols if WPA3 failed. This allows old wireless cards (that lack recent features required by WPA3) to connect to mixed WPA2/WPA3 access points. To avoid possible downgrade attacks, disable this options.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

The interfaces wpa_supplicant will use. If empty, it will automatically use all wireless interfaces. A separate wpa_supplicant instance will be started for each interface.

list of string
[ ]
[
  "wlan0"
  "wlan1"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

The wpa_supplicant package to use.

package
pkgs.wpa_supplicant
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Whether to periodically scan for (better) networks when the signal of the current one is low. This will make roaming between access points faster, but will consume more power.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

File consisting of lines of the form ‘varname=value’ to define variables for the wireless configuration.

Secrets (PSKs, passwords, etc.) can be provided without adding them to the world-readable Nix store by defining them in the secrets file and referring to them in option networking.wireless.networks with the syntax ext:secretname. Example:

# content of /run/secrets/wireless.conf
psk_home=mypassword
psk_other=6a381cea59c7a2d6b30736ba0e6f397f7564a044bcdb7a327a1d16a1ed91b327
pass_work=myworkpassword

# wireless-related configuration
networking.wireless.secretsFile = "/run/secrets/wireless.conf";
networking.wireless.networks = {
  home.pskRaw = "ext:psk_home";
  other.pskRaw = "ext:psk_other";
  work.auth = ''
    eap=PEAP
    identity="my-user@example.com"
    password=ext:pass_work
  '';
};
null or absolute path
null
"/run/secrets/wireless.conf"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli. This is useful for laptop users that switch networks a lot and don't want to depend on a large package such as NetworkManager just to pick nearby access points.

When using a declarative network specification you cannot persist any settings via wpa_gui or wpa_cli.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

Members of this group can control wpa_supplicant.

string
"wheel"
"network"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/wpa_supplicant

xserver

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

Packages to be added to the module search path of the X server.

list of absolute path
[ ]
[ pkgs.xf86_input_wacom ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

The name of the video driver for your graphics card. This option is obsolete; please set the services.xserver.videoDrivers instead.

null or string
null
"i810"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

The names of the video drivers the configuration supports. They will be tried in order until one that supports your card is found. Don't combine those with "incompatible" OpenGL implementations, e.g. free ones (mesa-based) with proprietary ones.

For unfree "nvidia*", the supported GPU lists are on https://www.nvidia.com/object/unix.html

list of string
[
  "modesetting"
  "fbdev"
]
[
  "nvidia"
  "amdgpu-pro"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

Path used for -xkbdir xserver parameter.

absolute path
"${pkgs.xkeyboard_config}/etc/X11/xkb"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

X keyboard layout, or multiple keyboard layouts separated by commas.

string
"us"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

X keyboard model.

string
"pc104"
"presario"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

X keyboard options; layout switching goes here.

strings concatenated with,
"terminate:ctrl_alt_bksp"
"grp:caps_toggle,grp_led:scroll"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

X keyboard variant.

string
""
"colemak"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/xserver

Whether to enable ZFS autoscrubbing.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

The interval at which this task should run its specified command.

If a standard crontab(5) expression is provided this value will be passed directly to the scheduler implementation and execute exactly as specified.

If one of the special values or is provided then the underlying scheduler implementation will use its features to decide when best to run.

string
"monthly"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

List of ZFS pools to periodically scrub. If empty, all pools will be scrubbed.

list of non-empty string
[ ]
[
  "tank"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

Number of daily auto-snapshots that you wish to keep.

signed integer
7
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

Enable the (OpenSolaris-compatible) ZFS auto-snapshotting service. Note that you must set the com.sun:auto-snapshot property to ‘true’ on all datasets which you wish to auto-snapshot.

You can override a child dataset to use, or not use auto-snapshotting by setting its flag with the given interval: `zfs set com.sun:auto-snapshot:weekly=false DATASET`

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

Flags to pass to the zfs-auto-snapshot command.

Run zfs-auto-snapshot to see available flags.

If it's not too inconvenient for snapshots to have timestamps in UTC, it is suggested that you append `--utc` to the list of default options (see example).

Otherwise, snapshot names can cause name conflicts or apparent time reversals due to daylight savings, timezone or other date/time changes.

string
"-k -p"
"-k -p --utc"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

Number of frequent (15-minute) auto-snapshots that you wish to keep.

signed integer
4
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

Number of hourly auto-snapshots that you wish to keep.

signed integer
24
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

Number of monthly auto-snapshots that you wish to keep.

signed integer
12
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

Number of weekly auto-snapshots that you wish to keep.

signed integer
4
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/services/zfs

Additional configurations to build.

attribute set of (submodule)
{ }
{
  mdevd = {
    services.mdevd.enable = lib.mkForce true;
    services.udev.enable = lib.mkForce false;
  };
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation/specialisation.nix

Whether an activation script is enabled.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

the actual script to run on activation....

read-only absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

Packages available during activation from PATH.

list of package
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

A set of shell script fragments that are executed when a system configuration is activated. Examples are updating (/etc), creating accounts, and so on. Since these are executed every time you boot the system or a configuration transition occurs, it's important that they are idempotent and fast.

attribute set of ((submodule) or string convertible to it)
{ }
{ stdio.text =
  ''
    # Needed by some programs.
    ln -sfn /proc/self/fd /dev/fd
    ln -sfn /proc/self/fd/0 /dev/stdin
    ln -sfn /proc/self/fd/1 /dev/stdout
    ln -sfn /proc/self/fd/2 /dev/stderr
  '';
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

List of dependencies. The script will run after these.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

The content of the script.

strings concatenated with 0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

top-level system derivation

read-only absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

Bootloader install script.

read-only absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/boot/loader.nix

Whether to enable logging to the file-system by default.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/logging.nix

PATH used to boot the system bus.

read-only unspecified value
"The packages s6, execline"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6

Whether s6 is enabled as PID1.

read-only unspecified value
"config.system.serviceManager ==
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6

Whether to enable copy catch-all messages to /dev/console.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/slam.nix

The s6 package to use.

package
pkgs.s6
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6

Directory holding s6-rc live state.

absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Scripts generated for s6-rc.

read-only attribute set of package
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

s6-rc services.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Name of the direct producer of this service.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

List of other s6-rc services that must be started befor this one.

list of string
[
  "mounts"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Unix command-line to be lexed by execlineb. This is the command that brings a service down.

null or strings concatenated with 0
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Attrset of environment variables. These are written to an env directory in the s6-rc service description and can be loaded by ‘s6-envdir env’.

attribute set of string
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Executable file to run after a longrun service has finished.

null or path in the Nix store
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Service identifier local to s6-rc.

read-only unspecified value
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Command-line arguments passed to s6-log before the logging directory. The default arguments prepend logged lines with a TAI64N timestamp. Override args to ‘[]’ if this information would be redundant.

list of string
[
  "t"
  "s1000000"
  "n20"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Directory for log files from this daemon.

absolute path
/var/log/‹name›
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Whether to enable inject a logging wrapper over this daemon.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

When non-null enable s6 readiness notification for this daemon using the specified file-descriptor.

null or signed integer
null
3
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

List of bundles that this service belongs to.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

List of directories to compose into the PATH environmental variable. If env.PATH is set then this value is ignored. Otherwise it will be appended with execline and s6 packages.

list of (string or absolute path or package)
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Name of the whole producer consumer pipline. Declaring this will compile a pipeline bundle with this name.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Name of the direct consumer of this service.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Executable file to run for a longrun service.

path in the Nix store
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Derived service definition directory for this service. For a description of this format see s6-rc-compile(8) or https://skarnet.org/software/s6-rc/s6-rc-compile.html.

read-only package
not available
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

The maximum number of milliseconds s6-rc will wait for successful completion of the service stop; if stopping the service takes longer than this value, s6-rc will declare the transition a failure. If a zero timeout is defined then s6-rc will wait indefinitely for the service to stop.

If s6-rc is the primary system service manager then system.shutdownDeadline defaults to the longest timeout-down defined.

unsigned integer, meaning >=0
0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

The maximum number of milliseconds s6-rc will wait for successful completion of the service start; if starting the service takes longer than this value, s6-rc will declare the transition a failure. If a zero timeout is defined then s6-rc will wait indefinitely for the service to start.

unsigned integer, meaning >=0
0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

s6-rc service type.

one of oneshot, longrun, bundle
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Unix command-line to be lexed by execlineb. This is the command that brings a service up.

strings concatenated with 0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

s6-rc verbosity level.

1
warning and error messages will be printed to stderr.
0
silences warnings.
2
writes information messages whenever s6-rc performs a transition.
3
or more is debug info.
signed integer
1
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6/rc.nix

Directory to be scanned by s6-svscan.

absolute path not in the Nix store
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/s6

Which service-manager to bootstrap into.

one of s6, synit
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service

A collection of modular services.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service

The duration in seconds which a service-manager is allowed to delay a shutdown. If null then shutdown may be delayed indefinitely.

null or signed integer
6
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service

PATH used to boot the system bus.

read-only unspecified value
The packages execline, s6, syndicate-server, and security wrappers.
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit

Whether to enable Synit control socket at /run/synit/system-bus.sock.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/slam.nix

Definitions of daemons to assert as Synit core services. For each daemon defined in core a ‘<requires-service <daemon ${name}>>’ assertion is also made.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Daemon command line. A string is executed in a shell whereas a list of strings is executed directly. See https://synit.org/book/operation/builtin/daemon.html#adding-process-specifications-to-a-service.

string or absolute path or list of (string or absolute path)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether the Unix process environment is cleared or inherited. See https://synit.org/book/operation/builtin/daemon.html#specifying-subprocess-environment-variables.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Sets the working direcctory of a daemon. See https://synit.org/book/operation/builtin/daemon.html#setting-the-current-working-directory-for-a-subprocess.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Sets Unix process environment for a daemon. See https://synit.org/book/operation/builtin/daemon.html#specifying-subprocess-environment-variables.

null or (attribute set of string)
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Service identifier local to Synit.

read-only unspecified value
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether this service is tautologically required.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Command-line arguments passed to s6-log before the logging directory. The default arguments prepend logged lines with a TAI64N timestamp. Override args to [‘’] if this information would be redundant.

list of string
[
  "t"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Directory for log files from this daemon.

absolute path
/var/log/‹name›
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether to enable inject a logging wrapper over this daemon.

boolean
config.system.logging.logToFileSystem
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

List of directories to compose into the PATH environmental variable. If env.PATH is set then this value is ignored. Otherwise it will be appended with execline and s6 packages.

list of (string or absolute path or package)
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether this daemon should persist and never be replaced or removed.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Specify a protocol for communicating with a daemon over stdin and stdout. See https://synit.org/book/operation/builtin/daemon.html#speaking-syndicate-network-protocol-via-stdinstdout.

one of none, application/syndicate, text/syndicate
"none"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Reverse requires of this daemon. It is a list of service keys.

list of list of string
[ ]
[
  [
    "milestone"
    "network"
  ]
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

When non-null enable s6 readiness notification for this daemon using the specified file-descriptor. Setting a file-descriptor here disables readyOnStart.

null or signed integer
null
3
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether a daemon should be considered ready immediately after startup. See See https://synit.org/book/operation/builtin/daemon.html#ready-signalling.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Services required this daemon. It is a list of ‘{ key, state }’ attrs where key identifies a service and state is a service state.

list of (submodule)
[ ]
[
  {
    key = [
      "milestone"
      "foo"
    ];
    state = "up";
  }
  {
    key = [
      "daemon"
      "oneshot-script"
    ];
    state = "complete";
  }
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Label of a service. The head of the list is the record label and the tail is the fields.

list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Required service state.

string
"up"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Daemon restart policy. See https://synit.org/book/operation/builtin/daemon.html#whether-and-when-to-restart.

one of always, on-error, all, never
"always"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Syndicate-server script associated with this daemon.

strings concatenated with 0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Definitions of daemons to assert into the Synit configuration dataspace.";

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Daemon command line. A string is executed in a shell whereas a list of strings is executed directly. See https://synit.org/book/operation/builtin/daemon.html#adding-process-specifications-to-a-service.

string or absolute path or list of (string or absolute path)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether the Unix process environment is cleared or inherited. See https://synit.org/book/operation/builtin/daemon.html#specifying-subprocess-environment-variables.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Sets the working direcctory of a daemon. See https://synit.org/book/operation/builtin/daemon.html#setting-the-current-working-directory-for-a-subprocess.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Sets Unix process environment for a daemon. See https://synit.org/book/operation/builtin/daemon.html#specifying-subprocess-environment-variables.

null or (attribute set of string)
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Service identifier local to Synit.

read-only unspecified value
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether this service is tautologically required.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Command-line arguments passed to s6-log before the logging directory. The default arguments prepend logged lines with a TAI64N timestamp. Override args to [‘’] if this information would be redundant.

list of string
[
  "t"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Directory for log files from this daemon.

absolute path
/var/log/‹name›
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether to enable inject a logging wrapper over this daemon.

boolean
config.system.logging.logToFileSystem
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

List of directories to compose into the PATH environmental variable. If env.PATH is set then this value is ignored. Otherwise it will be appended with execline and s6 packages.

list of (string or absolute path or package)
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether this daemon should persist and never be replaced or removed.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Specify a protocol for communicating with a daemon over stdin and stdout. See https://synit.org/book/operation/builtin/daemon.html#speaking-syndicate-network-protocol-via-stdinstdout.

one of none, application/syndicate, text/syndicate
"none"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Reverse requires of this daemon. It is a list of service keys.

list of list of string
[ ]
[
  [
    "milestone"
    "network"
  ]
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

When non-null enable s6 readiness notification for this daemon using the specified file-descriptor. Setting a file-descriptor here disables readyOnStart.

null or signed integer
null
3
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Whether a daemon should be considered ready immediately after startup. See See https://synit.org/book/operation/builtin/daemon.html#ready-signalling.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Services required this daemon. It is a list of ‘{ key, state }’ attrs where key identifies a service and state is a service state.

list of (submodule)
[ ]
[
  {
    key = [
      "milestone"
      "foo"
    ];
    state = "up";
  }
  {
    key = [
      "daemon"
      "oneshot-script"
    ];
    state = "complete";
  }
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Label of a service. The head of the list is the record label and the tail is the fields.

list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Required service state.

string
"up"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Daemon restart policy. See https://synit.org/book/operation/builtin/daemon.html#whether-and-when-to-restart.

one of always, on-error, all, never
"always"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

Syndicate-server script associated with this daemon.

strings concatenated with 0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/daemons.nix

List of edges in the service dependency graph. This list is populated from other options but dependencies can also be explicitly specified here.

list of (submodule)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Service that will be started if its dependers are required.

submodule
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Label of a service. The head of the list is the record label and the tail is the fields.

list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Required service state.

string
"up"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Label of a service. The head of the list is the record label and the tail is the fields.

list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Enable Synit, either as a primary or secondary service-manager.

unspecified value
"config.system.serviceManager ==
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit

Attribute set of service milestones and their dependees. A milestone will not be required unless it has been added to system.synit.plan.requires.

attribute set of (submodule)
{
  network = {
    requires = [
      {
        key = [
          "milestone"
          "devices"
        ];
      }
      {
        key = [
          "daemon"
          "dhcpcd"
        ];
        state = "ready";
      }
    ];
  };
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Reverse requires of this milestone. It is a list of service keys.

list of list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

List of services required by this milestone.

list of (submodule)
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Label of a service. The head of the list is the record label and the tail is the fields.

list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Required service state.

string
"up"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

The synit-pid1 package to use.

package
pkgs.alt.sam.synit-pid1
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/pid1.nix

Template for the activation script run by the user.

package
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/plans.nix

The syndicate-server script that comprises a plan for system configuration.

attribute set of ((list of anything) or string convertible to it)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/plans.nix

File containing the complete syndicate-server script for this plan.

read-only unspecified value
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/plans.nix

List of services required by this plan.

list of list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/dependencies.nix

Alias of {option}`system.synit.system.services`.

attribute set of (submodule)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/synit/system.nix

Command filename and arguments for starting this service. This is a raw command-line that should not contain any shell escaping. If expansion of environmental variables is required then use a shell script or importas from slamPkgs.execline.

list of (string or absolute path convertible to it)
[ (lib.getExe config.package) "--nobackground" ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/portable/service.nix

Alias of {option}`s6.rc.services.""`.

submodule
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/s6/service.nix

This module configures s6 services.

lazy attribute set of module
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/s6/service.nix

A collection of modular services that are configured in one go.

You could consider the sub-service relationship to be an ownership relation. It does not automatically create any other relationship between services unless perhaps such a behavior is explicitly defined and enabled in another option.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/synit/service.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/s6/service.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/portable/service.nix

Alias of {option}`synit.daemons.""`.

submodule
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/synit/service.nix

This module configures Synit daemons.

lazy attribute set of module
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/synit/service.nix

Whether Synit is managing this service.

read-only unspecified value
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/synit/service.nix

Which service-manager is managing this modular service.

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/portable/service.nix

The syndicate-server package to use.

package
pkgs.alt.sam.syndicate-server
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit

A collection of modular services.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/service/synit/system.nix

Bash scripts to run during the build of the toplevel derivation.

attribute set of ((submodule) or string convertible to it)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

List of dependencies. The script will run after these.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

The content of the script.

strings concatenated with 0
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/system/activation

Whether to enable backdoor shell service.

boolean
true
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing/backdoor.nix

Test driver.

value tcl (singular enum)
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

Whether to enable test instrumentation.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

Whether to enable use a root file-system on a disk image otherwise use tmpfs.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

Whether to enable graphic devices.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

Enable test network interface.

boolean
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

IP address for this node on the test network.

read-only string
"192.168.1.1"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

MAC address for this node.

read-only string
"52:54:00:12:01:01"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

This node's index in the test network (1-based).

read-only signed integer
1
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

VLAN number for this test network.

read-only signed integer
1
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/testing

System-wide timezone.

null or string without spaces
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/time

Groups for user accounts.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The group GID. If the GID is null, a free GID is picked on activation.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The user names of the group members, added to the /etc/group file.

list of (string, not containing newlines or colons)
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The name of the group. If undefined, the name of the attribute set will be used.

string, not containing newlines or colons
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

User accounts.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/users.nix

Whether to create the home directory and ensure ownership as well as permissions to match the user.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

A short description of the user account, typically the user's full name. This is actually the “GECOS” “comment” field in /etc/passwd.

string, not containing newlines or colons
""
"Alice Q. User"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The user's auxiliary groups.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The user's primary group.

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The user's home directory.

absolute path, not containing newlines or colons
"/var/empty"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

Specifies the initial hashed password for the user, i.e. the hashed password assigned if the user does not already exist. If users.mutableUsers is true, the password can be changed subsequently using the passwd command. Otherwise, it's equivalent to setting the hashedPassword option.

null or (string, not containing newlines or colons)
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

Specifies the initial password for the user, i.e. the password assigned if the user does not already exist. If users.mutableUsers is true, the password can be changed subsequently using the passwd command. Otherwise, it's equivalent to setting the password option. The same caveat applies: the password specified here is world-readable in the Nix store, so it should only be used for guest accounts or passwords that will be changed promptly.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

Indicates whether this is an account for a “real” user. This automatically sets group to ‘users’, createHome to ‘true’, home to /home/«username», and isSystemUser to ‘false’. Exactly one of isNormalUser and isSystemUser must be enabled.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

Indicates if the user is a system user or not. This option only has an effect if uid is ‘null’, in which case it determines whether the user's UID is allocated in the range for system users (below 1000) or in the range for normal users (starting at 1000). Exactly one of isNormalUser and isSystemUser must be enabled.

boolean
false
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The name of the user account. If undefined, the name of the attribute set will be used.

string, not containing newlines or colons
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

Specifies the hashed password for the user.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The full path to a file that contains the hash of the user's password. The password file is read on each system activation. The file should contain exactly one line, which should be the password in an encrypted form that is suitable for the ‘chpasswd -e’ command.

null or string
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

The path to the user's shell. Can use shell derivations, like ‘pkgs.bashInteractive’. Don't forget to enable your shell in programs if necessary, like ‘programs.zsh.enable = true;’.

null or package or (absolute path, not containing newlines or colons)
pkgs.shadow
pkgs.bashInteractive
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

List of paths to configuration scripts to load into the user-level syndicate-server at boot.

list of absolute path
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/users.nix

List of names of additional dataspaces to create within the user-bus. The config, log, and gatekeeper namespaces are reserved. Dataspaces othewise created within configuration files may be destroyed and recreated during a configuration transition.

list of string
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/users.nix

Reference to system-bus. Can be ‘"$config"’ for full access or an attenuation for restricted access. Defaults to an invalid reference.

unspecified value
"#f"
"@
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/synit/users.nix

The account UID. If the UID is null, a free UID is picked on activation.

null or signed integer
null
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/users/options.nix

Specify the number of cores the guest is permitted to use. The number can be higher than the available cores on the host system.

positive integer, meaning >0
1
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/common.nix

The memory size in megabytes of the virtual machine.

positive integer, meaning >0
1024
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/common.nix

Command-line for starting the host QEMU.

read-only list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

Boot method used to load the guest.

value kernel (singular enum)
"kernel"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

Extra command-line options for starting the host QEMU.

list of string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

Mount the host Nix store as a 9p mount.

boolean
config.virtualisation.qemu.bootMode == "kernel"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

Network interface cards to add to the VM.

attribute set of (submodule)
{ }
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

List of arguments specific to this nic.

list of string
[ ]
[
  "model=virtio-net-pci"
]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

The qemu package to use.

package
pkgs.qemu
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

An attributes set of directories that will be shared with the virtual machine using VirtFS (9P filesystem over VirtIO). The attribute name will be used as the 9P mount tag.

attribute set of (submodule)
{ }
{
  my-share = {
    source = "/path/to/be/shared";
    target = "/mnt/shared";
  };
}
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

The security model to use for this share:

- `passthrough`: files are stored using the same credentials as they are created on the guest (this requires QEMU to run as root) - `mapped-xattr`: some of the file attributes like uid, gid, mode bits and link target are stored as file attributes - `mapped-file`: the attributes are stored in the hidden .virtfs_metadata directory. Directories exported by this security model cannot interact with other unix tools - `none`: same as "passthrough" except the sever won't report failures if it fails to set file attributes like ownership

one of passthrough, mapped-xattr, mapped-file, none
"mapped-xattr"
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

The path of the directory to share, can be a shell variable

string
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

The mount point of the directory inside the virtual machine

absolute path
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/virtualisation/qemu.nix

Whether to install files to support the [XDG Autostart specification](https://specifications.freedesktop.org/autostart-spec/latest).

boolean
true
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/xdg/autostart.nix

Adds associations between mimetypes and applications. See the [specifications](https://specifications.freedesktop.org/mime-apps-spec/latest/associations) for more information. Globs in all variations are supported.

attribute set of (string or ((list of string) or string) convertible to it)
{ }
{
  "application/pdf" = "firefox.desktop";
  "text/*" = [
    "nvim.desktop"
    "codium.desktop"
  ];
}
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/xdg/mime.nix

Sets the default applications for given mimetypes. See the [specifications](https://specifications.freedesktop.org/mime-apps-spec/latest/default) for more information. Globs in all variations are supported.

attribute set of (string or ((list of string) or string) convertible to it)
{ }
{
  "application/pdf" = "firefox.desktop";
  "image/*" = [
    "sxiv.desktop"
    "gimp.desktop"
  ];
}
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/xdg/mime.nix

Whether to install files to support the [XDG Shared MIME-info specification](https://specifications.freedesktop.org/shared-mime-info-spec/latest) and the [XDG MIME Applications specification](https://specifications.freedesktop.org/mime-apps-spec/latest).

boolean
true
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/xdg/mime.nix

Removes associations between mimetypes and applications. See the [specifications](https://specifications.freedesktop.org/mime-apps-spec/latest/associations) for more information. Globs in all variations are supported.

attribute set of (string or ((list of string) or string) convertible to it)
{ }
{
  "audio/*" = [
    "mpv.desktop"
    "umpv.desktop"
  ];
  "inode/directory" = "codium.desktop";
}
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/xdg/mime.nix

Whether to enable XDG portals.

boolean
false
true
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/xdg/portal.nix

List of portals.

list of package
[ ]
https://git.informatics.coop/projects/slam/src/branch/trunk/modules/xdg/portal.nix

Whether to enable xdg-terminal-exec, the [proposed](https://gitlab.freedesktop.org/xdg/xdg-specs/-/merge_requests/46) Default Terminal Execution Specification.

boolean
false
true
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/xdg/terminal-exec.nix

The xdg-terminal-exec package to use.

package
pkgs.xdg-terminal-exec
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/xdg/terminal-exec.nix

Configuration options for the Default Terminal Execution Specification.

The keys are the desktop environments that are matched (case-insensitively) against `$XDG_CURRENT_DESKTOP`, or `default` which is used when the current desktop environment is not found in the configuration. The values are a list of terminals' [desktop file IDs](https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s02.html#desktop-file-id) to try in order of decreasing priority.

attribute set of list of string
{ }
{
  GNOME = [
    "com.raggesilver.BlackBox.desktop"
    "org.gnome.Terminal.desktop"
  ];
  default = [
    "kitty.desktop"
  ];
}
/nix/store/ci5r8q32x2y8zcab0bha5yj7474ysr76-source/nixos/modules/config/xdg/terminal-exec.nix
May 29, 2026 SLAM