| options/nixos/hardware.nitrokey.enable | Enables udev rules for Nitrokey devices.
|
| options/nixos/services.rspamd.localLuaRules | Path of file to link to /etc/rspamd/rspamd.local.lua for local
rules written in Lua
|
| options/nixos/services.logcheck.ignore | This option defines extra ignore rules.
|
| options/nixos/services.anubis.defaultOptions.policy.useDefaultBotRules | Whether to include Anubis's default bot detection rules via the
(data)/meta/default-config.yaml import
|
| options/nixos/services.anubis.instances.<name>.policy.useDefaultBotRules | Whether to include Anubis's default bot detection rules via the
(data)/meta/default-config.yaml import
|
| options/nixos/programs.regreet.extraCss | Extra CSS rules to apply on top of the GTK theme
|
| options/nixos/systemd.user.tmpfiles.users | Per-user rules for creation, deletion and cleaning of volatile and
temporary files automatically.
|
| options/home-manager/programs.helix.ignores | List of paths that should be globally ignored for file picker
|
| options/nixos/hardware.ubertooth.group | Group for Ubertooth's udev rules.
|
| options/nixos/hardware.glasgow.enable | Enables Glasgow udev rules and ensures 'plugdev' group exists
|
| options/home-manager/programs.ssh.matchBlocks | Specify per-host settings
|
| options/nixos/programs.minipro.enable | Whether to enable minipro and its udev rules
|
| options/nixos/services.vmalert.enable | Wether to enable VictoriaMetrics's vmalert.
vmalert evaluates alerting and recording rules against a data source, sends notifications via Alertmanager.
|
| options/nixos/services.crowdsec.hub.appSecRules | List of hub appsec rules to install
|
| options/nixos/nix.firewall.allowLoopback | Whether to allow traffic on the loopback interface
|
| options/nixos/services.logcheck.ignoreCron | This option defines extra ignore rules for cronjobs.
|
| options/nixos/services.logcheck.extraRulesDirs | Directories with extra rules.
|
| options/nixos/nix.firewall.extraNftablesRules | Extra nftables rules to prepend to the generated ones
|
| options/nixos/services.opengfw.pcapReplay | Path to PCAP replay file
|
| options/nixos/hardware.rtl-sdr.enable | Enables rtl-sdr udev rules, ensures 'plugdev' group exists, and blacklists DVB kernel modules
|
| options/nixos/programs.flashrom.enable | Installs flashrom and configures udev rules for programmers
used by flashrom
|
| options/nixos/hardware.ubertooth.enable | Whether to enable Ubertooth software and its udev rules.
|
| options/nixos/services.miredo.bindAddress | Depending on the local firewall/NAT rules, you might need to force
Miredo to use a fixed UDP port and or IPv4 address.
|
| options/nixos/services.thanos.rule.enable | Whether to enable the Thanos ruler service which evaluates Prometheus rules against given Query nodes, exposing Store API and storing old blocks in bucket.
|
| options/nixos/programs.quark-goldleaf.enable | Whether to enable quark-goldleaf with udev rules applied.
|
| options/nixos/security.sudo.defaultOptions | Options used for the default rules, granting root and the
wheel group permission to run any command as any user.
|
| options/nixos/programs.flexoptix-app.enable | Whether to enable FLEXOPTIX app + udev rules.
|
| options/nixos/services.ndppd.interface | Interface which is on link-level with router.
(Legacy option, use services.ndppd.proxies.<interface>.rules.<network> instead)
|
| options/nixos/security.sudo-rs.defaultOptions | Options used for the default rules, granting root and the
wheel group permission to run any command as any user.
|
| options/nixos/programs.mouse-actions.enable | Whether to install and set up mouse-actions and it's udev rules
|
| options/nixos/programs.ns-usbloader.enable | Whether to enable ns-usbloader application with udev rules applied.
|
| options/nixos/hardware.hackrf.enable | Enables hackrf udev rules and ensures 'plugdev' group exists
|
| options/nixos/programs.flashprog.enable | Whether to enable configuring flashprog udev rules and
installing flashprog as system package
.
|
| options/nixos/hardware.steam-hardware.enable | Enable udev rules for Steam hardware such as the Steam Controller, other supported controllers and the HTC Vive
|
| options/nixos/services.sdrplayApi.enable | Whether to enable the SDRplay API service and udev rules.
To enable integration with SoapySDR and GUI applications like gqrx create an overlay containing
soapysdr-with-plugins = super.soapysdr.override { extraPackages = [ super.soapysdrplay ]; };
|
| options/nixos/hardware.sheep_net.enable | Enables sheep_net udev rules, ensures 'sheep_net' group exists, and adds
sheep-net to boot.kernelModules and boot.extraModulePackages
|
| options/nixos/services.prometheus.ruleFiles | Any additional rules files to include in this configuration.
|
| options/home-manager/programs.vesktop.vencord.extraQuickCss | Additional CSS rules.
|
| options/nixos/programs.feedbackd.enable | Whether to enable the feedbackd D-BUS service and udev rules
|
| options/nixos/services.suricata.disabledRules | List of rules that should be disabled.
|
| options/nixos/services.dokuwiki.sites.<name>.aclFile | Location of the dokuwiki acl rules
|
| options/nixos/services.suricata.settings.vars | Variables to be used within the suricata rules.
|
| options/nixos/hardware.kryoflux.enable | Enables kryoflux udev rules, ensures 'floppy' group exists
|
| options/nixos/services.usbguard.deviceRulesWithPort | Generate device specific rules including the "via-port" attribute.
|
| options/nixos/hardware.gpgSmartcards.enable | Whether to enable udev rules for gnupg smart cards.
|
| options/nixos/services.graphite.carbon.relayRules | Relay rules are used to send certain metrics to a certain backend.
|
| options/nixos/services.firewalld.zones.<name>.target | Action for packets that doesn't match any rules.
|
| packages/nixpkgs/typstPackages.numty | Numeric Typst: Perform mathematical operations on n-dimensional matrices, vectors and numbers with numpy-like broadcasting rules |
| options/nixos/boot.initrd.services.udev.packages | This will only be used when systemd is used in stage 1.
List of packages containing udev rules that will be copied to stage 1
|
| options/nixos/services.shorewall.enable | Whether to enable Shorewall IPv4 Firewall.
Enabling this service WILL disable the existing NixOS
firewall! Default firewall rules provided by packages are not
considered at the moment.
|
| options/nixos/systemd.tmpfiles.settings | Declare systemd-tmpfiles rules to create, delete, and clean up volatile
and temporary files and directories
|
| options/nixos/hardware.libjaylink.enable | Whether to enable udev rules for devices supported by libjaylink
|
| options/nixos/programs.dmrconfig.enable | Whether to configure system to enable use of dmrconfig
|
| packages/nixpkgs/filtron | Reverse HTTP proxy to filter requests by different rules |
| packages/nixpkgs/ananicy | Another auto nice daemon, with community rules support |
| options/nixos/hardware.flipperzero.enable | Whether to enable udev rules and software for Flipper Zero devices.
|
| options/nixos/security.doas.extraRules.*.setEnv | Keep or set the specified variables
|
| options/nixos/boot.initrd.services.udev.binPackages | This will only be used when systemd is used in stage 1.
Packages to search for binaries that are referenced by the udev rules in stage 1
|
| options/nixos/services.input-remapper.enableUdevRules | Whether to enable udev rules added by input-remapper to handle hotplugged devices
|
| options/nixos/hardware.keyboard.zsa.enable | Whether to enable udev rules for keyboards from ZSA like the ErgoDox EZ, Planck EZ and Moonlander Mark I
|
| options/nixos/services.earlyoom.killHook | An absolute path to an executable to be run for each process killed
|
| options/nixos/services.suricata.settings.rule-files | Files to load suricata-update managed rules, relative to 'default-rule-path'.
|
| options/nixos/services.shorewall6.enable | Whether to enable Shorewall IPv6 Firewall.
Enabling this service WILL disable the existing NixOS
firewall! Default firewall rules provided by packages are not
considered at the moment.
|
| options/home-manager/xsession.windowManager.spectrwm.quirks | Spectrwm quicks (custom window rules).
|
| options/nixos/nix.firewall.allowPrivateNetworks | Whether to allow traffic to local networks
|
| options/nixos/services.pcscd.ignoreReaderNames | List of reader name patterns for the PCSC daemon to ignore
|
| options/nixos/hardware.block.scheduler | Assign block I/O scheduler by device name pattern
|
| packages/nixpkgs/typstPackages.curryst | Typeset trees of inference rules |
| options/nixos/networking.firewall.extraInputRules | Additional nftables rules to be appended to the input-allow
chain
|
| options/nixos/services.ndppd.proxies.<name>.interface | Listen for any Neighbor Solicitation messages on this interface,
and respond to them according to a set of rules
|
| options/nixos/boot.initrd.systemd.tmpfiles.settings | Similar to systemd.tmpfiles.settings but the rules are
only applied by systemd-tmpfiles before initrd-switch-root.target
|
| options/nixos/services.nextcloud.webfinger | Enable this option if you plan on using the webfinger plugin
|
| options/nixos/hardware.keyboard.qmk.keychronSupport | Whether to enable udev rules for keychron QMK based keyboards.
|
| options/nixos/services.mirakurun.allowSmartCardAccess | Install polkit rules to allow Mirakurun to access smart card readers
which is commonly used along with tuner devices.
|
| packages/nixpkgs/eclipses.plugins.drools | Drools is a Business Rules Management System (BRMS) solution |
| options/nixos/programs.wireshark.usbmon.enable | Whether to allow users in the 'wireshark' group to capture USB traffic
|
| options/nixos/services.dovecot2.imapsieve.mailbox | Configure Sieve filtering rules on IMAP actions
|
| options/nixos/networking.jool.siit.<name>.framework | The framework to use for attaching Jool's translation to the exist
kernel packet processing rules
|
| packages/nixpkgs/typstPackages.linphon | Set phonological feature matrices, linear rewrite rules, and more |
| options/nixos/networking.vswitches.<name>.openFlowRules | OpenFlow rules to insert into the Open vSwitch
|
| options/nixos/networking.jool.nat64.<name>.framework | The framework to use for attaching Jool's translation to the exist
kernel packet processing rules
|
| options/nixos/services.suricata.settings.default-rule-path | Path in which suricata-update managed rules are stored by default.
|
| options/nixos/services.vmalert.instances.<name>.enable | Wether to enable VictoriaMetrics's vmalert.
vmalert evaluates alerting and recording rules against a data source, sends notifications via Alertmanager.
|
| options/nixos/services.reaction.runAsRoot | Whether to run reaction as root
|
| options/nixos/services.firewalld.settings.FlushAllOnReload | Whether to flush all runtime rules on a reload.
|
| options/nixos/networking.firewall.extraForwardRules | Additional nftables rules to be appended to the forward-allow
chain
|
| options/nixos/programs.tsmClient.servers | Server definitions ("stanzas")
for the client system-options file
|
| options/nixos/services.firewalld.settings.CleanupOnExit | Whether to clean up firewall rules when firewalld stops.
|
| options/nixos/services.logrotate.settings.<name>.files | Single or list of files for which rules are defined
|
| options/nixos/services.nebula.networks.<name>.firewall.inbound | Firewall rules for inbound traffic.
|
| options/nixos/services.tinyproxy.settings.Filter | Tinyproxy supports filtering of web sites based on URLs or domains
|
| options/nixos/hardware.digitalbitbox.enable | Enables udev rules for Digital Bitbox devices.
|
| options/nixos/systemd.network.networks.<name>.routingPolicyRules | A list of routing policy rules sections to be added to the unit
|
| options/nixos/services.trafficserver.remap | URL remapping rules used by Traffic Server
|
| options/nixos/services.trafficserver.cache | Caching rules that overrule the origin's caching policy
|
| options/nixos/services.opensnitch.settings.Rules.Path | Path to the directory where firewall rules can be found and will
get stored by the NixOS module.
|
| options/nixos/security.pki.useCompatibleBundle | Whether to enable usage of a compatibility bundle
|
| packages/nixpkgs/cargo-bazel | Part of the `crate_universe` collection of tools which use Cargo to generate build targets for Bazel |
| options/nixos/services.nebula.networks.<name>.firewall.outbound | Firewall rules for outbound traffic.
|
| options/nixos/hardware.digitalbitbox.package | The digitalbitbox package to use
|