Configures the http_file_share module to handle user uploads

Shell command which will print a password to stdout for basic HTTP authentication

A list of paths to extra plugin bundles to install in Plex's plugin directory

Whether to enable Listmonk, this module assumes a reverse proxy to be set.

Additional Apache modules to be used

Add settings here to override NixOS module generated settings

Whether to enable Warpgate

Verbatim inspircd.conf file

Path to configuration file

If enabled srun will accept the option "--x11" to allow for X11 forwarding from within an interactive session or a batch job

A set of plugins to activate

Whether to load the APCu module into PHP.

If set, the calling user's SSH agent is used to authenticate against the configured keys

PHP package to use for php-fpm

A list of paths to extra scanners to install in Plex's scanners directory

The user under which Anubis is run

Whether to enable the Howdy PAM module

A list of paths that should be included in syslog-ng's --module-path option

Whether to enable thinkfan, a fan control program.

The server's configuration file

Polybar configuration

This option sets the PAM "control" used for this module.

Settings that go into ca.json

HTTPS listening address

If set, the pam_mysql module will be used to authenticate users against a MySQL/MariaDB database.

Additional settings (see mjolnir default config for available settings)

The content of rtorrent.rc

The group under which Anubis is run

Whether to enable the Autorandr systemd service

Whether maubot should write updated config into extraConfigFile. This will make your Nix module settings have no effect besides the initial config, as extraConfigFile takes precedence over NixOS settings!

Whether to load the Redis module into PHP

The config file

Directory where the uploaded files will be stored when the http_upload module is used

The configuration of each Fail2ban “jail”

The settings to use for dsnet

If enabled, the pam_umask module will be loaded.

Configuration file for gitlab-runner.

configFile takes precedence over services. checkInterval and concurrent will be ignored too

Configuration file for gitlab-runner.

configFile takes precedence over services. checkInterval and concurrent will be ignored too

The final package used by the module

The Nginx status page URL

Enable Peering Manager

Absolute path to the password store

Configuration for all Datadog checks

Configuration options for the Stalwart server

Enables InfluxDB on the host system using the services.influxdb2 NixOS module with default options

Path to the directory where firewall rules can be found and will get stored by the NixOS module.

Disable kernel module loading once the system is fully initialised

The force_run option is used to tell the PAM module for KWallet to forcefully run even if no graphical session (such as a GUI display manager) is detected

Enables the x2goserver module

Use a certificate generated by the NixOS ACME module for the given host

ethercalc, an online collaborative spreadsheet server

Configuration options for the Stalwart email server

Allow the service to create and use its own config file inside the dataDir as configured by services.mediatomb.dataDir

Your configuration.yaml as a Nix attribute set

The user under which Anubis is run

Enables the in-database configuration.

https://docs.postgrest.org/en/stable/references/configuration.html#in-database-configuration

JSON file containing secret keys

If set, use the Duo Security pam module pam_duo for authentication

The final package used by the module

Package to the finalized Nextcloud package, including all installed apps

List of lighttpd modules to enable

rsnapshot configuration option in addition to the defaults from rsnapshot and this module

The group under which Anubis is run

Literal string to append to configFile and the config file generated by the pulseaudio module.

Use a certificate generated by the NixOS ACME module for the given host

By default pam-u2f module does not inform user that he needs to use the u2f device, it just waits without a prompt

Enables Uber's USSH PAM (pam-ussh) module

Path to the periphery configuration file

The host name or IP address on which to bind Airsonic

OpenAFS programs package

Configuration files to load besides the immutable one defined by the NixOS module

Reference to the matrix-synapse wrapper with all extras (e.g. for oidc or saml2) added to the PYTHONPATH of all executables

Configuration for the LDAP backend

h2 database is not recommended for a production setup. postgresql this settings it recommended for production setups. manual the module doesn't handle database settings.

List of maintainers of each module

List of maintainers of each module

Sets the environment variable $HELOHOST which is used by the SMTP protocol module to set the parameter given to the HELO command

The calendar interval at which the garbage collector will run

IP address on which RabbitMQ will listen for AMQP connections

Whether to load the Memcached module into PHP

Extra contents appended to the jupyterhub configuration

Jupyterhub configuration is a normal python file using Traitlets. https://jupyterhub.readthedocs.io/en/stable/getting-started/config-basics.html

Enable in-memory compressed devices and swap space provided by the zram kernel module

If set, then the authenticating user must be a member of this group to use this module.

Whether to load the acpi_call kernel module

Whether to enable random desktop background

The SQL server URI

Database settings will be reset to the value set in this module if this is not enabled

Multiple GitHub Runners

Enable the OATH (one-time password) PAM module.

The river package to use

The sway package to use

Configure the default calendar

Hardened service:

• runs as a dedicated user with minimal set of permissions (see caveats),
• restricts daemon configuration socket access to dedicated user group (you can grant access to it with users.users."<user>".extraGroups = [ netbird-‹name› ]),

Even though the local system resources access is restricted:

• CAP_NET_RAW, CAP_NET_ADMIN and CAP_BPF still give unlimited network manipulation possibilites,
• older kernels don't have CAP_BPF and use CAP_SYS_ADMIN instead,

Known security features that are not (yet) integrated into the module:

• 2024-02-14: rosenpass is an experimental feature configurable solely through --enable-rosenpass flag on the netbird up command, see the docs

Hardened service:

• runs as a dedicated user with minimal set of permissions (see caveats),
• restricts daemon configuration socket access to dedicated user group (you can grant access to it with users.users."<user>".extraGroups = [ netbird-‹name› ]),

Even though the local system resources access is restricted:

• CAP_NET_RAW, CAP_NET_ADMIN and CAP_BPF still give unlimited network manipulation possibilites,
• older kernels don't have CAP_BPF and use CAP_SYS_ADMIN instead,

Known security features that are not (yet) integrated into the module:

• 2024-02-14: rosenpass is an experimental feature configurable solely through --enable-rosenpass flag on the netbird up command, see the docs

Whether to enable XDG desktop integration

Add module allowners, any user in chat is able to kick other

The XEP-0423 defines a set of recommended XEPs to implement for a server

Whether to enable the msr (Model-Specific Registers) kernel module and configure udev rules for its devices (usually /dev/cpu/*/msr).

Whether to enable the open source NVIDIA kernel module.

Whether to enable manual usage of the rsnapshot command with this module.