| services.buildkite-agents.<name>.extraConfig | Extra lines to be added verbatim to the configuration file.
|
| services.jankyborders.order | Specifies whether borders should be drawn above or below windows.
|
| services.synergy.client.serverAddress | The server address is of the form: [hostname][:port]
|
| services.gitlab-runner.checkInterval | Defines the interval length, in seconds, between new jobs check
|
| services.postgresql.logLinePrefix | A printf-style string that is output at the beginning of each log line
|
| services.postgresql.extraPlugins | List of PostgreSQL plugins
|
| services.jankyborders.style | Specifies the style of the border (either round or square).
|
| services.jankyborders.hidpi | If set to on, the border will be drawn with retina resolution.
|
| services.postgresql.enableTCPIP | Whether PostgreSQL should listen on all network interfaces
|
| services.offlineimap.extraConfig | Additional text to be appended to offlineimaprc.
|
| services.buildkite-agents.<name>.hooksPath | Path to the directory storing the hooks
|
| services.sketchybar.extraPackages | Extra packages to add to PATH.
|
| services.offlineimap.runQuick | Run only quick synchronizations
|
| services.github-runners.<name>.noDefaultLabels | Disables adding the default labels
|
| services.postgresql.initialScript | A file containing SQL statements to execute on first startup.
|
| services.karabiner-elements.package | The karabiner-elements package to use.
|
| services.eternal-terminal.verbosity | The verbosity level (0-9).
|
| services.jankyborders.enable | Whether to enable the jankyborders service..
|
| services.gitlab-runner.concurrent | Limits how many jobs globally can be run concurrently
|
| services.jankyborders.width | Determines the width of the border
|
| services.buildkite-agents.<name>.preCommands | Extra commands to run before starting buildkite.
|
| services.aerospace.settings.start-at-login | Do not start AeroSpace at login. (Managed by launchd instead)
|
| security.pam.services.sudo_local.text | Contents of /etc/pam.d/sudo_local
|
| services.ipfs.enableGarbageCollection | Passes --enable-gc flag to ipfs daemon.
|
| services.cachix-agent.credentialsFile | Required file that needs to contain:
export CACHIX_AGENT_TOKEN=...
|
| services.postgresql.recoveryConfig | Contents of the recovery.conf file.
|
| services.hercules-ci-agent.settings.apiBaseUrl | API base URL that the agent will connect to
|
| services.jankyborders.package | The jankyborders package to use.
|
| services.yabai.enableScriptingAddition | Whether to enable yabai's scripting-addition
|
| services.buildkite-agents.<name>.hooks.command | The command hook script will replace the default implementation of running
the build command.
|
| services.buildkite-agents.<name>.hooks.pre-command | The pre-command hook will run just before your build command runs
|
| services.postgresql.settings | PostgreSQL configuration
|
| services.buildkite-agents.<name>.privateSshKeyPath | OpenSSH private key
A run-time path to the key file, which is supposed to be provisioned
outside of Nix store.
|
| services.buildkite-agents.<name>.hooks.post-command | The post-command hook will run after the bootstrap script has run your
build commands
|
| services.gitlab-runner.sessionServer.listenAddress | An internal URL to be used for the session server.
|
| services.github-runners.<name>.serviceOverrides | Modify the service
|
| services.prometheus.exporters.node.port | Port where the Node exporter exposes its HTTP interface.
|
| security.pam.services.sudo_local.enable | Whether to enable managing /etc/pam.d/sudo_local with nix-darwin.
|
| services.buildkite-agents.<name>.hooks.pre-artifact | The pre-artifact hook will run just before artifacts are uploaded
|
| services.telegraf.environmentFiles | File to load as environment file
|
| security.pam.services.sudo_local.reattach | Whether to enable reattaching a program to the user's bootstrap session
|
| services.aerospace.settings.on-focus-changed | Commands to run every time focused window or workspace changes.
|
| services.buildkite-agents.<name>.hooks.post-artifact | The post-artifact hook will run just after artifacts are uploaded
|
| services.jankyborders.ax_focus | If set to true, the (slower) accessibility API is used to resolve the focused window.
|
| services.postgresql.ensureUsers | Ensures that the specified users exist and have at least the ensured permissions
|
| services.aerospace.settings.key-mapping.preset | Keymapping preset.
|
| services.buildkite-agents.<name>.hooks.pre-checkout | The pre-checkout hook will run just before your projects source code is
checked out from your SCM provider
|
| services.buildkite-agents.<name>.runtimePackages | Add programs to the buildkite-agent environment
|
| services.buildkite-agents.<name>.hooks.checkout | The checkout hook script will replace the default checkout routine of the
bootstrap.sh script
|
| services.buildkite-agents.<name>.hooks.post-checkout | The post-checkout hook will run after the bootstrap script has checked out
your projects source code.
|
| services.tailscale.overrideLocalDns | This option implements Override local DNS as it is not yet implemented in Tailscaled-on-macOS
|
| services.prometheus.exporters.node.enable | Whether to enable Prometheus Node exporter.
|
| services.github-runners.<name>.extraEnvironment | Extra environment variables to set for the runner, as an attrset.
|
| services.aerospace.settings.after-login-command | Do not use AeroSpace to run commands after login. (Managed by launchd instead)
|
| services.hercules-ci-agent.settings.labels | A key-value map of user data
|
| services.aerospace.settings.on-window-detected.*."if" | Conditions for detecting a window.
|
| services.gitlab-runner.sessionServer.sessionTimeout | How long in seconds the session can stay active after
the job completes (which will block the job from finishing).
|
| services.hercules-ci-agent.settings.baseDirectory | State directory (secrets, work directory, etc) for agent
|
| services.hercules-ci-agent.settings.secretsJsonPath | Path to a JSON file containing secrets for effects
|
| services.postgresql.ensureDatabases | Ensures that the specified databases exist
|
| services.prometheus.exporters.node.extraFlags | Extra commandline options to pass to the Node exporter executable.
|
| services.prometheus.exporters.node.package | The prometheus-node-exporter package to use.
|
| services.jankyborders.whitelist | Once this list is populated, only applications listed here are considered for receiving a border
|
| services.aerospace.settings.on-window-detected | Commands to run every time a new window is detected with optional conditions.
|
| services.autossh.sessions.*.monitoringPort | Port to be used by AutoSSH for peer monitoring
|
| services.aerospace.settings.on-window-detected.*.run | Commands to execute when the conditions match (required).
|
| services.jankyborders.blacklist | The applications specified here are excluded from being bordered
|
| services.hercules-ci-agent.settings.workDirectory | The directory in which temporary subdirectories are created for task state
|
| security.pam.services.sudo_local.touchIdAuth | Whether to enable Touch ID with sudo
|
| services.gitlab-runner.prometheusListenAddress | Address (<host>:<port>) on which the Prometheus metrics HTTP server
should be listening.
|
| services.aerospace.settings.after-startup-command | Add commands that run after AeroSpace startup
|
| services.aerospace.settings.on-window-detected.*."if".app-id | The application ID to match (optional).
|
| services.hercules-ci-agent.settings.binaryCachesPath | Path to a JSON file containing binary cache secret keys
|
| services.github-runners.<name>.ephemeral | If enabled, causes the following behavior:
- Passes the
--ephemeral flag to the runner configuration script
- De-registers and stops the runner with GitHub after it has processed one job
- Restarts the service after its successful exit
- On start, wipes the state directory and configures a new runner
You should only enable this option if tokenFile points to a file which contains a
personal access token (PAT)
|
| services.aerospace.settings.accordion-padding | Padding between windows in an accordion container.
|
| services.autossh.sessions.*.extraArguments | Arguments to be passed to AutoSSH and retransmitted to SSH
process
|
| security.pam.services.sudo_local.watchIdAuth | Use Apple Watch for sudo authentication, for devices without Touch ID or
laptops with lids closed, consider using this
|
| services.aerospace.settings.exec-on-workspace-change | Commands to run every time workspace changes.
|
| services.gitlab-runner.gracefulTermination | Finish all remaining jobs before stopping
|
| services.gitlab-runner.sessionServer.advertiseAddress | The URL that the Runner will expose to GitLab to be used
to access the session server
|
| services.aerospace.settings.on-focused-monitor-changed | Commands to run every time focused monitor changes.
|
| services.jankyborders.blur_radius | Sets the blur radius applied to the borders or backgrounds with transparency.
|
| services.hercules-ci-agent.settings.clusterJoinTokenPath | Location of the cluster-join-token.key file
|
| services.prometheus.exporters.node.listenAddress | Address where Node exporter exposes its HTTP interface
|
| services.aerospace.settings.default-root-container-layout | Default layout for the root container.
|
| services.buildkite-agents.<name>.hooks.environment | The environment hook will run before all other commands, and can be used
to set up secrets, data, etc
|
| services.aerospace.settings.on-window-detected.*."if".workspace | The workspace name to match (optional).
|
| services.hercules-ci-agent.settings.staticSecretsDirectory | This is the default directory to look for statically configured secrets like cluster-join-token.key
|
| services.jankyborders.active_color | Sets the border color for the focused window (format: 0xAARRGGBB)
|
| services.prometheus.exporters.node.enabledCollectors | Collectors to enable in addition to the ones that are enabled by default.
|
| services.aerospace.settings.on-window-detected.*."if".app-name-regex-substring | Regex substring to match the app name (optional).
|
| services.prometheus.exporters.node.disabledCollectors | Collectors to disable from the list of collectors that are enabled by default.
|
| services.github-runners.<name>.tokenFile | The full path to a file which contains either
- a fine-grained personal access token (PAT),
- a classic PAT
- or a runner registration token
Changing this option or the tokenFile’s content triggers a new runner registration
|
| services.postgresql.ensureUsers.*.ensurePermissions | Permissions to ensure for the user, specified as an attribute set
|
| services.aerospace.settings.on-window-detected.*.check-further-callbacks | Whether to check further callbacks after this rule (optional).
|
| services.jankyborders.inactive_color | Sets the border color for all windows not in focus (format: 0xAARRGGBB)
|
| services.hercules-ci-agent.settings.concurrentTasks | Number of tasks to perform simultaneously
|
| services.aerospace.settings.on-window-detected.*."if".window-title-regex-substring | Substring to match in the window title (optional).
|
| services.aerospace.settings.on-window-detected.*."if".during-aerospace-startup | Whether to match during aerospace startup (optional).
|
| services.aerospace.settings.default-root-container-orientation | Default orientation for the root container.
|