| system.defaults.NSGlobalDomain._HIHideMenuBar | Whether to autohide the menu bar
|
| system.defaults.ActivityMonitor.SortDirection | The sort direction of the sort column (0 is decending)
|
| services.postgresql.ensureUsers | Ensures that the specified users exist and have at least the ensured permissions
|
| launchd.daemons.<name>.serviceConfig.Sockets.<name>.SockPathName | This optional key implies SockFamily is set to "Unix"
|
| programs.direnv.silent | Whether to enable the hiding of direnv logging
.
|
| nixpkgs.config | Global configuration for Nixpkgs
|
| launchd.user.agents.<name>.serviceConfig.UserName | This optional key specifies the user to run the job as
|
| services.hercules-ci-agent.enable | Enable to run Hercules CI Agent as a system service.
Hercules CI is a
continuous integation service that is centered around Nix
|
| nix.settings.allowed-users | A list of names of users (separated by whitespace) that are
allowed to connect to the Nix daemon
|
| services.khd.i3Keybindings | Whether to configure i3 style keybindings for kwm.
|
| system.defaults.finder._FXSortFoldersFirst | Keep folders on top when sorting by name
|
| services.synapse-bt.package | Synapse BitTorrent package to use.
|
| launchd.daemons.<name>.serviceConfig.EnvironmentVariables | This optional key is used to specify additional environment variables to be set before running the
job.
|
| nix.daemonProcessType | Nix daemon process resource limits class
|
| system.defaults.SoftwareUpdate.AutomaticallyInstallMacOSUpdates | Automatically install Mac OS software updates
|
| system.defaults.iCal."first day of week" | Set the day to start week on in the Calendar
|
| homebrew.brews | List of Homebrew formulae to install
|
| system.defaults.controlcenter.Display | Apple menu > System Preferences > Control Center > Display
Show a Screen Brightness control in menu bar
|
| homebrew.global | Options for configuring the behavior of Homebrew commands when you manually invoke them.
|
| nix.extraOptions | Additional text appended to nix.conf.
|
| system.defaults.finder._FXEnableColumnAutoSizing | Resize columns to fit filenames
|
| services.synergy.client.tls.cert | The TLS certificate to use for encryption.
|
| services.gitlab-runner.services.<name>.dockerAllowedImages | Whitelist allowed images.
|
| users.knownUsers | List of users owned and managed by nix-darwin
|
| system.defaults.NSGlobalDomain.ApplePressAndHoldEnabled | Whether to enable the press-and-hold feature
|
| security.sandbox.profiles.<name>.allowLocalNetworking | Whether to allow localhost network access inside the sandbox.
|
| services.gitlab-runner.services.<name>.protected | When set to true Runner will only run on pipelines
triggered on protected branches.
|
| networking.wg-quick.logDir | Directory to save wg-quick logs to.
|
| services.gitlab-runner.services.<name>.tagList | Tag list.
|
| users.users.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|
| launchd.daemons.<name>.serviceConfig.SoftResourceLimits.Core | The largest size (in bytes) core file that may be created.
|
| homebrew.taps.*.force_auto_update | Whether to auto-update the tap even if it is not hosted on GitHub
|
| programs.fish.useBabelfish | If enabled, the configured environment will be translated to native fish using babelfish
|
| launchd.user.agents.<name>.serviceConfig.LimitLoadToSessionType | This configuration file only applies to sessions of the type specified
|
| services.cachix-agent.credentialsFile | Required file that needs to contain:
export CACHIX_AGENT_TOKEN=...
|
| services.buildkite-agents.<name>.privateSshKeyPath | OpenSSH private key
A run-time path to the key file, which is supposed to be provisioned
outside of Nix store.
|
| nix.buildMachines.*.hostName | The hostname of the build machine.
|
| programs.tmux.iTerm2 | Cater to iTerm2 and its tmux integration, as appropriate.
|
| services.spacebar.config | Key/Value pairs to pass to spacebar's 'config' domain, via the configuration file.
|
| services.postgresql.initialScript | A file containing SQL statements to execute on first startup.
|
| security.sandbox.profiles.<name>.closure | List of store paths to make accessible.
|
| services.yabai.extraConfig | Extra arbitrary configuration to append to the configuration file
|
| services.dnsmasq.package | This option specifies the dnsmasq package to use.
|
| system.defaults.WindowManager.AutoHide | Auto hide stage strip showing recent apps
|
| system.defaults.trackpad.TrackpadThreeFingerHorizSwipeGesture | Whether to enable three-finger horizontal swipe gesture: 0 to disable, 1 to swipe between pages, 2 to swipe between full-screen applications
|
| services.synergy.client.screenName | Use the given name instead of the hostname to identify
ourselves to the server.
|
| users.users.<name>.packages | The set of packages that should be made availabe to the user
|
| nix.gc.automatic | Automatically run the garbage collector at a specific time.
|
| system.defaults.NSGlobalDomain.NSAutomaticCapitalizationEnabled | Whether to enable automatic capitalization
|
| programs.direnv.enableBashIntegration | Whether to enable Bash integration
.
|
| time.timeZone | The time zone used when displaying times and dates
|
| services.aerospace.settings.default-root-container-layout | Default layout for the root container.
|
| launchd.user.agents.<name>.serviceConfig.inetdCompatibility | The presence of this key specifies that the daemon expects to be run as if it were launched from inetd.
|
| nix.nrBuildUsers | Number of nixbld user accounts created to
perform secure concurrent builds
|
| services.aerospace.settings.on-window-detected.*."if" | Conditions for detecting a window.
|
| services.postgresql.checkConfig | Check the syntax of the configuration file at compile time
|
| nix.buildMachines.*.speedFactor | The relative speed of this builder
|
| launchd.daemons.<name>.serviceConfig.HardResourceLimits.FileSize | The largest size (in bytes) file that may be created.
|
| services.gitlab-runner.services.<name>.dockerDisableCache | Disable all container caching.
|
| services.postgresql.enableTCPIP | Whether PostgreSQL should listen on all network interfaces
|
| launchd.agents.<name>.serviceConfig.SoftResourceLimits.ResidentSetSize | The maximum size (in bytes) to which a process's resident set size may grow
|
| fonts.packages | List of fonts to install into /Library/Fonts/Nix Fonts.
|
| services.karabiner-elements.package | The karabiner-elements package to use.
|
| system.defaults.dock.persistent-apps.*.spacer.small | Whether the spacer is small.
|
| programs.vim.vimOptions.<name>.text | Text of the file.
|
| system.defaults.NSGlobalDomain.AppleFontSmoothing | Sets the level of font smoothing (sub-pixel font rendering).
|
| launchd.agents.<name>.serviceConfig.ThrottleInterval | This key lets one override the default throttling policy imposed on jobs by launchd
|
| services.synergy.client.serverAddress | The server address is of the form: [hostname][:port]
|
| system.defaults.dock.mineffect | Set the minimize/maximize window effect
|
| services.prometheus.exporters.node.disabledCollectors | Collectors to disable from the list of collectors that are enabled by default.
|
| nix.gc.interval | The calendar interval at which the garbage collector will run
|
| programs.direnv.direnvrcExtra | Extra lines to append to the sourced direnvrc
|
| nix.settings.auto-optimise-store | If set to true, Nix automatically detects files in the store that have
identical contents, and replaces them with hard links to a single copy
|
| launchd.agents.<name>.serviceConfig.inetdCompatibility.Wait | This flag corresponds to the "wait" or "nowait" option of inetd
|
| system.defaults.NSGlobalDomain.AppleScrollerPagingBehavior | Jump to the spot that's clicked on the scroll bar
|
| nix.checkConfig | If enabled (the default), checks for data type mismatches and that Nix
can parse the generated nix.conf.
|
| services.nix-daemon.tempDir | The TMPDIR to use for nix-daemon.
|
| homebrew.enableZshIntegration | Whether to enable Homebrew Zsh shell integration, which sets up Homebrew's environment
and shell completions
.
|
| launchd.daemons.<name>.serviceConfig.HardResourceLimits.NumberOfProcesses | The maximum number of simultaneous processes for this user id
|
| launchd.user.agents.<name>.serviceConfig.HardResourceLimits.MemoryLock | The maximum size (in bytes) which a process may lock into memory using the mlock(2) function.
|
| programs._1password-gui.package | The 1Password GUI package to use.
|
| services.spotifyd.settings | Configuration for spotifyd, see https://spotifyd.github.io/spotifyd/config/File.html
for supported values.
|
| launchd.daemons.<name>.serviceConfig.HardResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| security.pki.installCACerts | Whether to enable certificate management with nix-darwin.
|
| services.jankyborders.background_color | Sets the background fill color for all windows (only 0xAARRGGBB arguments supported).
|
| launchd.agents.<name>.serviceConfig.LaunchEvents | Specifies higher-level event types to be used as launch-on-demand event
sources
|
| programs.zsh.enableSyntaxHighlighting | Enable zsh-syntax-highlighting.
|
| launchd.user.agents | Definition of per-user launchd agents
|
| power.sleep.harddisk | Amount of idle time (in minutes) until hard disks sleep.
"never" disables hard disk sleeping.
|
| networking.wg-quick.interfaces.<name>.table | Controls the routing table to which routes are added
|
| system.darwinRelease | The nix-darwin release (e.g. 24.11).
|
| services.github-runners.<name>.workDir | Working directory, available as $GITHUB_WORKSPACE during workflow runs
and used as a default for repository checkouts
|
| system.tools.darwin-rebuild.enable | Whether to enable darwin-rebuild script.
|
| environment.launchAgents | Set of files that have to be linked in /Library/LaunchAgents.
|
| system.defaults.WindowManager.EnableTiledWindowMargins | Enable window margins when tiling windows
|
| programs._1password.package | The 1Password CLI package to use.
|
| services.emacs.package | This option specifies the emacs package to use.
|
| services.synergy.client.enable | Whether to enable the Synergy client (receive keyboard and mouse events from a Synergy server).
|
| launchd.user.agents.<name>.serviceConfig.inetdCompatibility.Wait | This flag corresponds to the "wait" or "nowait" option of inetd
|
| homebrew.onActivation.cleanup | This option manages what happens to packages installed by Homebrew that aren't present in
the Brewfile generated by this module, during nix-darwin system
activation
|