| nixpkgs.flake.setFlakeRegistry | Whether to pin nixpkgs in the system-wide flake registry (/etc/nix/registry.json) to the
store path of the sources of nixpkgs used to build the nix-darwin system
|
| services.gitlab-runner.sessionServer | The session server allows the user to interact with jobs
that the Runner is responsible for
|
| system.defaults.trackpad.TrackpadFourFingerPinchGesture | Whether to enable four-finger pinch gesture (spread shows the Desktop, pinch shows the Launchpad): 0 to disable, 2 to enable
|
| launchd.user.agents.<name>.serviceConfig.OnDemand | This key was used in Mac OS X 10.4 to control whether a job was kept alive or not
|
| launchd.user.agents.<name>.serviceConfig.SoftResourceLimits.Data | The maximum size (in bytes) of the data segment for a process; this defines how far a program may
extend its break with the sbrk(2) system call.
|
| nix.linux-builder.package | This option specifies the Linux builder to use.
|
| nix.settings.extra-sandbox-paths | Directories from the host filesystem to be included
in the sandbox.
|
| services.gitlab-runner.prometheusListenAddress | Address (<host>:<port>) on which the Prometheus metrics HTTP server
should be listening.
|
| services.khd.package | This option specifies the khd package to use.
|
| services.yabai.package | The yabai package to use.
|
| system.defaults.universalaccess.reduceMotion | Disable animation when switching screens or opening apps
|
| launchd.agents.<name>.serviceConfig.SoftResourceLimits.NumberOfProcesses | The maximum number of simultaneous processes for this user id
|
| programs.fish.enable | Whether to configure fish as an interactive shell.
|
| services.autossh.sessions.*.name | Name of the local AutoSSH session
|
| system.primaryUser | The user used for options that previously applied to the user
running darwin-rebuild
|
| homebrew.caskArgs.language | Comma-separated list of language codes to prefer for cask installation
|
| environment.shellInit | Shell script code called during shell initialisation
|
| services.buildkite-agents.<name>.hooks.environment | The environment hook will run before all other commands, and can be used
to set up secrets, data, etc
|
| system.defaults.CustomSystemPreferences | Sets custom system preferences
|
| services.buildkite-agents.<name>.name | The name of the agent as seen in the buildkite dashboard.
|
| services.dnsmasq.port | This option specifies port on which DNSmasq will listen.
|
| system.defaults.NSGlobalDomain.NSTextShowsControlCharacters | Whether to display ASCII control characters using caret notation in standard text views
|
| system.nixpkgsRelease | The nixpkgs release (e.g. 24.11).
|
| launchd.daemons.<name>.serviceConfig.SoftResourceLimits.MemoryLock | The maximum size (in bytes) which a process may lock into memory using the mlock(2) function.
|
| launchd.agents.<name>.serviceConfig.HardResourceLimits.CPU | The maximum amount of cpu time (in seconds) to be used by each process.
|
| services.gitlab-runner.services.<name>.dockerPrivileged | Give extended privileges to container.
|
| programs.direnv.loadInNixShell | Whether to enable loading direnv in nix-shell nix shell or nix develop
.
|
| system.defaults.ActivityMonitor.ShowCategory | Change which processes to show.
- 100: All Processes
- 101: All Processes, Hierarchally
- 102: My Processes
- 103: System Processes
- 104: Other User Processes
- 105: Active Processes
- 106: Inactive Processes
- 107: Windowed Processes
Default is 100.
|
| system.defaults.LaunchServices.LSQuarantine | Whether to enable quarantine for downloaded applications
|
| services.aerospace.settings.accordion-padding | Padding between windows in an accordion container.
|
| services.hercules-ci-agent.settings.labels | A key-value map of user data
|
| services.redis.bind | The IP interface to bind to.
|
| system.checks.verifyBuildUsers | Whether to run the Nix build users validation checks.
|
| nix.linux-builder.mandatoryFeatures | A list of features mandatory for the Linux builder
|
| homebrew.brews.*.link | Whether to link the formula to the Homebrew prefix
|
| homebrew.global.autoUpdate | Whether to enable Homebrew to auto-update itself and all formulae when you manually invoke
commands like brew install, brew upgrade,
brew tap, and brew bundle [install]
|
| programs.vim.vimConfig | Extra vimrcConfig to use for vim_configurable.
|
| services.gitlab-runner.sessionServer.listenAddress | An internal URL to be used for the session server.
|
| system.defaults.NSGlobalDomain.AppleShowAllFiles | Whether to always show hidden files
|
| system.defaults.controlcenter.AirDrop | Apple menu > System Preferences > Control Center > AirDrop
Show a AirDrop control in menu bar
|
| services.chunkwm.enable | Whether to enable the chunkwm window manager.
|
| system.defaults.NSGlobalDomain.AppleWindowTabbingMode | Sets the window tabbing when opening a new document: 'manual', 'always', or 'fullscreen'
|
| nix.settings.cores | This option defines the maximum number of concurrent tasks during
one build
|
| programs.nix-index.enable | Whether to enable nix-index and its command-not-found helper.
|
| programs.tmux.enable | Whether to configure tmux.
|
| homebrew.casks.*.args | Arguments passed to brew install --cask when installing this cask
|
| services.mopidy.package | This option specifies the mopidy package to use.
|
| launchd.daemons.<name>.serviceConfig.HardResourceLimits | Resource limits to be imposed on the job
|
| system.defaults.trackpad.TrackpadFourFingerHorizSwipeGesture | Whether to enable four-finger horizontal swipe gesture: 0 to disable, 2 to swipe between full-screen applications
|
| services.postgresql.initdbArgs | Additional arguments passed to initdb during data dir
initialisation.
|
| _module.args | Additional arguments passed to each module in addition to ones
like lib, config,
and pkgs, modulesPath
|
| launchd.user.agents.<name>.serviceConfig | Each attribute in this set specifies an option for a key in the plist.
https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man5/launchd.plist.5.html
|
| launchd.user.agents.<name>.serviceConfig.Sockets.<name>.SockProtocol | This optional key specifies the protocol to be passed to socket(2)
|
| system.activationScripts.<name>.enable | Whether this file should be generated
|
| launchd.user.agents.<name>.serviceConfig.HardResourceLimits.CPU | The maximum amount of cpu time (in seconds) to be used by each process.
|
| programs.vim.enableSensible | Enable sensible configuration options for vim.
|
| services.github-runners.<name>.url | Repository to add the runner to
|
| system.defaults.NSGlobalDomain."com.apple.mouse.tapBehavior" | Configures the trackpad tap behavior
|
| environment.userLaunchAgents.<name>.enable | Whether this file should be generated
|
| environment.userLaunchAgents.<name>.source | Path of the source file.
|
| launchd.agents.<name>.serviceConfig.SoftResourceLimits.Stack | The maximum size (in bytes) of the stack segment for a process; this defines how far a program's
stack segment may be extended
|
| launchd.daemons.<name>.serviceConfig.ThrottleInterval | This key lets one override the default throttling policy imposed on jobs by launchd
|
| launchd.user.agents.<name>.serviceConfig.SoftResourceLimits.ResidentSetSize | The maximum size (in bytes) to which a process's resident set size may grow
|
| launchd.daemons.<name>.serviceConfig.HardResourceLimits.Core | The largest size (in bytes) core file that may be created.
|
| launchd.agents.<name>.serviceConfig.Disabled | This optional key is used as a hint to launchctl(1) that it should not submit this job to launchd when
loading a job or jobs
|
| programs.bash.completion.package | The bash-completion package to use.
|
| system.defaults.universalaccess.reduceTransparency | Disable transparency in the menu bar and elsewhere
|
| homebrew.caskArgs | Arguments passed to brew install --cask for all casks listed in
homebrew.casks.
|
| services.github-runners.<name>.tokenFile | The full path to a file which contains either
- a fine-grained personal access token (PAT),
- a classic PAT
- or a runner registration token
Changing this option or the tokenFile’s content triggers a new runner registration
|
| services.gitlab-runner.sessionServer.advertiseAddress | The URL that the Runner will expose to GitLab to be used
to access the session server
|
| launchd.user.agents.<name>.serviceConfig.EnableTransactions | This flag instructs launchd that the job promises to use vproc_transaction_begin(3) and
vproc_transaction_end(3) to track outstanding transactions that need to be reconciled before the
process can safely terminate
|
| system.defaults.trackpad.Dragging | Whether to enable tap to drag
|
| users.users | Configuration for users.
|
| launchd.user.agents.<name>.serviceConfig.InitGroups | This optional key specifies whether initgroups(3) should be called before running the job
|
| system.defaults.screensaver.askForPasswordDelay | The number of seconds to delay before the password will be required to unlock or stop the screen saver (the grace period).
|
| services.gitlab-runner.services.<name>.dockerImage | Docker image to be used.
|
| system.defaults.finder.QuitMenuItem | Whether to allow quitting of the Finder
|
| users.users.<name>.uid | The user's UID.
|
| system.defaults.NSGlobalDomain.NSStatusItemSpacing | Sets the spacing between status icons in the menu bar.
|
| services.eternal-terminal.verbosity | The verbosity level (0-9).
|
| services.hercules-ci-agent.logFile | Stdout and sterr of hercules-ci-agent process.
|
| networking.wg-quick.interfaces.<name>.listenPort | Port to listen on, randomly selected if not specified.
|
| nix.buildMachines.*.protocol | The protocol used for communicating with the build machine
|
| programs.ssh.knownHosts.<name>.hostNames | The set of system-wide known SSH hosts
|
| security.sandbox.profiles.<name>.readablePaths | List of paths that should be read-only inside the sandbox.
|
| services.buildkite-agents.<name>.tags | Tags for the agent.
|
| services.synergy.server.tls.enable | Whether to enable Whether TLS encryption should be used
|
| services.trezord.emulator.enable | Enable Trezor emulator support.
|
| launchd.agents.<name>.command | Command executed as the service's main process.
|
| system.defaults.trackpad.TrackpadPinch | Whether to enable two-finger pinch gesture for zooming in and out
|
| launchd.user.agents.<name>.serviceConfig.EnableGlobbing | This flag causes launchd to use the glob(3) mechanism to update the program arguments before invocation.
|
| services.gitlab-runner.services.<name>.preBuildScript | Runner-specific command script executed after code is pulled,
just before build executes.
|
| services.synergy.client.tls.enable | Whether to enable Whether TLS encryption should be used
|
| services.gitlab-runner.services.<name>.debugTraceDisabled | When set to true Runner will disable the possibility of
using the CI_DEBUG_TRACE feature.
|
| system.defaults.dock.expose-animation-duration | Sets the speed of the Mission Control animations
|
| system.defaults.universalaccess.mouseDriverCursorSize | Set the size of cursor. 1 for normal, 4 for maximum
|
| services.hercules-ci-agent.settings.binaryCachesPath | Path to a JSON file containing binary cache secret keys
|
| services.gitlab-runner.services.<name>.dockerVolumes | Bind-mount a volume and create it
if it doesn't exist prior to mounting.
|
| services.jankyborders.package | The jankyborders package to use.
|
| system.defaults.NSGlobalDomain.NSAutomaticDashSubstitutionEnabled | Whether to enable smart dash substitution
|