| nix.settings.auto-optimise-store | If set to true, Nix automatically detects files in the store that have
identical contents, and replaces them with hard links to a single copy
|
| nixpkgs.flake.source | The path to the nixpkgs sources used to build the system
|
| nix.buildMachines | This option lists the machines to be used if distributed builds are
enabled (see nix.distributedBuilds)
|
| homebrew.masApps | Applications to install from Mac App Store using mas
|
| homebrew.global.brewfile | Whether to enable Homebrew to automatically use the Brewfile that this module generates in
the Nix store, when you manually invoke brew bundle
|
| programs.ssh.knownHosts.<name>.publicKeyFile | The path to the public key file for the host
|
| nix.optimise.automatic | Automatically run the nix store optimiser at a specific time.
|
| homebrew.global.lockfiles | Whether to enable Homebrew to generate lockfiles when you manually invoke
brew bundle [install]
|
| services.ofborg.configFile | Configuration file to use for ofborg
|
| nix.buildMachines.*.sshKey | The path to the SSH private key with which to authenticate on
the build machine
|
| nix.settings.sandbox | If set, Nix will perform builds in a sandboxed environment that it
will set up automatically for each build
|
| nix.linux-builder.ephemeral | Whether to enable wipe the builder's filesystem on every restart
|
| homebrew.enable | Whether to enable nix-darwin to manage installing/updating/upgrading Homebrew taps, formulae,
casks, Mac App Store apps, Visual Studio Code extensions, Go packages, and Cargo
crates using Homebrew Bundle
|
| security.sandbox.profiles.<name>.closure | List of store paths to make accessible.
|
| services.buildkite-agents.<name>.tokenPath | The token from your Buildkite "Agents" page
|
| services.buildkite-agents.<name>.privateSshKeyPath | OpenSSH private key
A run-time path to the key file, which is supposed to be provisioned
outside of Nix store.
|
| services.telegraf.environmentFiles | File to load as environment file
|
| nixpkgs.flake.setFlakeRegistry | Whether to pin nixpkgs in the system-wide flake registry (/etc/nix/registry.json) to the
store path of the sources of nixpkgs used to build the nix-darwin system
|
| homebrew.onActivation.upgrade | Whether to enable Homebrew to upgrade outdated formulae and Mac App Store apps during
nix-darwin system activation
|
| security.pki.caCertificateBlacklist | A list of blacklisted CA certificate names that won't be imported from
the Mozilla Trust Store into
/etc/ssl/certs/ca-certificates.crt
|
| services.hercules-ci-agent.settings.secretsJsonPath | Path to a JSON file containing secrets for effects
|
| services.hercules-ci-agent.settings.binaryCachesPath | Path to a JSON file containing binary cache secret keys
|
| services.hercules-ci-agent.settings.clusterJoinTokenPath | Location of the cluster-join-token.key file
|
| services.github-runners | Multiple GitHub Runners
|
| services.buildkite-agents.<name>.hooks.environment | The environment hook will run before all other commands, and can be used
to set up secrets, data, etc
|