| networking.enableIntel2200BGFirmware | Turn on this option if you want firmware for the Intel
PRO/Wireless 2200BG to be loaded automatically
|
| security.acme.defaults.group | Group running the ACME client.
|
| programs.zoxide.enableFishIntegration | Whether to enable Fish integration.
|
| programs.ssh.knownHosts.<name>.hostNames | A list of host names and/or IP numbers used for accessing
the host's ssh service
|
| boot.loader.external.installHook | The full path to a program of your choosing which performs the bootloader installation process
|
| boot.initrd.luks.cryptoModules | A list of cryptographic kernel modules needed to decrypt the root device(s)
|
| services.emacs.package | The emacs package to use.
|
| programs.k40-whisperer.enable | Whether to enable K40-Whisperer.
|
| programs.localsend.enable | Whether to enable localsend, an open source cross-platform alternative to AirDrop.
|
| services.biboumi.settings.identd_port | The TCP port on which to listen for identd queries.
|
| services.elasticsearch-curator.hosts | a list of elasticsearch hosts to connect to
|
| services.firezone.server.provision.accounts.<name>.auth.<name>.name | The name of this authentication provider
|
| services.grafana.provision.alerting.muteTimings.settings.deleteMuteTimes | List of mute time intervals that should be deleted.
|
| environment.etc.<name>.target | Name of symlink (relative to
/etc)
|
| services.collabora-online.port | Listening port
|
| services.easytier.instances.<name>.settings.dhcp | Automatically determine the IPv4 address of this peer based on
existing peers on network.
|
| services.fediwall.nginx.quic | Whether to enable the QUIC transport protocol
|
| services.irkerd.enable | Whether to enable irker, an IRC notification daemon.
|
| boot.crashDump.kernelParams | Parameters that will be passed to the kernel kexec-ed on crash.
|
| programs.sway.extraSessionCommands | Shell commands executed just before Sway is started
|
| services.bonsaid.settings.*.event_name | Name of the event which should trigger this transition when received by bonsaid
|
| services.cpupower-gui.enable | Enables dbus/systemd service needed by cpupower-gui
|
| services.fedimintd.<name>.nginx.config.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.i2pd.outTunnels.<name>.destinationPort | Connect to particular port at destination.
|
| hardware.mwProCapture.enable | Whether to enable the Magewell Pro Capture family kernel module.
|
| services.avahi.publish.workstation | Whether to register a service of type "_workstation._tcp" on the local LAN.
|
| services.davis.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.fluidd.enable | Whether to enable Fluidd, a Klipper web interface for managing your 3d printer.
|
| services.anuko-time-tracker.nginx.listen.*.port | Port number to listen on
|
| services.inadyn.settings.custom.<name>.username | Username for this DDNS provider.
|
| boot.extraSystemdUnitPaths | Additional paths that get appended to the SYSTEMD_UNIT_PATH environment variable
that can contain mutable unit files.
|
| boot.initrd.systemd.repart.extraArgs | Extra command-line arguments to pass to systemd-repart
|
| services.bird-lg.proxy.traceroute.rawOutput | Display traceroute output in raw format.
|
| services.firefly-iii.virtualHost | The hostname at which you wish firefly-iii to be served
|
| services.gokapi.environment.GOKAPI_PORT | Sets the port of the service.
|
| services.httpd.group | Group under which httpd children processes run.
|
| services.keycloak.database.name | Database name to use when connecting to an external or
manually provisioned database; has no effect when a local
database is automatically provisioned
|
| programs.amnezia-vpn.enable | Whether to enable The AmneziaVPN client.
|
| services.leaps.address | Hostname or IP-address to listen to
|
| security.pam.services.<name>.unixAuth | Whether users can log in with passwords defined in
/etc/shadow.
|
| services.iodine.server.extraConfig | Additional command line parameters
|
| services.drupal.sites.<name>.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.epgstation.settings.mirakurunPath | URL to connect to Mirakurun.
|
| services.firezone.relay.enable | Whether to enable the firezone relay server.
|
| services.dolibarr.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.fediwall.settings.hideBots | Hide posts from bot accounts
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.operator | Grants all permissions in all organizations.
|
| services.lemmy.enable | Whether to enable lemmy a federated alternative to reddit in rust.
|
| services.i2pd.proto.http.enable | Whether to enable http.
|
| boot.binfmt.registrations.<name>.fixBinary | Whether to open the interpreter file as soon as the
registration is loaded, rather than waiting for a
relevant file to be invoked
|
| services.akkoma.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.gmediarender.friendlyName | A "friendly name" for identifying the endpoint.
|
| services.gollum.enable | Whether to enable Gollum, a git-powered wiki service.
|
| services.firezone.server.provision.accounts.<name>.features.traffic_filters | Whether to enable the traffic_filters feature for this account.
|
| security.loginDefs.settings.DEFAULT_HOME | Indicate if login is allowed if we can't cd to the home directory.
|
| services.crowdsec.hub.scenarios | List of hub scenarios to install
|
| security.pam.services.<name>.rssh | If set, the calling user's SSH agent is used to authenticate
against the configured keys
|
| services.geth.<name>.http.address | Listen address of Go Ethereum HTTP API.
|
| services.anuko-time-tracker.settings.weekendStartDay | This option defines which days are highlighted with weekend color.
6 means Saturday
|
| services.foundationdb.listenAddress | Publicly visible IP address of the process
|
| services.anuko-time-tracker.nginx.listen.*.addr | Listen address.
|
| services.glitchtip.settings | Configuration of GlitchTip
|
| services.fakeroute.enable | Whether to enable the fakeroute service.
|
| services.hitch.backend | The host and port Hitch connects to when receiving
a connection in the form [HOST]:PORT
|
| services.cjdns.authorizedPasswords | Any remote cjdns nodes that offer these passwords on
connection will be allowed to route through this node.
|
| services.akkoma.nginx.sslTrustedCertificate | Path to root SSL certificate for stapling and client certificates.
|
| services.cloudflared.tunnels.<name>.originRequest.keepAliveTimeout | Timeout after which an idle keepalive connection can be discarded.
|
| services.dawarich.package | The dawarich package to use.
|
| services.bookstack.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.gotenberg.rootPath | Root path for the Gotenberg API.
|
| services.gancio.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.grafana.settings.server.router_logging | Set to true for Grafana to log all HTTP requests (not just errors)
|
| services.headscale.settings.derp.paths | List of file paths containing DERP maps
|
| hardware.logitech.wireless.enable | Whether to enable support for Logitech Wireless Devices.
|
| qt.style | Selects the style to use for Qt applications
|
| services.i2pd.precomputation.elgamal | Whenever to use precomputated tables for ElGamal.
i2pd defaults to false
to save 64M of memory (and looses some performance)
|
| services.komodo-periphery.environmentFile | Environment file for additional configuration via environment variables.
|
| services.athens.storage.s3.region | Region of the S3 storage backend.
|
| services.armagetronad.servers.<name>.settings | Armagetron Advanced server rules configuration
|
| services.bookstack.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.dokuwiki.sites.<name>.settings | Structural DokuWiki configuration
|
| services.flood.enable | Whether to enable flood.
|
| services.agorakit.mail.fromName | Mail "from" name.
|
| powerManagement.powerUpCommands | Commands executed when the machine powers up
|
| services.dwm-status.settings.order | List of enabled features in order.
|
| services.honk.extraJS | An extra JavaScript file to be loaded by the client.
|
| services.haven.package | The haven package to use.
|
| services.infnoise.fillDevRandom | Whether to run the infnoise driver as a daemon to refill /dev/random
|
| services.confd.confDir | The path to the confd configs.
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.readPermissions | The read permissions to include for this token
|
| services.datadog-agent.package | The datadog-agent package to use. ::: {.note}
The provided package is expected to have an overridable pythonPackages-attribute
which configures the Python environment with the Datadog checks.
:::
|
| services.guix.group | The group of the Guix build user pool.
|
| services.journald.upload.settings.Upload.URL | The URL to upload the journal entries to
|
| programs.chromium.plasmaBrowserIntegrationPackage | The plasma-browser-integration package to use.
|
| services.displayManager.lemurs.settings | Configuration for lemurs, provided as a Nix attribute set and automatically
serialized to TOML
|
| programs.proxychains.enable | Whether to enable proxychains configuration.
|
| services.i2pd.proto.bob.name | The endpoint name.
|
| programs.mosh.openFirewall | Whether to automatically open the necessary ports in the firewall.
|
| services.librechat.package | The librechat package to use.
|
| services.infnoise.enable | Whether to enable the Infinite Noise TRNG driver.
|