commit 7d8742da87c1b06cd6db5eba1fe5a2cf8a7b2568 · pyrox.dev/nixpkgs

+14 -9

nixos/modules/misc/mandoc.nix

···

       96
        
                       {option}`documentation.man.mandoc.manPath` to an empty list (`[]`).

     

       97
        
                     '';

     

       98
        
                   };

     

       99
       -
                   output.fragment = lib.mkEnableOption ''

     

       100
       -
                     Omit the <!DOCTYPE> declaration and the <html>, <head>, and <body>

     

       101
       -
                     elements and only emit the subtree below the <body> element in HTML

     

       102
       -
                     output of {manpage}`mandoc(1)`. The style argument will be ignored.

     

       103
       -
                     This is useful when embedding manual content within existing documents.

     

       104
       -
                   '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       105
        
                   output.includes = lib.mkOption {

     

       106
        
                     type = with lib.types; nullOr str;

     

       107
        
                     default = null;

     
···

       160
        
                     '';

     

       161
        
                   };

     

       162
        
                   output.toc = lib.mkEnableOption ''

     

       163
       -
                     In HTML output of {manpage}`mandoc(1)`, If an input file contains

     

       164
       -
                     at least two non-standard sections, print a table of contents near

     

       165
       -
                     the beginning of the output.

     

       166
        
                   '';

     

       167
        
                   output.width = lib.mkOption {

     

       168
        
                     type = with lib.types; nullOr int;

···

       96
        
                       {option}`documentation.man.mandoc.manPath` to an empty list (`[]`).

     

       97
        
                     '';

     

       98
        
                   };

     

       99
       +
                   output.fragment = lib.mkOption {

     

       100
       +
                     type = lib.types.bool;

     

       101
       +
                     default = false;

     

       102
       +
                     example = true;

     

       103
       +
                     description = ''

     

       104
       +
                       Whether to omit the <!DOCTYPE> declaration and the <html>, <head>, and <body>

     

       105
       +
                       elements and only emit the subtree below the <body> element in HTML

     

       106
       +
                       output of {manpage}`mandoc(1)`. The style argument will be ignored.

     

       107
       +
                       This is useful when embedding manual content within existing documents.

     

       108
       +
                     '';

     

       109
       +
                   };

     

       110
        
                   output.includes = lib.mkOption {

     

       111
        
                     type = with lib.types; nullOr str;

     

       112
        
                     default = null;

     
···

       165
        
                     '';

     

       166
        
                   };

     

       167
        
                   output.toc = lib.mkEnableOption ''

     

       168
       +
                     printing a table of contents near the beginning of the HTML output

     

       169
       +
                     of {manpage}`mandoc(1)` if an input file contains at least two

     

       170
       +
                     non-standard sections

     

       171
        
                   '';

     

       172
        
                   output.width = lib.mkOption {

     

       173
        
                     type = with lib.types; nullOr int;

+1 -3

nixos/modules/programs/dublin-traceroute.nix

···

       8
        
       

     

       9
        
         options = {

     

       10
        
           programs.dublin-traceroute = {

     

       11
       -
             enable = lib.mkEnableOption ''

     

       12
       -
             dublin-traceroute, add it to the global environment and configure a setcap wrapper for it.

     

       13
       -
             '';

     

       14
        
       

     

       15
        
             package = lib.mkPackageOption pkgs "dublin-traceroute" { };

     

       16
        
           };

···

       8
        
       

     

       9
        
         options = {

     

       10
        
           programs.dublin-traceroute = {

     

       11
       +
             enable = lib.mkEnableOption "dublin-traceroute (including setcap wrapper)";

     

       0
        
       
     

       0
        
       
     

       12
        
       

     

       13
        
             package = lib.mkPackageOption pkgs "dublin-traceroute" { };

     

       14
        
           };

+1 -1

nixos/modules/programs/joycond-cemuhook.nix

···

       1
        
       { lib, pkgs, config, ... }:

     

       2
        
       {

     

       3
        
         options.programs.joycond-cemuhook = {

     

       4
       -
           enable = lib.mkEnableOption "joycond-cemuhook, a program to enable support for cemuhook's UDP protocol for joycond devices.";

     

       5
        
         };

     

       6
        
       

     

       7
        
         config = lib.mkIf config.programs.joycond-cemuhook.enable {

···

       1
        
       { lib, pkgs, config, ... }:

     

       2
        
       {

     

       3
        
         options.programs.joycond-cemuhook = {

     

       4
       +
           enable = lib.mkEnableOption "joycond-cemuhook, a program to enable support for cemuhook's UDP protocol for joycond devices";

     

       5
        
         };

     

       6
        
       

     

       7
        
         config = lib.mkIf config.programs.joycond-cemuhook.enable {

+1 -1

nixos/modules/programs/mouse-actions.nix

···

       6
        
         {

     

       7
        
           options.programs.mouse-actions = {

     

       8
        
             enable = lib.mkEnableOption ''

     

       9
       -
               mouse-actions udev rules. This is a prerequisite for using mouse-actions without being root.

     

       10
        
             '';

     

       11
        
           };

     

       12
        
           config = lib.mkIf cfg.enable {

···

       6
        
         {

     

       7
        
           options.programs.mouse-actions = {

     

       8
        
             enable = lib.mkEnableOption ''

     

       9
       +
               mouse-actions udev rules. This is a prerequisite for using mouse-actions without being root

     

       10
        
             '';

     

       11
        
           };

     

       12
        
           config = lib.mkIf cfg.enable {

+3 -3

nixos/modules/security/ca.nix

···

       26
        
       

     

       27
        
           security.pki.useCompatibleBundle = mkEnableOption ''usage of a compatibility bundle.

     

       28
        
       

     

       29
       -
             Such a bundle consist exclusively of `BEGIN CERTIFICATE` and no `BEGIN TRUSTED CERTIFICATE`,

     

       30
       -
             which is a OpenSSL specific PEM format.

     

       31
        
       

     

       32
        
             It is known to be incompatible with certain software stacks.

     

       33
        
       

     

       34
        
             Nevertheless, enabling this will strip all additional trust rules provided by the

     

       35
       -
             certificates themselves, this can have security consequences depending on your usecases.

     

       36
        
           '';

     

       37
        
       

     

       38
        
           security.pki.certificateFiles = mkOption {

···

       26
        
       

     

       27
        
           security.pki.useCompatibleBundle = mkEnableOption ''usage of a compatibility bundle.

     

       28
        
       

     

       29
       +
             Such a bundle consists exclusively of `BEGIN CERTIFICATE` and no `BEGIN TRUSTED CERTIFICATE`,

     

       30
       +
             which is an OpenSSL specific PEM format.

     

       31
        
       

     

       32
        
             It is known to be incompatible with certain software stacks.

     

       33
        
       

     

       34
        
             Nevertheless, enabling this will strip all additional trust rules provided by the

     

       35
       +
             certificates themselves. This can have security consequences depending on your usecases

     

       36
        
           '';

     

       37
        
       

     

       38
        
           security.pki.certificateFiles = mkOption {

+1 -1

nixos/modules/security/pam.nix

···

       1055
        
                 the dp9ik pam module provided by tlsclient.

     

       1056
        
       

     

       1057
        
                 If set, users can be authenticated against the 9front

     

       1058
       -
                 authentication server given in {option}`security.pam.dp9ik.authserver`.

     

       1059
        
               '';

     

       1060
        
             control = mkOption {

     

       1061
        
               default = "sufficient";

···

       1055
        
                 the dp9ik pam module provided by tlsclient.

     

       1056
        
       

     

       1057
        
                 If set, users can be authenticated against the 9front

     

       1058
       +
                 authentication server given in {option}`security.pam.dp9ik.authserver`

     

       1059
        
               '';

     

       1060
        
             control = mkOption {

     

       1061
        
               default = "sufficient";

+1 -1

nixos/modules/security/sudo-rs.nix

···

       41
        
       

     

       42
        
           enable = mkEnableOption ''

     

       43
        
             a memory-safe implementation of the {command}`sudo` command,

     

       44
       -
             which allows non-root users to execute commands as root.

     

       45
        
           '';

     

       46
        
       

     

       47
        
           package = mkPackageOption pkgs "sudo-rs" { };

···

       41
        
       

     

       42
        
           enable = mkEnableOption ''

     

       43
        
             a memory-safe implementation of the {command}`sudo` command,

     

       44
       +
             which allows non-root users to execute commands as root

     

       45
        
           '';

     

       46
        
       

     

       47
        
           package = mkPackageOption pkgs "sudo-rs" { };

+1 -1

nixos/modules/services/databases/memcached.nix

···

       37
        
               description = "The port to bind to.";

     

       38
        
             };

     

       39
        
       

     

       40
       -
             enableUnixSocket = mkEnableOption "Unix Domain Socket at /run/memcached/memcached.sock instead of listening on an IP address and port. The `listen` and `port` options are ignored.";

     

       41
        
       

     

       42
        
             maxMemory = mkOption {

     

       43
        
               type = types.ints.unsigned;

···

       37
        
               description = "The port to bind to.";

     

       38
        
             };

     

       39
        
       

     

       40
       +
             enableUnixSocket = mkEnableOption "Unix Domain Socket at /run/memcached/memcached.sock instead of listening on an IP address and port. The `listen` and `port` options are ignored";

     

       41
        
       

     

       42
        
             maxMemory = mkOption {

     

       43
        
               type = types.ints.unsigned;

+1 -1

nixos/modules/services/matrix/mautrix-signal.nix

···

       52
        
       in

     

       53
        
       {

     

       54
        
         options.services.mautrix-signal = {

     

       55
       -
           enable = lib.mkEnableOption "mautrix-signal, a Matrix-Signal puppeting bridge.";

     

       56
        
       

     

       57
        
           settings = lib.mkOption {

     

       58
        
             apply = lib.recursiveUpdate defaultConfig;

···

       52
        
       in

     

       53
        
       {

     

       54
        
         options.services.mautrix-signal = {

     

       55
       +
           enable = lib.mkEnableOption "mautrix-signal, a Matrix-Signal puppeting bridge";

     

       56
        
       

     

       57
        
           settings = lib.mkOption {

     

       58
        
             apply = lib.recursiveUpdate defaultConfig;

+1 -1

nixos/modules/services/matrix/mautrix-whatsapp.nix

···

       47
        
       

     

       48
        
       in {

     

       49
        
         options.services.mautrix-whatsapp = {

     

       50
       -
           enable = lib.mkEnableOption "mautrix-whatsapp, a puppeting/relaybot bridge between Matrix and WhatsApp.";

     

       51
        
       

     

       52
        
           settings = lib.mkOption {

     

       53
        
             type = settingsFormat.type;

···

       47
        
       

     

       48
        
       in {

     

       49
        
         options.services.mautrix-whatsapp = {

     

       50
       +
           enable = lib.mkEnableOption "mautrix-whatsapp, a puppeting/relaybot bridge between Matrix and WhatsApp";

     

       51
        
       

     

       52
        
           settings = lib.mkOption {

     

       53
        
             type = settingsFormat.type;

+1 -1

nixos/modules/services/misc/mqtt2influxdb.nix

···

       124
        
       in {

     

       125
        
         options = {

     

       126
        
           services.mqtt2influxdb = {

     

       127
       -
             enable = mkEnableOption "BigClown MQTT to InfluxDB bridge.";

     

       128
        
             package = mkPackageOption pkgs ["python3Packages" "mqtt2influxdb"] {};

     

       129
        
             environmentFiles = mkOption {

     

       130
        
               type = types.listOf types.path;

···

       124
        
       in {

     

       125
        
         options = {

     

       126
        
           services.mqtt2influxdb = {

     

       127
       +
             enable = mkEnableOption "BigClown MQTT to InfluxDB bridge";

     

       128
        
             package = mkPackageOption pkgs ["python3Packages" "mqtt2influxdb"] {};

     

       129
        
             environmentFiles = mkOption {

     

       130
        
               type = types.listOf types.path;

+1 -1

nixos/modules/services/misc/paperless.nix

···

       225
        
             effectively never complete due to running into timeouts.

     

       226
        
       

     

       227
        
             This sets `OMP_NUM_THREADS` to `1` in order to mitigate the issue. See

     

       228
       -
             https://github.com/NixOS/nixpkgs/issues/240591 for more information.

     

       229
        
           '' // mkOption { default = true; };

     

       230
        
         };

     

       231

···

       225
        
             effectively never complete due to running into timeouts.

     

       226
        
       

     

       227
        
             This sets `OMP_NUM_THREADS` to `1` in order to mitigate the issue. See

     

       228
       +
             https://github.com/NixOS/nixpkgs/issues/240591 for more information

     

       229
        
           '' // mkOption { default = true; };

     

       230
        
         };

     

       231

+1 -1

nixos/modules/services/misc/portunus.nix

···

       70
        
       

     

       71
        
               To activate dex, first a search user must be created in the Portunus web ui

     

       72
        
               and then the password must to be set as the `DEX_SEARCH_USER_PASSWORD` environment variable

     

       73
       -
               in the [](#opt-services.dex.environmentFile) setting.

     

       74
        
             '';

     

       75
        
       

     

       76
        
             oidcClients = mkOption {

···

       70
        
       

     

       71
        
               To activate dex, first a search user must be created in the Portunus web ui

     

       72
        
               and then the password must to be set as the `DEX_SEARCH_USER_PASSWORD` environment variable

     

       73
       +
               in the [](#opt-services.dex.environmentFile) setting

     

       74
        
             '';

     

       75
        
       

     

       76
        
             oidcClients = mkOption {

+1 -1

nixos/modules/services/misc/spice-autorandr.nix

···

       6
        
       {

     

       7
        
         options = {

     

       8
        
           services.spice-autorandr = {

     

       9
       -
             enable = lib.mkEnableOption "spice-autorandr service that will automatically resize display to match SPICE client window size.";

     

       10
        
             package = lib.mkPackageOption pkgs "spice-autorandr" { };

     

       11
        
           };

     

       12
        
         };

···

       6
        
       {

     

       7
        
         options = {

     

       8
        
           services.spice-autorandr = {

     

       9
       +
             enable = lib.mkEnableOption "spice-autorandr service that will automatically resize display to match SPICE client window size";

     

       10
        
             package = lib.mkPackageOption pkgs "spice-autorandr" { };

     

       11
        
           };

     

       12
        
         };

+1 -1

nixos/modules/services/monitoring/rustdesk-server.nix

···

       4
        
         UDPPorts = [21116];

     

       5
        
       in {

     

       6
        
         options.services.rustdesk-server = with lib; with types; {

     

       7
       -
           enable = mkEnableOption "RustDesk, a remote access and remote control software, allowing maintenance of computers and other devices.";

     

       8
        
       

     

       9
        
           package = mkPackageOption pkgs "rustdesk-server" {};

     

       10

···

       4
        
         UDPPorts = [21116];

     

       5
        
       in {

     

       6
        
         options.services.rustdesk-server = with lib; with types; {

     

       7
       +
           enable = mkEnableOption "RustDesk, a remote access and remote control software, allowing maintenance of computers and other devices";

     

       8
        
       

     

       9
        
           package = mkPackageOption pkgs "rustdesk-server" {};

     

       10

+1 -1

nixos/modules/services/monitoring/thanos.nix

···

       696
        
           };

     

       697
        
       

     

       698
        
           store = paramsToOptions params.store // {

     

       699
       -
             enable = mkEnableOption "the Thanos store node giving access to blocks in a bucket provider.";

     

       700
        
             arguments = mkArgumentsOption "store";

     

       701
        
           };

     

       702

···

       696
        
           };

     

       697
        
       

     

       698
        
           store = paramsToOptions params.store // {

     

       699
       +
             enable = mkEnableOption "the Thanos store node giving access to blocks in a bucket provider";

     

       700
        
             arguments = mkArgumentsOption "store";

     

       701
        
           };

     

       702

+2 -2

nixos/modules/services/monitoring/ups.nix

···

       385
        
       

     

       386
        
           power.ups = {

     

       387
        
             enable = mkEnableOption ''

     

       388
       -
               Enables support for Power Devices, such as Uninterruptible Power

     

       389
       -
               Supplies, Power Distribution Units and Solar Controllers.

     

       390
        
             '';

     

       391
        
       

     

       392
        
             mode = mkOption {

···

       385
        
       

     

       386
        
           power.ups = {

     

       387
        
             enable = mkEnableOption ''

     

       388
       +
               support for Power Devices, such as Uninterruptible Power

     

       389
       +
               Supplies, Power Distribution Units and Solar Controllers

     

       390
        
             '';

     

       391
        
       

     

       392
        
             mode = mkOption {

+1 -1

nixos/modules/services/network-filesystems/openafs/server.nix

···

       183
        
       

     

       184
        
                 enableFabs = mkEnableOption ''

     

       185
        
                   FABS, the flexible AFS backup system. It stores volumes as dump files, relying on other

     

       186
       -
                   pre-existing backup solutions for handling them.

     

       187
        
                 '';

     

       188
        
       

     

       189
        
                 buserverArgs = mkOption {

···

       183
        
       

     

       184
        
                 enableFabs = mkEnableOption ''

     

       185
        
                   FABS, the flexible AFS backup system. It stores volumes as dump files, relying on other

     

       186
       +
                   pre-existing backup solutions for handling them

     

       187
        
                 '';

     

       188
        
       

     

       189
        
                 buserverArgs = mkOption {

+1 -1

nixos/modules/services/network-filesystems/samba-wsdd.nix

···

       10
        
           services.samba-wsdd = {

     

       11
        
             enable = mkEnableOption ''

     

       12
        
               Web Services Dynamic Discovery host daemon. This enables (Samba) hosts, like your local NAS device,

     

       13
       -
               to be found by Web Service Discovery Clients like Windows.

     

       14
        
             '';

     

       15
        
             interface = mkOption {

     

       16
        
               type = types.nullOr types.str;

···

       10
        
           services.samba-wsdd = {

     

       11
        
             enable = mkEnableOption ''

     

       12
        
               Web Services Dynamic Discovery host daemon. This enables (Samba) hosts, like your local NAS device,

     

       13
       +
               to be found by Web Service Discovery Clients like Windows

     

       14
        
             '';

     

       15
        
             interface = mkOption {

     

       16
        
               type = types.nullOr types.str;

+3 -3

nixos/modules/services/networking/gns3-server.nix

···

       87
        
             };

     

       88
        
       

     

       89
        
             dynamips = {

     

       90
       -
               enable = lib.mkEnableOption ''Whether to enable Dynamips support.'';

     

       91
        
               package = lib.mkPackageOptionMD pkgs "dynamips" { };

     

       92
        
             };

     

       93
        
       

     

       94
        
             ubridge = {

     

       95
       -
               enable = lib.mkEnableOption ''Whether to enable uBridge support.'';

     

       96
        
               package = lib.mkPackageOptionMD pkgs "ubridge" { };

     

       97
        
             };

     

       98
        
       

     

       99
        
             vpcs = {

     

       100
       -
               enable = lib.mkEnableOption ''Whether to enable VPCS support.'';

     

       101
        
               package = lib.mkPackageOptionMD pkgs "vpcs" { };

     

       102
        
             };

     

       103
        
           };

···

       87
        
             };

     

       88
        
       

     

       89
        
             dynamips = {

     

       90
       +
               enable = lib.mkEnableOption ''Dynamips support'';

     

       91
        
               package = lib.mkPackageOptionMD pkgs "dynamips" { };

     

       92
        
             };

     

       93
        
       

     

       94
        
             ubridge = {

     

       95
       +
               enable = lib.mkEnableOption ''uBridge support'';

     

       96
        
               package = lib.mkPackageOptionMD pkgs "ubridge" { };

     

       97
        
             };

     

       98
        
       

     

       99
        
             vpcs = {

     

       100
       +
               enable = lib.mkEnableOption ''VPCS support'';

     

       101
        
               package = lib.mkPackageOptionMD pkgs "vpcs" { };

     

       102
        
             };

     

       103
        
           };

+1 -1

nixos/modules/services/networking/haproxy.nix

···

       17
        
         options = {

     

       18
        
           services.haproxy = {

     

       19
        
       

     

       20
       -
             enable = mkEnableOption "HAProxy, the reliable, high performance TCP/HTTP load balancer.";

     

       21
        
       

     

       22
        
             package = mkPackageOption pkgs "haproxy" { };

     

       23

···

       17
        
         options = {

     

       18
        
           services.haproxy = {

     

       19
        
       

     

       20
       +
             enable = mkEnableOption "HAProxy, the reliable, high performance TCP/HTTP load balancer";

     

       21
        
       

     

       22
        
             package = mkPackageOption pkgs "haproxy" { };

     

       23

+2 -2

nixos/modules/services/networking/hylafax/options.nix

···

       312
        
           };

     

       313
        
       

     

       314
        
           faxqclean.enable.spoolInit = mkEnableOption ''

     

       315
       -
             Purge old files from the spooling area with

     

       316
        
             {file}`faxqclean`

     

       317
       -
             each time the spooling area is initialized.

     

       318
        
           '';

     

       319
        
           faxqclean.enable.frequency = mkOption {

     

       320
        
             type = nullOr nonEmptyStr;

···

       312
        
           };

     

       313
        
       

     

       314
        
           faxqclean.enable.spoolInit = mkEnableOption ''

     

       315
       +
             purging old files from the spooling area with

     

       316
        
             {file}`faxqclean`

     

       317
       +
             each time the spooling area is initialized

     

       318
        
           '';

     

       319
        
           faxqclean.enable.frequency = mkOption {

     

       320
        
             type = nullOr nonEmptyStr;

+1 -1

nixos/modules/services/networking/netbird/dashboard.nix

···

       39
        
       

     

       40
        
           package = mkPackageOption pkgs "netbird-dashboard" { };

     

       41
        
       

     

       42
       -
           enableNginx = mkEnableOption "Nginx reverse-proxy to serve the dashboard.";

     

       43
        
       

     

       44
        
           domain = mkOption {

     

       45
        
             type = str;

···

       39
        
       

     

       40
        
           package = mkPackageOption pkgs "netbird-dashboard" { };

     

       41
        
       

     

       42
       +
           enableNginx = mkEnableOption "Nginx reverse-proxy to serve the dashboard";

     

       43
        
       

     

       44
        
           domain = mkOption {

     

       45
        
             type = str;

+2 -2

nixos/modules/services/networking/netbird/management.nix

···

       137
        
       

     

       138
        
       {

     

       139
        
         options.services.netbird.server.management = {

     

       140
       -
           enable = mkEnableOption "Netbird Management Service.";

     

       141
        
       

     

       142
        
           package = mkPackageOption pkgs "netbird" { };

     

       143
        
       

     
···

       335
        
             description = "Log level of the netbird services.";

     

       336
        
           };

     

       337
        
       

     

       338
       -
           enableNginx = mkEnableOption "Nginx reverse-proxy for the netbird management service.";

     

       339
        
         };

     

       340
        
       

     

       341
        
         config = mkIf cfg.enable {

···

       137
        
       

     

       138
        
       {

     

       139
        
         options.services.netbird.server.management = {

     

       140
       +
           enable = mkEnableOption "Netbird Management Service";

     

       141
        
       

     

       142
        
           package = mkPackageOption pkgs "netbird" { };

     

       143
        
       

     
···

       335
        
             description = "Log level of the netbird services.";

     

       336
        
           };

     

       337
        
       

     

       338
       +
           enableNginx = mkEnableOption "Nginx reverse-proxy for the netbird management service";

     

       339
        
         };

     

       340
        
       

     

       341
        
         config = mkIf cfg.enable {

+1 -1

nixos/modules/services/networking/netbird/server.nix

···

       31
        
         options.services.netbird.server = {

     

       32
        
           enable = mkEnableOption "Netbird Server stack, comprising the dashboard, management API and signal service";

     

       33
        
       

     

       34
       -
           enableNginx = mkEnableOption "Nginx reverse-proxy for the netbird server services.";

     

       35
        
       

     

       36
        
           domain = mkOption {

     

       37
        
             type = str;

···

       31
        
         options.services.netbird.server = {

     

       32
        
           enable = mkEnableOption "Netbird Server stack, comprising the dashboard, management API and signal service";

     

       33
        
       

     

       34
       +
           enableNginx = mkEnableOption "Nginx reverse-proxy for the netbird server services";

     

       35
        
       

     

       36
        
           domain = mkOption {

     

       37
        
             type = str;

+1 -1

nixos/modules/services/networking/netbird/signal.nix

···

       28
        
       

     

       29
        
           package = mkPackageOption pkgs "netbird" { };

     

       30
        
       

     

       31
       -
           enableNginx = mkEnableOption "Nginx reverse-proxy for the netbird signal service.";

     

       32
        
       

     

       33
        
           domain = mkOption {

     

       34
        
             type = str;

···

       28
        
       

     

       29
        
           package = mkPackageOption pkgs "netbird" { };

     

       30
        
       

     

       31
       +
           enableNginx = mkEnableOption "Nginx reverse-proxy for the netbird signal service";

     

       32
        
       

     

       33
        
           domain = mkOption {

     

       34
        
             type = str;

+1 -1

nixos/modules/services/networking/networkd-dispatcher.nix

···

       14
        
             enable = mkEnableOption ''

     

       15
        
               Networkd-dispatcher service for systemd-networkd connection status

     

       16
        
               change. See [https://gitlab.com/craftyguy/networkd-dispatcher](upstream instructions)

     

       17
       -
               for usage.

     

       18
        
             '';

     

       19
        
       

     

       20
        
             rules = mkOption {

···

       14
        
             enable = mkEnableOption ''

     

       15
        
               Networkd-dispatcher service for systemd-networkd connection status

     

       16
        
               change. See [https://gitlab.com/craftyguy/networkd-dispatcher](upstream instructions)

     

       17
       +
               for usage

     

       18
        
             '';

     

       19
        
       

     

       20
        
             rules = mkOption {

+1 -3

nixos/modules/services/networking/nncp.nix

···

       34
        
                 [](#opt-programs.nncp.settings)

     

       35
        
               '';

     

       36
        
               socketActivation = {

     

       37
       -
                 enable = mkEnableOption ''

     

       38
       -
                   Whether to run nncp-daemon persistently or socket-activated.

     

       39
       -
                 '';

     

       40
        
                 listenStreams = mkOption {

     

       41
        
                   type = with types; listOf str;

     

       42
        
                   description = ''

···

       34
        
                 [](#opt-programs.nncp.settings)

     

       35
        
               '';

     

       36
        
               socketActivation = {

     

       37
       +
                 enable = mkEnableOption "socket activation for nncp-daemon";

     

       0
        
       
     

       0
        
       
     

       38
        
                 listenStreams = mkOption {

     

       39
        
                   type = with types; listOf str;

     

       40
        
                   description = ''

+1 -1

nixos/modules/services/security/fail2ban.nix

···

       263
        
               '';

     

       264
        
               type = with types; attrsOf (either lines (submodule ({ name, ... }: {

     

       265
        
                 options = {

     

       266
       -
                   enabled = mkEnableOption "this jail." // {

     

       267
        
                     default = true;

     

       268
        
                     readOnly = name == "DEFAULT";

     

       269
        
                   };

···

       263
        
               '';

     

       264
        
               type = with types; attrsOf (either lines (submodule ({ name, ... }: {

     

       265
        
                 options = {

     

       266
       +
                   enabled = mkEnableOption "this jail" // {

     

       267
        
                     default = true;

     

       268
        
                     readOnly = name == "DEFAULT";

     

       269
        
                   };

+1 -1

nixos/modules/services/security/haveged.nix

···

       17
        
       

     

       18
        
             enable = mkEnableOption ''

     

       19
        
               haveged entropy daemon, which refills /dev/random when low.

     

       20
       -
               NOTE: does nothing on kernels newer than 5.6.

     

       21
        
             '';

     

       22
        
             # source for the note https://github.com/jirka-h/haveged/issues/57

     

       23

···

       17
        
       

     

       18
        
             enable = mkEnableOption ''

     

       19
        
               haveged entropy daemon, which refills /dev/random when low.

     

       20
       +
               NOTE: does nothing on kernels newer than 5.6

     

       21
        
             '';

     

       22
        
             # source for the note https://github.com/jirka-h/haveged/issues/57

     

       23

+1 -1

nixos/modules/services/web-apps/audiobookshelf.nix

···

       8
        
       {

     

       9
        
         options = {

     

       10
        
           services.audiobookshelf = {

     

       11
       -
             enable = mkEnableOption "Audiobookshelf, self-hosted audiobook and podcast server.";

     

       12
        
       

     

       13
        
             package = mkPackageOption pkgs "audiobookshelf" { };

     

       14

···

       8
        
       {

     

       9
        
         options = {

     

       10
        
           services.audiobookshelf = {

     

       11
       +
             enable = mkEnableOption "Audiobookshelf, self-hosted audiobook and podcast server";

     

       12
        
       

     

       13
        
             package = mkPackageOption pkgs "audiobookshelf" { };

     

       14

+1 -1

nixos/modules/services/web-apps/jitsi-meet.nix

···

       170
        
             '';

     

       171
        
           };

     

       172
        
       

     

       173
       -
           caddy.enable = mkEnableOption "Whether to enable caddy reverse proxy to expose jitsi-meet";

     

       174
        
       

     

       175
        
           prosody.enable = mkOption {

     

       176
        
             type = bool;

···

       170
        
             '';

     

       171
        
           };

     

       172
        
       

     

       173
       +
           caddy.enable = mkEnableOption "caddy reverse proxy to expose jitsi-meet";

     

       174
        
       

     

       175
        
           prosody.enable = mkOption {

     

       176
        
             type = bool;

+2 -2

nixos/modules/services/web-apps/nextcloud.nix

···

       474
        
                   implementation into the virtual filesystem.

     

       475
        
       

     

       476
        
                   Further details about this feature can be found in the

     

       477
       -
                   [upstream documentation](https://docs.nextcloud.com/server/22/admin_manual/configuration_files/primary_storage.html).

     

       478
        
                 '';

     

       479
        
                 bucket = mkOption {

     

       480
        
                   type = types.str;

     
···

       576
        
               This is used by the theming app and for generating previews of certain images (e.g. SVG and HEIF).

     

       577
        
               You may want to disable it for increased security. In that case, previews will still be available

     

       578
        
               for some images (e.g. JPEG and PNG).

     

       579
       -
               See <https://github.com/nextcloud/server/issues/13099>.

     

       580
        
           '' // {

     

       581
        
             default = true;

     

       582
        
           };

···

       474
        
                   implementation into the virtual filesystem.

     

       475
        
       

     

       476
        
                   Further details about this feature can be found in the

     

       477
       +
                   [upstream documentation](https://docs.nextcloud.com/server/22/admin_manual/configuration_files/primary_storage.html)

     

       478
        
                 '';

     

       479
        
                 bucket = mkOption {

     

       480
        
                   type = types.str;

     
···

       576
        
               This is used by the theming app and for generating previews of certain images (e.g. SVG and HEIF).

     

       577
        
               You may want to disable it for increased security. In that case, previews will still be available

     

       578
        
               for some images (e.g. JPEG and PNG).

     

       579
       +
               See <https://github.com/nextcloud/server/issues/13099>

     

       580
        
           '' // {

     

       581
        
             default = true;

     

       582
        
           };

+1 -1

nixos/modules/services/web-apps/pretix.nix

···

       63
        
         };

     

       64
        
       

     

       65
        
         options.services.pretix = {

     

       66
       -
           enable = mkEnableOption "Pretix, a ticket shop application for conferences, festivals, concerts, etc.";

     

       67
        
       

     

       68
        
           package = mkPackageOption pkgs "pretix" { };

     

       69

···

       63
        
         };

     

       64
        
       

     

       65
        
         options.services.pretix = {

     

       66
       +
           enable = mkEnableOption "Pretix, a ticket shop application for conferences, festivals, concerts, etc";

     

       67
        
       

     

       68
        
           package = mkPackageOption pkgs "pretix" { };

     

       69

+1 -1

nixos/modules/services/web-apps/silverbullet.nix

···

       12
        
       {

     

       13
        
         options = {

     

       14
        
           services.silverbullet = {

     

       15
       -
             enable = lib.mkEnableOption "Silverbullet, an open-source, self-hosted, offline-capable Personal Knowledge Management (PKM) web application.";

     

       16
        
       

     

       17
        
             package = lib.mkPackageOptionMD pkgs "silverbullet" { };

     

       18

···

       12
        
       {

     

       13
        
         options = {

     

       14
        
           services.silverbullet = {

     

       15
       +
             enable = lib.mkEnableOption "Silverbullet, an open-source, self-hosted, offline-capable Personal Knowledge Management (PKM) web application";

     

       16
        
       

     

       17
        
             package = lib.mkPackageOptionMD pkgs "silverbullet" { };

     

       18

+2 -2

nixos/modules/services/web-apps/suwayomi-server.nix

···

       9
        
       {

     

       10
        
         options = {

     

       11
        
           services.suwayomi-server = {

     

       12
       -
             enable = mkEnableOption "Suwayomi, a free and open source manga reader server that runs extensions built for Tachiyomi.";

     

       13
        
       

     

       14
        
             package = lib.mkPackageOptionMD pkgs "suwayomi-server" { };

     

       15
        
       

     
···

       72
        
                     };

     

       73
        
       

     

       74
        
                     basicAuthEnabled = mkEnableOption ''

     

       75
       -
                       Add basic access authentication to Suwayomi-Server.

     

       76
        
                       Enabling this option is useful when hosting on a public network/the Internet

     

       77
        
                     '';

     

       78

···

       9
        
       {

     

       10
        
         options = {

     

       11
        
           services.suwayomi-server = {

     

       12
       +
             enable = mkEnableOption "Suwayomi, a free and open source manga reader server that runs extensions built for Tachiyomi";

     

       13
        
       

     

       14
        
             package = lib.mkPackageOptionMD pkgs "suwayomi-server" { };

     

       15
        
       

     
···

       72
        
                     };

     

       73
        
       

     

       74
        
                     basicAuthEnabled = mkEnableOption ''

     

       75
       +
                       basic access authentication for Suwayomi-Server.

     

       76
        
                       Enabling this option is useful when hosting on a public network/the Internet

     

       77
        
                     '';

     

       78

+3 -3

nixos/modules/services/web-servers/nginx/default.nix

···

       1086
        
               '';

     

       1087
        
               description = "Declarative vhost config";

     

       1088
        
             };

     

       1089
       -
             validateConfigFile = lib.mkEnableOption ''

     

       1090
       -
               Validate configuration with pkgs.writeNginxConfig.

     

       1091
       -
             '' // { default = true; };

     

       1092
        
           };

     

       1093
        
         };

     

       1094

···

       1086
        
               '';

     

       1087
        
               description = "Declarative vhost config";

     

       1088
        
             };

     

       1089
       +
             validateConfigFile = lib.mkEnableOption "validating configuration with pkgs.writeNginxConfig" // {

     

       1090
       +
               default = true;

     

       1091
       +
             };

     

       1092
        
           };

     

       1093
        
         };

     

       1094

+2 -2

nixos/modules/testing/test-instrumentation.nix

···

       57
        
         options.testing = {

     

       58
        
       

     

       59
        
           initrdBackdoor = lib.mkEnableOption ''

     

       60
       -
             enable backdoor.service in initrd. Requires

     

       61
        
             boot.initrd.systemd.enable to be enabled. Boot will pause in

     

       62
        
             stage 1 at initrd.target, and will listen for commands from the

     

       63
        
             Machine python interface, just like stage 2 normally does. This

     

       64
        
             enables commands to be sent to test and debug stage 1. Use

     

       65
       -
             machine.switch_root() to leave stage 1 and proceed to stage 2.

     

       66
        
           '';

     

       67
        
       

     

       68
        
         };

···

       57
        
         options.testing = {

     

       58
        
       

     

       59
        
           initrdBackdoor = lib.mkEnableOption ''

     

       60
       +
             backdoor.service in initrd. Requires

     

       61
        
             boot.initrd.systemd.enable to be enabled. Boot will pause in

     

       62
        
             stage 1 at initrd.target, and will listen for commands from the

     

       63
        
             Machine python interface, just like stage 2 normally does. This

     

       64
        
             enables commands to be sent to test and debug stage 1. Use

     

       65
       +
             machine.switch_root() to leave stage 1 and proceed to stage 2

     

       66
        
           '';

     

       67
        
       

     

       68
        
         };

+1 -1

nixos/modules/virtualisation/incus.nix

···

       149
        
       

     

       150
        
               Users in the "incus-admin" group can interact with

     

       151
        
               the daemon (e.g. to start or stop containers) using the

     

       152
       -
               {command}`incus` command line tool, among others.

     

       153
        
             '';

     

       154
        
       

     

       155
        
             package = lib.mkPackageOption pkgs "incus-lts" { };

···

       149
        
       

     

       150
        
               Users in the "incus-admin" group can interact with

     

       151
        
               the daemon (e.g. to start or stop containers) using the

     

       152
       +
               {command}`incus` command line tool, among others

     

       153
        
             '';

     

       154
        
       

     

       155
        
             package = lib.mkPackageOption pkgs "incus-lts" { };

+1 -3

nixos/modules/virtualisation/multipass.nix

···

       10
        
       {

     

       11
        
         options = {

     

       12
        
           virtualisation.multipass = {

     

       13
       -
             enable = lib.mkEnableOption ''

     

       14
       -
               Multipass, a simple manager for virtualised Ubuntu instances.

     

       15
       -
             '';

     

       16
        
       

     

       17
        
             logLevel = lib.mkOption {

     

       18
        
               type = lib.types.enum [ "error" "warning" "info" "debug" "trace" ];

···

       10
        
       {

     

       11
        
         options = {

     

       12
        
           virtualisation.multipass = {

     

       13
       +
             enable = lib.mkEnableOption "Multipass, a simple manager for virtualised Ubuntu instances";

     

       0
        
       
     

       0
        
       
     

       14
        
       

     

       15
        
             logLevel = lib.mkOption {

     

       16
        
               type = lib.types.enum [ "error" "warning" "info" "debug" "trace" ];

+1 -1

nixos/modules/virtualisation/qemu-vm.nix

···

       900
        
           };

     

       901
        
       

     

       902
        
           virtualisation.tpm = {

     

       903
       -
             enable = mkEnableOption "a TPM device in the virtual machine with a driver, using swtpm.";

     

       904
        
       

     

       905
        
             package = mkPackageOption cfg.host.pkgs "swtpm" { };

     

       906

···

       900
        
           };

     

       901
        
       

     

       902
        
           virtualisation.tpm = {

     

       903
       +
             enable = mkEnableOption "a TPM device in the virtual machine with a driver, using swtpm";

     

       904
        
       

     

       905
        
             package = mkPackageOption cfg.host.pkgs "swtpm" { };

     

       906