commit 7e80c42b0ead918defafb92893c605983319e418 · pyrox.dev/nixpkgs

+1 -1

lib/types.nix

···

       261
        
           # declarations from the ‘options’ attribute of containing option

     

       262
        
           # declaration.

     

       263
        
           optionSet = mkOptionType {

     

       264
       -
             name = /* builtins.trace "types.optionSet is deprecated; use types.submodule instead" */ "option set";

     

       265
        
           };

     

       266
        
       

     

       267
        
           # Augment the given type with an additional type check function.

···

       261
        
           # declarations from the ‘options’ attribute of containing option

     

       262
        
           # declaration.

     

       263
        
           optionSet = mkOptionType {

     

       264
       +
             name = builtins.trace "types.optionSet is deprecated; use types.submodule instead" "option set";

     

       265
        
           };

     

       266
        
       

     

       267
        
           # Augment the given type with an additional type check function.

+30 -30

nixos/modules/config/users-groups.nix

···

       131
        
             };

     

       132
        
       

     

       133
        
             subUidRanges = mkOption {

     

       134
       -
               type = types.listOf types.optionSet;

     

       135
        
               default = [];

     

       136
        
               example = [

     

       137
        
                 { startUid = 1000; count = 1; }

     

       138
        
                 { startUid = 100001; count = 65534; }

     

       139
        
               ];

     

       140
       -
               options = [ subordinateUidRange ];

     

       141
        
               description = ''

     

       142
        
                 Subordinate user ids that user is allowed to use.

     

       143
        
                 They are set into <filename>/etc/subuid</filename> and are used

     
···

       146
        
             };

     

       147
        
       

     

       148
        
             subGidRanges = mkOption {

     

       149
       -
               type = types.listOf types.optionSet;

     

       150
        
               default = [];

     

       151
        
               example = [

     

       152
        
                 { startGid = 100; count = 1; }

     

       153
        
                 { startGid = 1001; count = 999; }

     

       154
        
               ];

     

       155
       -
               options = [ subordinateGidRange ];

     

       156
        
               description = ''

     

       157
        
                 Subordinate group ids that user is allowed to use.

     

       158
        
                 They are set into <filename>/etc/subgid</filename> and are used

     
···

       310
        
         };

     

       311
        
       

     

       312
        
         subordinateUidRange = {

     

       313
       -
           startUid = mkOption {

     

       314
       -
             type = types.int;

     

       315
       -
             description = ''

     

       316
       -
               Start of the range of subordinate user ids that user is

     

       317
       -
               allowed to use.

     

       318
       -
             '';

     

       319
       -
           };

     

       320
       -
           count = mkOption {

     

       321
       -
             type = types.int;

     

       322
       -
             default = 1;

     

       323
       -
             description = ''Count of subordinate user ids'';

     

       0
        
       
     

       0
        
       
     

       324
        
           };

     

       325
        
         };

     

       326
        
       

     

       327
        
         subordinateGidRange = {

     

       328
       -
           startGid = mkOption {

     

       329
       -
             type = types.int;

     

       330
       -
             description = ''

     

       331
       -
               Start of the range of subordinate group ids that user is

     

       332
       -
               allowed to use.

     

       333
       -
             '';

     

       334
       -
           };

     

       335
       -
           count = mkOption {

     

       336
       -
             type = types.int;

     

       337
       -
             default = 1;

     

       338
       -
             description = ''Count of subordinate group ids'';

     

       0
        
       
     

       0
        
       
     

       339
        
           };

     

       340
        
         };

     

       341
        
       

     
···

       428
        
       

     

       429
        
           users.users = mkOption {

     

       430
        
             default = {};

     

       431
       -
             type = types.loaOf types.optionSet;

     

       432
        
             example = {

     

       433
        
               alice = {

     

       434
        
                 uid = 1234;

     
···

       444
        
               Additional user accounts to be created automatically by the system.

     

       445
        
               This can also be used to set options for root.

     

       446
        
             '';

     

       447
       -
             options = [ userOpts ];

     

       448
        
           };

     

       449
        
       

     

       450
        
           users.groups = mkOption {

     
···

       453
        
               { students.gid = 1001;

     

       454
        
                 hackers = { };

     

       455
        
               };

     

       456
       -
             type = types.loaOf types.optionSet;

     

       457
        
             description = ''

     

       458
        
               Additional groups to be created automatically by the system.

     

       459
        
             '';

     

       460
       -
             options = [ groupOpts ];

     

       461
        
           };

     

       462
        
       

     

       463
        
           # FIXME: obsolete - will remove.

···

       131
        
             };

     

       132
        
       

     

       133
        
             subUidRanges = mkOption {

     

       134
       +
               type = with types; listOf (submodule subordinateUidRange);

     

       135
        
               default = [];

     

       136
        
               example = [

     

       137
        
                 { startUid = 1000; count = 1; }

     

       138
        
                 { startUid = 100001; count = 65534; }

     

       139
        
               ];

     

       0
        
       
     

       140
        
               description = ''

     

       141
        
                 Subordinate user ids that user is allowed to use.

     

       142
        
                 They are set into <filename>/etc/subuid</filename> and are used

     
···

       145
        
             };

     

       146
        
       

     

       147
        
             subGidRanges = mkOption {

     

       148
       +
               type = with types; listOf (submodule subordinateGidRange);

     

       149
        
               default = [];

     

       150
        
               example = [

     

       151
        
                 { startGid = 100; count = 1; }

     

       152
        
                 { startGid = 1001; count = 999; }

     

       153
        
               ];

     

       0
        
       
     

       154
        
               description = ''

     

       155
        
                 Subordinate group ids that user is allowed to use.

     

       156
        
                 They are set into <filename>/etc/subgid</filename> and are used

     
···

       308
        
         };

     

       309
        
       

     

       310
        
         subordinateUidRange = {

     

       311
       +
           options = {

     

       312
       +
             startUid = mkOption {

     

       313
       +
               type = types.int;

     

       314
       +
               description = ''

     

       315
       +
                 Start of the range of subordinate user ids that user is

     

       316
       +
                 allowed to use.

     

       317
       +
               '';

     

       318
       +
             };

     

       319
       +
             count = mkOption {

     

       320
       +
               type = types.int;

     

       321
       +
               default = 1;

     

       322
       +
               description = ''Count of subordinate user ids'';

     

       323
       +
             };

     

       324
        
           };

     

       325
        
         };

     

       326
        
       

     

       327
        
         subordinateGidRange = {

     

       328
       +
           options = {

     

       329
       +
             startGid = mkOption {

     

       330
       +
               type = types.int;

     

       331
       +
               description = ''

     

       332
       +
                 Start of the range of subordinate group ids that user is

     

       333
       +
                 allowed to use.

     

       334
       +
               '';

     

       335
       +
             };

     

       336
       +
             count = mkOption {

     

       337
       +
               type = types.int;

     

       338
       +
               default = 1;

     

       339
       +
               description = ''Count of subordinate group ids'';

     

       340
       +
             };

     

       341
        
           };

     

       342
        
         };

     

       343
        
       

     
···

       430
        
       

     

       431
        
           users.users = mkOption {

     

       432
        
             default = {};

     

       433
       +
             type = with types; loaOf (submodule userOpts);

     

       434
        
             example = {

     

       435
        
               alice = {

     

       436
        
                 uid = 1234;

     
···

       446
        
               Additional user accounts to be created automatically by the system.

     

       447
        
               This can also be used to set options for root.

     

       448
        
             '';

     

       0
        
       
     

       449
        
           };

     

       450
        
       

     

       451
        
           users.groups = mkOption {

     
···

       454
        
               { students.gid = 1001;

     

       455
        
                 hackers = { };

     

       456
        
               };

     

       457
       +
             type = with types; loaOf (submodule groupOpts);

     

       458
        
             description = ''

     

       459
        
               Additional groups to be created automatically by the system.

     

       460
        
             '';

     

       0
        
       
     

       461
        
           };

     

       462
        
       

     

       463
        
           # FIXME: obsolete - will remove.

+1 -2

nixos/modules/security/acme.nix

···

       129
        
       

     

       130
        
             certs = mkOption {

     

       131
        
               default = { };

     

       132
       -
               type = types.loaOf types.optionSet;

     

       133
        
               description = ''

     

       134
        
                 Attribute set of certificates to get signed and renewed.

     

       135
        
               '';

     

       136
       -
               options = [ certOpts ];

     

       137
        
               example = {

     

       138
        
                 "example.com" = {

     

       139
        
                   webroot = "/var/www/challenges/";

···

       129
        
       

     

       130
        
             certs = mkOption {

     

       131
        
               default = { };

     

       132
       +
               type = with types; loaOf (submodule certOpts);

     

       133
        
               description = ''

     

       134
        
                 Attribute set of certificates to get signed and renewed.

     

       135
        
               '';

     

       0
        
       
     

       136
        
               example = {

     

       137
        
                 "example.com" = {

     

       138
        
                   webroot = "/var/www/challenges/";

+1 -2

nixos/modules/security/pam.nix

···

       386
        
       

     

       387
        
           security.pam.services = mkOption {

     

       388
        
             default = [];

     

       389
       -
             type = types.loaOf types.optionSet;

     

       390
       -
             options = [ pamOpts ];

     

       391
        
             description =

     

       392
        
               ''

     

       393
        
                 This option defines the PAM services.  A service typically

···

       386
        
       

     

       387
        
           security.pam.services = mkOption {

     

       388
        
             default = [];

     

       389
       +
             type = with types; loaOf (submodule pamOpts);

     

       0
        
       
     

       390
        
             description =

     

       391
        
               ''

     

       392
        
                 This option defines the PAM services.  A service typically

+3 -6

nixos/modules/services/backup/bacula.nix

···

       198
        
               description = ''

     

       199
        
                 This option defines director resources in Bacula File Daemon.

     

       200
        
               '';

     

       201
       -
               type = types.attrsOf types.optionSet;

     

       202
       -
               options = [ directorOptions ];

     

       203
        
             };

     

       204
        
       

     

       205
        
             extraClientConfig = mkOption {

     
···

       253
        
               description = ''

     

       254
        
                 This option defines Director resources in Bacula Storage Daemon.

     

       255
        
               '';

     

       256
       -
               type = types.attrsOf types.optionSet;

     

       257
       -
               options = [ directorOptions ];

     

       258
        
             };

     

       259
        
       

     

       260
        
             device = mkOption {

     
···

       262
        
               description = ''

     

       263
        
                 This option defines Device resources in Bacula Storage Daemon.

     

       264
        
               '';

     

       265
       -
               type = types.attrsOf types.optionSet;

     

       266
       -
               options = [ deviceOptions ];

     

       267
        
             };

     

       268
        
        

     

       269
        
             extraStorageConfig = mkOption {

···

       198
        
               description = ''

     

       199
        
                 This option defines director resources in Bacula File Daemon.

     

       200
        
               '';

     

       201
       +
               type = with types; attrsOf (submodule directorOptions);

     

       0
        
       
     

       202
        
             };

     

       203
        
       

     

       204
        
             extraClientConfig = mkOption {

     
···

       252
        
               description = ''

     

       253
        
                 This option defines Director resources in Bacula Storage Daemon.

     

       254
        
               '';

     

       255
       +
               type = with types; attrsOf (submodule directorOptions);

     

       0
        
       
     

       256
        
             };

     

       257
        
       

     

       258
        
             device = mkOption {

     
···

       260
        
               description = ''

     

       261
        
                 This option defines Device resources in Bacula Storage Daemon.

     

       262
        
               '';

     

       263
       +
               type = with types; attrsOf (submodule deviceOptions);

     

       0
        
       
     

       264
        
             };

     

       265
        
        

     

       266
        
             extraStorageConfig = mkOption {

+2 -3

nixos/modules/services/hardware/sane_extra_backends/brscan4.nix

···

       81
        
               { office1 = { model = "MFC-7860DW"; ip = "192.168.1.2"; };

     

       82
        
                 office2 = { model = "MFC-7860DW"; nodename = "BRW0080927AFBCE"; };

     

       83
        
               };

     

       84
       -
             type = types.loaOf types.optionSet;

     

       85
        
             description = ''

     

       86
        
               The list of network devices that will be registered against the brscan4

     

       87
        
               sane backend.

     

       88
        
             '';

     

       89
       -
             options = [ netDeviceOpts ];

     

       90
        
           };

     

       91
        
         };

     

       92
        
       

     
···

       113
        
           ];

     

       114
        
       

     

       115
        
         };

     

       116
       -
       }

···

       81
        
               { office1 = { model = "MFC-7860DW"; ip = "192.168.1.2"; };

     

       82
        
                 office2 = { model = "MFC-7860DW"; nodename = "BRW0080927AFBCE"; };

     

       83
        
               };

     

       84
       +
             type = with types; loaOf (submodule netDeviceOpts);

     

       85
        
             description = ''

     

       86
        
               The list of network devices that will be registered against the brscan4

     

       87
        
               sane backend.

     

       88
        
             '';

     

       0
        
       
     

       89
        
           };

     

       90
        
         };

     

       91
        
       

     
···

       112
        
           ];

     

       113
        
       

     

       114
        
         };

     

       115
       +
       }

+35 -33

nixos/modules/services/logging/logcheck.nix

···

       62
        
         };

     

       63
        
       

     

       64
        
         ignoreOptions = {

     

       65
       -
           level = levelOption;

     

       0
        
       
     

       66
        
       

     

       67
       -
           regex = mkOption {

     

       68
       -
             default = "";

     

       69
       -
             type = types.str;

     

       70
       -
             description = ''

     

       71
       -
               Regex specifying which log lines to ignore.

     

       72
       -
             '';

     

       0
        
       
     

       73
        
           };

     

       74
        
         };

     

       75
        
       

     

       76
        
         ignoreCronOptions = {

     

       77
       -
           user = mkOption {

     

       78
       -
             default = "root";

     

       79
       -
             type = types.str;

     

       80
       -
             description = ''

     

       81
       -
               User that runs the cronjob.

     

       82
       -
             '';

     

       83
       -
           };

     

       0
        
       
     

       84
        
       

     

       85
       -
           cmdline = mkOption {

     

       86
       -
             default = "";

     

       87
       -
             type = types.str;

     

       88
       -
             description = ''

     

       89
       -
               Command line for the cron job. Will be turned into a regex for the logcheck ignore rule.

     

       90
       -
             '';

     

       91
       -
           };

     

       92
        
       

     

       93
       -
           timeArgs = mkOption {

     

       94
       -
             default = null;

     

       95
       -
             type = types.nullOr (types.str);

     

       96
       -
             example = "02 06 * * *";

     

       97
       -
             description = ''

     

       98
       -
               "min hr dom mon dow" crontab time args, to auto-create a cronjob too.

     

       99
       -
               Leave at null to not do this and just add a logcheck ignore rule.

     

       100
       -
             '';

     

       0
        
       
     

       101
        
           };

     

       102
        
         };

     

       103
        
       

     
···

       180
        
               description = ''

     

       181
        
                 This option defines extra ignore rules.

     

       182
        
               '';

     

       183
       -
               type = types.loaOf types.optionSet;

     

       184
       -
               options = [ ignoreOptions ];

     

       185
        
             };

     

       186
        
       

     

       187
        
             ignoreCron = mkOption {

     
···

       189
        
               description = ''

     

       190
        
                 This option defines extra ignore rules for cronjobs.

     

       191
        
               '';

     

       192
       -
               type = types.loaOf types.optionSet;

     

       193
       -
               options = [ ignoreOptions ignoreCronOptions ];

     

       194
        
             };

     

       195
        
       

     

       196
        
             extraGroups = mkOption {

···

       62
        
         };

     

       63
        
       

     

       64
        
         ignoreOptions = {

     

       65
       +
           options = {

     

       66
       +
             level = levelOption;

     

       67
        
       

     

       68
       +
             regex = mkOption {

     

       69
       +
               default = "";

     

       70
       +
               type = types.str;

     

       71
       +
               description = ''

     

       72
       +
                 Regex specifying which log lines to ignore.

     

       73
       +
               '';

     

       74
       +
             };

     

       75
        
           };

     

       76
        
         };

     

       77
        
       

     

       78
        
         ignoreCronOptions = {

     

       79
       +
           options = {

     

       80
       +
             user = mkOption {

     

       81
       +
               default = "root";

     

       82
       +
               type = types.str;

     

       83
       +
               description = ''

     

       84
       +
                 User that runs the cronjob.

     

       85
       +
               '';

     

       86
       +
             };

     

       87
        
       

     

       88
       +
             cmdline = mkOption {

     

       89
       +
               default = "";

     

       90
       +
               type = types.str;

     

       91
       +
               description = ''

     

       92
       +
                 Command line for the cron job. Will be turned into a regex for the logcheck ignore rule.

     

       93
       +
               '';

     

       94
       +
             };

     

       95
        
       

     

       96
       +
             timeArgs = mkOption {

     

       97
       +
               default = null;

     

       98
       +
               type = types.nullOr (types.str);

     

       99
       +
               example = "02 06 * * *";

     

       100
       +
               description = ''

     

       101
       +
                 "min hr dom mon dow" crontab time args, to auto-create a cronjob too.

     

       102
       +
                 Leave at null to not do this and just add a logcheck ignore rule.

     

       103
       +
               '';

     

       104
       +
             };

     

       105
        
           };

     

       106
        
         };

     

       107
        
       

     
···

       184
        
               description = ''

     

       185
        
                 This option defines extra ignore rules.

     

       186
        
               '';

     

       187
       +
               type = with types; loaOf (submodule ignoreOptions);

     

       0
        
       
     

       188
        
             };

     

       189
        
       

     

       190
        
             ignoreCron = mkOption {

     
···

       192
        
               description = ''

     

       193
        
                 This option defines extra ignore rules for cronjobs.

     

       194
        
               '';

     

       195
       +
               type = with types; loaOf (submodule ignoreCronOptions);

     

       0
        
       
     

       196
        
             };

     

       197
        
       

     

       198
        
             extraGroups = mkOption {

+38 -40

nixos/modules/services/misc/rippled.nix

···

       154
        
         };

     

       155
        
       

     

       156
        
         dbOptions = {

     

       157
       -
           type = mkOption {

     

       158
       -
             description = "Rippled database type.";

     

       159
       -
             type = types.enum ["rocksdb" "nudb"];

     

       160
       -
             default = "rocksdb";

     

       161
       -
           };

     

       0
        
       
     

       162
        
       

     

       163
       -
           path = mkOption {

     

       164
       -
             description = "Location to store the database.";

     

       165
       -
             type = types.path;

     

       166
       -
             default = cfg.databasePath;

     

       167
       -
           };

     

       168
        
       

     

       169
       -
           compression = mkOption {

     

       170
       -
             description = "Whether to enable snappy compression.";

     

       171
       -
             type = types.nullOr types.bool;

     

       172
       -
             default = null;

     

       173
       -
           };

     

       174
        
       

     

       175
       -
           onlineDelete = mkOption {

     

       176
       -
             description = "Enable automatic purging of older ledger information.";

     

       177
       -
             type = types.addCheck (types.nullOr types.int) (v: v > 256);

     

       178
       -
             default = cfg.ledgerHistory;

     

       179
       -
           };

     

       180
        
       

     

       181
       -
           advisoryDelete = mkOption {

     

       182
       -
             description = ''

     

       183
       -
       	If set, then require administrative RPC call "can_delete"

     

       184
       -
       	to enable online deletion of ledger records.

     

       185
       -
             '';

     

       186
       -
             type = types.nullOr types.bool;

     

       187
       -
             default = null;

     

       188
       -
           };

     

       189
        
       

     

       190
       -
           extraOpts = mkOption {

     

       191
       -
             description = "Extra database options.";

     

       192
       -
             type = types.lines;

     

       193
       -
             default = "";

     

       0
        
       
     

       194
        
           };

     

       195
        
         };

     

       196
        
       

     
···

       213
        
       

     

       214
        
             ports = mkOption {

     

       215
        
       	description = "Ports exposed by rippled";

     

       216
       -
       	type = types.attrsOf types.optionSet;

     

       217
       -
       	options = [portOptions];

     

       218
        
       	default = {

     

       219
        
       	  rpc = {

     

       220
        
       	    port = 5005;

     
···

       238
        
       

     

       239
        
             nodeDb = mkOption {

     

       240
        
       	description = "Rippled main database options.";

     

       241
       -
       	type = types.nullOr types.optionSet;

     

       242
       -
       	options = dbOptions;

     

       243
        
       	default = {

     

       244
        
       	  type = "rocksdb";

     

       245
        
       	  extraOpts = ''

     
···

       254
        
       

     

       255
        
             tempDb = mkOption {

     

       256
        
       	description = "Rippled temporary database options.";

     

       257
       -
       	type = types.nullOr types.optionSet;

     

       258
       -
       	options = dbOptions;

     

       259
        
       	default = null;

     

       260
        
             };

     

       261
        
       

     

       262
        
             importDb = mkOption {

     

       263
        
       	description = "Settings for performing a one-time import.";

     

       264
       -
       	type = types.nullOr types.optionSet;

     

       265
       -
       	options = dbOptions;

     

       266
        
       	default = null;

     

       267
        
             };

     

       268

···

       154
        
         };

     

       155
        
       

     

       156
        
         dbOptions = {

     

       157
       +
           options = {

     

       158
       +
             type = mkOption {

     

       159
       +
               description = "Rippled database type.";

     

       160
       +
               type = types.enum ["rocksdb" "nudb"];

     

       161
       +
               default = "rocksdb";

     

       162
       +
             };

     

       163
        
       

     

       164
       +
             path = mkOption {

     

       165
       +
               description = "Location to store the database.";

     

       166
       +
               type = types.path;

     

       167
       +
               default = cfg.databasePath;

     

       168
       +
             };

     

       169
        
       

     

       170
       +
             compression = mkOption {

     

       171
       +
               description = "Whether to enable snappy compression.";

     

       172
       +
               type = types.nullOr types.bool;

     

       173
       +
               default = null;

     

       174
       +
             };

     

       175
        
       

     

       176
       +
             onlineDelete = mkOption {

     

       177
       +
               description = "Enable automatic purging of older ledger information.";

     

       178
       +
               type = types.addCheck (types.nullOr types.int) (v: v > 256);

     

       179
       +
               default = cfg.ledgerHistory;

     

       180
       +
             };

     

       181
        
       

     

       182
       +
             advisoryDelete = mkOption {

     

       183
       +
               description = ''

     

       184
       +
       	        If set, then require administrative RPC call "can_delete"

     

       185
       +
       	        to enable online deletion of ledger records.

     

       186
       +
               '';

     

       187
       +
               type = types.nullOr types.bool;

     

       188
       +
               default = null;

     

       189
       +
             };

     

       190
        
       

     

       191
       +
             extraOpts = mkOption {

     

       192
       +
               description = "Extra database options.";

     

       193
       +
               type = types.lines;

     

       194
       +
               default = "";

     

       195
       +
             };

     

       196
        
           };

     

       197
        
         };

     

       198
        
       

     
···

       215
        
       

     

       216
        
             ports = mkOption {

     

       217
        
       	description = "Ports exposed by rippled";

     

       218
       +
       	type = with types; attrsOf (submodule portOptions);

     

       0
        
       
     

       219
        
       	default = {

     

       220
        
       	  rpc = {

     

       221
        
       	    port = 5005;

     
···

       239
        
       

     

       240
        
             nodeDb = mkOption {

     

       241
        
       	description = "Rippled main database options.";

     

       242
       +
       	type = with types; nullOr (submodule dbOptions);

     

       0
        
       
     

       243
        
       	default = {

     

       244
        
       	  type = "rocksdb";

     

       245
        
       	  extraOpts = ''

     
···

       254
        
       

     

       255
        
             tempDb = mkOption {

     

       256
        
       	description = "Rippled temporary database options.";

     

       257
       +
       	type = with types; nullOr (submodule dbOptions);

     

       0
        
       
     

       258
        
       	default = null;

     

       259
        
             };

     

       260
        
       

     

       261
        
             importDb = mkOption {

     

       262
        
       	description = "Settings for performing a one-time import.";

     

       263
       +
       	type = with types; nullOr (submodule dbOptions);

     

       0
        
       
     

       264
        
       	default = null;

     

       265
        
             };

     

       266

+1 -2

nixos/modules/services/monitoring/smartd.nix

···

       197
        
             devices = mkOption {

     

       198
        
               default = [];

     

       199
        
               example = [ { device = "/dev/sda"; } { device = "/dev/sdb"; options = "-d sat"; } ];

     

       200
       -
               type = types.listOf types.optionSet;

     

       201
       -
               options = [ smartdOpts ];

     

       202
        
               description = "List of devices to monitor.";

     

       203
        
             };

     

       204

···

       197
        
             devices = mkOption {

     

       198
        
               default = [];

     

       199
        
               example = [ { device = "/dev/sda"; } { device = "/dev/sdb"; options = "-d sat"; } ];

     

       200
       +
               type = with types; listOf (submodule smartdOpts);

     

       0
        
       
     

       201
        
               description = "List of devices to monitor.";

     

       202
        
             };

     

       203

+1 -2

nixos/modules/services/monitoring/ups.nix

···

       169
        
                 monitoring directly.  These are usually attached to serial ports,

     

       170
        
                 but USB devices are also supported.

     

       171
        
               '';

     

       172
       -
               type = types.attrsOf types.optionSet;

     

       173
       -
               options = [ upsOptions ];

     

       174
        
             };

     

       175
        
       

     

       176
        
           };

···

       169
        
                 monitoring directly.  These are usually attached to serial ports,

     

       170
        
                 but USB devices are also supported.

     

       171
        
               '';

     

       172
       +
               type = with types; attrsOf (submodule upsOptions);

     

       0
        
       
     

       173
        
             };

     

       174
        
       

     

       175
        
           };

+131 -129

nixos/modules/services/network-filesystems/tahoe.nix

···

       8
        
           options.services.tahoe = {

     

       9
        
             introducers = mkOption {

     

       10
        
               default = {};

     

       11
       -
               type = types.loaOf types.optionSet;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       12
        
               description = ''

     

       13
        
                 The Tahoe introducers.

     

       14
        
               '';

     

       15
       -
               options = {

     

       16
       -
                 nickname = mkOption {

     

       17
       -
                   type = types.str;

     

       18
       -
                   description = ''

     

       19
       -
                     The nickname of this Tahoe introducer.

     

       20
       -
                   '';

     

       21
       -
                 };

     

       22
       -
                 tub.port = mkOption {

     

       23
       -
                   default = 3458;

     

       24
       -
                   type = types.int;

     

       25
       -
                   description = ''

     

       26
       -
                     The port on which the introducer will listen.

     

       27
       -
                   '';

     

       28
       -
                 };

     

       29
       -
                 tub.location = mkOption {

     

       30
       -
                   default = null;

     

       31
       -
                   type = types.nullOr types.str;

     

       32
       -
                   description = ''

     

       33
       -
                     The external location that the introducer should listen on.

     

       34
       -
       

     

       35
       -
                     If specified, the port should be included.

     

       36
       -
                   '';

     

       37
       -
                 };

     

       38
       -
                 package = mkOption {

     

       39
       -
                   default = pkgs.tahoelafs;

     

       40
       -
                   defaultText = "pkgs.tahoelafs";

     

       41
       -
                   type = types.package;

     

       42
       -
                   example = literalExample "pkgs.tahoelafs";

     

       43
       -
                   description = ''

     

       44
       -
                     The package to use for the Tahoe LAFS daemon.

     

       45
       -
                   '';

     

       46
       -
                 };

     

       47
       -
               };

     

       48
        
             };

     

       49
        
             nodes = mkOption {

     

       50
        
               default = {};

     

       51
       -
               type = types.loaOf types.optionSet;

     

       52
       -
               description = ''

     

       53
       -
                 The Tahoe nodes.

     

       54
       -
               '';

     

       55
       -
               options = {

     

       56
       -
                 nickname = mkOption {

     

       57
       -
                   type = types.str;

     

       58
       -
                   description = ''

     

       59
       -
                     The nickname of this Tahoe node.

     

       60
       -
                   '';

     

       61
       -
                 };

     

       62
       -
                 tub.port = mkOption {

     

       63
       -
                   default = 3457;

     

       64
       -
                   type = types.int;

     

       65
       -
                   description = ''

     

       66
       -
                     The port on which the tub will listen.

     

       67
        
       

     

       68
       -
                     This is the correct setting to tweak if you want Tahoe's storage

     

       69
       -
                     system to listen on a different port.

     

       70
       -
                   '';

     

       71
       -
                 };

     

       72
       -
                 tub.location = mkOption {

     

       73
       -
                   default = null;

     

       74
       -
                   type = types.nullOr types.str;

     

       75
       -
                   description = ''

     

       76
       -
                     The external location that the node should listen on.

     

       77
        
       

     

       78
       -
                     This is the setting to tweak if there are multiple interfaces

     

       79
       -
                     and you want to alter which interface Tahoe is advertising.

     

       80
        
       

     

       81
       -
                     If specified, the port should be included.

     

       82
       -
                   '';

     

       83
       -
                 };

     

       84
       -
                 web.port = mkOption {

     

       85
       -
                   default = 3456;

     

       86
       -
                   type = types.int;

     

       87
       -
                   description = ''

     

       88
       -
                     The port on which the Web server will listen.

     

       89
        
       

     

       90
       -
                     This is the correct setting to tweak if you want Tahoe's WUI to

     

       91
       -
                     listen on a different port.

     

       92
       -
                   '';

     

       93
       -
                 };

     

       94
       -
                 client.introducer = mkOption {

     

       95
       -
                   default = null;

     

       96
       -
                   type = types.nullOr types.str;

     

       97
       -
                   description = ''

     

       98
       -
                     The furl for a Tahoe introducer node.

     

       99
        
       

     

       100
       -
                     Like all furls, keep this safe and don't share it.

     

       101
       -
                   '';

     

       102
       -
                 };

     

       103
       -
                 client.helper = mkOption {

     

       104
       -
                   default = null;

     

       105
       -
                   type = types.nullOr types.str;

     

       106
       -
                   description = ''

     

       107
       -
                     The furl for a Tahoe helper node.

     

       108
        
       

     

       109
       -
                     Like all furls, keep this safe and don't share it.

     

       110
       -
                   '';

     

       111
       -
                 };

     

       112
       -
                 client.shares.needed = mkOption {

     

       113
       -
                   default = 3;

     

       114
       -
                   type = types.int;

     

       115
       -
                   description = ''

     

       116
       -
                     The number of shares required to reconstitute a file.

     

       117
       -
                   '';

     

       118
       -
                 };

     

       119
       -
                 client.shares.happy = mkOption {

     

       120
       -
                   default = 7;

     

       121
       -
                   type = types.int;

     

       122
       -
                   description = ''

     

       123
       -
                     The number of distinct storage nodes required to store

     

       124
       -
                     a file.

     

       125
       -
                   '';

     

       126
       -
                 };

     

       127
       -
                 client.shares.total = mkOption {

     

       128
       -
                   default = 10;

     

       129
       -
                   type = types.int;

     

       130
       -
                   description = ''

     

       131
       -
                     The number of shares required to store a file.

     

       132
       -
                   '';

     

       133
       -
                 };

     

       134
       -
                 storage.enable = mkEnableOption "storage service";

     

       135
       -
                 storage.reservedSpace = mkOption {

     

       136
       -
                   default = "1G";

     

       137
       -
                   type = types.str;

     

       138
       -
                   description = ''

     

       139
       -
                     The amount of filesystem space to not use for storage.

     

       140
       -
                   '';

     

       141
       -
                 };

     

       142
       -
                 helper.enable = mkEnableOption "helper service";

     

       143
       -
                 package = mkOption {

     

       144
       -
                   default = pkgs.tahoelafs;

     

       145
       -
                   defaultText = "pkgs.tahoelafs";

     

       146
       -
                   type = types.package;

     

       147
       -
                   example = literalExample "pkgs.tahoelafs";

     

       148
       -
                   description = ''

     

       149
       -
                     The package to use for the Tahoe LAFS daemon.

     

       150
       -
                   '';

     

       0
        
       
     

       151
        
                 };

     

       152
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       153
        
             };

     

       154
        
           };

     

       155
        
           config = mkMerge [

···

       8
        
           options.services.tahoe = {

     

       9
        
             introducers = mkOption {

     

       10
        
               default = {};

     

       11
       +
               type = with types; loaOf (submodule {

     

       12
       +
                 options = {

     

       13
       +
                   nickname = mkOption {

     

       14
       +
                     type = types.str;

     

       15
       +
                     description = ''

     

       16
       +
                       The nickname of this Tahoe introducer.

     

       17
       +
                     '';

     

       18
       +
                   };

     

       19
       +
                   tub.port = mkOption {

     

       20
       +
                     default = 3458;

     

       21
       +
                     type = types.int;

     

       22
       +
                     description = ''

     

       23
       +
                       The port on which the introducer will listen.

     

       24
       +
                     '';

     

       25
       +
                   };

     

       26
       +
                   tub.location = mkOption {

     

       27
       +
                     default = null;

     

       28
       +
                     type = types.nullOr types.str;

     

       29
       +
                     description = ''

     

       30
       +
                       The external location that the introducer should listen on.

     

       31
       +
       

     

       32
       +
                       If specified, the port should be included.

     

       33
       +
                     '';

     

       34
       +
                   };

     

       35
       +
                   package = mkOption {

     

       36
       +
                     default = pkgs.tahoelafs;

     

       37
       +
                     defaultText = "pkgs.tahoelafs";

     

       38
       +
                     type = types.package;

     

       39
       +
                     example = literalExample "pkgs.tahoelafs";

     

       40
       +
                     description = ''

     

       41
       +
                       The package to use for the Tahoe LAFS daemon.

     

       42
       +
                     '';

     

       43
       +
                   };

     

       44
       +
                 };

     

       45
       +
               });

     

       46
        
               description = ''

     

       47
        
                 The Tahoe introducers.

     

       48
        
               '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       49
        
             };

     

       50
        
             nodes = mkOption {

     

       51
        
               default = {};

     

       52
       +
               type = with types; loaOf (submodule {

     

       53
       +
                 options = {

     

       54
       +
                   nickname = mkOption {

     

       55
       +
                     type = types.str;

     

       56
       +
                     description = ''

     

       57
       +
                       The nickname of this Tahoe node.

     

       58
       +
                     '';

     

       59
       +
                   };

     

       60
       +
                   tub.port = mkOption {

     

       61
       +
                     default = 3457;

     

       62
       +
                     type = types.int;

     

       63
       +
                     description = ''

     

       64
       +
                       The port on which the tub will listen.

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       65
        
       

     

       66
       +
                       This is the correct setting to tweak if you want Tahoe's storage

     

       67
       +
                       system to listen on a different port.

     

       68
       +
                     '';

     

       69
       +
                   };

     

       70
       +
                   tub.location = mkOption {

     

       71
       +
                     default = null;

     

       72
       +
                     type = types.nullOr types.str;

     

       73
       +
                     description = ''

     

       74
       +
                       The external location that the node should listen on.

     

       75
        
       

     

       76
       +
                       This is the setting to tweak if there are multiple interfaces

     

       77
       +
                       and you want to alter which interface Tahoe is advertising.

     

       78
        
       

     

       79
       +
                       If specified, the port should be included.

     

       80
       +
                     '';

     

       81
       +
                   };

     

       82
       +
                   web.port = mkOption {

     

       83
       +
                     default = 3456;

     

       84
       +
                     type = types.int;

     

       85
       +
                     description = ''

     

       86
       +
                       The port on which the Web server will listen.

     

       87
        
       

     

       88
       +
                       This is the correct setting to tweak if you want Tahoe's WUI to

     

       89
       +
                       listen on a different port.

     

       90
       +
                     '';

     

       91
       +
                   };

     

       92
       +
                   client.introducer = mkOption {

     

       93
       +
                     default = null;

     

       94
       +
                     type = types.nullOr types.str;

     

       95
       +
                     description = ''

     

       96
       +
                       The furl for a Tahoe introducer node.

     

       97
        
       

     

       98
       +
                       Like all furls, keep this safe and don't share it.

     

       99
       +
                     '';

     

       100
       +
                   };

     

       101
       +
                   client.helper = mkOption {

     

       102
       +
                     default = null;

     

       103
       +
                     type = types.nullOr types.str;

     

       104
       +
                     description = ''

     

       105
       +
                       The furl for a Tahoe helper node.

     

       106
        
       

     

       107
       +
                       Like all furls, keep this safe and don't share it.

     

       108
       +
                     '';

     

       109
       +
                   };

     

       110
       +
                   client.shares.needed = mkOption {

     

       111
       +
                     default = 3;

     

       112
       +
                     type = types.int;

     

       113
       +
                     description = ''

     

       114
       +
                       The number of shares required to reconstitute a file.

     

       115
       +
                     '';

     

       116
       +
                   };

     

       117
       +
                   client.shares.happy = mkOption {

     

       118
       +
                     default = 7;

     

       119
       +
                     type = types.int;

     

       120
       +
                     description = ''

     

       121
       +
                       The number of distinct storage nodes required to store

     

       122
       +
                       a file.

     

       123
       +
                     '';

     

       124
       +
                   };

     

       125
       +
                   client.shares.total = mkOption {

     

       126
       +
                     default = 10;

     

       127
       +
                     type = types.int;

     

       128
       +
                     description = ''

     

       129
       +
                       The number of shares required to store a file.

     

       130
       +
                     '';

     

       131
       +
                   };

     

       132
       +
                   storage.enable = mkEnableOption "storage service";

     

       133
       +
                   storage.reservedSpace = mkOption {

     

       134
       +
                     default = "1G";

     

       135
       +
                     type = types.str;

     

       136
       +
                     description = ''

     

       137
       +
                       The amount of filesystem space to not use for storage.

     

       138
       +
                     '';

     

       139
       +
                   };

     

       140
       +
                   helper.enable = mkEnableOption "helper service";

     

       141
       +
                   package = mkOption {

     

       142
       +
                     default = pkgs.tahoelafs;

     

       143
       +
                     defaultText = "pkgs.tahoelafs";

     

       144
       +
                     type = types.package;

     

       145
       +
                     example = literalExample "pkgs.tahoelafs";

     

       146
       +
                     description = ''

     

       147
       +
                       The package to use for the Tahoe LAFS daemon.

     

       148
       +
                     '';

     

       149
       +
                   };

     

       150
        
                 };

     

       151
       +
               });

     

       152
       +
               description = ''

     

       153
       +
                 The Tahoe nodes.

     

       154
       +
               '';

     

       155
        
             };

     

       156
        
           };

     

       157
        
           config = mkMerge [

+27 -28

nixos/modules/services/networking/i2pd.nix

···

       187
        
       

     

       188
        
             outTunnels = mkOption {

     

       189
        
               default = {};

     

       190
       -
               type = with types; loaOf optionSet;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       191
        
               description = ''

     

       192
        
                 Connect to someone as a client and establish a local accept endpoint

     

       193
        
               '';

     

       194
       -
               options = [ ({ name, config, ... }: {

     

       195
       -
                 options = commonTunOpts name;

     

       196
       -
                 config = {

     

       197
       -
                   name = mkDefault name;

     

       198
       -
                 };

     

       199
       -
               }) ];

     

       200
        
             };

     

       201
        
       

     

       202
        
             inTunnels = mkOption {

     

       203
        
               default = {};

     

       204
       -
               type = with types; loaOf optionSet;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       205
        
               description = ''

     

       206
        
                 Serve something on I2P network at port and delegate requests to address inPort.

     

       207
        
               '';

     

       208
       -
               options = [ ({ name, config, ... }: {

     

       209
       -
       

     

       210
       -
                 options = {

     

       211
       -
                   inPort = mkOption {

     

       212
       -
                     type = types.int;

     

       213
       -
                     default = 0;

     

       214
       -
                     description = "Service port. Default to the tunnel's listen port.";

     

       215
       -
                   };

     

       216
       -
                   accessList = mkOption {

     

       217
       -
                     type = with types; listOf str;

     

       218
       -
                     default = [];

     

       219
       -
                     description = "I2P nodes that are allowed to connect to this service.";

     

       220
       -
                   };

     

       221
       -
                 } // commonTunOpts name;

     

       222
       -
       

     

       223
       -
                 config = {

     

       224
       -
                   name = mkDefault name;

     

       225
       -
                 };

     

       226
       -
       

     

       227
       -
               }) ];

     

       228
        
             };

     

       229
        
           };

     

       230
        
         };

···

       187
        
       

     

       188
        
             outTunnels = mkOption {

     

       189
        
               default = {};

     

       190
       +
               type = with types; loaOf (submodule ( 

     

       191
       +
                 { name, config, ... }: {

     

       192
       +
                   options = commonTunOpts name;

     

       193
       +
                   config = {

     

       194
       +
                     name = mkDefault name;

     

       195
       +
                   };

     

       196
       +
                 }

     

       197
       +
               ));

     

       198
        
               description = ''

     

       199
        
                 Connect to someone as a client and establish a local accept endpoint

     

       200
        
               '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       201
        
             };

     

       202
        
       

     

       203
        
             inTunnels = mkOption {

     

       204
        
               default = {};

     

       205
       +
               type = with types; loaOf (submodule (

     

       206
       +
                 { name, config, ... }: {

     

       207
       +
                   options = {

     

       208
       +
                     inPort = mkOption {

     

       209
       +
                       type = types.int;

     

       210
       +
                       default = 0;

     

       211
       +
                       description = "Service port. Default to the tunnel's listen port.";

     

       212
       +
                     };

     

       213
       +
                     accessList = mkOption {

     

       214
       +
                       type = with types; listOf str;

     

       215
       +
                       default = [];

     

       216
       +
                       description = "I2P nodes that are allowed to connect to this service.";

     

       217
       +
                     };

     

       218
       +
                   } // commonTunOpts name;

     

       219
       +
                   config = {

     

       220
       +
                     name = mkDefault name;

     

       221
       +
                   };

     

       222
       +
                 }

     

       223
       +
               ));

     

       224
        
               description = ''

     

       225
        
                 Serve something on I2P network at port and delegate requests to address inPort.

     

       226
        
               '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       227
        
             };

     

       228
        
           };

     

       229
        
         };

+15 -15

nixos/modules/services/networking/nat.nix

···

       122
        
           };

     

       123
        
       

     

       124
        
           networking.nat.forwardPorts = mkOption {

     

       125
       -
             type = types.listOf types.optionSet;

     

       126
       -
             default = [];

     

       127
       -
             example = [ { sourcePort = 8080; destination = "10.0.0.1:80"; } ];

     

       128
       -
             options = {

     

       129
       -
               sourcePort = mkOption {

     

       130
       -
                 type = types.int;

     

       131
       -
                 example = 8080;

     

       132
       -
                 description = "Source port of the external interface";

     

       133
       -
               };

     

       134
        
       

     

       135
       -
               destination = mkOption {

     

       136
       -
                 type = types.str;

     

       137
       -
                 example = "10.0.0.1:80";

     

       138
       -
                 description = "Forward tcp connection to destination ip:port";

     

       0
        
       
     

       139
        
               };

     

       140
       -
             };

     

       141
       -
       

     

       0
        
       
     

       142
        
             description =

     

       143
        
               ''

     

       144
        
                 List of forwarded ports from the external interface to

···

       122
        
           };

     

       123
        
       

     

       124
        
           networking.nat.forwardPorts = mkOption {

     

       125
       +
             type = with types; listOf (submodule {

     

       126
       +
               options = {

     

       127
       +
                 sourcePort = mkOption {

     

       128
       +
                   type = types.int;

     

       129
       +
                   example = 8080;

     

       130
       +
                   description = "Source port of the external interface";

     

       131
       +
                 };

     

       0
        
       
     

       0
        
       
     

       132
        
       

     

       133
       +
                 destination = mkOption {

     

       134
       +
                   type = types.str;

     

       135
       +
                   example = "10.0.0.1:80";

     

       136
       +
                   description = "Forward tcp connection to destination ip:port";

     

       137
       +
                 };

     

       138
        
               };

     

       139
       +
             });

     

       140
       +
             default = [];

     

       141
       +
             example = [ { sourcePort = 8080; destination = "10.0.0.1:80"; } ];

     

       142
        
             description =

     

       143
        
               ''

     

       144
        
                 List of forwarded ports from the external interface to

+40 -38

nixos/modules/services/networking/openvpn.nix

···

       116
        
               attribute name.

     

       117
        
             '';

     

       118
        
       

     

       119
       -
             type = types.attrsOf types.optionSet;

     

       120
        
       

     

       121
       -
             options = {

     

       122
        
       

     

       123
       -
               config = mkOption {

     

       124
       -
                 type = types.lines;

     

       125
       -
                 description = ''

     

       126
       -
                   Configuration of this OpenVPN instance.  See

     

       127
       -
                   <citerefentry><refentrytitle>openvpn</refentrytitle><manvolnum>8</manvolnum></citerefentry>

     

       128
       -
                   for details.

     

       129
       -
                 '';

     

       130
       -
               };

     

       131
        
       

     

       132
       -
               up = mkOption {

     

       133
       -
                 default = "";

     

       134
       -
                 type = types.lines;

     

       135
       -
                 description = ''

     

       136
       -
                   Shell commands executed when the instance is starting.

     

       137
       -
                 '';

     

       138
       -
               };

     

       139
        
       

     

       140
       -
               down = mkOption {

     

       141
       -
                 default = "";

     

       142
       -
                 type = types.lines;

     

       143
       -
                 description = ''

     

       144
       -
                   Shell commands executed when the instance is shutting down.

     

       145
       -
                 '';

     

       146
       -
               };

     

       147
        
       

     

       148
       -
               autoStart = mkOption {

     

       149
       -
                 default = true;

     

       150
       -
                 type = types.bool;

     

       151
       -
                 description = "Whether this OpenVPN instance should be started automatically.";

     

       152
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       153
        
       

     

       154
       -
               updateResolvConf = mkOption {

     

       155
       -
                 default = false;

     

       156
       -
                 type = types.bool;

     

       157
       -
                 description = ''

     

       158
       -
                   Use the script from the update-resolv-conf package to automatically

     

       159
       -
                   update resolv.conf with the DNS information provided by openvpn. The

     

       160
       -
                   script will be run after the "up" commands and before the "down" commands.

     

       161
       -
                 '';

     

       162
        
               };

     

       163
        
       

     

       164
       -
             };

     

       165
        
       

     

       166
        
           };

     

       167

···

       116
        
               attribute name.

     

       117
        
             '';

     

       118
        
       

     

       119
       +
             type = with types; attrsOf (submodule {

     

       120
        
       

     

       121
       +
               options = {

     

       122
        
       

     

       123
       +
                 config = mkOption {

     

       124
       +
                   type = types.lines;

     

       125
       +
                   description = ''

     

       126
       +
                     Configuration of this OpenVPN instance.  See

     

       127
       +
                     <citerefentry><refentrytitle>openvpn</refentrytitle><manvolnum>8</manvolnum></citerefentry>

     

       128
       +
                     for details.

     

       129
       +
                   '';

     

       130
       +
                 };

     

       131
        
       

     

       132
       +
                 up = mkOption {

     

       133
       +
                   default = "";

     

       134
       +
                   type = types.lines;

     

       135
       +
                   description = ''

     

       136
       +
                     Shell commands executed when the instance is starting.

     

       137
       +
                   '';

     

       138
       +
                 };

     

       139
        
       

     

       140
       +
                 down = mkOption {

     

       141
       +
                   default = "";

     

       142
       +
                   type = types.lines;

     

       143
       +
                   description = ''

     

       144
       +
                     Shell commands executed when the instance is shutting down.

     

       145
       +
                   '';

     

       146
       +
                 };

     

       147
        
       

     

       148
       +
                 autoStart = mkOption {

     

       149
       +
                   default = true;

     

       150
       +
                   type = types.bool;

     

       151
       +
                   description = "Whether this OpenVPN instance should be started automatically.";

     

       152
       +
                 };

     

       153
       +
       

     

       154
       +
                 updateResolvConf = mkOption {

     

       155
       +
                   default = false;

     

       156
       +
                   type = types.bool;

     

       157
       +
                   description = ''

     

       158
       +
                     Use the script from the update-resolv-conf package to automatically

     

       159
       +
                     update resolv.conf with the DNS information provided by openvpn. The

     

       160
       +
                     script will be run after the "up" commands and before the "down" commands.

     

       161
       +
                   '';

     

       162
       +
                 };

     

       163
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       164
        
               };

     

       165
        
       

     

       166
       +
             });

     

       167
        
       

     

       168
        
           };

     

       169

+1 -2

nixos/modules/services/networking/prosody.nix

···

       164
        
       

     

       165
        
               description = "Define the virtual hosts";

     

       166
        
       

     

       167
       -
               type = types.loaOf types.optionSet;

     

       168
        
       

     

       169
        
               example = {

     

       170
        
                 myhost = {

     
···

       180
        
                 };

     

       181
        
               };

     

       182
        
       

     

       183
       -
               options = [ vHostOpts ];

     

       184
        
             };

     

       185
        
       

     

       186
        
             ssl = mkOption {

···

       164
        
       

     

       165
        
               description = "Define the virtual hosts";

     

       166
        
       

     

       167
       +
               type = with types; loaOf (submodule vHostOpts);

     

       168
        
       

     

       169
        
               example = {

     

       170
        
                 myhost = {

     
···

       180
        
                 };

     

       181
        
               };

     

       182
        
       

     

       0
        
       
     

       183
        
             };

     

       184
        
       

     

       185
        
             ssl = mkOption {

+18 -17

nixos/modules/services/networking/ssh/sshd.nix

···

       129
        
             };

     

       130
        
       

     

       131
        
             listenAddresses = mkOption {

     

       132
       -
               type = types.listOf types.optionSet;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       133
        
               default = [];

     

       134
        
               example = [ { addr = "192.168.3.1"; port = 22; } { addr = "0.0.0.0"; port = 64022; } ];

     

       135
        
               description = ''

     
···

       140
        
                 NOTE: setting this option won't automatically enable given ports

     

       141
        
                 in firewall configuration.

     

       142
        
               '';

     

       143
       -
               options = {

     

       144
       -
                 addr = mkOption {

     

       145
       -
                   type = types.nullOr types.str;

     

       146
       -
                   default = null;

     

       147
       -
                   description = ''

     

       148
       -
                     Host, IPv4 or IPv6 address to listen to.

     

       149
       -
                   '';

     

       150
       -
                 };

     

       151
       -
                 port = mkOption {

     

       152
       -
                   type = types.nullOr types.int;

     

       153
       -
                   default = null;

     

       154
       -
                   description = ''

     

       155
       -
                     Port to listen to.

     

       156
       -
                   '';

     

       157
       -
                 };

     

       158
       -
               };

     

       159
        
             };

     

       160
        
       

     

       161
        
             passwordAuthentication = mkOption {

···

       129
        
             };

     

       130
        
       

     

       131
        
             listenAddresses = mkOption {

     

       132
       +
               type = with types; listOf (submodule {

     

       133
       +
                 options = {

     

       134
       +
                   addr = mkOption {

     

       135
       +
                     type = types.nullOr types.str;

     

       136
       +
                     default = null;

     

       137
       +
                     description = ''

     

       138
       +
                       Host, IPv4 or IPv6 address to listen to.

     

       139
       +
                     '';

     

       140
       +
                   };

     

       141
       +
                   port = mkOption {

     

       142
       +
                     type = types.nullOr types.int;

     

       143
       +
                     default = null;

     

       144
       +
                     description = ''

     

       145
       +
                       Port to listen to.

     

       146
       +
                     '';

     

       147
       +
                   };

     

       148
       +
                 };

     

       149
       +
               });

     

       150
        
               default = [];

     

       151
        
               example = [ { addr = "192.168.3.1"; port = 22; } { addr = "0.0.0.0"; port = 64022; } ];

     

       152
        
               description = ''

     
···

       157
        
                 NOTE: setting this option won't automatically enable given ports

     

       158
        
                 in firewall configuration.

     

       159
        
               '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       160
        
             };

     

       161
        
       

     

       162
        
             passwordAuthentication = mkOption {

+101 -102

nixos/modules/services/networking/supplicant.nix

···

       75
        
         options = {

     

       76
        
       

     

       77
        
           networking.supplicant = mkOption {

     

       78
       -
             type = types.attrsOf types.optionSet;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       79
        
       

     

       80
        
             default = { };

     

       81
        
       

     
···

       108
        
               <literal>DBUS</literal> defines a device-unrelated <command>wpa_supplicant</command>

     

       109
        
               service that can be accessed through <literal>D-Bus</literal>.

     

       110
        
             '';

     

       111
       -
       

     

       112
       -
             options = {

     

       113
       -
       

     

       114
       -
               configFile = {

     

       115
       -
       

     

       116
       -
                 path = mkOption {

     

       117
       -
                   type = types.path;

     

       118
       -
                   example = literalExample "/etc/wpa_supplicant.conf";

     

       119
       -
                   description = ''

     

       120
       -
                     External <literal>wpa_supplicant.conf</literal> configuration file.

     

       121
       -
                     The configuration options defined declaratively within <literal>networking.supplicant</literal> have

     

       122
       -
                     precedence over options defined in <literal>configFile</literal>.

     

       123
       -
                   '';

     

       124
       -
                 };

     

       125
       -
       

     

       126
       -
                 writable = mkOption {

     

       127
       -
                   type = types.bool;

     

       128
       -
                   default = false;

     

       129
       -
                   description = ''

     

       130
       -
                     Whether the configuration file at <literal>configFile.path</literal> should be written to by

     

       131
       -
                     <literal>wpa_supplicant</literal>.

     

       132
       -
                   '';

     

       133
       -
                 };

     

       134
       -
       

     

       135
       -
               };

     

       136
       -
       

     

       137
       -
               extraConf = mkOption {

     

       138
       -
                 type = types.lines;

     

       139
       -
                 default = "";

     

       140
       -
                 example = ''

     

       141
       -
                   ap_scan=1

     

       142
       -
                   device_name=My-NixOS-Device

     

       143
       -
                   device_type=1-0050F204-1

     

       144
       -
                   driver_param=use_p2p_group_interface=1

     

       145
       -
                   disable_scan_offload=1

     

       146
       -
                   p2p_listen_reg_class=81

     

       147
       -
                   p2p_listen_channel=1

     

       148
       -
                   p2p_oper_reg_class=81

     

       149
       -
                   p2p_oper_channel=1

     

       150
       -
                   manufacturer=NixOS

     

       151
       -
                   model_name=NixOS_Unstable

     

       152
       -
                   model_number=2015

     

       153
       -
                 '';

     

       154
       -
                 description = ''

     

       155
       -
                   Configuration options for <literal>wpa_supplicant.conf</literal>.

     

       156
       -
                   Options defined here have precedence over options in <literal>configFile</literal>.

     

       157
       -
                   NOTE: Do not write sensitive data into <literal>extraConf</literal> as it will

     

       158
       -
                   be world-readable in the <literal>nix-store</literal>. For sensitive information

     

       159
       -
                   use the <literal>configFile</literal> instead.

     

       160
       -
                 '';

     

       161
       -
               };

     

       162
       -
       

     

       163
       -
               extraCmdArgs = mkOption {

     

       164
       -
                 type = types.str;

     

       165
       -
                 default = "";

     

       166
       -
                 example = "-e/var/run/wpa_supplicant/entropy.bin";

     

       167
       -
                 description =

     

       168
       -
                   "Command line arguments to add when executing <literal>wpa_supplicant</literal>.";

     

       169
       -
               };

     

       170
       -
       

     

       171
       -
               driver = mkOption {

     

       172
       -
                 type = types.nullOr types.str;

     

       173
       -
                 default = "nl80211,wext";

     

       174
       -
                 description = "Force a specific wpa_supplicant driver.";

     

       175
       -
               };

     

       176
       -
       

     

       177
       -
               bridge = mkOption {

     

       178
       -
                 type = types.str;

     

       179
       -
                 default = "";

     

       180
       -
                 description = "Name of the bridge interface that wpa_supplicant should listen at.";

     

       181
       -
               };

     

       182
       -
       

     

       183
       -
               userControlled = {

     

       184
       -
       

     

       185
       -
                 enable = mkOption {

     

       186
       -
                   type = types.bool;

     

       187
       -
                   default = false;

     

       188
       -
                   description = ''

     

       189
       -
                     Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli.

     

       190
       -
                     This is useful for laptop users that switch networks a lot and don't want

     

       191
       -
                     to depend on a large package such as NetworkManager just to pick nearby

     

       192
       -
                     access points.

     

       193
       -
                   '';

     

       194
       -
                 };

     

       195
       -
       

     

       196
       -
                 socketDir = mkOption {

     

       197
       -
                   type = types.str;

     

       198
       -
                   default = "/var/run/wpa_supplicant";

     

       199
       -
                   description = "Directory of sockets for controlling wpa_supplicant.";

     

       200
       -
                 };

     

       201
       -
       

     

       202
       -
                 group = mkOption {

     

       203
       -
                   type = types.str;

     

       204
       -
                   default = "wheel";

     

       205
       -
                   example = "network";

     

       206
       -
                   description = "Members of this group can control wpa_supplicant.";

     

       207
       -
                 };

     

       208
       -
       

     

       209
       -
               };

     

       210
       -
       

     

       211
       -
             };

     

       212
        
       

     

       213
        
           };

     

       214

···

       75
        
         options = {

     

       76
        
       

     

       77
        
           networking.supplicant = mkOption {

     

       78
       +
             type = with types; attrsOf (submodule {

     

       79
       +
               options = {

     

       80
       +
         

     

       81
       +
                 configFile = {

     

       82
       +
         

     

       83
       +
                   path = mkOption {

     

       84
       +
                     type = types.path;

     

       85
       +
                     example = literalExample "/etc/wpa_supplicant.conf";

     

       86
       +
                     description = ''

     

       87
       +
                       External <literal>wpa_supplicant.conf</literal> configuration file.

     

       88
       +
                       The configuration options defined declaratively within <literal>networking.supplicant</literal> have

     

       89
       +
                       precedence over options defined in <literal>configFile</literal>.

     

       90
       +
                     '';

     

       91
       +
                   };

     

       92
       +
         

     

       93
       +
                   writable = mkOption {

     

       94
       +
                     type = types.bool;

     

       95
       +
                     default = false;

     

       96
       +
                     description = ''

     

       97
       +
                       Whether the configuration file at <literal>configFile.path</literal> should be written to by

     

       98
       +
                       <literal>wpa_supplicant</literal>.

     

       99
       +
                     '';

     

       100
       +
                   };

     

       101
       +
         

     

       102
       +
                 };

     

       103
       +
         

     

       104
       +
                 extraConf = mkOption {

     

       105
       +
                   type = types.lines;

     

       106
       +
                   default = "";

     

       107
       +
                   example = ''

     

       108
       +
                     ap_scan=1

     

       109
       +
                     device_name=My-NixOS-Device

     

       110
       +
                     device_type=1-0050F204-1

     

       111
       +
                     driver_param=use_p2p_group_interface=1

     

       112
       +
                     disable_scan_offload=1

     

       113
       +
                     p2p_listen_reg_class=81

     

       114
       +
                     p2p_listen_channel=1

     

       115
       +
                     p2p_oper_reg_class=81

     

       116
       +
                     p2p_oper_channel=1

     

       117
       +
                     manufacturer=NixOS

     

       118
       +
                     model_name=NixOS_Unstable

     

       119
       +
                     model_number=2015

     

       120
       +
                   '';

     

       121
       +
                   description = ''

     

       122
       +
                     Configuration options for <literal>wpa_supplicant.conf</literal>.

     

       123
       +
                     Options defined here have precedence over options in <literal>configFile</literal>.

     

       124
       +
                     NOTE: Do not write sensitive data into <literal>extraConf</literal> as it will

     

       125
       +
                     be world-readable in the <literal>nix-store</literal>. For sensitive information

     

       126
       +
                     use the <literal>configFile</literal> instead.

     

       127
       +
                   '';

     

       128
       +
                 };

     

       129
       +
         

     

       130
       +
                 extraCmdArgs = mkOption {

     

       131
       +
                   type = types.str;

     

       132
       +
                   default = "";

     

       133
       +
                   example = "-e/var/run/wpa_supplicant/entropy.bin";

     

       134
       +
                   description =

     

       135
       +
                     "Command line arguments to add when executing <literal>wpa_supplicant</literal>.";

     

       136
       +
                 };

     

       137
       +
         

     

       138
       +
                 driver = mkOption {

     

       139
       +
                   type = types.nullOr types.str;

     

       140
       +
                   default = "nl80211,wext";

     

       141
       +
                   description = "Force a specific wpa_supplicant driver.";

     

       142
       +
                 };

     

       143
       +
         

     

       144
       +
                 bridge = mkOption {

     

       145
       +
                   type = types.str;

     

       146
       +
                   default = "";

     

       147
       +
                   description = "Name of the bridge interface that wpa_supplicant should listen at.";

     

       148
       +
                 };

     

       149
       +
         

     

       150
       +
                 userControlled = {

     

       151
       +
         

     

       152
       +
                   enable = mkOption {

     

       153
       +
                     type = types.bool;

     

       154
       +
                     default = false;

     

       155
       +
                     description = ''

     

       156
       +
                       Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli.

     

       157
       +
                       This is useful for laptop users that switch networks a lot and don't want

     

       158
       +
                       to depend on a large package such as NetworkManager just to pick nearby

     

       159
       +
                       access points.

     

       160
       +
                     '';

     

       161
       +
                   };

     

       162
       +
         

     

       163
       +
                   socketDir = mkOption {

     

       164
       +
                     type = types.str;

     

       165
       +
                     default = "/var/run/wpa_supplicant";

     

       166
       +
                     description = "Directory of sockets for controlling wpa_supplicant.";

     

       167
       +
                   };

     

       168
       +
         

     

       169
       +
                   group = mkOption {

     

       170
       +
                     type = types.str;

     

       171
       +
                     default = "wheel";

     

       172
       +
                     example = "network";

     

       173
       +
                     description = "Members of this group can control wpa_supplicant.";

     

       174
       +
                   };

     

       175
       +
         

     

       176
       +
                 };

     

       177
       +
               };

     

       178
       +
             });

     

       179
        
       

     

       180
        
             default = { };

     

       181
        
       

     
···

       208
        
               <literal>DBUS</literal> defines a device-unrelated <command>wpa_supplicant</command>

     

       209
        
               service that can be accessed through <literal>D-Bus</literal>.

     

       210
        
             '';

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       211
        
       

     

       212
        
           };

     

       213

+79 -77

nixos/modules/services/networking/tinc.nix

···

       18
        
       

     

       19
        
             networks = mkOption {

     

       20
        
               default = { };

     

       21
       -
               type = types.loaOf types.optionSet;

     

       22
       -
               description = ''

     

       23
       -
                 Defines the tinc networks which will be started.

     

       24
       -
                 Each network invokes a different daemon.

     

       25
       -
               '';

     

       26
       -
               options = {

     

       27
        
       

     

       28
       -
                 extraConfig = mkOption {

     

       29
       -
                   default = "";

     

       30
       -
                   type = types.lines;

     

       31
       -
                   description = ''

     

       32
       -
                     Extra lines to add to the tinc service configuration file.

     

       33
       -
                   '';

     

       34
       -
                 };

     

       35
        
       

     

       36
       -
                 name = mkOption {

     

       37
       -
                   default = null;

     

       38
       -
                   type = types.nullOr types.str;

     

       39
       -
                   description = ''

     

       40
       -
                     The name of the node which is used as an identifier when communicating

     

       41
       -
                     with the remote nodes in the mesh. If null then the hostname of the system

     

       42
       -
                     is used.

     

       43
       -
                   '';

     

       44
       -
                 };

     

       45
        
       

     

       46
       -
                 ed25519PrivateKeyFile = mkOption {

     

       47
       -
                   default = null;

     

       48
       -
                   type = types.nullOr types.path;

     

       49
       -
                   description = ''

     

       50
       -
                     Path of the private ed25519 keyfile.

     

       51
       -
                   '';

     

       52
       -
                 };

     

       53
        
       

     

       54
       -
                 debugLevel = mkOption {

     

       55
       -
                   default = 0;

     

       56
       -
                   type = types.addCheck types.int (l: l >= 0 && l <= 5);

     

       57
       -
                   description = ''

     

       58
       -
                     The amount of debugging information to add to the log. 0 means little

     

       59
       -
                     logging while 5 is the most logging. <command>man tincd</command> for

     

       60
       -
                     more details.

     

       61
       -
                   '';

     

       62
       -
                 };

     

       63
        
       

     

       64
       -
                 hosts = mkOption {

     

       65
       -
                   default = { };

     

       66
       -
                   type = types.loaOf types.lines;

     

       67
       -
                   description = ''

     

       68
       -
                     The name of the host in the network as well as the configuration for that host.

     

       69
       -
                     This name should only contain alphanumerics and underscores.

     

       70
       -
                   '';

     

       71
       -
                 };

     

       72
        
       

     

       73
       -
                 interfaceType = mkOption {

     

       74
       -
                   default = "tun";

     

       75
       -
                   type = types.addCheck types.str (n: n == "tun" || n == "tap");

     

       76
       -
                   description = ''

     

       77
       -
                     The type of virtual interface used for the network connection

     

       78
       -
                   '';

     

       79
       -
                 };

     

       80
        
       

     

       81
       -
                 listenAddress = mkOption {

     

       82
       -
                   default = null;

     

       83
       -
                   type = types.nullOr types.str;

     

       84
       -
                   description = ''

     

       85
       -
                     The ip adress to bind to.

     

       86
       -
                   '';

     

       87
       -
                 };

     

       88
        
       

     

       89
       -
                 package = mkOption {

     

       90
       -
                   type = types.package;

     

       91
       -
                   default = pkgs.tinc_pre;

     

       92
       -
                   defaultText = "pkgs.tinc_pre";

     

       93
       -
                   description = ''

     

       94
       -
                     The package to use for the tinc daemon's binary.

     

       95
       -
                   '';

     

       96
       -
                 };

     

       97
        
       

     

       98
       -
                 chroot = mkOption {

     

       99
       -
                   default = true;

     

       100
       -
                   type = types.bool;

     

       101
       -
                   description = ''

     

       102
       -
                     Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security.

     

       103
       -
                     The chroot is performed after all the initialization is done, after writing pid files and opening network sockets.

     

       104
        
       

     

       105
       -
                     Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment.

     

       106
       -
                   '';

     

       0
        
       
     

       107
        
                 };

     

       108
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       109
        
             };

     

       110
        
           };

     

       111

···

       18
        
       

     

       19
        
             networks = mkOption {

     

       20
        
               default = { };

     

       21
       +
               type = with types; loaOf (submodule {

     

       22
       +
                 options = {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       23
        
       

     

       24
       +
                   extraConfig = mkOption {

     

       25
       +
                     default = "";

     

       26
       +
                     type = types.lines;

     

       27
       +
                     description = ''

     

       28
       +
                       Extra lines to add to the tinc service configuration file.

     

       29
       +
                     '';

     

       30
       +
                   };

     

       31
        
       

     

       32
       +
                   name = mkOption {

     

       33
       +
                     default = null;

     

       34
       +
                     type = types.nullOr types.str;

     

       35
       +
                     description = ''

     

       36
       +
                       The name of the node which is used as an identifier when communicating

     

       37
       +
                       with the remote nodes in the mesh. If null then the hostname of the system

     

       38
       +
                       is used.

     

       39
       +
                     '';

     

       40
       +
                   };

     

       41
        
       

     

       42
       +
                   ed25519PrivateKeyFile = mkOption {

     

       43
       +
                     default = null;

     

       44
       +
                     type = types.nullOr types.path;

     

       45
       +
                     description = ''

     

       46
       +
                       Path of the private ed25519 keyfile.

     

       47
       +
                     '';

     

       48
       +
                   };

     

       49
        
       

     

       50
       +
                   debugLevel = mkOption {

     

       51
       +
                     default = 0;

     

       52
       +
                     type = types.addCheck types.int (l: l >= 0 && l <= 5);

     

       53
       +
                     description = ''

     

       54
       +
                       The amount of debugging information to add to the log. 0 means little

     

       55
       +
                       logging while 5 is the most logging. <command>man tincd</command> for

     

       56
       +
                       more details.

     

       57
       +
                     '';

     

       58
       +
                   };

     

       59
        
       

     

       60
       +
                   hosts = mkOption {

     

       61
       +
                     default = { };

     

       62
       +
                     type = types.loaOf types.lines;

     

       63
       +
                     description = ''

     

       64
       +
                       The name of the host in the network as well as the configuration for that host.

     

       65
       +
                       This name should only contain alphanumerics and underscores.

     

       66
       +
                     '';

     

       67
       +
                   };

     

       68
        
       

     

       69
       +
                   interfaceType = mkOption {

     

       70
       +
                     default = "tun";

     

       71
       +
                     type = types.addCheck types.str (n: n == "tun" || n == "tap");

     

       72
       +
                     description = ''

     

       73
       +
                       The type of virtual interface used for the network connection

     

       74
       +
                     '';

     

       75
       +
                   };

     

       76
        
       

     

       77
       +
                   listenAddress = mkOption {

     

       78
       +
                     default = null;

     

       79
       +
                     type = types.nullOr types.str;

     

       80
       +
                     description = ''

     

       81
       +
                       The ip adress to bind to.

     

       82
       +
                     '';

     

       83
       +
                   };

     

       84
        
       

     

       85
       +
                   package = mkOption {

     

       86
       +
                     type = types.package;

     

       87
       +
                     default = pkgs.tinc_pre;

     

       88
       +
                     defaultText = "pkgs.tinc_pre";

     

       89
       +
                     description = ''

     

       90
       +
                       The package to use for the tinc daemon's binary.

     

       91
       +
                     '';

     

       92
       +
                   };

     

       93
        
       

     

       94
       +
                   chroot = mkOption {

     

       95
       +
                     default = true;

     

       96
       +
                     type = types.bool;

     

       97
       +
                     description = ''

     

       98
       +
                       Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security.

     

       99
       +
                       The chroot is performed after all the initialization is done, after writing pid files and opening network sockets.

     

       100
        
       

     

       101
       +
                       Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment.

     

       102
       +
                     '';

     

       103
       +
                   };

     

       104
        
                 };

     

       105
       +
               });

     

       106
       +
       

     

       107
       +
               description = ''

     

       108
       +
                 Defines the tinc networks which will be started.

     

       109
       +
                 Each network invokes a different daemon.

     

       110
       +
               '';

     

       111
        
             };

     

       112
        
           };

     

       113

+55 -53

nixos/modules/services/networking/xinetd.nix

···

       65
        
               A list of services provided by xinetd.

     

       66
        
             '';

     

       67
        
       

     

       68
       -
             type = types.listOf types.optionSet;

     

       69
        
       

     

       70
       -
             options = {

     

       71
        
       

     

       72
       -
               name = mkOption {

     

       73
       -
                 type = types.string;

     

       74
       -
                 example = "login";

     

       75
       -
                 description = "Name of the service.";

     

       76
       -
               };

     

       77
        
       

     

       78
       -
               protocol = mkOption {

     

       79
       -
                 type = types.string;

     

       80
       -
                 default = "tcp";

     

       81
       -
                 description =

     

       82
       -
                   "Protocol of the service.  Usually <literal>tcp</literal> or <literal>udp</literal>.";

     

       83
       -
               };

     

       84
        
       

     

       85
       -
               port = mkOption {

     

       86
       -
                 type = types.int;

     

       87
       -
                 default = 0;

     

       88
       -
                 example = 123;

     

       89
       -
                 description = "Port number of the service.";

     

       90
       -
               };

     

       91
        
       

     

       92
       -
               user = mkOption {

     

       93
       -
                 type = types.string;

     

       94
       -
                 default = "nobody";

     

       95
       -
                 description = "User account for the service";

     

       96
       -
               };

     

       97
        
       

     

       98
       -
               server = mkOption {

     

       99
       -
                 type = types.string;

     

       100
       -
                 example = "/foo/bin/ftpd";

     

       101
       -
                 description = "Path of the program that implements the service.";

     

       102
       -
               };

     

       103
        
       

     

       104
       -
               serverArgs = mkOption {

     

       105
       -
                 type = types.string;

     

       106
       -
                 default = "";

     

       107
       -
                 description = "Command-line arguments for the server program.";

     

       108
       -
               };

     

       109
        
       

     

       110
       -
               flags = mkOption {

     

       111
       -
                 type = types.string;

     

       112
       -
                 default = "";

     

       113
       -
                 description = "";

     

       114
       -
               };

     

       115
        
       

     

       116
       -
               unlisted = mkOption {

     

       117
       -
                 type = types.bool;

     

       118
       -
                 default = false;

     

       119
       -
                 description = ''

     

       120
       -
                   Whether this server is listed in

     

       121
       -
                   <filename>/etc/services</filename>.  If so, the port

     

       122
       -
                   number can be omitted.

     

       123
       -
                 '';

     

       124
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       125
        
       

     

       126
       -
               extraConfig = mkOption {

     

       127
       -
                 type = types.string;

     

       128
       -
                 default = "";

     

       129
       -
                 description = "Extra configuration-lines added to the section of the service.";

     

       130
        
               };

     

       131
        
       

     

       132
       -
             };

     

       133
        
       

     

       134
        
           };

     

       135

···

       65
        
               A list of services provided by xinetd.

     

       66
        
             '';

     

       67
        
       

     

       68
       +
             type = with types; listOf (submodule ({

     

       69
        
       

     

       70
       +
               options = {

     

       71
        
       

     

       72
       +
                 name = mkOption {

     

       73
       +
                   type = types.string;

     

       74
       +
                   example = "login";

     

       75
       +
                   description = "Name of the service.";

     

       76
       +
                 };

     

       77
        
       

     

       78
       +
                 protocol = mkOption {

     

       79
       +
                   type = types.string;

     

       80
       +
                   default = "tcp";

     

       81
       +
                   description =

     

       82
       +
                     "Protocol of the service.  Usually <literal>tcp</literal> or <literal>udp</literal>.";

     

       83
       +
                 };

     

       84
        
       

     

       85
       +
                 port = mkOption {

     

       86
       +
                   type = types.int;

     

       87
       +
                   default = 0;

     

       88
       +
                   example = 123;

     

       89
       +
                   description = "Port number of the service.";

     

       90
       +
                 };

     

       91
        
       

     

       92
       +
                 user = mkOption {

     

       93
       +
                   type = types.string;

     

       94
       +
                   default = "nobody";

     

       95
       +
                   description = "User account for the service";

     

       96
       +
                 };

     

       97
        
       

     

       98
       +
                 server = mkOption {

     

       99
       +
                   type = types.string;

     

       100
       +
                   example = "/foo/bin/ftpd";

     

       101
       +
                   description = "Path of the program that implements the service.";

     

       102
       +
                 };

     

       103
        
       

     

       104
       +
                 serverArgs = mkOption {

     

       105
       +
                   type = types.string;

     

       106
       +
                   default = "";

     

       107
       +
                   description = "Command-line arguments for the server program.";

     

       108
       +
                 };

     

       109
        
       

     

       110
       +
                 flags = mkOption {

     

       111
       +
                   type = types.string;

     

       112
       +
                   default = "";

     

       113
       +
                   description = "";

     

       114
       +
                 };

     

       115
        
       

     

       116
       +
                 unlisted = mkOption {

     

       117
       +
                   type = types.bool;

     

       118
       +
                   default = false;

     

       119
       +
                   description = ''

     

       120
       +
                     Whether this server is listed in

     

       121
       +
                     <filename>/etc/services</filename>.  If so, the port

     

       122
       +
                     number can be omitted.

     

       123
       +
                   '';

     

       124
       +
                 };

     

       125
       +
       

     

       126
       +
                 extraConfig = mkOption {

     

       127
       +
                   type = types.string;

     

       128
       +
                   default = "";

     

       129
       +
                   description = "Extra configuration-lines added to the section of the service.";

     

       130
       +
                 };

     

       131
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       132
        
               };

     

       133
        
       

     

       134
       +
             }));

     

       135
        
       

     

       136
        
           };

     

       137

+1 -2

nixos/modules/services/web-servers/winstone.nix

···

       113
        
         options = {

     

       114
        
           services.winstone = mkOption {

     

       115
        
             default = {};

     

       116
       -
             type = types.attrsOf types.optionSet;

     

       117
       -
             options = [ winstoneOpts ];

     

       118
        
             description = ''

     

       119
        
               Defines independent Winstone services, each serving one WAR-file.

     

       120
        
             '';

···

       113
        
         options = {

     

       114
        
           services.winstone = mkOption {

     

       115
        
             default = {};

     

       116
       +
             type = with types; attrsOf (submodule winstoneOpts);

     

       0
        
       
     

       117
        
             description = ''

     

       118
        
               Defines independent Winstone services, each serving one WAR-file.

     

       119
        
             '';

+1 -2

nixos/modules/services/web-servers/zope2.nix

···

       74
        
       

     

       75
        
           services.zope2.instances = mkOption {

     

       76
        
             default = {};

     

       77
       -
             type = types.loaOf types.optionSet;

     

       78
        
             example = literalExample ''

     

       79
        
               {

     

       80
        
                 plone01 = {

     
···

       96
        
               }

     

       97
        
             '';

     

       98
        
             description = "zope2 instances to be created automaticaly by the system.";

     

       99
       -
             options = [ zope2Opts ];

     

       100
        
           };

     

       101
        
         };

     

       102

···

       74
        
       

     

       75
        
           services.zope2.instances = mkOption {

     

       76
        
             default = {};

     

       77
       +
             type = with types; loaOf (submodule zope2Opts);

     

       78
        
             example = literalExample ''

     

       79
        
               {

     

       80
        
                 plone01 = {

     
···

       96
        
               }

     

       97
        
             '';

     

       98
        
             description = "zope2 instances to be created automaticaly by the system.";

     

       0
        
       
     

       99
        
           };

     

       100
        
         };

     

       101

+39 -39

nixos/modules/system/boot/loader/grub/grub.nix

···

       131
        
                 to the respective devices corresponding to those partitions.

     

       132
        
               '';

     

       133
        
       

     

       134
       -
               type = types.listOf types.optionSet;

     

       0
        
       
     

       135
        
       

     

       136
       -
               options = {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       137
        
       

     

       138
       -
                 path = mkOption {

     

       139
       -
                   example = "/boot1";

     

       140
       -
                   type = types.str;

     

       141
       -
                   description = ''

     

       142
       -
                     The path to the boot directory where GRUB will be written. Generally

     

       143
       -
                     this boot path should double as an EFI path.

     

       144
       -
                   '';

     

       145
       -
                 };

     

       0
        
       
     

       146
        
       

     

       147
       -
                 efiSysMountPoint = mkOption {

     

       148
       -
                   default = null;

     

       149
       -
                   example = "/boot1/efi";

     

       150
       -
                   type = types.nullOr types.str;

     

       151
       -
                   description = ''

     

       152
       -
                     The path to the efi system mount point. Usually this is the same

     

       153
       -
                     partition as the above path and can be left as null.

     

       154
       -
                   '';

     

       155
       -
                 };

     

       0
        
       
     

       156
        
       

     

       157
       -
                 efiBootloaderId = mkOption {

     

       158
       -
                   default = null;

     

       159
       -
                   example = "NixOS-fsid";

     

       160
       -
                   type = types.nullOr types.str;

     

       161
       -
                   description = ''

     

       162
       -
                     The id of the bootloader to store in efi nvram.

     

       163
       -
                     The default is to name it NixOS and append the path or efiSysMountPoint.

     

       164
       -
                     This is only used if <literal>boot.loader.efi.canTouchEfiVariables</literal> is true.

     

       165
       -
                   '';

     

       166
       -
                 };

     

       167
        
       

     

       168
       -
                 devices = mkOption {

     

       169
       -
                   default = [ ];

     

       170
       -
                   example = [ "/dev/sda" "/dev/sdb" ];

     

       171
       -
                   type = types.listOf types.str;

     

       172
       -
                   description = ''

     

       173
       -
                     The path to the devices which will have the GRUB MBR written.

     

       174
       -
                     Note these are typically device paths and not paths to partitions.

     

       175
       -
                   '';

     

       176
        
                 };

     

       177
       -
       

     

       178
       -
               };

     

       179
        
             };

     

       180
        
       

     

       181
        
             configurationName = mkOption {

···

       131
        
                 to the respective devices corresponding to those partitions.

     

       132
        
               '';

     

       133
        
       

     

       134
       +
               type = with types; listOf (submodule {

     

       135
       +
                 options = {

     

       136
        
       

     

       137
       +
                   path = mkOption {

     

       138
       +
                     example = "/boot1";

     

       139
       +
                     type = types.str;

     

       140
       +
                     description = ''

     

       141
       +
                       The path to the boot directory where GRUB will be written. Generally

     

       142
       +
                       this boot path should double as an EFI path.

     

       143
       +
                     '';

     

       144
       +
                   };

     

       145
        
       

     

       146
       +
                   efiSysMountPoint = mkOption {

     

       147
       +
                     default = null;

     

       148
       +
                     example = "/boot1/efi";

     

       149
       +
                     type = types.nullOr types.str;

     

       150
       +
                     description = ''

     

       151
       +
                       The path to the efi system mount point. Usually this is the same

     

       152
       +
                       partition as the above path and can be left as null.

     

       153
       +
                     '';

     

       154
       +
                   };

     

       155
        
       

     

       156
       +
                   efiBootloaderId = mkOption {

     

       157
       +
                     default = null;

     

       158
       +
                     example = "NixOS-fsid";

     

       159
       +
                     type = types.nullOr types.str;

     

       160
       +
                     description = ''

     

       161
       +
                       The id of the bootloader to store in efi nvram.

     

       162
       +
                       The default is to name it NixOS and append the path or efiSysMountPoint.

     

       163
       +
                       This is only used if <literal>boot.loader.efi.canTouchEfiVariables</literal> is true.

     

       164
       +
                     '';

     

       165
       +
                   };

     

       166
        
       

     

       167
       +
                   devices = mkOption {

     

       168
       +
                     default = [ ];

     

       169
       +
                     example = [ "/dev/sda" "/dev/sdb" ];

     

       170
       +
                     type = types.listOf types.str;

     

       171
       +
                     description = ''

     

       172
       +
                       The path to the devices which will have the GRUB MBR written.

     

       173
       +
                       Note these are typically device paths and not paths to partitions.

     

       174
       +
                     '';

     

       175
       +
                   };

     

       0
        
       
     

       176
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       177
        
                 };

     

       178
       +
               });

     

       0
        
       
     

       179
        
             };

     

       180
        
       

     

       181
        
             configurationName = mkOption {

+136 -136

nixos/modules/system/boot/luksroot.nix

···

       236
        
               <filename>/dev/mapper/<replaceable>name</replaceable></filename>.

     

       237
        
             '';

     

       238
        
       

     

       239
       -
             type = types.loaOf types.optionSet;

     

       0
        
       
     

       240
        
       

     

       241
       -
             options = { name, ... }: { options = {

     

       242
       -
       

     

       243
       -
               name = mkOption {

     

       244
       -
                 visible = false;

     

       245
       -
                 default = name;

     

       246
       -
                 example = "luksroot";

     

       247
       -
                 type = types.str;

     

       248
       -
                 description = "Name of the unencrypted device in <filename>/dev/mapper</filename>.";

     

       249
       -
               };

     

       250
        
       

     

       251
       -
               device = mkOption {

     

       252
       -
                 example = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08";

     

       253
       -
                 type = types.str;

     

       254
       -
                 description = "Path of the underlying encrypted block device.";

     

       255
       -
               };

     

       256
        
       

     

       257
       -
               header = mkOption {

     

       258
       -
                 default = null;

     

       259
       -
                 example = "/root/header.img";

     

       260
       -
                 type = types.nullOr types.str;

     

       261
       -
                 description = ''

     

       262
       -
                   The name of the file or block device that

     

       263
       -
                   should be used as header for the encrypted device.

     

       264
       -
                 '';

     

       265
       -
               };

     

       266
        
       

     

       267
       -
               keyFile = mkOption {

     

       268
       -
                 default = null;

     

       269
       -
                 example = "/dev/sdb1";

     

       270
       -
                 type = types.nullOr types.str;

     

       271
       -
                 description = ''

     

       272
       -
                   The name of the file (can be a raw device or a partition) that

     

       273
       -
                   should be used as the decryption key for the encrypted device. If

     

       274
       -
                   not specified, you will be prompted for a passphrase instead.

     

       275
       -
                 '';

     

       276
       -
               };

     

       277
        
       

     

       278
       -
               keyFileSize = mkOption {

     

       279
       -
                 default = null;

     

       280
       -
                 example = 4096;

     

       281
       -
                 type = types.nullOr types.int;

     

       282
       -
                 description = ''

     

       283
       -
                   The size of the key file. Use this if only the beginning of the

     

       284
       -
                   key file should be used as a key (often the case if a raw device

     

       285
       -
                   or partition is used as key file). If not specified, the whole

     

       286
       -
                   <literal>keyFile</literal> will be used decryption, instead of just

     

       287
       -
                   the first <literal>keyFileSize</literal> bytes.

     

       288
       -
                 '';

     

       289
       -
               };

     

       290
        
       

     

       291
       -
               # FIXME: get rid of this option.

     

       292
       -
               preLVM = mkOption {

     

       293
       -
                 default = true;

     

       294
       -
                 type = types.bool;

     

       295
       -
                 description = "Whether the luksOpen will be attempted before LVM scan or after it.";

     

       296
       -
               };

     

       297
        
       

     

       298
       -
               allowDiscards = mkOption {

     

       299
       -
                 default = false;

     

       300
       -
                 type = types.bool;

     

       301
       -
                 description = ''

     

       302
       -
                   Whether to allow TRIM requests to the underlying device. This option

     

       303
       -
                   has security implications; please read the LUKS documentation before

     

       304
       -
                   activating it.

     

       305
       -
                 '';

     

       306
       -
               };

     

       307
        
       

     

       308
       -
               yubikey = mkOption {

     

       309
       -
                 default = null;

     

       310
       -
                 type = types.nullOr types.optionSet;

     

       311
       -
                 description = ''

     

       312
       -
                   The options to use for this LUKS device in Yubikey-PBA.

     

       313
       -
                   If null (the default), Yubikey-PBA will be disabled for this device.

     

       314
       -
                 '';

     

       315
        
       

     

       316
       -
                 options = {

     

       317
       -
                   twoFactor = mkOption {

     

       318
       -
                     default = true;

     

       319
       -
                     type = types.bool;

     

       320
       -
                     description = "Whether to use a passphrase and a Yubikey (true), or only a Yubikey (false).";

     

       321
       -
                   };

     

       0
        
       
     

       322
        
       

     

       323
       -
                   slot = mkOption {

     

       324
       -
                     default = 2;

     

       325
       -
                     type = types.int;

     

       326
       -
                     description = "Which slot on the Yubikey to challenge.";

     

       327
       -
                   };

     

       328
        
       

     

       329
       -
                   saltLength = mkOption {

     

       330
       -
                     default = 16;

     

       331
       -
                     type = types.int;

     

       332
       -
                     description = "Length of the new salt in byte (64 is the effective maximum).";

     

       333
       -
                   };

     

       334
        
       

     

       335
       -
                   keyLength = mkOption {

     

       336
       -
                     default = 64;

     

       337
       -
                     type = types.int;

     

       338
       -
                     description = "Length of the LUKS slot key derived with PBKDF2 in byte.";

     

       339
       -
                   };

     

       340
        
       

     

       341
       -
                   iterationStep = mkOption {

     

       342
       -
                     default = 0;

     

       343
       -
                     type = types.int;

     

       344
       -
                     description = "How much the iteration count for PBKDF2 is increased at each successful authentication.";

     

       345
       -
                   };

     

       346
        
       

     

       347
       -
                   gracePeriod = mkOption {

     

       348
       -
                     default = 2;

     

       349
       -
                     type = types.int;

     

       350
       -
                     description = "Time in seconds to wait before attempting to find the Yubikey.";

     

       351
       -
                   };

     

       352
        
       

     

       353
       -
                   ramfsMountPoint = mkOption {

     

       354
       -
                     default = "/crypt-ramfs";

     

       355
       -
                     type = types.str;

     

       356
       -
                     description = "Path where the ramfs used to update the LUKS key will be mounted during early boot.";

     

       357
       -
                   };

     

       358
        
       

     

       359
       -
                   /* TODO: Add to the documentation of the current module:

     

       360
        
       

     

       361
       -
                      Options related to the storing the salt.

     

       362
       -
                   */

     

       363
       -
                   storage = {

     

       364
       -
                     device = mkOption {

     

       365
       -
                       default = "/dev/sda1";

     

       366
       -
                       type = types.path;

     

       367
       -
                       description = ''

     

       368
       -
                         An unencrypted device that will temporarily be mounted in stage-1.

     

       369
       -
                         Must contain the current salt to create the challenge for this LUKS device.

     

       370
       -
                       '';

     

       371
       -
                     };

     

       372
        
       

     

       373
       -
                     fsType = mkOption {

     

       374
       -
                       default = "vfat";

     

       375
       -
                       type = types.str;

     

       376
       -
                       description = "The filesystem of the unencrypted device.";

     

       377
       -
                     };

     

       378
        
       

     

       379
       -
                     mountPoint = mkOption {

     

       380
       -
                       default = "/crypt-storage";

     

       381
       -
                       type = types.str;

     

       382
       -
                       description = "Path where the unencrypted device will be mounted during early boot.";

     

       383
       -
                     };

     

       384
        
       

     

       385
       -
                     path = mkOption {

     

       386
       -
                       default = "/crypt-storage/default";

     

       387
       -
                       type = types.str;

     

       388
       -
                       description = ''

     

       389
       -
                         Absolute path of the salt on the unencrypted device with

     

       390
       -
                         that device's root directory as "/".

     

       391
       -
                       '';

     

       0
        
       
     

       0
        
       
     

       392
        
                     };

     

       393
       -
                   };

     

       394
        
                 };

     

       395
       -
               };

     

       396
        
       

     

       397
       -
             }; };

     

       398
        
           };

     

       399
        
       

     

       400
        
           boot.initrd.luks.yubikeySupport = mkOption {

···

       236
        
               <filename>/dev/mapper/<replaceable>name</replaceable></filename>.

     

       237
        
             '';

     

       238
        
       

     

       239
       +
             type = with types; loaOf (submodule (

     

       240
       +
               { name, ... }: { options = {

     

       241
        
       

     

       242
       +
                 name = mkOption {

     

       243
       +
                   visible = false;

     

       244
       +
                   default = name;

     

       245
       +
                   example = "luksroot";

     

       246
       +
                   type = types.str;

     

       247
       +
                   description = "Name of the unencrypted device in <filename>/dev/mapper</filename>.";

     

       248
       +
                 };

     

       0
        
       
     

       0
        
       
     

       249
        
       

     

       250
       +
                 device = mkOption {

     

       251
       +
                   example = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08";

     

       252
       +
                   type = types.str;

     

       253
       +
                   description = "Path of the underlying encrypted block device.";

     

       254
       +
                 };

     

       255
        
       

     

       256
       +
                 header = mkOption {

     

       257
       +
                   default = null;

     

       258
       +
                   example = "/root/header.img";

     

       259
       +
                   type = types.nullOr types.str;

     

       260
       +
                   description = ''

     

       261
       +
                     The name of the file or block device that

     

       262
       +
                     should be used as header for the encrypted device.

     

       263
       +
                   '';

     

       264
       +
                 };

     

       265
        
       

     

       266
       +
                 keyFile = mkOption {

     

       267
       +
                   default = null;

     

       268
       +
                   example = "/dev/sdb1";

     

       269
       +
                   type = types.nullOr types.str;

     

       270
       +
                   description = ''

     

       271
       +
                     The name of the file (can be a raw device or a partition) that

     

       272
       +
                     should be used as the decryption key for the encrypted device. If

     

       273
       +
                     not specified, you will be prompted for a passphrase instead.

     

       274
       +
                   '';

     

       275
       +
                 };

     

       276
        
       

     

       277
       +
                 keyFileSize = mkOption {

     

       278
       +
                   default = null;

     

       279
       +
                   example = 4096;

     

       280
       +
                   type = types.nullOr types.int;

     

       281
       +
                   description = ''

     

       282
       +
                     The size of the key file. Use this if only the beginning of the

     

       283
       +
                     key file should be used as a key (often the case if a raw device

     

       284
       +
                     or partition is used as key file). If not specified, the whole

     

       285
       +
                     <literal>keyFile</literal> will be used decryption, instead of just

     

       286
       +
                     the first <literal>keyFileSize</literal> bytes.

     

       287
       +
                   '';

     

       288
       +
                 };

     

       289
        
       

     

       290
       +
                 # FIXME: get rid of this option.

     

       291
       +
                 preLVM = mkOption {

     

       292
       +
                   default = true;

     

       293
       +
                   type = types.bool;

     

       294
       +
                   description = "Whether the luksOpen will be attempted before LVM scan or after it.";

     

       295
       +
                 };

     

       296
        
       

     

       297
       +
                 allowDiscards = mkOption {

     

       298
       +
                   default = false;

     

       299
       +
                   type = types.bool;

     

       300
       +
                   description = ''

     

       301
       +
                     Whether to allow TRIM requests to the underlying device. This option

     

       302
       +
                     has security implications; please read the LUKS documentation before

     

       303
       +
                     activating it.

     

       304
       +
                   '';

     

       305
       +
                 };

     

       306
        
       

     

       307
       +
                 yubikey = mkOption {

     

       308
       +
                   default = null;

     

       309
       +
                   description = ''

     

       310
       +
                     The options to use for this LUKS device in Yubikey-PBA.

     

       311
       +
                     If null (the default), Yubikey-PBA will be disabled for this device.

     

       312
       +
                   '';

     

       0
        
       
     

       313
        
       

     

       314
       +
                   type = with types; nullOr (submodule {

     

       315
       +
                     options = {

     

       316
       +
                       twoFactor = mkOption {

     

       317
       +
                         default = true;

     

       318
       +
                         type = types.bool;

     

       319
       +
                         description = "Whether to use a passphrase and a Yubikey (true), or only a Yubikey (false).";

     

       320
       +
                       };

     

       321
        
       

     

       322
       +
                       slot = mkOption {

     

       323
       +
                         default = 2;

     

       324
       +
                         type = types.int;

     

       325
       +
                         description = "Which slot on the Yubikey to challenge.";

     

       326
       +
                       };

     

       327
        
       

     

       328
       +
                       saltLength = mkOption {

     

       329
       +
                         default = 16;

     

       330
       +
                         type = types.int;

     

       331
       +
                         description = "Length of the new salt in byte (64 is the effective maximum).";

     

       332
       +
                       };

     

       333
        
       

     

       334
       +
                       keyLength = mkOption {

     

       335
       +
                         default = 64;

     

       336
       +
                         type = types.int;

     

       337
       +
                         description = "Length of the LUKS slot key derived with PBKDF2 in byte.";

     

       338
       +
                       };

     

       339
        
       

     

       340
       +
                       iterationStep = mkOption {

     

       341
       +
                         default = 0;

     

       342
       +
                         type = types.int;

     

       343
       +
                         description = "How much the iteration count for PBKDF2 is increased at each successful authentication.";

     

       344
       +
                       };

     

       345
        
       

     

       346
       +
                       gracePeriod = mkOption {

     

       347
       +
                         default = 2;

     

       348
       +
                         type = types.int;

     

       349
       +
                         description = "Time in seconds to wait before attempting to find the Yubikey.";

     

       350
       +
                       };

     

       351
        
       

     

       352
       +
                       ramfsMountPoint = mkOption {

     

       353
       +
                         default = "/crypt-ramfs";

     

       354
       +
                         type = types.str;

     

       355
       +
                         description = "Path where the ramfs used to update the LUKS key will be mounted during early boot.";

     

       356
       +
                       };

     

       357
        
       

     

       358
       +
                       /* TODO: Add to the documentation of the current module:

     

       359
        
       

     

       360
       +
                          Options related to the storing the salt.

     

       361
       +
                       */

     

       362
       +
                       storage = {

     

       363
       +
                         device = mkOption {

     

       364
       +
                           default = "/dev/sda1";

     

       365
       +
                           type = types.path;

     

       366
       +
                           description = ''

     

       367
       +
                             An unencrypted device that will temporarily be mounted in stage-1.

     

       368
       +
                             Must contain the current salt to create the challenge for this LUKS device.

     

       369
       +
                           '';

     

       370
       +
                         };

     

       371
        
       

     

       372
       +
                         fsType = mkOption {

     

       373
       +
                           default = "vfat";

     

       374
       +
                           type = types.str;

     

       375
       +
                           description = "The filesystem of the unencrypted device.";

     

       376
       +
                         };

     

       377
        
       

     

       378
       +
                         mountPoint = mkOption {

     

       379
       +
                           default = "/crypt-storage";

     

       380
       +
                           type = types.str;

     

       381
       +
                           description = "Path where the unencrypted device will be mounted during early boot.";

     

       382
       +
                         };

     

       383
        
       

     

       384
       +
                         path = mkOption {

     

       385
       +
                           default = "/crypt-storage/default";

     

       386
       +
                           type = types.str;

     

       387
       +
                           description = ''

     

       388
       +
                             Absolute path of the salt on the unencrypted device with

     

       389
       +
                             that device's root directory as "/".

     

       390
       +
                           '';

     

       391
       +
                         };

     

       392
       +
                       };

     

       393
        
                     };

     

       394
       +
                   });

     

       395
        
                 };

     

       0
        
       
     

       396
        
       

     

       397
       +
               }; }));

     

       398
        
           };

     

       399
        
       

     

       400
        
           boot.initrd.luks.yubikeySupport = mkOption {

+8 -13

nixos/modules/system/boot/networkd.nix

···

       471
        
       

     

       472
        
           addresses = mkOption {

     

       473
        
             default = [ ];

     

       474
       -
             type = types.listOf types.optionSet;

     

       475
       -
             options = [ addressOptions ];

     

       476
        
             description = ''

     

       477
        
               A list of address sections to be added to the unit.  See

     

       478
        
               <citerefentry><refentrytitle>systemd.network</refentrytitle>

     
···

       482
        
       

     

       483
        
           routes = mkOption {

     

       484
        
             default = [ ];

     

       485
       -
             type = types.listOf types.optionSet;

     

       486
       -
             options = [ routeOptions ];

     

       487
        
             description = ''

     

       488
        
               A list of route sections to be added to the unit.  See

     

       489
        
               <citerefentry><refentrytitle>systemd.network</refentrytitle>

     
···

       624
        
       

     

       625
        
           systemd.network.links = mkOption {

     

       626
        
             default = {};

     

       627
       -
             type = types.attrsOf types.optionSet;

     

       628
       -
             options = [ linkOptions ];

     

       629
        
             description = "Definition of systemd network links.";

     

       630
        
           };

     

       631
        
       

     

       632
        
           systemd.network.netdevs = mkOption {

     

       633
        
             default = {};

     

       634
       -
             type = types.attrsOf types.optionSet;

     

       635
       -
             options = [ netdevOptions ];

     

       636
        
             description = "Definition of systemd network devices.";

     

       637
        
           };

     

       638
        
       

     

       639
        
           systemd.network.networks = mkOption {

     

       640
        
             default = {};

     

       641
       -
             type = types.attrsOf types.optionSet;

     

       642
       -
             options = [ networkOptions networkConfig ];

     

       643
        
             description = "Definition of systemd networks.";

     

       644
        
           };

     

       645
        
       

     

       646
        
           systemd.network.units = mkOption {

     

       647
        
             description = "Definition of networkd units.";

     

       648
        
             default = {};

     

       649
       -
             type = types.attrsOf types.optionSet;

     

       650
       -
             options = { name, config, ... }:

     

       651
        
               { options = concreteUnitOptions;

     

       652
        
                 config = {

     

       653
        
                   unit = mkDefault (makeUnit name config);

     

       654
        
                 };

     

       655
       -
               };

     

       656
        
           };

     

       657
        
       

     

       658
        
         };

···

       471
        
       

     

       472
        
           addresses = mkOption {

     

       473
        
             default = [ ];

     

       474
       +
             type = with types; listOf (submodule [ addressOptions ]);

     

       0
        
       
     

       475
        
             description = ''

     

       476
        
               A list of address sections to be added to the unit.  See

     

       477
        
               <citerefentry><refentrytitle>systemd.network</refentrytitle>

     
···

       481
        
       

     

       482
        
           routes = mkOption {

     

       483
        
             default = [ ];

     

       484
       +
             type = with types; listOf (submodule [ routeOptions ]);

     

       0
        
       
     

       485
        
             description = ''

     

       486
        
               A list of route sections to be added to the unit.  See

     

       487
        
               <citerefentry><refentrytitle>systemd.network</refentrytitle>

     
···

       622
        
       

     

       623
        
           systemd.network.links = mkOption {

     

       624
        
             default = {};

     

       625
       +
             type = with types; attrsOf (submodule [ linkOptions ]);

     

       0
        
       
     

       626
        
             description = "Definition of systemd network links.";

     

       627
        
           };

     

       628
        
       

     

       629
        
           systemd.network.netdevs = mkOption {

     

       630
        
             default = {};

     

       631
       +
             type = with types; attrsOf (submodule [ netdevOptions ]);

     

       0
        
       
     

       632
        
             description = "Definition of systemd network devices.";

     

       633
        
           };

     

       634
        
       

     

       635
        
           systemd.network.networks = mkOption {

     

       636
        
             default = {};

     

       637
       +
             type = with types; attrsOf (submodule [ networkOptions networkConfig ]);

     

       0
        
       
     

       638
        
             description = "Definition of systemd networks.";

     

       639
        
           };

     

       640
        
       

     

       641
        
           systemd.network.units = mkOption {

     

       642
        
             description = "Definition of networkd units.";

     

       643
        
             default = {};

     

       644
       +
             type = with types; attrsOf (submodule (

     

       645
       +
               { name, config, ... }:

     

       646
        
               { options = concreteUnitOptions;

     

       647
        
                 config = {

     

       648
        
                   unit = mkDefault (makeUnit name config);

     

       649
        
                 };

     

       650
       +
               }));

     

       651
        
           };

     

       652
        
       

     

       653
        
         };

+16 -26

nixos/modules/system/boot/systemd.nix

···

       389
        
           systemd.units = mkOption {

     

       390
        
             description = "Definition of systemd units.";

     

       391
        
             default = {};

     

       392
       -
             type = types.attrsOf types.optionSet;

     

       393
       -
             options = { name, config, ... }:

     

       394
        
               { options = concreteUnitOptions;

     

       395
        
                 config = {

     

       396
        
                   unit = mkDefault (makeUnit name config);

     

       397
        
                 };

     

       398
       -
               };

     

       399
        
           };

     

       400
        
       

     

       401
        
           systemd.packages = mkOption {

     
···

       406
        
       

     

       407
        
           systemd.targets = mkOption {

     

       408
        
             default = {};

     

       409
       -
             type = types.attrsOf types.optionSet;

     

       410
       -
             options = [ targetOptions unitConfig ];

     

       411
        
             description = "Definition of systemd target units.";

     

       412
        
           };

     

       413
        
       

     

       414
        
           systemd.services = mkOption {

     

       415
        
             default = {};

     

       416
       -
             type = types.attrsOf types.optionSet;

     

       417
       -
             options = [ serviceOptions unitConfig serviceConfig ];

     

       418
        
             description = "Definition of systemd service units.";

     

       419
        
           };

     

       420
        
       

     

       421
        
           systemd.sockets = mkOption {

     

       422
        
             default = {};

     

       423
       -
             type = types.attrsOf types.optionSet;

     

       424
       -
             options = [ socketOptions unitConfig ];

     

       425
        
             description = "Definition of systemd socket units.";

     

       426
        
           };

     

       427
        
       

     

       428
        
           systemd.timers = mkOption {

     

       429
        
             default = {};

     

       430
       -
             type = types.attrsOf types.optionSet;

     

       431
       -
             options = [ timerOptions unitConfig ];

     

       432
        
             description = "Definition of systemd timer units.";

     

       433
        
           };

     

       434
        
       

     

       435
        
           systemd.paths = mkOption {

     

       436
        
             default = {};

     

       437
       -
             type = types.attrsOf types.optionSet;

     

       438
       -
             options = [ pathOptions unitConfig ];

     

       439
        
             description = "Definition of systemd path units.";

     

       440
        
           };

     

       441
        
       

     

       442
        
           systemd.mounts = mkOption {

     

       443
        
             default = [];

     

       444
       -
             type = types.listOf types.optionSet;

     

       445
       -
             options = [ mountOptions unitConfig mountConfig ];

     

       446
        
             description = ''

     

       447
        
               Definition of systemd mount units.

     

       448
        
               This is a list instead of an attrSet, because systemd mandates the names to be derived from

     
···

       452
        
       

     

       453
        
           systemd.automounts = mkOption {

     

       454
        
             default = [];

     

       455
       -
             type = types.listOf types.optionSet;

     

       456
       -
             options = [ automountOptions unitConfig automountConfig ];

     

       457
        
             description = ''

     

       458
        
               Definition of systemd automount units.

     

       459
        
               This is a list instead of an attrSet, because systemd mandates the names to be derived from

     
···

       600
        
           systemd.user.units = mkOption {

     

       601
        
             description = "Definition of systemd per-user units.";

     

       602
        
             default = {};

     

       603
       -
             type = types.attrsOf types.optionSet;

     

       604
       -
             options = { name, config, ... }:

     

       605
        
               { options = concreteUnitOptions;

     

       606
        
                 config = {

     

       607
        
                   unit = mkDefault (makeUnit name config);

     

       608
        
                 };

     

       609
       -
               };

     

       610
        
           };

     

       611
        
       

     

       612
        
           systemd.user.services = mkOption {

     

       613
        
             default = {};

     

       614
       -
             type = types.attrsOf types.optionSet;

     

       615
       -
             options = [ serviceOptions unitConfig serviceConfig ];

     

       616
        
             description = "Definition of systemd per-user service units.";

     

       617
        
           };

     

       618
        
       

     

       619
        
           systemd.user.timers = mkOption {

     

       620
        
             default = {};

     

       621
       -
             type = types.attrsOf types.optionSet;

     

       622
       -
             options = [ timerOptions unitConfig ];

     

       623
        
             description = "Definition of systemd per-user timer units.";

     

       624
        
           };

     

       625
        
       

     

       626
        
           systemd.user.sockets = mkOption {

     

       627
        
             default = {};

     

       628
       -
             type = types.attrsOf types.optionSet;

     

       629
       -
             options = [ socketOptions unitConfig ];

     

       630
        
             description = "Definition of systemd per-user socket units.";

     

       631
        
           };

     

       632

···

       389
        
           systemd.units = mkOption {

     

       390
        
             description = "Definition of systemd units.";

     

       391
        
             default = {};

     

       392
       +
             type = with types; attrsOf (submodule (

     

       393
       +
               { name, config, ... }:

     

       394
        
               { options = concreteUnitOptions;

     

       395
        
                 config = {

     

       396
        
                   unit = mkDefault (makeUnit name config);

     

       397
        
                 };

     

       398
       +
               }));

     

       399
        
           };

     

       400
        
       

     

       401
        
           systemd.packages = mkOption {

     
···

       406
        
       

     

       407
        
           systemd.targets = mkOption {

     

       408
        
             default = {};

     

       409
       +
             type = with types; attrsOf (submodule [ { options = targetOptions; } unitConfig] );

     

       0
        
       
     

       410
        
             description = "Definition of systemd target units.";

     

       411
        
           };

     

       412
        
       

     

       413
        
           systemd.services = mkOption {

     

       414
        
             default = {};

     

       415
       +
             type = with types; attrsOf (submodule [ { options = serviceOptions; } unitConfig serviceConfig ]);

     

       0
        
       
     

       416
        
             description = "Definition of systemd service units.";

     

       417
        
           };

     

       418
        
       

     

       419
        
           systemd.sockets = mkOption {

     

       420
        
             default = {};

     

       421
       +
             type = with types; attrsOf (submodule [ { options = socketOptions; } unitConfig ]);

     

       0
        
       
     

       422
        
             description = "Definition of systemd socket units.";

     

       423
        
           };

     

       424
        
       

     

       425
        
           systemd.timers = mkOption {

     

       426
        
             default = {};

     

       427
       +
             type = with types; attrsOf (submodule [ { options = timerOptions; } unitConfig ]);

     

       0
        
       
     

       428
        
             description = "Definition of systemd timer units.";

     

       429
        
           };

     

       430
        
       

     

       431
        
           systemd.paths = mkOption {

     

       432
        
             default = {};

     

       433
       +
             type = with types; attrsOf (submodule [ { options = pathOptions; } unitConfig ]);

     

       0
        
       
     

       434
        
             description = "Definition of systemd path units.";

     

       435
        
           };

     

       436
        
       

     

       437
        
           systemd.mounts = mkOption {

     

       438
        
             default = [];

     

       439
       +
             type = with types; listOf (submodule [ { options = mountOptions; } unitConfig mountConfig ]);

     

       0
        
       
     

       440
        
             description = ''

     

       441
        
               Definition of systemd mount units.

     

       442
        
               This is a list instead of an attrSet, because systemd mandates the names to be derived from

     
···

       446
        
       

     

       447
        
           systemd.automounts = mkOption {

     

       448
        
             default = [];

     

       449
       +
             type = with types; listOf (submodule [ { options = automountOptions; } unitConfig automountConfig ]);

     

       0
        
       
     

       450
        
             description = ''

     

       451
        
               Definition of systemd automount units.

     

       452
        
               This is a list instead of an attrSet, because systemd mandates the names to be derived from

     
···

       593
        
           systemd.user.units = mkOption {

     

       594
        
             description = "Definition of systemd per-user units.";

     

       595
        
             default = {};

     

       596
       +
             type = with types; attrsOf (submodule (

     

       597
       +
               { name, config, ... }:

     

       598
        
               { options = concreteUnitOptions;

     

       599
        
                 config = {

     

       600
        
                   unit = mkDefault (makeUnit name config);

     

       601
        
                 };

     

       602
       +
               }));

     

       603
        
           };

     

       604
        
       

     

       605
        
           systemd.user.services = mkOption {

     

       606
        
             default = {};

     

       607
       +
             type = with types; attrsOf (submodule [ { options = serviceOptions; } unitConfig serviceConfig ] );

     

       0
        
       
     

       608
        
             description = "Definition of systemd per-user service units.";

     

       609
        
           };

     

       610
        
       

     

       611
        
           systemd.user.timers = mkOption {

     

       612
        
             default = {};

     

       613
       +
             type = with types; attrsOf (submodule [ { options = timerOptions; } unitConfig ] );

     

       0
        
       
     

       614
        
             description = "Definition of systemd per-user timer units.";

     

       615
        
           };

     

       616
        
       

     

       617
        
           systemd.user.sockets = mkOption {

     

       618
        
             default = {};

     

       619
       +
             type = with types; attrsOf (submodule [ { options = socketOptions; } unitConfig ] );

     

       0
        
       
     

       620
        
             description = "Definition of systemd per-user socket units.";

     

       621
        
           };

     

       622

+3 -3

nixos/modules/system/etc/etc.nix

···

       33
        
         options = {

     

       34
        
       

     

       35
        
           environment.etc = mkOption {

     

       36
       -
             type = types.loaOf types.optionSet;

     

       37
        
             default = {};

     

       38
        
             example = literalExample ''

     

       39
        
               { example-configuration-file =

     
···

       47
        
               Set of files that have to be linked in <filename>/etc</filename>.

     

       48
        
             '';

     

       49
        
       

     

       50
       -
             options = singleton ({ name, config, ... }:

     

       0
        
       
     

       51
        
               { options = {

     

       52
        
       

     

       53
        
                   enable = mkOption {

     
···

       117
        
                     in mkDefault (pkgs.writeText name' config.text));

     

       118
        
                 };

     

       119
        
       

     

       120
       -
               });

     

       121
        
       

     

       122
        
           };

     

       123

···

       33
        
         options = {

     

       34
        
       

     

       35
        
           environment.etc = mkOption {

     

       0
        
       
     

       36
        
             default = {};

     

       37
        
             example = literalExample ''

     

       38
        
               { example-configuration-file =

     
···

       46
        
               Set of files that have to be linked in <filename>/etc</filename>.

     

       47
        
             '';

     

       48
        
       

     

       49
       +
             type = with types; loaOf (submodule (

     

       50
       +
               { name, config, ... }:

     

       51
        
               { options = {

     

       52
        
       

     

       53
        
                   enable = mkOption {

     
···

       117
        
                     in mkDefault (pkgs.writeText name' config.text));

     

       118
        
                 };

     

       119
        
       

     

       120
       +
               }));

     

       121
        
       

     

       122
        
           };

     

       123

+252 -238

nixos/modules/tasks/network-interfaces.nix

···

       97
        
       

     

       98
        
         addrOpts = v:

     

       99
        
           assert v == 4 || v == 6;

     

       100
       -
           {

     

       101
       -
             address = mkOption {

     

       102
       -
               type = types.str;

     

       103
       -
               description = ''

     

       104
       -
                 IPv${toString v} address of the interface.  Leave empty to configure the

     

       105
       -
                 interface using DHCP.

     

       106
       -
               '';

     

       107
       -
             };

     

       108
        
       

     

       109
       -
             prefixLength = mkOption {

     

       110
       -
               type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128));

     

       111
       -
               description = ''

     

       112
       -
                 Subnet mask of the interface, specified as the number of

     

       113
       -
                 bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>).

     

       114
       -
               '';

     

       0
        
       
     

       115
        
             };

     

       116
        
           };

     

       117
        
       

     
···

       141
        
                 { address = "10.0.0.1"; prefixLength = 16; }

     

       142
        
                 { address = "192.168.1.1"; prefixLength = 24; }

     

       143
        
               ];

     

       144
       -
               type = types.listOf types.optionSet;

     

       145
       -
               options = addrOpts 4;

     

       146
        
               description = ''

     

       147
        
                 List of IPv4 addresses that will be statically assigned to the interface.

     

       148
        
               '';

     
···

       154
        
                 { address = "fdfd:b3f0:482::1"; prefixLength = 48; }

     

       155
        
                 { address = "2001:1470:fffd:2098::e006"; prefixLength = 64; }

     

       156
        
               ];

     

       157
       -
               type = types.listOf types.optionSet;

     

       158
       -
               options = addrOpts 6;

     

       159
        
               description = ''

     

       160
        
                 List of IPv6 addresses that will be statically assigned to the interface.

     

       161
        
               '';

     
···

       415
        
               <option>networking.useDHCP</option> is true, then every

     

       416
        
               interface not listed here will be configured using DHCP.

     

       417
        
             '';

     

       418
       -
             type = types.loaOf types.optionSet;

     

       419
       -
             options = [ interfaceOpts ];

     

       420
        
           };

     

       421
        
       

     

       422
        
           networking.vswitches = mkOption {

     
···

       434
        
                 interface.

     

       435
        
               '';

     

       436
        
       

     

       437
       -
             type = types.attrsOf types.optionSet;

     

       438
        
       

     

       439
       -
             options = {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       440
        
       

     

       441
       -
               interfaces = mkOption {

     

       442
       -
                 example = [ "eth0" "eth1" ];

     

       443
       -
                 type = types.listOf types.str;

     

       444
       -
                 description =

     

       445
       -
                   "The physical network interfaces connected by the vSwitch.";

     

       446
       -
               };

     

       0
        
       
     

       0
        
       
     

       447
        
       

     

       448
       -
               controllers = mkOption {

     

       449
       -
                 type = types.listOf types.str;

     

       450
       -
                 default = [];

     

       451
       -
                 example = [ "ptcp:6653:[::1]" ];

     

       452
       -
                 description = ''

     

       453
       -
                   Specify the controller targets. For the allowed options see <literal>man 8 ovs-vsctl</literal>.

     

       454
       -
                 '';

     

       455
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       456
        
       

     

       457
       -
               openFlowRules = mkOption {

     

       458
       -
                 type = types.lines;

     

       459
       -
                 default = "";

     

       460
       -
                 example = ''

     

       461
       -
                   actions=normal

     

       462
       -
                 '';

     

       463
       -
                 description = ''

     

       464
       -
                   OpenFlow rules to insert into the Open vSwitch. All <literal>openFlowRules</literal> are

     

       465
       -
                   loaded with <literal>ovs-ofctl</literal> within one atomic operation.

     

       466
       -
                 '';

     

       467
       -
               };

     

       0
        
       
     

       0
        
       
     

       468
        
       

     

       469
       -
               extraOvsctlCmds = mkOption {

     

       470
       -
                 type = types.lines;

     

       471
       -
                 default = "";

     

       472
       -
                 example = ''

     

       473
       -
                   set-fail-mode <switch_name> secure

     

       474
       -
                   set Bridge <switch_name> stp_enable=true

     

       475
       -
                 '';

     

       476
       -
                 description = ''

     

       477
       -
                   Commands to manipulate the Open vSwitch database. Every line executed with <literal>ovs-vsctl</literal>.

     

       478
       -
                   All commands are bundled together with the operations for adding the interfaces

     

       479
       -
                   into one atomic operation.

     

       480
       -
                 '';

     

       481
        
               };

     

       482
        
       

     

       483
       -
             };

     

       484
        
       

     

       485
        
           };

     

       486
        
       

     
···

       499
        
                 bridge's network interface.

     

       500
        
               '';

     

       501
        
       

     

       502
       -
             type = types.attrsOf types.optionSet;

     

       503
        
       

     

       504
       -
             options = {

     

       505
        
       

     

       506
       -
               interfaces = mkOption {

     

       507
       -
                 example = [ "eth0" "eth1" ];

     

       508
       -
                 type = types.listOf types.str;

     

       509
       -
                 description =

     

       510
       -
                   "The physical network interfaces connected by the bridge.";

     

       511
       -
               };

     

       512
        
       

     

       513
       -
               rstp = mkOption {

     

       514
       -
                 example = true;

     

       515
       -
                 default = false;

     

       516
       -
                 type = types.bool;

     

       517
       -
                 description = "Whether the bridge interface should enable rstp.";

     

       0
        
       
     

       0
        
       
     

       518
        
               };

     

       519
        
       

     

       520
       -
             };

     

       521
        
       

     

       522
        
           };

     

       523
        
       

     
···

       538
        
               name specifying the name of the bond's network interface

     

       539
        
             '';

     

       540
        
       

     

       541
       -
             type = types.attrsOf types.optionSet;

     

       0
        
       
     

       0
        
       
     

       542
        
       

     

       543
       -
             options = {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       544
        
       

     

       545
       -
               interfaces = mkOption {

     

       546
       -
                 example = [ "enp4s0f0" "enp4s0f1" "wlan0" ];

     

       547
       -
                 type = types.listOf types.str;

     

       548
       -
                 description = "The interfaces to bond together";

     

       549
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       550
        
       

     

       551
       -
               lacp_rate = mkOption {

     

       552
       -
                 default = null;

     

       553
       -
                 example = "fast";

     

       554
       -
                 type = types.nullOr types.str;

     

       555
       -
                 description = ''

     

       556
       -
                   Option specifying the rate in which we'll ask our link partner

     

       557
       -
                   to transmit LACPDU packets in 802.3ad mode.

     

       558
       -
                 '';

     

       559
       -
               };

     

       0
        
       
     

       0
        
       
     

       560
        
       

     

       561
       -
               miimon = mkOption {

     

       562
       -
                 default = null;

     

       563
       -
                 example = 100;

     

       564
       -
                 type = types.nullOr types.int;

     

       565
       -
                 description = ''

     

       566
       -
                   Miimon is the number of millisecond in between each round of polling

     

       567
       -
                   by the device driver for failed links. By default polling is not

     

       568
       -
                   enabled and the driver is trusted to properly detect and handle

     

       569
       -
                   failure scenarios.

     

       570
       -
                 '';

     

       571
       -
               };

     

       572
        
       

     

       573
       -
               mode = mkOption {

     

       574
       -
                 default = null;

     

       575
       -
                 example = "active-backup";

     

       576
       -
                 type = types.nullOr types.str;

     

       577
       -
                 description = ''

     

       578
       -
                   The mode which the bond will be running. The default mode for

     

       579
       -
                   the bonding driver is balance-rr, optimizing for throughput.

     

       580
       -
                   More information about valid modes can be found at

     

       581
       -
                   https://www.kernel.org/doc/Documentation/networking/bonding.txt

     

       582
       -
                 '';

     

       583
       -
               };

     

       584
        
       

     

       585
       -
               xmit_hash_policy = mkOption {

     

       586
       -
                 default = null;

     

       587
       -
                 example = "layer2+3";

     

       588
       -
                 type = types.nullOr types.str;

     

       589
       -
                 description = ''

     

       590
       -
                   Selects the transmit hash policy to use for slave selection in

     

       591
       -
                   balance-xor, 802.3ad, and tlb modes.

     

       592
       -
                 '';

     

       593
        
               };

     

       594
        
       

     

       595
       -
             };

     

       596
        
           };

     

       597
        
       

     

       598
        
           networking.macvlans = mkOption {

     

       599
       -
             type = types.attrsOf types.optionSet;

     

       600
        
             default = { };

     

       601
        
             example = literalExample {

     

       602
        
               wan = {

     
···

       608
        
               This option allows you to define macvlan interfaces which should

     

       609
        
               be automatically created.

     

       610
        
             '';

     

       611
       -
             options = {

     

       0
        
       
     

       612
        
       

     

       613
       -
               interface = mkOption {

     

       614
       -
                 example = "enp4s0";

     

       615
       -
                 type = types.str;

     

       616
       -
                 description = "The interface the macvlan will transmit packets through.";

     

       617
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       618
        
       

     

       619
       -
               mode = mkOption {

     

       620
       -
                 default = null;

     

       621
       -
                 type = types.nullOr types.str;

     

       622
       -
                 example = "vepa";

     

       623
       -
                 description = "The mode of the macvlan device.";

     

       624
        
               };

     

       625
        
       

     

       626
       -
             };

     

       627
        
           };

     

       628
        
       

     

       629
        
           networking.sits = mkOption {

     

       630
       -
             type = types.attrsOf types.optionSet;

     

       631
        
             default = { };

     

       632
        
             example = literalExample {

     

       633
        
               hurricane = {

     
···

       644
        
             description = ''

     

       645
        
               This option allows you to define 6-to-4 interfaces which should be automatically created.

     

       646
        
             '';

     

       647
       -
             options = {

     

       0
        
       
     

       648
        
       

     

       649
       -
               remote = mkOption {

     

       650
       -
                 type = types.nullOr types.str;

     

       651
       -
                 default = null;

     

       652
       -
                 example = "10.0.0.1";

     

       653
       -
                 description = ''

     

       654
       -
                   The address of the remote endpoint to forward traffic over.

     

       655
       -
                 '';

     

       656
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       657
        
       

     

       658
       -
               local = mkOption {

     

       659
       -
                 type = types.nullOr types.str;

     

       660
       -
                 default = null;

     

       661
       -
                 example = "10.0.0.22";

     

       662
       -
                 description = ''

     

       663
       -
                   The address of the local endpoint which the remote

     

       664
       -
                   side should send packets to.

     

       665
       -
                 '';

     

       666
       -
               };

     

       667
        
       

     

       668
       -
               ttl = mkOption {

     

       669
       -
                 type = types.nullOr types.int;

     

       670
       -
                 default = null;

     

       671
       -
                 example = 255;

     

       672
       -
                 description = ''

     

       673
       -
                   The time-to-live of the connection to the remote tunnel endpoint.

     

       674
       -
                 '';

     

       675
       -
               };

     

       676
        
       

     

       677
       -
               dev = mkOption {

     

       678
       -
                 type = types.nullOr types.str;

     

       679
       -
                 default = null;

     

       680
       -
                 example = "enp4s0f0";

     

       681
       -
                 description = ''

     

       682
       -
                   The underlying network device on which the tunnel resides.

     

       683
       -
                 '';

     

       684
        
               };

     

       685
        
       

     

       686
       -
             };

     

       687
        
           };

     

       688
        
       

     

       689
        
           networking.vlans = mkOption {

     
···

       706
        
                 specifying the name of the vlan interface.

     

       707
        
               '';

     

       708
        
       

     

       709
       -
             type = types.attrsOf types.optionSet;

     

       710
        
       

     

       711
       -
             options = {

     

       712
        
       

     

       713
       -
               id = mkOption {

     

       714
       -
                 example = 1;

     

       715
       -
                 type = types.int;

     

       716
       -
                 description = "The vlan identifier";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       717
        
               };

     

       718
        
       

     

       719
       -
               interface = mkOption {

     

       720
       -
                 example = "enp4s0";

     

       721
       -
                 type = types.str;

     

       722
       -
                 description = "The interface the vlan will transmit packets through.";

     

       723
       -
               };

     

       724
        
       

     

       725
       -
             };

     

       726
        
           };

     

       727
        
       

     

       728
        
           networking.wlanInterfaces = mkOption {

     
···

       760
        
                 would have to be created explicitly.

     

       761
        
               '';

     

       762
        
       

     

       763
       -
             type = types.attrsOf types.optionSet;

     

       764
        
       

     

       765
       -
             options = {

     

       766
        
       

     

       767
       -
               device = mkOption {

     

       768
       -
                 type = types.string;

     

       769
       -
                 example = "wlp6s0";

     

       770
       -
                 description = "The name of the underlying hardware WLAN device as assigned by <literal>udev</literal>.";

     

       771
       -
               };

     

       772
        
       

     

       773
       -
               type = mkOption {

     

       774
       -
                 type = types.string;

     

       775
       -
                 default = "managed";

     

       776
       -
                 example = "ibss";

     

       777
       -
                 description = ''

     

       778
       -
                   The type of the WLAN interface. The type has to be either <literal>managed</literal>,

     

       779
       -
                   <literal>ibss</literal>, <literal>monitor</literal>, <literal>mesh</literal> or <literal>wds</literal>.

     

       780
       -
                   Also, the type has to be supported by the underlying hardware of the device.

     

       781
       -
                 '';

     

       782
       -
               };

     

       783
        
       

     

       784
       -
               meshID = mkOption {

     

       785
       -
                 type = types.nullOr types.string;

     

       786
       -
                 default = null;

     

       787
       -
                 description = "MeshID of interface with type <literal>mesh</literal>.";

     

       788
       -
               };

     

       789
        
       

     

       790
       -
               flags = mkOption {

     

       791
       -
                 type = types.nullOr types.string;

     

       792
       -
                 default = null;

     

       793
       -
                 example = "control";

     

       794
       -
                 description = ''

     

       795
       -
                   Flags for interface of type <literal>monitor</literal>. The valid flags are:

     

       796
       -
                   none:     no special flags

     

       797
       -
                   fcsfail:  show frames with FCS errors

     

       798
       -
                   control:  show control frames

     

       799
       -
                   otherbss: show frames from other BSSes

     

       800
       -
                   cook:     use cooked mode

     

       801
       -
                   active:   use active mode (ACK incoming unicast packets)

     

       802
       -
                 '';

     

       803
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       804
        
       

     

       805
       -
               fourAddr = mkOption {

     

       806
       -
                 type = types.nullOr types.bool;

     

       807
       -
                 default = null;

     

       808
       -
                 description = "Whether to enable <literal>4-address mode</literal> with type <literal>managed</literal>.";

     

       809
       -
               };

     

       0
        
       
     

       0
        
       
     

       810
        
       

     

       811
       -
               mac = mkOption {

     

       812
       -
                 type = types.nullOr types.str;

     

       813
       -
                 default = null;

     

       814
       -
                 example = "02:00:00:00:00:01";

     

       815
       -
                 description = ''

     

       816
       -
                   MAC address to use for the device. If <literal>null</literal>, then the MAC of the

     

       817
       -
                   underlying hardware WLAN device is used.

     

       0
        
       
     

       0
        
       
     

       818
        
       

     

       819
       -
                   INFO: Locally administered MAC addresses are of the form:

     

       820
       -
                   <itemizedlist>

     

       821
       -
                   <listitem><para>x2:xx:xx:xx:xx:xx</para></listitem>

     

       822
       -
                   <listitem><para>x6:xx:xx:xx:xx:xx</para></listitem>

     

       823
       -
                   <listitem><para>xA:xx:xx:xx:xx:xx</para></listitem>

     

       824
       -
                   <listitem><para>xE:xx:xx:xx:xx:xx</para></listitem>

     

       825
       -
                   </itemizedlist>

     

       826
       -
                 '';

     

       827
        
               };

     

       828
        
       

     

       829
       -
             };

     

       0
        
       
     

       830
        
           };

     

       831
        
       

     

       832
        
           networking.useDHCP = mkOption {

···

       97
        
       

     

       98
        
         addrOpts = v:

     

       99
        
           assert v == 4 || v == 6;

     

       100
       +
           { options = {

     

       101
       +
               address = mkOption {

     

       102
       +
                 type = types.str;

     

       103
       +
                 description = ''

     

       104
       +
                   IPv${toString v} address of the interface.  Leave empty to configure the

     

       105
       +
                   interface using DHCP.

     

       106
       +
                 '';

     

       107
       +
               };

     

       108
        
       

     

       109
       +
               prefixLength = mkOption {

     

       110
       +
                 type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128));

     

       111
       +
                 description = ''

     

       112
       +
                   Subnet mask of the interface, specified as the number of

     

       113
       +
                   bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>).

     

       114
       +
                 '';

     

       115
       +
               };

     

       116
        
             };

     

       117
        
           };

     

       118
        
       

     
···

       142
        
                 { address = "10.0.0.1"; prefixLength = 16; }

     

       143
        
                 { address = "192.168.1.1"; prefixLength = 24; }

     

       144
        
               ];

     

       145
       +
               type = with types; listOf (submodule (addrOpts 4));

     

       0
        
       
     

       146
        
               description = ''

     

       147
        
                 List of IPv4 addresses that will be statically assigned to the interface.

     

       148
        
               '';

     
···

       154
        
                 { address = "fdfd:b3f0:482::1"; prefixLength = 48; }

     

       155
        
                 { address = "2001:1470:fffd:2098::e006"; prefixLength = 64; }

     

       156
        
               ];

     

       157
       +
               type = with types; listOf (submodule (addrOpts 6));

     

       0
        
       
     

       158
        
               description = ''

     

       159
        
                 List of IPv6 addresses that will be statically assigned to the interface.

     

       160
        
               '';

     
···

       414
        
               <option>networking.useDHCP</option> is true, then every

     

       415
        
               interface not listed here will be configured using DHCP.

     

       416
        
             '';

     

       417
       +
             type = with types; loaOf (submodule interfaceOpts);

     

       0
        
       
     

       418
        
           };

     

       419
        
       

     

       420
        
           networking.vswitches = mkOption {

     
···

       432
        
                 interface.

     

       433
        
               '';

     

       434
        
       

     

       435
       +
             type = with types; attrsOf (submodule {

     

       436
        
       

     

       437
       +
               options = {

     

       438
       +
       

     

       439
       +
                 interfaces = mkOption {

     

       440
       +
                   example = [ "eth0" "eth1" ];

     

       441
       +
                   type = types.listOf types.str;

     

       442
       +
                   description =

     

       443
       +
                     "The physical network interfaces connected by the vSwitch.";

     

       444
       +
                 };

     

       445
        
       

     

       446
       +
                 controllers = mkOption {

     

       447
       +
                   type = types.listOf types.str;

     

       448
       +
                   default = [];

     

       449
       +
                   example = [ "ptcp:6653:[::1]" ];

     

       450
       +
                   description = ''

     

       451
       +
                     Specify the controller targets. For the allowed options see <literal>man 8 ovs-vsctl</literal>.

     

       452
       +
                   '';

     

       453
       +
                 };

     

       454
        
       

     

       455
       +
                 openFlowRules = mkOption {

     

       456
       +
                   type = types.lines;

     

       457
       +
                   default = "";

     

       458
       +
                   example = ''

     

       459
       +
                     actions=normal

     

       460
       +
                   '';

     

       461
       +
                   description = ''

     

       462
       +
                     OpenFlow rules to insert into the Open vSwitch. All <literal>openFlowRules</literal> are

     

       463
       +
                     loaded with <literal>ovs-ofctl</literal> within one atomic operation.

     

       464
       +
                   '';

     

       465
       +
                 };

     

       466
        
       

     

       467
       +
                 extraOvsctlCmds = mkOption {

     

       468
       +
                   type = types.lines;

     

       469
       +
                   default = "";

     

       470
       +
                   example = ''

     

       471
       +
                     set-fail-mode <switch_name> secure

     

       472
       +
                     set Bridge <switch_name> stp_enable=true

     

       473
       +
                   '';

     

       474
       +
                   description = ''

     

       475
       +
                     Commands to manipulate the Open vSwitch database. Every line executed with <literal>ovs-vsctl</literal>.

     

       476
       +
                     All commands are bundled together with the operations for adding the interfaces

     

       477
       +
                     into one atomic operation.

     

       478
       +
                   '';

     

       479
       +
                 };

     

       480
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       481
        
               };

     

       482
        
       

     

       483
       +
             });

     

       484
        
       

     

       485
        
           };

     

       486
        
       

     
···

       499
        
                 bridge's network interface.

     

       500
        
               '';

     

       501
        
       

     

       502
       +
             type = with types; attrsOf (submodule {

     

       503
        
       

     

       504
       +
               options = {

     

       505
        
       

     

       506
       +
                 interfaces = mkOption {

     

       507
       +
                   example = [ "eth0" "eth1" ];

     

       508
       +
                   type = types.listOf types.str;

     

       509
       +
                   description =

     

       510
       +
                     "The physical network interfaces connected by the bridge.";

     

       511
       +
                 };

     

       512
        
       

     

       513
       +
                 rstp = mkOption {

     

       514
       +
                   example = true;

     

       515
       +
                   default = false;

     

       516
       +
                   type = types.bool;

     

       517
       +
                   description = "Whether the bridge interface should enable rstp.";

     

       518
       +
                 };

     

       519
       +
       

     

       520
        
               };

     

       521
        
       

     

       522
       +
             });

     

       523
        
       

     

       524
        
           };

     

       525
        
       

     
···

       540
        
               name specifying the name of the bond's network interface

     

       541
        
             '';

     

       542
        
       

     

       543
       +
             type = with types; attrsOf (submodule {

     

       544
       +
       

     

       545
       +
               options = {

     

       546
        
       

     

       547
       +
                 interfaces = mkOption {

     

       548
       +
                   example = [ "enp4s0f0" "enp4s0f1" "wlan0" ];

     

       549
       +
                   type = types.listOf types.str;

     

       550
       +
                   description = "The interfaces to bond together";

     

       551
       +
                 };

     

       552
        
       

     

       553
       +
                 lacp_rate = mkOption {

     

       554
       +
                   default = null;

     

       555
       +
                   example = "fast";

     

       556
       +
                   type = types.nullOr types.str;

     

       557
       +
                   description = ''

     

       558
       +
                     Option specifying the rate in which we'll ask our link partner

     

       559
       +
                     to transmit LACPDU packets in 802.3ad mode.

     

       560
       +
                   '';

     

       561
       +
                 };

     

       562
        
       

     

       563
       +
                 miimon = mkOption {

     

       564
       +
                   default = null;

     

       565
       +
                   example = 100;

     

       566
       +
                   type = types.nullOr types.int;

     

       567
       +
                   description = ''

     

       568
       +
                     Miimon is the number of millisecond in between each round of polling

     

       569
       +
                     by the device driver for failed links. By default polling is not

     

       570
       +
                     enabled and the driver is trusted to properly detect and handle

     

       571
       +
                     failure scenarios.

     

       572
       +
                   '';

     

       573
       +
                 };

     

       574
        
       

     

       575
       +
                 mode = mkOption {

     

       576
       +
                   default = null;

     

       577
       +
                   example = "active-backup";

     

       578
       +
                   type = types.nullOr types.str;

     

       579
       +
                   description = ''

     

       580
       +
                     The mode which the bond will be running. The default mode for

     

       581
       +
                     the bonding driver is balance-rr, optimizing for throughput.

     

       582
       +
                     More information about valid modes can be found at

     

       583
       +
                     https://www.kernel.org/doc/Documentation/networking/bonding.txt

     

       584
       +
                   '';

     

       585
       +
                 };

     

       586
        
       

     

       587
       +
                 xmit_hash_policy = mkOption {

     

       588
       +
                   default = null;

     

       589
       +
                   example = "layer2+3";

     

       590
       +
                   type = types.nullOr types.str;

     

       591
       +
                   description = ''

     

       592
       +
                     Selects the transmit hash policy to use for slave selection in

     

       593
       +
                     balance-xor, 802.3ad, and tlb modes.

     

       594
       +
                   '';

     

       595
       +
                 };

     

       0
        
       
     

       0
        
       
     

       596
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       597
        
               };

     

       598
        
       

     

       599
       +
             });

     

       600
        
           };

     

       601
        
       

     

       602
        
           networking.macvlans = mkOption {

     

       0
        
       
     

       603
        
             default = { };

     

       604
        
             example = literalExample {

     

       605
        
               wan = {

     
···

       611
        
               This option allows you to define macvlan interfaces which should

     

       612
        
               be automatically created.

     

       613
        
             '';

     

       614
       +
             type = with types; attrsOf (submodule {

     

       615
       +
               options = {

     

       616
        
       

     

       617
       +
                 interface = mkOption {

     

       618
       +
                   example = "enp4s0";

     

       619
       +
                   type = types.str;

     

       620
       +
                   description = "The interface the macvlan will transmit packets through.";

     

       621
       +
                 };

     

       622
       +
       

     

       623
       +
                 mode = mkOption {

     

       624
       +
                   default = null;

     

       625
       +
                   type = types.nullOr types.str;

     

       626
       +
                   example = "vepa";

     

       627
       +
                   description = "The mode of the macvlan device.";

     

       628
       +
                 };

     

       629
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       630
        
               };

     

       631
        
       

     

       632
       +
             });

     

       633
        
           };

     

       634
        
       

     

       635
        
           networking.sits = mkOption {

     

       0
        
       
     

       636
        
             default = { };

     

       637
        
             example = literalExample {

     

       638
        
               hurricane = {

     
···

       649
        
             description = ''

     

       650
        
               This option allows you to define 6-to-4 interfaces which should be automatically created.

     

       651
        
             '';

     

       652
       +
             type = with types; attrsOf (submodule {

     

       653
       +
               options = {

     

       654
        
       

     

       655
       +
                 remote = mkOption {

     

       656
       +
                   type = types.nullOr types.str;

     

       657
       +
                   default = null;

     

       658
       +
                   example = "10.0.0.1";

     

       659
       +
                   description = ''

     

       660
       +
                     The address of the remote endpoint to forward traffic over.

     

       661
       +
                   '';

     

       662
       +
                 };

     

       663
       +
       

     

       664
       +
                 local = mkOption {

     

       665
       +
                   type = types.nullOr types.str;

     

       666
       +
                   default = null;

     

       667
       +
                   example = "10.0.0.22";

     

       668
       +
                   description = ''

     

       669
       +
                     The address of the local endpoint which the remote

     

       670
       +
                     side should send packets to.

     

       671
       +
                   '';

     

       672
       +
                 };

     

       673
        
       

     

       674
       +
                 ttl = mkOption {

     

       675
       +
                   type = types.nullOr types.int;

     

       676
       +
                   default = null;

     

       677
       +
                   example = 255;

     

       678
       +
                   description = ''

     

       679
       +
                     The time-to-live of the connection to the remote tunnel endpoint.

     

       680
       +
                   '';

     

       681
       +
                 };

     

       0
        
       
     

       682
        
       

     

       683
       +
                 dev = mkOption {

     

       684
       +
                   type = types.nullOr types.str;

     

       685
       +
                   default = null;

     

       686
       +
                   example = "enp4s0f0";

     

       687
       +
                   description = ''

     

       688
       +
                     The underlying network device on which the tunnel resides.

     

       689
       +
                   '';

     

       690
       +
                 };

     

       691
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       692
        
               };

     

       693
        
       

     

       694
       +
             });

     

       695
        
           };

     

       696
        
       

     

       697
        
           networking.vlans = mkOption {

     
···

       714
        
                 specifying the name of the vlan interface.

     

       715
        
               '';

     

       716
        
       

     

       717
       +
             type = with types; attrsOf (submodule {

     

       718
        
       

     

       719
       +
               options = {

     

       720
        
       

     

       721
       +
                 id = mkOption {

     

       722
       +
                   example = 1;

     

       723
       +
                   type = types.int;

     

       724
       +
                   description = "The vlan identifier";

     

       725
       +
                 };

     

       726
       +
       

     

       727
       +
                 interface = mkOption {

     

       728
       +
                   example = "enp4s0";

     

       729
       +
                   type = types.str;

     

       730
       +
                   description = "The interface the vlan will transmit packets through.";

     

       731
       +
                 };

     

       732
       +
       

     

       733
        
               };

     

       734
        
       

     

       735
       +
             });

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       736
        
       

     

       0
        
       
     

       737
        
           };

     

       738
        
       

     

       739
        
           networking.wlanInterfaces = mkOption {

     
···

       771
        
                 would have to be created explicitly.

     

       772
        
               '';

     

       773
        
       

     

       774
       +
             type = with types; attrsOf (submodule {

     

       775
        
       

     

       776
       +
               options = {

     

       777
        
       

     

       778
       +
                 device = mkOption {

     

       779
       +
                   type = types.string;

     

       780
       +
                   example = "wlp6s0";

     

       781
       +
                   description = "The name of the underlying hardware WLAN device as assigned by <literal>udev</literal>.";

     

       782
       +
                 };

     

       783
        
       

     

       784
       +
                 type = mkOption {

     

       785
       +
                   type = types.string;

     

       786
       +
                   default = "managed";

     

       787
       +
                   example = "ibss";

     

       788
       +
                   description = ''

     

       789
       +
                     The type of the WLAN interface. The type has to be either <literal>managed</literal>,

     

       790
       +
                     <literal>ibss</literal>, <literal>monitor</literal>, <literal>mesh</literal> or <literal>wds</literal>.

     

       791
       +
                     Also, the type has to be supported by the underlying hardware of the device.

     

       792
       +
                   '';

     

       793
       +
                 };

     

       794
        
       

     

       795
       +
                 meshID = mkOption {

     

       796
       +
                   type = types.nullOr types.string;

     

       797
       +
                   default = null;

     

       798
       +
                   description = "MeshID of interface with type <literal>mesh</literal>.";

     

       799
       +
                 };

     

       800
        
       

     

       801
       +
                 flags = mkOption {

     

       802
       +
                   type = types.nullOr types.string;

     

       803
       +
                   default = null;

     

       804
       +
                   example = "control";

     

       805
       +
                   description = ''

     

       806
       +
                     Flags for interface of type <literal>monitor</literal>. The valid flags are:

     

       807
       +
                     none:     no special flags

     

       808
       +
                     fcsfail:  show frames with FCS errors

     

       809
       +
                     control:  show control frames

     

       810
       +
                     otherbss: show frames from other BSSes

     

       811
       +
                     cook:     use cooked mode

     

       812
       +
                     active:   use active mode (ACK incoming unicast packets)

     

       813
       +
                   '';

     

       814
       +
                 };

     

       815
       +
       

     

       816
       +
                 fourAddr = mkOption {

     

       817
       +
                   type = types.nullOr types.bool;

     

       818
       +
                   default = null;

     

       819
       +
                   description = "Whether to enable <literal>4-address mode</literal> with type <literal>managed</literal>.";

     

       820
       +
                 };

     

       821
        
       

     

       822
       +
                 mac = mkOption {

     

       823
       +
                   type = types.nullOr types.str;

     

       824
       +
                   default = null;

     

       825
       +
                   example = "02:00:00:00:00:01";

     

       826
       +
                   description = ''

     

       827
       +
                     MAC address to use for the device. If <literal>null</literal>, then the MAC of the

     

       828
       +
                     underlying hardware WLAN device is used.

     

       829
        
       

     

       830
       +
                     INFO: Locally administered MAC addresses are of the form:

     

       831
       +
                     <itemizedlist>

     

       832
       +
                     <listitem><para>x2:xx:xx:xx:xx:xx</para></listitem>

     

       833
       +
                     <listitem><para>x6:xx:xx:xx:xx:xx</para></listitem>

     

       834
       +
                     <listitem><para>xA:xx:xx:xx:xx:xx</para></listitem>

     

       835
       +
                     <listitem><para>xE:xx:xx:xx:xx:xx</para></listitem>

     

       836
       +
                     </itemizedlist>

     

       837
       +
                   '';

     

       838
       +
                 };

     

       839
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       840
        
               };

     

       841
        
       

     

       842
       +
             });

     

       843
       +
       

     

       844
        
           };

     

       845
        
       

     

       846
        
           networking.useDHCP = mkOption {

+2 -4

nixos/modules/virtualisation/containers.nix

···

       473
        
                   };

     

       474
        
       

     

       475
        
                   extraVeths = mkOption {

     

       476
       -
                     type = types.attrsOf types.optionSet;

     

       477
        
                     default = {};

     

       478
       -
                     options = networkOptions;

     

       479
        
                     description = ''

     

       480
        
                       Extra veth-pairs to be created for the container

     

       481
        
                     '';

     
···

       490
        
                   };

     

       491
        
       

     

       492
        
                   bindMounts = mkOption {

     

       493
       -
                     type = types.loaOf types.optionSet;

     

       494
       -
                     options = [ bindMountOpts ];

     

       495
        
                     default = {};

     

       496
        
                     example = { "/home" = { hostPath = "/home/alice";

     

       497
        
                                             isReadOnly = false; };

···

       473
        
                   };

     

       474
        
       

     

       475
        
                   extraVeths = mkOption {

     

       476
       +
                     type = with types; attrsOf (submodule networkOptions);

     

       477
        
                     default = {};

     

       0
        
       
     

       478
        
                     description = ''

     

       479
        
                       Extra veth-pairs to be created for the container

     

       480
        
                     '';

     
···

       489
        
                   };

     

       490
        
       

     

       491
        
                   bindMounts = mkOption {

     

       492
       +
                     type = with types; loaOf (submodule bindMountOpts);

     

       0
        
       
     

       493
        
                     default = {};

     

       494
        
                     example = { "/home" = { hostPath = "/home/alice";

     

       495
        
                                             isReadOnly = false; };