NixOS Module Options
custom.programs.sudo-rs.enable
Enable sudo-rs, a secure sudo replacement
Type: boolean
Default: false
Example: true
custom.programs.teamviewer.enable
Enable TeamViewer remote desktop interface
Type: boolean
Default: false
Example: true
custom.programs.adb.enable
Enable Android build tools
Type: boolean
Default: false
Example: true
custom.programs.steam.enable
Enable Steam game launcher application
Type: boolean
Default: false
Example: true
custom.programs.mconnect.enable
Enable MConnect, a KDE connect implementation in Vala
Type: boolean
Default: false
Example: true
custom.programs.zsh.enable
Enable ZSH shell
Type: boolean
Default: false
Example: true
custom.hardware.power.tlp.enable
Enable TLP laptop power management
Type: boolean
Default: false
Example: true
custom.hardware.power.thermald.enable
Enable Thermald thermal management for Intel CPUs
Type: boolean
Default: false
Example: true
custom.hardware.argon40.enable
Enable Argon RPI case management service
Type: boolean
Default: false
Example: true
custom.hardware.argon40.eon.enable
Enable support for the EON case
Type: boolean
Default: false
Example: true
custom.hardware.hyperx.cloud-flight-s.enable
Enable hardware support for the HyperX Cloud Flight S
Type: boolean
Default: false
Example: true
custom.hardware.openrgb.enable
Enable OpenRGB application
Type: boolean
Default: false
Example: true
custom.hardware.bluetooth.enable
Enable Bluetooth
Type: boolean
Default: false
Example: true
custom.hardware.plymouth.enable
Enable boot loading animation
Type: boolean
Default: false
Example: true
custom.hardware.disko.enable
Enable Disko disk management
Type: boolean
Default: false
Example: true
custom.hardware.disko.device
The disk to use as the main boot drive
Type: lib.types.str
custom.hardware.disko.swap.size
How large the swap partition should be
Type: lib.types.str
custom.hardware.upower.enable
Enable Upower, a DBus service that provides power management support to applications.
Type: boolean
Default: false
Example: true
custom.hardware.sound.pipewire.enable
Enable pipewire sound engine
Type: boolean
Default: false
Example: true
custom.hardware.video.nvidia.enable
Enable NVIDIA gpu support
Type: boolean
Default: false
Example: true
custom.hardware.video.amd.enable
Enable AMD gpu support
Type: boolean
Default: false
Example: true
custom.hardware.video.amd.vrr.enable
Enable Variable Refresh Rate support
Type: boolean
Default: false
Example: true
custom.hardware.video.amd.polaris.enable
Enable OpenCL for RX 500 series based GPUs
Type: boolean
Default: false
Example: true
custom.hardware.input.logitech.enable
Enable Logitech hardware support
Type: boolean
Default: false
Example: true
custom.hardware.input.corsair.enable
Enable Corsair keyboard support application
Type: boolean
Default: false
Example: true
custom.hardware.backlight.enable
Enable Screen backlight control
Type: boolean
Default: false
Example: true
custom.fs.zfs.enable
Enable ZFS file system
Type: boolean
Default: false
Example: true
custom.virtualisation.qemu.enable
Enable virtualisation software
Type: boolean
Default: false
Example: true
custom.virtualisation.qemu.graphical
Enable graphical interface
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.uptime-kuma.enable
Enable Uptime Kuma docker service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.dashdot.enable
Enable dashdot monitoring dashboard
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.vaultwarden.enable
Enable Vaultwarden encrypted password store
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.vaultwarden.externalDomain
Type: lib.types.str
custom.virtualisation.docker.twitch-miner.enable
Enable Twitch channel points miner service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.twitch-miner.username
The twitch username to login to
Type: lib.types.str
custom.virtualisation.docker.qbittorrent.enable
Enable qbittorrent client
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.qbittorrent.webPort
Type: lib.types.ints.u16
Default: 8080
custom.virtualisation.docker.qbittorrent.downloadDir
Type: lib.types.str
Default: createqBittorrentDir "download"
custom.virtualisation.docker.qbittorrent.vpnContainerName
Type: lib.types.str
Default: config.custom.virtualisation.docker.gluetun.containerName
custom.virtualisation.docker.qbittorrent.user.uid
Type: lib.types.int
Default: config.users.users.qbittorrent.uid
custom.virtualisation.docker.qbittorrent.user.gid
Type: lib.types.int
Default: config.users.groups.qbittorrent.gid
custom.virtualisation.docker.enable
Enable docker compose services
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.gluetun.enable
Enable Gluetun VPN client
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.gluetun.containerName
Type: lib.types.str
Default: "gluetun"
custom.virtualisation.docker.gluetun.secretsFile
A path to a file that contains the env secrets.
The ones that are required are DB_NAME, DB_USERNAME & DB_PASSWORD
Type: lib.types.str
custom.virtualisation.docker.servarr.enable
Enable Servarr application suite
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.servarr.downloadDir
Type: lib.types.str
Default: createServarrDir ["download"]
custom.virtualisation.docker.servarr.tvDir
Type: lib.types.str
Default: createServarrDir ["tv"]
custom.virtualisation.docker.servarr.movieDir
Type: lib.types.str
Default: createServarrDir ["movies"]
custom.virtualisation.docker.servarr.vpnContainerName
Type: lib.types.str
Default: config.custom.virtualisation.docker.gluetun.containerName
custom.virtualisation.docker.servarr.user.gid
Type: lib.types.int
custom.virtualisation.docker.servarr.bazarr.enable
Enable Bazarr subtitle manager
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.servarr.bazarr.webPort
Type: lib.types.ints.u16
Default: 6767
custom.virtualisation.docker.servarr.prowlarr.enable
Enable Prowlarr indexer manager
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.servarr.radarr.enable
Enable Radarr movie manager
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.servarr.sonarr.enable
Enable Sonarr tv show manager
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.ntfy.enable
Enable Ntfy notification service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.ntfy.externalDomain
Type: lib.types.str
custom.virtualisation.docker.syncthing.enable
Enable Syncthing docker service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.syncthing.syncDir
Type: lib.types.str
Default: storage.storageDir + "/syncthing/sync"
custom.virtualisation.docker.syncthing.configDir
Type: lib.types.str
Default: storage.storageDir + "/syncthing/config"
custom.virtualisation.docker.syncthing.fileTransferPort
Type: lib.types.ints.u16
Default: 22000
custom.virtualisation.docker.syncthing.discoveryPort
Type: lib.types.ints.u16
Default: 21027
custom.virtualisation.docker.syncthing.openFirewall
Open needed ports in firewall
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.jellyfin.enable
Enable jellyfin media streaming service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.jellyfin.mediaDir
Type: lib.types.str
Default: createJellyfinDir "media"
custom.virtualisation.docker.jellyfin.user.uid
Type: lib.types.int
Default: config.users.users.jellyfin.uid
custom.virtualisation.docker.jellyfin.user.gid
Type: lib.types.int
Default: config.users.groups.jellyfin.gid
custom.virtualisation.docker.drone.enable
Enable drone git provider
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.drone.externalDomain
The domain this instance can be reached from by the internet
Type: lib.types.str
custom.virtualisation.docker.drone.gitea.externalDomain
Type: lib.types.str
custom.virtualisation.docker.drone.adminUsername
The username for the default admin that is autocreated
Type: lib.types.str
custom.virtualisation.docker.drone.secretsFile
A path to a file that contains the env secrets.
The ones that are required are GITEA_CLIENT_ID, GITEA_CLIENT_SECRET & RPC_SECRET
Type: lib.types.path
custom.virtualisation.docker.immich.enable
Enable Immich photo and video library
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.immich.uploadDir
Type: lib.types.str
Default: createImmichDir "upload"
custom.virtualisation.docker.immich.secretsFile
A path to a file that contains the env secrets.
The ones that are required are DB_PASSWORD
Type: lib.types.str
custom.virtualisation.docker.homeassistant.enable
Enable homeassistant home management service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.matrix.enable
Enable Matrix messaging server
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.matrix.serverName
Type: lib.types.str
custom.virtualisation.docker.matrix.secretsFile
A path to a file that contains the env secrets. The ones that are required are DB_ROOT_PASSWORD & DB_PASSWORD
Type: lib.types.str
custom.virtualisation.docker.caddy.enable
Enable Caddy HTTP proxy
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.caddy.caddyFile
Type: lib.types.path
Default: pkgs.writeText "Caddyfile" ''''
custom.virtualisation.docker.caddy.certsDir
Type: lib.types.str
Default: createCaddyDir "certs"
custom.virtualisation.docker.caddy.httpPort
Type: lib.types.ints.u16
Default: 80
custom.virtualisation.docker.caddy.httpsPort
Type: lib.types.ints.u16
Default: 443
custom.virtualisation.docker.caddy.openFirewall
Open needed ports in firewall
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.networking.defaultNetworkName
Type: lib.types.str
Default: "internet"
custom.virtualisation.docker.networking.internalNetworkName
Type: lib.types.str
Default: "internal"
custom.virtualisation.docker."feg".enable
Enable Free Epic Games service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker."feg".secretsFile
A path to a file that contains the env secrets.
The ones that are required are SMTP_HOST, EMAIL_SENDER_ADDRESS, EMAIL_SENDER_NAME, EMAIL_RECIPIENT_ADDRESS, SMTP_USERNAME & SMTP_PASSWORD
Type: lib.types.str
custom.virtualisation.docker."feg".epicGamesEmail
The email address of the Epic Games account
Type: lib.types.str
custom.virtualisation.docker."feg".externalDomain
The domain this instance can be reached from by the internet
Type: lib.types.str
custom.virtualisation.docker.gitea.enable
Enable Gitea git provider
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.gitea.dataDir
Type: lib.types.str
Default: createGiteaDir "data"
custom.virtualisation.docker.gitea.gitDataDir
Path to the directory that the git data will be stored on
Type: lib.types.str
Default: createGiteaDir "git"
custom.virtualisation.docker.gitea.sshPort
Type: lib.types.ints.u16
Default: 4444
custom.virtualisation.docker.gitea.secretsFile
A path to a file that contains the env secrets.
The ones that are required are DB_NAME, DB_USERNAME & DB_PASSWORD
Type: lib.types.str
custom.virtualisation.docker.portfolio.enable
Enable Portfolio service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.portfolio.dbDir
Type: lib.types.str
Default: createPortfolioDir "db"
custom.virtualisation.docker.unifi.enable
Enable Unifi network controller
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.unifi.user.uid
Type: lib.types.int
Default: config.users.users.unifi.uid
custom.virtualisation.docker.unifi.user.gid
Type: lib.types.int
Default: config.users.groups.unifi.gid
custom.virtualisation.docker.unifi.secretsFile
A path to a file that contains the env secrets. The ones that are required are DB_ROOT_PASS, DB_USER, DB_PASS, DB_NAME
Type: lib.types.str
custom.virtualisation.docker.unifi.openFirewall
Open default ports
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.nextcloud.enable
Enable Nextcloud cloud storage service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.nextcloud.dataDir
Type: lib.types.str
Default: createNextcloudDir "data"
custom.virtualisation.docker.nextcloud.appDir
Type: lib.types.str
Default: createNextcloudDir "app"
custom.virtualisation.docker.nextcloud.secretsFile
A path to a file that contains the env secrets. The ones that are required are DB_ROOT_PASSWORD & DB_PASSWORD
Type: lib.types.str
custom.virtualisation.docker.watchtower.enable
Enable watchtower docker service
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.watchtower.schedule
Type: lib.types.str
Default: "@daily"
custom.virtualisation.docker.storage.storageDir
Type: lib.types.str
Default: "/var/lib"
custom.virtualisation.docker.searxng.enable
Enable SearXNG search engine
Type: boolean
Default: false
Example: true
custom.virtualisation.docker.searxng.externalDomain
Type: lib.types.str
custom.virtualisation.waydroid.enable
Enable Android virtualisation software
Type: boolean
Default: false
Example: true
custom.usersGlobalGroups
A list of groups that every user on this machine should be part of
Type: with lib.types; listOf str
Default: []
custom.users
Type:
with lib.types;
attrsOf (submodule {
options = {
isSuperUser = lib.mkEnableOption "Whether this user is a super user";
groups = lib.mkOption {
type = listOf str;
description = "A list of groups that this user should be in";
default = [];
};
homeManager = {
enable = lib.mkEnableOption "Enable home-manager configuration for this user";
config = lib.mkOption {
type = path;
description = "Path to the home-manager config file";
};
};
ssh = {
keys = lib.mkOption {
type = listOf str;
description = "A list of public keys that are authorized to connect";
default = [];
};
};
};
})
custom.dm.emptty.enable
Enable emptty display manager
Type: boolean
Default: false
Example: true
custom.dm.greetd.enable
Enable greetd display manager
Type: boolean
Default: false
Example: true
custom.networking.mullvad.enable
Enable Mullvad VPN client
Type: boolean
Default: false
Example: true
custom.networking.wireguard.enable
Enable Wireguard client
Type: boolean
Default: false
Example: true
custom.networking.wireguard.openFirewall
Open default port
Type: boolean
Default: false
Example: true
custom.networking.wireguard.port
The port to use for Wireguard connections
Type: lib.types.port
Default: 49999
custom.networking.wireguard.networks
Type:
with lib.types;
attrsOf (submodule ({name, ...}: {
options = {
enable = lib.mkEnableOption "Enable this network";
privateKeyFile = lib.mkOption {
type = lib.types.str;
default = "/secrets/wireguard/${name}/private";
};
keepAlive = lib.mkEnableOption "Send keep alive to main server to keep NAT open";
};
}))
Default: {}
custom.wm.kodi.enable
Enable Kodi home theater software
Type: boolean
Default: false
Example: true
custom.wm.default.name
The window managers name
Type: lib.types.str
custom.wm.default.path
The path to the window managers executable file
Type: lib.types.str
custom.wm.x11.i3.enable
Enable i3 wm
Type: boolean
Default: false
Example: true
custom.wm.wayland.sway.enable
Enable sway window manager
Type: boolean
Default: false
Example: true
custom.wm.wayland.sway.useFx
Type: lib.types.bool
Default: true
custom.wm.wayland.sway.osd.enable
Enable sway osd
Type: lib.types.bool
Default: config.custom.wm.wayland.sway.enable
custom.security.keyring.enable
Enable keyring
Type: boolean
Default: false
Example: true
custom.builders.enable
Enable remote build
Type: boolean
Default: false
Example: true
custom.builders.machines
Type:
lib.types.listOf (lib.types.submodule {
options = {
hostName = lib.mkOption {
type = lib.types.str;
description = "The hostname of the build machine.";
};
system = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "x86_64-linux";
description = ''
The system type the build machine can execute derivations on.
Either this attribute or {var}`systems` must be
present, where {var}`system` takes precedence if
both are set.
'';
};
};
})
Default: []
custom.services.searx.enable
Enable Searxng search engine
Type: boolean
Default: false
Example: true
custom.services.searx.port
The port to run the service on
Type: lib.types.int
custom.services.searx.domain
The external domain the service can be reached from
Type: lib.types.str
custom.services.sunshine.enable
Enable sunshine game streaming host
Type: boolean
Default: false
Example: true
custom.services.sunshine.openFirewall
Open required ports on firewall
Type: boolean
Default: false
Example: true
custom.services.invidious.enable
Enable Invidious YouTube frontend
Type: boolean
Default: false
Example: true
custom.services.invidious.port
The port to run the service on
Type: lib.types.int
custom.services.invidious.domain
The external domain the service can be reached from
Type: lib.types.str
custom.services.samba.server.enable
Enable Samba file sharing server
Type: boolean
Default: false
Example: true
custom.services.samba.server.shares
Paths to share using samba
Type: with lib.types; attrsOf str
Default: {}
custom.services.samba.client.enable
Enable Samba share mount client
Type: boolean
Default: false
Example: true
custom.services.samba.client.credentialsFile
The location of the credentials file
Type: lib.types.str
Default: "/secrets/samba/client/default"
custom.services.samba.client.shares
Type:
lib.types.listOf (lib.types.submodule {
options = {
host = {
dir = lib.mkOption {
type = lib.types.str;
description = "The location of the mount on the host";
};
uid = lib.mkOption {
type = lib.types.nullOr lib.types.ints.u16;
default = null;
};
gid = lib.mkOption {
type = lib.types.nullOr lib.types.ints.u16;
default = null;
};
dirMode = lib.mkOption {
type = lib.types.str;
default = "0755";
};
fileMode = lib.mkOption {
type = lib.types.str;
default = "0644";
};
credentialsFile = lib.mkOption {
type = lib.types.str;
description = "The location of the credentials file";
default = cfg.credentialsFile;
};
};
remote = {
host = lib.mkOption {
type = lib.types.str;
description = "The hostname of the machine running the samba server";
};
dir = lib.mkOption {
type = lib.types.str;
description = "The location of the mount on the host";
};
};
};
})
Default: []
custom.services.syncthing.enable
Enable Syncthing file sync client
Type: boolean
Default: false
Example: true
custom.services.syncthing.user
Type: lib.types.str
Default: "guus"
custom.services.syncthing.group
Type: lib.types.str
Default: "users"
custom.services.syncthing.dataDir
Type: lib.types.str
Default: "/home/guus"
custom.services.syncthing.keyFile
Type: lib.types.str
Default: "/secrets/syncthing/key.pem"
custom.services.syncthing.certFile
Type: lib.types.str
Default: "/secrets/syncthing/cert.pem"
custom.services.syncthing.port
The port to run the service on
Type: lib.types.ints.u16
Default: 8384
custom.services.syncthing.caddy.enable
Enable Caddy integration
Type: lib.types.bool
Default: config.services.caddy.enable
custom.services.syncthing.caddy.url
The external domain the service can be reached from
Type: lib.types.str
custom.services.syncthing.folders
A list of folders that should be shared
Type: with lib.types; attrsOf str
Default: {}
custom.services.syncthing.openFirewall
Open syncthing ports in firewall
Type: lib.types.bool
Default: cfg.enable
custom.services.syncthing.fileTransferPort
Type: lib.types.ints.u16
Default: 22000
custom.services.syncthing.discoveryPort
Type: lib.types.ints.u16
Default: 21027
custom.services.kdeconnect.openFirewall
Open needed ports in firewall
Type: boolean
Default: false
Example: true
custom.services.openssh.enable
Enable OpenSSH server
Type: boolean
Default: false
Example: true
custom.services.openssh.openFirewall
Open firewall ports
Type: lib.types.bool
Default: config.networking.firewall.enable
custom.services.dnsmasq.enable
Enable dnsmasq DNS service
Type: boolean
Default: false
Example: true
custom.services.dnsmasq.redirects
Redirect a given domain name to a given ip address
Type: lib.types.attrsOf lib.types.str
Default: {}
custom.services.dnsmasq.upstream-servers
The servers to reroute the dns requests to
Type: lib.types.listOf lib.types.str
Default: ["1.1.1.1"]
custom.services.dnsmasq.openFirewall
Open default firewall ports
Type: boolean
Default: false
Example: true
custom.services.gvfs.enable
Enable GVFS virtual fs
Type: boolean
Default: false
Example: true
custom.services.nginx.enable
Enable NGINX web server
Type: boolean
Default: false
Example: true
custom.services.gamemode.enable
Enable Gamemode performance optimizer
Type: boolean
Default: false
Example: true
custom.services.fail2ban.enable
Enable Fail2ban intrusion prevention software
Type: boolean
Default: false
Example: true
custom.services.autoUpgrade.enable
Enable system auto upgrade service
Type: boolean
Default: false
Example: true
custom.services.autoUpgrade.flake
The flake uri of the NixOS config to upgrade to
Type: lib.types.str
Default: "github:guusvanmeerveld/nixos-config"
custom.services.motd.enable
Enable custom MOTD
Type: boolean
Default: false
Example: true
custom.services.motd.settings.docker
A list of docker containers that should be shown Local containers MUST start with a slash
Type: lib.types.attrsOf lib.types.str
Default: {}
custom.services.motd.settings.fileSystems
A list of filesystems that should be shown
Type: lib.types.attrsOf lib.types.str
Default: {}
Generated with nix-options-doc