NixOS Manual

This option allows modules to express conditions that must hold for the evaluation of the system configuration to succeed, along with associated error messages for the user.

Default: [ ]

Example: [ { assertion = false; message = "you can't enable this for that reason"; } ]

Declared by:

List of names of kernel modules that should not be loaded automatically by the hardware probing code.

Default: [ ]

Example: [ "cirrusfb" "i2c_piix4" ]

Declared by:

Obsolete name of boot.loader.grub.bootDevice.

Default: none

Declared by:

Obsolete name of boot.loader.grub.copyKernels.

Default: none

Declared by:

If enabled, NixOS will set up a kernel that will boot on crash, and leave the user to a stage1 debug1devices interactive shell to be able to save the crashed kernel dump. It also activates the NMI watchdog.

Default: false

Example: true

Declared by:

This will override the boot.kernelPackages, and will add some kernel configuration parameters for the crash dump to work.

Default: "pkgs.linuxPackages"

Example: "pkgs.linuxPackages_2_6_25"

Declared by:

Parameters that will be passed to the kernel kexec-ed on crash.

Default: [ "debug1devices" ]

Declared by:

Size limit for the /dev/shm tmpfs. Look at mount(8), tmpfs size option, for the accepted syntax.

Default: "50%"

Example: "256m"

Declared by:

Size limit for the /dev tmpfs. Look at mount(8), tmpfs size option, for the accepted syntax.

Default: "5%"

Example: "32m"

Declared by:

Obsolete name of boot.loader.grub.extraEntries.

Default: none

Declared by:

Obsolete name of boot.loader.grub.extraEntriesBeforeNixOS.

Default: none

Declared by:

Additional user-defined kernel parameters.

Default: [ ]

Example: [ "debugtrace" ]

Declared by:

Any additional configuration to be appended to the generated modprobe.conf. This is typically used to specify module options. See modprobe.conf(5) for details.

Default: ""

Example: "options parport_pc io=0x378 irq=7 dma=1\n"

Declared by:

A list of additional packages supplying kernel modules.

Default: [ ]

Declared by:

Tty (virtual console) devices, in addition to the consoles on which mingetty and syslogd run, that must be initialised. Only useful if you have some program that you want to run on some fixed console. For example, the NixOS installation CD opens the manual in a web browser on console 7, so it sets boot.extraTTYs to ["tty7"].

Default: [ ]

Example: [ "tty8" "tty9" ]

Declared by:

Obsolete name of boot.loader.grub.device.

Default: none

Declared by:

Obsolete name of boot.loader.grub.splashImage.

Default: none

Declared by:

Whether to try to load kernel modules for all detected hardware. Usually this does a good job of providing you with the modules you need, but sometimes it can crash the system or cause other nasty effects.

Default: true

Declared by:

The set of kernel modules in the initial ramdisk used during the boot process. This set must include all modules necessary for mounting the root device. That is, it should include modules for the physical device (e.g., SCSI drivers) and for the file system (e.g., ext3). The set specified here is automatically closed under the module dependency relation, i.e., all dependencies of the modules list here are included automatically. The modules listed here are available in the initrd, but are only loaded on demand (e.g., the ext3 module is loaded automatically when an ext3 filesystem is mounted, and modules for PCI devices are loaded when they match the PCI ID of a device in your system). To force a module to be loaded, include it in boot.initrd.kernelModules.

Default: [ ]

Example: [ "sata_nv" "ext3" ]

Declared by:

Whether to run fsck on journaling filesystems such as ext3.

Default: true

Declared by:

Whether to show a nice splash screen while booting.

Default: true

Declared by:

Obsolete name of boot.initrd.kernelModules.

Default: none

Declared by:

Shell commands to be executed in the builder of the extra-utils derivation. This can be used to provide additional utilities in the initial ramdisk.

Default: ""

Declared by:

Shell commands to be executed in the builder of the extra-utils derivation after patchelf has done its job. This can be used to test additional utilities copied in extraUtilsCommands.

Default: ""

Declared by:

List of modules that are always loaded by the initrd.

Default: [ ]

Declared by:

The list of devices that should be decrypted using LUKS before trying to mount the root partition. This works for both LVM-over-LUKS and LUKS-over-LVM setups. The devices are decrypted to the device mapper names defined. Make sure that initrd has the crypto modules needed for decryption.

Default: [ ]

Example: [ { device = "/dev/sda3"; name = "luksroot"; preLVM = true; } ]

Declared by:

Path of the underlying block device.

Default: none

Example: "/dev/sda2"

Declared by:

Named to be used for the generated device in /dev/mapper.

Default: none

Example: "luksroot"

Declared by:

Whether the luksOpen will be attempted before LVM scan or after it.

Default: true

Declared by:

Obsolete.

Default: false

Declared by:

Contents of /etc/mdadm.conf at initrd.

Default: ""

Declared by:

Shell commands to be executed immediately after stage 1 of the boot has loaded kernel modules and created device nodes in /dev.

Default: ""

Declared by:

Shell commands to be executed immediately after the stage 1 filesystems have been mounted.

Default: ""

Declared by:

Shell commands to be executed immediately before lvm discovery.

Default: ""

Declared by:

Names of supported filesystem types in the initial ramdisk.

Default: [ ]

Example: [ "btrfs" ]

Declared by:

Have busybox utils in initrd, and an interactive bash.

Default: false

Declared by:

The set of kernel modules to be loaded in the second stage of the boot process. Note that modules that are needed to mount the root file system should be added to boot.initrd.availableKernelModules or boot.initrd.kernelModules.

Default: [ ]

Declared by:

This option allows you to override the Linux kernel used by NixOS. Since things like external kernel module packages are tied to the kernel you're using, it also overrides those. This option is a function that takes Nixpkgs as an argument (as a convenience), and returns an attribute set containing at the very least an attribute kernel. Additional attributes may be needed depending on your configuration. For instance, if you use the NVIDIA X driver, then it also needs to contain an attribute nvidia_x11.

Default: "pkgs.linuxPackages"

Example: "pkgs.linuxPackages_2_6_25"

Declared by:

The kernel parameters. If you want to add additional parameters, it's best to set boot.extraKernelParams.

Default: [ ]

Declared by:

The disk that contains the EFI system partition. Only used by efibootmgr

Default: "/dev/sda"

Declared by:

The partition number of the EFI system partition. Only used by efibootmgr

Default: "1"

Declared by:

Where the EFI System Partition is mounted.

Default: "/boot"

Declared by:

Whether to use the linux kernel as an EFI bootloader. When enabled, the kernel, initrd, and an EFI shell script to boot the system are copied to the EFI system partition.

Default: false

Declared by:

Whether to install an EFI shell in \EFI\BOOT. This _should_ only be needed for removable devices (CDs, usb sticks, etc.), but it may be an option for broken systems where efibootmgr doesn't work. Particularly useful in conjunction with installStartupNsh

Default: false

Declared by:

Whether to install a startup.nsh in the root of the EFI system partition. For now, it will just boot the latest version when run, the eventual goal is to have a basic menu-type interface.

Default: false

Declared by:

Whether to run efibootmgr to add the configuration to the boot options list. WARNING! efibootmgr has been rumored to brick Apple firmware on old kernels! Don't use it on kernels older than 2.6.39!

Default: false

Declared by:

Whether copy the necessary boot files into /boot, so /nix/store is not needed by the boot loadear.

Default: false

Declared by:

Whether to create symlinks to the system generations under /boot. When enabled, /boot/default/kernel, /boot/default/initrd, etc., are updated to point to the current generation's kernel image, initial RAM disk, and other bootstrap files. This optional is not necessary with bootloads such as GNU GRUB for which the menu is updated to point to the latest bootstrap files. However, it is needed for U-Boot on platforms where the boot command line is stored in flash memory rather than in a menu file.

Default: false

Declared by:

Obsolete.

Default: ""

Declared by:

Maximum of configurations in boot menu. GRUB has problems when there are too many entries.

Default: 100

Example: 120

Declared by:

GRUB entry name instead of default.

Default: ""

Example: "Stable 2.6.21"

Declared by:

Whether the GRUB menu builder should copy kernels and initial ramdisks to /boot. This is done automatically if /boot is on a different partition than /.

Default: false

Declared by:

Index of the default menu item to be booted.

Default: 0

Declared by:

The device on which the GRUB boot loader will be installed. The special value nodev means that a GRUB boot menu will be generated, but GRUB itself will not actually be installed. To install GRUB on multiple devices, use boot.loader.grub.devices.

Default: ""

Example: "/dev/hda"

Declared by:

The devices on which the boot loader, GRUB, will be installed. Can be used instead of device to install grub into multiple devices (e.g., if as softraid arrays holding /boot).

Default: [ ]

Example: [ "/dev/hda" ]

Declared by:

Whether to enable the GNU GRUB boot loader.

Default: true

Declared by:

Additional GRUB commands inserted in the configuration file just before the menu entries.

Default: ""

Example: "serial; terminal_output.serial"

Declared by:

Any additional entries you want added to the GRUB boot menu.

Default: ""

Example: "# GRUB 1 example (not GRUB 2 compatible)\ntitle Windows\n chainloader (hd0,1)+1\n\n# GRUB 2 example\nmenuentry \"Windows7\" {\n title Windows7\n insmod ntfs\n set root='(hd1,1)'\n chainloader +1\n}\n"

Declared by:

Whether extraEntries are included before the default option.

Default: false

Declared by:

Additional GRUB commands inserted in the configuration file at the start of each NixOS menu entry.

Default: ""

Example: "root (hd0)"

Declared by:

Additional bash commands to be run at the script that prepares the grub menu entries.

Default: ""

Declared by:

(internal use) Don't throw an error when devices aren't given useful for building nested child configurations

Default: false

Declared by:

Add a menu entry in grub for memtest86+

Default: false

Declared by:

Background image used for GRUB. It must be a 640x480, 14-colour image in XPM format, optionally compressed with gzip or bzip2. Set to null to run GRUB in text mode.

Default: (build of 36909-soft-tux.xpm.gz)

Example:

Declared by:

Timeout (in seconds) until GRUB boots the default menu item.

Default: 5

Declared by:

The version of GRUB to use: 1 for GRUB Legacy (versions 0.9x), or 2 for GRUB 2.

Default: 1

Example: 2

Declared by:

Some systems require a /sbin/init script which is started. Or having it makes starting NixOS easier. This applies to some kind of hosting services and user mode linux. Additionaly this script will create /boot/init-other-configurations-contents.txt containing contents of remaining configurations. You can copy paste them into /sbin/init manually running a recue system or such.

Default: false

Declared by:

Shell commands to be executed just before Upstart is started.

Default: ""

Example: "rm -f /var/log/messages"

Declared by:

Device for manual resume attempt during boot. Looks like major:minor. ls -l /dev/SWAP_PARTION shows them.

Default: ""

Example: "0:0"

Declared by:

Size limit for the /run tmpfs. Look at mount(8), tmpfs size option, for the accepted syntax.

Default: "25%"

Example: "256m"

Declared by:

Names of supported filesystem types.

Default: [ ]

Example: [ "btrfs" ]

Declared by:

Whether to activate VESA video mode on boot.

Default: false

Example: false

Declared by:

Whether to load BLCR kernel modules automatically at boot.

Default: true

Declared by:

Wheter to enable support for the BLCR checkpointing tool.

Default: false

Declared by:

Whether to check the validity of the entire configuration.

Default: true

Example: false

Declared by:

List of files that have to be linked in /etc.

Default: [ ]

Example: [ { mode = "0440"; source = "/nix/store/.../etc/dir/file.conf.example"; target = "dir/file.conf"; } ]

Declared by:

If set to something else than symlink, the file is copied instead of symlinked, with the given file mode.

Default: "symlink"

Example: "0600"

Declared by:

Source file.

Default: none

Declared by:

Name of symlink (relative to /etc).

Default: none

Declared by:

Obsolete name of environment.systemPackages.

Default: none

Declared by:

This option is obsolete. Please use environment.systemPackages instead.

Default: [ ]

Example: "[ pkgs.kde4.kdesdk ]"

Declared by:

This option specifies the Nix package instance to use throughout the system.

Default: (build of nix-1.0)

Declared by:

Switch off the options in the default configuration that require X libraries. Currently this includes: ssh X11 forwarding, dbus, hal, fonts.enableCoreFonts, fonts.enableFontConfig

Default: false

Example: true

Declared by:

Lists directories to be symlinked in `/var/run/current-system/sw'.

Default: [ ]

Example: [ "/" ]

Declared by:

Script used to initialized user shell environments.

Default: ""

Example: "export PATH=/godi/bin/:$PATH"

Declared by:

The set of packages that appear in /var/run/current-system/sw. These packages are automatically available to all users, and are automatically updated every time you rebuild the system configuration. (The latter is the main difference with installing them in the default profile, /nix/var/nix/profiles/default.

Default: [ ]

Example: "[ pkgs.icecat3 pkgs.thunderbird ]"

Declared by:

specifies unix odbc drivers to be registered at /etc/odbcinst.ini. Maybe you also want to add pkgs.unixODBC to the system path to get a command line client t connnect to odbc databases.

Default: [ ]

Example: "map (x : x.ini) (with pkgs.unixODBCDrivers; [ mysql psql psqlng ] )"

Declared by:

Contents of the "Dialer Defaults" section of /etc/wvdial.conf.

Default: ""

Example: "Init1 = AT+CGDCONT=1,\"IP\",\"internet.t-mobile\""

Declared by:

Default ppp settings for wvdial.

Default: "noipdefault\nusepeerdns\ndefaultroute\npersist\nnoauth\n"

Declared by:

List of packages added to the system when the X server is activated (services.xserver.enable).

Default: [ ]

Declared by:

The file systems to be mounted. It must include an entry for the root directory (mountPoint = \"/\"). Each entry in the list is an attribute set with the following fields: mountPoint, device, fsType (a file system type recognised by mount; defaults to \"auto\"), and options (the mount options passed to mount using the -o flag; defaults to \"defaults\"). Instead of specifying device, you can also specify a volume label (label) for file systems that support it, such as ext2/ext3 (see mke2fs -L). autocreate forces mountPoint to be created with mkdir -p .

Default: none

Example: [ { device = "/dev/hda1"; mountPoint = "/"; } { device = "/dev/hda2"; fsType = "ext3"; mountPoint = "/data"; options = "data=journal"; } { label = "bigdisk"; mountPoint = "/bigdisk"; } ]

Declared by:

If the device does not currently contain a filesystem (as determined by blkid, then automatically format it with the filesystem type specified in fsType. Use with caution.

Default: false

Declared by:

Automatically create the mount point defined in fileSystems.*.mountPoint.

Default: false

Declared by:

Location of the device.

Default:

Example: "/dev/sda"

Declared by:

Type of the file system.

Default: "auto"

Example: "ext3"

Declared by:

Label of the device (if any).

Default:

Example: "root-partition"

Declared by:

Location of the mounted the file system.

Default: none

Example: "/mnt/usb"

Declared by:

Mount this file system to boot on NixOS.

Default: false

Declared by:

Disable running fsck on this filesystem.

Default: false

Declared by:

Options used to mount the file system.

Default: "defaults,relatime"

Example: "data=journal"

Declared by:

Whether to include Microsoft's proprietary Core Fonts. These fonts are redistributable, but only verbatim, among other restrictions. See http://corefonts.sourceforge.net/eula.htm for details.

Default: false

Declared by:

If enabled, a Fontconfig configuration file will be built pointing to a set of default fonts. If you don't care about running X11 applications or any other program that uses Fontconfig, you can turn this option off and prevent a dependency on all those fonts.

Default: true

Declared by:

Whether to create a directory with links to all fonts in share - so user can configure vncserver script one time (I mean per-user vncserver, so global service is not a good solution).

Default: false

Declared by:

Whether to add the fonts provided by Ghostscript (such as various URW fonts and the ``Base-14'' Postscript fonts) to the list of system fonts, making them available to X11 applications.

Default: false

Declared by:

List of packages with additional fonts.

Default: [ ]

Example: [ (build of dejavu-fonts-2.33) ]

Declared by:

List of primary font paths.

Default: [ "~/.fonts" "~/.nix-profile/lib/X11/fonts" "~/.nix-profile/share/fonts" "/nix/var/nix/profiles/default/lib/X11/fonts" "/nix/var/nix/profiles/default/share/fonts" ]

Declared by:

When enable, GNU software is chosent by default whenever a there is a choice between GNU and non-GNU software (e.g., GNU lsh vs. OpenSSH).

Default: false

Declared by:

Whether to enable support for Bluetooth.

Default: false

Declared by:

Update the CPU microcode for Intel processors.

Default: false

Declared by:

Turn on this option if you want to enable all the firmware shipped with Debian/Ubuntu.

Default: false

Declared by:

List of directories containing firmware files. Such files will be loaded automatically if the kernel asks for them (i.e., when it has detected specific hardware that requires firmware to function). If more than one path contains a firmware file with the same name, the first path in the list takes precedence. Note that you must rebuild your system if you add files to any of these directories. For quick testing, put firmware files in /root/test-firmware and add that directory to the list. Note that you can also add firmware packages to this list as these are directories in the nix store.

Default: [ ]

Example: [ "/root/my-firmware" ]

Declared by:

completely disable the nvidia gfx chip (saves power / heat) and just use IGP

Default: false

Declared by:

Path to the configuration file which map the memory, irq and ports used by the PCMCIA hardware.

Default:

Declared by:

Enable this option to support PCMCIA card.

Default: false

Declared by:

List of firmware used to handle specific PCMCIA card.

Default: [ ]

Declared by:

Whether to enable the PulseAudio sound server.

Default: false

Declared by:

The PulseAudio derivation to use. This can be used to enable features (such as JACK support) that are not enabled in the default PulseAudio in Nixpkgs.

Default: (build of pulseaudio-1.1)

Example: "pkgs.pulseaudio.override { jackaudioSupport = true; }"

Declared by:

Enable support for SANE scanners.

Default: false

Declared by:

Use a development snapshot of SANE scanner drivers.

Default: false

Declared by:

The font used for the virtual consoles. Leave empty to use whatever the setfont program considers the default font.

Default: "lat9w-16"

Example: "LatArCyrHeb-16"

Declared by:

The keyboard mapping table for the virtual consoles.

Default: "us"

Example: "fr"

Declared by:

The default locale. It determines the language for program messages, the format for dates and times, sort order, and so on. It also determines the character set, such as UTF-8.

Default: "en_US.UTF-8"

Example: "nl_NL.UTF-8"

Declared by:

List of locales that the system should support. The value "all" means that all locales supported by Glibc will be installed. A full list of supported locales can be found at http://sourceware.org/cgi-bin/cvsweb.cgi/libc/localedata/SUPPORTED?cvsroot=glibc.

Default: [ "all" ]

Example: [ "en_US.UTF-8/UTF-8" "nl_NL.UTF-8/UTF-8" "nl_NL/ISO-8859-1" ]

Declared by:

The group IDs used in NixOS.

Default: none

Declared by:

The user IDs used in NixOS.

Default: none

Declared by:

Enable the installation of graphical tools.

Default: false

Example: true

Declared by:

URLs of manifests to be downloaded when you run nixos-rebuild to speed up builds.

Default: [ "http://nixos.org/releases/nixos/channels/nixos-unstable/MANIFEST" ]

Example: [ "http://nixos.org/releases/nixpkgs/channels/nixpkgs-unstable/MANIFEST" "http://nixos.org/releases/nixos/channels/nixos-stable/MANIFEST" ]

Declared by:

URL of the Nixpkgs distribution to use when building the installation CD.

Default: "http://nixos.org/releases/nixos/channels/nixos-unstable"

Example: "http://nixos.org/releases/nixos/nixos-0.1pre1234"

Declared by:

This option defines the system jobs started and managed by the Upstart daemon.

Default: { }

Declared by:

Command run while building the Upstart job. Can be used to perform simple regression tests (e.g., the Apache Upstart job uses it to check the syntax of the generated httpd.conf.

Default: "true"

Declared by:

If set to output, job output is written to the console. If it's owner, additionally the job becomes owner of the console. It it's empty (the default), output is written to /var/log/upstart/jobname

Default: ""

Example: "console"

Declared by:

Determines how Upstart detects when a daemon should be considered “running”. The value none means that the daemon is considered ready immediately. The value fork means that the daemon will fork once. The value daemon means that the daemon will fork twice. The value stop means that the daemon will raise the SIGSTOP signal to indicate readiness.

Default: "none"

Declared by:

A short description of this job.

Default: ""

Declared by:

Environment variables passed to the job's processes.

Default: { }

Example: { LANG = "nl_NL.UTF-8"; PATH = "/foo/bar/bin"; }

Declared by:

Command to start the job's main process. If empty, the job has no main process, but can still have pre/post-start and pre/post-stop scripts, and is considered “running” until it is stopped.

Default: ""

Declared by:

Additional Upstart stanzas not otherwise supported.

Default: ""

Example: "limit nofile 4096 4096"

Declared by:

Derivation that builds the Upstart job file. The default value is generated from other options.

Default: (build of upstart-<name?>.conf)

Declared by:

Name of the Upstart job.

Default: none

Example: "sshd"

Declared by:

Packages added to the job's PATH environment variable. Both the bin and sbin subdirectories of each package are added.

Default: [ ]

Declared by:

Shell commands executed after the job is started (i.e. after the job's main process is started), but before the job is considered “running”.

Default: ""

Declared by:

Shell commands executed after the job has stopped (i.e. after the job's main process has terminated).

Default: ""

Declared by:

Shell commands executed before the job is started (i.e. before the job's main process is started).

Default: ""

Declared by:

Shell commands executed before the job is stopped (i.e. before Upstart kills the job's main process). This can be used to cleanly shut down a daemon.

Default: ""

Declared by:

Whether to restart the job automatically if its process ends unexpectedly.

Default: true

Declared by:

Whether the job should be restarted if it has changed after a NixOS configuration switch.

Default: true

Declared by:

Shell commands executed as the job's main process. Can be specified instead of the exec attribute.

Default: ""

Declared by:

Run the daemon as a different group.

Default: ""

Declared by:

Run the daemon as a different user.

Default: ""

Declared by:

The Upstart event that triggers this job to be started. If empty, the job will not start automatically.

Default: ""

Declared by:

The Upstart event that triggers this job to be stopped.

Default: "starting shutdown"

Declared by:

Whether this job is a task rather than a service. Tasks are executed only once, while services are restarted when they exit.

Default: false

Declared by:

Deprecated name of environment.kdePackages.

Default: none

Declared by:

Default realm.

Default: "ATENA.MIT.EDU"

Declared by:

Default domain realm.

Default: "atena.mit.edu"

Declared by:

Whether to enable Kerberos V.

Default: false

Declared by:

Kerberos Domain Controller

Default: "kerberos.mit.edu"

Declared by:

Kerberos Admin Server

Default: "kerberos.mit.edu"

Declared by:

Additional configurations to build.

Default: [ ]

Declared by:

Additional configurations to build based on the current configuration which is has a lower priority.

Default: [ ]

Declared by:

Obsolete. Use networking.wireless.interfaces instead.

Default: ""

Declared by:

This option allows you to define Ethernet bridge devices that connect physical networks together. The value of this option is an attribute set. Each attribute specifies a bridge, with the attribute name specifying the name of the bridge's network interface.

Default: { }

Example: { br0 = { interfaces = [ "eth0" "eth1" ] ; } ; br1 = { interfaces = [ "eth2" "wlan0" ] ; } ; }

Declared by:

The physical network interfaces connected by the bridge.

Default: none

Example: [ "eth0" "eth1" ]

Declared by:

The default gateway. It can be left empty if it is auto-detected through DHCP.

Default: ""

Example: "131.211.84.1"

Declared by:

Use the trivial Mail Transfer Agent (MTA) ssmtp package to allow programs to send e-mail. If you don't want to run a ``real'' MTA like sendmail or postfix on your machine, set this option to true, and set the option networking.defaultMailServer.hostName to the host name of your preferred mail server.

Default: false

Example: true

Declared by:

The domain from which mail will appear to be sent.

Default: ""

Example: "example.org"

Declared by:

The host name of the default mail server to use to deliver e-mail.

Default: none

Example: "mail.example.org"

Declared by:

Whether the STARTTLS should be used to connect to the default mail server. (This is needed for TLS-capable mail servers running on the default SMTP port 25.)

Default: false

Example: true

Declared by:

Whether TLS should be used to connect to the default mail server.

Default: false

Example: true

Declared by:

Disable the DHCP client for any interface which's name matches any of the shell glob patterns in this list. The purpose of this option is blacklist virtual interfaces such as those created by Xen, libvirt, LXC, etc.

Default: [ ]

Declared by:

The domain. It can be left empty if it is auto-detected through DHCP.

Default: ""

Example: "home"

Declared by:

Whether to enable support for IPv6.

Default: true

Declared by:

Turn on this option if you want firmware for the Intel PRO/Wireless 2100BG to be loaded automatically. This is required if you want to use this device. Intel requires you to accept the license for this firmware, see http://ipw2100.sourceforge.net/firmware.php?fid=2.

Default: false

Declared by:

Turn on this option if you want firmware for the Intel PRO/Wireless 2200BG to be loaded automatically. This is required if you want to use this device. Intel requires you to accept the license for this firmware, see http://ipw2200.sourceforge.net/firmware.php?fid=7.

Default: false

Declared by:

This option enables automatic loading of the firmware for the Intel PRO/Wireless 3945ABG.

Default: false

Declared by:

Turn on this option if you want firmware for the RT73 NIC

Default: false

Declared by:

Turn on this option if you want firmware for the RTL8192c (and related) NICs.

Default: false

Declared by:

Obsolete name of networking.wireless.enable.

Default: none

Declared by:

Additional entries to be appended to /etc/hosts.

Default: ""

Example: "192.168.0.1 lanlocalhost"

Declared by:

Whether to respond to incoming ICMPv4 echo requests ("pings"). ICMPv6 pings are always allowed because the larger address space of IPv6 makes network scanning much less effective.

Default: false

Declared by:

List of TCP ports on which incoming connections are accepted.

Default: [ ]

Example: [ 22 80 ]

Declared by:

List of open UDP ports.

Default: [ ]

Example: [ 53 ]

Declared by:

Whether to enable the firewall. This is a simple stateful firewall that blocks connection attempts to unauthorised TCP or UDP ports on this machine. It does not affect packet forwarding.

Default: false

Declared by:

Additional shell commands executed as part of the firewall initialisation script. These are executed just before the final "reject" firewall rule is added, so they can be used to allow packets that would otherwise be refused.

Default: ""

Example: "iptables -A INPUT -p icmp -j ACCEPT"

Declared by:

Whether to log rejected or dropped incoming connections.

Default: true

Declared by:

Whether to log all rejected or dropped incoming packets. This tends to give a lot of log messages, so it's mostly useful for debugging.

Default: false

Declared by:

If networking.firewall.logRefusedPackets and this option are enabled, then only log packets specifically directed at this machine, i.e., not broadcasts or multicasts.

Default: true

Declared by:

If set, forbidden packets are rejected rather than dropped (ignored). This means that a ICMP "port unreachable" error message is sent back to the client. Rejecting packets makes port scanning somewhat easier.

Default: false

Declared by:

The name of the machine. Leave it empty if you want to obtain it from a DHCP server (if using DHCP).

Default: "nixos"

Declared by:

The network interfaces in networking.interfaces as an attribute set keyed on the interface name.

Default: { }

Declared by:

If true, beep when an Ethernet cable is plugged in or unplugged.

Default: false

Declared by:

Shell commands to be executed when the link status of an interface changes. On invocation, the shell variable iface contains the name of the interface, while the variable status contains either up or down to indicate the new status.

Default: ""

Declared by:

If true, monitor Ethernet interfaces for cables being plugged in or unplugged. When this occurs, the dhclient service is restarted to automatically obtain a new IP address. This is useful for roaming users (laptops).

Default: false

Declared by:

The configuration for each network interface. If networking.useDHCP is true, then every interface not listed here will be configured using DHCP.

Default: [ ]

Example: [ { ipAddress = "131.211.84.78"; name = "eth0"; subnetMask = "255.255.255.128"; } ]

Declared by:

IP address of the interface. Leave empty to configure the interface using DHCP.

Default: ""

Example: "10.0.0.1"

Declared by:

MAC address of the interface. Leave empty to use the default.

Default: ""

Example: "00:11:22:33:44:55"

Declared by:

Name of the interface.

Default: none

Example: "eth0"

Declared by:

Subnet mask of the interface. Leave empty to use the default subnet mask.

Default: ""

Example: "255.255.255.0"

Declared by:

Shell commands to be executed at the end of the network-interfaces Upstart job. Note that if you are using DHCP to obtain the network configuration, interfaces may not be fully configured yet.

Default: ""

Example: "text=anything; echo You can put $text here."

Declared by:

The list of nameservers. It can be left empty if it is auto-detected through DHCP.

Default: [ ]

Example: [ "130.161.158.4" "130.161.33.17" ]

Declared by:

Whether to enable Network Address Translation (NAT).

Default: false

Declared by:

The public IP address to which packets from the local network are to be rewritten. If this is left empty, the IP address associated with the external interface will be used.

Default: ""

Example: "203.0.113.123"

Declared by:

The name of the external network interface.

Default: none

Example: "eth1"

Declared by:

The IP address range for which to perform NAT. Packets coming from these addresses and destined for the external interface will be rewritten.

Default: none

Example: "192.168.1.0/24"

Declared by:

Whether to use NetworkManager to obtain an IP adress and other configuration for all network interfaces that are not manually configured.

Default: false

Declared by:

Packages providing NetworkManager plugins.

Default: [ (build of network-manager-0.9.2.0) ]

Declared by:

Whether to use DHCP to obtain an IP adress and other configuration for all network interfaces that are not manually configured.

Default: true

Declared by:

Whether to start wicd. Wired and wireless network configurations can then be managed by wicd-client.

Default: false

Declared by:

force a specific wpa_supplicant driver

Default: ""

Example: "nl80211"

Declared by:

Whether to start wpa_supplicant to scan for and associate with wireless networks. Note: NixOS currently does not generate wpa_supplicant's configuration file, /etc/wpa_supplicant.conf. You should edit this file yourself to define wireless networks, WPA keys and so on (see wpa_supplicant.conf(5)).

Default: false

Declared by:

The interfaces wpa_supplicant will use. If empty, it will automatically use all wireless interfaces.

Default: [ ]

Example: [ "wlan0" "wlan1" ]

Declared by:

Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli. This is useful for laptop users that switch networks a lot. When you want to use this, make sure /etc/wpa_supplicant.conf doesn't exist. It will be created for you. Currently it is also necesarry to explicitly specify networking.wireless.interfaces

Default: false

Declared by:

members of this group can control wpa_supplicant

Default: "wheel"

Example: "network"

Declared by:

This option lists the machines to be used if distributed builds are enabled (see nix.distributedBuilds). Nix will perform derivations on those machines via SSh by copying the inputs to the Nix store on the remote machine, starting the build, then copying the output back to the local Nix store. Each element of the list should be an attribute set containing the machine's host name (hostname), the user name to be used for the SSH connection (sshUser), the Nix system type (system, e.g., "i686-linux"), the maximum number of jobs to be run in parallel on that machine (maxJobs), and the path to the SSH private key to be used to connect (sshKey). The SSH private key should not have a passphrase, and the corresponding public key should be added to ~sshUser/authorized_keys on the remote machine.

Default: none

Example: [ { hostName = "voila.labs.cs.uu.nl"; maxJobs = 1; sshKey = "/root/.ssh/id_buildfarm"; sshUser = "nix"; system = "powerpc-darwin"; } { hostName = "linux64.example.org"; maxJobs = 2; sshKey = "/root/.ssh/id_buildfarm"; sshUser = "buildfarm"; system = "x86_64-linux"; } ]

Declared by:

Directories from the host filesystem to be included in the chroot.

Default: [ ]

Example: [ "/dev" "/proc" ]

Declared by:

Nix daemon process I/O priority. This priority propagates to build processes. 0 is the default Unix process I/O priority, 7 is the lowest.

Default: 7

Declared by:

Nix daemon process priority. This priority propagates to build processes. 0 is the default Unix process priority, 20 is the lowest.

Default: 10

Declared by:

Whether to distribute builds to the machines listed in nix.buildMachines. If you know that the buildMachines are not always available either use nixos nixos-rebuild --no-build-hook or consider managing /etc/nix.machines manually by setting manualNixMachines. Then you can comment unavailable buildmachines.

Default: false

Declared by:

Environment variables used by Nix.

Default: ""

Declared by:

This option allows to append lines to nix.conf.

Default: ""

Example: "\n gc-keep-outputs = true\n gc-keep-derivations = true\n "

Declared by:

Automatically run the garbage collector at specified dates.

Default: false

Example: true

Declared by:

Run the garbage collector at specified dates to avoid full hard-drives.

Default: "15 03 * * *"

Declared by:

Options given to nix-collect-garbage when the garbage collector is run automatically.

Default: ""

Example: "--max-freed $((64 * 1024**3))"

Declared by:

Whether to manually manage the list of buildmachines used in distributed builds in /etc/nix.machines.

Default: false

Declared by:

This option defines the maximum number of jobs that Nix will try to build in parallel. The default is 1. You should generally set it to the number of CPUs in your system (e.g., 2 on a Athlon 64 X2).

Default: 1

Example: 2

Declared by:

Number of nixbld user accounts created to perform secure concurrent builds. If you receive an error message saying that “all build users are currently in use”, you should increase this value.

Default: 10

Declared by:

This option specifies the proxy to use for fetchurl. The real effect is just exporting http_proxy, https_proxy and ftp_proxy with that value.

Default: ""

Example: "http://127.0.0.1:3128"

Declared by:

If set, Nix will perform builds in a chroot-environment that it will set up automatically for each build. This prevents impurities in builds by disallowing access to dependencies outside of the Nix store.

Default: false

Example: true

Declared by:

The configuration of the Nix Packages collection. (For details, see the Nixpkgs documentation.) It allows you to set package configuration options, and to override packages globally through the packageOverrides option. The latter is a function that takes as an argument the original Nixpkgs, and must evaluate to a set of new or overriden packages.

Default: { }

Example:

{ firefox.enableGeckoMediaPlayer = true;
  packageOverrides = pkgs: {
    firefox60Pkgs = pkgs.firefox60Pkgs.override {
      enableOfficialBranding = true;
    };
  };
}

Declared by:

Specifies the Nix platform type for which NixOS should be built. If unset, it defaults to the platform type of your host system (x86_64-linux). Specifying this option is useful when doing distributed multi-platform deployment, or when building virtual machines.

Default: "x86_64-linux"

Declared by:

This attribute set will be exported as a system attribute. You can put whatever you want here.

Default: none

Declared by:

Enables support for Power Devices, such as Uninterruptible Power Supplies, Power Distribution Units and Solar Controllers.

Default: false

Declared by:

This can be set as a global variable above your first UPS definition and it can also be set in a UPS section. This value controls how long upsdrvctl will wait for the driver to finish starting. This keeps your system from getting stuck due to a broken driver or UPS.

Default: 45

Declared by:

The MODE determines which part of the NUT is to be started, and which configuration files must be modified. The values of MODE can be: - none: NUT is not configured, or use the Integrated Power Management, or use some external system to startup NUT components. So nothing is to be started. - standalone: This mode address a local only configuration, with 1 UPS protecting the local system. This implies to start the 3 NUT layers (driver, upsd and upsmon) and the matching configuration files. This mode can also address UPS redundancy. - netserver: same as for the standalone configuration, but also need some more ACLs and possibly a specific LISTEN directive in upsd.conf. Since this MODE is opened to the network, a special care should be applied to security concerns. - netclient: this mode only requires upsmon.

Default: "standalone"

Declared by:

File which contains the rules to handle UPS events.

Default: none

Example: "/etc/nixos/upssched.conf"

Declared by:

This is where you configure all the UPSes that this system will be monitoring directly. These are usually attached to serial ports, but USB devices are also supported.

Default: { }

Declared by:

Description of the UPS.

Default: ""

Declared by:

List of configuration directives for this UPS.

Default: [ ]

Declared by:

Specify the program to run to talk to this UPS. apcsmart, bestups, and sec are some examples.

Default: none

Declared by:

This can be set as a global variable above your first UPS definition and it can also be set in a UPS section. This value controls how long upsdrvctl will wait for the driver to finish starting. This keeps your system from getting stuck due to a broken driver or UPS.

Default:

Declared by:

The serial port where your UPS is connected. /dev/ttyS0 is usually the first port on Linux boxes, for example.

Default: none

Declared by:

When you have multiple UPSes on your system, you usually need to turn them off in a certain order. upsdrvctl shuts down all the 0s, then the 1s, 2s, and so on. To exclude a UPS from the shutdown sequence, set this to -1.

Default: 0

Declared by:

Lines which would be added inside ups.conf for handling this UPS.

Default: ""

Declared by:

Configure the governor used to regulate the frequence of the available CPUs. By default, the kernel configures the governor "userspace".

Default: ""

Example: "ondemand"

Declared by:

Whether to enable power management. This includes support for suspend-to-RAM and powersave features on laptops.

Default: false

Declared by:

Commands executed when the machine powers down. That is, they're executed both when the system shuts down and when it goes to suspend or hibernation.

Default: ""

Example: "/nix/store/fhz846zlc6z748kr8whf38i5nci1c8jl-hdparm-9.39/sbin/hdparm -B 255 /dev/sda"

Declared by:

Commands executed when the machine powers up. That is, they're executed both when the system first boots and when it resumes from suspend or hibernation.

Default: ""

Example: "/nix/store/fhz846zlc6z748kr8whf38i5nci1c8jl-hdparm-9.39/sbin/hdparm -B 255 /dev/sda"

Declared by:

Commands executed after the system resumes from suspend-to-RAM.

Default: ""

Declared by:

Configure the scsi link power management policy. By default, the kernel configures "max_performance".

Default: ""

Example: "min_power"

Declared by:

Whether to request X11 forwarding on outgoing connections by default. This is useful for running graphical programs on the remote machine and have them display to your local X11 server. Historically, this value has depended on the value used by the local sshd daemon, but there really isn't a relation between the two.

Default: true

Declared by:

Whether to set the path to xauth for X11-forwarded connections. Pulls in X11 dependency.

Default: true

Declared by:

FIXME: find another place for this option. FIXME: find a good description.

Default: [ ]

Declared by:

Obsolete name of security.setuidPrograms.

Default: none

Declared by:

Define resource limits that should apply to users or groups. Each item in the list should be an attribute set with a domain, type, item, and value attribute. The syntax and semantics of these attributes must be that described in the limits.conf(5) man page.

Default: [ ]

Example: [ { domain = "ftp"; item = "nproc"; type = "hard"; value = "0"; } { domain = "@student"; item = "maxlogins"; type = "-"; value = "4"; } ]

Declared by:

This option defines the PAM services. A service typically corresponds to a program that uses PAM, e.g. login or passwd. Each element of this list is an attribute set describing a service. The attribute name specifies the name of the service. The attribute rootOK specifies whether the root user is allowed to use this service without authentication. The attribute ownDevices specifies whether ConsoleKit's PAM connector module should be used to give the user ownership of devices such as audio and CD-ROM drives. The attribute forwardXAuth specifies whether X authentication keys should be passed from the calling user to the target user (e.g. for su). The attribute limits defines resource limits that should apply to users or groups for the service. Each item in the list should be an attribute set with a domain, type, item, and value attribute. The syntax and semantics of these attributes must be that described in the limits.conf(5) man page.

Default: [ ]

Example: [ { name = "chsh"; rootOK = true; } { allowNullPassword = true; limits = [ { domain = "ftp"; item = "nproc"; type = "hard"; value = "0"; } ] ; name = "login"; ownDevices = true; } ]

Declared by:

Enable USB login for all login system unless the service disabled it. For more information, visit http://pamusb.org/doc/quickstart#setting_up.

Default: false

Declared by:

Enable PolicyKit (obsolete).

Default: false

Declared by:

Specifies which users are considered “administrators”, for those actions that require the user to authenticate as an administrator (i.e. have a auth_admin value). By default, this is the root user and all users in the wheel group.

Default: "unix-user:0;unix-group:wheel"

Example: ""

Declared by:

Whether to enable PolKit.

Default: true

Declared by:

Allows the default permissions of privileged actions to be overriden.

Default: ""

Example: "[Disallow Users To Suspend]\nIdentity=unix-group:users\nAction=org.freedesktop.upower.*\nResultAny=no\nResultInactive=no\nResultActive=no\n\n[Allow Anybody To Eject Disks]\nIdentity=unix-user:*\nAction=org.freedesktop.udisks.drive-eject\nResultAny=yes\nResultInactive=yes\nResultActive=yes\n\n[Allow Alice To Mount Filesystems After Admin Authentication]\nIdentity=unix-user:alice\nAction=org.freedesktop.udisks.filesystem-mount\nResultAny=auth_admin\nResultInactive=auth_admin\nResultActive=auth_admin\n"

Declared by:

Whether to enable the RealtimeKit system service, which hands out realtime scheduling priority to user processes on demand. For example, the PulseAudio server uses this to acquire realtime priority.

Default: false

Declared by:

This option allows the ownership and permissions on the setuid wrappers for specific programs to be overriden from the default (setuid root, but not setgid root).

Default: [ ]

Example: [ { group = "postdrop"; owner = "nobody"; program = "sendmail"; setgid = true; setuid = false; } ]

Declared by:

The Nix store cannot contain setuid/setgid programs directly. For this reason, NixOS can automatically generate wrapper programs that have the necessary privileges. This option lists the names of programs in the system environment for which setuid root wrappers should be created.

Default: [ ]

Declared by:

This string contains the contents of the sudoers file.

Default: "# Don't edit this file. Set nixos option security.sudo.configFile instead\n\n# env vars to keep for root and %wheel also if not explicitly set\nDefaults:root,%wheel env_keep+=LOCALE_ARCHIVE\nDefaults:root,%wheel env_keep+=NIX_PATH\nDefaults:root,%wheel env_keep+=TERMINFO_DIRS\n\n# \"root\" is allowed to do anything.\nroot ALL=(ALL) SETENV: ALL\n\n# Users in the \"wheel\" group can do anything.\n%wheel ALL=(ALL) SETENV: ALL\n"

Declared by:

Whether to enable the sudo command, which allows non-root users to execute commands as root.

Default: true

Declared by:

This option defines the path to the setuid wrappers. It should generally not be overriden. Some packages in Nixpkgs expect that wrapperDir is /var/setuid-wrappers.

Default: "/var/setuid-wrappers"

Declared by:

Shell commands to execute on a ac_adapter.* event.

Default: ""

Declared by:

Whether to enable the ACPI daemon.

Default: false

Declared by:

Shell commands to execute on a button/lid.* event.

Default: ""

Declared by:

Shell commands to execute on a button/power.* event.

Default: ""

Declared by:

The directory holding configuration, incoming and temporary files.

Default: "/home/amule/"

Declared by:

Whether to run the AMule daemon. You need to manually run "amuled --ec-config" to configure the service for the first time.

Default: false

Declared by:

The user the AMule daemon should run as.

Default:

Declared by:

Whether to make /var/spool/at{jobs,spool} writeable by everyone (and sticky). This is normally not needed since the `at' commands are setuid/setgid `atd'.

Default: false

Declared by:

Whether to enable the `at' daemon, a command scheduler.

Default: true

Declared by:

file contents of /etc/auto.master. See man auto.master See man 5 auto.master and man 5 autofs.

Default: none

Example:

autoMaster = let
  mapConf = pkgs.writeText "auto" ''
   kernel    -ro,soft,intr       ftp.kernel.org:/pub/linux
   boot      -fstype=ext2        :/dev/hda1
   windoze   -fstype=smbfs       ://windoze/c
   removable -fstype=ext2        :/dev/hdd
   cd        -fstype=iso9660,ro  :/dev/hdc
   floppy    -fstype=auto        :/dev/fd0
   server    -rw,hard,intr       / -ro myserver.me.org:/ \
                                 /usr myserver.me.org:/usr \
                                 /home myserver.me.org:/home
  '';
in ''
  /auto file:${mapConf}
''

Declared by:

pass -d and -7 to automount and write log to /var/log/autofs

Default: false

Declared by:

Mount filesystems on demand. Unmount them automatically. You may also be interested in afuese.

Default: false

Declared by:

Set the global minimum timeout, in seconds, until directories are unmounted

Default: 600

Declared by:

List of non-local DNS domains to be browsed.

Default: [ "0pointer.de" "zeroconf.org" ]

Declared by:

Whether to run the Avahi daemon, which allows Avahi clients to use Avahi's service discovery facilities and also allows the local machine to advertise its presence and services (through the mDNS responder implemented by `avahi-daemon').

Default: false

Declared by:

Host name advertised on the LAN.

Default: "nixos"

Declared by:

Whether to use IPv4

Default: true

Declared by:

Whether to use IPv6

Default: false

Declared by:

Whether to enable the mDNS NSS (Name Service Switch) plug-in. Enabling it allows applications to resolve names in the `.local' domain by transparently querying the Avahi daemon.

Default: false

Declared by:

Whether to allow publishing.

Default: true

Declared by:

Whether to enable wide-area service discovery.

Default: true

Declared by:

What networks are just blocked.

Default: [ ]

Declared by:

What networks are allowed to use us as a resolver.

Default: [ "127.0.0.0/24" ]

Declared by:

Overridable config file to use for named. By default, that generated by nixos.

Default: (build of named.conf)

Declared by:

Whether to enable BIND domain name server.

Default: false

Declared by:

List of zones we claim authority over. master=false means slave server; slaves means addresses who may request zone transfer.

Default: [ ]

Example: [ { file = "/var/dns/example.com"; master = false; masters = [ "192.168.0.1" ] ; name = "example.com"; slaves = [ ] ; } ]

Declared by:

Whether to run the BitlBee IRC to other chat network gateway. Running it allows you to access the MSN, Jabber, Yahoo! and ICQ chat networks via an IRC client.

Default: false

Declared by:

The interface the BitlBee deamon will be listening to. If `127.0.0.1', only clients on the local host can connect to it; if `0.0.0.0', clients can access it from any network interface.

Default: "127.0.0.1"

Declared by:

Number of the port BitlBee will be listening to.

Default: 6667

Declared by:

Whether to enable support for control groups, a Linux kernel feature for resource management. It allows you to assign processes to groups that share certain resource limits (e.g., CPU or memory). The cgrulesengd daemon automatically assigns processes to the right cgroup depending on the rules defined in services.cgroups.rules.

Default: false

Declared by:

The contents of the cgconfig.conf configuration file, which defines the cgroups.

Default: "mount {\n cpu = /dev/cgroup/cpu;\n}\n"

Example: "mount {\n cpu = /dev/cgroup/cpu;\n cpuacct = /dev/cgroup/cpuacct;\n}\n\n# Create a \"www\" cgroup with a lower share of the CPU (the\n# default is 1024).\ngroup www {\n cpu {\n cpu.shares = \"500\";\n }\n}\n"

Declared by:

The contents of the cgrules.conf configuration file, which determines to which cgroups processes should be assigned by the cgrulesengd daemon.

Default: ""

Example: "# All processes executed by the \"wwwrun\" uid should be\n# assigned to the \"www\" CPU cgroup.\nwwwrun cpu www\n"

Declared by:

Proxy account domain/workgroup name.

Default: none

Declared by:

Whether to enable the cntlm, which start a local proxy.

Default: false

Declared by:

Verbatim contents of cntlm.conf.

Default: ""

Declared by:

The hostname of your workstation.

Default: "nixos"

Declared by:

Proxy account password. Note: use chmod 0600 on /etc/cntlm.password for security.

Default: "/etc/cntlm.password"

Declared by:

Specifies on which ports the cntlm daemon listens.

Default: [ 3128 ]

Declared by:

A list of NTLM/NTLMv2 authenticating HTTP proxies. Parent proxy, which requires authentication. The same as proxy on the command-line, can be used more than once to specify unlimited number of proxies. Should one proxy fail, cntlm automatically moves on to the next one. The connect request fails only if the whole list of proxies is scanned and (for each request) and found to be invalid. Command-line takes precedence over the configuration file.

Default: none

Declared by:

Proxy account name, without the possibility to include domain name ('at' sign is interpreted literally).

Default: none

Declared by:

Whether to enable the `vixie cron' daemon.

Default: true

Declared by:

The job output will be mailed to this email address.

Default: ""

Declared by:

A list of Cron jobs to be appended to the system-wide crontab. See the manual page for crontab for the expected format. If you want to get the results mailed you must setuid sendmail. See security.setuidOwners If neither /var/cron/cron.deny nor /var/cron/cron.allow exist only root will is allowed to have its own crontab file. The /var/cron/cron.deny file is created automatically for you. So every user can use a crontab. Many nixos modules set systemCronJobs, so if you decide to disable vixie cron and enable another cron daemon, you may want it to get its system crontab based on systemCronJobs.

Default: [ ]

Example: [ "* * * * * test ls -l / > /tmp/cronout 2>&1" "* * * * * eelco echo Hello World > /home/eelco/cronout" ]

Declared by:

Whether to start the D-Bus message bus daemon, which is required by many other system services and applications.

Default: true

Declared by:

Packages whose D-Bus configuration files should be included in the configuration of the D-Bus system-wide message bus. Specifically, every file in pkg/etc/dbus-1/system.d is included.

Default: [ ]

Declared by:

Domain name to synchronize.

Default: ""

Declared by:

Whether to synchronise your machine's IP address with a dynamic DNS provider (e.g. dyndns.org).

Default: false

Declared by:

Extra configuration. Contents will be added verbatim to the configuration file.

Default: ""

Declared by:

Password.

Default: ""

Declared by:

Protocol to use with dynamic DNS provider. (see also, http://sourceforge.net/apps/trac/ddclient/wiki/Protocols)

Default: "dyndns2"

Declared by:

Server

Default: "members.dyndns.org"

Declared by:

Username.

Default: ""

Declared by:

Default: "web, web=checkip.dyndns.com/, web-skip='IP Address'"

Declared by:

The path of the DHCP server configuration file. If no file is specified, a file is generated using the other options.

Default:

Declared by:

Whether to enable the DHCP server.

Default: false

Declared by:

Extra text to be appended to the DHCP server configuration file. Currently, you almost certainly need to specify something here, such as the options specifying the subnet mask, DNS servers, etc.

Default: ""

Example: "\n option subnet-mask 255.255.255.0;\n option broadcast-address 192.168.1.255;\n option routers 192.168.1.5;\n option domain-name-servers 130.161.158.4, 130.161.33.17, 130.161.180.1;\n option domain-name \"example.org\";\n subnet 192.168.1.0 netmask 255.255.255.0 {\n range 192.168.1.100 192.168.1.200;\n }\n "

Declared by:

The interfaces on which the DHCP server should listen.

Default: [ "eth0" ]

Declared by:

A list mapping ethernet addresses to IP addresses for the DHCP server.

Default: [ ]

Example: [ { ethernetAddress = "00:16:76:9a:32:1d"; hostName = "foo"; ipAddress = "192.168.1.10"; } { ethernetAddress = "00:19:d1:1d:c4:9a"; hostName = "bar"; ipAddress = "192.168.1.11"; } ]

Declared by:

Whether to enable Disnix

Default: false

Declared by:

List of name value pairs containing properties for the infrastructure model

Default: { }

Declared by:

Whether to publish capabilities/properties as a Disnix service through Avahi

Default: false

Declared by:

Whether to publish capabilities/properties of this machine in as attributes in the infrastructure option

Default: false

Declared by:

Whether to publish authentication credentials through the infrastructure attribute (not recommended in combination with Avahi)

Default: false

Declared by:

Whether to enable the DisnixWebService interface running on Apache Tomcat

Default: false

Declared by:

Whether to run dnsmasq.

Default: false

Declared by:

The parameter to dnsmasq -S.

Default: [ ]

Example: [ "8.8.8.8" "8.8.4.4" ]

Declared by:

Whether to enable the Dovecot POP3/IMAP server.

Default: false

Declared by:

Dovecot group name.

Default: "dovecot"

Declared by:

CA certificate used by the server certificate.

Default: ""

Declared by:

Server certificate

Default: ""

Declared by:

Server key.

Default: ""

Declared by:

Dovecot user name.

Default: "dovecot"

Declared by:

Whether to enable the Dovecot 2.x POP3/IMAP server.

Default: false

Declared by:

Dovecot group name.

Default: "dovecot2"

Declared by:

CA certificate used by the server certificate.

Default: ""

Declared by:

Server certificate

Default: ""

Declared by:

Server key.

Default: ""

Declared by:

Dovecot user name.

Default: "dovecot2"

Declared by:

Contents of the drbd.conf configuration file.

Default: ""

Declared by:

Whether to enable support for DRBD, the Distributed Replicated Block Device.

Default: false

Declared by:

Location of the config directory of ejabberd

Default: "/var/ejabberd"

Declared by:

Whether to enable ejabberd server

Default: false

Declared by:

Configuration dump that should be loaded on the first startup

Default: [ ]

Example: [ ]

Declared by:

Location of the logfile directory of ejabberd

Default: "/var/log/ejabberd"

Declared by:

Location of the spooldir of ejabberd

Default: "/var/lib/ejabberd"

Declared by:

Virtualhosts that ejabberd should host. Hostnames are surrounded with doublequotes and separated by commas

Default: "\"localhost\""

Declared by:

Users allowed to use fcrontab and fcrondyn (one name per line, "all" for everyone).

Default: [ "all" ]

Declared by:

Users forbidden from using fcron.

Default: [ ]

Declared by:

Whether to enable the `fcron' daemon.

Default: false

Declared by:

Maximum number of serial jobs which can run simultaneously.

Default: 1

Declared by:

Number of jobs the serial queue and the lavg queue can contain - empty to net set this number (-q)

Default: ""

Declared by:

The "system" crontab contents.

Default: ""

Declared by:

List of bundles that should be activated on startup

Default: [ (build of apache-felix-remoteshell-bundle-1.0.4) ]

Declared by:

Whether to enable the Apache Felix OSGi service

Default: false

Declared by:

Group account under which Apache Felix runs.

Default: "osgi"

Declared by:

User account under which Apache Felix runs.

Default: "osgi"

Declared by:

Whether to enable the Flash Policy server. This is necessary if you want Flash applications to make connections to your server.

Default: false

Declared by:

The policy to be served. The default is to allow connections from any domain to any port.

Default: "<?xml version=\"1.0\"?>\n<!DOCTYPE cross-domain-policy SYSTEM \"/xml/dtds/cross-domain-policy.dtd\">\n<cross-domain-policy> \n <site-control permitted-cross-domain-policies=\"master-only\"/>\n <allow-access-from domain=\"*\" to-ports=\"*\" />\n</cross-domain-policy>\n"

Declared by:

Extra configuration. Contents will be added verbatim to the configuration file.

Default: ""

Declared by:

Whether to enable the Folding@Home to use idle CPU time.

Default: false

Declared by:

A unique handle for statistics.

Default: "Anonymous"