pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #18511 from ericsagnes/feat/remove-optionSet

modules: optionSet -> submodule

authored by

Joachim F and committed by
GitHub 7e80c42b 46693bd6

+1038 -1045
unified split
+1 -1
lib/types.nix
··· 261 261 # declarations from the ‘options’ attribute of containing option 262 262 # declaration. 263 263 optionSet = mkOptionType { 264 - name = /* builtins.trace "types.optionSet is deprecated; use types.submodule instead" */ "option set"; 264 + name = builtins.trace "types.optionSet is deprecated; use types.submodule instead" "option set"; 265 265 }; 266 266 267 267 # Augment the given type with an additional type check function.
+30 -30
nixos/modules/config/users-groups.nix
··· 131 131 }; 132 132 133 133 subUidRanges = mkOption { 134 - type = types.listOf types.optionSet; 134 + type = with types; listOf (submodule subordinateUidRange); 135 135 default = []; 136 136 example = [ 137 137 { startUid = 1000; count = 1; } 138 138 { startUid = 100001; count = 65534; } 139 139 ]; 140 - options = [ subordinateUidRange ]; 141 140 description = '' 142 141 Subordinate user ids that user is allowed to use. 143 142 They are set into <filename>/etc/subuid</filename> and are used ··· 146 145 }; 147 146 148 147 subGidRanges = mkOption { 149 - type = types.listOf types.optionSet; 148 + type = with types; listOf (submodule subordinateGidRange); 150 149 default = []; 151 150 example = [ 152 151 { startGid = 100; count = 1; } 153 152 { startGid = 1001; count = 999; } 154 153 ]; 155 - options = [ subordinateGidRange ]; 156 154 description = '' 157 155 Subordinate group ids that user is allowed to use. 158 156 They are set into <filename>/etc/subgid</filename> and are used ··· 310 308 }; 311 309 312 310 subordinateUidRange = { 313 - startUid = mkOption { 314 - type = types.int; 315 - description = '' 316 - Start of the range of subordinate user ids that user is 317 - allowed to use. 318 - ''; 319 - }; 320 - count = mkOption { 321 - type = types.int; 322 - default = 1; 323 - description = ''Count of subordinate user ids''; 311 + options = { 312 + startUid = mkOption { 313 + type = types.int; 314 + description = '' 315 + Start of the range of subordinate user ids that user is 316 + allowed to use. 317 + ''; 318 + }; 319 + count = mkOption { 320 + type = types.int; 321 + default = 1; 322 + description = ''Count of subordinate user ids''; 323 + }; 324 324 }; 325 325 }; 326 326 327 327 subordinateGidRange = { 328 - startGid = mkOption { 329 - type = types.int; 330 - description = '' 331 - Start of the range of subordinate group ids that user is 332 - allowed to use. 333 - ''; 334 - }; 335 - count = mkOption { 336 - type = types.int; 337 - default = 1; 338 - description = ''Count of subordinate group ids''; 328 + options = { 329 + startGid = mkOption { 330 + type = types.int; 331 + description = '' 332 + Start of the range of subordinate group ids that user is 333 + allowed to use. 334 + ''; 335 + }; 336 + count = mkOption { 337 + type = types.int; 338 + default = 1; 339 + description = ''Count of subordinate group ids''; 340 + }; 339 341 }; 340 342 }; 341 343 ··· 428 430 429 431 users.users = mkOption { 430 432 default = {}; 431 - type = types.loaOf types.optionSet; 433 + type = with types; loaOf (submodule userOpts); 432 434 example = { 433 435 alice = { 434 436 uid = 1234; ··· 444 446 Additional user accounts to be created automatically by the system. 445 447 This can also be used to set options for root. 446 448 ''; 447 - options = [ userOpts ]; 448 449 }; 449 450 450 451 users.groups = mkOption { ··· 453 454 { students.gid = 1001; 454 455 hackers = { }; 455 456 }; 456 - type = types.loaOf types.optionSet; 457 + type = with types; loaOf (submodule groupOpts); 457 458 description = '' 458 459 Additional groups to be created automatically by the system. 459 460 ''; 460 - options = [ groupOpts ]; 461 461 }; 462 462 463 463 # FIXME: obsolete - will remove.
+1 -2
nixos/modules/security/acme.nix
··· 129 129 130 130 certs = mkOption { 131 131 default = { }; 132 - type = types.loaOf types.optionSet; 132 + type = with types; loaOf (submodule certOpts); 133 133 description = '' 134 134 Attribute set of certificates to get signed and renewed. 135 135 ''; 136 - options = [ certOpts ]; 137 136 example = { 138 137 "example.com" = { 139 138 webroot = "/var/www/challenges/";
+1 -2
nixos/modules/security/pam.nix
··· 386 386 387 387 security.pam.services = mkOption { 388 388 default = []; 389 - type = types.loaOf types.optionSet; 390 - options = [ pamOpts ]; 389 + type = with types; loaOf (submodule pamOpts); 391 390 description = 392 391 '' 393 392 This option defines the PAM services. A service typically
+3 -6
nixos/modules/services/backup/bacula.nix
··· 198 198 description = '' 199 199 This option defines director resources in Bacula File Daemon. 200 200 ''; 201 - type = types.attrsOf types.optionSet; 202 - options = [ directorOptions ]; 201 + type = with types; attrsOf (submodule directorOptions); 203 202 }; 204 203 205 204 extraClientConfig = mkOption { ··· 253 252 description = '' 254 253 This option defines Director resources in Bacula Storage Daemon. 255 254 ''; 256 - type = types.attrsOf types.optionSet; 257 - options = [ directorOptions ]; 255 + type = with types; attrsOf (submodule directorOptions); 258 256 }; 259 257 260 258 device = mkOption { ··· 262 260 description = '' 263 261 This option defines Device resources in Bacula Storage Daemon. 264 262 ''; 265 - type = types.attrsOf types.optionSet; 266 - options = [ deviceOptions ]; 263 + type = with types; attrsOf (submodule deviceOptions); 267 264 }; 268 265 269 266 extraStorageConfig = mkOption {
+2 -3
nixos/modules/services/hardware/sane_extra_backends/brscan4.nix
··· 81 81 { office1 = { model = "MFC-7860DW"; ip = "192.168.1.2"; }; 82 82 office2 = { model = "MFC-7860DW"; nodename = "BRW0080927AFBCE"; }; 83 83 }; 84 - type = types.loaOf types.optionSet; 84 + type = with types; loaOf (submodule netDeviceOpts); 85 85 description = '' 86 86 The list of network devices that will be registered against the brscan4 87 87 sane backend. 88 88 ''; 89 - options = [ netDeviceOpts ]; 90 89 }; 91 90 }; 92 91 ··· 113 112 ]; 114 113 115 114 }; 116 - } 115 + }
+35 -33
nixos/modules/services/logging/logcheck.nix
··· 62 62 }; 63 63 64 64 ignoreOptions = { 65 - level = levelOption; 65 + options = { 66 + level = levelOption; 66 67 67 - regex = mkOption { 68 - default = ""; 69 - type = types.str; 70 - description = '' 71 - Regex specifying which log lines to ignore. 72 - ''; 68 + regex = mkOption { 69 + default = ""; 70 + type = types.str; 71 + description = '' 72 + Regex specifying which log lines to ignore. 73 + ''; 74 + }; 73 75 }; 74 76 }; 75 77 76 78 ignoreCronOptions = { 77 - user = mkOption { 78 - default = "root"; 79 - type = types.str; 80 - description = '' 81 - User that runs the cronjob. 82 - ''; 83 - }; 79 + options = { 80 + user = mkOption { 81 + default = "root"; 82 + type = types.str; 83 + description = '' 84 + User that runs the cronjob. 85 + ''; 86 + }; 84 87 85 - cmdline = mkOption { 86 - default = ""; 87 - type = types.str; 88 - description = '' 89 - Command line for the cron job. Will be turned into a regex for the logcheck ignore rule. 90 - ''; 91 - }; 88 + cmdline = mkOption { 89 + default = ""; 90 + type = types.str; 91 + description = '' 92 + Command line for the cron job. Will be turned into a regex for the logcheck ignore rule. 93 + ''; 94 + }; 92 95 93 - timeArgs = mkOption { 94 - default = null; 95 - type = types.nullOr (types.str); 96 - example = "02 06 * * *"; 97 - description = '' 98 - "min hr dom mon dow" crontab time args, to auto-create a cronjob too. 99 - Leave at null to not do this and just add a logcheck ignore rule. 100 - ''; 96 + timeArgs = mkOption { 97 + default = null; 98 + type = types.nullOr (types.str); 99 + example = "02 06 * * *"; 100 + description = '' 101 + "min hr dom mon dow" crontab time args, to auto-create a cronjob too. 102 + Leave at null to not do this and just add a logcheck ignore rule. 103 + ''; 104 + }; 101 105 }; 102 106 }; 103 107 ··· 180 184 description = '' 181 185 This option defines extra ignore rules. 182 186 ''; 183 - type = types.loaOf types.optionSet; 184 - options = [ ignoreOptions ]; 187 + type = with types; loaOf (submodule ignoreOptions); 185 188 }; 186 189 187 190 ignoreCron = mkOption { ··· 189 192 description = '' 190 193 This option defines extra ignore rules for cronjobs. 191 194 ''; 192 - type = types.loaOf types.optionSet; 193 - options = [ ignoreOptions ignoreCronOptions ]; 195 + type = with types; loaOf (submodule ignoreCronOptions); 194 196 }; 195 197 196 198 extraGroups = mkOption {
+38 -40
nixos/modules/services/misc/rippled.nix
··· 154 154 }; 155 155 156 156 dbOptions = { 157 - type = mkOption { 158 - description = "Rippled database type."; 159 - type = types.enum ["rocksdb" "nudb"]; 160 - default = "rocksdb"; 161 - }; 157 + options = { 158 + type = mkOption { 159 + description = "Rippled database type."; 160 + type = types.enum ["rocksdb" "nudb"]; 161 + default = "rocksdb"; 162 + }; 162 163 163 - path = mkOption { 164 - description = "Location to store the database."; 165 - type = types.path; 166 - default = cfg.databasePath; 167 - }; 164 + path = mkOption { 165 + description = "Location to store the database."; 166 + type = types.path; 167 + default = cfg.databasePath; 168 + }; 168 169 169 - compression = mkOption { 170 - description = "Whether to enable snappy compression."; 171 - type = types.nullOr types.bool; 172 - default = null; 173 - }; 170 + compression = mkOption { 171 + description = "Whether to enable snappy compression."; 172 + type = types.nullOr types.bool; 173 + default = null; 174 + }; 174 175 175 - onlineDelete = mkOption { 176 - description = "Enable automatic purging of older ledger information."; 177 - type = types.addCheck (types.nullOr types.int) (v: v > 256); 178 - default = cfg.ledgerHistory; 179 - }; 176 + onlineDelete = mkOption { 177 + description = "Enable automatic purging of older ledger information."; 178 + type = types.addCheck (types.nullOr types.int) (v: v > 256); 179 + default = cfg.ledgerHistory; 180 + }; 180 181 181 - advisoryDelete = mkOption { 182 - description = '' 183 - If set, then require administrative RPC call "can_delete" 184 - to enable online deletion of ledger records. 185 - ''; 186 - type = types.nullOr types.bool; 187 - default = null; 188 - }; 182 + advisoryDelete = mkOption { 183 + description = '' 184 + If set, then require administrative RPC call "can_delete" 185 + to enable online deletion of ledger records. 186 + ''; 187 + type = types.nullOr types.bool; 188 + default = null; 189 + }; 189 190 190 - extraOpts = mkOption { 191 - description = "Extra database options."; 192 - type = types.lines; 193 - default = ""; 191 + extraOpts = mkOption { 192 + description = "Extra database options."; 193 + type = types.lines; 194 + default = ""; 195 + }; 194 196 }; 195 197 }; 196 198 ··· 213 215 214 216 ports = mkOption { 215 217 description = "Ports exposed by rippled"; 216 - type = types.attrsOf types.optionSet; 217 - options = [portOptions]; 218 + type = with types; attrsOf (submodule portOptions); 218 219 default = { 219 220 rpc = { 220 221 port = 5005; ··· 238 239 239 240 nodeDb = mkOption { 240 241 description = "Rippled main database options."; 241 - type = types.nullOr types.optionSet; 242 - options = dbOptions; 242 + type = with types; nullOr (submodule dbOptions); 243 243 default = { 244 244 type = "rocksdb"; 245 245 extraOpts = '' ··· 254 254 255 255 tempDb = mkOption { 256 256 description = "Rippled temporary database options."; 257 - type = types.nullOr types.optionSet; 258 - options = dbOptions; 257 + type = with types; nullOr (submodule dbOptions); 259 258 default = null; 260 259 }; 261 260 262 261 importDb = mkOption { 263 262 description = "Settings for performing a one-time import."; 264 - type = types.nullOr types.optionSet; 265 - options = dbOptions; 263 + type = with types; nullOr (submodule dbOptions); 266 264 default = null; 267 265 }; 268 266
+1 -2
nixos/modules/services/monitoring/smartd.nix
··· 197 197 devices = mkOption { 198 198 default = []; 199 199 example = [ { device = "/dev/sda"; } { device = "/dev/sdb"; options = "-d sat"; } ]; 200 - type = types.listOf types.optionSet; 201 - options = [ smartdOpts ]; 200 + type = with types; listOf (submodule smartdOpts); 202 201 description = "List of devices to monitor."; 203 202 }; 204 203
+1 -2
nixos/modules/services/monitoring/ups.nix
··· 169 169 monitoring directly. These are usually attached to serial ports, 170 170 but USB devices are also supported. 171 171 ''; 172 - type = types.attrsOf types.optionSet; 173 - options = [ upsOptions ]; 172 + type = with types; attrsOf (submodule upsOptions); 174 173 }; 175 174 176 175 };
+131 -129
nixos/modules/services/network-filesystems/tahoe.nix
··· 8 8 options.services.tahoe = { 9 9 introducers = mkOption { 10 10 default = {}; 11 - type = types.loaOf types.optionSet; 11 + type = with types; loaOf (submodule { 12 + options = { 13 + nickname = mkOption { 14 + type = types.str; 15 + description = '' 16 + The nickname of this Tahoe introducer. 17 + ''; 18 + }; 19 + tub.port = mkOption { 20 + default = 3458; 21 + type = types.int; 22 + description = '' 23 + The port on which the introducer will listen. 24 + ''; 25 + }; 26 + tub.location = mkOption { 27 + default = null; 28 + type = types.nullOr types.str; 29 + description = '' 30 + The external location that the introducer should listen on. 31 + 32 + If specified, the port should be included. 33 + ''; 34 + }; 35 + package = mkOption { 36 + default = pkgs.tahoelafs; 37 + defaultText = "pkgs.tahoelafs"; 38 + type = types.package; 39 + example = literalExample "pkgs.tahoelafs"; 40 + description = '' 41 + The package to use for the Tahoe LAFS daemon. 42 + ''; 43 + }; 44 + }; 45 + }); 12 46 description = '' 13 47 The Tahoe introducers. 14 48 ''; 15 - options = { 16 - nickname = mkOption { 17 - type = types.str; 18 - description = '' 19 - The nickname of this Tahoe introducer. 20 - ''; 21 - }; 22 - tub.port = mkOption { 23 - default = 3458; 24 - type = types.int; 25 - description = '' 26 - The port on which the introducer will listen. 27 - ''; 28 - }; 29 - tub.location = mkOption { 30 - default = null; 31 - type = types.nullOr types.str; 32 - description = '' 33 - The external location that the introducer should listen on. 34 - 35 - If specified, the port should be included. 36 - ''; 37 - }; 38 - package = mkOption { 39 - default = pkgs.tahoelafs; 40 - defaultText = "pkgs.tahoelafs"; 41 - type = types.package; 42 - example = literalExample "pkgs.tahoelafs"; 43 - description = '' 44 - The package to use for the Tahoe LAFS daemon. 45 - ''; 46 - }; 47 - }; 48 49 }; 49 50 nodes = mkOption { 50 51 default = {}; 51 - type = types.loaOf types.optionSet; 52 - description = '' 53 - The Tahoe nodes. 54 - ''; 55 - options = { 56 - nickname = mkOption { 57 - type = types.str; 58 - description = '' 59 - The nickname of this Tahoe node. 60 - ''; 61 - }; 62 - tub.port = mkOption { 63 - default = 3457; 64 - type = types.int; 65 - description = '' 66 - The port on which the tub will listen. 52 + type = with types; loaOf (submodule { 53 + options = { 54 + nickname = mkOption { 55 + type = types.str; 56 + description = '' 57 + The nickname of this Tahoe node. 58 + ''; 59 + }; 60 + tub.port = mkOption { 61 + default = 3457; 62 + type = types.int; 63 + description = '' 64 + The port on which the tub will listen. 67 65 68 - This is the correct setting to tweak if you want Tahoe's storage 69 - system to listen on a different port. 70 - ''; 71 - }; 72 - tub.location = mkOption { 73 - default = null; 74 - type = types.nullOr types.str; 75 - description = '' 76 - The external location that the node should listen on. 66 + This is the correct setting to tweak if you want Tahoe's storage 67 + system to listen on a different port. 68 + ''; 69 + }; 70 + tub.location = mkOption { 71 + default = null; 72 + type = types.nullOr types.str; 73 + description = '' 74 + The external location that the node should listen on. 77 75 78 - This is the setting to tweak if there are multiple interfaces 79 - and you want to alter which interface Tahoe is advertising. 76 + This is the setting to tweak if there are multiple interfaces 77 + and you want to alter which interface Tahoe is advertising. 80 78 81 - If specified, the port should be included. 82 - ''; 83 - }; 84 - web.port = mkOption { 85 - default = 3456; 86 - type = types.int; 87 - description = '' 88 - The port on which the Web server will listen. 79 + If specified, the port should be included. 80 + ''; 81 + }; 82 + web.port = mkOption { 83 + default = 3456; 84 + type = types.int; 85 + description = '' 86 + The port on which the Web server will listen. 89 87 90 - This is the correct setting to tweak if you want Tahoe's WUI to 91 - listen on a different port. 92 - ''; 93 - }; 94 - client.introducer = mkOption { 95 - default = null; 96 - type = types.nullOr types.str; 97 - description = '' 98 - The furl for a Tahoe introducer node. 88 + This is the correct setting to tweak if you want Tahoe's WUI to 89 + listen on a different port. 90 + ''; 91 + }; 92 + client.introducer = mkOption { 93 + default = null; 94 + type = types.nullOr types.str; 95 + description = '' 96 + The furl for a Tahoe introducer node. 99 97 100 - Like all furls, keep this safe and don't share it. 101 - ''; 102 - }; 103 - client.helper = mkOption { 104 - default = null; 105 - type = types.nullOr types.str; 106 - description = '' 107 - The furl for a Tahoe helper node. 98 + Like all furls, keep this safe and don't share it. 99 + ''; 100 + }; 101 + client.helper = mkOption { 102 + default = null; 103 + type = types.nullOr types.str; 104 + description = '' 105 + The furl for a Tahoe helper node. 108 106 109 - Like all furls, keep this safe and don't share it. 110 - ''; 111 - }; 112 - client.shares.needed = mkOption { 113 - default = 3; 114 - type = types.int; 115 - description = '' 116 - The number of shares required to reconstitute a file. 117 - ''; 118 - }; 119 - client.shares.happy = mkOption { 120 - default = 7; 121 - type = types.int; 122 - description = '' 123 - The number of distinct storage nodes required to store 124 - a file. 125 - ''; 126 - }; 127 - client.shares.total = mkOption { 128 - default = 10; 129 - type = types.int; 130 - description = '' 131 - The number of shares required to store a file. 132 - ''; 133 - }; 134 - storage.enable = mkEnableOption "storage service"; 135 - storage.reservedSpace = mkOption { 136 - default = "1G"; 137 - type = types.str; 138 - description = '' 139 - The amount of filesystem space to not use for storage. 140 - ''; 141 - }; 142 - helper.enable = mkEnableOption "helper service"; 143 - package = mkOption { 144 - default = pkgs.tahoelafs; 145 - defaultText = "pkgs.tahoelafs"; 146 - type = types.package; 147 - example = literalExample "pkgs.tahoelafs"; 148 - description = '' 149 - The package to use for the Tahoe LAFS daemon. 150 - ''; 107 + Like all furls, keep this safe and don't share it. 108 + ''; 109 + }; 110 + client.shares.needed = mkOption { 111 + default = 3; 112 + type = types.int; 113 + description = '' 114 + The number of shares required to reconstitute a file. 115 + ''; 116 + }; 117 + client.shares.happy = mkOption { 118 + default = 7; 119 + type = types.int; 120 + description = '' 121 + The number of distinct storage nodes required to store 122 + a file. 123 + ''; 124 + }; 125 + client.shares.total = mkOption { 126 + default = 10; 127 + type = types.int; 128 + description = '' 129 + The number of shares required to store a file. 130 + ''; 131 + }; 132 + storage.enable = mkEnableOption "storage service"; 133 + storage.reservedSpace = mkOption { 134 + default = "1G"; 135 + type = types.str; 136 + description = '' 137 + The amount of filesystem space to not use for storage. 138 + ''; 139 + }; 140 + helper.enable = mkEnableOption "helper service"; 141 + package = mkOption { 142 + default = pkgs.tahoelafs; 143 + defaultText = "pkgs.tahoelafs"; 144 + type = types.package; 145 + example = literalExample "pkgs.tahoelafs"; 146 + description = '' 147 + The package to use for the Tahoe LAFS daemon. 148 + ''; 149 + }; 151 150 }; 152 - }; 151 + }); 152 + description = '' 153 + The Tahoe nodes. 154 + ''; 153 155 }; 154 156 }; 155 157 config = mkMerge [
+27 -28
nixos/modules/services/networking/i2pd.nix
··· 187 187 188 188 outTunnels = mkOption { 189 189 default = {}; 190 - type = with types; loaOf optionSet; 190 + type = with types; loaOf (submodule ( 191 + { name, config, ... }: { 192 + options = commonTunOpts name; 193 + config = { 194 + name = mkDefault name; 195 + }; 196 + } 197 + )); 191 198 description = '' 192 199 Connect to someone as a client and establish a local accept endpoint 193 200 ''; 194 - options = [ ({ name, config, ... }: { 195 - options = commonTunOpts name; 196 - config = { 197 - name = mkDefault name; 198 - }; 199 - }) ]; 200 201 }; 201 202 202 203 inTunnels = mkOption { 203 204 default = {}; 204 - type = with types; loaOf optionSet; 205 + type = with types; loaOf (submodule ( 206 + { name, config, ... }: { 207 + options = { 208 + inPort = mkOption { 209 + type = types.int; 210 + default = 0; 211 + description = "Service port. Default to the tunnel's listen port."; 212 + }; 213 + accessList = mkOption { 214 + type = with types; listOf str; 215 + default = []; 216 + description = "I2P nodes that are allowed to connect to this service."; 217 + }; 218 + } // commonTunOpts name; 219 + config = { 220 + name = mkDefault name; 221 + }; 222 + } 223 + )); 205 224 description = '' 206 225 Serve something on I2P network at port and delegate requests to address inPort. 207 226 ''; 208 - options = [ ({ name, config, ... }: { 209 - 210 - options = { 211 - inPort = mkOption { 212 - type = types.int; 213 - default = 0; 214 - description = "Service port. Default to the tunnel's listen port."; 215 - }; 216 - accessList = mkOption { 217 - type = with types; listOf str; 218 - default = []; 219 - description = "I2P nodes that are allowed to connect to this service."; 220 - }; 221 - } // commonTunOpts name; 222 - 223 - config = { 224 - name = mkDefault name; 225 - }; 226 - 227 - }) ]; 228 227 }; 229 228 }; 230 229 };
+15 -15
nixos/modules/services/networking/nat.nix
··· 122 122 }; 123 123 124 124 networking.nat.forwardPorts = mkOption { 125 - type = types.listOf types.optionSet; 126 - default = []; 127 - example = [ { sourcePort = 8080; destination = "10.0.0.1:80"; } ]; 128 - options = { 129 - sourcePort = mkOption { 130 - type = types.int; 131 - example = 8080; 132 - description = "Source port of the external interface"; 133 - }; 125 + type = with types; listOf (submodule { 126 + options = { 127 + sourcePort = mkOption { 128 + type = types.int; 129 + example = 8080; 130 + description = "Source port of the external interface"; 131 + }; 134 132 135 - destination = mkOption { 136 - type = types.str; 137 - example = "10.0.0.1:80"; 138 - description = "Forward tcp connection to destination ip:port"; 133 + destination = mkOption { 134 + type = types.str; 135 + example = "10.0.0.1:80"; 136 + description = "Forward tcp connection to destination ip:port"; 137 + }; 139 138 }; 140 - }; 141 - 139 + }); 140 + default = []; 141 + example = [ { sourcePort = 8080; destination = "10.0.0.1:80"; } ]; 142 142 description = 143 143 '' 144 144 List of forwarded ports from the external interface to
+40 -38
nixos/modules/services/networking/openvpn.nix
··· 116 116 attribute name. 117 117 ''; 118 118 119 - type = types.attrsOf types.optionSet; 119 + type = with types; attrsOf (submodule { 120 120 121 - options = { 121 + options = { 122 122 123 - config = mkOption { 124 - type = types.lines; 125 - description = '' 126 - Configuration of this OpenVPN instance. See 127 - <citerefentry><refentrytitle>openvpn</refentrytitle><manvolnum>8</manvolnum></citerefentry> 128 - for details. 129 - ''; 130 - }; 123 + config = mkOption { 124 + type = types.lines; 125 + description = '' 126 + Configuration of this OpenVPN instance. See 127 + <citerefentry><refentrytitle>openvpn</refentrytitle><manvolnum>8</manvolnum></citerefentry> 128 + for details. 129 + ''; 130 + }; 131 131 132 - up = mkOption { 133 - default = ""; 134 - type = types.lines; 135 - description = '' 136 - Shell commands executed when the instance is starting. 137 - ''; 138 - }; 132 + up = mkOption { 133 + default = ""; 134 + type = types.lines; 135 + description = '' 136 + Shell commands executed when the instance is starting. 137 + ''; 138 + }; 139 139 140 - down = mkOption { 141 - default = ""; 142 - type = types.lines; 143 - description = '' 144 - Shell commands executed when the instance is shutting down. 145 - ''; 146 - }; 140 + down = mkOption { 141 + default = ""; 142 + type = types.lines; 143 + description = '' 144 + Shell commands executed when the instance is shutting down. 145 + ''; 146 + }; 147 147 148 - autoStart = mkOption { 149 - default = true; 150 - type = types.bool; 151 - description = "Whether this OpenVPN instance should be started automatically."; 152 - }; 148 + autoStart = mkOption { 149 + default = true; 150 + type = types.bool; 151 + description = "Whether this OpenVPN instance should be started automatically."; 152 + }; 153 + 154 + updateResolvConf = mkOption { 155 + default = false; 156 + type = types.bool; 157 + description = '' 158 + Use the script from the update-resolv-conf package to automatically 159 + update resolv.conf with the DNS information provided by openvpn. The 160 + script will be run after the "up" commands and before the "down" commands. 161 + ''; 162 + }; 153 163 154 - updateResolvConf = mkOption { 155 - default = false; 156 - type = types.bool; 157 - description = '' 158 - Use the script from the update-resolv-conf package to automatically 159 - update resolv.conf with the DNS information provided by openvpn. The 160 - script will be run after the "up" commands and before the "down" commands. 161 - ''; 162 164 }; 163 165 164 - }; 166 + }); 165 167 166 168 }; 167 169
+1 -2
nixos/modules/services/networking/prosody.nix
··· 164 164 165 165 description = "Define the virtual hosts"; 166 166 167 - type = types.loaOf types.optionSet; 167 + type = with types; loaOf (submodule vHostOpts); 168 168 169 169 example = { 170 170 myhost = { ··· 180 180 }; 181 181 }; 182 182 183 - options = [ vHostOpts ]; 184 183 }; 185 184 186 185 ssl = mkOption {
+18 -17
nixos/modules/services/networking/ssh/sshd.nix
··· 129 129 }; 130 130 131 131 listenAddresses = mkOption { 132 - type = types.listOf types.optionSet; 132 + type = with types; listOf (submodule { 133 + options = { 134 + addr = mkOption { 135 + type = types.nullOr types.str; 136 + default = null; 137 + description = '' 138 + Host, IPv4 or IPv6 address to listen to. 139 + ''; 140 + }; 141 + port = mkOption { 142 + type = types.nullOr types.int; 143 + default = null; 144 + description = '' 145 + Port to listen to. 146 + ''; 147 + }; 148 + }; 149 + }); 133 150 default = []; 134 151 example = [ { addr = "192.168.3.1"; port = 22; } { addr = "0.0.0.0"; port = 64022; } ]; 135 152 description = '' ··· 140 157 NOTE: setting this option won't automatically enable given ports 141 158 in firewall configuration. 142 159 ''; 143 - options = { 144 - addr = mkOption { 145 - type = types.nullOr types.str; 146 - default = null; 147 - description = '' 148 - Host, IPv4 or IPv6 address to listen to. 149 - ''; 150 - }; 151 - port = mkOption { 152 - type = types.nullOr types.int; 153 - default = null; 154 - description = '' 155 - Port to listen to. 156 - ''; 157 - }; 158 - }; 159 160 }; 160 161 161 162 passwordAuthentication = mkOption {
+101 -102
nixos/modules/services/networking/supplicant.nix
··· 75 75 options = { 76 76 77 77 networking.supplicant = mkOption { 78 - type = types.attrsOf types.optionSet; 78 + type = with types; attrsOf (submodule { 79 + options = { 80 + 81 + configFile = { 82 + 83 + path = mkOption { 84 + type = types.path; 85 + example = literalExample "/etc/wpa_supplicant.conf"; 86 + description = '' 87 + External <literal>wpa_supplicant.conf</literal> configuration file. 88 + The configuration options defined declaratively within <literal>networking.supplicant</literal> have 89 + precedence over options defined in <literal>configFile</literal>. 90 + ''; 91 + }; 92 + 93 + writable = mkOption { 94 + type = types.bool; 95 + default = false; 96 + description = '' 97 + Whether the configuration file at <literal>configFile.path</literal> should be written to by 98 + <literal>wpa_supplicant</literal>. 99 + ''; 100 + }; 101 + 102 + }; 103 + 104 + extraConf = mkOption { 105 + type = types.lines; 106 + default = ""; 107 + example = '' 108 + ap_scan=1 109 + device_name=My-NixOS-Device 110 + device_type=1-0050F204-1 111 + driver_param=use_p2p_group_interface=1 112 + disable_scan_offload=1 113 + p2p_listen_reg_class=81 114 + p2p_listen_channel=1 115 + p2p_oper_reg_class=81 116 + p2p_oper_channel=1 117 + manufacturer=NixOS 118 + model_name=NixOS_Unstable 119 + model_number=2015 120 + ''; 121 + description = '' 122 + Configuration options for <literal>wpa_supplicant.conf</literal>. 123 + Options defined here have precedence over options in <literal>configFile</literal>. 124 + NOTE: Do not write sensitive data into <literal>extraConf</literal> as it will 125 + be world-readable in the <literal>nix-store</literal>. For sensitive information 126 + use the <literal>configFile</literal> instead. 127 + ''; 128 + }; 129 + 130 + extraCmdArgs = mkOption { 131 + type = types.str; 132 + default = ""; 133 + example = "-e/var/run/wpa_supplicant/entropy.bin"; 134 + description = 135 + "Command line arguments to add when executing <literal>wpa_supplicant</literal>."; 136 + }; 137 + 138 + driver = mkOption { 139 + type = types.nullOr types.str; 140 + default = "nl80211,wext"; 141 + description = "Force a specific wpa_supplicant driver."; 142 + }; 143 + 144 + bridge = mkOption { 145 + type = types.str; 146 + default = ""; 147 + description = "Name of the bridge interface that wpa_supplicant should listen at."; 148 + }; 149 + 150 + userControlled = { 151 + 152 + enable = mkOption { 153 + type = types.bool; 154 + default = false; 155 + description = '' 156 + Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli. 157 + This is useful for laptop users that switch networks a lot and don't want 158 + to depend on a large package such as NetworkManager just to pick nearby 159 + access points. 160 + ''; 161 + }; 162 + 163 + socketDir = mkOption { 164 + type = types.str; 165 + default = "/var/run/wpa_supplicant"; 166 + description = "Directory of sockets for controlling wpa_supplicant."; 167 + }; 168 + 169 + group = mkOption { 170 + type = types.str; 171 + default = "wheel"; 172 + example = "network"; 173 + description = "Members of this group can control wpa_supplicant."; 174 + }; 175 + 176 + }; 177 + }; 178 + }); 79 179 80 180 default = { }; 81 181 ··· 108 208 <literal>DBUS</literal> defines a device-unrelated <command>wpa_supplicant</command> 109 209 service that can be accessed through <literal>D-Bus</literal>. 110 210 ''; 111 - 112 - options = { 113 - 114 - configFile = { 115 - 116 - path = mkOption { 117 - type = types.path; 118 - example = literalExample "/etc/wpa_supplicant.conf"; 119 - description = '' 120 - External <literal>wpa_supplicant.conf</literal> configuration file. 121 - The configuration options defined declaratively within <literal>networking.supplicant</literal> have 122 - precedence over options defined in <literal>configFile</literal>. 123 - ''; 124 - }; 125 - 126 - writable = mkOption { 127 - type = types.bool; 128 - default = false; 129 - description = '' 130 - Whether the configuration file at <literal>configFile.path</literal> should be written to by 131 - <literal>wpa_supplicant</literal>. 132 - ''; 133 - }; 134 - 135 - }; 136 - 137 - extraConf = mkOption { 138 - type = types.lines; 139 - default = ""; 140 - example = '' 141 - ap_scan=1 142 - device_name=My-NixOS-Device 143 - device_type=1-0050F204-1 144 - driver_param=use_p2p_group_interface=1 145 - disable_scan_offload=1 146 - p2p_listen_reg_class=81 147 - p2p_listen_channel=1 148 - p2p_oper_reg_class=81 149 - p2p_oper_channel=1 150 - manufacturer=NixOS 151 - model_name=NixOS_Unstable 152 - model_number=2015 153 - ''; 154 - description = '' 155 - Configuration options for <literal>wpa_supplicant.conf</literal>. 156 - Options defined here have precedence over options in <literal>configFile</literal>. 157 - NOTE: Do not write sensitive data into <literal>extraConf</literal> as it will 158 - be world-readable in the <literal>nix-store</literal>. For sensitive information 159 - use the <literal>configFile</literal> instead. 160 - ''; 161 - }; 162 - 163 - extraCmdArgs = mkOption { 164 - type = types.str; 165 - default = ""; 166 - example = "-e/var/run/wpa_supplicant/entropy.bin"; 167 - description = 168 - "Command line arguments to add when executing <literal>wpa_supplicant</literal>."; 169 - }; 170 - 171 - driver = mkOption { 172 - type = types.nullOr types.str; 173 - default = "nl80211,wext"; 174 - description = "Force a specific wpa_supplicant driver."; 175 - }; 176 - 177 - bridge = mkOption { 178 - type = types.str; 179 - default = ""; 180 - description = "Name of the bridge interface that wpa_supplicant should listen at."; 181 - }; 182 - 183 - userControlled = { 184 - 185 - enable = mkOption { 186 - type = types.bool; 187 - default = false; 188 - description = '' 189 - Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli. 190 - This is useful for laptop users that switch networks a lot and don't want 191 - to depend on a large package such as NetworkManager just to pick nearby 192 - access points. 193 - ''; 194 - }; 195 - 196 - socketDir = mkOption { 197 - type = types.str; 198 - default = "/var/run/wpa_supplicant"; 199 - description = "Directory of sockets for controlling wpa_supplicant."; 200 - }; 201 - 202 - group = mkOption { 203 - type = types.str; 204 - default = "wheel"; 205 - example = "network"; 206 - description = "Members of this group can control wpa_supplicant."; 207 - }; 208 - 209 - }; 210 - 211 - }; 212 211 213 212 }; 214 213
+79 -77
nixos/modules/services/networking/tinc.nix
··· 18 18 19 19 networks = mkOption { 20 20 default = { }; 21 - type = types.loaOf types.optionSet; 22 - description = '' 23 - Defines the tinc networks which will be started. 24 - Each network invokes a different daemon. 25 - ''; 26 - options = { 21 + type = with types; loaOf (submodule { 22 + options = { 27 23 28 - extraConfig = mkOption { 29 - default = ""; 30 - type = types.lines; 31 - description = '' 32 - Extra lines to add to the tinc service configuration file. 33 - ''; 34 - }; 24 + extraConfig = mkOption { 25 + default = ""; 26 + type = types.lines; 27 + description = '' 28 + Extra lines to add to the tinc service configuration file. 29 + ''; 30 + }; 35 31 36 - name = mkOption { 37 - default = null; 38 - type = types.nullOr types.str; 39 - description = '' 40 - The name of the node which is used as an identifier when communicating 41 - with the remote nodes in the mesh. If null then the hostname of the system 42 - is used. 43 - ''; 44 - }; 32 + name = mkOption { 33 + default = null; 34 + type = types.nullOr types.str; 35 + description = '' 36 + The name of the node which is used as an identifier when communicating 37 + with the remote nodes in the mesh. If null then the hostname of the system 38 + is used. 39 + ''; 40 + }; 45 41 46 - ed25519PrivateKeyFile = mkOption { 47 - default = null; 48 - type = types.nullOr types.path; 49 - description = '' 50 - Path of the private ed25519 keyfile. 51 - ''; 52 - }; 42 + ed25519PrivateKeyFile = mkOption { 43 + default = null; 44 + type = types.nullOr types.path; 45 + description = '' 46 + Path of the private ed25519 keyfile. 47 + ''; 48 + }; 53 49 54 - debugLevel = mkOption { 55 - default = 0; 56 - type = types.addCheck types.int (l: l >= 0 && l <= 5); 57 - description = '' 58 - The amount of debugging information to add to the log. 0 means little 59 - logging while 5 is the most logging. <command>man tincd</command> for 60 - more details. 61 - ''; 62 - }; 50 + debugLevel = mkOption { 51 + default = 0; 52 + type = types.addCheck types.int (l: l >= 0 && l <= 5); 53 + description = '' 54 + The amount of debugging information to add to the log. 0 means little 55 + logging while 5 is the most logging. <command>man tincd</command> for 56 + more details. 57 + ''; 58 + }; 63 59 64 - hosts = mkOption { 65 - default = { }; 66 - type = types.loaOf types.lines; 67 - description = '' 68 - The name of the host in the network as well as the configuration for that host. 69 - This name should only contain alphanumerics and underscores. 70 - ''; 71 - }; 60 + hosts = mkOption { 61 + default = { }; 62 + type = types.loaOf types.lines; 63 + description = '' 64 + The name of the host in the network as well as the configuration for that host. 65 + This name should only contain alphanumerics and underscores. 66 + ''; 67 + }; 72 68 73 - interfaceType = mkOption { 74 - default = "tun"; 75 - type = types.addCheck types.str (n: n == "tun" || n == "tap"); 76 - description = '' 77 - The type of virtual interface used for the network connection 78 - ''; 79 - }; 69 + interfaceType = mkOption { 70 + default = "tun"; 71 + type = types.addCheck types.str (n: n == "tun" || n == "tap"); 72 + description = '' 73 + The type of virtual interface used for the network connection 74 + ''; 75 + }; 80 76 81 - listenAddress = mkOption { 82 - default = null; 83 - type = types.nullOr types.str; 84 - description = '' 85 - The ip adress to bind to. 86 - ''; 87 - }; 77 + listenAddress = mkOption { 78 + default = null; 79 + type = types.nullOr types.str; 80 + description = '' 81 + The ip adress to bind to. 82 + ''; 83 + }; 88 84 89 - package = mkOption { 90 - type = types.package; 91 - default = pkgs.tinc_pre; 92 - defaultText = "pkgs.tinc_pre"; 93 - description = '' 94 - The package to use for the tinc daemon's binary. 95 - ''; 96 - }; 85 + package = mkOption { 86 + type = types.package; 87 + default = pkgs.tinc_pre; 88 + defaultText = "pkgs.tinc_pre"; 89 + description = '' 90 + The package to use for the tinc daemon's binary. 91 + ''; 92 + }; 97 93 98 - chroot = mkOption { 99 - default = true; 100 - type = types.bool; 101 - description = '' 102 - Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security. 103 - The chroot is performed after all the initialization is done, after writing pid files and opening network sockets. 94 + chroot = mkOption { 95 + default = true; 96 + type = types.bool; 97 + description = '' 98 + Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security. 99 + The chroot is performed after all the initialization is done, after writing pid files and opening network sockets. 104 100 105 - Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment. 106 - ''; 101 + Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment. 102 + ''; 103 + }; 107 104 }; 108 - }; 105 + }); 106 + 107 + description = '' 108 + Defines the tinc networks which will be started. 109 + Each network invokes a different daemon. 110 + ''; 109 111 }; 110 112 }; 111 113
+55 -53
nixos/modules/services/networking/xinetd.nix
··· 65 65 A list of services provided by xinetd. 66 66 ''; 67 67 68 - type = types.listOf types.optionSet; 68 + type = with types; listOf (submodule ({ 69 69 70 - options = { 70 + options = { 71 71 72 - name = mkOption { 73 - type = types.string; 74 - example = "login"; 75 - description = "Name of the service."; 76 - }; 72 + name = mkOption { 73 + type = types.string; 74 + example = "login"; 75 + description = "Name of the service."; 76 + }; 77 77 78 - protocol = mkOption { 79 - type = types.string; 80 - default = "tcp"; 81 - description = 82 - "Protocol of the service. Usually <literal>tcp</literal> or <literal>udp</literal>."; 83 - }; 78 + protocol = mkOption { 79 + type = types.string; 80 + default = "tcp"; 81 + description = 82 + "Protocol of the service. Usually <literal>tcp</literal> or <literal>udp</literal>."; 83 + }; 84 84 85 - port = mkOption { 86 - type = types.int; 87 - default = 0; 88 - example = 123; 89 - description = "Port number of the service."; 90 - }; 85 + port = mkOption { 86 + type = types.int; 87 + default = 0; 88 + example = 123; 89 + description = "Port number of the service."; 90 + }; 91 91 92 - user = mkOption { 93 - type = types.string; 94 - default = "nobody"; 95 - description = "User account for the service"; 96 - }; 92 + user = mkOption { 93 + type = types.string; 94 + default = "nobody"; 95 + description = "User account for the service"; 96 + }; 97 97 98 - server = mkOption { 99 - type = types.string; 100 - example = "/foo/bin/ftpd"; 101 - description = "Path of the program that implements the service."; 102 - }; 98 + server = mkOption { 99 + type = types.string; 100 + example = "/foo/bin/ftpd"; 101 + description = "Path of the program that implements the service."; 102 + }; 103 103 104 - serverArgs = mkOption { 105 - type = types.string; 106 - default = ""; 107 - description = "Command-line arguments for the server program."; 108 - }; 104 + serverArgs = mkOption { 105 + type = types.string; 106 + default = ""; 107 + description = "Command-line arguments for the server program."; 108 + }; 109 109 110 - flags = mkOption { 111 - type = types.string; 112 - default = ""; 113 - description = ""; 114 - }; 110 + flags = mkOption { 111 + type = types.string; 112 + default = ""; 113 + description = ""; 114 + }; 115 115 116 - unlisted = mkOption { 117 - type = types.bool; 118 - default = false; 119 - description = '' 120 - Whether this server is listed in 121 - <filename>/etc/services</filename>. If so, the port 122 - number can be omitted. 123 - ''; 124 - }; 116 + unlisted = mkOption { 117 + type = types.bool; 118 + default = false; 119 + description = '' 120 + Whether this server is listed in 121 + <filename>/etc/services</filename>. If so, the port 122 + number can be omitted. 123 + ''; 124 + }; 125 + 126 + extraConfig = mkOption { 127 + type = types.string; 128 + default = ""; 129 + description = "Extra configuration-lines added to the section of the service."; 130 + }; 125 131 126 - extraConfig = mkOption { 127 - type = types.string; 128 - default = ""; 129 - description = "Extra configuration-lines added to the section of the service."; 130 132 }; 131 133 132 - }; 134 + })); 133 135 134 136 }; 135 137
+1 -2
nixos/modules/services/web-servers/winstone.nix
··· 113 113 options = { 114 114 services.winstone = mkOption { 115 115 default = {}; 116 - type = types.attrsOf types.optionSet; 117 - options = [ winstoneOpts ]; 116 + type = with types; attrsOf (submodule winstoneOpts); 118 117 description = '' 119 118 Defines independent Winstone services, each serving one WAR-file. 120 119 '';
+1 -2
nixos/modules/services/web-servers/zope2.nix
··· 74 74 75 75 services.zope2.instances = mkOption { 76 76 default = {}; 77 - type = types.loaOf types.optionSet; 77 + type = with types; loaOf (submodule zope2Opts); 78 78 example = literalExample '' 79 79 { 80 80 plone01 = { ··· 96 96 } 97 97 ''; 98 98 description = "zope2 instances to be created automaticaly by the system."; 99 - options = [ zope2Opts ]; 100 99 }; 101 100 }; 102 101
+39 -39
nixos/modules/system/boot/loader/grub/grub.nix
··· 131 131 to the respective devices corresponding to those partitions. 132 132 ''; 133 133 134 - type = types.listOf types.optionSet; 134 + type = with types; listOf (submodule { 135 + options = { 135 136 136 - options = { 137 + path = mkOption { 138 + example = "/boot1"; 139 + type = types.str; 140 + description = '' 141 + The path to the boot directory where GRUB will be written. Generally 142 + this boot path should double as an EFI path. 143 + ''; 144 + }; 137 145 138 - path = mkOption { 139 - example = "/boot1"; 140 - type = types.str; 141 - description = '' 142 - The path to the boot directory where GRUB will be written. Generally 143 - this boot path should double as an EFI path. 144 - ''; 145 - }; 146 + efiSysMountPoint = mkOption { 147 + default = null; 148 + example = "/boot1/efi"; 149 + type = types.nullOr types.str; 150 + description = '' 151 + The path to the efi system mount point. Usually this is the same 152 + partition as the above path and can be left as null. 153 + ''; 154 + }; 146 155 147 - efiSysMountPoint = mkOption { 148 - default = null; 149 - example = "/boot1/efi"; 150 - type = types.nullOr types.str; 151 - description = '' 152 - The path to the efi system mount point. Usually this is the same 153 - partition as the above path and can be left as null. 154 - ''; 155 - }; 156 + efiBootloaderId = mkOption { 157 + default = null; 158 + example = "NixOS-fsid"; 159 + type = types.nullOr types.str; 160 + description = '' 161 + The id of the bootloader to store in efi nvram. 162 + The default is to name it NixOS and append the path or efiSysMountPoint. 163 + This is only used if <literal>boot.loader.efi.canTouchEfiVariables</literal> is true. 164 + ''; 165 + }; 156 166 157 - efiBootloaderId = mkOption { 158 - default = null; 159 - example = "NixOS-fsid"; 160 - type = types.nullOr types.str; 161 - description = '' 162 - The id of the bootloader to store in efi nvram. 163 - The default is to name it NixOS and append the path or efiSysMountPoint. 164 - This is only used if <literal>boot.loader.efi.canTouchEfiVariables</literal> is true. 165 - ''; 166 - }; 167 + devices = mkOption { 168 + default = [ ]; 169 + example = [ "/dev/sda" "/dev/sdb" ]; 170 + type = types.listOf types.str; 171 + description = '' 172 + The path to the devices which will have the GRUB MBR written. 173 + Note these are typically device paths and not paths to partitions. 174 + ''; 175 + }; 167 176 168 - devices = mkOption { 169 - default = [ ]; 170 - example = [ "/dev/sda" "/dev/sdb" ]; 171 - type = types.listOf types.str; 172 - description = '' 173 - The path to the devices which will have the GRUB MBR written. 174 - Note these are typically device paths and not paths to partitions. 175 - ''; 176 177 }; 177 - 178 - }; 178 + }); 179 179 }; 180 180 181 181 configurationName = mkOption {
+136 -136
nixos/modules/system/boot/luksroot.nix
··· 236 236 <filename>/dev/mapper/<replaceable>name</replaceable></filename>. 237 237 ''; 238 238 239 - type = types.loaOf types.optionSet; 239 + type = with types; loaOf (submodule ( 240 + { name, ... }: { options = { 240 241 241 - options = { name, ... }: { options = { 242 - 243 - name = mkOption { 244 - visible = false; 245 - default = name; 246 - example = "luksroot"; 247 - type = types.str; 248 - description = "Name of the unencrypted device in <filename>/dev/mapper</filename>."; 249 - }; 242 + name = mkOption { 243 + visible = false; 244 + default = name; 245 + example = "luksroot"; 246 + type = types.str; 247 + description = "Name of the unencrypted device in <filename>/dev/mapper</filename>."; 248 + }; 250 249 251 - device = mkOption { 252 - example = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08"; 253 - type = types.str; 254 - description = "Path of the underlying encrypted block device."; 255 - }; 250 + device = mkOption { 251 + example = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08"; 252 + type = types.str; 253 + description = "Path of the underlying encrypted block device."; 254 + }; 256 255 257 - header = mkOption { 258 - default = null; 259 - example = "/root/header.img"; 260 - type = types.nullOr types.str; 261 - description = '' 262 - The name of the file or block device that 263 - should be used as header for the encrypted device. 264 - ''; 265 - }; 256 + header = mkOption { 257 + default = null; 258 + example = "/root/header.img"; 259 + type = types.nullOr types.str; 260 + description = '' 261 + The name of the file or block device that 262 + should be used as header for the encrypted device. 263 + ''; 264 + }; 266 265 267 - keyFile = mkOption { 268 - default = null; 269 - example = "/dev/sdb1"; 270 - type = types.nullOr types.str; 271 - description = '' 272 - The name of the file (can be a raw device or a partition) that 273 - should be used as the decryption key for the encrypted device. If 274 - not specified, you will be prompted for a passphrase instead. 275 - ''; 276 - }; 266 + keyFile = mkOption { 267 + default = null; 268 + example = "/dev/sdb1"; 269 + type = types.nullOr types.str; 270 + description = '' 271 + The name of the file (can be a raw device or a partition) that 272 + should be used as the decryption key for the encrypted device. If 273 + not specified, you will be prompted for a passphrase instead. 274 + ''; 275 + }; 277 276 278 - keyFileSize = mkOption { 279 - default = null; 280 - example = 4096; 281 - type = types.nullOr types.int; 282 - description = '' 283 - The size of the key file. Use this if only the beginning of the 284 - key file should be used as a key (often the case if a raw device 285 - or partition is used as key file). If not specified, the whole 286 - <literal>keyFile</literal> will be used decryption, instead of just 287 - the first <literal>keyFileSize</literal> bytes. 288 - ''; 289 - }; 277 + keyFileSize = mkOption { 278 + default = null; 279 + example = 4096; 280 + type = types.nullOr types.int; 281 + description = '' 282 + The size of the key file. Use this if only the beginning of the 283 + key file should be used as a key (often the case if a raw device 284 + or partition is used as key file). If not specified, the whole 285 + <literal>keyFile</literal> will be used decryption, instead of just 286 + the first <literal>keyFileSize</literal> bytes. 287 + ''; 288 + }; 290 289 291 - # FIXME: get rid of this option. 292 - preLVM = mkOption { 293 - default = true; 294 - type = types.bool; 295 - description = "Whether the luksOpen will be attempted before LVM scan or after it."; 296 - }; 290 + # FIXME: get rid of this option. 291 + preLVM = mkOption { 292 + default = true; 293 + type = types.bool; 294 + description = "Whether the luksOpen will be attempted before LVM scan or after it."; 295 + }; 297 296 298 - allowDiscards = mkOption { 299 - default = false; 300 - type = types.bool; 301 - description = '' 302 - Whether to allow TRIM requests to the underlying device. This option 303 - has security implications; please read the LUKS documentation before 304 - activating it. 305 - ''; 306 - }; 297 + allowDiscards = mkOption { 298 + default = false; 299 + type = types.bool; 300 + description = '' 301 + Whether to allow TRIM requests to the underlying device. This option 302 + has security implications; please read the LUKS documentation before 303 + activating it. 304 + ''; 305 + }; 307 306 308 - yubikey = mkOption { 309 - default = null; 310 - type = types.nullOr types.optionSet; 311 - description = '' 312 - The options to use for this LUKS device in Yubikey-PBA. 313 - If null (the default), Yubikey-PBA will be disabled for this device. 314 - ''; 307 + yubikey = mkOption { 308 + default = null; 309 + description = '' 310 + The options to use for this LUKS device in Yubikey-PBA. 311 + If null (the default), Yubikey-PBA will be disabled for this device. 312 + ''; 315 313 316 - options = { 317 - twoFactor = mkOption { 318 - default = true; 319 - type = types.bool; 320 - description = "Whether to use a passphrase and a Yubikey (true), or only a Yubikey (false)."; 321 - }; 314 + type = with types; nullOr (submodule { 315 + options = { 316 + twoFactor = mkOption { 317 + default = true; 318 + type = types.bool; 319 + description = "Whether to use a passphrase and a Yubikey (true), or only a Yubikey (false)."; 320 + }; 322 321 323 - slot = mkOption { 324 - default = 2; 325 - type = types.int; 326 - description = "Which slot on the Yubikey to challenge."; 327 - }; 322 + slot = mkOption { 323 + default = 2; 324 + type = types.int; 325 + description = "Which slot on the Yubikey to challenge."; 326 + }; 328 327 329 - saltLength = mkOption { 330 - default = 16; 331 - type = types.int; 332 - description = "Length of the new salt in byte (64 is the effective maximum)."; 333 - }; 328 + saltLength = mkOption { 329 + default = 16; 330 + type = types.int; 331 + description = "Length of the new salt in byte (64 is the effective maximum)."; 332 + }; 334 333 335 - keyLength = mkOption { 336 - default = 64; 337 - type = types.int; 338 - description = "Length of the LUKS slot key derived with PBKDF2 in byte."; 339 - }; 334 + keyLength = mkOption { 335 + default = 64; 336 + type = types.int; 337 + description = "Length of the LUKS slot key derived with PBKDF2 in byte."; 338 + }; 340 339 341 - iterationStep = mkOption { 342 - default = 0; 343 - type = types.int; 344 - description = "How much the iteration count for PBKDF2 is increased at each successful authentication."; 345 - }; 340 + iterationStep = mkOption { 341 + default = 0; 342 + type = types.int; 343 + description = "How much the iteration count for PBKDF2 is increased at each successful authentication."; 344 + }; 346 345 347 - gracePeriod = mkOption { 348 - default = 2; 349 - type = types.int; 350 - description = "Time in seconds to wait before attempting to find the Yubikey."; 351 - }; 346 + gracePeriod = mkOption { 347 + default = 2; 348 + type = types.int; 349 + description = "Time in seconds to wait before attempting to find the Yubikey."; 350 + }; 352 351 353 - ramfsMountPoint = mkOption { 354 - default = "/crypt-ramfs"; 355 - type = types.str; 356 - description = "Path where the ramfs used to update the LUKS key will be mounted during early boot."; 357 - }; 352 + ramfsMountPoint = mkOption { 353 + default = "/crypt-ramfs"; 354 + type = types.str; 355 + description = "Path where the ramfs used to update the LUKS key will be mounted during early boot."; 356 + }; 358 357 359 - /* TODO: Add to the documentation of the current module: 358 + /* TODO: Add to the documentation of the current module: 360 359 361 - Options related to the storing the salt. 362 - */ 363 - storage = { 364 - device = mkOption { 365 - default = "/dev/sda1"; 366 - type = types.path; 367 - description = '' 368 - An unencrypted device that will temporarily be mounted in stage-1. 369 - Must contain the current salt to create the challenge for this LUKS device. 370 - ''; 371 - }; 360 + Options related to the storing the salt. 361 + */ 362 + storage = { 363 + device = mkOption { 364 + default = "/dev/sda1"; 365 + type = types.path; 366 + description = '' 367 + An unencrypted device that will temporarily be mounted in stage-1. 368 + Must contain the current salt to create the challenge for this LUKS device. 369 + ''; 370 + }; 372 371 373 - fsType = mkOption { 374 - default = "vfat"; 375 - type = types.str; 376 - description = "The filesystem of the unencrypted device."; 377 - }; 372 + fsType = mkOption { 373 + default = "vfat"; 374 + type = types.str; 375 + description = "The filesystem of the unencrypted device."; 376 + }; 378 377 379 - mountPoint = mkOption { 380 - default = "/crypt-storage"; 381 - type = types.str; 382 - description = "Path where the unencrypted device will be mounted during early boot."; 383 - }; 378 + mountPoint = mkOption { 379 + default = "/crypt-storage"; 380 + type = types.str; 381 + description = "Path where the unencrypted device will be mounted during early boot."; 382 + }; 384 383 385 - path = mkOption { 386 - default = "/crypt-storage/default"; 387 - type = types.str; 388 - description = '' 389 - Absolute path of the salt on the unencrypted device with 390 - that device's root directory as "/". 391 - ''; 384 + path = mkOption { 385 + default = "/crypt-storage/default"; 386 + type = types.str; 387 + description = '' 388 + Absolute path of the salt on the unencrypted device with 389 + that device's root directory as "/". 390 + ''; 391 + }; 392 + }; 392 393 }; 393 - }; 394 + }); 394 395 }; 395 - }; 396 396 397 - }; }; 397 + }; })); 398 398 }; 399 399 400 400 boot.initrd.luks.yubikeySupport = mkOption {
+8 -13
nixos/modules/system/boot/networkd.nix
··· 471 471 472 472 addresses = mkOption { 473 473 default = [ ]; 474 - type = types.listOf types.optionSet; 475 - options = [ addressOptions ]; 474 + type = with types; listOf (submodule [ addressOptions ]); 476 475 description = '' 477 476 A list of address sections to be added to the unit. See 478 477 <citerefentry><refentrytitle>systemd.network</refentrytitle> ··· 482 481 483 482 routes = mkOption { 484 483 default = [ ]; 485 - type = types.listOf types.optionSet; 486 - options = [ routeOptions ]; 484 + type = with types; listOf (submodule [ routeOptions ]); 487 485 description = '' 488 486 A list of route sections to be added to the unit. See 489 487 <citerefentry><refentrytitle>systemd.network</refentrytitle> ··· 624 622 625 623 systemd.network.links = mkOption { 626 624 default = {}; 627 - type = types.attrsOf types.optionSet; 628 - options = [ linkOptions ]; 625 + type = with types; attrsOf (submodule [ linkOptions ]); 629 626 description = "Definition of systemd network links."; 630 627 }; 631 628 632 629 systemd.network.netdevs = mkOption { 633 630 default = {}; 634 - type = types.attrsOf types.optionSet; 635 - options = [ netdevOptions ]; 631 + type = with types; attrsOf (submodule [ netdevOptions ]); 636 632 description = "Definition of systemd network devices."; 637 633 }; 638 634 639 635 systemd.network.networks = mkOption { 640 636 default = {}; 641 - type = types.attrsOf types.optionSet; 642 - options = [ networkOptions networkConfig ]; 637 + type = with types; attrsOf (submodule [ networkOptions networkConfig ]); 643 638 description = "Definition of systemd networks."; 644 639 }; 645 640 646 641 systemd.network.units = mkOption { 647 642 description = "Definition of networkd units."; 648 643 default = {}; 649 - type = types.attrsOf types.optionSet; 650 - options = { name, config, ... }: 644 + type = with types; attrsOf (submodule ( 645 + { name, config, ... }: 651 646 { options = concreteUnitOptions; 652 647 config = { 653 648 unit = mkDefault (makeUnit name config); 654 649 }; 655 - }; 650 + })); 656 651 }; 657 652 658 653 };
+16 -26
nixos/modules/system/boot/systemd.nix
··· 389 389 systemd.units = mkOption { 390 390 description = "Definition of systemd units."; 391 391 default = {}; 392 - type = types.attrsOf types.optionSet; 393 - options = { name, config, ... }: 392 + type = with types; attrsOf (submodule ( 393 + { name, config, ... }: 394 394 { options = concreteUnitOptions; 395 395 config = { 396 396 unit = mkDefault (makeUnit name config); 397 397 }; 398 - }; 398 + })); 399 399 }; 400 400 401 401 systemd.packages = mkOption { ··· 406 406 407 407 systemd.targets = mkOption { 408 408 default = {}; 409 - type = types.attrsOf types.optionSet; 410 - options = [ targetOptions unitConfig ]; 409 + type = with types; attrsOf (submodule [ { options = targetOptions; } unitConfig] ); 411 410 description = "Definition of systemd target units."; 412 411 }; 413 412 414 413 systemd.services = mkOption { 415 414 default = {}; 416 - type = types.attrsOf types.optionSet; 417 - options = [ serviceOptions unitConfig serviceConfig ]; 415 + type = with types; attrsOf (submodule [ { options = serviceOptions; } unitConfig serviceConfig ]); 418 416 description = "Definition of systemd service units."; 419 417 }; 420 418 421 419 systemd.sockets = mkOption { 422 420 default = {}; 423 - type = types.attrsOf types.optionSet; 424 - options = [ socketOptions unitConfig ]; 421 + type = with types; attrsOf (submodule [ { options = socketOptions; } unitConfig ]); 425 422 description = "Definition of systemd socket units."; 426 423 }; 427 424 428 425 systemd.timers = mkOption { 429 426 default = {}; 430 - type = types.attrsOf types.optionSet; 431 - options = [ timerOptions unitConfig ]; 427 + type = with types; attrsOf (submodule [ { options = timerOptions; } unitConfig ]); 432 428 description = "Definition of systemd timer units."; 433 429 }; 434 430 435 431 systemd.paths = mkOption { 436 432 default = {}; 437 - type = types.attrsOf types.optionSet; 438 - options = [ pathOptions unitConfig ]; 433 + type = with types; attrsOf (submodule [ { options = pathOptions; } unitConfig ]); 439 434 description = "Definition of systemd path units."; 440 435 }; 441 436 442 437 systemd.mounts = mkOption { 443 438 default = []; 444 - type = types.listOf types.optionSet; 445 - options = [ mountOptions unitConfig mountConfig ]; 439 + type = with types; listOf (submodule [ { options = mountOptions; } unitConfig mountConfig ]); 446 440 description = '' 447 441 Definition of systemd mount units. 448 442 This is a list instead of an attrSet, because systemd mandates the names to be derived from ··· 452 446 453 447 systemd.automounts = mkOption { 454 448 default = []; 455 - type = types.listOf types.optionSet; 456 - options = [ automountOptions unitConfig automountConfig ]; 449 + type = with types; listOf (submodule [ { options = automountOptions; } unitConfig automountConfig ]); 457 450 description = '' 458 451 Definition of systemd automount units. 459 452 This is a list instead of an attrSet, because systemd mandates the names to be derived from ··· 600 593 systemd.user.units = mkOption { 601 594 description = "Definition of systemd per-user units."; 602 595 default = {}; 603 - type = types.attrsOf types.optionSet; 604 - options = { name, config, ... }: 596 + type = with types; attrsOf (submodule ( 597 + { name, config, ... }: 605 598 { options = concreteUnitOptions; 606 599 config = { 607 600 unit = mkDefault (makeUnit name config); 608 601 }; 609 - }; 602 + })); 610 603 }; 611 604 612 605 systemd.user.services = mkOption { 613 606 default = {}; 614 - type = types.attrsOf types.optionSet; 615 - options = [ serviceOptions unitConfig serviceConfig ]; 607 + type = with types; attrsOf (submodule [ { options = serviceOptions; } unitConfig serviceConfig ] ); 616 608 description = "Definition of systemd per-user service units."; 617 609 }; 618 610 619 611 systemd.user.timers = mkOption { 620 612 default = {}; 621 - type = types.attrsOf types.optionSet; 622 - options = [ timerOptions unitConfig ]; 613 + type = with types; attrsOf (submodule [ { options = timerOptions; } unitConfig ] ); 623 614 description = "Definition of systemd per-user timer units."; 624 615 }; 625 616 626 617 systemd.user.sockets = mkOption { 627 618 default = {}; 628 - type = types.attrsOf types.optionSet; 629 - options = [ socketOptions unitConfig ]; 619 + type = with types; attrsOf (submodule [ { options = socketOptions; } unitConfig ] ); 630 620 description = "Definition of systemd per-user socket units."; 631 621 }; 632 622
+3 -3
nixos/modules/system/etc/etc.nix
··· 33 33 options = { 34 34 35 35 environment.etc = mkOption { 36 - type = types.loaOf types.optionSet; 37 36 default = {}; 38 37 example = literalExample '' 39 38 { example-configuration-file = ··· 47 46 Set of files that have to be linked in <filename>/etc</filename>. 48 47 ''; 49 48 50 - options = singleton ({ name, config, ... }: 49 + type = with types; loaOf (submodule ( 50 + { name, config, ... }: 51 51 { options = { 52 52 53 53 enable = mkOption { ··· 117 117 in mkDefault (pkgs.writeText name' config.text)); 118 118 }; 119 119 120 - }); 120 + })); 121 121 122 122 }; 123 123
+252 -238
nixos/modules/tasks/network-interfaces.nix
··· 97 97 98 98 addrOpts = v: 99 99 assert v == 4 || v == 6; 100 - { 101 - address = mkOption { 102 - type = types.str; 103 - description = '' 104 - IPv${toString v} address of the interface. Leave empty to configure the 105 - interface using DHCP. 106 - ''; 107 - }; 100 + { options = { 101 + address = mkOption { 102 + type = types.str; 103 + description = '' 104 + IPv${toString v} address of the interface. Leave empty to configure the 105 + interface using DHCP. 106 + ''; 107 + }; 108 108 109 - prefixLength = mkOption { 110 - type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128)); 111 - description = '' 112 - Subnet mask of the interface, specified as the number of 113 - bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>). 114 - ''; 109 + prefixLength = mkOption { 110 + type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128)); 111 + description = '' 112 + Subnet mask of the interface, specified as the number of 113 + bits in the prefix (<literal>${if v == 4 then "24" else "64"}</literal>). 114 + ''; 115 + }; 115 116 }; 116 117 }; 117 118 ··· 141 142 { address = "10.0.0.1"; prefixLength = 16; } 142 143 { address = "192.168.1.1"; prefixLength = 24; } 143 144 ]; 144 - type = types.listOf types.optionSet; 145 - options = addrOpts 4; 145 + type = with types; listOf (submodule (addrOpts 4)); 146 146 description = '' 147 147 List of IPv4 addresses that will be statically assigned to the interface. 148 148 ''; ··· 154 154 { address = "fdfd:b3f0:482::1"; prefixLength = 48; } 155 155 { address = "2001:1470:fffd:2098::e006"; prefixLength = 64; } 156 156 ]; 157 - type = types.listOf types.optionSet; 158 - options = addrOpts 6; 157 + type = with types; listOf (submodule (addrOpts 6)); 159 158 description = '' 160 159 List of IPv6 addresses that will be statically assigned to the interface. 161 160 ''; ··· 415 414 <option>networking.useDHCP</option> is true, then every 416 415 interface not listed here will be configured using DHCP. 417 416 ''; 418 - type = types.loaOf types.optionSet; 419 - options = [ interfaceOpts ]; 417 + type = with types; loaOf (submodule interfaceOpts); 420 418 }; 421 419 422 420 networking.vswitches = mkOption { ··· 434 432 interface. 435 433 ''; 436 434 437 - type = types.attrsOf types.optionSet; 435 + type = with types; attrsOf (submodule { 438 436 439 - options = { 437 + options = { 438 + 439 + interfaces = mkOption { 440 + example = [ "eth0" "eth1" ]; 441 + type = types.listOf types.str; 442 + description = 443 + "The physical network interfaces connected by the vSwitch."; 444 + }; 440 445 441 - interfaces = mkOption { 442 - example = [ "eth0" "eth1" ]; 443 - type = types.listOf types.str; 444 - description = 445 - "The physical network interfaces connected by the vSwitch."; 446 - }; 446 + controllers = mkOption { 447 + type = types.listOf types.str; 448 + default = []; 449 + example = [ "ptcp:6653:[::1]" ]; 450 + description = '' 451 + Specify the controller targets. For the allowed options see <literal>man 8 ovs-vsctl</literal>. 452 + ''; 453 + }; 447 454 448 - controllers = mkOption { 449 - type = types.listOf types.str; 450 - default = []; 451 - example = [ "ptcp:6653:[::1]" ]; 452 - description = '' 453 - Specify the controller targets. For the allowed options see <literal>man 8 ovs-vsctl</literal>. 454 - ''; 455 - }; 455 + openFlowRules = mkOption { 456 + type = types.lines; 457 + default = ""; 458 + example = '' 459 + actions=normal 460 + ''; 461 + description = '' 462 + OpenFlow rules to insert into the Open vSwitch. All <literal>openFlowRules</literal> are 463 + loaded with <literal>ovs-ofctl</literal> within one atomic operation. 464 + ''; 465 + }; 456 466 457 - openFlowRules = mkOption { 458 - type = types.lines; 459 - default = ""; 460 - example = '' 461 - actions=normal 462 - ''; 463 - description = '' 464 - OpenFlow rules to insert into the Open vSwitch. All <literal>openFlowRules</literal> are 465 - loaded with <literal>ovs-ofctl</literal> within one atomic operation. 466 - ''; 467 - }; 467 + extraOvsctlCmds = mkOption { 468 + type = types.lines; 469 + default = ""; 470 + example = '' 471 + set-fail-mode <switch_name> secure 472 + set Bridge <switch_name> stp_enable=true 473 + ''; 474 + description = '' 475 + Commands to manipulate the Open vSwitch database. Every line executed with <literal>ovs-vsctl</literal>. 476 + All commands are bundled together with the operations for adding the interfaces 477 + into one atomic operation. 478 + ''; 479 + }; 468 480 469 - extraOvsctlCmds = mkOption { 470 - type = types.lines; 471 - default = ""; 472 - example = '' 473 - set-fail-mode <switch_name> secure 474 - set Bridge <switch_name> stp_enable=true 475 - ''; 476 - description = '' 477 - Commands to manipulate the Open vSwitch database. Every line executed with <literal>ovs-vsctl</literal>. 478 - All commands are bundled together with the operations for adding the interfaces 479 - into one atomic operation. 480 - ''; 481 481 }; 482 482 483 - }; 483 + }); 484 484 485 485 }; 486 486 ··· 499 499 bridge's network interface. 500 500 ''; 501 501 502 - type = types.attrsOf types.optionSet; 502 + type = with types; attrsOf (submodule { 503 503 504 - options = { 504 + options = { 505 505 506 - interfaces = mkOption { 507 - example = [ "eth0" "eth1" ]; 508 - type = types.listOf types.str; 509 - description = 510 - "The physical network interfaces connected by the bridge."; 511 - }; 506 + interfaces = mkOption { 507 + example = [ "eth0" "eth1" ]; 508 + type = types.listOf types.str; 509 + description = 510 + "The physical network interfaces connected by the bridge."; 511 + }; 512 512 513 - rstp = mkOption { 514 - example = true; 515 - default = false; 516 - type = types.bool; 517 - description = "Whether the bridge interface should enable rstp."; 513 + rstp = mkOption { 514 + example = true; 515 + default = false; 516 + type = types.bool; 517 + description = "Whether the bridge interface should enable rstp."; 518 + }; 519 + 518 520 }; 519 521 520 - }; 522 + }); 521 523 522 524 }; 523 525 ··· 538 540 name specifying the name of the bond's network interface 539 541 ''; 540 542 541 - type = types.attrsOf types.optionSet; 543 + type = with types; attrsOf (submodule { 544 + 545 + options = { 542 546 543 - options = { 547 + interfaces = mkOption { 548 + example = [ "enp4s0f0" "enp4s0f1" "wlan0" ]; 549 + type = types.listOf types.str; 550 + description = "The interfaces to bond together"; 551 + }; 544 552 545 - interfaces = mkOption { 546 - example = [ "enp4s0f0" "enp4s0f1" "wlan0" ]; 547 - type = types.listOf types.str; 548 - description = "The interfaces to bond together"; 549 - }; 553 + lacp_rate = mkOption { 554 + default = null; 555 + example = "fast"; 556 + type = types.nullOr types.str; 557 + description = '' 558 + Option specifying the rate in which we'll ask our link partner 559 + to transmit LACPDU packets in 802.3ad mode. 560 + ''; 561 + }; 550 562 551 - lacp_rate = mkOption { 552 - default = null; 553 - example = "fast"; 554 - type = types.nullOr types.str; 555 - description = '' 556 - Option specifying the rate in which we'll ask our link partner 557 - to transmit LACPDU packets in 802.3ad mode. 558 - ''; 559 - }; 563 + miimon = mkOption { 564 + default = null; 565 + example = 100; 566 + type = types.nullOr types.int; 567 + description = '' 568 + Miimon is the number of millisecond in between each round of polling 569 + by the device driver for failed links. By default polling is not 570 + enabled and the driver is trusted to properly detect and handle 571 + failure scenarios. 572 + ''; 573 + }; 560 574 561 - miimon = mkOption { 562 - default = null; 563 - example = 100; 564 - type = types.nullOr types.int; 565 - description = '' 566 - Miimon is the number of millisecond in between each round of polling 567 - by the device driver for failed links. By default polling is not 568 - enabled and the driver is trusted to properly detect and handle 569 - failure scenarios. 570 - ''; 571 - }; 575 + mode = mkOption { 576 + default = null; 577 + example = "active-backup"; 578 + type = types.nullOr types.str; 579 + description = '' 580 + The mode which the bond will be running. The default mode for 581 + the bonding driver is balance-rr, optimizing for throughput. 582 + More information about valid modes can be found at 583 + https://www.kernel.org/doc/Documentation/networking/bonding.txt 584 + ''; 585 + }; 572 586 573 - mode = mkOption { 574 - default = null; 575 - example = "active-backup"; 576 - type = types.nullOr types.str; 577 - description = '' 578 - The mode which the bond will be running. The default mode for 579 - the bonding driver is balance-rr, optimizing for throughput. 580 - More information about valid modes can be found at 581 - https://www.kernel.org/doc/Documentation/networking/bonding.txt 582 - ''; 583 - }; 587 + xmit_hash_policy = mkOption { 588 + default = null; 589 + example = "layer2+3"; 590 + type = types.nullOr types.str; 591 + description = '' 592 + Selects the transmit hash policy to use for slave selection in 593 + balance-xor, 802.3ad, and tlb modes. 594 + ''; 595 + }; 584 596 585 - xmit_hash_policy = mkOption { 586 - default = null; 587 - example = "layer2+3"; 588 - type = types.nullOr types.str; 589 - description = '' 590 - Selects the transmit hash policy to use for slave selection in 591 - balance-xor, 802.3ad, and tlb modes. 592 - ''; 593 597 }; 594 598 595 - }; 599 + }); 596 600 }; 597 601 598 602 networking.macvlans = mkOption { 599 - type = types.attrsOf types.optionSet; 600 603 default = { }; 601 604 example = literalExample { 602 605 wan = { ··· 608 611 This option allows you to define macvlan interfaces which should 609 612 be automatically created. 610 613 ''; 611 - options = { 614 + type = with types; attrsOf (submodule { 615 + options = { 612 616 613 - interface = mkOption { 614 - example = "enp4s0"; 615 - type = types.str; 616 - description = "The interface the macvlan will transmit packets through."; 617 - }; 617 + interface = mkOption { 618 + example = "enp4s0"; 619 + type = types.str; 620 + description = "The interface the macvlan will transmit packets through."; 621 + }; 622 + 623 + mode = mkOption { 624 + default = null; 625 + type = types.nullOr types.str; 626 + example = "vepa"; 627 + description = "The mode of the macvlan device."; 628 + }; 618 629 619 - mode = mkOption { 620 - default = null; 621 - type = types.nullOr types.str; 622 - example = "vepa"; 623 - description = "The mode of the macvlan device."; 624 630 }; 625 631 626 - }; 632 + }); 627 633 }; 628 634 629 635 networking.sits = mkOption { 630 - type = types.attrsOf types.optionSet; 631 636 default = { }; 632 637 example = literalExample { 633 638 hurricane = { ··· 644 649 description = '' 645 650 This option allows you to define 6-to-4 interfaces which should be automatically created. 646 651 ''; 647 - options = { 652 + type = with types; attrsOf (submodule { 653 + options = { 648 654 649 - remote = mkOption { 650 - type = types.nullOr types.str; 651 - default = null; 652 - example = "10.0.0.1"; 653 - description = '' 654 - The address of the remote endpoint to forward traffic over. 655 - ''; 656 - }; 655 + remote = mkOption { 656 + type = types.nullOr types.str; 657 + default = null; 658 + example = "10.0.0.1"; 659 + description = '' 660 + The address of the remote endpoint to forward traffic over. 661 + ''; 662 + }; 663 + 664 + local = mkOption { 665 + type = types.nullOr types.str; 666 + default = null; 667 + example = "10.0.0.22"; 668 + description = '' 669 + The address of the local endpoint which the remote 670 + side should send packets to. 671 + ''; 672 + }; 657 673 658 - local = mkOption { 659 - type = types.nullOr types.str; 660 - default = null; 661 - example = "10.0.0.22"; 662 - description = '' 663 - The address of the local endpoint which the remote 664 - side should send packets to. 665 - ''; 666 - }; 674 + ttl = mkOption { 675 + type = types.nullOr types.int; 676 + default = null; 677 + example = 255; 678 + description = '' 679 + The time-to-live of the connection to the remote tunnel endpoint. 680 + ''; 681 + }; 667 682 668 - ttl = mkOption { 669 - type = types.nullOr types.int; 670 - default = null; 671 - example = 255; 672 - description = '' 673 - The time-to-live of the connection to the remote tunnel endpoint. 674 - ''; 675 - }; 683 + dev = mkOption { 684 + type = types.nullOr types.str; 685 + default = null; 686 + example = "enp4s0f0"; 687 + description = '' 688 + The underlying network device on which the tunnel resides. 689 + ''; 690 + }; 676 691 677 - dev = mkOption { 678 - type = types.nullOr types.str; 679 - default = null; 680 - example = "enp4s0f0"; 681 - description = '' 682 - The underlying network device on which the tunnel resides. 683 - ''; 684 692 }; 685 693 686 - }; 694 + }); 687 695 }; 688 696 689 697 networking.vlans = mkOption { ··· 706 714 specifying the name of the vlan interface. 707 715 ''; 708 716 709 - type = types.attrsOf types.optionSet; 717 + type = with types; attrsOf (submodule { 710 718 711 - options = { 719 + options = { 712 720 713 - id = mkOption { 714 - example = 1; 715 - type = types.int; 716 - description = "The vlan identifier"; 721 + id = mkOption { 722 + example = 1; 723 + type = types.int; 724 + description = "The vlan identifier"; 725 + }; 726 + 727 + interface = mkOption { 728 + example = "enp4s0"; 729 + type = types.str; 730 + description = "The interface the vlan will transmit packets through."; 731 + }; 732 + 717 733 }; 718 734 719 - interface = mkOption { 720 - example = "enp4s0"; 721 - type = types.str; 722 - description = "The interface the vlan will transmit packets through."; 723 - }; 735 + }); 724 736 725 - }; 726 737 }; 727 738 728 739 networking.wlanInterfaces = mkOption { ··· 760 771 would have to be created explicitly. 761 772 ''; 762 773 763 - type = types.attrsOf types.optionSet; 774 + type = with types; attrsOf (submodule { 764 775 765 - options = { 776 + options = { 766 777 767 - device = mkOption { 768 - type = types.string; 769 - example = "wlp6s0"; 770 - description = "The name of the underlying hardware WLAN device as assigned by <literal>udev</literal>."; 771 - }; 778 + device = mkOption { 779 + type = types.string; 780 + example = "wlp6s0"; 781 + description = "The name of the underlying hardware WLAN device as assigned by <literal>udev</literal>."; 782 + }; 772 783 773 - type = mkOption { 774 - type = types.string; 775 - default = "managed"; 776 - example = "ibss"; 777 - description = '' 778 - The type of the WLAN interface. The type has to be either <literal>managed</literal>, 779 - <literal>ibss</literal>, <literal>monitor</literal>, <literal>mesh</literal> or <literal>wds</literal>. 780 - Also, the type has to be supported by the underlying hardware of the device. 781 - ''; 782 - }; 784 + type = mkOption { 785 + type = types.string; 786 + default = "managed"; 787 + example = "ibss"; 788 + description = '' 789 + The type of the WLAN interface. The type has to be either <literal>managed</literal>, 790 + <literal>ibss</literal>, <literal>monitor</literal>, <literal>mesh</literal> or <literal>wds</literal>. 791 + Also, the type has to be supported by the underlying hardware of the device. 792 + ''; 793 + }; 783 794 784 - meshID = mkOption { 785 - type = types.nullOr types.string; 786 - default = null; 787 - description = "MeshID of interface with type <literal>mesh</literal>."; 788 - }; 795 + meshID = mkOption { 796 + type = types.nullOr types.string; 797 + default = null; 798 + description = "MeshID of interface with type <literal>mesh</literal>."; 799 + }; 789 800 790 - flags = mkOption { 791 - type = types.nullOr types.string; 792 - default = null; 793 - example = "control"; 794 - description = '' 795 - Flags for interface of type <literal>monitor</literal>. The valid flags are: 796 - none: no special flags 797 - fcsfail: show frames with FCS errors 798 - control: show control frames 799 - otherbss: show frames from other BSSes 800 - cook: use cooked mode 801 - active: use active mode (ACK incoming unicast packets) 802 - ''; 803 - }; 801 + flags = mkOption { 802 + type = types.nullOr types.string; 803 + default = null; 804 + example = "control"; 805 + description = '' 806 + Flags for interface of type <literal>monitor</literal>. The valid flags are: 807 + none: no special flags 808 + fcsfail: show frames with FCS errors 809 + control: show control frames 810 + otherbss: show frames from other BSSes 811 + cook: use cooked mode 812 + active: use active mode (ACK incoming unicast packets) 813 + ''; 814 + }; 815 + 816 + fourAddr = mkOption { 817 + type = types.nullOr types.bool; 818 + default = null; 819 + description = "Whether to enable <literal>4-address mode</literal> with type <literal>managed</literal>."; 820 + }; 804 821 805 - fourAddr = mkOption { 806 - type = types.nullOr types.bool; 807 - default = null; 808 - description = "Whether to enable <literal>4-address mode</literal> with type <literal>managed</literal>."; 809 - }; 822 + mac = mkOption { 823 + type = types.nullOr types.str; 824 + default = null; 825 + example = "02:00:00:00:00:01"; 826 + description = '' 827 + MAC address to use for the device. If <literal>null</literal>, then the MAC of the 828 + underlying hardware WLAN device is used. 810 829 811 - mac = mkOption { 812 - type = types.nullOr types.str; 813 - default = null; 814 - example = "02:00:00:00:00:01"; 815 - description = '' 816 - MAC address to use for the device. If <literal>null</literal>, then the MAC of the 817 - underlying hardware WLAN device is used. 830 + INFO: Locally administered MAC addresses are of the form: 831 + <itemizedlist> 832 + <listitem><para>x2:xx:xx:xx:xx:xx</para></listitem> 833 + <listitem><para>x6:xx:xx:xx:xx:xx</para></listitem> 834 + <listitem><para>xA:xx:xx:xx:xx:xx</para></listitem> 835 + <listitem><para>xE:xx:xx:xx:xx:xx</para></listitem> 836 + </itemizedlist> 837 + ''; 838 + }; 818 839 819 - INFO: Locally administered MAC addresses are of the form: 820 - <itemizedlist> 821 - <listitem><para>x2:xx:xx:xx:xx:xx</para></listitem> 822 - <listitem><para>x6:xx:xx:xx:xx:xx</para></listitem> 823 - <listitem><para>xA:xx:xx:xx:xx:xx</para></listitem> 824 - <listitem><para>xE:xx:xx:xx:xx:xx</para></listitem> 825 - </itemizedlist> 826 - ''; 827 840 }; 828 841 829 - }; 842 + }); 843 + 830 844 }; 831 845 832 846 networking.useDHCP = mkOption {
+2 -4
nixos/modules/virtualisation/containers.nix
··· 473 473 }; 474 474 475 475 extraVeths = mkOption { 476 - type = types.attrsOf types.optionSet; 476 + type = with types; attrsOf (submodule networkOptions); 477 477 default = {}; 478 - options = networkOptions; 479 478 description = '' 480 479 Extra veth-pairs to be created for the container 481 480 ''; ··· 490 489 }; 491 490 492 491 bindMounts = mkOption { 493 - type = types.loaOf types.optionSet; 494 - options = [ bindMountOpts ]; 492 + type = with types; loaOf (submodule bindMountOpts); 495 493 default = {}; 496 494 example = { "/home" = { hostPath = "/home/alice"; 497 495 isReadOnly = false; };