nixos
garden.packages
A set of packages to install in the garden environment.
Type: attribute set of package
Default:
{ }
Declared by:
garden.device.capabilities.bluetooth
Whether or not the system has bluetooth support
Type: boolean
Default:
true
Declared by:
garden.device.capabilities.tpm
Whether the system has tpm support
Type: boolean
Default:
false
Declared by:
garden.device.capabilities.yubikey
Whether to enable yubikey support.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.device.cpu
The manufacturer of the primary system gpu
Type: null or one of “intel”, “vm-intel”, “amd”, “vm-amd”
Default:
null
Declared by:
garden.device.gpu
The manufacturer of the primary system gpu
Type: null or one of “amd”, “intel”, “nvidia”
Default:
null
Declared by:
garden.device.keyboard
the keyboard layout to use for a given system
Type: one of “us”, “gb”
Default:
"gb"
Declared by:
garden.device.monitors
this does not affect any drivers and such, it is only necessary for declaring things like monitors in window manager configurations you can avoid declaring this, but I’d rather if you did declare
Type: list of string
Default:
[ ]
Declared by:
garden.environment.flakePath
The path to the configuration
Type: string
Default:
"/Users/isabel/.config/flake"
Declared by:
garden.environment.loginManager
The login manager to be used by the system.
Type: null or one of “greetd”, “cosmic-greeter”
Declared by:
garden.profiles.gaming.enable
Whether to enable Gaming.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.profiles.graphical.enable
Whether to enable Graphical interface.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.profiles.headless.enable
Whether to enable Headless.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.profiles.laptop.enable
Whether to enable Laptop.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.profiles.server.enable
Whether to enable Server.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.profiles.server.hetzner.enable
Whether to enable Hetzner.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.profiles.server.hetzner.ipv4
The IPv4 address to assign to the server. This should be a single IP address, not a range.
Type: string
Declared by:
garden.profiles.server.hetzner.ipv6
The IPv6 address to assign to the server. This should be a single IP address, not a range.
Type: string
Declared by:
garden.profiles.server.oracle.enable
Whether to enable Oracle.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.profiles.workstation.enable
Whether to enable Workstation.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.programs.cosmic.enable
Whether to enable enable cosmic desktop environment.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.akkoma.enable
Whether to enable Enable the akkoma service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.akkoma.domain
Domain name for the akkoma service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.akkoma.host
The host for akkoma service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.akkoma.port
The port for akkoma service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.anubis.enable
Whether to enable Enable the anubis service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.anubis.domain
Domain name for the anubis service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.anubis.host
The host for anubis service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.anubis.port
The port for anubis service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.attic.enable
Whether to enable Enable the attic service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.attic.domain
Domain name for the attic service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.attic.host
The host for attic service
Type: string
Default:
"[::]"
Declared by:
garden.services.attic.port
The port for attic service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
8080
Declared by:
garden.services.atuin.enable
Whether to enable Enable the atuin service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.atuin.domain
Domain name for the atuin service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.atuin.host
The host for atuin service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.atuin.port
The port for atuin service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
43473
Declared by:
garden.services.blahaj.enable
Whether to enable Enable the blahaj service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.blahaj.domain
Domain name for the blahaj service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.blahaj.host
The host for blahaj service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.blahaj.port
The port for blahaj service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.cloudflared.enable
Whether to enable Enable the cloudflared service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.cloudflared.domain
Domain name for the cloudflared service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.cloudflared.host
The host for cloudflared service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.cloudflared.port
The port for cloudflared service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.forgejo.enable
Whether to enable Enable the forgejo service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.forgejo.domain
Domain name for the forgejo service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.forgejo.host
The host for forgejo service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.forgejo.port
The port for forgejo service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
7000
Declared by:
garden.services.grafana.enable
Whether to enable Enable the grafana service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.grafana.domain
Domain name for the grafana service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.grafana.host
The host for grafana service
Type: string
Default:
"0.0.0.0"
Declared by:
garden.services.grafana.port
The port for grafana service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
3100
Declared by:
garden.services.headscale.enable
Whether to enable Enable the headscale service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.headscale.domain
Domain name for the headscale service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.headscale.host
The host for headscale service
Type: string
Default:
"0.0.0.0"
Declared by:
garden.services.headscale.port
The port for headscale service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
8085
Declared by:
garden.services.isabelroses-website.enable
Whether to enable Enable the isabelroses-website service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.isabelroses-website.domain
Domain name for the isabelroses-website service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.isabelroses-website.host
The host for isabelroses-website service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.isabelroses-website.port
The port for isabelroses-website service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.kanidm.enable
Whether to enable Enable the kanidm service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.kanidm.domain
Domain name for the kanidm service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.kanidm.host
The host for kanidm service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.kanidm.port
The port for kanidm service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
8443
Declared by:
garden.services.loki.enable
Whether to enable Enable the loki service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.loki.domain
Domain name for the loki service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.loki.host
The host for loki service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.loki.port
The port for loki service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
3030
Declared by:
garden.services.mailserver.enable
Whether to enable Enable the mailserver service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.mailserver.domain
Domain name for the mailserver service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.mailserver.host
The host for mailserver service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.mailserver.port
The port for mailserver service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.matrix.enable
Whether to enable Enable the matrix service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.matrix.domain
Domain name for the matrix service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.matrix.host
The host for matrix service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.matrix.port
The port for matrix service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
8008
Declared by:
garden.services.mediawiki.enable
Whether to enable Enable the mediawiki service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.mediawiki.domain
Domain name for the mediawiki service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.mediawiki.host
The host for mediawiki service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.mediawiki.port
The port for mediawiki service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.nginx.enable
Whether to enable Enable the nginx service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.nginx.domain
Domain name for the nginx service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.nginx.host
The host for nginx service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.nginx.port
The port for nginx service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.nixpkgs-prs-bot.enable
Whether to enable Enable the nixpkgs-prs-bot service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.nixpkgs-prs-bot.bsky.enable
Whether to enable bsky.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.nixpkgs-prs-bot.domain
Domain name for the nixpkgs-prs-bot service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.nixpkgs-prs-bot.fedi.enable
Whether to enable fedi.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.nixpkgs-prs-bot.host
The host for nixpkgs-prs-bot service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.nixpkgs-prs-bot.port
The port for nixpkgs-prs-bot service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.ntfy.enable
Whether to enable Enable the nixpkgs-prs-bot service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.ntfy.domain
Domain name for the nixpkgs-prs-bot service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.ntfy.host
The host for nixpkgs-prs-bot service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.ntfy.port
The port for nixpkgs-prs-bot service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
2586
Declared by:
garden.services.photoprism.enable
Whether to enable Enable the photoprism service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.photoprism.domain
Domain name for the photoprism service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.photoprism.host
The host for photoprism service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.photoprism.port
The port for photoprism service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
2342
Declared by:
garden.services.postgresql.enable
Whether to enable Enable the postgresql service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.postgresql.domain
Domain name for the postgresql service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.postgresql.host
The host for postgresql service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.postgresql.port
The port for postgresql service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.prometheus.enable
Whether to enable Enable the prometheus service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.prometheus.domain
Domain name for the prometheus service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.prometheus.host
The host for prometheus service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.prometheus.port
The port for prometheus service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
9100
Declared by:
garden.services.redis.enable
Whether to enable Enable the redis service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.redis.domain
Domain name for the redis service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.redis.host
The host for redis service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.redis.port
The port for redis service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.syncthing.enable
Whether to enable Enable the syncthing service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.syncthing.domain
Domain name for the syncthing service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.syncthing.host
The host for syncthing service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.syncthing.port
The port for syncthing service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
0
Declared by:
garden.services.uptime-kuma.enable
Whether to enable Enable the uptime-kuma service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.uptime-kuma.domain
Domain name for the uptime-kuma service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.uptime-kuma.host
The host for uptime-kuma service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.uptime-kuma.port
The port for uptime-kuma service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
3500
Declared by:
garden.services.vaultwarden.enable
Whether to enable Enable the vaultwarden service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.vaultwarden.domain
Domain name for the vaultwarden service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.vaultwarden.host
The host for vaultwarden service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.vaultwarden.port
The port for vaultwarden service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
8222
Declared by:
garden.services.vikunja.enable
Whether to enable Enable the vikunja service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.vikunja.domain
Domain name for the vikunja service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.vikunja.host
The host for vikunja service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.vikunja.port
The port for vikunja service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
3456
Declared by:
garden.services.wakapi.enable
Whether to enable Enable the wakapi service.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.services.wakapi.domain
Domain name for the wakapi service
Type: string
Default:
"networking.domain"
Declared by:
garden.services.wakapi.host
The host for wakapi service
Type: string
Default:
"127.0.0.1"
Declared by:
garden.services.wakapi.port
The port for wakapi service
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default:
15912
Declared by:
garden.system.activation.diff.enable
Whether to enable Enable a system diff.
Type: boolean
Default:
true
Example:
true
Declared by:
garden.system.bluetooth.enable
Whether to enable Should the device load bluetooth drivers and enable blueman.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.enableKernelTweaks
Whether to enable security and performance related kernel parameters.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.extraKernelParams
Extra kernel parameters to be passed to the kernel. This is useful for passing additional parameters to the kernel that are not covered by the default parameters.
Type: list of string
Default:
[ ]
Declared by:
garden.system.boot.extraModprobeConfig
Extra modprobe config that will be passed to system modprobe config.
Type: string
Default:
"options hid_apple fnmode=1"
Declared by:
garden.system.boot.extraModulePackages
Extra kernel modules to be loaded.
Type: list of package
Default:
[ ]
Example:
with config.boot.kernelPackages; [acpi_call]
Declared by:
garden.system.boot.grub.device
The device to install the bootloader to.
Type: null or string
Default:
"nodev"
Declared by:
garden.system.boot.initrd.enableTweaks
Whether to enable quality of life tweaks for the initrd stage.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.initrd.optimizeCompressor
Whether to enable initrd compression algorithm optimizations for size. Enabling this option will force initrd to use zstd (default) with level 19 and -T0 (STDIN). This will reduce thee initrd size greatly at the cost of compression speed. Not recommended for low-end hardware. .
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.kernel
The kernel to use for the system.
Type: raw value
Default:
"pkgs.linuxPackages_latest"
Declared by:
garden.system.boot.loadRecommendedModules
Whether to enable kernel modules that accommodate for most use cases.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.loader
The bootloader that should be used for the device.
Type: one of “none”, “grub”, “systemd-boot”
Default:
"none"
Declared by:
garden.system.boot.memtest.enable
Whether to enable memtest86+.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.memtest.package
The memtest86plus package to use.
Type: package
Default:
pkgs.memtest86plus
Declared by:
garden.system.boot.recommendedLoaderConfig
Whether to enable tweaks for common bootloader configs per my liking.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.secureBoot
Whether to enable secure-boot and load necessary packages, say good bye to systemd-boot .
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.silentBoot
Whether to enable almost entirely silent boot process through quiet kernel parameter
.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.boot.tmpOnTmpfs
Whether to enable /tmp living on tmpfs. false means it will be cleared manually on each reboot.
Type: boolean
Default:
true
Example:
true
Declared by:
garden.system.emulation.enable
Whether to enable emulation of additional arcitechtures via binfmt. enabling this option will make it so that the system can build for additional systems such as aarc64 on x86_64 and vice versa. .
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.emulation.systems
the systems to enable emulation for
Type: list of string
Default:
[
"aarch64-linux"
"i686-linux"
]
Declared by:
garden.system.mainUser
The username of the main user for your system
Type: value “isabel” (singular enum)
Default:
"isabel"
Declared by:
garden.system.networking.optimizeTcp
Whether to enable Enable tcp optimizations.
Type: boolean
Default:
true
Example:
true
Declared by:
garden.system.networking.tailscale.enable
Whether to enable Tailscale VPN.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.networking.tailscale.defaultFlags
A list of command-line flags that will be passed to the Tailscale daemon on startup
using the config.services.tailscale.extraUpFlags.
If isServer is set to true, the server-specific values will be appended to the list
defined in this option.
Type: list of string
Default:
[
"--ssh"
]
Declared by:
garden.system.networking.tailscale.isClient
Whether the target host should utilize Tailscale client features";
This option is mutually exclusive with tailscale.isServer as they both
configure Taiscale, but with different flags
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.networking.tailscale.isServer
Whether the target host should utilize Tailscale server features.
This option is mutually exclusive with tailscale.isClient as they both
configure Taiscale, but with different flags
Type: boolean
Default:
true
Example:
true
Declared by:
garden.system.networking.wirelessBackend
Backend that will be used for wireless connections using either networking.wireless
or networking.networkmanager.wifi.backend
Defaults to wpa_supplicant until iwd is stable.
Type: one of “iwd”, “wpa_supplicant”
Default:
"wpa_supplicant"
Declared by:
garden.system.printing.enable
Whether to enable printing.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.printing.extraDrivers
A list of additional drivers to install for printing
Type: attribute set of absolute path
Default:
{ }
Declared by:
garden.system.security.auditd.enable
Whether to enable Enable the audit daemon.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.security.auditd.autoPrune.enable
Whether to enable Enable auto-pruning of audit logs.
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.security.auditd.autoPrune.dates
How often the audit log should be pruned
Type: string
Default:
"daily"
Example:
"weekly"
Declared by:
garden.system.security.auditd.autoPrune.size
The maximum size of the audit log in bytes
Type: signed integer
Default:
524288000
Declared by:
garden.system.security.fixWebcam
Whether to enable Fix the broken webcam by un-blacklisting the related kernel module…
Type: boolean
Default:
false
Example:
true
Declared by:
garden.system.tools.enable
Whether to enable tools.
Type: boolean
Default:
true
Example:
true
Declared by:
garden.system.tools.minimal
Whether to enable limit to minimal system tooling.
Type: boolean
Default:
true
Example:
true
Declared by:
garden.system.users
A list of users that you wish to declare as your non-system users. The first username
in the list will be treated as your main user unless garden.system.mainUser is set.
Type: list of string
Default:
[
"isabel"
]
Declared by: