Services
Source directory: modules/services/
default.nixmodules/services/appimage/default.nix
No option declarations; see source for implementation.
arr-suite-mcp.nixmodules/services/arr-suite-mcp.nix
arr-suite MCP server — exposed as an HTTP/SSE daemon.
arr-suite-mcp (shaktech786) is a stdio-only Python MCP server. To make it a
tailnet-reachable daemon we wrap it with mcp-proxy (stdio→SSE):
mcp-proxy --host 0.0.0.0 --port --pass-environment -- arr-suite-mcp
Clients connect to the SSE endpoint: http://:/sse
The *arr API keys are supplied via an agenix EnvironmentFile
(SONARR/RADARR/PROWLARR/OVERSEERR_API_KEY). Hosts/ports default to
localhost: inside arr-suite, matching the services on p510.
NZBGeek is reached transitively through Prowlarr's API.
Enable option: arr-suite MCP server (SSE daemon via mcp-proxy)
Options declaration (Nix)
. features. arr-suite-mcp = {
enable = lib. mkEnableOption "arr-suite MCP server (SSE daemon via mcp-proxy)" ;
port = lib. mkOption {
type = lib. types. port;
default = 3011 ;
description = "Port the SSE bridge binds to (loopback always; tailnet + LAN via firewall)." ;
};
environmentFile = lib. mkOption {
type = lib. types. path;
default = config. age. secrets. "arr-suite-mcp-env" . path;
defaultText = lib. literalExpression ''config.age.secrets."arr-suite-mcp-env".path'' ;
description = "EnvironmentFile with the *arr API keys (KEY=VALUE per line)." ;
};
listenLanInterface = lib. mkOption {
type = lib. types. nullOr lib. types. str;
default = null ;
example = "eno1" ;
description = ''
LAN interface to open the port on, in addition to tailscale0 and
loopback. null exposes the daemon only via Tailscale. (No effect on
hosts where the firewall is disabled.)
'' ;
};
}
default.nixmodules/services/atuin/default.nix
No option declarations; see source for implementation.
audible-sync.nixmodules/services/audible-sync.nix
audible-sync — download + decrypt your Audible library to local .m4b files.
UX: one command, audible-sync, after a one-time interactive login.
Pipeline: library export → bulk download (.aaxc/.aax) → decrypt to .m4b
→ organise into one folder per book under outputDir. Re-runnable;
already-downloaded books and already-decrypted files are skipped.
Per-host wiring (currently p620 only):
features.audibleSync = {
enable = true;
outputDir = "~/audiobooks/audible"; # default
};
One-time setup (run interactively on p620 AFTER deploy):
1. audible quickstart # picks marketplace, handles 2FA in browser
2. audible library list # confirm your books are visible
3. audible-sync # downloads + decrypts everything
Legal note: stripping DRM violates Audible's ToS. Personal-use only.
Enable option: audible-sync — download + decrypt Audible library to .m4b
Options declaration (Nix)
. features. audibleSync = {
enable = lib. mkEnableOption "audible-sync — download + decrypt Audible library to .m4b" ;
outputDir = lib. mkOption {
type = lib. types. str;
default = "~/audiobooks/audible" ;
description = ''
Destination for decrypted, organised .m4b files (one folder per book).
Tilde is expanded at runtime against the invoking user's $HOME.
'' ;
};
}
audiobook-import.nixmodules/services/audiobook-import.nix
audiobook-import — completed-download → Audiobookshelf import pipeline.
A timer-driven reconciler (modules/services/audiobook-import.py) that scans
the audiobook download dir(s) for stable, completed folders, uses the local
Ollama to parse the release name into structured metadata, optionally merges
multi-file books into a chaptered M4B via m4b-tool, and hardlinks/places the
result into the Audiobookshelf library with a metadata.json. Idempotent via
a .imported marker; sources are left intact so torrent seeding continues.
Enable option: audiobook download → Audiobookshelf import pipeline
Options declaration (Nix)
. features. audiobook-import = {
enable = lib. mkEnableOption "audiobook download → Audiobookshelf import pipeline" ;
watchDirs = lib. mkOption {
type = lib. types. listOf lib. types. str;
default = [ "/mnt/media/downloads/torrents/audiobooks" ];
description = "Download directories scanned for completed audiobook folders." ;
};
libraryDir = lib. mkOption {
type = lib. types. str;
default = "/mnt/media/Media/Audiobooks" ;
description = "Audiobookshelf library root to place imported books into." ;
};
model = lib. mkOption {
type = lib. types. str;
default = "qwen2.5:7b" ;
description = "Ollama model used for metadata extraction (strict JSON)." ;
};
ollamaUrl = lib. mkOption {
type = lib. types. str;
default = "http://127.0.0.1:11434" ;
description = "Base URL of the local Ollama server." ;
};
mergeToM4b = lib. mkOption {
type = lib. types. bool;
default = true ;
description = "Merge multi-file audiobooks into a single chaptered M4B via m4b-tool." ;
};
stableSeconds = lib. mkOption {
type = lib. types. int;
default = 120 ;
description = "Skip folders modified more recently than this (still downloading)." ;
};
interval = lib. mkOption {
type = lib. types. str;
default = "*:0/5" ;
description = "systemd OnCalendar expression for the import scan (default every 5 min)." ;
};
user = lib. mkOption {
type = lib. types. str;
default = "olafkfreund" ;
description = "User to run the import as (must own the library + read downloads)." ;
};
group = lib. mkOption {
type = lib. types. str;
default = "users" ;
description = "Group to run the import as." ;
};
}
audiobook-mcp.nixmodules/services/audiobook-mcp.nix
audiobook-mcp — audiobook acquisition + library MCP server, as an SSE daemon.
audiobook-mcp (pkgs.customPkgs.audiobook-mcp) is a stdio FastMCP server. To
make it tailnet-reachable we wrap it with mcp-proxy (stdio→SSE):
mcp-proxy --host 0.0.0.0 --port --pass-environment -- audiobook-mcp
Clients connect to the SSE endpoint: http://:/sse
Backend URLs default to the local services on p510 and are passed as plain
env; the API keys (PROWLARR/SABNZBD/ABS) come from an agenix EnvironmentFile
read by systemd as root before dropping to the DynamicUser.
Enable option: audiobook MCP server (SSE daemon via mcp-proxy)
Options declaration (Nix)
. features. audiobook-mcp = {
enable = lib. mkEnableOption "audiobook MCP server (SSE daemon via mcp-proxy)" ;
port = lib. mkOption {
type = lib. types. port;
default = 3012 ;
description = "Port the SSE bridge binds to (loopback always; tailnet + LAN via firewall)." ;
};
abbAppUrl = lib. mkOption {
type = lib. types. str;
default = "http://127.0.0.1:5078" ;
description = "audiobookbay-automated base URL (used to add ABB releases)." ;
};
prowlarrUrl = lib. mkOption {
type = lib. types. str;
default = "http://127.0.0.1:9696" ;
description = "Prowlarr base URL (Usenet/torrent indexer search)." ;
};
sabnzbdUrl = lib. mkOption {
type = lib. types. str;
default = "http://127.0.0.1:8080" ;
description = "SABnzbd base URL (Usenet grabs)." ;
};
audiobookshelfUrl = lib. mkOption {
type = lib. types. str;
default = "http://127.0.0.1:13378" ;
description = "Audiobookshelf base URL (library lookups)." ;
};
ollamaUrl = lib. mkOption {
type = lib. types. str;
default = "http://127.0.0.1:11434" ;
description = "Local Ollama base URL (recommend_bestsellers tool)." ;
};
ollamaModel = lib. mkOption {
type = lib. types. str;
default = "qwen2.5:7b" ;
description = "Ollama model used for bestseller suggestions." ;
};
environmentFile = lib. mkOption {
type = lib. types. path;
default = config. age. secrets. "audiobook-mcp-env" . path;
defaultText = lib. literalExpression ''config.age.secrets."audiobook-mcp-env".path'' ;
description = "EnvironmentFile with backend API keys (PROWLARR/SABNZBD/ABS)." ;
};
listenLanInterface = lib. mkOption {
type = lib. types. nullOr lib. types. str;
default = null ;
example = "eno1" ;
description = ''
LAN interface to open the port on, in addition to tailscale0 and
loopback. null exposes the daemon only via Tailscale.
'' ;
};
}
audiobookbay-automated.nixmodules/services/audiobookbay-automated.nix
audiobookbay-automated — AudioBookBay search → Transmission web app.
A small Flask app (pkgs.customPkgs.audiobookbay-automated) that searches
AudioBookBay and sends the chosen release's magnet to the existing
Transmission daemon on p510. Each download is saved to
//, which the audiobook-import pipeline watches.</p>
<p>The app only talks to Transmission's RPC (127.0.0.1:9091, auth disabled on
p510) and to AudioBookBay over HTTPS — it writes nothing to disk itself, so
the unit runs fully sandboxed (DynamicUser + ProtectSystem=strict).</p>
<p>Note: AudioBookBay distributes copyrighted material without authorization.
abbHostname is configurable; the same app works against any compatible host.</p>
<ul>
<li><strong>Enable option:</strong> AudioBookBay search → Transmission web app</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-4-1"><a id="__codelineno-4-1" name="__codelineno-4-1" href="#__codelineno-4-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">audiobookbay-automated</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-4-2"><a id="__codelineno-4-2" name="__codelineno-4-2" href="#__codelineno-4-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"AudioBookBay search → Transmission web app"</span><span class="p">;</span>
</span><span id="__span-4-3"><a id="__codelineno-4-3" name="__codelineno-4-3" href="#__codelineno-4-3"></a>
</span><span id="__span-4-4"><a id="__codelineno-4-4" name="__codelineno-4-4" href="#__codelineno-4-4"></a> <span class="ss">port</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-4-5"><a id="__codelineno-4-5" name="__codelineno-4-5" href="#__codelineno-4-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-4-6"><a id="__codelineno-4-6" name="__codelineno-4-6" href="#__codelineno-4-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">5078</span><span class="p">;</span>
</span><span id="__span-4-7"><a id="__codelineno-4-7" name="__codelineno-4-7" href="#__codelineno-4-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Port the Flask UI binds to (loopback always; tailnet + LAN via firewall)."</span><span class="p">;</span>
</span><span id="__span-4-8"><a id="__codelineno-4-8" name="__codelineno-4-8" href="#__codelineno-4-8"></a> <span class="p">};</span>
</span><span id="__span-4-9"><a id="__codelineno-4-9" name="__codelineno-4-9" href="#__codelineno-4-9"></a>
</span><span id="__span-4-10"><a id="__codelineno-4-10" name="__codelineno-4-10" href="#__codelineno-4-10"></a> <span class="ss">abbHostname</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-4-11"><a id="__codelineno-4-11" name="__codelineno-4-11" href="#__codelineno-4-11"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-4-12"><a id="__codelineno-4-12" name="__codelineno-4-12" href="#__codelineno-4-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"audiobookbay.lu"</span><span class="p">;</span>
</span><span id="__span-4-13"><a id="__codelineno-4-13" name="__codelineno-4-13" href="#__codelineno-4-13"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"AudioBookBay host to search against."</span><span class="p">;</span>
</span><span id="__span-4-14"><a id="__codelineno-4-14" name="__codelineno-4-14" href="#__codelineno-4-14"></a> <span class="p">};</span>
</span><span id="__span-4-15"><a id="__codelineno-4-15" name="__codelineno-4-15" href="#__codelineno-4-15"></a>
</span><span id="__span-4-16"><a id="__codelineno-4-16" name="__codelineno-4-16" href="#__codelineno-4-16"></a> <span class="ss">transmissionHost</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-4-17"><a id="__codelineno-4-17" name="__codelineno-4-17" href="#__codelineno-4-17"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-4-18"><a id="__codelineno-4-18" name="__codelineno-4-18" href="#__codelineno-4-18"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"127.0.0.1"</span><span class="p">;</span>
</span><span id="__span-4-19"><a id="__codelineno-4-19" name="__codelineno-4-19" href="#__codelineno-4-19"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Transmission RPC host."</span><span class="p">;</span>
</span><span id="__span-4-20"><a id="__codelineno-4-20" name="__codelineno-4-20" href="#__codelineno-4-20"></a> <span class="p">};</span>
</span><span id="__span-4-21"><a id="__codelineno-4-21" name="__codelineno-4-21" href="#__codelineno-4-21"></a>
</span><span id="__span-4-22"><a id="__codelineno-4-22" name="__codelineno-4-22" href="#__codelineno-4-22"></a> <span class="ss">transmissionPort</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-4-23"><a id="__codelineno-4-23" name="__codelineno-4-23" href="#__codelineno-4-23"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-4-24"><a id="__codelineno-4-24" name="__codelineno-4-24" href="#__codelineno-4-24"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">9091</span><span class="p">;</span>
</span><span id="__span-4-25"><a id="__codelineno-4-25" name="__codelineno-4-25" href="#__codelineno-4-25"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Transmission RPC port."</span><span class="p">;</span>
</span><span id="__span-4-26"><a id="__codelineno-4-26" name="__codelineno-4-26" href="#__codelineno-4-26"></a> <span class="p">};</span>
</span><span id="__span-4-27"><a id="__codelineno-4-27" name="__codelineno-4-27" href="#__codelineno-4-27"></a>
</span><span id="__span-4-28"><a id="__codelineno-4-28" name="__codelineno-4-28" href="#__codelineno-4-28"></a> <span class="ss">savePathBase</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-4-29"><a id="__codelineno-4-29" name="__codelineno-4-29" href="#__codelineno-4-29"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-4-30"><a id="__codelineno-4-30" name="__codelineno-4-30" href="#__codelineno-4-30"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"/mnt/media/downloads/torrents/audiobooks"</span><span class="p">;</span>
</span><span id="__span-4-31"><a id="__codelineno-4-31" name="__codelineno-4-31" href="#__codelineno-4-31"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-4-32"><a id="__codelineno-4-32" name="__codelineno-4-32" href="#__codelineno-4-32"></a><span class="s s-Multiline"> Base directory passed to Transmission as the per-torrent download</span>
</span><span id="__span-4-33"><a id="__codelineno-4-33" name="__codelineno-4-33" href="#__codelineno-4-33"></a><span class="s s-Multiline"> location (each book lands in <savePathBase>/<Title>/). Must be</span>
</span><span id="__span-4-34"><a id="__codelineno-4-34" name="__codelineno-4-34" href="#__codelineno-4-34"></a><span class="s s-Multiline"> writable by the Transmission service user; watched by the</span>
</span><span id="__span-4-35"><a id="__codelineno-4-35" name="__codelineno-4-35" href="#__codelineno-4-35"></a><span class="s s-Multiline"> audiobook-import pipeline.</span>
</span><span id="__span-4-36"><a id="__codelineno-4-36" name="__codelineno-4-36" href="#__codelineno-4-36"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-4-37"><a id="__codelineno-4-37" name="__codelineno-4-37" href="#__codelineno-4-37"></a> <span class="p">};</span>
</span><span id="__span-4-38"><a id="__codelineno-4-38" name="__codelineno-4-38" href="#__codelineno-4-38"></a>
</span><span id="__span-4-39"><a id="__codelineno-4-39" name="__codelineno-4-39" href="#__codelineno-4-39"></a> <span class="ss">category</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-4-40"><a id="__codelineno-4-40" name="__codelineno-4-40" href="#__codelineno-4-40"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-4-41"><a id="__codelineno-4-41" name="__codelineno-4-41" href="#__codelineno-4-41"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"Audiobookbay-Audiobooks"</span><span class="p">;</span>
</span><span id="__span-4-42"><a id="__codelineno-4-42" name="__codelineno-4-42" href="#__codelineno-4-42"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Download category/label tag."</span><span class="p">;</span>
</span><span id="__span-4-43"><a id="__codelineno-4-43" name="__codelineno-4-43" href="#__codelineno-4-43"></a> <span class="p">};</span>
</span><span id="__span-4-44"><a id="__codelineno-4-44" name="__codelineno-4-44" href="#__codelineno-4-44"></a>
</span><span id="__span-4-45"><a id="__codelineno-4-45" name="__codelineno-4-45" href="#__codelineno-4-45"></a> <span class="ss">listenLanInterface</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-4-46"><a id="__codelineno-4-46" name="__codelineno-4-46" href="#__codelineno-4-46"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-4-47"><a id="__codelineno-4-47" name="__codelineno-4-47" href="#__codelineno-4-47"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-4-48"><a id="__codelineno-4-48" name="__codelineno-4-48" href="#__codelineno-4-48"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"eno1"</span><span class="p">;</span>
</span><span id="__span-4-49"><a id="__codelineno-4-49" name="__codelineno-4-49" href="#__codelineno-4-49"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-4-50"><a id="__codelineno-4-50" name="__codelineno-4-50" href="#__codelineno-4-50"></a><span class="s s-Multiline"> LAN interface to open the port on, in addition to tailscale0 and</span>
</span><span id="__span-4-51"><a id="__codelineno-4-51" name="__codelineno-4-51" href="#__codelineno-4-51"></a><span class="s s-Multiline"> loopback. null exposes the UI only via Tailscale.</span>
</span><span id="__span-4-52"><a id="__codelineno-4-52" name="__codelineno-4-52" href="#__codelineno-4-52"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-4-53"><a id="__codelineno-4-53" name="__codelineno-4-53" href="#__codelineno-4-53"></a> <span class="p">};</span>
</span><span id="__span-4-54"><a id="__codelineno-4-54" name="__codelineno-4-54" href="#__codelineno-4-54"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="backstagenix"><code>backstage.nix</code><a class="headerlink" href="#backstagenix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/backstage.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/backstage.nix</code></a></p>
<p>Backstage developer portal.</p>
<p>Runs olafkfreund/backstage (a customised Spotify Backstage app) on p510
alongside a sibling Postgres container. Image is consumed from
ghcr.io/olafkfreund/backstage, pinned to a SHA digest (NEVER :latest —
that's a supply-chain risk: a leaked GHCR token could quietly swap the
running image).</p>
<p>Wiring overview:</p>
<p>┌─────────────────────────┐ ┌──────────────────────────┐
│ podman-backstage-postgres│◀────│ podman-backstage │
│ 127.0.0.1:5435 → 5432 │ │ 127.0.0.1:7007 → 7007 │
└─────────────────────────┘ └──────────────────────────┘
▲
│ Tailscale Serve
│ /backstage path
▼
https://p510.tail833f7.ts.net/backstage</p>
<p>Secrets (from agenix, loaded at runtime — never in the Nix store):
backstage-postgres-password → POSTGRES_PASSWORD
backstage-github-token → GITHUB_TOKEN (catalog integration)
backstage-github-oauth-client-id → AUTH_GITHUB_CLIENT_ID
backstage-github-oauth-client-secret → AUTH_GITHUB_CLIENT_SECRET</p>
<p>The secret-to-env bridge: a one-shot systemd unit (backstage-env-setup)
reads /run/agenix/backstage-* and writes /run/backstage/env-{postgres,
backstage}, consumed by the container services as environmentFiles.
/run/backstage is tmpfs (cleared on every boot — secrets re-emitted each
time the unit runs).</p>
<p>This module is intentionally disabled by default. Flip
features.backstage.enable = true on p510 only AFTER:
1. Phase 1 image is in ghcr.io with a real SHA digest
2. Phase 2 agenix secrets exist and have been rekeyed
3. Phase 4 Tailscale Serve route is added
See olafkfreund/nixos_config epic #731.</p>
<ul>
<li><strong>Enable option:</strong> Backstage developer portal</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-5-1"><a id="__codelineno-5-1" name="__codelineno-5-1" href="#__codelineno-5-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">backstage</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-5-2"><a id="__codelineno-5-2" name="__codelineno-5-2" href="#__codelineno-5-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Backstage developer portal"</span><span class="p">;</span>
</span><span id="__span-5-3"><a id="__codelineno-5-3" name="__codelineno-5-3" href="#__codelineno-5-3"></a>
</span><span id="__span-5-4"><a id="__codelineno-5-4" name="__codelineno-5-4" href="#__codelineno-5-4"></a> <span class="ss">image</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-5-5"><a id="__codelineno-5-5" name="__codelineno-5-5" href="#__codelineno-5-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-5-6"><a id="__codelineno-5-6" name="__codelineno-5-6" href="#__codelineno-5-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"ghcr.io/olafkfreund/backstage@sha256:33a836eb6a7b8d45e5ef240e973ba2dd1856e377a31b1c952fa244b2d3dd70bc"</span><span class="p">;</span>
</span><span id="__span-5-7"><a id="__codelineno-5-7" name="__codelineno-5-7" href="#__codelineno-5-7"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"ghcr.io/olafkfreund/backstage@sha256:abc123..."</span><span class="p">;</span>
</span><span id="__span-5-8"><a id="__codelineno-5-8" name="__codelineno-5-8" href="#__codelineno-5-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-5-9"><a id="__codelineno-5-9" name="__codelineno-5-9" href="#__codelineno-5-9"></a><span class="s s-Multiline"> OCI image to pull for the Backstage backend. MUST be pinned to a</span>
</span><span id="__span-5-10"><a id="__codelineno-5-10" name="__codelineno-5-10" href="#__codelineno-5-10"></a><span class="s s-Multiline"> SHA256 digest (the @sha256:... form). Do NOT use :latest — updates</span>
</span><span id="__span-5-11"><a id="__codelineno-5-11" name="__codelineno-5-11" href="#__codelineno-5-11"></a><span class="s s-Multiline"> should be explicit nixos commits so a leaked GHCR token can't</span>
</span><span id="__span-5-12"><a id="__codelineno-5-12" name="__codelineno-5-12" href="#__codelineno-5-12"></a><span class="s s-Multiline"> quietly swap the running image.</span>
</span><span id="__span-5-13"><a id="__codelineno-5-13" name="__codelineno-5-13" href="#__codelineno-5-13"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-5-14"><a id="__codelineno-5-14" name="__codelineno-5-14" href="#__codelineno-5-14"></a> <span class="p">};</span>
</span><span id="__span-5-15"><a id="__codelineno-5-15" name="__codelineno-5-15" href="#__codelineno-5-15"></a>
</span><span id="__span-5-16"><a id="__codelineno-5-16" name="__codelineno-5-16" href="#__codelineno-5-16"></a> <span class="ss">postgresImage</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-5-17"><a id="__codelineno-5-17" name="__codelineno-5-17" href="#__codelineno-5-17"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-5-18"><a id="__codelineno-5-18" name="__codelineno-5-18" href="#__codelineno-5-18"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"docker.io/postgres:16-alpine"</span><span class="p">;</span>
</span><span id="__span-5-19"><a id="__codelineno-5-19" name="__codelineno-5-19" href="#__codelineno-5-19"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"OCI image for the Postgres sidecar."</span><span class="p">;</span>
</span><span id="__span-5-20"><a id="__codelineno-5-20" name="__codelineno-5-20" href="#__codelineno-5-20"></a> <span class="p">};</span>
</span><span id="__span-5-21"><a id="__codelineno-5-21" name="__codelineno-5-21" href="#__codelineno-5-21"></a>
</span><span id="__span-5-22"><a id="__codelineno-5-22" name="__codelineno-5-22" href="#__codelineno-5-22"></a> <span class="ss">port</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-5-23"><a id="__codelineno-5-23" name="__codelineno-5-23" href="#__codelineno-5-23"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-5-24"><a id="__codelineno-5-24" name="__codelineno-5-24" href="#__codelineno-5-24"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">7007</span><span class="p">;</span>
</span><span id="__span-5-25"><a id="__codelineno-5-25" name="__codelineno-5-25" href="#__codelineno-5-25"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Localhost port the Backstage backend binds to."</span><span class="p">;</span>
</span><span id="__span-5-26"><a id="__codelineno-5-26" name="__codelineno-5-26" href="#__codelineno-5-26"></a> <span class="p">};</span>
</span><span id="__span-5-27"><a id="__codelineno-5-27" name="__codelineno-5-27" href="#__codelineno-5-27"></a>
</span><span id="__span-5-28"><a id="__codelineno-5-28" name="__codelineno-5-28" href="#__codelineno-5-28"></a> <span class="ss">pgPort</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-5-29"><a id="__codelineno-5-29" name="__codelineno-5-29" href="#__codelineno-5-29"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-5-30"><a id="__codelineno-5-30" name="__codelineno-5-30" href="#__codelineno-5-30"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">5435</span><span class="p">;</span>
</span><span id="__span-5-31"><a id="__codelineno-5-31" name="__codelineno-5-31" href="#__codelineno-5-31"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-5-32"><a id="__codelineno-5-32" name="__codelineno-5-32" href="#__codelineno-5-32"></a><span class="s s-Multiline"> Localhost port for Backstage's Postgres. 5435 avoids colliding with</span>
</span><span id="__span-5-33"><a id="__codelineno-5-33" name="__codelineno-5-33" href="#__codelineno-5-33"></a><span class="s s-Multiline"> skill-pool's 5434 on p620 (in case that ever migrates to p510) and</span>
</span><span id="__span-5-34"><a id="__codelineno-5-34" name="__codelineno-5-34" href="#__codelineno-5-34"></a><span class="s s-Multiline"> with a typical host Postgres on 5432.</span>
</span><span id="__span-5-35"><a id="__codelineno-5-35" name="__codelineno-5-35" href="#__codelineno-5-35"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-5-36"><a id="__codelineno-5-36" name="__codelineno-5-36" href="#__codelineno-5-36"></a> <span class="p">};</span>
</span><span id="__span-5-37"><a id="__codelineno-5-37" name="__codelineno-5-37" href="#__codelineno-5-37"></a>
</span><span id="__span-5-38"><a id="__codelineno-5-38" name="__codelineno-5-38" href="#__codelineno-5-38"></a> <span class="ss">pgDatabase</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-5-39"><a id="__codelineno-5-39" name="__codelineno-5-39" href="#__codelineno-5-39"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-5-40"><a id="__codelineno-5-40" name="__codelineno-5-40" href="#__codelineno-5-40"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"backstage"</span><span class="p">;</span>
</span><span id="__span-5-41"><a id="__codelineno-5-41" name="__codelineno-5-41" href="#__codelineno-5-41"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Postgres database name."</span><span class="p">;</span>
</span><span id="__span-5-42"><a id="__codelineno-5-42" name="__codelineno-5-42" href="#__codelineno-5-42"></a> <span class="p">};</span>
</span><span id="__span-5-43"><a id="__codelineno-5-43" name="__codelineno-5-43" href="#__codelineno-5-43"></a>
</span><span id="__span-5-44"><a id="__codelineno-5-44" name="__codelineno-5-44" href="#__codelineno-5-44"></a> <span class="ss">pgUser</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-5-45"><a id="__codelineno-5-45" name="__codelineno-5-45" href="#__codelineno-5-45"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-5-46"><a id="__codelineno-5-46" name="__codelineno-5-46" href="#__codelineno-5-46"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"backstage"</span><span class="p">;</span>
</span><span id="__span-5-47"><a id="__codelineno-5-47" name="__codelineno-5-47" href="#__codelineno-5-47"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Postgres user."</span><span class="p">;</span>
</span><span id="__span-5-48"><a id="__codelineno-5-48" name="__codelineno-5-48" href="#__codelineno-5-48"></a> <span class="p">};</span>
</span><span id="__span-5-49"><a id="__codelineno-5-49" name="__codelineno-5-49" href="#__codelineno-5-49"></a>
</span><span id="__span-5-50"><a id="__codelineno-5-50" name="__codelineno-5-50" href="#__codelineno-5-50"></a> <span class="ss">publicUrl</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-5-51"><a id="__codelineno-5-51" name="__codelineno-5-51" href="#__codelineno-5-51"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-5-52"><a id="__codelineno-5-52" name="__codelineno-5-52" href="#__codelineno-5-52"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"https://p510.tail833f7.ts.net/backstage"</span><span class="p">;</span>
</span><span id="__span-5-53"><a id="__codelineno-5-53" name="__codelineno-5-53" href="#__codelineno-5-53"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-5-54"><a id="__codelineno-5-54" name="__codelineno-5-54" href="#__codelineno-5-54"></a><span class="s s-Multiline"> Public-facing base URL Backstage uses for app.baseUrl,</span>
</span><span id="__span-5-55"><a id="__codelineno-5-55" name="__codelineno-5-55" href="#__codelineno-5-55"></a><span class="s s-Multiline"> backend.baseUrl, CORS origin, and OAuth callbacks. If you rename</span>
</span><span id="__span-5-56"><a id="__codelineno-5-56" name="__codelineno-5-56" href="#__codelineno-5-56"></a><span class="s s-Multiline"> your tailnet or move Backstage to a different host, update this</span>
</span><span id="__span-5-57"><a id="__codelineno-5-57" name="__codelineno-5-57" href="#__codelineno-5-57"></a><span class="s s-Multiline"> AND the GitHub OAuth App's authorization callback URL (which</span>
</span><span id="__span-5-58"><a id="__codelineno-5-58" name="__codelineno-5-58" href="#__codelineno-5-58"></a><span class="s s-Multiline"> must match exactly).</span>
</span><span id="__span-5-59"><a id="__codelineno-5-59" name="__codelineno-5-59" href="#__codelineno-5-59"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-5-60"><a id="__codelineno-5-60" name="__codelineno-5-60" href="#__codelineno-5-60"></a> <span class="p">};</span>
</span><span id="__span-5-61"><a id="__codelineno-5-61" name="__codelineno-5-61" href="#__codelineno-5-61"></a>
</span><span id="__span-5-62"><a id="__codelineno-5-62" name="__codelineno-5-62" href="#__codelineno-5-62"></a> <span class="ss">memoryHigh</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-5-63"><a id="__codelineno-5-63" name="__codelineno-5-63" href="#__codelineno-5-63"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-5-64"><a id="__codelineno-5-64" name="__codelineno-5-64" href="#__codelineno-5-64"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"2G"</span><span class="p">;</span>
</span><span id="__span-5-65"><a id="__codelineno-5-65" name="__codelineno-5-65" href="#__codelineno-5-65"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-5-66"><a id="__codelineno-5-66" name="__codelineno-5-66" href="#__codelineno-5-66"></a><span class="s s-Multiline"> Soft memory cap on the Backstage container (passed as --memory to</span>
</span><span id="__span-5-67"><a id="__codelineno-5-67" name="__codelineno-5-67" href="#__codelineno-5-67"></a><span class="s s-Multiline"> podman). Caps blast radius if Backstage leaks memory while Plex</span>
</span><span id="__span-5-68"><a id="__codelineno-5-68" name="__codelineno-5-68" href="#__codelineno-5-68"></a><span class="s s-Multiline"> transcode + Ollama are running. Epic #731 risk #3.</span>
</span><span id="__span-5-69"><a id="__codelineno-5-69" name="__codelineno-5-69" href="#__codelineno-5-69"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-5-70"><a id="__codelineno-5-70" name="__codelineno-5-70" href="#__codelineno-5-70"></a> <span class="p">};</span>
</span><span id="__span-5-71"><a id="__codelineno-5-71" name="__codelineno-5-71" href="#__codelineno-5-71"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="bazarrnix"><code>bazarr.nix</code><a class="headerlink" href="#bazarrnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/bazarr.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/bazarr.nix</code></a></p>
<p>Bazarr — subtitle manager for Sonarr/Radarr/Lidarr on p510.</p>
<p>Thin wrapper over nixpkgs's services.bazarr. We add a feature flag for
consistency with the other media services, plus narrow the firewall
opening to tailscale0 (and optionally a named LAN interface) instead
of using <code>openFirewall = true</code> which would expose the port globally.</p>
<p>Storage: nixpkgs default <code>/var/lib/bazarr</code> (small config + SQLite db).
Subtitle .srt files are written <em>next to</em> the video files in
<code>/mnt/media</code>, not into Bazarr's own data dir — no extra config needed.</p>
<p>First-deploy UX (one-time, in the Bazarr web UI at http://p510:6767):
1. Settings → Sonarr → add: localhost:8989 + SONARR_API_KEY
2. Settings → Radarr → add: localhost:7878 + RADARR_API_KEY
(API keys can be found in arr-suite-mcp-env.age — pasted via UI;
Bazarr stores them in its own DB after that)
3. Settings → Languages → enable Norwegian Bokmål (nb) + English (en)
4. Settings → Languages → Default Profile:
a. Norwegian Bokmål (forced=False)
b. English (forced=False)
5. Settings → Providers → enable OpenSubtitles.com (anonymous works;
authenticate later for higher daily quota)
6. Tick "use embedded subs" if present (saves a download when the
release already has subs muxed in)</p>
<p>Phase 2 candidate: declarative initial-config via Bazarr's REST API at
first deploy, similar to the *arr webhook wiring for media-bot.</p>
<ul>
<li><strong>Enable option:</strong> Bazarr subtitle manager</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-6-1"><a id="__codelineno-6-1" name="__codelineno-6-1" href="#__codelineno-6-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">bazarr</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-6-2"><a id="__codelineno-6-2" name="__codelineno-6-2" href="#__codelineno-6-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Bazarr subtitle manager"</span><span class="p">;</span>
</span><span id="__span-6-3"><a id="__codelineno-6-3" name="__codelineno-6-3" href="#__codelineno-6-3"></a>
</span><span id="__span-6-4"><a id="__codelineno-6-4" name="__codelineno-6-4" href="#__codelineno-6-4"></a> <span class="ss">listenLanInterface</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-6-5"><a id="__codelineno-6-5" name="__codelineno-6-5" href="#__codelineno-6-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-6-6"><a id="__codelineno-6-6" name="__codelineno-6-6" href="#__codelineno-6-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-6-7"><a id="__codelineno-6-7" name="__codelineno-6-7" href="#__codelineno-6-7"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"eno1"</span><span class="p">;</span>
</span><span id="__span-6-8"><a id="__codelineno-6-8" name="__codelineno-6-8" href="#__codelineno-6-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-6-9"><a id="__codelineno-6-9" name="__codelineno-6-9" href="#__codelineno-6-9"></a><span class="s s-Multiline"> LAN interface to also open the Bazarr port on, in addition to</span>
</span><span id="__span-6-10"><a id="__codelineno-6-10" name="__codelineno-6-10" href="#__codelineno-6-10"></a><span class="s s-Multiline"> tailscale0. null exposes the service only via Tailscale (the</span>
</span><span id="__span-6-11"><a id="__codelineno-6-11" name="__codelineno-6-11" href="#__codelineno-6-11"></a><span class="s s-Multiline"> recommended setting; Bazarr's UI is fine over the tailnet).</span>
</span><span id="__span-6-12"><a id="__codelineno-6-12" name="__codelineno-6-12" href="#__codelineno-6-12"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-6-13"><a id="__codelineno-6-13" name="__codelineno-6-13" href="#__codelineno-6-13"></a> <span class="p">};</span>
</span><span id="__span-6-14"><a id="__codelineno-6-14" name="__codelineno-6-14" href="#__codelineno-6-14"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="bluetoothnix"><code>bluetooth.nix</code><a class="headerlink" href="#bluetoothnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/bluetooth/bluetooth.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/bluetooth/bluetooth.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="citrix-workspacenix"><code>citrix-workspace.nix</code><a class="headerlink" href="#citrix-workspacenix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/citrix-workspace.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/citrix-workspace.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> Citrix Workspace</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>package</code>, <code>acceptLicense</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-7-1"><a id="__codelineno-7-1" name="__codelineno-7-1" href="#__codelineno-7-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">citrix-workspace</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-7-2"><a id="__codelineno-7-2" name="__codelineno-7-2" href="#__codelineno-7-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"Citrix Workspace"</span><span class="p">;</span>
</span><span id="__span-7-3"><a id="__codelineno-7-3" name="__codelineno-7-3" href="#__codelineno-7-3"></a>
</span><span id="__span-7-4"><a id="__codelineno-7-4" name="__codelineno-7-4" href="#__codelineno-7-4"></a> <span class="ss">package</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-7-5"><a id="__codelineno-7-5" name="__codelineno-7-5" href="#__codelineno-7-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>package<span class="p">;</span>
</span><span id="__span-7-6"><a id="__codelineno-7-6" name="__codelineno-7-6" href="#__codelineno-7-6"></a> <span class="ss">default</span> <span class="o">=</span> pkgs<span class="o">.</span>citrix_workspace<span class="p">;</span>
</span><span id="__span-7-7"><a id="__codelineno-7-7" name="__codelineno-7-7" href="#__codelineno-7-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Citrix Workspace package to use"</span><span class="p">;</span>
</span><span id="__span-7-8"><a id="__codelineno-7-8" name="__codelineno-7-8" href="#__codelineno-7-8"></a> <span class="p">};</span>
</span><span id="__span-7-9"><a id="__codelineno-7-9" name="__codelineno-7-9" href="#__codelineno-7-9"></a>
</span><span id="__span-7-10"><a id="__codelineno-7-10" name="__codelineno-7-10" href="#__codelineno-7-10"></a> <span class="ss">acceptLicense</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-7-11"><a id="__codelineno-7-11" name="__codelineno-7-11" href="#__codelineno-7-11"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-7-12"><a id="__codelineno-7-12" name="__codelineno-7-12" href="#__codelineno-7-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-7-13"><a id="__codelineno-7-13" name="__codelineno-7-13" href="#__codelineno-7-13"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-7-14"><a id="__codelineno-7-14" name="__codelineno-7-14" href="#__codelineno-7-14"></a><span class="s s-Multiline"> Accept the Citrix Workspace End User License Agreement.</span>
</span><span id="__span-7-15"><a id="__codelineno-7-15" name="__codelineno-7-15" href="#__codelineno-7-15"></a>
</span><span id="__span-7-16"><a id="__codelineno-7-16" name="__codelineno-7-16" href="#__codelineno-7-16"></a><span class="s s-Multiline"> WARNING: By setting this to true, you accept the Citrix EULA.</span>
</span><span id="__span-7-17"><a id="__codelineno-7-17" name="__codelineno-7-17" href="#__codelineno-7-17"></a><span class="s s-Multiline"> You must manually download the tarball from Citrix if required.</span>
</span><span id="__span-7-18"><a id="__codelineno-7-18" name="__codelineno-7-18" href="#__codelineno-7-18"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-7-19"><a id="__codelineno-7-19" name="__codelineno-7-19" href="#__codelineno-7-19"></a> <span class="p">};</span>
</span><span id="__span-7-20"><a id="__codelineno-7-20" name="__codelineno-7-20" href="#__codelineno-7-20"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="cloudflarednix"><code>cloudflared.nix</code><a class="headerlink" href="#cloudflarednix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/cloudflared.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/cloudflared.nix</code></a></p>
<p>Cloudflare Tunnel — public ingress for p510 services from behind Starlink CGNAT.</p>
<p>Outbound-only tunnel from p510 to Cloudflare's edge. No port forwards, no
public IP needed. Each route maps a hostname under <code>freundcloud.org.uk</code>
(Cloudflare-managed zone) to a local URL on p510.</p>
<p>Thin feature-flag wrapper over upstream <code>services.cloudflared</code>. The
credentials.json from <code>cloudflared tunnel create</code> lives in agenix
(cloudflared-credentials.age); the cert.pem from <code>cloudflared login</code>
lives in agenix too (cloudflared-cert.age). Routes are declarative —
add a new entry to <code>cfg.ingress</code>, deploy, optionally run
<code>cloudflared tunnel route dns <tunnel> <hostname></code> once to add the
Cloudflare DNS CNAME (or do it via dashboard).</p>
<p>One-time bootstrap (run on a workstation with browser access — NOT p510):
1. nix-shell -p cloudflared
2. cloudflared login # → opens browser; saves ~/.cloudflared/cert.pem
3. cloudflared tunnel create p510-home</p>
<h1 id="prints-tunnel-uuid-saves-cloudflaredjson">→ prints tunnel UUID, saves ~/.cloudflared/<UUID>.json<a class="headerlink" href="#prints-tunnel-uuid-saves-cloudflaredjson" title="Anchor link to this section">¶</a></h1>
<ol>
<li>Copy cert.pem + <UUID>.json into agenix via manage-secrets.sh
(one secret each: cloudflared-cert, cloudflared-credentials)</li>
<li>Set features.cloudflared.tunnelId to the UUID and deploy</li>
</ol>
<p>Adding a Cloudflare DNS record for a hostname (one-time per hostname):
cloudflared tunnel route dns p510-home argocd.freundcloud.org.uk</p>
<h1 id="or-click-route-in-the-cloudflare-zero-trust-dashboard">or click-route in the Cloudflare Zero Trust dashboard<a class="headerlink" href="#or-click-route-in-the-cloudflare-zero-trust-dashboard" title="Anchor link to this section">¶</a></h1>
<p>References:
https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/
https://nixos.wiki/wiki/Cloudflare_tunnel</p>
<ul>
<li><strong>Enable option:</strong> Cloudflare Tunnel client — public ingress from behind Starlink CGNAT</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-8-1"><a id="__codelineno-8-1" name="__codelineno-8-1" href="#__codelineno-8-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">cloudflared</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-8-2"><a id="__codelineno-8-2" name="__codelineno-8-2" href="#__codelineno-8-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Cloudflare Tunnel client — public ingress from behind Starlink CGNAT"</span><span class="p">;</span>
</span><span id="__span-8-3"><a id="__codelineno-8-3" name="__codelineno-8-3" href="#__codelineno-8-3"></a>
</span><span id="__span-8-4"><a id="__codelineno-8-4" name="__codelineno-8-4" href="#__codelineno-8-4"></a> <span class="ss">tunnelId</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-8-5"><a id="__codelineno-8-5" name="__codelineno-8-5" href="#__codelineno-8-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-8-6"><a id="__codelineno-8-6" name="__codelineno-8-6" href="#__codelineno-8-6"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-8-7"><a id="__codelineno-8-7" name="__codelineno-8-7" href="#__codelineno-8-7"></a><span class="s s-Multiline"> Tunnel UUID issued by `cloudflared tunnel create`. The credentials</span>
</span><span id="__span-8-8"><a id="__codelineno-8-8" name="__codelineno-8-8" href="#__codelineno-8-8"></a><span class="s s-Multiline"> file in agenix MUST match this UUID — they are paired.</span>
</span><span id="__span-8-9"><a id="__codelineno-8-9" name="__codelineno-8-9" href="#__codelineno-8-9"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-8-10"><a id="__codelineno-8-10" name="__codelineno-8-10" href="#__codelineno-8-10"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"deadbeef-1234-5678-9abc-def012345678"</span><span class="p">;</span>
</span><span id="__span-8-11"><a id="__codelineno-8-11" name="__codelineno-8-11" href="#__codelineno-8-11"></a> <span class="p">};</span>
</span><span id="__span-8-12"><a id="__codelineno-8-12" name="__codelineno-8-12" href="#__codelineno-8-12"></a>
</span><span id="__span-8-13"><a id="__codelineno-8-13" name="__codelineno-8-13" href="#__codelineno-8-13"></a> <span class="ss">ingress</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-8-14"><a id="__codelineno-8-14" name="__codelineno-8-14" href="#__codelineno-8-14"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>attrsOf lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-8-15"><a id="__codelineno-8-15" name="__codelineno-8-15" href="#__codelineno-8-15"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">{</span> <span class="p">};</span>
</span><span id="__span-8-16"><a id="__codelineno-8-16" name="__codelineno-8-16" href="#__codelineno-8-16"></a> <span class="ss">example</span> <span class="o">=</span> lib<span class="o">.</span>literalExpression <span class="s s-Multiline">''</span>
</span><span id="__span-8-17"><a id="__codelineno-8-17" name="__codelineno-8-17" href="#__codelineno-8-17"></a><span class="s s-Multiline"> {</span>
</span><span id="__span-8-18"><a id="__codelineno-8-18" name="__codelineno-8-18" href="#__codelineno-8-18"></a><span class="s s-Multiline"> "argocd.freundcloud.org.uk" = "http://localhost:80";</span>
</span><span id="__span-8-19"><a id="__codelineno-8-19" name="__codelineno-8-19" href="#__codelineno-8-19"></a><span class="s s-Multiline"> "backstage.freundcloud.org.uk" = "http://localhost:7007";</span>
</span><span id="__span-8-20"><a id="__codelineno-8-20" name="__codelineno-8-20" href="#__codelineno-8-20"></a><span class="s s-Multiline"> }</span>
</span><span id="__span-8-21"><a id="__codelineno-8-21" name="__codelineno-8-21" href="#__codelineno-8-21"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-8-22"><a id="__codelineno-8-22" name="__codelineno-8-22" href="#__codelineno-8-22"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-8-23"><a id="__codelineno-8-23" name="__codelineno-8-23" href="#__codelineno-8-23"></a><span class="s s-Multiline"> Map of public hostnames to local service URLs that cloudflared will</span>
</span><span id="__span-8-24"><a id="__codelineno-8-24" name="__codelineno-8-24" href="#__codelineno-8-24"></a><span class="s s-Multiline"> proxy. Each hostname MUST also have a Cloudflare DNS CNAME pointing</span>
</span><span id="__span-8-25"><a id="__codelineno-8-25" name="__codelineno-8-25" href="#__codelineno-8-25"></a><span class="s s-Multiline"> at <tunnelId>.cfargotunnel.com — created once via:</span>
</span><span id="__span-8-26"><a id="__codelineno-8-26" name="__codelineno-8-26" href="#__codelineno-8-26"></a>
</span><span id="__span-8-27"><a id="__codelineno-8-27" name="__codelineno-8-27" href="#__codelineno-8-27"></a><span class="s s-Multiline"> cloudflared tunnel route dns p510-home <hostname></span>
</span><span id="__span-8-28"><a id="__codelineno-8-28" name="__codelineno-8-28" href="#__codelineno-8-28"></a>
</span><span id="__span-8-29"><a id="__codelineno-8-29" name="__codelineno-8-29" href="#__codelineno-8-29"></a><span class="s s-Multiline"> or via the Cloudflare Zero Trust dashboard.</span>
</span><span id="__span-8-30"><a id="__codelineno-8-30" name="__codelineno-8-30" href="#__codelineno-8-30"></a>
</span><span id="__span-8-31"><a id="__codelineno-8-31" name="__codelineno-8-31" href="#__codelineno-8-31"></a><span class="s s-Multiline"> Default fallback (`services.cloudflared.tunnels.<id>.default`) is</span>
</span><span id="__span-8-32"><a id="__codelineno-8-32" name="__codelineno-8-32" href="#__codelineno-8-32"></a><span class="s s-Multiline"> set below to `http_status:404` so any miss returns a clean 404</span>
</span><span id="__span-8-33"><a id="__codelineno-8-33" name="__codelineno-8-33" href="#__codelineno-8-33"></a><span class="s s-Multiline"> rather than leaking that the tunnel exists.</span>
</span><span id="__span-8-34"><a id="__codelineno-8-34" name="__codelineno-8-34" href="#__codelineno-8-34"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-8-35"><a id="__codelineno-8-35" name="__codelineno-8-35" href="#__codelineno-8-35"></a> <span class="p">};</span>
</span><span id="__span-8-36"><a id="__codelineno-8-36" name="__codelineno-8-36" href="#__codelineno-8-36"></a>
</span><span id="__span-8-37"><a id="__codelineno-8-37" name="__codelineno-8-37" href="#__codelineno-8-37"></a> <span class="ss">keepalive</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-8-38"><a id="__codelineno-8-38" name="__codelineno-8-38" href="#__codelineno-8-38"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s s-Multiline">''</span>
</span><span id="__span-8-39"><a id="__codelineno-8-39" name="__codelineno-8-39" href="#__codelineno-8-39"></a><span class="s s-Multiline"> Periodic GET against each ingress origin to keep apps warm.</span>
</span><span id="__span-8-40"><a id="__codelineno-8-40" name="__codelineno-8-40" href="#__codelineno-8-40"></a>
</span><span id="__span-8-41"><a id="__codelineno-8-41" name="__codelineno-8-41" href="#__codelineno-8-41"></a><span class="s s-Multiline"> Cloudflare opens a fresh TCP connection to the origin per request,</span>
</span><span id="__span-8-42"><a id="__codelineno-8-42" name="__codelineno-8-42" href="#__codelineno-8-42"></a><span class="s s-Multiline"> so any app behind the tunnel that idles aggressively (Node SPAs,</span>
</span><span id="__span-8-43"><a id="__codelineno-8-43" name="__codelineno-8-43" href="#__codelineno-8-43"></a><span class="s s-Multiline"> gunicorn workers, JVMs, podman containers without --keepalive)</span>
</span><span id="__span-8-44"><a id="__codelineno-8-44" name="__codelineno-8-44" href="#__codelineno-8-44"></a><span class="s s-Multiline"> will cold-start on the first hit and the SPA may render blank</span>
</span><span id="__span-8-45"><a id="__codelineno-8-45" name="__codelineno-8-45" href="#__codelineno-8-45"></a><span class="s s-Multiline"> while it boots. A 2-minute heartbeat sidesteps this entirely.</span>
</span><span id="__span-8-46"><a id="__codelineno-8-46" name="__codelineno-8-46" href="#__codelineno-8-46"></a>
</span><span id="__span-8-47"><a id="__codelineno-8-47" name="__codelineno-8-47" href="#__codelineno-8-47"></a><span class="s s-Multiline"> Hits the LOCAL origin URLs directly — does not exercise the</span>
</span><span id="__span-8-48"><a id="__codelineno-8-48" name="__codelineno-8-48" href="#__codelineno-8-48"></a><span class="s s-Multiline"> cloudflared edge path, just the origin app, which is what needs</span>
</span><span id="__span-8-49"><a id="__codelineno-8-49" name="__codelineno-8-49" href="#__codelineno-8-49"></a><span class="s s-Multiline"> keeping warm.</span>
</span><span id="__span-8-50"><a id="__codelineno-8-50" name="__codelineno-8-50" href="#__codelineno-8-50"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-8-51"><a id="__codelineno-8-51" name="__codelineno-8-51" href="#__codelineno-8-51"></a>
</span><span id="__span-8-52"><a id="__codelineno-8-52" name="__codelineno-8-52" href="#__codelineno-8-52"></a> <span class="ss">interval</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-8-53"><a id="__codelineno-8-53" name="__codelineno-8-53" href="#__codelineno-8-53"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-8-54"><a id="__codelineno-8-54" name="__codelineno-8-54" href="#__codelineno-8-54"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"2min"</span><span class="p">;</span>
</span><span id="__span-8-55"><a id="__codelineno-8-55" name="__codelineno-8-55" href="#__codelineno-8-55"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"5min"</span><span class="p">;</span>
</span><span id="__span-8-56"><a id="__codelineno-8-56" name="__codelineno-8-56" href="#__codelineno-8-56"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-8-57"><a id="__codelineno-8-57" name="__codelineno-8-57" href="#__codelineno-8-57"></a><span class="s s-Multiline"> systemd `OnUnitActiveSec` interval between keepalive runs.</span>
</span><span id="__span-8-58"><a id="__codelineno-8-58" name="__codelineno-8-58" href="#__codelineno-8-58"></a><span class="s s-Multiline"> Default 2min is comfortably under typical idle-recycle windows</span>
</span><span id="__span-8-59"><a id="__codelineno-8-59" name="__codelineno-8-59" href="#__codelineno-8-59"></a><span class="s s-Multiline"> (Node `keepAliveTimeout`, gunicorn worker recycling, k8s HPA</span>
</span><span id="__span-8-60"><a id="__codelineno-8-60" name="__codelineno-8-60" href="#__codelineno-8-60"></a><span class="s s-Multiline"> scale-to-zero) without generating meaningful load.</span>
</span><span id="__span-8-61"><a id="__codelineno-8-61" name="__codelineno-8-61" href="#__codelineno-8-61"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-8-62"><a id="__codelineno-8-62" name="__codelineno-8-62" href="#__codelineno-8-62"></a> <span class="p">};</span>
</span><span id="__span-8-63"><a id="__codelineno-8-63" name="__codelineno-8-63" href="#__codelineno-8-63"></a>
</span><span id="__span-8-64"><a id="__codelineno-8-64" name="__codelineno-8-64" href="#__codelineno-8-64"></a> <span class="ss">timeout</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-8-65"><a id="__codelineno-8-65" name="__codelineno-8-65" href="#__codelineno-8-65"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-8-66"><a id="__codelineno-8-66" name="__codelineno-8-66" href="#__codelineno-8-66"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">10</span><span class="p">;</span>
</span><span id="__span-8-67"><a id="__codelineno-8-67" name="__codelineno-8-67" href="#__codelineno-8-67"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-8-68"><a id="__codelineno-8-68" name="__codelineno-8-68" href="#__codelineno-8-68"></a><span class="s s-Multiline"> Per-origin curl timeout in seconds. Kept short so a single</span>
</span><span id="__span-8-69"><a id="__codelineno-8-69" name="__codelineno-8-69" href="#__codelineno-8-69"></a><span class="s s-Multiline"> slow origin doesn't delay the rest of the sweep.</span>
</span><span id="__span-8-70"><a id="__codelineno-8-70" name="__codelineno-8-70" href="#__codelineno-8-70"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-8-71"><a id="__codelineno-8-71" name="__codelineno-8-71" href="#__codelineno-8-71"></a> <span class="p">};</span>
</span><span id="__span-8-72"><a id="__codelineno-8-72" name="__codelineno-8-72" href="#__codelineno-8-72"></a> <span class="p">};</span>
</span><span id="__span-8-73"><a id="__codelineno-8-73" name="__codelineno-8-73" href="#__codelineno-8-73"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="cronnix"><code>cron.nix</code><a class="headerlink" href="#cronnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/cron/cron.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/cron/cron.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="defaultnix_2"><code>default.nix</code><a class="headerlink" href="#defaultnix_2" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="secure-dnsnix"><code>secure-dns.nix</code><a class="headerlink" href="#secure-dnsnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/dns/secure-dns.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/dns/secure-dns.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> Secure DNS with enhanced stability</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>dnssec</code>, <code>useStubResolver</code>, <code>fallbackProviders</code>, <code>cacheSize</code>, <code>dnsOverTls</code>, <code>networkManagerIntegration</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-9-1"><a id="__codelineno-9-1" name="__codelineno-9-1" href="#__codelineno-9-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">secure-dns</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-9-2"><a id="__codelineno-9-2" name="__codelineno-9-2" href="#__codelineno-9-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"Secure DNS with enhanced stability"</span><span class="p">;</span>
</span><span id="__span-9-3"><a id="__codelineno-9-3" name="__codelineno-9-3" href="#__codelineno-9-3"></a>
</span><span id="__span-9-4"><a id="__codelineno-9-4" name="__codelineno-9-4" href="#__codelineno-9-4"></a> <span class="ss">dnssec</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-9-5"><a id="__codelineno-9-5" name="__codelineno-9-5" href="#__codelineno-9-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>enum <span class="p">[</span> <span class="s2">"true"</span> <span class="s2">"false"</span> <span class="s2">"allow-downgrade"</span> <span class="p">];</span>
</span><span id="__span-9-6"><a id="__codelineno-9-6" name="__codelineno-9-6" href="#__codelineno-9-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"true"</span><span class="p">;</span>
</span><span id="__span-9-7"><a id="__codelineno-9-7" name="__codelineno-9-7" href="#__codelineno-9-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Whether to enable DNSSEC validation"</span><span class="p">;</span>
</span><span id="__span-9-8"><a id="__codelineno-9-8" name="__codelineno-9-8" href="#__codelineno-9-8"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"allow-downgrade"</span><span class="p">;</span>
</span><span id="__span-9-9"><a id="__codelineno-9-9" name="__codelineno-9-9" href="#__codelineno-9-9"></a> <span class="p">};</span>
</span><span id="__span-9-10"><a id="__codelineno-9-10" name="__codelineno-9-10" href="#__codelineno-9-10"></a>
</span><span id="__span-9-11"><a id="__codelineno-9-11" name="__codelineno-9-11" href="#__codelineno-9-11"></a> <span class="ss">useStubResolver</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-9-12"><a id="__codelineno-9-12" name="__codelineno-9-12" href="#__codelineno-9-12"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-9-13"><a id="__codelineno-9-13" name="__codelineno-9-13" href="#__codelineno-9-13"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-9-14"><a id="__codelineno-9-14" name="__codelineno-9-14" href="#__codelineno-9-14"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Use systemd-resolved's stub resolver"</span><span class="p">;</span>
</span><span id="__span-9-15"><a id="__codelineno-9-15" name="__codelineno-9-15" href="#__codelineno-9-15"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-9-16"><a id="__codelineno-9-16" name="__codelineno-9-16" href="#__codelineno-9-16"></a> <span class="p">};</span>
</span><span id="__span-9-17"><a id="__codelineno-9-17" name="__codelineno-9-17" href="#__codelineno-9-17"></a>
</span><span id="__span-9-18"><a id="__codelineno-9-18" name="__codelineno-9-18" href="#__codelineno-9-18"></a> <span class="ss">fallbackProviders</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-9-19"><a id="__codelineno-9-19" name="__codelineno-9-19" href="#__codelineno-9-19"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>listOf types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-9-20"><a id="__codelineno-9-20" name="__codelineno-9-20" href="#__codelineno-9-20"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span>
</span><span id="__span-9-21"><a id="__codelineno-9-21" name="__codelineno-9-21" href="#__codelineno-9-21"></a> <span class="s2">"1.1.1.1#cloudflare-dns.com"</span>
</span><span id="__span-9-22"><a id="__codelineno-9-22" name="__codelineno-9-22" href="#__codelineno-9-22"></a> <span class="s2">"8.8.8.8#dns.google"</span>
</span><span id="__span-9-23"><a id="__codelineno-9-23" name="__codelineno-9-23" href="#__codelineno-9-23"></a> <span class="p">];</span>
</span><span id="__span-9-24"><a id="__codelineno-9-24" name="__codelineno-9-24" href="#__codelineno-9-24"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"List of fallback DNS providers to use"</span><span class="p">;</span>
</span><span id="__span-9-25"><a id="__codelineno-9-25" name="__codelineno-9-25" href="#__codelineno-9-25"></a> <span class="ss">example</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"9.9.9.9#dns.quad9.net"</span> <span class="p">];</span>
</span><span id="__span-9-26"><a id="__codelineno-9-26" name="__codelineno-9-26" href="#__codelineno-9-26"></a> <span class="p">};</span>
</span><span id="__span-9-27"><a id="__codelineno-9-27" name="__codelineno-9-27" href="#__codelineno-9-27"></a>
</span><span id="__span-9-28"><a id="__codelineno-9-28" name="__codelineno-9-28" href="#__codelineno-9-28"></a> <span class="ss">cacheSize</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-9-29"><a id="__codelineno-9-29" name="__codelineno-9-29" href="#__codelineno-9-29"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-9-30"><a id="__codelineno-9-30" name="__codelineno-9-30" href="#__codelineno-9-30"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">4096</span><span class="p">;</span>
</span><span id="__span-9-31"><a id="__codelineno-9-31" name="__codelineno-9-31" href="#__codelineno-9-31"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Size of DNS cache in entries"</span><span class="p">;</span>
</span><span id="__span-9-32"><a id="__codelineno-9-32" name="__codelineno-9-32" href="#__codelineno-9-32"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">8192</span><span class="p">;</span>
</span><span id="__span-9-33"><a id="__codelineno-9-33" name="__codelineno-9-33" href="#__codelineno-9-33"></a> <span class="p">};</span>
</span><span id="__span-9-34"><a id="__codelineno-9-34" name="__codelineno-9-34" href="#__codelineno-9-34"></a>
</span><span id="__span-9-35"><a id="__codelineno-9-35" name="__codelineno-9-35" href="#__codelineno-9-35"></a> <span class="ss">dnsOverTls</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-9-36"><a id="__codelineno-9-36" name="__codelineno-9-36" href="#__codelineno-9-36"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-9-37"><a id="__codelineno-9-37" name="__codelineno-9-37" href="#__codelineno-9-37"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-9-38"><a id="__codelineno-9-38" name="__codelineno-9-38" href="#__codelineno-9-38"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Whether to enable DNS-over-TLS"</span><span class="p">;</span>
</span><span id="__span-9-39"><a id="__codelineno-9-39" name="__codelineno-9-39" href="#__codelineno-9-39"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-9-40"><a id="__codelineno-9-40" name="__codelineno-9-40" href="#__codelineno-9-40"></a> <span class="p">};</span>
</span><span id="__span-9-41"><a id="__codelineno-9-41" name="__codelineno-9-41" href="#__codelineno-9-41"></a>
</span><span id="__span-9-42"><a id="__codelineno-9-42" name="__codelineno-9-42" href="#__codelineno-9-42"></a> <span class="ss">networkManagerIntegration</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-9-43"><a id="__codelineno-9-43" name="__codelineno-9-43" href="#__codelineno-9-43"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-9-44"><a id="__codelineno-9-44" name="__codelineno-9-44" href="#__codelineno-9-44"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-9-45"><a id="__codelineno-9-45" name="__codelineno-9-45" href="#__codelineno-9-45"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Whether to integrate with NetworkManager"</span><span class="p">;</span>
</span><span id="__span-9-46"><a id="__codelineno-9-46" name="__codelineno-9-46" href="#__codelineno-9-46"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-9-47"><a id="__codelineno-9-47" name="__codelineno-9-47" href="#__codelineno-9-47"></a> <span class="p">};</span>
</span><span id="__span-9-48"><a id="__codelineno-9-48" name="__codelineno-9-48" href="#__codelineno-9-48"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="defaultnix_3"><code>default.nix</code><a class="headerlink" href="#defaultnix_3" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/flaresolverr/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/flaresolverr/default.nix</code></a></p>
<p>FlareSolverr Configuration Module
A proxy server to bypass Cloudflare protection for web scraping applications</p>
<ul>
<li><strong>Enable option:</strong> FlareSolverr proxy server</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>package</code>, <code>port</code>, <code>host</code>, <code>logLevel</code>, <code>logHtml</code>, <code>captchaSolver</code>, <code>testUrl</code>, <code>sessionTtl</code>, <code>headless</code>, <code>browserTimeout</code>, <code>user</code>, <code>group</code>, <code>dataDir</code>, <code>extraEnvironment</code>, <code>openFirewall</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-10-1"><a id="__codelineno-10-1" name="__codelineno-10-1" href="#__codelineno-10-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">flaresolverr</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-10-2"><a id="__codelineno-10-2" name="__codelineno-10-2" href="#__codelineno-10-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"FlareSolverr proxy server"</span><span class="p">;</span>
</span><span id="__span-10-3"><a id="__codelineno-10-3" name="__codelineno-10-3" href="#__codelineno-10-3"></a>
</span><span id="__span-10-4"><a id="__codelineno-10-4" name="__codelineno-10-4" href="#__codelineno-10-4"></a> <span class="ss">package</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-5"><a id="__codelineno-10-5" name="__codelineno-10-5" href="#__codelineno-10-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>package<span class="p">;</span>
</span><span id="__span-10-6"><a id="__codelineno-10-6" name="__codelineno-10-6" href="#__codelineno-10-6"></a> <span class="ss">default</span> <span class="o">=</span> pkgs<span class="o">.</span>flaresolverr<span class="p">;</span>
</span><span id="__span-10-7"><a id="__codelineno-10-7" name="__codelineno-10-7" href="#__codelineno-10-7"></a> <span class="ss">defaultText</span> <span class="o">=</span> literalExpression <span class="s2">"pkgs.flaresolverr"</span><span class="p">;</span>
</span><span id="__span-10-8"><a id="__codelineno-10-8" name="__codelineno-10-8" href="#__codelineno-10-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"The FlareSolverr package to use"</span><span class="p">;</span>
</span><span id="__span-10-9"><a id="__codelineno-10-9" name="__codelineno-10-9" href="#__codelineno-10-9"></a> <span class="p">};</span>
</span><span id="__span-10-10"><a id="__codelineno-10-10" name="__codelineno-10-10" href="#__codelineno-10-10"></a>
</span><span id="__span-10-11"><a id="__codelineno-10-11" name="__codelineno-10-11" href="#__codelineno-10-11"></a> <span class="ss">port</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-12"><a id="__codelineno-10-12" name="__codelineno-10-12" href="#__codelineno-10-12"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-10-13"><a id="__codelineno-10-13" name="__codelineno-10-13" href="#__codelineno-10-13"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">8191</span><span class="p">;</span>
</span><span id="__span-10-14"><a id="__codelineno-10-14" name="__codelineno-10-14" href="#__codelineno-10-14"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Port on which FlareSolverr will listen"</span><span class="p">;</span>
</span><span id="__span-10-15"><a id="__codelineno-10-15" name="__codelineno-10-15" href="#__codelineno-10-15"></a> <span class="p">};</span>
</span><span id="__span-10-16"><a id="__codelineno-10-16" name="__codelineno-10-16" href="#__codelineno-10-16"></a>
</span><span id="__span-10-17"><a id="__codelineno-10-17" name="__codelineno-10-17" href="#__codelineno-10-17"></a> <span class="ss">host</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-18"><a id="__codelineno-10-18" name="__codelineno-10-18" href="#__codelineno-10-18"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-10-19"><a id="__codelineno-10-19" name="__codelineno-10-19" href="#__codelineno-10-19"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"0.0.0.0"</span><span class="p">;</span>
</span><span id="__span-10-20"><a id="__codelineno-10-20" name="__codelineno-10-20" href="#__codelineno-10-20"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Host address to bind to"</span><span class="p">;</span>
</span><span id="__span-10-21"><a id="__codelineno-10-21" name="__codelineno-10-21" href="#__codelineno-10-21"></a> <span class="p">};</span>
</span><span id="__span-10-22"><a id="__codelineno-10-22" name="__codelineno-10-22" href="#__codelineno-10-22"></a>
</span><span id="__span-10-23"><a id="__codelineno-10-23" name="__codelineno-10-23" href="#__codelineno-10-23"></a> <span class="ss">logLevel</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-24"><a id="__codelineno-10-24" name="__codelineno-10-24" href="#__codelineno-10-24"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>enum <span class="p">[</span> <span class="s2">"debug"</span> <span class="s2">"info"</span> <span class="s2">"warning"</span> <span class="s2">"error"</span> <span class="p">];</span>
</span><span id="__span-10-25"><a id="__codelineno-10-25" name="__codelineno-10-25" href="#__codelineno-10-25"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"info"</span><span class="p">;</span>
</span><span id="__span-10-26"><a id="__codelineno-10-26" name="__codelineno-10-26" href="#__codelineno-10-26"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Log level for FlareSolverr"</span><span class="p">;</span>
</span><span id="__span-10-27"><a id="__codelineno-10-27" name="__codelineno-10-27" href="#__codelineno-10-27"></a> <span class="p">};</span>
</span><span id="__span-10-28"><a id="__codelineno-10-28" name="__codelineno-10-28" href="#__codelineno-10-28"></a>
</span><span id="__span-10-29"><a id="__codelineno-10-29" name="__codelineno-10-29" href="#__codelineno-10-29"></a> <span class="ss">logHtml</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-30"><a id="__codelineno-10-30" name="__codelineno-10-30" href="#__codelineno-10-30"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-10-31"><a id="__codelineno-10-31" name="__codelineno-10-31" href="#__codelineno-10-31"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-10-32"><a id="__codelineno-10-32" name="__codelineno-10-32" href="#__codelineno-10-32"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Whether to log HTML content"</span><span class="p">;</span>
</span><span id="__span-10-33"><a id="__codelineno-10-33" name="__codelineno-10-33" href="#__codelineno-10-33"></a> <span class="p">};</span>
</span><span id="__span-10-34"><a id="__codelineno-10-34" name="__codelineno-10-34" href="#__codelineno-10-34"></a>
</span><span id="__span-10-35"><a id="__codelineno-10-35" name="__codelineno-10-35" href="#__codelineno-10-35"></a> <span class="ss">captchaSolver</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-36"><a id="__codelineno-10-36" name="__codelineno-10-36" href="#__codelineno-10-36"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>enum <span class="p">[</span> <span class="s2">"none"</span> <span class="s2">"hcaptcha-solver"</span> <span class="s2">"harvester"</span> <span class="p">];</span>
</span><span id="__span-10-37"><a id="__codelineno-10-37" name="__codelineno-10-37" href="#__codelineno-10-37"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"none"</span><span class="p">;</span>
</span><span id="__span-10-38"><a id="__codelineno-10-38" name="__codelineno-10-38" href="#__codelineno-10-38"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"CAPTCHA solver to use"</span><span class="p">;</span>
</span><span id="__span-10-39"><a id="__codelineno-10-39" name="__codelineno-10-39" href="#__codelineno-10-39"></a> <span class="p">};</span>
</span><span id="__span-10-40"><a id="__codelineno-10-40" name="__codelineno-10-40" href="#__codelineno-10-40"></a>
</span><span id="__span-10-41"><a id="__codelineno-10-41" name="__codelineno-10-41" href="#__codelineno-10-41"></a> <span class="ss">testUrl</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-42"><a id="__codelineno-10-42" name="__codelineno-10-42" href="#__codelineno-10-42"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-10-43"><a id="__codelineno-10-43" name="__codelineno-10-43" href="#__codelineno-10-43"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"https://www.google.com"</span><span class="p">;</span>
</span><span id="__span-10-44"><a id="__codelineno-10-44" name="__codelineno-10-44" href="#__codelineno-10-44"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"URL to test browser functionality"</span><span class="p">;</span>
</span><span id="__span-10-45"><a id="__codelineno-10-45" name="__codelineno-10-45" href="#__codelineno-10-45"></a> <span class="p">};</span>
</span><span id="__span-10-46"><a id="__codelineno-10-46" name="__codelineno-10-46" href="#__codelineno-10-46"></a>
</span><span id="__span-10-47"><a id="__codelineno-10-47" name="__codelineno-10-47" href="#__codelineno-10-47"></a> <span class="ss">sessionTtl</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-48"><a id="__codelineno-10-48" name="__codelineno-10-48" href="#__codelineno-10-48"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-10-49"><a id="__codelineno-10-49" name="__codelineno-10-49" href="#__codelineno-10-49"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">600000</span><span class="p">;</span>
</span><span id="__span-10-50"><a id="__codelineno-10-50" name="__codelineno-10-50" href="#__codelineno-10-50"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Session time-to-live in milliseconds"</span><span class="p">;</span>
</span><span id="__span-10-51"><a id="__codelineno-10-51" name="__codelineno-10-51" href="#__codelineno-10-51"></a> <span class="p">};</span>
</span><span id="__span-10-52"><a id="__codelineno-10-52" name="__codelineno-10-52" href="#__codelineno-10-52"></a>
</span><span id="__span-10-53"><a id="__codelineno-10-53" name="__codelineno-10-53" href="#__codelineno-10-53"></a> <span class="ss">headless</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-54"><a id="__codelineno-10-54" name="__codelineno-10-54" href="#__codelineno-10-54"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-10-55"><a id="__codelineno-10-55" name="__codelineno-10-55" href="#__codelineno-10-55"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-10-56"><a id="__codelineno-10-56" name="__codelineno-10-56" href="#__codelineno-10-56"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Run browser in headless mode"</span><span class="p">;</span>
</span><span id="__span-10-57"><a id="__codelineno-10-57" name="__codelineno-10-57" href="#__codelineno-10-57"></a> <span class="p">};</span>
</span><span id="__span-10-58"><a id="__codelineno-10-58" name="__codelineno-10-58" href="#__codelineno-10-58"></a>
</span><span id="__span-10-59"><a id="__codelineno-10-59" name="__codelineno-10-59" href="#__codelineno-10-59"></a> <span class="ss">browserTimeout</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-60"><a id="__codelineno-10-60" name="__codelineno-10-60" href="#__codelineno-10-60"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-10-61"><a id="__codelineno-10-61" name="__codelineno-10-61" href="#__codelineno-10-61"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">40000</span><span class="p">;</span>
</span><span id="__span-10-62"><a id="__codelineno-10-62" name="__codelineno-10-62" href="#__codelineno-10-62"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Browser timeout in milliseconds"</span><span class="p">;</span>
</span><span id="__span-10-63"><a id="__codelineno-10-63" name="__codelineno-10-63" href="#__codelineno-10-63"></a> <span class="p">};</span>
</span><span id="__span-10-64"><a id="__codelineno-10-64" name="__codelineno-10-64" href="#__codelineno-10-64"></a>
</span><span id="__span-10-65"><a id="__codelineno-10-65" name="__codelineno-10-65" href="#__codelineno-10-65"></a> <span class="ss">user</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-66"><a id="__codelineno-10-66" name="__codelineno-10-66" href="#__codelineno-10-66"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-10-67"><a id="__codelineno-10-67" name="__codelineno-10-67" href="#__codelineno-10-67"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"flaresolverr"</span><span class="p">;</span>
</span><span id="__span-10-68"><a id="__codelineno-10-68" name="__codelineno-10-68" href="#__codelineno-10-68"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"User to run FlareSolverr as"</span><span class="p">;</span>
</span><span id="__span-10-69"><a id="__codelineno-10-69" name="__codelineno-10-69" href="#__codelineno-10-69"></a> <span class="p">};</span>
</span><span id="__span-10-70"><a id="__codelineno-10-70" name="__codelineno-10-70" href="#__codelineno-10-70"></a>
</span><span id="__span-10-71"><a id="__codelineno-10-71" name="__codelineno-10-71" href="#__codelineno-10-71"></a> <span class="ss">group</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-72"><a id="__codelineno-10-72" name="__codelineno-10-72" href="#__codelineno-10-72"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-10-73"><a id="__codelineno-10-73" name="__codelineno-10-73" href="#__codelineno-10-73"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"flaresolverr"</span><span class="p">;</span>
</span><span id="__span-10-74"><a id="__codelineno-10-74" name="__codelineno-10-74" href="#__codelineno-10-74"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Group to run FlareSolverr as"</span><span class="p">;</span>
</span><span id="__span-10-75"><a id="__codelineno-10-75" name="__codelineno-10-75" href="#__codelineno-10-75"></a> <span class="p">};</span>
</span><span id="__span-10-76"><a id="__codelineno-10-76" name="__codelineno-10-76" href="#__codelineno-10-76"></a>
</span><span id="__span-10-77"><a id="__codelineno-10-77" name="__codelineno-10-77" href="#__codelineno-10-77"></a> <span class="ss">dataDir</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-78"><a id="__codelineno-10-78" name="__codelineno-10-78" href="#__codelineno-10-78"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-10-79"><a id="__codelineno-10-79" name="__codelineno-10-79" href="#__codelineno-10-79"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"/var/lib/flaresolverr"</span><span class="p">;</span>
</span><span id="__span-10-80"><a id="__codelineno-10-80" name="__codelineno-10-80" href="#__codelineno-10-80"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Data directory for FlareSolverr"</span><span class="p">;</span>
</span><span id="__span-10-81"><a id="__codelineno-10-81" name="__codelineno-10-81" href="#__codelineno-10-81"></a> <span class="p">};</span>
</span><span id="__span-10-82"><a id="__codelineno-10-82" name="__codelineno-10-82" href="#__codelineno-10-82"></a>
</span><span id="__span-10-83"><a id="__codelineno-10-83" name="__codelineno-10-83" href="#__codelineno-10-83"></a> <span class="ss">extraEnvironment</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-10-84"><a id="__codelineno-10-84" name="__codelineno-10-84" href="#__codelineno-10-84"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>attrs<span class="p">;</span>
</span><span id="__span-10-85"><a id="__codelineno-10-85" name="__codelineno-10-85" href="#__codelineno-10-85"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">{</span> <span class="p">};</span>
</span><span id="__span-10-86"><a id="__codelineno-10-86" name="__codelineno-10-86" href="#__codelineno-10-86"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Extra environment variables for FlareSolverr"</span><span class="p">;</span>
</span><span id="__span-10-87"><a id="__codelineno-10-87" name="__codelineno-10-87" href="#__codelineno-10-87"></a> <span class="ss">example</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-10-88"><a id="__codelineno-10-88" name="__codelineno-10-88" href="#__codelineno-10-88"></a> <span class="ss">PROMETHEUS_ENABLED</span> <span class="o">=</span> <span class="s2">"true"</span><span class="p">;</span>
</span><span id="__span-10-89"><a id="__codelineno-10-89" name="__codelineno-10-89" href="#__codelineno-10-89"></a> <span class="ss">PROMETHEUS_PORT</span> <span class="o">=</span> <span class="s2">"8192"</span><span class="p">;</span>
</span><span id="__span-10-90"><a id="__codelineno-10-90" name="__codelineno-10-90" href="#__codelineno-10-90"></a> <span class="p">};</span>
</span><span id="__span-10-91"><a id="__codelineno-10-91" name="__codelineno-10-91" href="#__codelineno-10-91"></a><span class="c1"># … truncated — see source link above</span>
</span></code></pre></div>
</details>
<h3 id="flatpaknix"><code>flatpak.nix</code><a class="headerlink" href="#flatpaknix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/flatpak/flatpak.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/flatpak/flatpak.nix</code></a></p>
<p>Flatpak Application Management Module
Enables Flatpak with automatic Flathub repository setup</p>
<ul>
<li><strong>Enable option:</strong> Flatpak application management</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>autoAddFlathub</code>, <code>maxRetries</code>, <code>retryDelay</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-11-1"><a id="__codelineno-11-1" name="__codelineno-11-1" href="#__codelineno-11-1"></a> options<span class="o">.</span>modules<span class="o">.</span>services<span class="o">.</span><span class="ss">flatpak</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-11-2"><a id="__codelineno-11-2" name="__codelineno-11-2" href="#__codelineno-11-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"Flatpak application management"</span><span class="p">;</span>
</span><span id="__span-11-3"><a id="__codelineno-11-3" name="__codelineno-11-3" href="#__codelineno-11-3"></a>
</span><span id="__span-11-4"><a id="__codelineno-11-4" name="__codelineno-11-4" href="#__codelineno-11-4"></a> <span class="ss">autoAddFlathub</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-11-5"><a id="__codelineno-11-5" name="__codelineno-11-5" href="#__codelineno-11-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-11-6"><a id="__codelineno-11-6" name="__codelineno-11-6" href="#__codelineno-11-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-11-7"><a id="__codelineno-11-7" name="__codelineno-11-7" href="#__codelineno-11-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Automatically add Flathub repository on system startup''</span><span class="p">;</span>
</span><span id="__span-11-8"><a id="__codelineno-11-8" name="__codelineno-11-8" href="#__codelineno-11-8"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-11-9"><a id="__codelineno-11-9" name="__codelineno-11-9" href="#__codelineno-11-9"></a> <span class="p">};</span>
</span><span id="__span-11-10"><a id="__codelineno-11-10" name="__codelineno-11-10" href="#__codelineno-11-10"></a>
</span><span id="__span-11-11"><a id="__codelineno-11-11" name="__codelineno-11-11" href="#__codelineno-11-11"></a> <span class="ss">repositorySetup</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-11-12"><a id="__codelineno-11-12" name="__codelineno-11-12" href="#__codelineno-11-12"></a> <span class="ss">maxRetries</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-11-13"><a id="__codelineno-11-13" name="__codelineno-11-13" href="#__codelineno-11-13"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-11-14"><a id="__codelineno-11-14" name="__codelineno-11-14" href="#__codelineno-11-14"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">3</span><span class="p">;</span>
</span><span id="__span-11-15"><a id="__codelineno-11-15" name="__codelineno-11-15" href="#__codelineno-11-15"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Maximum number of retry attempts for repository setup''</span><span class="p">;</span>
</span><span id="__span-11-16"><a id="__codelineno-11-16" name="__codelineno-11-16" href="#__codelineno-11-16"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">5</span><span class="p">;</span>
</span><span id="__span-11-17"><a id="__codelineno-11-17" name="__codelineno-11-17" href="#__codelineno-11-17"></a> <span class="p">};</span>
</span><span id="__span-11-18"><a id="__codelineno-11-18" name="__codelineno-11-18" href="#__codelineno-11-18"></a>
</span><span id="__span-11-19"><a id="__codelineno-11-19" name="__codelineno-11-19" href="#__codelineno-11-19"></a> <span class="ss">retryDelay</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-11-20"><a id="__codelineno-11-20" name="__codelineno-11-20" href="#__codelineno-11-20"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-11-21"><a id="__codelineno-11-21" name="__codelineno-11-21" href="#__codelineno-11-21"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">5</span><span class="p">;</span>
</span><span id="__span-11-22"><a id="__codelineno-11-22" name="__codelineno-11-22" href="#__codelineno-11-22"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Base delay in seconds between retry attempts''</span><span class="p">;</span>
</span><span id="__span-11-23"><a id="__codelineno-11-23" name="__codelineno-11-23" href="#__codelineno-11-23"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">10</span><span class="p">;</span>
</span><span id="__span-11-24"><a id="__codelineno-11-24" name="__codelineno-11-24" href="#__codelineno-11-24"></a> <span class="p">};</span>
</span><span id="__span-11-25"><a id="__codelineno-11-25" name="__codelineno-11-25" href="#__codelineno-11-25"></a> <span class="p">};</span>
</span><span id="__span-11-26"><a id="__codelineno-11-26" name="__codelineno-11-26" href="#__codelineno-11-26"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="defaultnix_4"><code>default.nix</code><a class="headerlink" href="#defaultnix_4" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/geforcenow/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/geforcenow/default.nix</code></a></p>
<p>NVIDIA GeForce NOW Cloud Gaming Module
Enables GeForce NOW native Linux client via Flatpak</p>
<ul>
<li><strong>Enable option:</strong> NVIDIA GeForce NOW cloud gaming client</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>autoInstall</code>, <code>waylandFix</code>, <code>maxRetries</code>, <code>retryDelay</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-12-1"><a id="__codelineno-12-1" name="__codelineno-12-1" href="#__codelineno-12-1"></a> options<span class="o">.</span>modules<span class="o">.</span>services<span class="o">.</span><span class="ss">geforcenow</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-12-2"><a id="__codelineno-12-2" name="__codelineno-12-2" href="#__codelineno-12-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"NVIDIA GeForce NOW cloud gaming client"</span><span class="p">;</span>
</span><span id="__span-12-3"><a id="__codelineno-12-3" name="__codelineno-12-3" href="#__codelineno-12-3"></a>
</span><span id="__span-12-4"><a id="__codelineno-12-4" name="__codelineno-12-4" href="#__codelineno-12-4"></a> <span class="ss">autoInstall</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-12-5"><a id="__codelineno-12-5" name="__codelineno-12-5" href="#__codelineno-12-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-12-6"><a id="__codelineno-12-6" name="__codelineno-12-6" href="#__codelineno-12-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-12-7"><a id="__codelineno-12-7" name="__codelineno-12-7" href="#__codelineno-12-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-12-8"><a id="__codelineno-12-8" name="__codelineno-12-8" href="#__codelineno-12-8"></a><span class="s s-Multiline"> Automatically install GeForce NOW Flatpak on system startup.</span>
</span><span id="__span-12-9"><a id="__codelineno-12-9" name="__codelineno-12-9" href="#__codelineno-12-9"></a><span class="s s-Multiline"> If disabled, the remote will be added but installation must be done manually.</span>
</span><span id="__span-12-10"><a id="__codelineno-12-10" name="__codelineno-12-10" href="#__codelineno-12-10"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-12-11"><a id="__codelineno-12-11" name="__codelineno-12-11" href="#__codelineno-12-11"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-12-12"><a id="__codelineno-12-12" name="__codelineno-12-12" href="#__codelineno-12-12"></a> <span class="p">};</span>
</span><span id="__span-12-13"><a id="__codelineno-12-13" name="__codelineno-12-13" href="#__codelineno-12-13"></a>
</span><span id="__span-12-14"><a id="__codelineno-12-14" name="__codelineno-12-14" href="#__codelineno-12-14"></a> <span class="ss">waylandFix</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-12-15"><a id="__codelineno-12-15" name="__codelineno-12-15" href="#__codelineno-12-15"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-12-16"><a id="__codelineno-12-16" name="__codelineno-12-16" href="#__codelineno-12-16"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-12-17"><a id="__codelineno-12-17" name="__codelineno-12-17" href="#__codelineno-12-17"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-12-18"><a id="__codelineno-12-18" name="__codelineno-12-18" href="#__codelineno-12-18"></a><span class="s s-Multiline"> Apply Wayland fix by disabling Wayland socket for GeForce NOW.</span>
</span><span id="__span-12-19"><a id="__codelineno-12-19" name="__codelineno-12-19" href="#__codelineno-12-19"></a><span class="s s-Multiline"> Enable this if the application window doesn't open on Wayland.</span>
</span><span id="__span-12-20"><a id="__codelineno-12-20" name="__codelineno-12-20" href="#__codelineno-12-20"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-12-21"><a id="__codelineno-12-21" name="__codelineno-12-21" href="#__codelineno-12-21"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-12-22"><a id="__codelineno-12-22" name="__codelineno-12-22" href="#__codelineno-12-22"></a> <span class="p">};</span>
</span><span id="__span-12-23"><a id="__codelineno-12-23" name="__codelineno-12-23" href="#__codelineno-12-23"></a>
</span><span id="__span-12-24"><a id="__codelineno-12-24" name="__codelineno-12-24" href="#__codelineno-12-24"></a> <span class="ss">remoteSetup</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-12-25"><a id="__codelineno-12-25" name="__codelineno-12-25" href="#__codelineno-12-25"></a> <span class="ss">maxRetries</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-12-26"><a id="__codelineno-12-26" name="__codelineno-12-26" href="#__codelineno-12-26"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-12-27"><a id="__codelineno-12-27" name="__codelineno-12-27" href="#__codelineno-12-27"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">3</span><span class="p">;</span>
</span><span id="__span-12-28"><a id="__codelineno-12-28" name="__codelineno-12-28" href="#__codelineno-12-28"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Maximum number of retry attempts for repository setup''</span><span class="p">;</span>
</span><span id="__span-12-29"><a id="__codelineno-12-29" name="__codelineno-12-29" href="#__codelineno-12-29"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">5</span><span class="p">;</span>
</span><span id="__span-12-30"><a id="__codelineno-12-30" name="__codelineno-12-30" href="#__codelineno-12-30"></a> <span class="p">};</span>
</span><span id="__span-12-31"><a id="__codelineno-12-31" name="__codelineno-12-31" href="#__codelineno-12-31"></a>
</span><span id="__span-12-32"><a id="__codelineno-12-32" name="__codelineno-12-32" href="#__codelineno-12-32"></a> <span class="ss">retryDelay</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-12-33"><a id="__codelineno-12-33" name="__codelineno-12-33" href="#__codelineno-12-33"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-12-34"><a id="__codelineno-12-34" name="__codelineno-12-34" href="#__codelineno-12-34"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">10</span><span class="p">;</span>
</span><span id="__span-12-35"><a id="__codelineno-12-35" name="__codelineno-12-35" href="#__codelineno-12-35"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Base delay in seconds between retry attempts''</span><span class="p">;</span>
</span><span id="__span-12-36"><a id="__codelineno-12-36" name="__codelineno-12-36" href="#__codelineno-12-36"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">15</span><span class="p">;</span>
</span><span id="__span-12-37"><a id="__codelineno-12-37" name="__codelineno-12-37" href="#__codelineno-12-37"></a> <span class="p">};</span>
</span><span id="__span-12-38"><a id="__codelineno-12-38" name="__codelineno-12-38" href="#__codelineno-12-38"></a> <span class="p">};</span>
</span><span id="__span-12-39"><a id="__codelineno-12-39" name="__codelineno-12-39" href="#__codelineno-12-39"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="github-runnernix"><code>github-runner.nix</code><a class="headerlink" href="#github-runnernix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/github/github-runner.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/github/github-runner.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="gitlab-runnernix"><code>gitlab-runner.nix</code><a class="headerlink" href="#gitlab-runnernix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/gitlab-runner.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/gitlab-runner.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> GitLab Runner for local CI/CD</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>registrationConfigFile</code>, <code>concurrent</code>, <code>checkInterval</code>, <code>services</code>, <code>name</code>, <code>url</code>, <code>executor</code>, <code>dockerImage</code>, <code>dockerPrivileged</code>, <code>dockerVolumes</code>, <code>tagList</code>, <code>runUntagged</code>, <code>limit</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-13-1"><a id="__codelineno-13-1" name="__codelineno-13-1" href="#__codelineno-13-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">gitlab-runner-local</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-13-2"><a id="__codelineno-13-2" name="__codelineno-13-2" href="#__codelineno-13-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"GitLab Runner for local CI/CD"</span><span class="p">;</span>
</span><span id="__span-13-3"><a id="__codelineno-13-3" name="__codelineno-13-3" href="#__codelineno-13-3"></a>
</span><span id="__span-13-4"><a id="__codelineno-13-4" name="__codelineno-13-4" href="#__codelineno-13-4"></a> <span class="ss">registrationConfigFile</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-5"><a id="__codelineno-13-5" name="__codelineno-13-5" href="#__codelineno-13-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>nullOr types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-13-6"><a id="__codelineno-13-6" name="__codelineno-13-6" href="#__codelineno-13-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-13-7"><a id="__codelineno-13-7" name="__codelineno-13-7" href="#__codelineno-13-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-13-8"><a id="__codelineno-13-8" name="__codelineno-13-8" href="#__codelineno-13-8"></a><span class="s s-Multiline"> Path to file containing GitLab Runner registration token.</span>
</span><span id="__span-13-9"><a id="__codelineno-13-9" name="__codelineno-13-9" href="#__codelineno-13-9"></a><span class="s s-Multiline"> This file should contain the registration token from your GitLab instance.</span>
</span><span id="__span-13-10"><a id="__codelineno-13-10" name="__codelineno-13-10" href="#__codelineno-13-10"></a>
</span><span id="__span-13-11"><a id="__codelineno-13-11" name="__codelineno-13-11" href="#__codelineno-13-11"></a><span class="s s-Multiline"> Example file content:</span>
</span><span id="__span-13-12"><a id="__codelineno-13-12" name="__codelineno-13-12" href="#__codelineno-13-12"></a><span class="s s-Multiline"> CI_SERVER_URL=https://gitlab.com</span>
</span><span id="__span-13-13"><a id="__codelineno-13-13" name="__codelineno-13-13" href="#__codelineno-13-13"></a><span class="s s-Multiline"> REGISTRATION_TOKEN=your-registration-token-here</span>
</span><span id="__span-13-14"><a id="__codelineno-13-14" name="__codelineno-13-14" href="#__codelineno-13-14"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-13-15"><a id="__codelineno-13-15" name="__codelineno-13-15" href="#__codelineno-13-15"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"/run/agenix/gitlab-runner-token"</span><span class="p">;</span>
</span><span id="__span-13-16"><a id="__codelineno-13-16" name="__codelineno-13-16" href="#__codelineno-13-16"></a> <span class="p">};</span>
</span><span id="__span-13-17"><a id="__codelineno-13-17" name="__codelineno-13-17" href="#__codelineno-13-17"></a>
</span><span id="__span-13-18"><a id="__codelineno-13-18" name="__codelineno-13-18" href="#__codelineno-13-18"></a> <span class="ss">concurrent</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-19"><a id="__codelineno-13-19" name="__codelineno-13-19" href="#__codelineno-13-19"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-13-20"><a id="__codelineno-13-20" name="__codelineno-13-20" href="#__codelineno-13-20"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">4</span><span class="p">;</span>
</span><span id="__span-13-21"><a id="__codelineno-13-21" name="__codelineno-13-21" href="#__codelineno-13-21"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Maximum number of concurrent jobs"</span><span class="p">;</span>
</span><span id="__span-13-22"><a id="__codelineno-13-22" name="__codelineno-13-22" href="#__codelineno-13-22"></a> <span class="p">};</span>
</span><span id="__span-13-23"><a id="__codelineno-13-23" name="__codelineno-13-23" href="#__codelineno-13-23"></a>
</span><span id="__span-13-24"><a id="__codelineno-13-24" name="__codelineno-13-24" href="#__codelineno-13-24"></a> <span class="ss">checkInterval</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-25"><a id="__codelineno-13-25" name="__codelineno-13-25" href="#__codelineno-13-25"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-13-26"><a id="__codelineno-13-26" name="__codelineno-13-26" href="#__codelineno-13-26"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
</span><span id="__span-13-27"><a id="__codelineno-13-27" name="__codelineno-13-27" href="#__codelineno-13-27"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Check interval for new jobs (in seconds, 0 = default)"</span><span class="p">;</span>
</span><span id="__span-13-28"><a id="__codelineno-13-28" name="__codelineno-13-28" href="#__codelineno-13-28"></a> <span class="p">};</span>
</span><span id="__span-13-29"><a id="__codelineno-13-29" name="__codelineno-13-29" href="#__codelineno-13-29"></a>
</span><span id="__span-13-30"><a id="__codelineno-13-30" name="__codelineno-13-30" href="#__codelineno-13-30"></a> <span class="ss">services</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-31"><a id="__codelineno-13-31" name="__codelineno-13-31" href="#__codelineno-13-31"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>listOf <span class="p">(</span>types<span class="o">.</span>submodule <span class="p">{</span>
</span><span id="__span-13-32"><a id="__codelineno-13-32" name="__codelineno-13-32" href="#__codelineno-13-32"></a> <span class="ss">options</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-13-33"><a id="__codelineno-13-33" name="__codelineno-13-33" href="#__codelineno-13-33"></a> <span class="ss">name</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-34"><a id="__codelineno-13-34" name="__codelineno-13-34" href="#__codelineno-13-34"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-13-35"><a id="__codelineno-13-35" name="__codelineno-13-35" href="#__codelineno-13-35"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Name of the runner service"</span><span class="p">;</span>
</span><span id="__span-13-36"><a id="__codelineno-13-36" name="__codelineno-13-36" href="#__codelineno-13-36"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"docker-runner"</span><span class="p">;</span>
</span><span id="__span-13-37"><a id="__codelineno-13-37" name="__codelineno-13-37" href="#__codelineno-13-37"></a> <span class="p">};</span>
</span><span id="__span-13-38"><a id="__codelineno-13-38" name="__codelineno-13-38" href="#__codelineno-13-38"></a>
</span><span id="__span-13-39"><a id="__codelineno-13-39" name="__codelineno-13-39" href="#__codelineno-13-39"></a> <span class="ss">url</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-40"><a id="__codelineno-13-40" name="__codelineno-13-40" href="#__codelineno-13-40"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-13-41"><a id="__codelineno-13-41" name="__codelineno-13-41" href="#__codelineno-13-41"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"https://gitlab.com"</span><span class="p">;</span>
</span><span id="__span-13-42"><a id="__codelineno-13-42" name="__codelineno-13-42" href="#__codelineno-13-42"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"GitLab instance URL"</span><span class="p">;</span>
</span><span id="__span-13-43"><a id="__codelineno-13-43" name="__codelineno-13-43" href="#__codelineno-13-43"></a> <span class="p">};</span>
</span><span id="__span-13-44"><a id="__codelineno-13-44" name="__codelineno-13-44" href="#__codelineno-13-44"></a>
</span><span id="__span-13-45"><a id="__codelineno-13-45" name="__codelineno-13-45" href="#__codelineno-13-45"></a> <span class="ss">executor</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-46"><a id="__codelineno-13-46" name="__codelineno-13-46" href="#__codelineno-13-46"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>enum <span class="p">[</span> <span class="s2">"shell"</span> <span class="s2">"docker"</span> <span class="s2">"docker+machine"</span> <span class="s2">"kubernetes"</span> <span class="p">];</span>
</span><span id="__span-13-47"><a id="__codelineno-13-47" name="__codelineno-13-47" href="#__codelineno-13-47"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"docker"</span><span class="p">;</span>
</span><span id="__span-13-48"><a id="__codelineno-13-48" name="__codelineno-13-48" href="#__codelineno-13-48"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Executor type for running jobs"</span><span class="p">;</span>
</span><span id="__span-13-49"><a id="__codelineno-13-49" name="__codelineno-13-49" href="#__codelineno-13-49"></a> <span class="p">};</span>
</span><span id="__span-13-50"><a id="__codelineno-13-50" name="__codelineno-13-50" href="#__codelineno-13-50"></a>
</span><span id="__span-13-51"><a id="__codelineno-13-51" name="__codelineno-13-51" href="#__codelineno-13-51"></a> <span class="ss">dockerImage</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-52"><a id="__codelineno-13-52" name="__codelineno-13-52" href="#__codelineno-13-52"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-13-53"><a id="__codelineno-13-53" name="__codelineno-13-53" href="#__codelineno-13-53"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"alpine:latest"</span><span class="p">;</span>
</span><span id="__span-13-54"><a id="__codelineno-13-54" name="__codelineno-13-54" href="#__codelineno-13-54"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Default Docker image for docker executor"</span><span class="p">;</span>
</span><span id="__span-13-55"><a id="__codelineno-13-55" name="__codelineno-13-55" href="#__codelineno-13-55"></a> <span class="p">};</span>
</span><span id="__span-13-56"><a id="__codelineno-13-56" name="__codelineno-13-56" href="#__codelineno-13-56"></a>
</span><span id="__span-13-57"><a id="__codelineno-13-57" name="__codelineno-13-57" href="#__codelineno-13-57"></a> <span class="ss">dockerPrivileged</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-58"><a id="__codelineno-13-58" name="__codelineno-13-58" href="#__codelineno-13-58"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-13-59"><a id="__codelineno-13-59" name="__codelineno-13-59" href="#__codelineno-13-59"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-13-60"><a id="__codelineno-13-60" name="__codelineno-13-60" href="#__codelineno-13-60"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Run Docker containers in privileged mode"</span><span class="p">;</span>
</span><span id="__span-13-61"><a id="__codelineno-13-61" name="__codelineno-13-61" href="#__codelineno-13-61"></a> <span class="p">};</span>
</span><span id="__span-13-62"><a id="__codelineno-13-62" name="__codelineno-13-62" href="#__codelineno-13-62"></a>
</span><span id="__span-13-63"><a id="__codelineno-13-63" name="__codelineno-13-63" href="#__codelineno-13-63"></a> <span class="ss">dockerVolumes</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-64"><a id="__codelineno-13-64" name="__codelineno-13-64" href="#__codelineno-13-64"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>listOf types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-13-65"><a id="__codelineno-13-65" name="__codelineno-13-65" href="#__codelineno-13-65"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"/cache"</span> <span class="p">];</span>
</span><span id="__span-13-66"><a id="__codelineno-13-66" name="__codelineno-13-66" href="#__codelineno-13-66"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Docker volumes to mount"</span><span class="p">;</span>
</span><span id="__span-13-67"><a id="__codelineno-13-67" name="__codelineno-13-67" href="#__codelineno-13-67"></a> <span class="p">};</span>
</span><span id="__span-13-68"><a id="__codelineno-13-68" name="__codelineno-13-68" href="#__codelineno-13-68"></a>
</span><span id="__span-13-69"><a id="__codelineno-13-69" name="__codelineno-13-69" href="#__codelineno-13-69"></a> <span class="ss">tagList</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-70"><a id="__codelineno-13-70" name="__codelineno-13-70" href="#__codelineno-13-70"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>listOf types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-13-71"><a id="__codelineno-13-71" name="__codelineno-13-71" href="#__codelineno-13-71"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span> <span class="p">];</span>
</span><span id="__span-13-72"><a id="__codelineno-13-72" name="__codelineno-13-72" href="#__codelineno-13-72"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Tags for this runner"</span><span class="p">;</span>
</span><span id="__span-13-73"><a id="__codelineno-13-73" name="__codelineno-13-73" href="#__codelineno-13-73"></a> <span class="ss">example</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"docker"</span> <span class="s2">"linux"</span> <span class="s2">"nix"</span> <span class="p">];</span>
</span><span id="__span-13-74"><a id="__codelineno-13-74" name="__codelineno-13-74" href="#__codelineno-13-74"></a> <span class="p">};</span>
</span><span id="__span-13-75"><a id="__codelineno-13-75" name="__codelineno-13-75" href="#__codelineno-13-75"></a>
</span><span id="__span-13-76"><a id="__codelineno-13-76" name="__codelineno-13-76" href="#__codelineno-13-76"></a> <span class="ss">runUntagged</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-77"><a id="__codelineno-13-77" name="__codelineno-13-77" href="#__codelineno-13-77"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-13-78"><a id="__codelineno-13-78" name="__codelineno-13-78" href="#__codelineno-13-78"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-13-79"><a id="__codelineno-13-79" name="__codelineno-13-79" href="#__codelineno-13-79"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Run jobs without tags"</span><span class="p">;</span>
</span><span id="__span-13-80"><a id="__codelineno-13-80" name="__codelineno-13-80" href="#__codelineno-13-80"></a> <span class="p">};</span>
</span><span id="__span-13-81"><a id="__codelineno-13-81" name="__codelineno-13-81" href="#__codelineno-13-81"></a>
</span><span id="__span-13-82"><a id="__codelineno-13-82" name="__codelineno-13-82" href="#__codelineno-13-82"></a> <span class="ss">limit</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-13-83"><a id="__codelineno-13-83" name="__codelineno-13-83" href="#__codelineno-13-83"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-13-84"><a id="__codelineno-13-84" name="__codelineno-13-84" href="#__codelineno-13-84"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
</span><span id="__span-13-85"><a id="__codelineno-13-85" name="__codelineno-13-85" href="#__codelineno-13-85"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Maximum number of jobs for this runner (0 = unlimited)"</span><span class="p">;</span>
</span><span id="__span-13-86"><a id="__codelineno-13-86" name="__codelineno-13-86" href="#__codelineno-13-86"></a> <span class="p">};</span>
</span><span id="__span-13-87"><a id="__codelineno-13-87" name="__codelineno-13-87" href="#__codelineno-13-87"></a> <span class="p">};</span>
</span><span id="__span-13-88"><a id="__codelineno-13-88" name="__codelineno-13-88" href="#__codelineno-13-88"></a> <span class="p">});</span>
</span><span id="__span-13-89"><a id="__codelineno-13-89" name="__codelineno-13-89" href="#__codelineno-13-89"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span> <span class="p">];</span>
</span><span id="__span-13-90"><a id="__codelineno-13-90" name="__codelineno-13-90" href="#__codelineno-13-90"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"GitLab Runner service configurations"</span><span class="p">;</span>
</span><span id="__span-13-91"><a id="__codelineno-13-91" name="__codelineno-13-91" href="#__codelineno-13-91"></a><span class="c1"># … truncated — see source link above</span>
</span></code></pre></div>
</details>
<h3 id="gnome-servicesnix"><code>gnome-services.nix</code><a class="headerlink" href="#gnome-servicesnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/gnome/gnome-services.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/gnome/gnome-services.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="greetdnix"><code>greetd.nix</code><a class="headerlink" href="#greetdnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/greetd/greetd.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/greetd/greetd.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="home-assistantnix"><code>home-assistant.nix</code><a class="headerlink" href="#home-assistantnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/home-assistant.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/home-assistant.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> Home Assistant home automation platform</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>port</code>, <code>enableCloud</code>, <code>enableCLI</code>, <code>extraComponents</code>, <code>tailscaleIntegration</code>, <code>dashboards</code>, <code>title</code>, <code>icon</code>, <code>showInSidebar</code>, <code>yaml</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-14-1"><a id="__codelineno-14-1" name="__codelineno-14-1" href="#__codelineno-14-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">homeAssistant</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-14-2"><a id="__codelineno-14-2" name="__codelineno-14-2" href="#__codelineno-14-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"Home Assistant home automation platform"</span><span class="p">;</span>
</span><span id="__span-14-3"><a id="__codelineno-14-3" name="__codelineno-14-3" href="#__codelineno-14-3"></a>
</span><span id="__span-14-4"><a id="__codelineno-14-4" name="__codelineno-14-4" href="#__codelineno-14-4"></a> <span class="ss">port</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-5"><a id="__codelineno-14-5" name="__codelineno-14-5" href="#__codelineno-14-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-14-6"><a id="__codelineno-14-6" name="__codelineno-14-6" href="#__codelineno-14-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">8123</span><span class="p">;</span>
</span><span id="__span-14-7"><a id="__codelineno-14-7" name="__codelineno-14-7" href="#__codelineno-14-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Port for Home Assistant web interface"</span><span class="p">;</span>
</span><span id="__span-14-8"><a id="__codelineno-14-8" name="__codelineno-14-8" href="#__codelineno-14-8"></a> <span class="p">};</span>
</span><span id="__span-14-9"><a id="__codelineno-14-9" name="__codelineno-14-9" href="#__codelineno-14-9"></a>
</span><span id="__span-14-10"><a id="__codelineno-14-10" name="__codelineno-14-10" href="#__codelineno-14-10"></a> <span class="ss">enableCloud</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-11"><a id="__codelineno-14-11" name="__codelineno-14-11" href="#__codelineno-14-11"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-14-12"><a id="__codelineno-14-12" name="__codelineno-14-12" href="#__codelineno-14-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-14-13"><a id="__codelineno-14-13" name="__codelineno-14-13" href="#__codelineno-14-13"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Enable Home Assistant Cloud (Nabu Casa) integration"</span><span class="p">;</span>
</span><span id="__span-14-14"><a id="__codelineno-14-14" name="__codelineno-14-14" href="#__codelineno-14-14"></a> <span class="p">};</span>
</span><span id="__span-14-15"><a id="__codelineno-14-15" name="__codelineno-14-15" href="#__codelineno-14-15"></a>
</span><span id="__span-14-16"><a id="__codelineno-14-16" name="__codelineno-14-16" href="#__codelineno-14-16"></a> <span class="ss">enableCLI</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-17"><a id="__codelineno-14-17" name="__codelineno-14-17" href="#__codelineno-14-17"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-14-18"><a id="__codelineno-14-18" name="__codelineno-14-18" href="#__codelineno-14-18"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-14-19"><a id="__codelineno-14-19" name="__codelineno-14-19" href="#__codelineno-14-19"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Install Home Assistant CLI tool"</span><span class="p">;</span>
</span><span id="__span-14-20"><a id="__codelineno-14-20" name="__codelineno-14-20" href="#__codelineno-14-20"></a> <span class="p">};</span>
</span><span id="__span-14-21"><a id="__codelineno-14-21" name="__codelineno-14-21" href="#__codelineno-14-21"></a>
</span><span id="__span-14-22"><a id="__codelineno-14-22" name="__codelineno-14-22" href="#__codelineno-14-22"></a> <span class="ss">extraComponents</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-23"><a id="__codelineno-14-23" name="__codelineno-14-23" href="#__codelineno-14-23"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>listOf types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-14-24"><a id="__codelineno-14-24" name="__codelineno-14-24" href="#__codelineno-14-24"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span> <span class="p">];</span>
</span><span id="__span-14-25"><a id="__codelineno-14-25" name="__codelineno-14-25" href="#__codelineno-14-25"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Additional Home Assistant components to enable"</span><span class="p">;</span>
</span><span id="__span-14-26"><a id="__codelineno-14-26" name="__codelineno-14-26" href="#__codelineno-14-26"></a> <span class="p">};</span>
</span><span id="__span-14-27"><a id="__codelineno-14-27" name="__codelineno-14-27" href="#__codelineno-14-27"></a>
</span><span id="__span-14-28"><a id="__codelineno-14-28" name="__codelineno-14-28" href="#__codelineno-14-28"></a> <span class="ss">tailscaleIntegration</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-29"><a id="__codelineno-14-29" name="__codelineno-14-29" href="#__codelineno-14-29"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-14-30"><a id="__codelineno-14-30" name="__codelineno-14-30" href="#__codelineno-14-30"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-14-31"><a id="__codelineno-14-31" name="__codelineno-14-31" href="#__codelineno-14-31"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Configure trusted proxies for Tailscale access"</span><span class="p">;</span>
</span><span id="__span-14-32"><a id="__codelineno-14-32" name="__codelineno-14-32" href="#__codelineno-14-32"></a> <span class="p">};</span>
</span><span id="__span-14-33"><a id="__codelineno-14-33" name="__codelineno-14-33" href="#__codelineno-14-33"></a>
</span><span id="__span-14-34"><a id="__codelineno-14-34" name="__codelineno-14-34" href="#__codelineno-14-34"></a> <span class="ss">dashboards</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-35"><a id="__codelineno-14-35" name="__codelineno-14-35" href="#__codelineno-14-35"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>attrsOf <span class="p">(</span>types<span class="o">.</span>submodule <span class="p">{</span>
</span><span id="__span-14-36"><a id="__codelineno-14-36" name="__codelineno-14-36" href="#__codelineno-14-36"></a> <span class="ss">options</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-14-37"><a id="__codelineno-14-37" name="__codelineno-14-37" href="#__codelineno-14-37"></a> <span class="ss">title</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-38"><a id="__codelineno-14-38" name="__codelineno-14-38" href="#__codelineno-14-38"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-14-39"><a id="__codelineno-14-39" name="__codelineno-14-39" href="#__codelineno-14-39"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Sidebar display title"</span><span class="p">;</span>
</span><span id="__span-14-40"><a id="__codelineno-14-40" name="__codelineno-14-40" href="#__codelineno-14-40"></a> <span class="p">};</span>
</span><span id="__span-14-41"><a id="__codelineno-14-41" name="__codelineno-14-41" href="#__codelineno-14-41"></a> <span class="ss">icon</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-42"><a id="__codelineno-14-42" name="__codelineno-14-42" href="#__codelineno-14-42"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-14-43"><a id="__codelineno-14-43" name="__codelineno-14-43" href="#__codelineno-14-43"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"mdi:view-dashboard"</span><span class="p">;</span>
</span><span id="__span-14-44"><a id="__codelineno-14-44" name="__codelineno-14-44" href="#__codelineno-14-44"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Material Design Icons name for the sidebar entry"</span><span class="p">;</span>
</span><span id="__span-14-45"><a id="__codelineno-14-45" name="__codelineno-14-45" href="#__codelineno-14-45"></a> <span class="p">};</span>
</span><span id="__span-14-46"><a id="__codelineno-14-46" name="__codelineno-14-46" href="#__codelineno-14-46"></a> <span class="ss">showInSidebar</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-47"><a id="__codelineno-14-47" name="__codelineno-14-47" href="#__codelineno-14-47"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-14-48"><a id="__codelineno-14-48" name="__codelineno-14-48" href="#__codelineno-14-48"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-14-49"><a id="__codelineno-14-49" name="__codelineno-14-49" href="#__codelineno-14-49"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Show this dashboard in the HA sidebar"</span><span class="p">;</span>
</span><span id="__span-14-50"><a id="__codelineno-14-50" name="__codelineno-14-50" href="#__codelineno-14-50"></a> <span class="p">};</span>
</span><span id="__span-14-51"><a id="__codelineno-14-51" name="__codelineno-14-51" href="#__codelineno-14-51"></a> <span class="ss">yaml</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-14-52"><a id="__codelineno-14-52" name="__codelineno-14-52" href="#__codelineno-14-52"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>lines<span class="p">;</span>
</span><span id="__span-14-53"><a id="__codelineno-14-53" name="__codelineno-14-53" href="#__codelineno-14-53"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-14-54"><a id="__codelineno-14-54" name="__codelineno-14-54" href="#__codelineno-14-54"></a><span class="s s-Multiline"> Raw Lovelace dashboard YAML. Must define `title:` and `views:`.</span>
</span><span id="__span-14-55"><a id="__codelineno-14-55" name="__codelineno-14-55" href="#__codelineno-14-55"></a><span class="s s-Multiline"> Written to /etc/home-assistant/dashboards/<name>.yaml at activation;</span>
</span><span id="__span-14-56"><a id="__codelineno-14-56" name="__codelineno-14-56" href="#__codelineno-14-56"></a><span class="s s-Multiline"> referenced from configuration.yaml via lovelace.dashboards.</span>
</span><span id="__span-14-57"><a id="__codelineno-14-57" name="__codelineno-14-57" href="#__codelineno-14-57"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-14-58"><a id="__codelineno-14-58" name="__codelineno-14-58" href="#__codelineno-14-58"></a> <span class="p">};</span>
</span><span id="__span-14-59"><a id="__codelineno-14-59" name="__codelineno-14-59" href="#__codelineno-14-59"></a> <span class="p">};</span>
</span><span id="__span-14-60"><a id="__codelineno-14-60" name="__codelineno-14-60" href="#__codelineno-14-60"></a> <span class="p">});</span>
</span><span id="__span-14-61"><a id="__codelineno-14-61" name="__codelineno-14-61" href="#__codelineno-14-61"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">{</span> <span class="p">};</span>
</span><span id="__span-14-62"><a id="__codelineno-14-62" name="__codelineno-14-62" href="#__codelineno-14-62"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-14-63"><a id="__codelineno-14-63" name="__codelineno-14-63" href="#__codelineno-14-63"></a><span class="s s-Multiline"> Declarative Lovelace dashboards. Each attr key becomes the URL slug</span>
</span><span id="__span-14-64"><a id="__codelineno-14-64" name="__codelineno-14-64" href="#__codelineno-14-64"></a><span class="s s-Multiline"> (/<key>) and the corresponding YAML is rendered into a read-only file</span>
</span><span id="__span-14-65"><a id="__codelineno-14-65" name="__codelineno-14-65" href="#__codelineno-14-65"></a><span class="s s-Multiline"> under /etc/home-assistant/dashboards/. The default Overview dashboard</span>
</span><span id="__span-14-66"><a id="__codelineno-14-66" name="__codelineno-14-66" href="#__codelineno-14-66"></a><span class="s s-Multiline"> remains in storage mode and is unaffected.</span>
</span><span id="__span-14-67"><a id="__codelineno-14-67" name="__codelineno-14-67" href="#__codelineno-14-67"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-14-68"><a id="__codelineno-14-68" name="__codelineno-14-68" href="#__codelineno-14-68"></a> <span class="p">};</span>
</span><span id="__span-14-69"><a id="__codelineno-14-69" name="__codelineno-14-69" href="#__codelineno-14-69"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="intune-portalnix"><code>intune-portal.nix</code><a class="headerlink" href="#intune-portalnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/intune-portal.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/intune-portal.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> Microsoft Intune Company Portal</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>package</code>, <code>autoStart</code>, <code>enableDesktopIntegration</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-15-1"><a id="__codelineno-15-1" name="__codelineno-15-1" href="#__codelineno-15-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">intune</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-15-2"><a id="__codelineno-15-2" name="__codelineno-15-2" href="#__codelineno-15-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"Microsoft Intune Company Portal"</span><span class="p">;</span>
</span><span id="__span-15-3"><a id="__codelineno-15-3" name="__codelineno-15-3" href="#__codelineno-15-3"></a>
</span><span id="__span-15-4"><a id="__codelineno-15-4" name="__codelineno-15-4" href="#__codelineno-15-4"></a> <span class="ss">package</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-15-5"><a id="__codelineno-15-5" name="__codelineno-15-5" href="#__codelineno-15-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>package<span class="p">;</span>
</span><span id="__span-15-6"><a id="__codelineno-15-6" name="__codelineno-15-6" href="#__codelineno-15-6"></a> <span class="ss">default</span> <span class="o">=</span> pkgs<span class="o">.</span>intune-portal<span class="p">;</span>
</span><span id="__span-15-7"><a id="__codelineno-15-7" name="__codelineno-15-7" href="#__codelineno-15-7"></a> <span class="ss">defaultText</span> <span class="o">=</span> literalExpression <span class="s2">"pkgs.intune-portal"</span><span class="p">;</span>
</span><span id="__span-15-8"><a id="__codelineno-15-8" name="__codelineno-15-8" href="#__codelineno-15-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-15-9"><a id="__codelineno-15-9" name="__codelineno-15-9" href="#__codelineno-15-9"></a><span class="s s-Multiline"> The Microsoft Intune Company Portal package to use.</span>
</span><span id="__span-15-10"><a id="__codelineno-15-10" name="__codelineno-15-10" href="#__codelineno-15-10"></a>
</span><span id="__span-15-11"><a id="__codelineno-15-11" name="__codelineno-15-11" href="#__codelineno-15-11"></a><span class="s s-Multiline"> This defaults to our custom-built package with manual version control.</span>
</span><span id="__span-15-12"><a id="__codelineno-15-12" name="__codelineno-15-12" href="#__codelineno-15-12"></a><span class="s s-Multiline"> Change the version by updating pkgs/intune-portal/default.nix and</span>
</span><span id="__span-15-13"><a id="__codelineno-15-13" name="__codelineno-15-13" href="#__codelineno-15-13"></a><span class="s s-Multiline"> rebuilding the system.</span>
</span><span id="__span-15-14"><a id="__codelineno-15-14" name="__codelineno-15-14" href="#__codelineno-15-14"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-15-15"><a id="__codelineno-15-15" name="__codelineno-15-15" href="#__codelineno-15-15"></a> <span class="ss">example</span> <span class="o">=</span> literalExpression <span class="s2">"pkgs.intune-portal"</span><span class="p">;</span>
</span><span id="__span-15-16"><a id="__codelineno-15-16" name="__codelineno-15-16" href="#__codelineno-15-16"></a> <span class="p">};</span>
</span><span id="__span-15-17"><a id="__codelineno-15-17" name="__codelineno-15-17" href="#__codelineno-15-17"></a>
</span><span id="__span-15-18"><a id="__codelineno-15-18" name="__codelineno-15-18" href="#__codelineno-15-18"></a> <span class="ss">autoStart</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-15-19"><a id="__codelineno-15-19" name="__codelineno-15-19" href="#__codelineno-15-19"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-15-20"><a id="__codelineno-15-20" name="__codelineno-15-20" href="#__codelineno-15-20"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-15-21"><a id="__codelineno-15-21" name="__codelineno-15-21" href="#__codelineno-15-21"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-15-22"><a id="__codelineno-15-22" name="__codelineno-15-22" href="#__codelineno-15-22"></a><span class="s s-Multiline"> Whether to automatically start the Intune Portal service on login.</span>
</span><span id="__span-15-23"><a id="__codelineno-15-23" name="__codelineno-15-23" href="#__codelineno-15-23"></a>
</span><span id="__span-15-24"><a id="__codelineno-15-24" name="__codelineno-15-24" href="#__codelineno-15-24"></a><span class="s s-Multiline"> When enabled, the intune-portal service will start with the user session.</span>
</span><span id="__span-15-25"><a id="__codelineno-15-25" name="__codelineno-15-25" href="#__codelineno-15-25"></a><span class="s s-Multiline"> When disabled, you must manually launch intune-portal from the application menu.</span>
</span><span id="__span-15-26"><a id="__codelineno-15-26" name="__codelineno-15-26" href="#__codelineno-15-26"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-15-27"><a id="__codelineno-15-27" name="__codelineno-15-27" href="#__codelineno-15-27"></a> <span class="p">};</span>
</span><span id="__span-15-28"><a id="__codelineno-15-28" name="__codelineno-15-28" href="#__codelineno-15-28"></a>
</span><span id="__span-15-29"><a id="__codelineno-15-29" name="__codelineno-15-29" href="#__codelineno-15-29"></a> <span class="ss">enableDesktopIntegration</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-15-30"><a id="__codelineno-15-30" name="__codelineno-15-30" href="#__codelineno-15-30"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-15-31"><a id="__codelineno-15-31" name="__codelineno-15-31" href="#__codelineno-15-31"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-15-32"><a id="__codelineno-15-32" name="__codelineno-15-32" href="#__codelineno-15-32"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-15-33"><a id="__codelineno-15-33" name="__codelineno-15-33" href="#__codelineno-15-33"></a><span class="s s-Multiline"> Whether to install desktop integration files (.desktop files, system tray support).</span>
</span><span id="__span-15-34"><a id="__codelineno-15-34" name="__codelineno-15-34" href="#__codelineno-15-34"></a>
</span><span id="__span-15-35"><a id="__codelineno-15-35" name="__codelineno-15-35" href="#__codelineno-15-35"></a><span class="s s-Multiline"> This makes Intune Portal available in application menus and provides</span>
</span><span id="__span-15-36"><a id="__codelineno-15-36" name="__codelineno-15-36" href="#__codelineno-15-36"></a><span class="s s-Multiline"> system tray integration for enrollment status and notifications.</span>
</span><span id="__span-15-37"><a id="__codelineno-15-37" name="__codelineno-15-37" href="#__codelineno-15-37"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-15-38"><a id="__codelineno-15-38" name="__codelineno-15-38" href="#__codelineno-15-38"></a> <span class="p">};</span>
</span><span id="__span-15-39"><a id="__codelineno-15-39" name="__codelineno-15-39" href="#__codelineno-15-39"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="defaultnix_5"><code>default.nix</code><a class="headerlink" href="#defaultnix_5" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/kometa/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/kometa/default.nix</code></a></p>
<p>Kometa (was Plex Meta Manager) — collections + metadata + posters for Plex.</p>
<p>Runs as a podman OCI container on p510 sharing the host network namespace
so it can reach localhost:32400 (Plex) directly. Container is always-on;
Kometa's internal scheduler fires per the <code>schedule:</code> key in config.yml.</p>
<p>Phase 1a (this commit): dry-run mode + IMDb Top 250 only. Once the
dry-run output looks right, flip <code>dry_run: false</code> in
modules/services/kometa/config.yml and redeploy.</p>
<p>Pattern mirrors modules/services/skill-pool.nix (oci-containers + podman).</p>
<p>Config flow:
modules/services/kometa/config.yml ← repo source of truth; contains
${TMDB_API_KEY} + ${PLEX_TOKEN}
shell-style placeholders.
kometa-config-render.service ← systemd oneshot; envsubst's
the template into
/var/lib/kometa/config.yml
with agenix-provided values.
podman-kometa.service ← depends on the oneshot; mounts
/var/lib/kometa as /config.</p>
<ul>
<li><strong>Enable option:</strong> Kometa (Plex Meta Manager)</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-16-1"><a id="__codelineno-16-1" name="__codelineno-16-1" href="#__codelineno-16-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">kometa</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-16-2"><a id="__codelineno-16-2" name="__codelineno-16-2" href="#__codelineno-16-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Kometa (Plex Meta Manager)"</span><span class="p">;</span>
</span><span id="__span-16-3"><a id="__codelineno-16-3" name="__codelineno-16-3" href="#__codelineno-16-3"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="defaultnix_6"><code>default.nix</code><a class="headerlink" href="#defaultnix_6" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/libinput/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/libinput/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="litellm-routernix"><code>litellm-router.nix</code><a class="headerlink" href="#litellm-routernix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/litellm-router.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/litellm-router.nix</code></a></p>
<p>LiteLLM proxy — Anthropic-compat router that fronts the local Ollama
service. Lets Claude Code (which speaks the Anthropic API natively) reach
local Ollama models by setting ANTHROPIC_BASE_URL per repo.</p>
<p>Architecture:
Claude Code → http(s)://p620.../router (LiteLLM) → 127.0.0.1:11434 (Ollama)</p>
<p>Model aliases:
claude-sonnet-4-6 → qwen3:14b (default coding model — primary)
claude-opus-4-6 → gemma4:e4b (light/fast on-demand)
qwen3 → qwen3:14b (native name passthrough)
qwen3.6 → qwen3:14b (backward compatibility alias)
qwen2.5-coder → qwen2.5-coder:14b (previous default, still pulled)
gemma4 → gemma4:e4b (backward compatibility alias)</p>
<p>Authentication: a single master bearer key loaded at runtime from agenix
(/run/agenix/litellm-master-key). Per-host clients hold the same plaintext
under their own .age files (api-router-p620, api-router-razer — Phase 3).</p>
<p>Network: binds 0.0.0.0:4000 but firewall opens it only on tailscale0 and
the configured LAN interface — never globally reachable.</p>
<p>See docs/plans/2026-05-22-ollama-p620-litellm-design.md §5 for full design.</p>
<ul>
<li><strong>Enable option:</strong> LiteLLM proxy fronting the local Ollama service</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-17-1"><a id="__codelineno-17-1" name="__codelineno-17-1" href="#__codelineno-17-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">litellm-router</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-17-2"><a id="__codelineno-17-2" name="__codelineno-17-2" href="#__codelineno-17-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"LiteLLM proxy fronting the local Ollama service"</span><span class="p">;</span>
</span><span id="__span-17-3"><a id="__codelineno-17-3" name="__codelineno-17-3" href="#__codelineno-17-3"></a>
</span><span id="__span-17-4"><a id="__codelineno-17-4" name="__codelineno-17-4" href="#__codelineno-17-4"></a> <span class="ss">port</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-17-5"><a id="__codelineno-17-5" name="__codelineno-17-5" href="#__codelineno-17-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-17-6"><a id="__codelineno-17-6" name="__codelineno-17-6" href="#__codelineno-17-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">4000</span><span class="p">;</span>
</span><span id="__span-17-7"><a id="__codelineno-17-7" name="__codelineno-17-7" href="#__codelineno-17-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Port LiteLLM binds to (loopback always; tailnet + LAN via firewall)."</span><span class="p">;</span>
</span><span id="__span-17-8"><a id="__codelineno-17-8" name="__codelineno-17-8" href="#__codelineno-17-8"></a> <span class="p">};</span>
</span><span id="__span-17-9"><a id="__codelineno-17-9" name="__codelineno-17-9" href="#__codelineno-17-9"></a>
</span><span id="__span-17-10"><a id="__codelineno-17-10" name="__codelineno-17-10" href="#__codelineno-17-10"></a> <span class="ss">listenLanInterface</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-17-11"><a id="__codelineno-17-11" name="__codelineno-17-11" href="#__codelineno-17-11"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-17-12"><a id="__codelineno-17-12" name="__codelineno-17-12" href="#__codelineno-17-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-17-13"><a id="__codelineno-17-13" name="__codelineno-17-13" href="#__codelineno-17-13"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"enp1s0"</span><span class="p">;</span>
</span><span id="__span-17-14"><a id="__codelineno-17-14" name="__codelineno-17-14" href="#__codelineno-17-14"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-17-15"><a id="__codelineno-17-15" name="__codelineno-17-15" href="#__codelineno-17-15"></a><span class="s s-Multiline"> LAN interface to open the port on (in addition to tailscale0 and</span>
</span><span id="__span-17-16"><a id="__codelineno-17-16" name="__codelineno-17-16" href="#__codelineno-17-16"></a><span class="s s-Multiline"> loopback). Set to the host's actual LAN NIC; confirm with `ip link`.</span>
</span><span id="__span-17-17"><a id="__codelineno-17-17" name="__codelineno-17-17" href="#__codelineno-17-17"></a><span class="s s-Multiline"> Set to null to expose only via Tailscale.</span>
</span><span id="__span-17-18"><a id="__codelineno-17-18" name="__codelineno-17-18" href="#__codelineno-17-18"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-17-19"><a id="__codelineno-17-19" name="__codelineno-17-19" href="#__codelineno-17-19"></a> <span class="p">};</span>
</span><span id="__span-17-20"><a id="__codelineno-17-20" name="__codelineno-17-20" href="#__codelineno-17-20"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="defaultnix_7"><code>default.nix</code><a class="headerlink" href="#defaultnix_7" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/logind/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/logind/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="defaultnix_8"><code>default.nix</code><a class="headerlink" href="#defaultnix_8" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/mandb/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/mandb/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="media-botnix"><code>media-bot.nix</code><a class="headerlink" href="#media-botnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/media-bot.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/media-bot.nix</code></a></p>
<p>media-bot — household Telegram bot for the *arr stack on p510.</p>
<p>Phase 1 surface (spec: docs/plans/2026-05-30-media-bot-design.md, mirrored
at ~/.claude/plans/stateless-enchanting-beaver.md during brainstorm):
• menu commands (/search /add /queue /status /recent /wanted)
• aiohttp webhook receiver on cfg.port ingesting Sonarr / Radarr /
Overseerr / audiobook-import events; replies to Telegram with inline
action buttons (Quiet event set — wins only).
• Ollama-backed natural-language fallback (qwen2.5:7b by default,
override via OLLAMA_MODEL in the env file).</p>
<p>Required secrets (both agenix-encrypted, host-keyed for p510):
• media-bot-env.age — TELEGRAM_BOT_TOKEN + <em>arr API keys + OLLAMA_</em>
• media-bot-users.age — YAML user whitelist (telegram_id, plex_user, name)</p>
<p>Pattern mirrors modules/services/arr-suite-mcp.nix: DynamicUser, full
systemd hardening, tailscale-only firewall by default.</p>
<ul>
<li><strong>Enable option:</strong> household media Telegram bot</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-18-1"><a id="__codelineno-18-1" name="__codelineno-18-1" href="#__codelineno-18-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">media-bot</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-18-2"><a id="__codelineno-18-2" name="__codelineno-18-2" href="#__codelineno-18-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"household media Telegram bot"</span><span class="p">;</span>
</span><span id="__span-18-3"><a id="__codelineno-18-3" name="__codelineno-18-3" href="#__codelineno-18-3"></a>
</span><span id="__span-18-4"><a id="__codelineno-18-4" name="__codelineno-18-4" href="#__codelineno-18-4"></a> <span class="ss">port</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-18-5"><a id="__codelineno-18-5" name="__codelineno-18-5" href="#__codelineno-18-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-18-6"><a id="__codelineno-18-6" name="__codelineno-18-6" href="#__codelineno-18-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">8090</span><span class="p">;</span>
</span><span id="__span-18-7"><a id="__codelineno-18-7" name="__codelineno-18-7" href="#__codelineno-18-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-18-8"><a id="__codelineno-18-8" name="__codelineno-18-8" href="#__codelineno-18-8"></a><span class="s s-Multiline"> Port the aiohttp webhook receiver listens on. Loopback is always</span>
</span><span id="__span-18-9"><a id="__codelineno-18-9" name="__codelineno-18-9" href="#__codelineno-18-9"></a><span class="s s-Multiline"> available; the firewall opens this port on `tailscale0` (and</span>
</span><span id="__span-18-10"><a id="__codelineno-18-10" name="__codelineno-18-10" href="#__codelineno-18-10"></a><span class="s s-Multiline"> optionally on a named LAN interface) so Sonarr / Radarr / Overseerr</span>
</span><span id="__span-18-11"><a id="__codelineno-18-11" name="__codelineno-18-11" href="#__codelineno-18-11"></a><span class="s s-Multiline"> and audiobook-import.service can POST event payloads to it.</span>
</span><span id="__span-18-12"><a id="__codelineno-18-12" name="__codelineno-18-12" href="#__codelineno-18-12"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-18-13"><a id="__codelineno-18-13" name="__codelineno-18-13" href="#__codelineno-18-13"></a> <span class="p">};</span>
</span><span id="__span-18-14"><a id="__codelineno-18-14" name="__codelineno-18-14" href="#__codelineno-18-14"></a>
</span><span id="__span-18-15"><a id="__codelineno-18-15" name="__codelineno-18-15" href="#__codelineno-18-15"></a> <span class="ss">environmentFile</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-18-16"><a id="__codelineno-18-16" name="__codelineno-18-16" href="#__codelineno-18-16"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-18-17"><a id="__codelineno-18-17" name="__codelineno-18-17" href="#__codelineno-18-17"></a> <span class="ss">default</span> <span class="o">=</span> config<span class="o">.</span>age<span class="o">.</span>secrets<span class="o">.</span><span class="s2">"media-bot-env"</span><span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-18-18"><a id="__codelineno-18-18" name="__codelineno-18-18" href="#__codelineno-18-18"></a> <span class="ss">defaultText</span> <span class="o">=</span> lib<span class="o">.</span>literalExpression
</span><span id="__span-18-19"><a id="__codelineno-18-19" name="__codelineno-18-19" href="#__codelineno-18-19"></a> <span class="s s-Multiline">''config.age.secrets."media-bot-env".path''</span><span class="p">;</span>
</span><span id="__span-18-20"><a id="__codelineno-18-20" name="__codelineno-18-20" href="#__codelineno-18-20"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-18-21"><a id="__codelineno-18-21" name="__codelineno-18-21" href="#__codelineno-18-21"></a><span class="s s-Multiline"> EnvironmentFile with TELEGRAM_BOT_TOKEN, *arr API keys, OLLAMA_*</span>
</span><span id="__span-18-22"><a id="__codelineno-18-22" name="__codelineno-18-22" href="#__codelineno-18-22"></a><span class="s s-Multiline"> endpoint + model (KEY=VALUE per line). The bot reads these on</span>
</span><span id="__span-18-23"><a id="__codelineno-18-23" name="__codelineno-18-23" href="#__codelineno-18-23"></a><span class="s s-Multiline"> startup; restart the service to pick up changes.</span>
</span><span id="__span-18-24"><a id="__codelineno-18-24" name="__codelineno-18-24" href="#__codelineno-18-24"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-18-25"><a id="__codelineno-18-25" name="__codelineno-18-25" href="#__codelineno-18-25"></a> <span class="p">};</span>
</span><span id="__span-18-26"><a id="__codelineno-18-26" name="__codelineno-18-26" href="#__codelineno-18-26"></a>
</span><span id="__span-18-27"><a id="__codelineno-18-27" name="__codelineno-18-27" href="#__codelineno-18-27"></a> <span class="ss">usersFile</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-18-28"><a id="__codelineno-18-28" name="__codelineno-18-28" href="#__codelineno-18-28"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-18-29"><a id="__codelineno-18-29" name="__codelineno-18-29" href="#__codelineno-18-29"></a> <span class="ss">default</span> <span class="o">=</span> config<span class="o">.</span>age<span class="o">.</span>secrets<span class="o">.</span><span class="s2">"media-bot-users"</span><span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-18-30"><a id="__codelineno-18-30" name="__codelineno-18-30" href="#__codelineno-18-30"></a> <span class="ss">defaultText</span> <span class="o">=</span> lib<span class="o">.</span>literalExpression
</span><span id="__span-18-31"><a id="__codelineno-18-31" name="__codelineno-18-31" href="#__codelineno-18-31"></a> <span class="s s-Multiline">''config.age.secrets."media-bot-users".path''</span><span class="p">;</span>
</span><span id="__span-18-32"><a id="__codelineno-18-32" name="__codelineno-18-32" href="#__codelineno-18-32"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-18-33"><a id="__codelineno-18-33" name="__codelineno-18-33" href="#__codelineno-18-33"></a><span class="s s-Multiline"> YAML file listing whitelisted Telegram users and their Plex</span>
</span><span id="__span-18-34"><a id="__codelineno-18-34" name="__codelineno-18-34" href="#__codelineno-18-34"></a><span class="s s-Multiline"> usernames. Reloadable at runtime: `systemctl reload media-bot`</span>
</span><span id="__span-18-35"><a id="__codelineno-18-35" name="__codelineno-18-35" href="#__codelineno-18-35"></a><span class="s s-Multiline"> sends SIGHUP, the bot rereads this file, no restart needed.</span>
</span><span id="__span-18-36"><a id="__codelineno-18-36" name="__codelineno-18-36" href="#__codelineno-18-36"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-18-37"><a id="__codelineno-18-37" name="__codelineno-18-37" href="#__codelineno-18-37"></a> <span class="p">};</span>
</span><span id="__span-18-38"><a id="__codelineno-18-38" name="__codelineno-18-38" href="#__codelineno-18-38"></a>
</span><span id="__span-18-39"><a id="__codelineno-18-39" name="__codelineno-18-39" href="#__codelineno-18-39"></a> <span class="ss">listenLanInterface</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-18-40"><a id="__codelineno-18-40" name="__codelineno-18-40" href="#__codelineno-18-40"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-18-41"><a id="__codelineno-18-41" name="__codelineno-18-41" href="#__codelineno-18-41"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-18-42"><a id="__codelineno-18-42" name="__codelineno-18-42" href="#__codelineno-18-42"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"eno1"</span><span class="p">;</span>
</span><span id="__span-18-43"><a id="__codelineno-18-43" name="__codelineno-18-43" href="#__codelineno-18-43"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-18-44"><a id="__codelineno-18-44" name="__codelineno-18-44" href="#__codelineno-18-44"></a><span class="s s-Multiline"> LAN interface to additionally open `cfg.port` on. `null` exposes</span>
</span><span id="__span-18-45"><a id="__codelineno-18-45" name="__codelineno-18-45" href="#__codelineno-18-45"></a><span class="s s-Multiline"> the webhook receiver only via tailscale0 — recommended, since</span>
</span><span id="__span-18-46"><a id="__codelineno-18-46" name="__codelineno-18-46" href="#__codelineno-18-46"></a><span class="s s-Multiline"> Sonarr / Radarr / Overseerr / audiobook-import all run on the</span>
</span><span id="__span-18-47"><a id="__codelineno-18-47" name="__codelineno-18-47" href="#__codelineno-18-47"></a><span class="s s-Multiline"> same host as the bot and reach it via 127.0.0.1.</span>
</span><span id="__span-18-48"><a id="__codelineno-18-48" name="__codelineno-18-48" href="#__codelineno-18-48"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-18-49"><a id="__codelineno-18-49" name="__codelineno-18-49" href="#__codelineno-18-49"></a> <span class="p">};</span>
</span><span id="__span-18-50"><a id="__codelineno-18-50" name="__codelineno-18-50" href="#__codelineno-18-50"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="meeting-transcribenix"><code>meeting-transcribe.nix</code><a class="headerlink" href="#meeting-transcribenix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/meeting-transcribe.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/meeting-transcribe.nix</code></a></p>
<p>meeting-transcribe — one-button meeting recording + transcription + summary.</p>
<p>UX: SUPER+SHIFT+M to start, again to stop. After stop, a background job
transcribes (whisperX + diarization) and summarizes (Ollama, mistral-small3.1)
the audio. ~2-5 min later, notify-send fires with a markdown brief at
~/meetings/YYYY-MM-DD-HHMM.md containing TL;DR, your action items, decisions,
flagged keywords, topic timeline, and the full diarized transcript.</p>
<p>Topology: razer records locally + offloads heavy work to p620 over Tailscale
SSH. p620 records AND processes locally. Per-host wiring:</p>
<h1 id="razer-client-only">razer (client only)<a class="headerlink" href="#razer-client-only" title="Anchor link to this section">¶</a></h1>
<p>features.meetingTranscribe = {
enable = true;
processHost = "p620";
installProcessor = false;
userName = "Olaf";
userEmail = "olaf@freundcloud.com";
};</p>
<h1 id="p620-client-processor">p620 (client + processor)<a class="headerlink" href="#p620-client-processor" title="Anchor link to this section">¶</a></h1>
<p>features.meetingTranscribe = {
enable = true;
processHost = "local";
installProcessor = true;
huggingfaceTokenFile = config.age.secrets."api-huggingface".path;
ollamaUrl = "http://localhost:11434";
userName = "Olaf";
userEmail = "olaf@freundcloud.com";
};</p>
<p>Setup (one-time, post-deploy on p620):
1. Sign up at https://huggingface.co/join (free).
2. Accept terms at https://huggingface.co/pyannote/speaker-diarization-3.1
(and the dependency https://huggingface.co/pyannote/segmentation-3.0).
3. Create a read token at https://huggingface.co/settings/tokens.
4. ./scripts/manage-secrets.sh create api-huggingface (paste token).
5. just quick-deploy p620 && just quick-deploy razer.</p>
<ul>
<li><strong>Enable option:</strong> Meeting recording, transcription, and summarization</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-19-1"><a id="__codelineno-19-1" name="__codelineno-19-1" href="#__codelineno-19-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">meetingTranscribe</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-19-2"><a id="__codelineno-19-2" name="__codelineno-19-2" href="#__codelineno-19-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Meeting recording, transcription, and summarization"</span><span class="p">;</span>
</span><span id="__span-19-3"><a id="__codelineno-19-3" name="__codelineno-19-3" href="#__codelineno-19-3"></a>
</span><span id="__span-19-4"><a id="__codelineno-19-4" name="__codelineno-19-4" href="#__codelineno-19-4"></a> <span class="ss">processHost</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-5"><a id="__codelineno-19-5" name="__codelineno-19-5" href="#__codelineno-19-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-6"><a id="__codelineno-19-6" name="__codelineno-19-6" href="#__codelineno-19-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"local"</span><span class="p">;</span>
</span><span id="__span-19-7"><a id="__codelineno-19-7" name="__codelineno-19-7" href="#__codelineno-19-7"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"p620"</span><span class="p">;</span>
</span><span id="__span-19-8"><a id="__codelineno-19-8" name="__codelineno-19-8" href="#__codelineno-19-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-19-9"><a id="__codelineno-19-9" name="__codelineno-19-9" href="#__codelineno-19-9"></a><span class="s s-Multiline"> Where transcription + summarization runs. "local" means same host</span>
</span><span id="__span-19-10"><a id="__codelineno-19-10" name="__codelineno-19-10" href="#__codelineno-19-10"></a><span class="s s-Multiline"> (requires installProcessor = true). Otherwise an SSH-reachable host</span>
</span><span id="__span-19-11"><a id="__codelineno-19-11" name="__codelineno-19-11" href="#__codelineno-19-11"></a><span class="s s-Multiline"> name (typically a Tailscale node) where the processor is installed.</span>
</span><span id="__span-19-12"><a id="__codelineno-19-12" name="__codelineno-19-12" href="#__codelineno-19-12"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-19-13"><a id="__codelineno-19-13" name="__codelineno-19-13" href="#__codelineno-19-13"></a> <span class="p">};</span>
</span><span id="__span-19-14"><a id="__codelineno-19-14" name="__codelineno-19-14" href="#__codelineno-19-14"></a>
</span><span id="__span-19-15"><a id="__codelineno-19-15" name="__codelineno-19-15" href="#__codelineno-19-15"></a> <span class="ss">installProcessor</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-16"><a id="__codelineno-19-16" name="__codelineno-19-16" href="#__codelineno-19-16"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-19-17"><a id="__codelineno-19-17" name="__codelineno-19-17" href="#__codelineno-19-17"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-19-18"><a id="__codelineno-19-18" name="__codelineno-19-18" href="#__codelineno-19-18"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-19-19"><a id="__codelineno-19-19" name="__codelineno-19-19" href="#__codelineno-19-19"></a><span class="s s-Multiline"> Install processor-side dependencies (whisperX, meet-process helper).</span>
</span><span id="__span-19-20"><a id="__codelineno-19-20" name="__codelineno-19-20" href="#__codelineno-19-20"></a><span class="s s-Multiline"> Set true on the host that runs the heavy lifting (typically p620).</span>
</span><span id="__span-19-21"><a id="__codelineno-19-21" name="__codelineno-19-21" href="#__codelineno-19-21"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-19-22"><a id="__codelineno-19-22" name="__codelineno-19-22" href="#__codelineno-19-22"></a> <span class="p">};</span>
</span><span id="__span-19-23"><a id="__codelineno-19-23" name="__codelineno-19-23" href="#__codelineno-19-23"></a>
</span><span id="__span-19-24"><a id="__codelineno-19-24" name="__codelineno-19-24" href="#__codelineno-19-24"></a> <span class="ss">huggingfaceTokenFile</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-25"><a id="__codelineno-19-25" name="__codelineno-19-25" href="#__codelineno-19-25"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-19-26"><a id="__codelineno-19-26" name="__codelineno-19-26" href="#__codelineno-19-26"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-19-27"><a id="__codelineno-19-27" name="__codelineno-19-27" href="#__codelineno-19-27"></a> <span class="ss">example</span> <span class="o">=</span> lib<span class="o">.</span>literalExpression <span class="s s-Multiline">''config.age.secrets."api-huggingface".path''</span><span class="p">;</span>
</span><span id="__span-19-28"><a id="__codelineno-19-28" name="__codelineno-19-28" href="#__codelineno-19-28"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-19-29"><a id="__codelineno-19-29" name="__codelineno-19-29" href="#__codelineno-19-29"></a><span class="s s-Multiline"> Path to a HuggingFace token file (required by whisperX for the</span>
</span><span id="__span-19-30"><a id="__codelineno-19-30" name="__codelineno-19-30" href="#__codelineno-19-30"></a><span class="s s-Multiline"> pyannote diarization model). Required on the processor host. Read</span>
</span><span id="__span-19-31"><a id="__codelineno-19-31" name="__codelineno-19-31" href="#__codelineno-19-31"></a><span class="s s-Multiline"> at runtime, never embedded in the store.</span>
</span><span id="__span-19-32"><a id="__codelineno-19-32" name="__codelineno-19-32" href="#__codelineno-19-32"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-19-33"><a id="__codelineno-19-33" name="__codelineno-19-33" href="#__codelineno-19-33"></a> <span class="p">};</span>
</span><span id="__span-19-34"><a id="__codelineno-19-34" name="__codelineno-19-34" href="#__codelineno-19-34"></a>
</span><span id="__span-19-35"><a id="__codelineno-19-35" name="__codelineno-19-35" href="#__codelineno-19-35"></a> <span class="ss">ollamaUrl</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-36"><a id="__codelineno-19-36" name="__codelineno-19-36" href="#__codelineno-19-36"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-37"><a id="__codelineno-19-37" name="__codelineno-19-37" href="#__codelineno-19-37"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"http://p620:11434"</span><span class="p">;</span>
</span><span id="__span-19-38"><a id="__codelineno-19-38" name="__codelineno-19-38" href="#__codelineno-19-38"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-19-39"><a id="__codelineno-19-39" name="__codelineno-19-39" href="#__codelineno-19-39"></a><span class="s s-Multiline"> Ollama API base URL for summarization. On p620, override to</span>
</span><span id="__span-19-40"><a id="__codelineno-19-40" name="__codelineno-19-40" href="#__codelineno-19-40"></a><span class="s s-Multiline"> http://localhost:11434.</span>
</span><span id="__span-19-41"><a id="__codelineno-19-41" name="__codelineno-19-41" href="#__codelineno-19-41"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-19-42"><a id="__codelineno-19-42" name="__codelineno-19-42" href="#__codelineno-19-42"></a> <span class="p">};</span>
</span><span id="__span-19-43"><a id="__codelineno-19-43" name="__codelineno-19-43" href="#__codelineno-19-43"></a>
</span><span id="__span-19-44"><a id="__codelineno-19-44" name="__codelineno-19-44" href="#__codelineno-19-44"></a> <span class="ss">ollamaModel</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-45"><a id="__codelineno-19-45" name="__codelineno-19-45" href="#__codelineno-19-45"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-46"><a id="__codelineno-19-46" name="__codelineno-19-46" href="#__codelineno-19-46"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"mistral-small3.1"</span><span class="p">;</span>
</span><span id="__span-19-47"><a id="__codelineno-19-47" name="__codelineno-19-47" href="#__codelineno-19-47"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Ollama model name for summarization (must be pulled on the host)."</span><span class="p">;</span>
</span><span id="__span-19-48"><a id="__codelineno-19-48" name="__codelineno-19-48" href="#__codelineno-19-48"></a> <span class="p">};</span>
</span><span id="__span-19-49"><a id="__codelineno-19-49" name="__codelineno-19-49" href="#__codelineno-19-49"></a>
</span><span id="__span-19-50"><a id="__codelineno-19-50" name="__codelineno-19-50" href="#__codelineno-19-50"></a> <span class="ss">whisperModel</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-51"><a id="__codelineno-19-51" name="__codelineno-19-51" href="#__codelineno-19-51"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-52"><a id="__codelineno-19-52" name="__codelineno-19-52" href="#__codelineno-19-52"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"large-v3"</span><span class="p">;</span>
</span><span id="__span-19-53"><a id="__codelineno-19-53" name="__codelineno-19-53" href="#__codelineno-19-53"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"whisperX model size: tiny | base | small | medium | large-v3."</span><span class="p">;</span>
</span><span id="__span-19-54"><a id="__codelineno-19-54" name="__codelineno-19-54" href="#__codelineno-19-54"></a> <span class="p">};</span>
</span><span id="__span-19-55"><a id="__codelineno-19-55" name="__codelineno-19-55" href="#__codelineno-19-55"></a>
</span><span id="__span-19-56"><a id="__codelineno-19-56" name="__codelineno-19-56" href="#__codelineno-19-56"></a> <span class="ss">language</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-57"><a id="__codelineno-19-57" name="__codelineno-19-57" href="#__codelineno-19-57"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-58"><a id="__codelineno-19-58" name="__codelineno-19-58" href="#__codelineno-19-58"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"en"</span><span class="p">;</span>
</span><span id="__span-19-59"><a id="__codelineno-19-59" name="__codelineno-19-59" href="#__codelineno-19-59"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Language code for whisperX (e.g. en, no, da)."</span><span class="p">;</span>
</span><span id="__span-19-60"><a id="__codelineno-19-60" name="__codelineno-19-60" href="#__codelineno-19-60"></a> <span class="p">};</span>
</span><span id="__span-19-61"><a id="__codelineno-19-61" name="__codelineno-19-61" href="#__codelineno-19-61"></a>
</span><span id="__span-19-62"><a id="__codelineno-19-62" name="__codelineno-19-62" href="#__codelineno-19-62"></a> <span class="ss">outputDir</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-63"><a id="__codelineno-19-63" name="__codelineno-19-63" href="#__codelineno-19-63"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-64"><a id="__codelineno-19-64" name="__codelineno-19-64" href="#__codelineno-19-64"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"~/meetings"</span><span class="p">;</span>
</span><span id="__span-19-65"><a id="__codelineno-19-65" name="__codelineno-19-65" href="#__codelineno-19-65"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Where finished meeting briefs land (per-user; tilde expanded at runtime)."</span><span class="p">;</span>
</span><span id="__span-19-66"><a id="__codelineno-19-66" name="__codelineno-19-66" href="#__codelineno-19-66"></a> <span class="p">};</span>
</span><span id="__span-19-67"><a id="__codelineno-19-67" name="__codelineno-19-67" href="#__codelineno-19-67"></a>
</span><span id="__span-19-68"><a id="__codelineno-19-68" name="__codelineno-19-68" href="#__codelineno-19-68"></a> <span class="ss">userName</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-69"><a id="__codelineno-19-69" name="__codelineno-19-69" href="#__codelineno-19-69"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-70"><a id="__codelineno-19-70" name="__codelineno-19-70" href="#__codelineno-19-70"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"Olaf"</span><span class="p">;</span>
</span><span id="__span-19-71"><a id="__codelineno-19-71" name="__codelineno-19-71" href="#__codelineno-19-71"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-19-72"><a id="__codelineno-19-72" name="__codelineno-19-72" href="#__codelineno-19-72"></a><span class="s s-Multiline"> Your display name. Used in the Ollama prompt to identify "your action</span>
</span><span id="__span-19-73"><a id="__codelineno-19-73" name="__codelineno-19-73" href="#__codelineno-19-73"></a><span class="s s-Multiline"> items" vs others'.</span>
</span><span id="__span-19-74"><a id="__codelineno-19-74" name="__codelineno-19-74" href="#__codelineno-19-74"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-19-75"><a id="__codelineno-19-75" name="__codelineno-19-75" href="#__codelineno-19-75"></a> <span class="p">};</span>
</span><span id="__span-19-76"><a id="__codelineno-19-76" name="__codelineno-19-76" href="#__codelineno-19-76"></a>
</span><span id="__span-19-77"><a id="__codelineno-19-77" name="__codelineno-19-77" href="#__codelineno-19-77"></a> <span class="ss">userEmail</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-78"><a id="__codelineno-19-78" name="__codelineno-19-78" href="#__codelineno-19-78"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-79"><a id="__codelineno-19-79" name="__codelineno-19-79" href="#__codelineno-19-79"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"olaf@freundcloud.com"</span><span class="p">;</span>
</span><span id="__span-19-80"><a id="__codelineno-19-80" name="__codelineno-19-80" href="#__codelineno-19-80"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Your email. Helps the LLM identify you in the transcript."</span><span class="p">;</span>
</span><span id="__span-19-81"><a id="__codelineno-19-81" name="__codelineno-19-81" href="#__codelineno-19-81"></a> <span class="p">};</span>
</span><span id="__span-19-82"><a id="__codelineno-19-82" name="__codelineno-19-82" href="#__codelineno-19-82"></a>
</span><span id="__span-19-83"><a id="__codelineno-19-83" name="__codelineno-19-83" href="#__codelineno-19-83"></a> <span class="ss">flagKeywords</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-19-84"><a id="__codelineno-19-84" name="__codelineno-19-84" href="#__codelineno-19-84"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>listOf lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-19-85"><a id="__codelineno-19-85" name="__codelineno-19-85" href="#__codelineno-19-85"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"blocker"</span> <span class="s2">"deadline"</span> <span class="s2">"urgent"</span> <span class="s2">"incident"</span> <span class="s2">"risk"</span> <span class="s2">"escalate"</span> <span class="p">];</span>
</span><span id="__span-19-86"><a id="__codelineno-19-86" name="__codelineno-19-86" href="#__codelineno-19-86"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Keywords extracted with timestamps into the 'Flagged' section of the brief."</span><span class="p">;</span>
</span><span id="__span-19-87"><a id="__codelineno-19-87" name="__codelineno-19-87" href="#__codelineno-19-87"></a> <span class="p">};</span>
</span><span id="__span-19-88"><a id="__codelineno-19-88" name="__codelineno-19-88" href="#__codelineno-19-88"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="mtrnix"><code>mtr.nix</code><a class="headerlink" href="#mtrnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/mtr/mtr.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/mtr/mtr.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="n8nnix"><code>n8n.nix</code><a class="headerlink" href="#n8nnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/n8n.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/n8n.nix</code></a></p>
<p>n8n — local workflow-automation runtime.</p>
<p>Stands up the upstream <code>services.n8n</code> (which already runs hardened under
DynamicUser + ProtectSystem=strict and loads any <em>_FILE env var via systemd
credentials) behind a feature flag. The only NixOS-managed secret is the n8n
encryption key (agenix); all workflow/service API keys (Overseerr, Tautulli,
Home Assistant, …) live as n8n *credentials</em>, encrypted by that key inside
n8n's own store and entered at runtime in the n8n UI.</p>
<p>Network: binds 127.0.0.1 only (firewall untouched). On p510 every consumer
(Tautulli, Overseerr, Lidarr, ollama) is co-located, so loopback suffices.</p>
<p>Used by the "just-finished" media-recommendation workflow.
See docs/plans/2026-05-26-plex-llm-recommendations-design.md.</p>
<ul>
<li><strong>Enable option:</strong> n8n workflow-automation runtime (localhost, agenix-keyed)</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-20-1"><a id="__codelineno-20-1" name="__codelineno-20-1" href="#__codelineno-20-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">n8n</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-20-2"><a id="__codelineno-20-2" name="__codelineno-20-2" href="#__codelineno-20-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"n8n workflow-automation runtime (localhost, agenix-keyed)"</span><span class="p">;</span>
</span><span id="__span-20-3"><a id="__codelineno-20-3" name="__codelineno-20-3" href="#__codelineno-20-3"></a>
</span><span id="__span-20-4"><a id="__codelineno-20-4" name="__codelineno-20-4" href="#__codelineno-20-4"></a> <span class="ss">port</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-20-5"><a id="__codelineno-20-5" name="__codelineno-20-5" href="#__codelineno-20-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-20-6"><a id="__codelineno-20-6" name="__codelineno-20-6" href="#__codelineno-20-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">5678</span><span class="p">;</span>
</span><span id="__span-20-7"><a id="__codelineno-20-7" name="__codelineno-20-7" href="#__codelineno-20-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Loopback HTTP port n8n listens on. Never exposed to the network (no firewall opening)."</span><span class="p">;</span>
</span><span id="__span-20-8"><a id="__codelineno-20-8" name="__codelineno-20-8" href="#__codelineno-20-8"></a> <span class="p">};</span>
</span><span id="__span-20-9"><a id="__codelineno-20-9" name="__codelineno-20-9" href="#__codelineno-20-9"></a>
</span><span id="__span-20-10"><a id="__codelineno-20-10" name="__codelineno-20-10" href="#__codelineno-20-10"></a> <span class="ss">publicUrl</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-20-11"><a id="__codelineno-20-11" name="__codelineno-20-11" href="#__codelineno-20-11"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-20-12"><a id="__codelineno-20-12" name="__codelineno-20-12" href="#__codelineno-20-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-20-13"><a id="__codelineno-20-13" name="__codelineno-20-13" href="#__codelineno-20-13"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"https://n8n.example.com"</span><span class="p">;</span>
</span><span id="__span-20-14"><a id="__codelineno-20-14" name="__codelineno-20-14" href="#__codelineno-20-14"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-20-15"><a id="__codelineno-20-15" name="__codelineno-20-15" href="#__codelineno-20-15"></a><span class="s s-Multiline"> External base URL when fronting n8n with a reverse proxy (cloudflared,</span>
</span><span id="__span-20-16"><a id="__codelineno-20-16" name="__codelineno-20-16" href="#__codelineno-20-16"></a><span class="s s-Multiline"> Tailscale Serve, Caddy, …). When set, n8n is told its public hostname</span>
</span><span id="__span-20-17"><a id="__codelineno-20-17" name="__codelineno-20-17" href="#__codelineno-20-17"></a><span class="s s-Multiline"> and protocol so webhook URLs, OAuth callbacks, and Secure cookies all</span>
</span><span id="__span-20-18"><a id="__codelineno-20-18" name="__codelineno-20-18" href="#__codelineno-20-18"></a><span class="s s-Multiline"> reference the proxy address instead of localhost. The listen address</span>
</span><span id="__span-20-19"><a id="__codelineno-20-19" name="__codelineno-20-19" href="#__codelineno-20-19"></a><span class="s s-Multiline"> stays loopback — wire the proxy separately.</span>
</span><span id="__span-20-20"><a id="__codelineno-20-20" name="__codelineno-20-20" href="#__codelineno-20-20"></a>
</span><span id="__span-20-21"><a id="__codelineno-20-21" name="__codelineno-20-21" href="#__codelineno-20-21"></a><span class="s s-Multiline"> Leave null for loopback-only operation (the original module behavior).</span>
</span><span id="__span-20-22"><a id="__codelineno-20-22" name="__codelineno-20-22" href="#__codelineno-20-22"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-20-23"><a id="__codelineno-20-23" name="__codelineno-20-23" href="#__codelineno-20-23"></a> <span class="p">};</span>
</span><span id="__span-20-24"><a id="__codelineno-20-24" name="__codelineno-20-24" href="#__codelineno-20-24"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="network-stabilitynix"><code>network-stability.nix</code><a class="headerlink" href="#network-stabilitynix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/network-stability.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/network-stability.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> Comprehensive network stability improvements</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>interval</code>, <code>providers</code>, <code>improve</code>, <code>switchDelayMs</code>, <code>startDelay</code>, <code>restartSec</code>, <code>scriptPath</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-21-1"><a id="__codelineno-21-1" name="__codelineno-21-1" href="#__codelineno-21-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">network-stability</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-21-2"><a id="__codelineno-21-2" name="__codelineno-21-2" href="#__codelineno-21-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"Comprehensive network stability improvements"</span><span class="p">;</span>
</span><span id="__span-21-3"><a id="__codelineno-21-3" name="__codelineno-21-3" href="#__codelineno-21-3"></a>
</span><span id="__span-21-4"><a id="__codelineno-21-4" name="__codelineno-21-4" href="#__codelineno-21-4"></a> <span class="ss">monitoring</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-21-5"><a id="__codelineno-21-5" name="__codelineno-21-5" href="#__codelineno-21-5"></a> <span class="ss">enable</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-6"><a id="__codelineno-21-6" name="__codelineno-21-6" href="#__codelineno-21-6"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-21-7"><a id="__codelineno-21-7" name="__codelineno-21-7" href="#__codelineno-21-7"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-21-8"><a id="__codelineno-21-8" name="__codelineno-21-8" href="#__codelineno-21-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Enable network monitoring"</span><span class="p">;</span>
</span><span id="__span-21-9"><a id="__codelineno-21-9" name="__codelineno-21-9" href="#__codelineno-21-9"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-21-10"><a id="__codelineno-21-10" name="__codelineno-21-10" href="#__codelineno-21-10"></a> <span class="p">};</span>
</span><span id="__span-21-11"><a id="__codelineno-21-11" name="__codelineno-21-11" href="#__codelineno-21-11"></a>
</span><span id="__span-21-12"><a id="__codelineno-21-12" name="__codelineno-21-12" href="#__codelineno-21-12"></a> <span class="ss">interval</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-13"><a id="__codelineno-21-13" name="__codelineno-21-13" href="#__codelineno-21-13"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-21-14"><a id="__codelineno-21-14" name="__codelineno-21-14" href="#__codelineno-21-14"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">30</span><span class="p">;</span>
</span><span id="__span-21-15"><a id="__codelineno-21-15" name="__codelineno-21-15" href="#__codelineno-21-15"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Monitoring interval in seconds"</span><span class="p">;</span>
</span><span id="__span-21-16"><a id="__codelineno-21-16" name="__codelineno-21-16" href="#__codelineno-21-16"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">60</span><span class="p">;</span>
</span><span id="__span-21-17"><a id="__codelineno-21-17" name="__codelineno-21-17" href="#__codelineno-21-17"></a> <span class="p">};</span>
</span><span id="__span-21-18"><a id="__codelineno-21-18" name="__codelineno-21-18" href="#__codelineno-21-18"></a> <span class="p">};</span>
</span><span id="__span-21-19"><a id="__codelineno-21-19" name="__codelineno-21-19" href="#__codelineno-21-19"></a>
</span><span id="__span-21-20"><a id="__codelineno-21-20" name="__codelineno-21-20" href="#__codelineno-21-20"></a> <span class="ss">secureDns</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-21-21"><a id="__codelineno-21-21" name="__codelineno-21-21" href="#__codelineno-21-21"></a> <span class="ss">enable</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-22"><a id="__codelineno-21-22" name="__codelineno-21-22" href="#__codelineno-21-22"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-21-23"><a id="__codelineno-21-23" name="__codelineno-21-23" href="#__codelineno-21-23"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-21-24"><a id="__codelineno-21-24" name="__codelineno-21-24" href="#__codelineno-21-24"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Enable secure DNS configuration"</span><span class="p">;</span>
</span><span id="__span-21-25"><a id="__codelineno-21-25" name="__codelineno-21-25" href="#__codelineno-21-25"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-21-26"><a id="__codelineno-21-26" name="__codelineno-21-26" href="#__codelineno-21-26"></a> <span class="p">};</span>
</span><span id="__span-21-27"><a id="__codelineno-21-27" name="__codelineno-21-27" href="#__codelineno-21-27"></a>
</span><span id="__span-21-28"><a id="__codelineno-21-28" name="__codelineno-21-28" href="#__codelineno-21-28"></a> <span class="ss">providers</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-29"><a id="__codelineno-21-29" name="__codelineno-21-29" href="#__codelineno-21-29"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>listOf types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-21-30"><a id="__codelineno-21-30" name="__codelineno-21-30" href="#__codelineno-21-30"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span>
</span><span id="__span-21-31"><a id="__codelineno-21-31" name="__codelineno-21-31" href="#__codelineno-21-31"></a> <span class="s2">"1.1.1.1#cloudflare-dns.com"</span>
</span><span id="__span-21-32"><a id="__codelineno-21-32" name="__codelineno-21-32" href="#__codelineno-21-32"></a> <span class="s2">"8.8.8.8#dns.google"</span>
</span><span id="__span-21-33"><a id="__codelineno-21-33" name="__codelineno-21-33" href="#__codelineno-21-33"></a> <span class="p">];</span>
</span><span id="__span-21-34"><a id="__codelineno-21-34" name="__codelineno-21-34" href="#__codelineno-21-34"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"List of DNS providers to use"</span><span class="p">;</span>
</span><span id="__span-21-35"><a id="__codelineno-21-35" name="__codelineno-21-35" href="#__codelineno-21-35"></a> <span class="ss">example</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"9.9.9.9#dns.quad9.net"</span> <span class="p">];</span>
</span><span id="__span-21-36"><a id="__codelineno-21-36" name="__codelineno-21-36" href="#__codelineno-21-36"></a> <span class="p">};</span>
</span><span id="__span-21-37"><a id="__codelineno-21-37" name="__codelineno-21-37" href="#__codelineno-21-37"></a> <span class="p">};</span>
</span><span id="__span-21-38"><a id="__codelineno-21-38" name="__codelineno-21-38" href="#__codelineno-21-38"></a>
</span><span id="__span-21-39"><a id="__codelineno-21-39" name="__codelineno-21-39" href="#__codelineno-21-39"></a> <span class="ss">electron</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-21-40"><a id="__codelineno-21-40" name="__codelineno-21-40" href="#__codelineno-21-40"></a> <span class="ss">improve</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-41"><a id="__codelineno-21-41" name="__codelineno-21-41" href="#__codelineno-21-41"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-21-42"><a id="__codelineno-21-42" name="__codelineno-21-42" href="#__codelineno-21-42"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-21-43"><a id="__codelineno-21-43" name="__codelineno-21-43" href="#__codelineno-21-43"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Enable Electron app network stability improvements"</span><span class="p">;</span>
</span><span id="__span-21-44"><a id="__codelineno-21-44" name="__codelineno-21-44" href="#__codelineno-21-44"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-21-45"><a id="__codelineno-21-45" name="__codelineno-21-45" href="#__codelineno-21-45"></a> <span class="p">};</span>
</span><span id="__span-21-46"><a id="__codelineno-21-46" name="__codelineno-21-46" href="#__codelineno-21-46"></a> <span class="p">};</span>
</span><span id="__span-21-47"><a id="__codelineno-21-47" name="__codelineno-21-47" href="#__codelineno-21-47"></a>
</span><span id="__span-21-48"><a id="__codelineno-21-48" name="__codelineno-21-48" href="#__codelineno-21-48"></a> <span class="ss">connectionStability</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-21-49"><a id="__codelineno-21-49" name="__codelineno-21-49" href="#__codelineno-21-49"></a> <span class="ss">enable</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-50"><a id="__codelineno-21-50" name="__codelineno-21-50" href="#__codelineno-21-50"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-21-51"><a id="__codelineno-21-51" name="__codelineno-21-51" href="#__codelineno-21-51"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-21-52"><a id="__codelineno-21-52" name="__codelineno-21-52" href="#__codelineno-21-52"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Enable network connection stability enhancements"</span><span class="p">;</span>
</span><span id="__span-21-53"><a id="__codelineno-21-53" name="__codelineno-21-53" href="#__codelineno-21-53"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-21-54"><a id="__codelineno-21-54" name="__codelineno-21-54" href="#__codelineno-21-54"></a> <span class="p">};</span>
</span><span id="__span-21-55"><a id="__codelineno-21-55" name="__codelineno-21-55" href="#__codelineno-21-55"></a>
</span><span id="__span-21-56"><a id="__codelineno-21-56" name="__codelineno-21-56" href="#__codelineno-21-56"></a> <span class="ss">switchDelayMs</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-57"><a id="__codelineno-21-57" name="__codelineno-21-57" href="#__codelineno-21-57"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-21-58"><a id="__codelineno-21-58" name="__codelineno-21-58" href="#__codelineno-21-58"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">5000</span><span class="p">;</span>
</span><span id="__span-21-59"><a id="__codelineno-21-59" name="__codelineno-21-59" href="#__codelineno-21-59"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Delay in milliseconds before switching network interfaces"</span><span class="p">;</span>
</span><span id="__span-21-60"><a id="__codelineno-21-60" name="__codelineno-21-60" href="#__codelineno-21-60"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">3000</span><span class="p">;</span>
</span><span id="__span-21-61"><a id="__codelineno-21-61" name="__codelineno-21-61" href="#__codelineno-21-61"></a> <span class="p">};</span>
</span><span id="__span-21-62"><a id="__codelineno-21-62" name="__codelineno-21-62" href="#__codelineno-21-62"></a> <span class="p">};</span>
</span><span id="__span-21-63"><a id="__codelineno-21-63" name="__codelineno-21-63" href="#__codelineno-21-63"></a>
</span><span id="__span-21-64"><a id="__codelineno-21-64" name="__codelineno-21-64" href="#__codelineno-21-64"></a> <span class="c1"># Add helper service configuration options</span>
</span><span id="__span-21-65"><a id="__codelineno-21-65" name="__codelineno-21-65" href="#__codelineno-21-65"></a> <span class="ss">helperService</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-21-66"><a id="__codelineno-21-66" name="__codelineno-21-66" href="#__codelineno-21-66"></a> <span class="ss">enable</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-67"><a id="__codelineno-21-67" name="__codelineno-21-67" href="#__codelineno-21-67"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-21-68"><a id="__codelineno-21-68" name="__codelineno-21-68" href="#__codelineno-21-68"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-21-69"><a id="__codelineno-21-69" name="__codelineno-21-69" href="#__codelineno-21-69"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Enable the network stability helper service"</span><span class="p">;</span>
</span><span id="__span-21-70"><a id="__codelineno-21-70" name="__codelineno-21-70" href="#__codelineno-21-70"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-21-71"><a id="__codelineno-21-71" name="__codelineno-21-71" href="#__codelineno-21-71"></a> <span class="p">};</span>
</span><span id="__span-21-72"><a id="__codelineno-21-72" name="__codelineno-21-72" href="#__codelineno-21-72"></a>
</span><span id="__span-21-73"><a id="__codelineno-21-73" name="__codelineno-21-73" href="#__codelineno-21-73"></a> <span class="ss">startDelay</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-74"><a id="__codelineno-21-74" name="__codelineno-21-74" href="#__codelineno-21-74"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-21-75"><a id="__codelineno-21-75" name="__codelineno-21-75" href="#__codelineno-21-75"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">5</span><span class="p">;</span>
</span><span id="__span-21-76"><a id="__codelineno-21-76" name="__codelineno-21-76" href="#__codelineno-21-76"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Delay in seconds before starting the network stability service"</span><span class="p">;</span>
</span><span id="__span-21-77"><a id="__codelineno-21-77" name="__codelineno-21-77" href="#__codelineno-21-77"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">10</span><span class="p">;</span>
</span><span id="__span-21-78"><a id="__codelineno-21-78" name="__codelineno-21-78" href="#__codelineno-21-78"></a> <span class="p">};</span>
</span><span id="__span-21-79"><a id="__codelineno-21-79" name="__codelineno-21-79" href="#__codelineno-21-79"></a>
</span><span id="__span-21-80"><a id="__codelineno-21-80" name="__codelineno-21-80" href="#__codelineno-21-80"></a> <span class="ss">restartSec</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-81"><a id="__codelineno-21-81" name="__codelineno-21-81" href="#__codelineno-21-81"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>int<span class="p">;</span>
</span><span id="__span-21-82"><a id="__codelineno-21-82" name="__codelineno-21-82" href="#__codelineno-21-82"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">30</span><span class="p">;</span>
</span><span id="__span-21-83"><a id="__codelineno-21-83" name="__codelineno-21-83" href="#__codelineno-21-83"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Time in seconds to wait before restarting the service on failure"</span><span class="p">;</span>
</span><span id="__span-21-84"><a id="__codelineno-21-84" name="__codelineno-21-84" href="#__codelineno-21-84"></a> <span class="ss">example</span> <span class="o">=</span> <span class="mi">60</span><span class="p">;</span>
</span><span id="__span-21-85"><a id="__codelineno-21-85" name="__codelineno-21-85" href="#__codelineno-21-85"></a> <span class="p">};</span>
</span><span id="__span-21-86"><a id="__codelineno-21-86" name="__codelineno-21-86" href="#__codelineno-21-86"></a> <span class="p">};</span>
</span><span id="__span-21-87"><a id="__codelineno-21-87" name="__codelineno-21-87" href="#__codelineno-21-87"></a>
</span><span id="__span-21-88"><a id="__codelineno-21-88" name="__codelineno-21-88" href="#__codelineno-21-88"></a> <span class="c1"># Script path option required by network-stability-service.nix</span>
</span><span id="__span-21-89"><a id="__codelineno-21-89" name="__codelineno-21-89" href="#__codelineno-21-89"></a> <span class="ss">scriptPath</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-21-90"><a id="__codelineno-21-90" name="__codelineno-21-90" href="#__codelineno-21-90"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-21-91"><a id="__codelineno-21-91" name="__codelineno-21-91" href="#__codelineno-21-91"></a><span class="c1"># … truncated — see source link above</span>
</span></code></pre></div>
</details>
<h3 id="defaultnix_9"><code>default.nix</code><a class="headerlink" href="#defaultnix_9" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/nixos-update-checker/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/nixos-update-checker/default.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> NixOS update checker service</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>flakeDir</code>, <code>checkInterval</code>, <code>enableMotd</code>, <code>user</code>, <code>group</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-22-1"><a id="__codelineno-22-1" name="__codelineno-22-1" href="#__codelineno-22-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">nixos-update-checker</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-22-2"><a id="__codelineno-22-2" name="__codelineno-22-2" href="#__codelineno-22-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"NixOS update checker service"</span><span class="p">;</span>
</span><span id="__span-22-3"><a id="__codelineno-22-3" name="__codelineno-22-3" href="#__codelineno-22-3"></a>
</span><span id="__span-22-4"><a id="__codelineno-22-4" name="__codelineno-22-4" href="#__codelineno-22-4"></a> <span class="ss">flakeDir</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-22-5"><a id="__codelineno-22-5" name="__codelineno-22-5" href="#__codelineno-22-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-22-6"><a id="__codelineno-22-6" name="__codelineno-22-6" href="#__codelineno-22-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"/home/olafkfreund/.config/nixos"</span><span class="p">;</span>
</span><span id="__span-22-7"><a id="__codelineno-22-7" name="__codelineno-22-7" href="#__codelineno-22-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Path to the flake directory to check for updates"</span><span class="p">;</span>
</span><span id="__span-22-8"><a id="__codelineno-22-8" name="__codelineno-22-8" href="#__codelineno-22-8"></a> <span class="p">};</span>
</span><span id="__span-22-9"><a id="__codelineno-22-9" name="__codelineno-22-9" href="#__codelineno-22-9"></a>
</span><span id="__span-22-10"><a id="__codelineno-22-10" name="__codelineno-22-10" href="#__codelineno-22-10"></a> <span class="ss">checkInterval</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-22-11"><a id="__codelineno-22-11" name="__codelineno-22-11" href="#__codelineno-22-11"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-22-12"><a id="__codelineno-22-12" name="__codelineno-22-12" href="#__codelineno-22-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"monthly"</span><span class="p">;</span>
</span><span id="__span-22-13"><a id="__codelineno-22-13" name="__codelineno-22-13" href="#__codelineno-22-13"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"weekly"</span><span class="p">;</span>
</span><span id="__span-22-14"><a id="__codelineno-22-14" name="__codelineno-22-14" href="#__codelineno-22-14"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-22-15"><a id="__codelineno-22-15" name="__codelineno-22-15" href="#__codelineno-22-15"></a><span class="s s-Multiline"> How often to check for updates. Uses systemd timer format.</span>
</span><span id="__span-22-16"><a id="__codelineno-22-16" name="__codelineno-22-16" href="#__codelineno-22-16"></a><span class="s s-Multiline"> Common values: daily, weekly, monthly</span>
</span><span id="__span-22-17"><a id="__codelineno-22-17" name="__codelineno-22-17" href="#__codelineno-22-17"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-22-18"><a id="__codelineno-22-18" name="__codelineno-22-18" href="#__codelineno-22-18"></a> <span class="p">};</span>
</span><span id="__span-22-19"><a id="__codelineno-22-19" name="__codelineno-22-19" href="#__codelineno-22-19"></a>
</span><span id="__span-22-20"><a id="__codelineno-22-20" name="__codelineno-22-20" href="#__codelineno-22-20"></a> <span class="ss">enableMotd</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-22-21"><a id="__codelineno-22-21" name="__codelineno-22-21" href="#__codelineno-22-21"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-22-22"><a id="__codelineno-22-22" name="__codelineno-22-22" href="#__codelineno-22-22"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-22-23"><a id="__codelineno-22-23" name="__codelineno-22-23" href="#__codelineno-22-23"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Enable MOTD (Message of the Day) notifications for available updates"</span><span class="p">;</span>
</span><span id="__span-22-24"><a id="__codelineno-22-24" name="__codelineno-22-24" href="#__codelineno-22-24"></a> <span class="p">};</span>
</span><span id="__span-22-25"><a id="__codelineno-22-25" name="__codelineno-22-25" href="#__codelineno-22-25"></a>
</span><span id="__span-22-26"><a id="__codelineno-22-26" name="__codelineno-22-26" href="#__codelineno-22-26"></a> <span class="ss">user</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-22-27"><a id="__codelineno-22-27" name="__codelineno-22-27" href="#__codelineno-22-27"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-22-28"><a id="__codelineno-22-28" name="__codelineno-22-28" href="#__codelineno-22-28"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"nixos-update-checker"</span><span class="p">;</span>
</span><span id="__span-22-29"><a id="__codelineno-22-29" name="__codelineno-22-29" href="#__codelineno-22-29"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"User to run the update checker service as"</span><span class="p">;</span>
</span><span id="__span-22-30"><a id="__codelineno-22-30" name="__codelineno-22-30" href="#__codelineno-22-30"></a> <span class="p">};</span>
</span><span id="__span-22-31"><a id="__codelineno-22-31" name="__codelineno-22-31" href="#__codelineno-22-31"></a>
</span><span id="__span-22-32"><a id="__codelineno-22-32" name="__codelineno-22-32" href="#__codelineno-22-32"></a> <span class="ss">group</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-22-33"><a id="__codelineno-22-33" name="__codelineno-22-33" href="#__codelineno-22-33"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-22-34"><a id="__codelineno-22-34" name="__codelineno-22-34" href="#__codelineno-22-34"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"nixos-update-checker"</span><span class="p">;</span>
</span><span id="__span-22-35"><a id="__codelineno-22-35" name="__codelineno-22-35" href="#__codelineno-22-35"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Group for the update checker service"</span><span class="p">;</span>
</span><span id="__span-22-36"><a id="__codelineno-22-36" name="__codelineno-22-36" href="#__codelineno-22-36"></a> <span class="p">};</span>
</span><span id="__span-22-37"><a id="__codelineno-22-37" name="__codelineno-22-37" href="#__codelineno-22-37"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="ntfynix"><code>ntfy.nix</code><a class="headerlink" href="#ntfynix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/ntfy.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/ntfy.nix</code></a></p>
<p>ntfy-sh — self-hosted push notification server.</p>
<p>Wraps the upstream nixpkgs services.ntfy-sh module with a feature flag and
injects the agenix-decrypted environment file for auth configuration.</p>
<p>Quick-start after first deploy:
ssh p510 -- sudo ntfy user add --role=admin <your-username>
ssh p510 -- sudo ntfy user change-pass <your-username></p>
<h1 id="then-subscribe-on-mobiledesktop-via-httpsntfyfreundcloudorguk">Then subscribe on mobile/desktop via https://ntfy.freundcloud.org.uk<a class="headerlink" href="#then-subscribe-on-mobiledesktop-via-httpsntfyfreundcloudorguk" title="Anchor link to this section">¶</a></h1>
<p>Sending a notification (example):
curl -u user:pass https://ntfy.freundcloud.org.uk/alerts -d "Hello!"</p>
<p>Secrets required (edit before deploy):
agenix -e secrets/ntfy-env.age
Content:
NTFY_AUTH_DEFAULT_ACCESS=deny-all</p>
<p>Reference: https://ntfy.sh/docs/config/</p>
<ul>
<li><strong>Enable option:</strong> ntfy-sh push notification server</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-23-1"><a id="__codelineno-23-1" name="__codelineno-23-1" href="#__codelineno-23-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">ntfy</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-23-2"><a id="__codelineno-23-2" name="__codelineno-23-2" href="#__codelineno-23-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"ntfy-sh push notification server"</span><span class="p">;</span>
</span><span id="__span-23-3"><a id="__codelineno-23-3" name="__codelineno-23-3" href="#__codelineno-23-3"></a>
</span><span id="__span-23-4"><a id="__codelineno-23-4" name="__codelineno-23-4" href="#__codelineno-23-4"></a> <span class="ss">baseUrl</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-23-5"><a id="__codelineno-23-5" name="__codelineno-23-5" href="#__codelineno-23-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-23-6"><a id="__codelineno-23-6" name="__codelineno-23-6" href="#__codelineno-23-6"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"https://ntfy.freundcloud.org.uk"</span><span class="p">;</span>
</span><span id="__span-23-7"><a id="__codelineno-23-7" name="__codelineno-23-7" href="#__codelineno-23-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Public-facing base URL (required for attachments and iOS push)."</span><span class="p">;</span>
</span><span id="__span-23-8"><a id="__codelineno-23-8" name="__codelineno-23-8" href="#__codelineno-23-8"></a> <span class="p">};</span>
</span><span id="__span-23-9"><a id="__codelineno-23-9" name="__codelineno-23-9" href="#__codelineno-23-9"></a>
</span><span id="__span-23-10"><a id="__codelineno-23-10" name="__codelineno-23-10" href="#__codelineno-23-10"></a> <span class="ss">port</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-23-11"><a id="__codelineno-23-11" name="__codelineno-23-11" href="#__codelineno-23-11"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-23-12"><a id="__codelineno-23-12" name="__codelineno-23-12" href="#__codelineno-23-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">2586</span><span class="p">;</span>
</span><span id="__span-23-13"><a id="__codelineno-23-13" name="__codelineno-23-13" href="#__codelineno-23-13"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Local port ntfy-sh listens on (loopback only)."</span><span class="p">;</span>
</span><span id="__span-23-14"><a id="__codelineno-23-14" name="__codelineno-23-14" href="#__codelineno-23-14"></a> <span class="p">};</span>
</span><span id="__span-23-15"><a id="__codelineno-23-15" name="__codelineno-23-15" href="#__codelineno-23-15"></a>
</span><span id="__span-23-16"><a id="__codelineno-23-16" name="__codelineno-23-16" href="#__codelineno-23-16"></a> <span class="ss">attachmentSizeLimit</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-23-17"><a id="__codelineno-23-17" name="__codelineno-23-17" href="#__codelineno-23-17"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-23-18"><a id="__codelineno-23-18" name="__codelineno-23-18" href="#__codelineno-23-18"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"15M"</span><span class="p">;</span>
</span><span id="__span-23-19"><a id="__codelineno-23-19" name="__codelineno-23-19" href="#__codelineno-23-19"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Maximum size of a single attachment."</span><span class="p">;</span>
</span><span id="__span-23-20"><a id="__codelineno-23-20" name="__codelineno-23-20" href="#__codelineno-23-20"></a> <span class="p">};</span>
</span><span id="__span-23-21"><a id="__codelineno-23-21" name="__codelineno-23-21" href="#__codelineno-23-21"></a>
</span><span id="__span-23-22"><a id="__codelineno-23-22" name="__codelineno-23-22" href="#__codelineno-23-22"></a> <span class="ss">attachmentTotalLimit</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-23-23"><a id="__codelineno-23-23" name="__codelineno-23-23" href="#__codelineno-23-23"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-23-24"><a id="__codelineno-23-24" name="__codelineno-23-24" href="#__codelineno-23-24"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"2G"</span><span class="p">;</span>
</span><span id="__span-23-25"><a id="__codelineno-23-25" name="__codelineno-23-25" href="#__codelineno-23-25"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Total attachment cache size on disk."</span><span class="p">;</span>
</span><span id="__span-23-26"><a id="__codelineno-23-26" name="__codelineno-23-26" href="#__codelineno-23-26"></a> <span class="p">};</span>
</span><span id="__span-23-27"><a id="__codelineno-23-27" name="__codelineno-23-27" href="#__codelineno-23-27"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="ollamanix"><code>ollama.nix</code><a class="headerlink" href="#ollamanix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/ollama.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/ollama.nix</code></a></p>
<p>Ollama coding-model server (services.ollama wrapper).</p>
<p>Designed for p620's RX 7900 XTX (gfx1100, 24GB VRAM, ROCm). The single
GPU comfortably fits each default model individually (qwen3.6:27b ~17GB,
gemma4:26b MoE ~18GB) but NOT both at once (~35GB > 24GB), so
MAX_LOADED_MODELS=1 forces deterministic evict-then-load on switch.</p>
<p>Default model choices (May 2026):
Persistent: qwen3.6:27b — strong agentic tool calling (Qwen RL-trained
on 1M agentic envs), good for Claude Code's tool-use loops.
On-demand: gemma4:26b — MoE with ~3.8B active params, very fast
(~80-100 tok/s) for raw code-gen bursts.</p>
<p>Bind address is configurable via <code>host</code> (default 127.0.0.1). Set to
"0.0.0.0" to expose on all interfaces — note Ollama has no built-in
auth, so restrict access via firewall / tailnet ACLs when bound wider.
OLLAMA_ORIGINS="*" is set so browser UIs from any origin can call the
API; this only matters once the bind is non-loopback.</p>
<p>See docs/plans/2026-05-22-ollama-p620-litellm-design.md for the full
design and the dual-tier model + GPU-contention rationale.</p>
<ul>
<li><strong>Enable option:</strong> Ollama coding-model server (loopback only)</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-24-1"><a id="__codelineno-24-1" name="__codelineno-24-1" href="#__codelineno-24-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">ollama-server</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-24-2"><a id="__codelineno-24-2" name="__codelineno-24-2" href="#__codelineno-24-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Ollama coding-model server (loopback only)"</span><span class="p">;</span>
</span><span id="__span-24-3"><a id="__codelineno-24-3" name="__codelineno-24-3" href="#__codelineno-24-3"></a>
</span><span id="__span-24-4"><a id="__codelineno-24-4" name="__codelineno-24-4" href="#__codelineno-24-4"></a> <span class="ss">package</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-5"><a id="__codelineno-24-5" name="__codelineno-24-5" href="#__codelineno-24-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>package<span class="p">;</span>
</span><span id="__span-24-6"><a id="__codelineno-24-6" name="__codelineno-24-6" href="#__codelineno-24-6"></a> <span class="ss">default</span> <span class="o">=</span> pkgs<span class="o">.</span>ollama-rocm<span class="p">;</span>
</span><span id="__span-24-7"><a id="__codelineno-24-7" name="__codelineno-24-7" href="#__codelineno-24-7"></a> <span class="ss">defaultText</span> <span class="o">=</span> lib<span class="o">.</span>literalExpression <span class="s2">"pkgs.ollama-rocm"</span><span class="p">;</span>
</span><span id="__span-24-8"><a id="__codelineno-24-8" name="__codelineno-24-8" href="#__codelineno-24-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-24-9"><a id="__codelineno-24-9" name="__codelineno-24-9" href="#__codelineno-24-9"></a><span class="s s-Multiline"> Ollama package. Defaults to `pkgs.ollama-rocm` for AMD GPUs (RDNA3</span>
</span><span id="__span-24-10"><a id="__codelineno-24-10" name="__codelineno-24-10" href="#__codelineno-24-10"></a><span class="s s-Multiline"> / gfx1100 on p620). Switch to `pkgs.ollama-cuda` for NVIDIA hosts.</span>
</span><span id="__span-24-11"><a id="__codelineno-24-11" name="__codelineno-24-11" href="#__codelineno-24-11"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-24-12"><a id="__codelineno-24-12" name="__codelineno-24-12" href="#__codelineno-24-12"></a> <span class="p">};</span>
</span><span id="__span-24-13"><a id="__codelineno-24-13" name="__codelineno-24-13" href="#__codelineno-24-13"></a>
</span><span id="__span-24-14"><a id="__codelineno-24-14" name="__codelineno-24-14" href="#__codelineno-24-14"></a> <span class="ss">persistentModels</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-15"><a id="__codelineno-24-15" name="__codelineno-24-15" href="#__codelineno-24-15"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>listOf lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-24-16"><a id="__codelineno-24-16" name="__codelineno-24-16" href="#__codelineno-24-16"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"qwen3.6:27b"</span> <span class="p">];</span>
</span><span id="__span-24-17"><a id="__codelineno-24-17" name="__codelineno-24-17" href="#__codelineno-24-17"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-24-18"><a id="__codelineno-24-18" name="__codelineno-24-18" href="#__codelineno-24-18"></a><span class="s s-Multiline"> Models pulled at activation and used as the default coding model.</span>
</span><span id="__span-24-19"><a id="__codelineno-24-19" name="__codelineno-24-19" href="#__codelineno-24-19"></a><span class="s s-Multiline"> Listed first in the load priority. Default qwen3.6:27b (~17GB,</span>
</span><span id="__span-24-20"><a id="__codelineno-24-20" name="__codelineno-24-20" href="#__codelineno-24-20"></a><span class="s s-Multiline"> strong agentic tool calling).</span>
</span><span id="__span-24-21"><a id="__codelineno-24-21" name="__codelineno-24-21" href="#__codelineno-24-21"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-24-22"><a id="__codelineno-24-22" name="__codelineno-24-22" href="#__codelineno-24-22"></a> <span class="p">};</span>
</span><span id="__span-24-23"><a id="__codelineno-24-23" name="__codelineno-24-23" href="#__codelineno-24-23"></a>
</span><span id="__span-24-24"><a id="__codelineno-24-24" name="__codelineno-24-24" href="#__codelineno-24-24"></a> <span class="ss">onDemandModels</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-25"><a id="__codelineno-24-25" name="__codelineno-24-25" href="#__codelineno-24-25"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>listOf lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-24-26"><a id="__codelineno-24-26" name="__codelineno-24-26" href="#__codelineno-24-26"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"gemma4:26b"</span> <span class="p">];</span>
</span><span id="__span-24-27"><a id="__codelineno-24-27" name="__codelineno-24-27" href="#__codelineno-24-27"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-24-28"><a id="__codelineno-24-28" name="__codelineno-24-28" href="#__codelineno-24-28"></a><span class="s s-Multiline"> Alternate models pulled at activation but only loaded into VRAM on</span>
</span><span id="__span-24-29"><a id="__codelineno-24-29" name="__codelineno-24-29" href="#__codelineno-24-29"></a><span class="s s-Multiline"> request. Auto-evicted after `keepAlive` of idle. Default gemma4:26b</span>
</span><span id="__span-24-30"><a id="__codelineno-24-30" name="__codelineno-24-30" href="#__codelineno-24-30"></a><span class="s s-Multiline"> (~18GB MoE, ~3.8B active params, very fast raw code-gen).</span>
</span><span id="__span-24-31"><a id="__codelineno-24-31" name="__codelineno-24-31" href="#__codelineno-24-31"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-24-32"><a id="__codelineno-24-32" name="__codelineno-24-32" href="#__codelineno-24-32"></a> <span class="p">};</span>
</span><span id="__span-24-33"><a id="__codelineno-24-33" name="__codelineno-24-33" href="#__codelineno-24-33"></a>
</span><span id="__span-24-34"><a id="__codelineno-24-34" name="__codelineno-24-34" href="#__codelineno-24-34"></a> <span class="ss">modelsDir</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-35"><a id="__codelineno-24-35" name="__codelineno-24-35" href="#__codelineno-24-35"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-24-36"><a id="__codelineno-24-36" name="__codelineno-24-36" href="#__codelineno-24-36"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-24-37"><a id="__codelineno-24-37" name="__codelineno-24-37" href="#__codelineno-24-37"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"/mnt/data/ollama/models"</span><span class="p">;</span>
</span><span id="__span-24-38"><a id="__codelineno-24-38" name="__codelineno-24-38" href="#__codelineno-24-38"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-24-39"><a id="__codelineno-24-39" name="__codelineno-24-39" href="#__codelineno-24-39"></a><span class="s s-Multiline"> Override for where Ollama stores model blobs. Set this to a path</span>
</span><span id="__span-24-40"><a id="__codelineno-24-40" name="__codelineno-24-40" href="#__codelineno-24-40"></a><span class="s s-Multiline"> on a large filesystem (~100GB+ recommended) — each Q4 model is</span>
</span><span id="__span-24-41"><a id="__codelineno-24-41" name="__codelineno-24-41" href="#__codelineno-24-41"></a><span class="s s-Multiline"> ~17-20GB and multiple are typically pulled. When null, NixOS uses</span>
</span><span id="__span-24-42"><a id="__codelineno-24-42" name="__codelineno-24-42" href="#__codelineno-24-42"></a><span class="s s-Multiline"> the default under /var/lib/ollama.</span>
</span><span id="__span-24-43"><a id="__codelineno-24-43" name="__codelineno-24-43" href="#__codelineno-24-43"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-24-44"><a id="__codelineno-24-44" name="__codelineno-24-44" href="#__codelineno-24-44"></a> <span class="p">};</span>
</span><span id="__span-24-45"><a id="__codelineno-24-45" name="__codelineno-24-45" href="#__codelineno-24-45"></a>
</span><span id="__span-24-46"><a id="__codelineno-24-46" name="__codelineno-24-46" href="#__codelineno-24-46"></a> <span class="ss">keepAlive</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-47"><a id="__codelineno-24-47" name="__codelineno-24-47" href="#__codelineno-24-47"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-24-48"><a id="__codelineno-24-48" name="__codelineno-24-48" href="#__codelineno-24-48"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"5m"</span><span class="p">;</span>
</span><span id="__span-24-49"><a id="__codelineno-24-49" name="__codelineno-24-49" href="#__codelineno-24-49"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-24-50"><a id="__codelineno-24-50" name="__codelineno-24-50" href="#__codelineno-24-50"></a><span class="s s-Multiline"> Auto-unload models after this idle time. On a workstation host,</span>
</span><span id="__span-24-51"><a id="__codelineno-24-51" name="__codelineno-24-51" href="#__codelineno-24-51"></a><span class="s s-Multiline"> keep this low so the GPU is released for desktop work (Blender,</span>
</span><span id="__span-24-52"><a id="__codelineno-24-52" name="__codelineno-24-52" href="#__codelineno-24-52"></a><span class="s s-Multiline"> games, video editing) when not actively coding. Use "-1" for</span>
</span><span id="__span-24-53"><a id="__codelineno-24-53" name="__codelineno-24-53" href="#__codelineno-24-53"></a><span class="s s-Multiline"> always-loaded if Ollama is the only GPU consumer.</span>
</span><span id="__span-24-54"><a id="__codelineno-24-54" name="__codelineno-24-54" href="#__codelineno-24-54"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-24-55"><a id="__codelineno-24-55" name="__codelineno-24-55" href="#__codelineno-24-55"></a> <span class="p">};</span>
</span><span id="__span-24-56"><a id="__codelineno-24-56" name="__codelineno-24-56" href="#__codelineno-24-56"></a>
</span><span id="__span-24-57"><a id="__codelineno-24-57" name="__codelineno-24-57" href="#__codelineno-24-57"></a> <span class="ss">rocrVisibleDevices</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-58"><a id="__codelineno-24-58" name="__codelineno-24-58" href="#__codelineno-24-58"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-24-59"><a id="__codelineno-24-59" name="__codelineno-24-59" href="#__codelineno-24-59"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"0"</span><span class="p">;</span>
</span><span id="__span-24-60"><a id="__codelineno-24-60" name="__codelineno-24-60" href="#__codelineno-24-60"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-24-61"><a id="__codelineno-24-61" name="__codelineno-24-61" href="#__codelineno-24-61"></a><span class="s s-Multiline"> Comma-separated indices of ROCm-visible devices. Defaults to the</span>
</span><span id="__span-24-62"><a id="__codelineno-24-62" name="__codelineno-24-62" href="#__codelineno-24-62"></a><span class="s s-Multiline"> first discrete GPU only; prevents accidental fallthrough to an</span>
</span><span id="__span-24-63"><a id="__codelineno-24-63" name="__codelineno-24-63" href="#__codelineno-24-63"></a><span class="s s-Multiline"> integrated GPU on hybrid-graphics systems.</span>
</span><span id="__span-24-64"><a id="__codelineno-24-64" name="__codelineno-24-64" href="#__codelineno-24-64"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-24-65"><a id="__codelineno-24-65" name="__codelineno-24-65" href="#__codelineno-24-65"></a> <span class="p">};</span>
</span><span id="__span-24-66"><a id="__codelineno-24-66" name="__codelineno-24-66" href="#__codelineno-24-66"></a>
</span><span id="__span-24-67"><a id="__codelineno-24-67" name="__codelineno-24-67" href="#__codelineno-24-67"></a> <span class="ss">host</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-68"><a id="__codelineno-24-68" name="__codelineno-24-68" href="#__codelineno-24-68"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-24-69"><a id="__codelineno-24-69" name="__codelineno-24-69" href="#__codelineno-24-69"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"127.0.0.1"</span><span class="p">;</span>
</span><span id="__span-24-70"><a id="__codelineno-24-70" name="__codelineno-24-70" href="#__codelineno-24-70"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"0.0.0.0"</span><span class="p">;</span>
</span><span id="__span-24-71"><a id="__codelineno-24-71" name="__codelineno-24-71" href="#__codelineno-24-71"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-24-72"><a id="__codelineno-24-72" name="__codelineno-24-72" href="#__codelineno-24-72"></a><span class="s s-Multiline"> Bind address for Ollama's HTTP API. Default 127.0.0.1 (loopback</span>
</span><span id="__span-24-73"><a id="__codelineno-24-73" name="__codelineno-24-73" href="#__codelineno-24-73"></a><span class="s s-Multiline"> only). Set to "0.0.0.0" to expose on all interfaces — Ollama has</span>
</span><span id="__span-24-74"><a id="__codelineno-24-74" name="__codelineno-24-74" href="#__codelineno-24-74"></a><span class="s s-Multiline"> no auth, so combine with firewall / tailnet ACLs when widening.</span>
</span><span id="__span-24-75"><a id="__codelineno-24-75" name="__codelineno-24-75" href="#__codelineno-24-75"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-24-76"><a id="__codelineno-24-76" name="__codelineno-24-76" href="#__codelineno-24-76"></a> <span class="p">};</span>
</span><span id="__span-24-77"><a id="__codelineno-24-77" name="__codelineno-24-77" href="#__codelineno-24-77"></a>
</span><span id="__span-24-78"><a id="__codelineno-24-78" name="__codelineno-24-78" href="#__codelineno-24-78"></a> <span class="ss">origins</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-79"><a id="__codelineno-24-79" name="__codelineno-24-79" href="#__codelineno-24-79"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-24-80"><a id="__codelineno-24-80" name="__codelineno-24-80" href="#__codelineno-24-80"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"*"</span><span class="p">;</span>
</span><span id="__span-24-81"><a id="__codelineno-24-81" name="__codelineno-24-81" href="#__codelineno-24-81"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-24-82"><a id="__codelineno-24-82" name="__codelineno-24-82" href="#__codelineno-24-82"></a><span class="s s-Multiline"> Value for OLLAMA_ORIGINS — comma-separated list of allowed</span>
</span><span id="__span-24-83"><a id="__codelineno-24-83" name="__codelineno-24-83" href="#__codelineno-24-83"></a><span class="s s-Multiline"> browser origins for CORS. Defaults to "*" so any local or remote</span>
</span><span id="__span-24-84"><a id="__codelineno-24-84" name="__codelineno-24-84" href="#__codelineno-24-84"></a><span class="s s-Multiline"> web UI can call the API. Tighten if you want browser-origin</span>
</span><span id="__span-24-85"><a id="__codelineno-24-85" name="__codelineno-24-85" href="#__codelineno-24-85"></a><span class="s s-Multiline"> restriction (network exposure is controlled by `host`, not this).</span>
</span><span id="__span-24-86"><a id="__codelineno-24-86" name="__codelineno-24-86" href="#__codelineno-24-86"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-24-87"><a id="__codelineno-24-87" name="__codelineno-24-87" href="#__codelineno-24-87"></a> <span class="p">};</span>
</span><span id="__span-24-88"><a id="__codelineno-24-88" name="__codelineno-24-88" href="#__codelineno-24-88"></a>
</span><span id="__span-24-89"><a id="__codelineno-24-89" name="__codelineno-24-89" href="#__codelineno-24-89"></a> <span class="ss">cloudApiKeyFile</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-24-90"><a id="__codelineno-24-90" name="__codelineno-24-90" href="#__codelineno-24-90"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-24-91"><a id="__codelineno-24-91" name="__codelineno-24-91" href="#__codelineno-24-91"></a><span class="c1"># … truncated — see source link above</span>
</span></code></pre></div>
</details>
<h3 id="opensshnix"><code>openssh.nix</code><a class="headerlink" href="#opensshnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/openssh/openssh.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/openssh/openssh.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="defaultnix_10"><code>default.nix</code><a class="headerlink" href="#defaultnix_10" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/plex-auto-languages/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/plex-auto-languages/default.nix</code></a></p>
<p>Plex-Auto-Languages (PAL) — per-show audio + subtitle track preference
memorization for Plex.</p>
<p>Watches Plex for play events and scan events (via the Plex websocket
API, no Plex Pass needed for that path — only the optional webhook
integration requires Pass). When a user plays an episode, PAL records
the audio/subtitle track choice; future episodes of the same series
automatically get those tracks selected on play.</p>
<p>Phase 1: tracking mode, all libraries with shows, no filter labels.</p>
<p>Pattern mirrors modules/services/kometa/default.nix exactly (oci-
containers + envsubst-rendered config + agenix env file). The lessons
from the Kometa journey are baked in: no fictional systemd deps, real
env-var substitution via envsubst-not-Kometa-magic, repo template as
source of truth + rendered file under /var/lib for container mount.</p>
<ul>
<li><strong>Enable option:</strong> Plex-Auto-Languages</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-25-1"><a id="__codelineno-25-1" name="__codelineno-25-1" href="#__codelineno-25-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">plex-auto-languages</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-25-2"><a id="__codelineno-25-2" name="__codelineno-25-2" href="#__codelineno-25-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Plex-Auto-Languages"</span><span class="p">;</span>
</span><span id="__span-25-3"><a id="__codelineno-25-3" name="__codelineno-25-3" href="#__codelineno-25-3"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="plex-mcpnix"><code>plex-mcp.nix</code><a class="headerlink" href="#plex-mcpnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/plex-mcp.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/plex-mcp.nix</code></a></p>
<p>Plex MCP server — niavasha/plex-mcp-server run as an SSE daemon.</p>
<p>Exposes the local Plex Media Server (and optionally Sonarr/Radarr) to AI
clients over the Model Context Protocol. Clients connect to:
http://<host>:<port>/sse (SSE transport)</p>
<p>plex-mcp-server's native --transport http uses a single shared session for
the process lifetime, which wedges when a client reconnects. We instead run
it in stdio mode behind mcp-proxy, which spawns a fresh stdio child per
session — robust across reconnects, and consistent with features.arr-suite-mcp.</p>
<p>Network: binds 0.0.0.0:<port> but the firewall opens it ONLY on tailscale0
(+ optional LAN interface) — never globally reachable. Loopback always works.</p>
<p>Secret: the Plex auth token is loaded at runtime from agenix via
LoadCredential (never in the Nix store), exported into the wrapper, and
passed to the stdio child by mcp-proxy --pass-environment. PLEX_URL is
non-secret and set as a plain unit Environment value.</p>
<ul>
<li><strong>Enable option:</strong> Plex MCP server (HTTP transport daemon)</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-26-1"><a id="__codelineno-26-1" name="__codelineno-26-1" href="#__codelineno-26-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">plex-mcp</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-26-2"><a id="__codelineno-26-2" name="__codelineno-26-2" href="#__codelineno-26-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Plex MCP server (HTTP transport daemon)"</span><span class="p">;</span>
</span><span id="__span-26-3"><a id="__codelineno-26-3" name="__codelineno-26-3" href="#__codelineno-26-3"></a>
</span><span id="__span-26-4"><a id="__codelineno-26-4" name="__codelineno-26-4" href="#__codelineno-26-4"></a> <span class="ss">port</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-26-5"><a id="__codelineno-26-5" name="__codelineno-26-5" href="#__codelineno-26-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-26-6"><a id="__codelineno-26-6" name="__codelineno-26-6" href="#__codelineno-26-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">3010</span><span class="p">;</span>
</span><span id="__span-26-7"><a id="__codelineno-26-7" name="__codelineno-26-7" href="#__codelineno-26-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Port the MCP server binds to (loopback always; tailnet + LAN via firewall)."</span><span class="p">;</span>
</span><span id="__span-26-8"><a id="__codelineno-26-8" name="__codelineno-26-8" href="#__codelineno-26-8"></a> <span class="p">};</span>
</span><span id="__span-26-9"><a id="__codelineno-26-9" name="__codelineno-26-9" href="#__codelineno-26-9"></a>
</span><span id="__span-26-10"><a id="__codelineno-26-10" name="__codelineno-26-10" href="#__codelineno-26-10"></a> <span class="ss">plexUrl</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-26-11"><a id="__codelineno-26-11" name="__codelineno-26-11" href="#__codelineno-26-11"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-26-12"><a id="__codelineno-26-12" name="__codelineno-26-12" href="#__codelineno-26-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"http://127.0.0.1:32400"</span><span class="p">;</span>
</span><span id="__span-26-13"><a id="__codelineno-26-13" name="__codelineno-26-13" href="#__codelineno-26-13"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"URL of the Plex Media Server the MCP server talks to."</span><span class="p">;</span>
</span><span id="__span-26-14"><a id="__codelineno-26-14" name="__codelineno-26-14" href="#__codelineno-26-14"></a> <span class="p">};</span>
</span><span id="__span-26-15"><a id="__codelineno-26-15" name="__codelineno-26-15" href="#__codelineno-26-15"></a>
</span><span id="__span-26-16"><a id="__codelineno-26-16" name="__codelineno-26-16" href="#__codelineno-26-16"></a> <span class="ss">tokenFile</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-26-17"><a id="__codelineno-26-17" name="__codelineno-26-17" href="#__codelineno-26-17"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-26-18"><a id="__codelineno-26-18" name="__codelineno-26-18" href="#__codelineno-26-18"></a> <span class="ss">default</span> <span class="o">=</span> config<span class="o">.</span>age<span class="o">.</span>secrets<span class="o">.</span><span class="s2">"plex-token"</span><span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-26-19"><a id="__codelineno-26-19" name="__codelineno-26-19" href="#__codelineno-26-19"></a> <span class="ss">defaultText</span> <span class="o">=</span> lib<span class="o">.</span>literalExpression <span class="s s-Multiline">''config.age.secrets."plex-token".path''</span><span class="p">;</span>
</span><span id="__span-26-20"><a id="__codelineno-26-20" name="__codelineno-26-20" href="#__codelineno-26-20"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-26-21"><a id="__codelineno-26-21" name="__codelineno-26-21" href="#__codelineno-26-21"></a><span class="s s-Multiline"> Path to a file containing ONLY the Plex auth token. Loaded into the</span>
</span><span id="__span-26-22"><a id="__codelineno-26-22" name="__codelineno-26-22" href="#__codelineno-26-22"></a><span class="s s-Multiline"> unit at runtime via LoadCredential. Defaults to the agenix secret</span>
</span><span id="__span-26-23"><a id="__codelineno-26-23" name="__codelineno-26-23" href="#__codelineno-26-23"></a><span class="s s-Multiline"> declared by this module.</span>
</span><span id="__span-26-24"><a id="__codelineno-26-24" name="__codelineno-26-24" href="#__codelineno-26-24"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-26-25"><a id="__codelineno-26-25" name="__codelineno-26-25" href="#__codelineno-26-25"></a> <span class="p">};</span>
</span><span id="__span-26-26"><a id="__codelineno-26-26" name="__codelineno-26-26" href="#__codelineno-26-26"></a>
</span><span id="__span-26-27"><a id="__codelineno-26-27" name="__codelineno-26-27" href="#__codelineno-26-27"></a> <span class="ss">enableMutativeOps</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-26-28"><a id="__codelineno-26-28" name="__codelineno-26-28" href="#__codelineno-26-28"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-26-29"><a id="__codelineno-26-29" name="__codelineno-26-29" href="#__codelineno-26-29"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-26-30"><a id="__codelineno-26-30" name="__codelineno-26-30" href="#__codelineno-26-30"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-26-31"><a id="__codelineno-26-31" name="__codelineno-26-31" href="#__codelineno-26-31"></a><span class="s s-Multiline"> Enable Plex write/mutative tools (PLEX_ENABLE_MUTATIVE_OPS). Disabled</span>
</span><span id="__span-26-32"><a id="__codelineno-26-32" name="__codelineno-26-32" href="#__codelineno-26-32"></a><span class="s s-Multiline"> by default for safety — read-only tools only.</span>
</span><span id="__span-26-33"><a id="__codelineno-26-33" name="__codelineno-26-33" href="#__codelineno-26-33"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-26-34"><a id="__codelineno-26-34" name="__codelineno-26-34" href="#__codelineno-26-34"></a> <span class="p">};</span>
</span><span id="__span-26-35"><a id="__codelineno-26-35" name="__codelineno-26-35" href="#__codelineno-26-35"></a>
</span><span id="__span-26-36"><a id="__codelineno-26-36" name="__codelineno-26-36" href="#__codelineno-26-36"></a> <span class="ss">listenLanInterface</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-26-37"><a id="__codelineno-26-37" name="__codelineno-26-37" href="#__codelineno-26-37"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>nullOr lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-26-38"><a id="__codelineno-26-38" name="__codelineno-26-38" href="#__codelineno-26-38"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-26-39"><a id="__codelineno-26-39" name="__codelineno-26-39" href="#__codelineno-26-39"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"eno1"</span><span class="p">;</span>
</span><span id="__span-26-40"><a id="__codelineno-26-40" name="__codelineno-26-40" href="#__codelineno-26-40"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-26-41"><a id="__codelineno-26-41" name="__codelineno-26-41" href="#__codelineno-26-41"></a><span class="s s-Multiline"> LAN interface to open the port on, in addition to tailscale0 and</span>
</span><span id="__span-26-42"><a id="__codelineno-26-42" name="__codelineno-26-42" href="#__codelineno-26-42"></a><span class="s s-Multiline"> loopback. Set to the host's actual LAN NIC (confirm with `ip link`).</span>
</span><span id="__span-26-43"><a id="__codelineno-26-43" name="__codelineno-26-43" href="#__codelineno-26-43"></a><span class="s s-Multiline"> null exposes the server only via Tailscale.</span>
</span><span id="__span-26-44"><a id="__codelineno-26-44" name="__codelineno-26-44" href="#__codelineno-26-44"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-26-45"><a id="__codelineno-26-45" name="__codelineno-26-45" href="#__codelineno-26-45"></a> <span class="p">};</span>
</span><span id="__span-26-46"><a id="__codelineno-26-46" name="__codelineno-26-46" href="#__codelineno-26-46"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="defaultnix_11"><code>default.nix</code><a class="headerlink" href="#defaultnix_11" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/power/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/power/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="defaultnix_12"><code>default.nix</code><a class="headerlink" href="#defaultnix_12" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/print/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/print/default.nix</code></a></p>
<p><strong>Options:</strong> <code>enable</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-27-1"><a id="__codelineno-27-1" name="__codelineno-27-1" href="#__codelineno-27-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">print</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-27-2"><a id="__codelineno-27-2" name="__codelineno-27-2" href="#__codelineno-27-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="p">{</span>
</span><span id="__span-27-3"><a id="__codelineno-27-3" name="__codelineno-27-3" href="#__codelineno-27-3"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-27-4"><a id="__codelineno-27-4" name="__codelineno-27-4" href="#__codelineno-27-4"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Enable the HP print service"</span><span class="p">;</span>
</span><span id="__span-27-5"><a id="__codelineno-27-5" name="__codelineno-27-5" href="#__codelineno-27-5"></a> <span class="p">};</span>
</span><span id="__span-27-6"><a id="__codelineno-27-6" name="__codelineno-27-6" href="#__codelineno-27-6"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="rescreenshot-mcpnix"><code>rescreenshot-mcp.nix</code><a class="headerlink" href="#rescreenshot-mcpnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/rescreenshot-mcp.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/rescreenshot-mcp.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> rescreenshot-mcp MCP server for Claude Desktop</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>package</code>, <code>user</code>, <code>logLevel</code>, <code>autoConfigureClaudeDesktop</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-28-1"><a id="__codelineno-28-1" name="__codelineno-28-1" href="#__codelineno-28-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">rescreenshot-mcp</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-28-2"><a id="__codelineno-28-2" name="__codelineno-28-2" href="#__codelineno-28-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"rescreenshot-mcp MCP server for Claude Desktop"</span><span class="p">;</span>
</span><span id="__span-28-3"><a id="__codelineno-28-3" name="__codelineno-28-3" href="#__codelineno-28-3"></a>
</span><span id="__span-28-4"><a id="__codelineno-28-4" name="__codelineno-28-4" href="#__codelineno-28-4"></a> <span class="ss">package</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-28-5"><a id="__codelineno-28-5" name="__codelineno-28-5" href="#__codelineno-28-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>package<span class="p">;</span>
</span><span id="__span-28-6"><a id="__codelineno-28-6" name="__codelineno-28-6" href="#__codelineno-28-6"></a> <span class="ss">default</span> <span class="o">=</span> pkgs<span class="o">.</span>callPackage <span class="l">../../pkgs/rescreenshot-mcp</span> <span class="p">{</span> <span class="p">};</span>
</span><span id="__span-28-7"><a id="__codelineno-28-7" name="__codelineno-28-7" href="#__codelineno-28-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"The rescreenshot-mcp package to use"</span><span class="p">;</span>
</span><span id="__span-28-8"><a id="__codelineno-28-8" name="__codelineno-28-8" href="#__codelineno-28-8"></a> <span class="p">};</span>
</span><span id="__span-28-9"><a id="__codelineno-28-9" name="__codelineno-28-9" href="#__codelineno-28-9"></a>
</span><span id="__span-28-10"><a id="__codelineno-28-10" name="__codelineno-28-10" href="#__codelineno-28-10"></a> <span class="ss">user</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-28-11"><a id="__codelineno-28-11" name="__codelineno-28-11" href="#__codelineno-28-11"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-28-12"><a id="__codelineno-28-12" name="__codelineno-28-12" href="#__codelineno-28-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"olafkfreund"</span><span class="p">;</span>
</span><span id="__span-28-13"><a id="__codelineno-28-13" name="__codelineno-28-13" href="#__codelineno-28-13"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"User to configure Claude Desktop for"</span><span class="p">;</span>
</span><span id="__span-28-14"><a id="__codelineno-28-14" name="__codelineno-28-14" href="#__codelineno-28-14"></a> <span class="p">};</span>
</span><span id="__span-28-15"><a id="__codelineno-28-15" name="__codelineno-28-15" href="#__codelineno-28-15"></a>
</span><span id="__span-28-16"><a id="__codelineno-28-16" name="__codelineno-28-16" href="#__codelineno-28-16"></a> <span class="ss">logLevel</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-28-17"><a id="__codelineno-28-17" name="__codelineno-28-17" href="#__codelineno-28-17"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-28-18"><a id="__codelineno-28-18" name="__codelineno-28-18" href="#__codelineno-28-18"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"info"</span><span class="p">;</span>
</span><span id="__span-28-19"><a id="__codelineno-28-19" name="__codelineno-28-19" href="#__codelineno-28-19"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"debug"</span><span class="p">;</span>
</span><span id="__span-28-20"><a id="__codelineno-28-20" name="__codelineno-28-20" href="#__codelineno-28-20"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Log level for rescreenshot-mcp (trace, debug, info, warn, error)"</span><span class="p">;</span>
</span><span id="__span-28-21"><a id="__codelineno-28-21" name="__codelineno-28-21" href="#__codelineno-28-21"></a> <span class="p">};</span>
</span><span id="__span-28-22"><a id="__codelineno-28-22" name="__codelineno-28-22" href="#__codelineno-28-22"></a>
</span><span id="__span-28-23"><a id="__codelineno-28-23" name="__codelineno-28-23" href="#__codelineno-28-23"></a> <span class="ss">autoConfigureClaudeDesktop</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-28-24"><a id="__codelineno-28-24" name="__codelineno-28-24" href="#__codelineno-28-24"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-28-25"><a id="__codelineno-28-25" name="__codelineno-28-25" href="#__codelineno-28-25"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-28-26"><a id="__codelineno-28-26" name="__codelineno-28-26" href="#__codelineno-28-26"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Automatically configure Claude Desktop with rescreenshot-mcp"</span><span class="p">;</span>
</span><span id="__span-28-27"><a id="__codelineno-28-27" name="__codelineno-28-27" href="#__codelineno-28-27"></a> <span class="p">};</span>
</span><span id="__span-28-28"><a id="__codelineno-28-28" name="__codelineno-28-28" href="#__codelineno-28-28"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="mdatpnix"><code>mdatp.nix</code><a class="headerlink" href="#mdatpnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/security/mdatp.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/security/mdatp.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> Microsoft Defender for Endpoint</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>package</code>, <code>onboardingFile</code>, <code>managedSettings</code>, <code>logLevel</code>, <code>autoUpdate</code>, <code>enableNetworkProtection</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-29-1"><a id="__codelineno-29-1" name="__codelineno-29-1" href="#__codelineno-29-1"></a> options<span class="o">.</span>services<span class="o">.</span><span class="ss">mdatp</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-29-2"><a id="__codelineno-29-2" name="__codelineno-29-2" href="#__codelineno-29-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"Microsoft Defender for Endpoint"</span><span class="p">;</span>
</span><span id="__span-29-3"><a id="__codelineno-29-3" name="__codelineno-29-3" href="#__codelineno-29-3"></a>
</span><span id="__span-29-4"><a id="__codelineno-29-4" name="__codelineno-29-4" href="#__codelineno-29-4"></a> <span class="ss">package</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-29-5"><a id="__codelineno-29-5" name="__codelineno-29-5" href="#__codelineno-29-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>package<span class="p">;</span>
</span><span id="__span-29-6"><a id="__codelineno-29-6" name="__codelineno-29-6" href="#__codelineno-29-6"></a> <span class="ss">default</span> <span class="o">=</span> pkgs<span class="o">.</span>mdatp<span class="p">;</span>
</span><span id="__span-29-7"><a id="__codelineno-29-7" name="__codelineno-29-7" href="#__codelineno-29-7"></a> <span class="ss">defaultText</span> <span class="o">=</span> literalExpression <span class="s2">"pkgs.mdatp"</span><span class="p">;</span>
</span><span id="__span-29-8"><a id="__codelineno-29-8" name="__codelineno-29-8" href="#__codelineno-29-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-29-9"><a id="__codelineno-29-9" name="__codelineno-29-9" href="#__codelineno-29-9"></a><span class="s s-Multiline"> The Microsoft Defender for Endpoint package to use.</span>
</span><span id="__span-29-10"><a id="__codelineno-29-10" name="__codelineno-29-10" href="#__codelineno-29-10"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-29-11"><a id="__codelineno-29-11" name="__codelineno-29-11" href="#__codelineno-29-11"></a> <span class="p">};</span>
</span><span id="__span-29-12"><a id="__codelineno-29-12" name="__codelineno-29-12" href="#__codelineno-29-12"></a>
</span><span id="__span-29-13"><a id="__codelineno-29-13" name="__codelineno-29-13" href="#__codelineno-29-13"></a> <span class="ss">onboardingFile</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-29-14"><a id="__codelineno-29-14" name="__codelineno-29-14" href="#__codelineno-29-14"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>nullOr types<span class="o">.</span>path<span class="p">;</span>
</span><span id="__span-29-15"><a id="__codelineno-29-15" name="__codelineno-29-15" href="#__codelineno-29-15"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-29-16"><a id="__codelineno-29-16" name="__codelineno-29-16" href="#__codelineno-29-16"></a> <span class="ss">example</span> <span class="o">=</span> literalExpression <span class="s2">"/run/agenix/mdatp-onboarding.json"</span><span class="p">;</span>
</span><span id="__span-29-17"><a id="__codelineno-29-17" name="__codelineno-29-17" href="#__codelineno-29-17"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-29-18"><a id="__codelineno-29-18" name="__codelineno-29-18" href="#__codelineno-29-18"></a><span class="s s-Multiline"> Path to the Microsoft Defender onboarding JSON file.</span>
</span><span id="__span-29-19"><a id="__codelineno-29-19" name="__codelineno-29-19" href="#__codelineno-29-19"></a>
</span><span id="__span-29-20"><a id="__codelineno-29-20" name="__codelineno-29-20" href="#__codelineno-29-20"></a><span class="s s-Multiline"> This file must be obtained from the Microsoft Defender portal</span>
</span><span id="__span-29-21"><a id="__codelineno-29-21" name="__codelineno-29-21" href="#__codelineno-29-21"></a><span class="s s-Multiline"> (https://security.microsoft.com) under Settings > Endpoints > Onboarding.</span>
</span><span id="__span-29-22"><a id="__codelineno-29-22" name="__codelineno-29-22" href="#__codelineno-29-22"></a>
</span><span id="__span-29-23"><a id="__codelineno-29-23" name="__codelineno-29-23" href="#__codelineno-29-23"></a><span class="s s-Multiline"> It is recommended to store this file using agenix for security:</span>
</span><span id="__span-29-24"><a id="__codelineno-29-24" name="__codelineno-29-24" href="#__codelineno-29-24"></a><span class="s s-Multiline"> ```nix</span>
</span><span id="__span-29-25"><a id="__codelineno-29-25" name="__codelineno-29-25" href="#__codelineno-29-25"></a><span class="s s-Multiline"> age.secrets."mdatp-onboarding" = {</span>
</span><span id="__span-29-26"><a id="__codelineno-29-26" name="__codelineno-29-26" href="#__codelineno-29-26"></a><span class="s s-Multiline"> file = ../secrets/mdatp-onboarding.json.age;</span>
</span><span id="__span-29-27"><a id="__codelineno-29-27" name="__codelineno-29-27" href="#__codelineno-29-27"></a><span class="s s-Multiline"> path = "/etc/opt/microsoft/mdatp/mdatp_onboard.json";</span>
</span><span id="__span-29-28"><a id="__codelineno-29-28" name="__codelineno-29-28" href="#__codelineno-29-28"></a><span class="s s-Multiline"> mode = "0600";</span>
</span><span id="__span-29-29"><a id="__codelineno-29-29" name="__codelineno-29-29" href="#__codelineno-29-29"></a><span class="s s-Multiline"> };</span>
</span><span id="__span-29-30"><a id="__codelineno-29-30" name="__codelineno-29-30" href="#__codelineno-29-30"></a><span class="s s-Multiline"> ```</span>
</span><span id="__span-29-31"><a id="__codelineno-29-31" name="__codelineno-29-31" href="#__codelineno-29-31"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-29-32"><a id="__codelineno-29-32" name="__codelineno-29-32" href="#__codelineno-29-32"></a> <span class="p">};</span>
</span><span id="__span-29-33"><a id="__codelineno-29-33" name="__codelineno-29-33" href="#__codelineno-29-33"></a>
</span><span id="__span-29-34"><a id="__codelineno-29-34" name="__codelineno-29-34" href="#__codelineno-29-34"></a> <span class="ss">managedSettings</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-29-35"><a id="__codelineno-29-35" name="__codelineno-29-35" href="#__codelineno-29-35"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>nullOr <span class="p">(</span>types<span class="o">.</span>attrsOf types<span class="o">.</span>anything<span class="p">);</span>
</span><span id="__span-29-36"><a id="__codelineno-29-36" name="__codelineno-29-36" href="#__codelineno-29-36"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">null</span><span class="p">;</span>
</span><span id="__span-29-37"><a id="__codelineno-29-37" name="__codelineno-29-37" href="#__codelineno-29-37"></a> <span class="ss">example</span> <span class="o">=</span> literalExpression <span class="s s-Multiline">''</span>
</span><span id="__span-29-38"><a id="__codelineno-29-38" name="__codelineno-29-38" href="#__codelineno-29-38"></a><span class="s s-Multiline"> {</span>
</span><span id="__span-29-39"><a id="__codelineno-29-39" name="__codelineno-29-39" href="#__codelineno-29-39"></a><span class="s s-Multiline"> antivirusEngine = {</span>
</span><span id="__span-29-40"><a id="__codelineno-29-40" name="__codelineno-29-40" href="#__codelineno-29-40"></a><span class="s s-Multiline"> enforcementLevel = "real_time";</span>
</span><span id="__span-29-41"><a id="__codelineno-29-41" name="__codelineno-29-41" href="#__codelineno-29-41"></a><span class="s s-Multiline"> scanAfterDefinitionUpdate = true;</span>
</span><span id="__span-29-42"><a id="__codelineno-29-42" name="__codelineno-29-42" href="#__codelineno-29-42"></a><span class="s s-Multiline"> scanArchives = true;</span>
</span><span id="__span-29-43"><a id="__codelineno-29-43" name="__codelineno-29-43" href="#__codelineno-29-43"></a><span class="s s-Multiline"> maximumOnDemandScanThreads = 2;</span>
</span><span id="__span-29-44"><a id="__codelineno-29-44" name="__codelineno-29-44" href="#__codelineno-29-44"></a><span class="s s-Multiline"> };</span>
</span><span id="__span-29-45"><a id="__codelineno-29-45" name="__codelineno-29-45" href="#__codelineno-29-45"></a><span class="s s-Multiline"> cloudService = {</span>
</span><span id="__span-29-46"><a id="__codelineno-29-46" name="__codelineno-29-46" href="#__codelineno-29-46"></a><span class="s s-Multiline"> enabled = true;</span>
</span><span id="__span-29-47"><a id="__codelineno-29-47" name="__codelineno-29-47" href="#__codelineno-29-47"></a><span class="s s-Multiline"> diagnosticLevel = "optional";</span>
</span><span id="__span-29-48"><a id="__codelineno-29-48" name="__codelineno-29-48" href="#__codelineno-29-48"></a><span class="s s-Multiline"> automaticDefinitionUpdateEnabled = true;</span>
</span><span id="__span-29-49"><a id="__codelineno-29-49" name="__codelineno-29-49" href="#__codelineno-29-49"></a><span class="s s-Multiline"> };</span>
</span><span id="__span-29-50"><a id="__codelineno-29-50" name="__codelineno-29-50" href="#__codelineno-29-50"></a><span class="s s-Multiline"> }</span>
</span><span id="__span-29-51"><a id="__codelineno-29-51" name="__codelineno-29-51" href="#__codelineno-29-51"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-29-52"><a id="__codelineno-29-52" name="__codelineno-29-52" href="#__codelineno-29-52"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-29-53"><a id="__codelineno-29-53" name="__codelineno-29-53" href="#__codelineno-29-53"></a><span class="s s-Multiline"> Managed configuration settings for Microsoft Defender.</span>
</span><span id="__span-29-54"><a id="__codelineno-29-54" name="__codelineno-29-54" href="#__codelineno-29-54"></a>
</span><span id="__span-29-55"><a id="__codelineno-29-55" name="__codelineno-29-55" href="#__codelineno-29-55"></a><span class="s s-Multiline"> These settings will be written to `/etc/opt/microsoft/mdatp/managed/mdatp_managed.json`.</span>
</span><span id="__span-29-56"><a id="__codelineno-29-56" name="__codelineno-29-56" href="#__codelineno-29-56"></a>
</span><span id="__span-29-57"><a id="__codelineno-29-57" name="__codelineno-29-57" href="#__codelineno-29-57"></a><span class="s s-Multiline"> See the official documentation for available options:</span>
</span><span id="__span-29-58"><a id="__codelineno-29-58" name="__codelineno-29-58" href="#__codelineno-29-58"></a><span class="s s-Multiline"> https://learn.microsoft.com/en-us/defender-endpoint/linux-preferences</span>
</span><span id="__span-29-59"><a id="__codelineno-29-59" name="__codelineno-29-59" href="#__codelineno-29-59"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-29-60"><a id="__codelineno-29-60" name="__codelineno-29-60" href="#__codelineno-29-60"></a> <span class="p">};</span>
</span><span id="__span-29-61"><a id="__codelineno-29-61" name="__codelineno-29-61" href="#__codelineno-29-61"></a>
</span><span id="__span-29-62"><a id="__codelineno-29-62" name="__codelineno-29-62" href="#__codelineno-29-62"></a> <span class="ss">logLevel</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-29-63"><a id="__codelineno-29-63" name="__codelineno-29-63" href="#__codelineno-29-63"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>enum <span class="p">[</span> <span class="s2">"error"</span> <span class="s2">"warning"</span> <span class="s2">"info"</span> <span class="s2">"verbose"</span> <span class="s2">"debug"</span> <span class="p">];</span>
</span><span id="__span-29-64"><a id="__codelineno-29-64" name="__codelineno-29-64" href="#__codelineno-29-64"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"info"</span><span class="p">;</span>
</span><span id="__span-29-65"><a id="__codelineno-29-65" name="__codelineno-29-65" href="#__codelineno-29-65"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-29-66"><a id="__codelineno-29-66" name="__codelineno-29-66" href="#__codelineno-29-66"></a><span class="s s-Multiline"> Logging level for Microsoft Defender service.</span>
</span><span id="__span-29-67"><a id="__codelineno-29-67" name="__codelineno-29-67" href="#__codelineno-29-67"></a>
</span><span id="__span-29-68"><a id="__codelineno-29-68" name="__codelineno-29-68" href="#__codelineno-29-68"></a><span class="s s-Multiline"> Available levels:</span>
</span><span id="__span-29-69"><a id="__codelineno-29-69" name="__codelineno-29-69" href="#__codelineno-29-69"></a><span class="s s-Multiline"> - error: Only critical errors</span>
</span><span id="__span-29-70"><a id="__codelineno-29-70" name="__codelineno-29-70" href="#__codelineno-29-70"></a><span class="s s-Multiline"> - warning: Errors and warnings</span>
</span><span id="__span-29-71"><a id="__codelineno-29-71" name="__codelineno-29-71" href="#__codelineno-29-71"></a><span class="s s-Multiline"> - info: Normal operation information (default)</span>
</span><span id="__span-29-72"><a id="__codelineno-29-72" name="__codelineno-29-72" href="#__codelineno-29-72"></a><span class="s s-Multiline"> - verbose: Detailed operation logs</span>
</span><span id="__span-29-73"><a id="__codelineno-29-73" name="__codelineno-29-73" href="#__codelineno-29-73"></a><span class="s s-Multiline"> - debug: Full debugging information</span>
</span><span id="__span-29-74"><a id="__codelineno-29-74" name="__codelineno-29-74" href="#__codelineno-29-74"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-29-75"><a id="__codelineno-29-75" name="__codelineno-29-75" href="#__codelineno-29-75"></a> <span class="p">};</span>
</span><span id="__span-29-76"><a id="__codelineno-29-76" name="__codelineno-29-76" href="#__codelineno-29-76"></a>
</span><span id="__span-29-77"><a id="__codelineno-29-77" name="__codelineno-29-77" href="#__codelineno-29-77"></a> <span class="ss">autoUpdate</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-29-78"><a id="__codelineno-29-78" name="__codelineno-29-78" href="#__codelineno-29-78"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-29-79"><a id="__codelineno-29-79" name="__codelineno-29-79" href="#__codelineno-29-79"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-29-80"><a id="__codelineno-29-80" name="__codelineno-29-80" href="#__codelineno-29-80"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-29-81"><a id="__codelineno-29-81" name="__codelineno-29-81" href="#__codelineno-29-81"></a><span class="s s-Multiline"> Enable automatic definition updates.</span>
</span><span id="__span-29-82"><a id="__codelineno-29-82" name="__codelineno-29-82" href="#__codelineno-29-82"></a>
</span><span id="__span-29-83"><a id="__codelineno-29-83" name="__codelineno-29-83" href="#__codelineno-29-83"></a><span class="s s-Multiline"> When enabled, Microsoft Defender will automatically download</span>
</span><span id="__span-29-84"><a id="__codelineno-29-84" name="__codelineno-29-84" href="#__codelineno-29-84"></a><span class="s s-Multiline"> and install the latest threat definitions.</span>
</span><span id="__span-29-85"><a id="__codelineno-29-85" name="__codelineno-29-85" href="#__codelineno-29-85"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-29-86"><a id="__codelineno-29-86" name="__codelineno-29-86" href="#__codelineno-29-86"></a> <span class="p">};</span>
</span><span id="__span-29-87"><a id="__codelineno-29-87" name="__codelineno-29-87" href="#__codelineno-29-87"></a>
</span><span id="__span-29-88"><a id="__codelineno-29-88" name="__codelineno-29-88" href="#__codelineno-29-88"></a> <span class="ss">enableNetworkProtection</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-29-89"><a id="__codelineno-29-89" name="__codelineno-29-89" href="#__codelineno-29-89"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-29-90"><a id="__codelineno-29-90" name="__codelineno-29-90" href="#__codelineno-29-90"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-29-91"><a id="__codelineno-29-91" name="__codelineno-29-91" href="#__codelineno-29-91"></a><span class="c1"># … truncated — see source link above</span>
</span></code></pre></div>
</details>
<h3 id="soundnix"><code>sound.nix</code><a class="headerlink" href="#soundnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/sound/sound.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/sound/sound.nix</code></a></p>
<p>Audio System Configuration Module
Configures PipeWire audio system with Bluetooth support</p>
<ul>
<li><strong>Enable option:</strong> PipeWire audio system</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>enableJack</code>, <code>enable32BitSupport</code>, <code>enableAdvancedCodecs</code>, <code>enableHardwareVolume</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-30-1"><a id="__codelineno-30-1" name="__codelineno-30-1" href="#__codelineno-30-1"></a> options<span class="o">.</span>modules<span class="o">.</span>services<span class="o">.</span><span class="ss">sound</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-30-2"><a id="__codelineno-30-2" name="__codelineno-30-2" href="#__codelineno-30-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"PipeWire audio system"</span><span class="p">;</span>
</span><span id="__span-30-3"><a id="__codelineno-30-3" name="__codelineno-30-3" href="#__codelineno-30-3"></a>
</span><span id="__span-30-4"><a id="__codelineno-30-4" name="__codelineno-30-4" href="#__codelineno-30-4"></a> <span class="ss">pipewire</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-30-5"><a id="__codelineno-30-5" name="__codelineno-30-5" href="#__codelineno-30-5"></a> <span class="ss">enableJack</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-30-6"><a id="__codelineno-30-6" name="__codelineno-30-6" href="#__codelineno-30-6"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-30-7"><a id="__codelineno-30-7" name="__codelineno-30-7" href="#__codelineno-30-7"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-30-8"><a id="__codelineno-30-8" name="__codelineno-30-8" href="#__codelineno-30-8"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Enable JACK support in PipeWire''</span><span class="p">;</span>
</span><span id="__span-30-9"><a id="__codelineno-30-9" name="__codelineno-30-9" href="#__codelineno-30-9"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-30-10"><a id="__codelineno-30-10" name="__codelineno-30-10" href="#__codelineno-30-10"></a> <span class="p">};</span>
</span><span id="__span-30-11"><a id="__codelineno-30-11" name="__codelineno-30-11" href="#__codelineno-30-11"></a>
</span><span id="__span-30-12"><a id="__codelineno-30-12" name="__codelineno-30-12" href="#__codelineno-30-12"></a> <span class="ss">enable32BitSupport</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-30-13"><a id="__codelineno-30-13" name="__codelineno-30-13" href="#__codelineno-30-13"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-30-14"><a id="__codelineno-30-14" name="__codelineno-30-14" href="#__codelineno-30-14"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-30-15"><a id="__codelineno-30-15" name="__codelineno-30-15" href="#__codelineno-30-15"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Enable 32-bit ALSA support''</span><span class="p">;</span>
</span><span id="__span-30-16"><a id="__codelineno-30-16" name="__codelineno-30-16" href="#__codelineno-30-16"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-30-17"><a id="__codelineno-30-17" name="__codelineno-30-17" href="#__codelineno-30-17"></a> <span class="p">};</span>
</span><span id="__span-30-18"><a id="__codelineno-30-18" name="__codelineno-30-18" href="#__codelineno-30-18"></a> <span class="p">};</span>
</span><span id="__span-30-19"><a id="__codelineno-30-19" name="__codelineno-30-19" href="#__codelineno-30-19"></a>
</span><span id="__span-30-20"><a id="__codelineno-30-20" name="__codelineno-30-20" href="#__codelineno-30-20"></a> <span class="ss">bluetooth</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-30-21"><a id="__codelineno-30-21" name="__codelineno-30-21" href="#__codelineno-30-21"></a> <span class="ss">enableAdvancedCodecs</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-30-22"><a id="__codelineno-30-22" name="__codelineno-30-22" href="#__codelineno-30-22"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-30-23"><a id="__codelineno-30-23" name="__codelineno-30-23" href="#__codelineno-30-23"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-30-24"><a id="__codelineno-30-24" name="__codelineno-30-24" href="#__codelineno-30-24"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Enable advanced Bluetooth audio codecs (SBC-XQ, mSBC)''</span><span class="p">;</span>
</span><span id="__span-30-25"><a id="__codelineno-30-25" name="__codelineno-30-25" href="#__codelineno-30-25"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-30-26"><a id="__codelineno-30-26" name="__codelineno-30-26" href="#__codelineno-30-26"></a> <span class="p">};</span>
</span><span id="__span-30-27"><a id="__codelineno-30-27" name="__codelineno-30-27" href="#__codelineno-30-27"></a>
</span><span id="__span-30-28"><a id="__codelineno-30-28" name="__codelineno-30-28" href="#__codelineno-30-28"></a> <span class="ss">enableHardwareVolume</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-30-29"><a id="__codelineno-30-29" name="__codelineno-30-29" href="#__codelineno-30-29"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-30-30"><a id="__codelineno-30-30" name="__codelineno-30-30" href="#__codelineno-30-30"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-30-31"><a id="__codelineno-30-31" name="__codelineno-30-31" href="#__codelineno-30-31"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Enable hardware volume control for Bluetooth devices''</span><span class="p">;</span>
</span><span id="__span-30-32"><a id="__codelineno-30-32" name="__codelineno-30-32" href="#__codelineno-30-32"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-30-33"><a id="__codelineno-30-33" name="__codelineno-30-33" href="#__codelineno-30-33"></a> <span class="p">};</span>
</span><span id="__span-30-34"><a id="__codelineno-30-34" name="__codelineno-30-34" href="#__codelineno-30-34"></a> <span class="p">};</span>
</span><span id="__span-30-35"><a id="__codelineno-30-35" name="__codelineno-30-35" href="#__codelineno-30-35"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="syncthingnix"><code>syncthing.nix</code><a class="headerlink" href="#syncthingnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/syncthing.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/syncthing.nix</code></a></p>
<ul>
<li><strong>Enable option:</strong> Syncthing file synchronization</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>user</code>, <code>syncHosts</code>, <code>deviceIds</code>, <code>masterHost</code>, <code>syncClaude</code>, <code>syncGemini</code>, <code>guiAddress</code>, <code>openFirewall</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-31-1"><a id="__codelineno-31-1" name="__codelineno-31-1" href="#__codelineno-31-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">syncthing</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-31-2"><a id="__codelineno-31-2" name="__codelineno-31-2" href="#__codelineno-31-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"Syncthing file synchronization"</span><span class="p">;</span>
</span><span id="__span-31-3"><a id="__codelineno-31-3" name="__codelineno-31-3" href="#__codelineno-31-3"></a>
</span><span id="__span-31-4"><a id="__codelineno-31-4" name="__codelineno-31-4" href="#__codelineno-31-4"></a> <span class="ss">user</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-31-5"><a id="__codelineno-31-5" name="__codelineno-31-5" href="#__codelineno-31-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-31-6"><a id="__codelineno-31-6" name="__codelineno-31-6" href="#__codelineno-31-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"olafkfreund"</span><span class="p">;</span>
</span><span id="__span-31-7"><a id="__codelineno-31-7" name="__codelineno-31-7" href="#__codelineno-31-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"User to run Syncthing as"</span><span class="p">;</span>
</span><span id="__span-31-8"><a id="__codelineno-31-8" name="__codelineno-31-8" href="#__codelineno-31-8"></a> <span class="p">};</span>
</span><span id="__span-31-9"><a id="__codelineno-31-9" name="__codelineno-31-9" href="#__codelineno-31-9"></a>
</span><span id="__span-31-10"><a id="__codelineno-31-10" name="__codelineno-31-10" href="#__codelineno-31-10"></a> <span class="ss">syncHosts</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-31-11"><a id="__codelineno-31-11" name="__codelineno-31-11" href="#__codelineno-31-11"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>listOf types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-31-12"><a id="__codelineno-31-12" name="__codelineno-31-12" href="#__codelineno-31-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"p620"</span> <span class="s2">"razer"</span> <span class="s2">"p510"</span> <span class="p">];</span>
</span><span id="__span-31-13"><a id="__codelineno-31-13" name="__codelineno-31-13" href="#__codelineno-31-13"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"List of hosts to sync with"</span><span class="p">;</span>
</span><span id="__span-31-14"><a id="__codelineno-31-14" name="__codelineno-31-14" href="#__codelineno-31-14"></a> <span class="p">};</span>
</span><span id="__span-31-15"><a id="__codelineno-31-15" name="__codelineno-31-15" href="#__codelineno-31-15"></a>
</span><span id="__span-31-16"><a id="__codelineno-31-16" name="__codelineno-31-16" href="#__codelineno-31-16"></a> <span class="ss">deviceIds</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-31-17"><a id="__codelineno-31-17" name="__codelineno-31-17" href="#__codelineno-31-17"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>attrsOf types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-31-18"><a id="__codelineno-31-18" name="__codelineno-31-18" href="#__codelineno-31-18"></a> <span class="ss">default</span> <span class="o">=</span> <span class="p">{</span> <span class="p">};</span>
</span><span id="__span-31-19"><a id="__codelineno-31-19" name="__codelineno-31-19" href="#__codelineno-31-19"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-31-20"><a id="__codelineno-31-20" name="__codelineno-31-20" href="#__codelineno-31-20"></a><span class="s s-Multiline"> Device IDs for each host. Get these by running `syncthing --device-id`</span>
</span><span id="__span-31-21"><a id="__codelineno-31-21" name="__codelineno-31-21" href="#__codelineno-31-21"></a><span class="s s-Multiline"> on each host after initial Syncthing setup.</span>
</span><span id="__span-31-22"><a id="__codelineno-31-22" name="__codelineno-31-22" href="#__codelineno-31-22"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-31-23"><a id="__codelineno-31-23" name="__codelineno-31-23" href="#__codelineno-31-23"></a> <span class="ss">example</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-31-24"><a id="__codelineno-31-24" name="__codelineno-31-24" href="#__codelineno-31-24"></a> <span class="ss">p620</span> <span class="o">=</span> <span class="s2">"ABCDEFG-HIJKLMN-OPQRSTU-VWXYZ12-3456789-ABCDEFG-HIJKLMN-OPQRSTU"</span><span class="p">;</span>
</span><span id="__span-31-25"><a id="__codelineno-31-25" name="__codelineno-31-25" href="#__codelineno-31-25"></a> <span class="p">};</span>
</span><span id="__span-31-26"><a id="__codelineno-31-26" name="__codelineno-31-26" href="#__codelineno-31-26"></a> <span class="p">};</span>
</span><span id="__span-31-27"><a id="__codelineno-31-27" name="__codelineno-31-27" href="#__codelineno-31-27"></a>
</span><span id="__span-31-28"><a id="__codelineno-31-28" name="__codelineno-31-28" href="#__codelineno-31-28"></a> <span class="ss">masterHost</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-31-29"><a id="__codelineno-31-29" name="__codelineno-31-29" href="#__codelineno-31-29"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-31-30"><a id="__codelineno-31-30" name="__codelineno-31-30" href="#__codelineno-31-30"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"p620"</span><span class="p">;</span>
</span><span id="__span-31-31"><a id="__codelineno-31-31" name="__codelineno-31-31" href="#__codelineno-31-31"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Primary host for conflict resolution (introducer)"</span><span class="p">;</span>
</span><span id="__span-31-32"><a id="__codelineno-31-32" name="__codelineno-31-32" href="#__codelineno-31-32"></a> <span class="p">};</span>
</span><span id="__span-31-33"><a id="__codelineno-31-33" name="__codelineno-31-33" href="#__codelineno-31-33"></a>
</span><span id="__span-31-34"><a id="__codelineno-31-34" name="__codelineno-31-34" href="#__codelineno-31-34"></a> <span class="ss">syncClaude</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-31-35"><a id="__codelineno-31-35" name="__codelineno-31-35" href="#__codelineno-31-35"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-31-36"><a id="__codelineno-31-36" name="__codelineno-31-36" href="#__codelineno-31-36"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-31-37"><a id="__codelineno-31-37" name="__codelineno-31-37" href="#__codelineno-31-37"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Sync ~/.claude directory"</span><span class="p">;</span>
</span><span id="__span-31-38"><a id="__codelineno-31-38" name="__codelineno-31-38" href="#__codelineno-31-38"></a> <span class="p">};</span>
</span><span id="__span-31-39"><a id="__codelineno-31-39" name="__codelineno-31-39" href="#__codelineno-31-39"></a>
</span><span id="__span-31-40"><a id="__codelineno-31-40" name="__codelineno-31-40" href="#__codelineno-31-40"></a> <span class="ss">syncGemini</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-31-41"><a id="__codelineno-31-41" name="__codelineno-31-41" href="#__codelineno-31-41"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-31-42"><a id="__codelineno-31-42" name="__codelineno-31-42" href="#__codelineno-31-42"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-31-43"><a id="__codelineno-31-43" name="__codelineno-31-43" href="#__codelineno-31-43"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Sync ~/.gemini directory"</span><span class="p">;</span>
</span><span id="__span-31-44"><a id="__codelineno-31-44" name="__codelineno-31-44" href="#__codelineno-31-44"></a> <span class="p">};</span>
</span><span id="__span-31-45"><a id="__codelineno-31-45" name="__codelineno-31-45" href="#__codelineno-31-45"></a>
</span><span id="__span-31-46"><a id="__codelineno-31-46" name="__codelineno-31-46" href="#__codelineno-31-46"></a> <span class="ss">guiAddress</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-31-47"><a id="__codelineno-31-47" name="__codelineno-31-47" href="#__codelineno-31-47"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-31-48"><a id="__codelineno-31-48" name="__codelineno-31-48" href="#__codelineno-31-48"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"127.0.0.1:8384"</span><span class="p">;</span>
</span><span id="__span-31-49"><a id="__codelineno-31-49" name="__codelineno-31-49" href="#__codelineno-31-49"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Address for Syncthing Web UI"</span><span class="p">;</span>
</span><span id="__span-31-50"><a id="__codelineno-31-50" name="__codelineno-31-50" href="#__codelineno-31-50"></a> <span class="p">};</span>
</span><span id="__span-31-51"><a id="__codelineno-31-51" name="__codelineno-31-51" href="#__codelineno-31-51"></a>
</span><span id="__span-31-52"><a id="__codelineno-31-52" name="__codelineno-31-52" href="#__codelineno-31-52"></a> <span class="ss">openFirewall</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-31-53"><a id="__codelineno-31-53" name="__codelineno-31-53" href="#__codelineno-31-53"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-31-54"><a id="__codelineno-31-54" name="__codelineno-31-54" href="#__codelineno-31-54"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-31-55"><a id="__codelineno-31-55" name="__codelineno-31-55" href="#__codelineno-31-55"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Open firewall ports for Syncthing"</span><span class="p">;</span>
</span><span id="__span-31-56"><a id="__codelineno-31-56" name="__codelineno-31-56" href="#__codelineno-31-56"></a> <span class="p">};</span>
</span><span id="__span-31-57"><a id="__codelineno-31-57" name="__codelineno-31-57" href="#__codelineno-31-57"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="defaultnix_13"><code>default.nix</code><a class="headerlink" href="#defaultnix_13" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/sysprof/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/sysprof/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="defaultnix_14"><code>default.nix</code><a class="headerlink" href="#defaultnix_14" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/system/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/system/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="defaultnix_15"><code>default.nix</code><a class="headerlink" href="#defaultnix_15" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/systemd/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/systemd/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="defaultnix_16"><code>default.nix</code><a class="headerlink" href="#defaultnix_16" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/tabby/default.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/tabby/default.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="whatsapp-bridgenix"><code>whatsapp-bridge.nix</code><a class="headerlink" href="#whatsapp-bridgenix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/whatsapp-bridge.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/whatsapp-bridge.nix</code></a></p>
<p>WhatsApp Bridge Systemd Service
Persistent background service for WhatsApp Web API connection
Follows docs/NIXOS-ANTI-PATTERNS.md security patterns</p>
<p><em>No option declarations; see source for implementation.</em></p>
<h3 id="whisper-servernix"><code>whisper-server.nix</code><a class="headerlink" href="#whisper-servernix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/whisper-server.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/whisper-server.nix</code></a></p>
<p>whisper-server — local Whisper transcription HTTP API</p>
<p>Wraps <code>whisper-server</code> from pkgs.whisper-cpp. Used by <code>voice-input</code> clients
on razer + p620 to convert speech-to-text via a hold-to-talk hotkey.</p>
<p>Default deployment: p620 hosts the server (it has the CPU/GPU budget),
razer reaches it over the tailnet. p510 is irrelevant — headless.</p>
<p>Service surface:
POST http://p620:9300/inference multipart file=@audio.wav → transcript</p>
<p>Designed to be cheap to run idle: the binary memory-maps the model and
only burns CPU when a request comes in.</p>
<ul>
<li><strong>Enable option:</strong> Whisper.cpp HTTP transcription server</li>
</ul>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-32-1"><a id="__codelineno-32-1" name="__codelineno-32-1" href="#__codelineno-32-1"></a> options<span class="o">.</span>features<span class="o">.</span><span class="ss">whisper-server</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-32-2"><a id="__codelineno-32-2" name="__codelineno-32-2" href="#__codelineno-32-2"></a> <span class="ss">enable</span> <span class="o">=</span> lib<span class="o">.</span>mkEnableOption <span class="s2">"Whisper.cpp HTTP transcription server"</span><span class="p">;</span>
</span><span id="__span-32-3"><a id="__codelineno-32-3" name="__codelineno-32-3" href="#__codelineno-32-3"></a>
</span><span id="__span-32-4"><a id="__codelineno-32-4" name="__codelineno-32-4" href="#__codelineno-32-4"></a> <span class="ss">port</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-32-5"><a id="__codelineno-32-5" name="__codelineno-32-5" href="#__codelineno-32-5"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>port<span class="p">;</span>
</span><span id="__span-32-6"><a id="__codelineno-32-6" name="__codelineno-32-6" href="#__codelineno-32-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="mi">9300</span><span class="p">;</span>
</span><span id="__span-32-7"><a id="__codelineno-32-7" name="__codelineno-32-7" href="#__codelineno-32-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"TCP port for the HTTP inference endpoint."</span><span class="p">;</span>
</span><span id="__span-32-8"><a id="__codelineno-32-8" name="__codelineno-32-8" href="#__codelineno-32-8"></a> <span class="p">};</span>
</span><span id="__span-32-9"><a id="__codelineno-32-9" name="__codelineno-32-9" href="#__codelineno-32-9"></a>
</span><span id="__span-32-10"><a id="__codelineno-32-10" name="__codelineno-32-10" href="#__codelineno-32-10"></a> <span class="ss">model</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-32-11"><a id="__codelineno-32-11" name="__codelineno-32-11" href="#__codelineno-32-11"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>str<span class="p">;</span>
</span><span id="__span-32-12"><a id="__codelineno-32-12" name="__codelineno-32-12" href="#__codelineno-32-12"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"base.en"</span><span class="p">;</span>
</span><span id="__span-32-13"><a id="__codelineno-32-13" name="__codelineno-32-13" href="#__codelineno-32-13"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"small.en"</span><span class="p">;</span>
</span><span id="__span-32-14"><a id="__codelineno-32-14" name="__codelineno-32-14" href="#__codelineno-32-14"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''</span>
</span><span id="__span-32-15"><a id="__codelineno-32-15" name="__codelineno-32-15" href="#__codelineno-32-15"></a><span class="s s-Multiline"> ggml model name (passed to whisper-cpp-download-ggml-model). Sizes:</span>
</span><span id="__span-32-16"><a id="__codelineno-32-16" name="__codelineno-32-16" href="#__codelineno-32-16"></a><span class="s s-Multiline"> tiny.en ≈ 40 MB, fastest, lowest accuracy</span>
</span><span id="__span-32-17"><a id="__codelineno-32-17" name="__codelineno-32-17" href="#__codelineno-32-17"></a><span class="s s-Multiline"> base.en ≈ 150 MB, good balance for short dictation</span>
</span><span id="__span-32-18"><a id="__codelineno-32-18" name="__codelineno-32-18" href="#__codelineno-32-18"></a><span class="s s-Multiline"> small.en ≈ 500 MB, more accurate, slower</span>
</span><span id="__span-32-19"><a id="__codelineno-32-19" name="__codelineno-32-19" href="#__codelineno-32-19"></a><span class="s s-Multiline"> medium.en ≈ 1.5 GB</span>
</span><span id="__span-32-20"><a id="__codelineno-32-20" name="__codelineno-32-20" href="#__codelineno-32-20"></a><span class="s s-Multiline"> ''</span><span class="p">;</span>
</span><span id="__span-32-21"><a id="__codelineno-32-21" name="__codelineno-32-21" href="#__codelineno-32-21"></a> <span class="p">};</span>
</span><span id="__span-32-22"><a id="__codelineno-32-22" name="__codelineno-32-22" href="#__codelineno-32-22"></a>
</span><span id="__span-32-23"><a id="__codelineno-32-23" name="__codelineno-32-23" href="#__codelineno-32-23"></a> <span class="ss">openFirewallOnTailscale</span> <span class="o">=</span> lib<span class="o">.</span>mkOption <span class="p">{</span>
</span><span id="__span-32-24"><a id="__codelineno-32-24" name="__codelineno-32-24" href="#__codelineno-32-24"></a> <span class="ss">type</span> <span class="o">=</span> lib<span class="o">.</span>types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-32-25"><a id="__codelineno-32-25" name="__codelineno-32-25" href="#__codelineno-32-25"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-32-26"><a id="__codelineno-32-26" name="__codelineno-32-26" href="#__codelineno-32-26"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s2">"Open the service port on the tailscale0 interface only."</span><span class="p">;</span>
</span><span id="__span-32-27"><a id="__codelineno-32-27" name="__codelineno-32-27" href="#__codelineno-32-27"></a> <span class="p">};</span>
</span><span id="__span-32-28"><a id="__codelineno-32-28" name="__codelineno-32-28" href="#__codelineno-32-28"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="xdg-portalnix"><code>xdg-portal.nix</code><a class="headerlink" href="#xdg-portalnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/xserver/xdg-portal.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/xserver/xdg-portal.nix</code></a></p>
<p>XDG Desktop Portal Configuration Module
Configures desktop integration for Wayland and X11 applications</p>
<ul>
<li><strong>Enable option:</strong> XDG desktop portal services</li>
</ul>
<p><strong>Options:</strong> <code>enable</code>, <code>backend</code>, <code>enableScreencast</code>, <code>suppressIconWarning</code>, <code>forcePortalOpen</code></p>
<details class="note">
<summary>Options declaration (Nix)</summary>
<div class="language-nix highlight"><pre><span></span><code><span id="__span-33-1"><a id="__codelineno-33-1" name="__codelineno-33-1" href="#__codelineno-33-1"></a> options<span class="o">.</span>modules<span class="o">.</span>services<span class="o">.</span><span class="ss">xdg-portal</span> <span class="o">=</span> <span class="p">{</span>
</span><span id="__span-33-2"><a id="__codelineno-33-2" name="__codelineno-33-2" href="#__codelineno-33-2"></a> <span class="ss">enable</span> <span class="o">=</span> mkEnableOption <span class="s2">"XDG desktop portal services"</span><span class="p">;</span>
</span><span id="__span-33-3"><a id="__codelineno-33-3" name="__codelineno-33-3" href="#__codelineno-33-3"></a>
</span><span id="__span-33-4"><a id="__codelineno-33-4" name="__codelineno-33-4" href="#__codelineno-33-4"></a> <span class="ss">backend</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-33-5"><a id="__codelineno-33-5" name="__codelineno-33-5" href="#__codelineno-33-5"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>enum <span class="p">[</span> <span class="s2">"sway"</span> <span class="s2">"gnome"</span> <span class="s2">"cosmic"</span> <span class="p">];</span>
</span><span id="__span-33-6"><a id="__codelineno-33-6" name="__codelineno-33-6" href="#__codelineno-33-6"></a> <span class="ss">default</span> <span class="o">=</span> <span class="s2">"gnome"</span><span class="p">;</span>
</span><span id="__span-33-7"><a id="__codelineno-33-7" name="__codelineno-33-7" href="#__codelineno-33-7"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Primary desktop environment backend for portals''</span><span class="p">;</span>
</span><span id="__span-33-8"><a id="__codelineno-33-8" name="__codelineno-33-8" href="#__codelineno-33-8"></a> <span class="ss">example</span> <span class="o">=</span> <span class="s2">"sway"</span><span class="p">;</span>
</span><span id="__span-33-9"><a id="__codelineno-33-9" name="__codelineno-33-9" href="#__codelineno-33-9"></a> <span class="p">};</span>
</span><span id="__span-33-10"><a id="__codelineno-33-10" name="__codelineno-33-10" href="#__codelineno-33-10"></a>
</span><span id="__span-33-11"><a id="__codelineno-33-11" name="__codelineno-33-11" href="#__codelineno-33-11"></a> <span class="ss">enableScreencast</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-33-12"><a id="__codelineno-33-12" name="__codelineno-33-12" href="#__codelineno-33-12"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-33-13"><a id="__codelineno-33-13" name="__codelineno-33-13" href="#__codelineno-33-13"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-33-14"><a id="__codelineno-33-14" name="__codelineno-33-14" href="#__codelineno-33-14"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Enable screencasting support through portals''</span><span class="p">;</span>
</span><span id="__span-33-15"><a id="__codelineno-33-15" name="__codelineno-33-15" href="#__codelineno-33-15"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-33-16"><a id="__codelineno-33-16" name="__codelineno-33-16" href="#__codelineno-33-16"></a> <span class="p">};</span>
</span><span id="__span-33-17"><a id="__codelineno-33-17" name="__codelineno-33-17" href="#__codelineno-33-17"></a>
</span><span id="__span-33-18"><a id="__codelineno-33-18" name="__codelineno-33-18" href="#__codelineno-33-18"></a> <span class="ss">suppressIconWarning</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-33-19"><a id="__codelineno-33-19" name="__codelineno-33-19" href="#__codelineno-33-19"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-33-20"><a id="__codelineno-33-20" name="__codelineno-33-20" href="#__codelineno-33-20"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-33-21"><a id="__codelineno-33-21" name="__codelineno-33-21" href="#__codelineno-33-21"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Suppress XDG icon protocol warnings''</span><span class="p">;</span>
</span><span id="__span-33-22"><a id="__codelineno-33-22" name="__codelineno-33-22" href="#__codelineno-33-22"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-33-23"><a id="__codelineno-33-23" name="__codelineno-33-23" href="#__codelineno-33-23"></a> <span class="p">};</span>
</span><span id="__span-33-24"><a id="__codelineno-33-24" name="__codelineno-33-24" href="#__codelineno-33-24"></a>
</span><span id="__span-33-25"><a id="__codelineno-33-25" name="__codelineno-33-25" href="#__codelineno-33-25"></a> <span class="ss">forcePortalOpen</span> <span class="o">=</span> mkOption <span class="p">{</span>
</span><span id="__span-33-26"><a id="__codelineno-33-26" name="__codelineno-33-26" href="#__codelineno-33-26"></a> <span class="ss">type</span> <span class="o">=</span> types<span class="o">.</span>bool<span class="p">;</span>
</span><span id="__span-33-27"><a id="__codelineno-33-27" name="__codelineno-33-27" href="#__codelineno-33-27"></a> <span class="ss">default</span> <span class="o">=</span> <span class="no">true</span><span class="p">;</span>
</span><span id="__span-33-28"><a id="__codelineno-33-28" name="__codelineno-33-28" href="#__codelineno-33-28"></a> <span class="ss">description</span> <span class="o">=</span> <span class="s s-Multiline">''Force applications to use portal for file operations''</span><span class="p">;</span>
</span><span id="__span-33-29"><a id="__codelineno-33-29" name="__codelineno-33-29" href="#__codelineno-33-29"></a> <span class="ss">example</span> <span class="o">=</span> <span class="no">false</span><span class="p">;</span>
</span><span id="__span-33-30"><a id="__codelineno-33-30" name="__codelineno-33-30" href="#__codelineno-33-30"></a> <span class="p">};</span>
</span><span id="__span-33-31"><a id="__codelineno-33-31" name="__codelineno-33-31" href="#__codelineno-33-31"></a> <span class="p">}</span>
</span></code></pre></div>
</details>
<h3 id="xdgnix"><code>xdg.nix</code><a class="headerlink" href="#xdgnix" title="Anchor link to this section">¶</a></h3>
<p><a href="https://github.com/olafkfreund/nixos_config/blob/main/modules/services/xserver/xdg.nix"><span class="twemoji"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 2A10 10 0 0 0 2 12c0 4.42 2.87 8.17 6.84 9.5.5.08.66-.23.66-.5v-1.69c-2.77.6-3.36-1.34-3.36-1.34-.46-1.16-1.11-1.47-1.11-1.47-.91-.62.07-.6.07-.6 1 .07 1.53 1.03 1.53 1.03.87 1.52 2.34 1.07 2.91.83.09-.65.35-1.09.63-1.34-2.22-.25-4.55-1.11-4.55-4.92 0-1.11.38-2 1.03-2.71-.1-.25-.45-1.29.1-2.64 0 0 .84-.27 2.75 1.02.79-.22 1.65-.33 2.5-.33s1.71.11 2.5.33c1.91-1.29 2.75-1.02 2.75-1.02.55 1.35.2 2.39.1 2.64.65.71 1.03 1.6 1.03 2.71 0 3.82-2.34 4.66-4.57 4.91.36.31.69.92.69 1.85V21c0 .27.16.59.67.5C19.14 20.16 22 16.42 22 12A10 10 0 0 0 12 2"/></svg></span> <code>modules/services/xserver/xdg.nix</code></a></p>
<p><em>No option declarations; see source for implementation.</em></p>
</article>
</div>
<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
</div>
<button type="button" class="md-top md-icon" data-md-component="top" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8z"/></svg>
Back to top
</button>
</main>
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer" >
<a href="../security/" class="md-footer__link md-footer__link--prev" aria-label="Previous: Security">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11z"/></svg>
</div>
<div class="md-footer__title">
<span class="md-footer__direction">
Previous
</span>
<div class="md-ellipsis">
Security
</div>
</div>
</a>
<a href="../spell/" class="md-footer__link md-footer__link--next" aria-label="Next: Spell Checking">
<div class="md-footer__title">
<span class="md-footer__direction">
Next
</span>
<div class="md-ellipsis">
Spell Checking
</div>
</div>
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11z"/></svg>
</div>
</a>
</nav>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Built with MkDocs Material · Generated reproducibly with Nix (<code>nix build .#docs</code>)
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<div class="md-progress" data-md-component="progress" role="progressbar"></div>
<script id="__config" type="application/json">{"annotate": null, "base": "../../..", "features": ["navigation.tabs", "navigation.tabs.sticky", "navigation.sections", "navigation.indexes", "navigation.top", "navigation.instant", "navigation.instant.progress", "navigation.tracking", "navigation.footer", "search.suggest", "search.highlight", "search.share", "content.code.copy", "content.code.annotate", "content.tooltips", "toc.follow"], "search": "../../../assets/javascripts/workers/search.2c215733.min.js", "tags": null, "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": null}</script>
<script src="../../../assets/javascripts/bundle.79ae519e.min.js"></script>
<script src="../../../javascripts/cursor.js"></script>
</body>
</html>