Skip to content

Aesmd

services.aesmd.debug

Whether to build the PSW package in debug mode. Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix

services.aesmd.enable

Whether to enable Intel's Architectural Enclave Service Manager (AESM) for Intel SGX. Type: boolean

Default

false

Example

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix

services.aesmd.environment

Additional environment variables to pass to the AESM service. Type: attribute set of string

Default

{ }

Example

{AZDCAP_COLLATERAL_VERSION = "v2";AZDCAP_DEBUG_LOG_LEVEL = "INFO";}

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix

services.aesmd.quoteProviderLibrary

Custom quote provider library to use. Type: null or path

Default

null

Example

pkgs.sgx-azure-dcap-client

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix

services.aesmd.settings

AESM configuration Type: submodule

Default

{ }

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix

services.aesmd.settings.defaultQuotingType

Attestation quote type. Type: null or one of "ecdsa_256", "epid_linkable", "epid_unlinkable"

Default

null

Example

"ecdsa_256"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix

services.aesmd.settings.proxy

HTTP network proxy. Type: null or string

Default

null

Example

"http://proxy_url:1234"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix

services.aesmd.settings.proxyType

Type of proxy to use. The default uses the system's default proxy. If direct is given, uses no proxy. A value of manual uses the proxy from {option}services.aesmd.settings.proxy.

Type: null or one of "default", "direct", "manual"

Default

if (config.services.aesmd.settings.proxy != null) then "manual" else null

Example

"default"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix

services.aesmd.settings.whitelistUrl

URL to retrieve authorized Intel SGX enclave signers. Type: null or string

Default

null

Example

"http://whitelist.trustedservices.intel.com/SGX/LCWL/Linux/sgx_white_list_cert.bin"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/security/aesmd.nix