System
System
system.activatable
Whether to add the activation script to the system profile.
The default, to have the script available all the time, is what we normally do, but for image based systems, this may not be needed or not be desirable.
Type: boolean
Default
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/activatable-system.nix
system.activationScripts
A set of shell script fragments that are executed when a NixOS
system configuration is activated. Examples are updating
/etc, creating accounts, and so on. Since these are executed
every time you boot the system or run
{command}nixos-rebuild, it's important that they are
idempotent and fast.
Type: attribute set of (string or (submodule))
Default
{ }
Example
{ stdio.text ='' # Needed by some programs. ln -sfn /proc/self/fd /dev/fd ln -sfn /proc/self/fd/0 /dev/stdin ln -sfn /proc/self/fd/1 /dev/stdout ln -sfn /proc/self/fd/2 /dev/stderr '';}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/activation-script.nix
system.autoUpgrade.allowReboot
Reboot the system into the new generation instead of a switch
if the new generation uses a different kernel, kernel modules
or initrd than the booted system.
See {option}rebootWindow for configuring the times at which a reboot is allowed.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.channel
The URI of the NixOS channel to use for automatic
upgrades. By default, this is the channel set using
{command}nix-channel (run nix-channel --list
to see the current value).
Type: null or string
Default
null
Example
"https://nixos.org/channels/nixos-14.12-small"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.dates
How often or when upgrade occurs. For most desktop and server systems a sufficient upgrade frequency is once a day.
The format is described in
{manpage}systemd.time(7).
Type: string
Default
"04:40"
Example
"daily"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.enable
Whether to periodically upgrade NixOS to the latest
version. If enabled, a systemd timer will run
nixos-rebuild switch --upgrade once a
day.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.fixedRandomDelay
Make the randomized delay consistent between runs.
This reduces the jitter between automatic upgrades.
See {option}randomizedDelaySec for configuring the randomized delay.
Type: boolean
Default
false
Example
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.flags
Any additional flags passed to {command}nixos-rebuild.
If you are using flakes and use a local repo you can add
{command}[ "--update-input" "nixpkgs" "--commit-lock-file" ]
to update nixpkgs.
Type: list of string
Default
[ ]
Example
["-I""stuff=/home/alice/nixos-stuff""--option""extra-binary-caches""http://my-cache.example.org/"]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.flake
The Flake URI of the NixOS configuration to build.
Disables the option {option}system.autoUpgrade.channel.
Type: null or string
Default
null
Example
"github:kloenk/nix"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.operation
Whether to run
nixos-rebuild switch --upgrade or run
nixos-rebuild boot --upgrade
Type: one of "switch", "boot"
Default
"switch"
Example
"boot"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.persistent
Takes a boolean argument. If true, the time when the service unit was last triggered is stored on disk. When the timer is activated, the service unit is triggered immediately if it would have been triggered at least once during the time when the timer was inactive. Such triggering is nonetheless subject to the delay imposed by RandomizedDelaySec=. This is useful to catch up on missed runs of the service when the system was powered down.
Type: boolean
Default
true
Example
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.randomizedDelaySec
Add a randomized delay before each automatic upgrade.
The delay will be chosen between zero and this value.
This value must be a time span in the format specified bysystemd.time(7)
Type: string
Default
"0"
Example
"45min"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.rebootWindow
Define a lower and upper time value (in HH:MM format) which
constitute a time window during which reboots are allowed after an upgrade.
This option only has an effect when {option}allowReboot is enabled.
The default value of null means that reboots are allowed at any time.
Type: null or (submodule)
Default
null
Example
{lower = "01:00";upper = "05:00";}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.rebootWindow.lower
Lower limit of the reboot window
Type: string matching the pattern [[:digit:]]{2}:[[:digit:]]{2}
Example
"01:00"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.autoUpgrade.rebootWindow.upper
Upper limit of the reboot window
Type: string matching the pattern [[:digit:]]{2}:[[:digit:]]{2}
Example
"05:00"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/tasks/auto-upgrade.nix
system.build
Attribute set of derivations used to set up the system.
Type: lazy attribute set of unspecified value
Default
{ }
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/build.nix
system.build.separateActivationScript
A separate activation script package that's not part of the system profile.
This is useful for configurations where system.activatable is false.
Otherwise, you can just use system.build.toplevel.
Type: package
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/activatable-system.nix
system.build.toplevel
This option contains the store path that typically represents a NixOS system.
You can read this path in a custom deployment tool for example.
Type: package
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.checks
Packages that are added as dependencies of the system's build, usually for the purpose of validating some part of the configuration.
Unlike system.extraDependencies, these store paths do not
become part of the built system configuration.
Type: list of package
Default
[ ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.copySystemConfiguration
If enabled, copies the NixOS configuration file
(usually {file}/etc/nixos/configuration.nix)
and links it from the resulting system
(getting to {file}/run/current-system/configuration.nix).
Note that only this single file is copied, even if it imports others.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.etc.overlay.enable
Mount /etc as an overlayfs instead of generating it via a perl script.
Note: This is currently experimental. Only enable this option if you're confident that you can recover your system if it breaks.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/etc/etc.nix
system.etc.overlay.mutable
Whether to mount /etc mutably (i.e. read-write) or immutably (i.e. read-only).
If this is false, only the immutable lowerdir is mounted. If it is true, a writable upperdir is mounted on top.
Type: boolean
Default
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/etc/etc.nix
system.extraDependencies
A list of paths that should be included in the system closure but generally not visible to users.
This option has also been used for build-time checks, but the
system.checks option is more appropriate for that purpose as checks
should not leave a trace in the built system configuration.
Type: list of path in the Nix store
Default
[ ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.forbiddenDependenciesRegexes
POSIX Extended Regular Expressions that match store paths that
should not appear in the system closure, with the exception of {option}system.extraDependencies, which is not checked.
Type: list of string
Default
[ ]
Example
["-dev$"]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.includeBuildDependencies
Whether to include the build closure of the whole system in its runtime closure. This can be useful for making changes fully offline, as it includes all sources, patches, and intermediate outputs required to build all the derivations that the system depends on.
Note that this includes all the derivations, down from the included applications to their sources, the compilers used to build them, and even the bootstrap compiler used to compile the compilers. This increases the size of the system and the time needed to download its dependencies drastically: a minimal configuration with no extra services enabled grows from ~670MiB in size to 13.5GiB, and takes proportionally longer to download.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.name
The name of the system used in the {option}system.build.toplevel derivation.
That derivation has the following name:
"nixos-system-${config.system.name}-${config.system.nixos.label}"
Type: string
Default
if config.networking.hostName == ""then "unnamed"else config.networking.hostName;
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.nixos.label
NixOS version name to be used in the names of generated outputs and boot labels.
If you ever wanted to influence the labels in your GRUB menu, this is the option for you.
It can only contain letters, numbers and the following symbols:
:, _, . and -.
The default is {option}system.nixos.tags separated by
"-" + "-" + {env}NIXOS_LABEL_VERSION environment
variable (defaults to the value of
{option}system.nixos.version).
Can be overridden by setting {env}NIXOS_LABEL.
Useful for not loosing track of configurations built from different nixos branches/revisions, e.g.:
#!/bin/sh
today=`date +%Y%m%d`
branch=`(cd nixpkgs ; git branch 2>/dev/null | sed -n '/^\* / { s|^\* ||; p; }')`
revision=`(cd nixpkgs ; git rev-parse HEAD)`
export NIXOS_LABEL_VERSION="$today.$branch-${revision:0:7}"
nixos-rebuild switch
Type: string matching the pattern [a-zA-Z0-9:_\.-]*
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/label.nix
system.nixos.tags
Strings to prefix to the default
{option}system.nixos.label.
Useful for not loosing track of configurations built with different options, e.g.:
{
system.nixos.tags = [ "with-xen" ];
virtualisation.xen.enable = true;
}
Type: list of string
Default
[ ]
Example
["with-xen"]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/label.nix
system.nssDatabases.group
List of group entries to configure in {file}/etc/nsswitch.conf.
Note that "files" is always prepended while "systemd" is appended if nscd is enabled.
This option only takes effect if nscd is enabled.
Type: list of string
Default
[ ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/config/nsswitch.nix
system.nssDatabases.hosts
List of hosts entries to configure in {file}/etc/nsswitch.conf.
Note that "files" is always prepended, and "dns" and "myhostname" are always appended.
This option only takes effect if nscd is enabled.
Type: list of string
Default
[ ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/config/nsswitch.nix
system.nssDatabases.passwd
List of passwd entries to configure in {file}/etc/nsswitch.conf.
Note that "files" is always prepended while "systemd" is appended if nscd is enabled.
This option only takes effect if nscd is enabled.
Type: list of string
Default
[ ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/config/nsswitch.nix
system.nssDatabases.services
List of services entries to configure in {file}/etc/nsswitch.conf.
Note that "files" is always prepended.
This option only takes effect if nscd is enabled.
Type: list of string
Default
[ ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/config/nsswitch.nix
system.nssDatabases.shadow
List of shadow entries to configure in {file}/etc/nsswitch.conf.
Note that "files" is always prepended.
This option only takes effect if nscd is enabled.
Type: list of string
Default
[ ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/config/nsswitch.nix
system.nssDatabases.sudoers
List of sudoers entries to configure in {file}/etc/nsswitch.conf.
Note that "files" is always prepended.
This option only takes effect if nscd is enabled.
Type: list of string
Default
[ ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/config/nsswitch.nix
system.replaceRuntimeDependencies
List of packages to override without doing a full rebuild. The original derivation and replacement derivation must have the same name length, and ideally should have close-to-identical directory layout.
Type: list of (submodule)
Default
[ ]
Example
[ ({ original = pkgs.openssl; replacement = pkgs.callPackage /path/to/openssl { }; }) ]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.replaceRuntimeDependencies.*.original
The original package to override.
Type: package
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.replaceRuntimeDependencies.*.replacement
The replacement package.
Type: package
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/top-level.nix
system.switch.enable
Whether to include the capability to switch configurations.
Disabling this makes the system unable to be reconfigured via nixos-rebuild.
This is good for image based appliances where updates are handled outside the image. Reducing features makes the image lighter and slightly more secure.
Type: boolean
Default
true
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/switchable-system.nix
system.switch.enableNg
Whether to include the capability to switch configurations.
Disabling this makes the system unable to be reconfigured via nixos-rebuild.
Whether to use switch-to-configuration-ng, an experimental
re-implementation of switch-to-configuration with the goal of
replacing the original.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/switchable-system.nix
system.userActivationScripts
A set of shell script fragments that are executed by a systemd user
service when a NixOS system configuration is activated. Examples are
rebuilding the .desktop file cache for showing applications in the menu.
Since these are executed every time you run
{command}nixos-rebuild, it's important that they are
idempotent and fast.
Type: attribute set of (string or (submodule))
Default
{ }
Example
{ plasmaSetup = {text = '' ${pkgs.libsForQt5.kservice}/bin/kbuildsycoca5" '';deps = [];};}
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/system/activation/activation-script.nix
system.configurationRevision
The Git revision of the top-level flake from which this configuration was built.
Type: null or string
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/version.nix
system.image.id
Image identifier.
This corresponds to the IMAGE_ID field in os-release. See the upstream docs for more details on valid characters for this field: https://www.freedesktop.org/software/systemd/man/latest/os-release.html#IMAGE_ID=
You would only want to set this option if you're build NixOS appliance images.
Type: null or string
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/version.nix
system.image.version
Image version.
This corresponds to the IMAGE_VERSION field in os-release. See the upstream docs for more details on valid characters for this field: https://www.freedesktop.org/software/systemd/man/latest/os-release.html#IMAGE_VERSION=
You would only want to set this option if you're build NixOS appliance images.
Type: null or string
Default
null
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/version.nix
system.nixos.codeName
The NixOS release code name (e.g. Emu).
Type: string
Default
"Vicuna"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/version.nix
system.nixos.release
The NixOS release (e.g. 16.03).
Type: string
Default
"24.11"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/version.nix
system.nixos.variant_id
A lower-case string identifying a specific variant or edition of the operating system
Type: null or string matching the pattern ^[a-z0-9._-]+$
Default
null
Example
"installer"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/version.nix
system.stateVersion
This option defines the first version of NixOS you have installed on this particular machine, and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
For example, if NixOS version XX.YY ships with AwesomeDB version N by default, and is then upgraded to version XX.YY+1, which ships AwesomeDB version N+1, the existing databases may no longer be compatible, causing applications to fail, or even leading to data loss.
The stateVersion mechanism avoids this situation by making the default version of such packages
conditional on the first version of NixOS you've installed (encoded in stateVersion), instead of
simply always using the latest one.
Note that this generally only affects applications that can't upgrade their data automatically - applications and services supporting automatic migrations will remain on latest versions when you upgrade.
Most users should never change this value after the initial install, for any reason, even if you've upgraded your system to a new NixOS release.
This value does not affect the Nixpkgs version your packages and OS are pulled from, so changing it will not upgrade your system.
This value being lower than the current NixOS release does not mean your system is out of date, out of support, or vulnerable.
Do not change this value unless you have manually inspected all the changes it would make to your configuration, and migrated your data accordingly.
Type: string
Default
config.system.nixos.release
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/misc/version.nix