Machine options
settings.fleet-manager.enable
This Cluster is the Fleet Manager
Declared in modules/kubernetes/fleet-manager.nix.
settings.git.repos
Set of local git repositories to be committed locally on each activation.
Declared in modules/git/default.nix.
settings.impermanence.enable
settings.impermanence.persistentSystemPath
Path to where the persisted part of the system lies
Declared in modules/impermanence.nix.
settings.kubernetes.enable
Run a k3s Kubernetes node on the machine.
Declared in modules/kubernetes/default.nix.
settings.kubernetes.group
Group that has access to the k3s config and data.
Declared in modules/kubernetes/default.nix.
settings.kubernetes.labels
Labels to add to the cluster
Declared in modules/kubernetes/default.nix.
settings.kubernetes.name
Name of the k3s cluster.
Declared in modules/kubernetes/default.nix.
settings.kubernetes.oauthClientId
OAuth client ID for the tailscale operator.
Declared in modules/kubernetes/default.nix.
settings.kubernetes.values
Template values of the cluster
Declared in modules/kubernetes/default.nix.
settings.local-server.enable
Label this machine as a local server.
Declared in modules/local-server/default.nix.
settings.localIP
IP of the machine in the local network
Declared in modules/networking.nix.
settings.prometheus.enable
Label the machine as using the Prometheus monitoring system.
By default, the machine is labeled when the Kubernetes cluster is enabled.
Declared in modules/prometheus/default.nix.
settings.prometheus.federation.enable
Label the machine as using Prometheus in a federation of multiple Prometheus instances.
Declared in modules/prometheus/default.nix.
settings.prometheus.federation.upstream.enable
Label the machine as being the upstream Prometheus instance in a federation.
Declared in modules/prometheus/default.nix.
settings.publicIP
Public IP of the machine
Declared in modules/networking.nix.
settings.ssh.fail2ban.enable
Enable fail2ban to block SSH brute force attacks.
By default, Fail2ban is enabled if sshguard is disabled.
Declared in modules/ssh.nix.
settings.ssh.sshguard.enable
Enable sshguard to block SSH brute force attacks.
Declared in modules/ssh.nix.
settings.sshPublicKey
SSH public key of the machine.
This option is required to decode the secrets defined in the main features like users, wireless networks, etc.
Declared in modules/ssh.nix.
settings.swap.file.enable
Enable a swap file on the root partition.
Declared in modules/swap.nix.
settings.swap.file.size
Size of the swap file in GiB.
Declared in modules/swap.nix.
settings.swap.zram.enable
Enable a swap file in a zram device.
Declared in modules/swap.nix.
settings.users.users
Set of users to create and configure.
Declared in modules/users.nix.
settings.users.users.<name>.enable
Whether the user is enabled in the machine.
Declared in modules/users.nix.
settings.users.users.<name>.isAdmin
Whether the user is an admin of the machine.
Declared in modules/users.nix.
settings.users.users.<name>.isSystemUser
Whether the user is a system user.
Declared in modules/users.nix.
settings.users.users.<name>.publicKeys
Public keys of the user, without the comment (user@host) part.
Declared in modules/users.nix.
Was this page helpful?