1 { config, lib, name, ... }:
7 base = mkOption { description = "Base of the LDAP tree"; type = str; };
8 host = mkOption { description = "Host to access LDAP"; type = str; };
9 root_dn = mkOption { description = "DN of the root user"; type = str; };
10 root_pw = mkOption { description = "Hashed password of the root user"; type = str; };
11 replication_dn = mkOption { description = "DN of the user allowed to replicate the LDAP directory"; type = str; };
12 replication_pw = mkOption { description = "Password of the user allowed to replicate the LDAP directory"; type = str; };
14 mkLdapOptions = name: more: mkOption {
15 description = "${name} LDAP configuration";
17 options = ldapOptions // {
18 dn = mkOption { description = "DN of the ${name} user"; type = str; };
19 password = mkOption { description = "password of the ${name} user"; type = str; };
20 filter = mkOption { description = "Filter for ${name} users"; type = str; default = ""; };
25 host = mkOption { description = "Host to access Mysql"; type = str; };
26 remoteHost = mkOption { description = "Host to access Mysql from outside"; type = str; };
27 port = mkOption { description = "Port to access Mysql"; type = str; };
28 socket = mkOption { description = "Socket to access Mysql"; type = path; };
29 systemUsers = mkOption {
30 description = "Attrs of user-passwords allowed to access mysql";
34 description = "PAM configuration for mysql";
37 dn = mkOption { description = "DN to connect as to check users"; type = str; };
38 password = mkOption { description = "DN password to connect as to check users"; type = str; };
39 filter = mkOption { description = "filter to match users"; type = str; };
44 mkMysqlOptions = name: more: mkOption {
45 description = "${name} mysql configuration";
47 options = mysqlOptions // {
48 database = mkOption { description = "${name} database"; type = str; };
49 user = mkOption { description = "${name} user"; type = str; };
50 password = mkOption { description = "mysql password of the ${name} user"; type = str; };
55 host = mkOption { description = "Host to access Postgresql"; type = str; };
56 port = mkOption { description = "Port to access Postgresql"; type = str; };
57 socket = mkOption { description = "Socket to access Postgresql"; type = path; };
59 description = "PAM configuration for psql";
62 dn = mkOption { description = "DN to connect as to check users"; type = str; };
63 password = mkOption { description = "DN password to connect as to check users"; type = str; };
64 filter = mkOption { description = "filter to match users"; type = str; };
69 mkPsqlOptions = name: mkOption {
70 description = "${name} psql configuration";
72 options = psqlOptions // {
73 database = mkOption { description = "${name} database"; type = str; };
74 schema = mkOption { description = "${name} schema"; type = nullOr str; default = null; };
75 user = mkOption { description = "${name} user"; type = str; };
76 password = mkOption { description = "psql password of the ${name} user"; type = str; };
81 host = mkOption { description = "Host to access Redis"; type = str; };
82 port = mkOption { description = "Port to access Redis"; type = str; };
83 socket = mkOption { description = "Socket to access Redis"; type = path; };
85 description = "Attrs of db number. Each number should be unique to avoid collision!";
88 spiped_key = mkOption {
91 Key to use with spiped to make a secure channel to replication
95 description = "Predixy configuration. Unused yet";
98 read = mkOption { type = str; description = "Read password"; };
103 mkRedisOptions = name: mkOption {
104 description = "${name} redis configuration";
106 options = redisOptions // {
107 db = mkOption { description = "${name} database"; type = str; };
111 hostEnv = submodule {
114 description = "Host FQDN";
119 description = "List of e-mails that the server can be a sender of";
124 LDAP credentials for the host
128 password = mkOption { type = string; description = "Password for the LDAP connection"; };
129 dn = mkOption { type = string; description = "DN for the LDAP connection"; };
134 description = "subdomain and priority for MX server";
135 default = { enable = false; };
138 enable = mkEnableOption "Enable MX";
139 subdomain = mkOption { type = nullOr str; description = "Subdomain name (mx-*)"; };
140 priority = mkOption { type = nullOr str; description = "Priority"; };
146 attrs of ip4/ip6 grouped by section
148 type = attrsOf (submodule {
153 ip4 address of the host
157 type = listOf string;
160 ip6 addresses of the host
173 Attrs of servers information in the cluster (not necessarily handled by nixops)
176 type = attrsOf hostEnv;
178 hetznerCloud = mkOption {
180 Hetzner Cloud credential information
184 authToken = mkOption {
195 Hetzner credential information
199 user = mkOption { type = str; description = "User"; };
200 pass = mkOption { type = str; description = "Password"; };
206 sshd service credential information
212 LDAP credentials for cn=ssh,ou=services,dc=immae,dc=eu dn
216 password = mkOption { description = "Password"; type = str; };
225 non-standard reserved ports. Must be unique!
230 noDupl = x: builtins.length (builtins.attrValues x) == builtins.length (unique (builtins.attrValues x));
232 x: if isAttrs x && noDupl x then x else throw "Non unique values for ports";
236 httpd service credential information
242 LDAP credentials for cn=httpd,ou=services,dc=immae,dc=eu dn
246 password = mkOption { description = "Password"; type = str; };
255 LDAP server configuration
258 options = ldapOptions;
261 databases = mkOption {
262 description = "Databases configuration";
266 type = submodule { options = mysqlOptions; };
267 description = "Mysql configuration";
270 type = submodule { options = redisOptions; };
271 description = "Redis configuration";
273 postgresql = mkOption {
274 type = submodule { options = psqlOptions; };
275 description = "Postgresql configuration";
281 description = "Jabber configuration";
284 postfix_user_filter = mkOption { type = str; description = "Postfix filter to get xmpp users"; };
285 ldap = mkLdapOptions "Jabber" {};
286 postgresql = mkPsqlOptions "Jabber";
291 description = "System and regular users uid/gid";
292 type = attrsOf (submodule {
295 description = "user uid";
299 description = "user gid";
306 description = "DNS configuration";
310 description = "SOA information";
314 description = "Serial number. Should be incremented at each change and unique";
318 description = "Refresh time";
322 description = "Retry time";
326 description = "Expire time";
330 description = "Default TTL time";
334 description = "hostmaster e-mail";
338 description = "Primary NS";
345 description = "Attrs of NS servers group";
348 "ns1.foo.com" = [ "198.51.100.10" "2001:db8:abcd::1" ];
349 "ns2.foo.com" = [ "198.51.100.15" "2001:db8:1234::1" ];
352 type = attrsOf (attrsOf (listOf str));
354 slaveZones = mkOption {
355 description = "List of slave zones";
356 type = listOf (submodule {
358 name = mkOption { type = str; description = "zone name"; };
360 description = "NS master groups of this zone";
366 masterZones = mkOption {
367 description = "List of master zones";
368 type = listOf (submodule {
370 name = mkOption { type = str; description = "zone name"; };
372 description = "NS slave groups of this zone";
376 description = "groups names that should have their NS entries listed here";
380 description = "Extra zone configuration for bind";
386 entries = mkOption { type = lines; description = "Regular entries of the NS zone"; };
387 withEmail = mkOption {
388 description = "List of domains that should have mail entries (MX, dkim, SPF, ...)";
390 type = listOf (submodule {
392 domain = mkOption { type = str; description = "Which subdomain is concerned"; };
393 send = mkOption { type = bool; description = "Whether there can be e-mails originating from the subdomain"; };
394 receive = mkOption { type = bool; description = "Whether there can be e-mails arriving to the subdomain"; };
406 Remote backup with duplicity
410 password = mkOption { type = str; description = "Password for encrypting files"; };
411 remote = mkOption { type = str; description = "Remote url access"; };
412 accessKeyId = mkOption { type = str; description = "Remote access-key"; };
413 secretAccessKey = mkOption { type = str; description = "Remote access secret"; };
417 rsync_backup = mkOption {
419 Rsync backup configuration from controlled host
423 mailto = mkOption { type = str; description = "Where to e-mail on error"; };
425 description = "SSH key information";
428 public = mkOption { type = str; description = "Public part of the key"; };
429 private = mkOption { type = lines; description = "Private part of the key"; };
433 profiles = mkOption {
434 description = "Attrs of profiles to backup";
435 type = attrsOf (submodule {
437 keep = mkOption { type = int; description = "Number of backups to keep"; };
438 login = mkOption { type = str; description = "Login to connect to host"; };
439 port = mkOption { type = str; default = "22"; description = "Port to connect to host"; };
440 host = mkOption { type = str; description = "Host to connect to"; };
441 host_key = mkOption { type = str; description = "Host key"; };
442 host_key_type = mkOption { type = str; description = "Host key type"; };
444 description = "Parts to backup for this host";
445 type = attrsOf (submodule {
447 remote_folder = mkOption { type = path; description = "Remote folder to backup";};
448 exclude_from = mkOption {
451 description = "List of folders/files to exclude from the backup";
453 files_from = mkOption {
456 description = "List of folders/files to backup in the base folder";
461 description = "Extra arguments to pass to rsync";
472 monitoring = mkOption {
473 description = "Monitoring configuration";
476 status_url = mkOption { type = str; description = "URL to push status to"; };
477 status_token = mkOption { type = str; description = "Token for the status url"; };
478 http_user_password = mkOption { type = str; description = "HTTP credentials to check services behind wall"; };
479 email = mkOption { type = str; description = "Admin E-mail"; };
480 ssh_public_key = mkOption { type = str; description = "SSH public key"; };
481 ssh_secret_key = mkOption { type = str; description = "SSH secret key"; };
482 imap_login = mkOption { type = str; description = "IMAP login"; };
483 imap_password = mkOption { type = str; description = "IMAP password"; };
484 eriomem_keys = mkOption { type = listOf (listOf str); description = "Eriomem keys"; default = []; };
485 nrdp_tokens = mkOption { type = listOf str; description = "Tokens allowed to push status update"; };
486 slack_url = mkOption { type = str; description = "Slack webhook url to push status update"; };
487 slack_channel = mkOption { type = str; description = "Slack channel to push status update"; };
488 contacts = mkOption { type = attrsOf unspecified; description = "Contact dicts to fill naemon objects"; };
489 email_check = mkOption {
490 description = "Emails services to check";
491 type = attrsOf (submodule {
493 local = mkOption { type = bool; default = false; description = "Use local configuration"; };
494 port = mkOption { type = nullOr str; default = null; description = "Port to connect to ssh"; };
495 login = mkOption { type = nullOr str; default = null; description = "Login to connect to ssh"; };
496 targets = mkOption { type = listOf str; description = "Hosts to send E-mails to"; };
497 mail_address = mkOption { type = str; description = "E-mail recipient part to send e-mail to"; };
498 mail_domain = mkOption { type = str; description = "E-mail domain part to send e-mail to"; };
506 description = "MPD configuration";
509 folder = mkOption { type = str; description = "Folder to serve from the MPD instance"; };
510 password = mkOption { type = str; description = "Password to connect to the MPD instance"; };
511 host = mkOption { type = str; description = "Host to connect to the MPD instance"; };
512 port = mkOption { type = str; description = "Port to connect to the MPD instance"; };
517 description = "FTP configuration";
520 ldap = mkLdapOptions "FTP" {};
525 description = "Mail configuration";
529 description = "DMARC configuration";
532 ignore_hosts = mkOption {
535 Hosts to ignore when checking for dmarc
542 description = "DKIM configuration";
543 type = attrsOf (submodule {
549 "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3w1a2aMxWw9+hdcmbqX4UevcVqr204y0K73Wdc7MPZiOOlUJQYsMNSYR1Y/SC7jmPKeitpcJCpQgn/cveJZbuikjjPLsDReHyFEYmC278ZLRTELHx6f1IXM8WE08JIRT69CfZiMi1rVcOh9qRT4F93PyjCauU8Y5hJjtg9ThsWwIDAQAB" )
551 description = "Public entry to put in DNS TXT field";
553 private = mkOption { type = str; description = "Private key"; };
558 description = "Postfix configuration";
561 additional_mailbox_domains = mkOption {
563 List of domains that are used as mailbox final destination, in addition to those defined in the DNS records
567 mysql = mkMysqlOptions "Postfix" {
568 password_encrypt = mkOption { type = str; description = "Key to encrypt relay password in database"; };
570 backup_domains = mkOption {
572 Domains that are accepted for relay as backup domain
574 type = attrsOf (submodule {
576 domains = mkOption { type = listOf str; description = "Domains list"; };
577 relay_restrictions = mkOption {
580 Restrictions for relaying the e-mails from the domains
583 recipient_maps = mkOption {
585 Recipient map to accept relay for.
586 Must be specified for domain, the rules apply to everyone!
588 type = listOf (submodule {
591 type = enum [ "hash" ];
592 description = "Map type";
596 description = "Map content";
608 description = "Dovecot configuration";
611 ldap = mkLdapOptions "Dovecot" {
612 pass_attrs = mkOption { type = str; description = "Password attribute in LDAP"; };
613 user_attrs = mkOption { type = str; description = "User attribute mapping in LDAP"; };
614 iterate_attrs = mkOption { type = str; description = "User attribute mapping for listing in LDAP"; };
615 iterate_filter = mkOption { type = str; description = "User attribute filter for listing in LDAP"; };
621 description = "rspamd configuration";
624 redis = mkRedisOptions "Redis";
625 read_password_hashed = mkOption { type = str; description = "Hashed read password for rspamd"; };
626 write_password_hashed = mkOption { type = str; description = "Hashed write password for rspamd"; };
627 read_password = mkOption {
629 description = "Read password for rspamd. Unused";
632 write_password = mkOption {
634 description = "Write password for rspamd. Unused";
641 description = "Mail script recipients";
642 type = attrsOf (submodule {
644 external = mkEnableOption "Create a script_<name>@mail.immae.eu external address";
647 git source to fetch the script from.
648 It must have a default.nix file as its root accepting a scriptEnv parameter
652 url = mkOption { type = str; description = "git url to fetch"; };
653 rev = mkOption { type = str; description = "git reference to fetch"; };
658 description = "Variables to pass to the script";
667 buildbot = mkOption {
668 description = "Buildbot configuration";
672 description = "Buildbot user";
676 description = "user uid";
680 description = "user gid";
687 description = "Ldap configuration for buildbot";
690 password = mkOption { type = str; description = "Buildbot password"; };
694 projects = mkOption {
695 description = "Projects to make a buildbot for";
696 type = attrsOf (submodule {
698 name = mkOption { type = str; description = "Project name"; };
699 packages = mkOption {
701 example = literalExample ''
702 pkgs: [ pkgs.bash pkgs.git pkgs.gzip pkgs.openssh ];
706 Builds packages list to make available to buildbot project.
707 Takes pkgs as argument.
710 pythonPackages = mkOption {
712 example = literalExample ''
713 p: pkgs: [ pkgs.python3Packages.pip ];
717 Builds python packages list to make available to buildbot project.
718 Takes buildbot python module as first argument and pkgs as second argument in order to augment the python modules list.
721 pythonPathHome = mkOption { type = bool; description = "Whether to add project’s python home to python path"; };
724 description = "Secrets for the project to dump as files";
726 environment = mkOption {
729 Environment variables for the project.
730 BUILDBOT_ is prefixed to the variable names
733 activationScript = mkOption {
736 Activation script to run during deployment
739 builderPaths = mkOption {
740 type = attrsOf unspecified;
743 Attrs of functions to make accessible specifically per builder.
744 Takes pkgs as argument and should return a single path containing binaries.
745 This path will be accessible as BUILDBOT_PATH_<attrskey>
748 webhookTokens = mkOption {
749 type = nullOr (listOf str);
752 List of tokens allowed to push to project’s change_hook/base endpoint
762 description = "Tools configurations";
766 description = "Davical configuration";
769 postgresql = mkPsqlOptions "Davical";
770 ldap = mkLdapOptions "Davical" {};
774 diaspora = mkOption {
775 description = "Diaspora configuration";
778 postgresql = mkPsqlOptions "Diaspora";
779 redis = mkRedisOptions "Diaspora";
780 ldap = mkLdapOptions "Diaspora" {};
781 secret_token = mkOption { type = str; description = "Secret token"; };
785 etherpad-lite = mkOption {
786 description = "Etherpad configuration";
789 postgresql = mkPsqlOptions "Etherpad";
790 ldap = mkLdapOptions "Etherpad" {
791 group_filter = mkOption { type = str; description = "Filter for groups"; };
793 session_key = mkOption { type = str; description = "Session key"; };
794 api_key = mkOption { type = str; description = "API key"; };
795 redirects = mkOption { type = str; description = "Redirects for apache"; };
799 gitolite = mkOption {
800 description = "Gitolite configuration";
803 ldap = mkLdapOptions "Gitolite" {};
807 kanboard = mkOption {
808 description = "Kanboard configuration";
811 postgresql = mkPsqlOptions "Kanboard";
812 ldap = mkLdapOptions "Kanboard" {
813 admin_dn = mkOption { type = str; description = "Admin DN"; };
818 mantisbt = mkOption {
819 description = "Mantisbt configuration";
822 postgresql = mkPsqlOptions "Mantisbt";
823 ldap = mkLdapOptions "Mantisbt" {};
824 master_salt = mkOption { type = str; description = "Master salt for password hash"; };
828 mastodon = mkOption {
829 description = "Mastodon configuration";
832 postgresql = mkPsqlOptions "Mastodon";
833 redis = mkRedisOptions "Mastodon";
834 ldap = mkLdapOptions "Mastodon" {};
835 paperclip_secret = mkOption { type = str; description = "Paperclip secret"; };
836 otp_secret = mkOption { type = str; description = "OTP secret"; };
837 secret_key_base = mkOption { type = str; description = "Secret key base"; };
839 description = "vapid key";
842 private = mkOption { type = str; description = "Private key"; };
843 public = mkOption { type = str; description = "Public key"; };
850 mediagoblin = mkOption {
851 description = "Mediagoblin configuration";
854 postgresql = mkPsqlOptions "Mediagoblin";
855 redis = mkRedisOptions "Mediagoblin";
856 ldap = mkLdapOptions "Mediagoblin" {};
860 nextcloud = mkOption {
861 description = "Nextcloud configuration";
864 postgresql = mkPsqlOptions "Peertube";
865 redis = mkRedisOptions "Peertube";
866 password_salt = mkOption { type = str; description = "Password salt"; };
867 instance_id = mkOption { type = str; description = "Instance ID"; };
868 secret = mkOption { type = str; description = "App secret"; };
872 peertube = mkOption {
873 description = "Peertube configuration";
876 listenPort = mkOption { type = port; description = "Port to listen to"; };
877 postgresql = mkPsqlOptions "Peertube";
878 redis = mkRedisOptions "Peertube";
879 ldap = mkLdapOptions "Peertube" {};
883 phpldapadmin = mkOption {
884 description = "phpLdapAdmin configuration";
887 ldap = mkLdapOptions "phpldapadmin" {};
892 description = "Rompr configuration";
896 description = "MPD configuration";
899 host = mkOption { type = str; description = "Host for MPD"; };
900 port = mkOption { type = port; description = "Port to access MPD host"; };
907 roundcubemail = mkOption {
908 description = "Roundcubemail configuration";
911 postgresql = mkPsqlOptions "TT-RSS";
912 secret = mkOption { type = str; description = "Secret"; };
917 description = "Shaarli configuration";
920 ldap = mkLdapOptions "Shaarli" {};
925 description = "Taskwarrior configuration";
928 ldap = mkLdapOptions "Taskwarrior" {};
929 taskwarrior-web = mkOption {
930 description = "taskwarrior-web profiles";
931 type = attrsOf (submodule {
935 description = "List of ldap uids having access to this profile";
937 org = mkOption { type = str; description = "Taskd organisation"; };
938 key = mkOption { type = str; description = "Taskd key"; };
939 date = mkOption { type = str; description = "Preferred date format"; };
947 description = "TT-RSS configuration";
950 postgresql = mkPsqlOptions "TT-RSS";
951 ldap = mkLdapOptions "TT-RSS" {};
955 wallabag = mkOption {
956 description = "Wallabag configuration";
959 postgresql = mkPsqlOptions "Wallabag";
960 ldap = mkLdapOptions "Wallabag" {
961 admin_filter = mkOption { type = str; description = "Admin users filter"; };
963 redis = mkRedisOptions "Wallabag";
964 secret = mkOption { type = str; description = "App secret"; };
969 description = "Ympd configuration";
972 listenPort = mkOption { type = port; description = "Port to listen to"; };
974 description = "MPD configuration";
977 password = mkOption { type = str; description = "Password to access MPD host"; };
978 host = mkOption { type = str; description = "Host for MPD"; };
979 port = mkOption { type = port; description = "Port to access MPD host"; };
987 description = "Yourls configuration";
990 mysql = mkMysqlOptions "Yourls" {};
991 ldap = mkLdapOptions "Yourls" {};
992 cookieKey = mkOption { type = str; description = "Cookie key"; };
999 websites = mkOption {
1000 description = "Websites configurations";
1003 isabelle = mkOption {
1004 description = "Isabelle configurations by environment";
1007 atenSubmodule = mkOption {
1008 description = "environment configuration";
1011 environment = mkOption { type = str; description = "Symfony environment"; };
1012 secret = mkOption { type = str; description = "Symfony App secret"; };
1013 postgresql = mkPsqlOptions "Aten";
1020 aten_production = atenSubmodule;
1021 aten_integration = atenSubmodule;
1022 iridologie = mkOption {
1023 description = "environment configuration";
1026 environment = mkOption { type = str; description = "SPIP environment"; };
1027 mysql = mkMysqlOptions "Iridologie" {};
1028 ldap = mkLdapOptions "Iridologie" {};
1036 description = "Chloe configurations by environment";
1039 chloeSubmodule = mkOption {
1040 description = "environment configuration";
1043 environment = mkOption { type = str; description = "SPIP environment"; };
1044 mysql = mkMysqlOptions "Chloe" {};
1045 ldap = mkLdapOptions "Chloe" {};
1052 production = chloeSubmodule;
1053 integration = chloeSubmodule;
1057 connexionswing = mkOption {
1058 description = "Connexionswing configurations by environment";
1061 csSubmodule = mkOption {
1062 description = "environment configuration";
1065 environment = mkOption { type = str; description = "Symfony environment"; };
1066 mysql = mkMysqlOptions "Connexionswing" {};
1067 secret = mkOption { type = str; description = "Symfony App secret"; };
1068 email = mkOption { type = str; description = "Symfony email notification"; };
1075 production = csSubmodule;
1076 integration = csSubmodule;
1081 description = "Naturaloutil configuration";
1084 mysql = mkMysqlOptions "Naturaloutil" {};
1085 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1089 telioTortay = mkOption {
1090 description = "Telio Tortay configuration";
1093 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1097 ludivinecassal = mkOption {
1098 description = "Ludivinecassal configurations by environment";
1101 lcSubmodule = mkOption {
1102 description = "environment configuration";
1105 environment = mkOption { type = str; description = "Symfony environment"; };
1106 mysql = mkMysqlOptions "LudivineCassal" {};
1107 ldap = mkLdapOptions "LudivineCassal" {};
1108 secret = mkOption { type = str; description = "Symfony App secret"; };
1115 production = lcSubmodule;
1116 integration = lcSubmodule;
1121 description = "Emilia configuration";
1124 postgresql = mkPsqlOptions "Emilia";
1128 florian = mkOption {
1129 description = "Florian configuration";
1132 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1136 nassime = mkOption {
1137 description = "Nassime configuration";
1140 server_admin = mkOption { type = str; description = "Server admin e-mail"; };
1144 piedsjaloux = mkOption {
1145 description = "Piedsjaloux configurations by environment";
1148 pjSubmodule = mkOption {
1149 description = "environment configuration";
1152 environment = mkOption { type = str; description = "Symfony environment"; };
1153 mysql = mkMysqlOptions "Piedsjaloux" {};
1154 secret = mkOption { type = str; description = "Symfony App secret"; };
1161 production = pjSubmodule;
1162 integration = pjSubmodule;
1167 description = "Europe Richie configurations by environment";
1170 mysql = mkMysqlOptions "Richie" {};
1171 smtp_mailer = mkOption {
1172 description = "SMTP mailer configuration";
1175 user = mkOption { type = str; description = "Username"; };
1176 password = mkOption { type = str; description = "Password"; };
1183 tellesflorian = mkOption {
1184 description = "Tellesflorian configurations by environment";
1187 tfSubmodule = mkOption {
1188 description = "environment configuration";
1191 environment = mkOption { type = str; description = "Symfony environment"; };
1192 mysql = mkMysqlOptions "Tellesflorian" {};
1193 secret = mkOption { type = str; description = "Symfony App secret"; };
1194 invite_passwords = mkOption { type = str; description = "Password basic auth"; };
1201 integration = tfSubmodule;
1209 privateFiles = mkOption {
1212 Path to secret files to make available during build
1216 options.hostEnv = mkOption {
1219 default = config.myEnv.servers."${name}";
1220 description = "Host environment";