Introduction
Turbo is a collection of NixOS modules that provide various utils for cloud infrastructure deployment using Nix libraries found in Nixpkgs, similar to home-manager.
Right now turbo is under heavy construction and may involve various breaking change. Proceed with cautious.
Links
This is the API for each of the options available in the module
Network Options
turbo.networking.argo-tunnel.enable
Enable Argo Tunnel Endpoint
Type: boolean
Default
false
turbo.networking.argo-tunnel.tunnels
Tunnels to create
to generate token: cloudflared tunnel create my-secret-app
Type: attribute set of submodule
Default
{}
Example
"my-secret-app = {\n credentialsFile = \"/persist/secrets/cf-vnc-tunnel.json\";\n tunnelId = \"abcdefgh-abcd-abcd-abcd-abcdabcdabcd\";\n ingress = [\n {\n service = \"http://[::1]\";\n }\n ];\n};\n"
turbo.networking.argo-tunnel.tunnels.<name>.credentialsFile
Credential JSON file for tunnel
Type: path
Default
null
turbo.networking.argo-tunnel.tunnels.<name>.ingress
Ingress to create
Type: list of submodule
Default
[]
turbo.networking.argo-tunnel.tunnels.<name>.ingress.*.hostname
match rules for host
Type: null or string
Default
null
Example
"gitlab.widgetcorp.tech\n"
turbo.networking.argo-tunnel.tunnels.<name>.ingress.*.service
target URL https://developers.cloudflare.com/cloudflare-one/applications/non-http
Type: string
Example
"http://localhost:80\n"
turbo.networking.argo-tunnel.tunnels.<name>.tunnelId
Tunnel UUID
Type: string
Default
null
turbo.networking.firewall.enable
Enable the ferm firewall
Type: boolean
Default
false
turbo.networking.firewall.extraConfigs
Extra configs to be added
Type: list of string
Default
[]
turbo.networking.firewall.filterInputRules
Common INPUT rules for both v4 and v6
Type: list of submodule
Default
[]
turbo.networking.firewall.filterInputRules.*.action
Action
Type: string
Default
"ACCEPT"
turbo.networking.firewall.filterInputRules.*.args
Extra arguments following the action
Type: null or string
Default
null
turbo.networking.firewall.filterInputRules.*.daddr
Destination address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.filterInputRules.*.description
Description
Type: null or string
Default
null
turbo.networking.firewall.filterInputRules.*.dport
Destination port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.filterInputRules.*.extraFilters
Extra filters
Type: string
Default
""
turbo.networking.firewall.filterInputRules.*.interface
Incoming interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.filterInputRules.*.mark
Match mark
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.filterInputRules.*.module
Load module
Type: null or string
Default
null
turbo.networking.firewall.filterInputRules.*.outerface
Outgoing interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.filterInputRules.*.proto
Protocol
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.filterInputRules.*.saddr
Source address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.filterInputRules.*.sport
Source port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip
ip
Type: submodule
Default
{}
turbo.networking.firewall.ip.filter
filter table
Type: submodule
Default
{}
turbo.networking.firewall.ip.filter.appends
Extra configs to be appended
Type: list of string
Default
[]
turbo.networking.firewall.ip.filter.chains
Chains
Type: attribute set of submodule
Default
{}
turbo.networking.firewall.ip.filter.chains.<name>.appends
Rules to append
Type: list of string
Default
[]
turbo.networking.firewall.ip.filter.chains.<name>.policy
Policy
Type: null or string
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.prepends
Rules to prepend
Type: list of string
Default
[]
turbo.networking.firewall.ip.filter.chains.<name>.rules
Rules
Type: list of submodule
Default
[]
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.action
Action
Type: string
Default
"ACCEPT"
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.args
Extra arguments following the action
Type: null or string
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.daddr
Destination address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.description
Description
Type: null or string
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.dport
Destination port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.extraFilters
Extra filters
Type: string
Default
""
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.interface
Incoming interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.mark
Match mark
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.module
Load module
Type: null or string
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.outerface
Outgoing interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.proto
Protocol
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.saddr
Source address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.filter.chains.<name>.rules.*.sport
Source port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.filter.prepends
Extra configs to be prepended
Type: list of string
Default
[]
turbo.networking.firewall.ip.mangle
mangle table
Type: submodule
Default
{}
turbo.networking.firewall.ip.mangle.appends
Extra configs to be appended
Type: list of string
Default
[]
turbo.networking.firewall.ip.mangle.chains
Chains
Type: attribute set of submodule
Default
{}
turbo.networking.firewall.ip.mangle.chains.<name>.appends
Rules to append
Type: list of string
Default
[]
turbo.networking.firewall.ip.mangle.chains.<name>.policy
Policy
Type: null or string
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.prepends
Rules to prepend
Type: list of string
Default
[]
turbo.networking.firewall.ip.mangle.chains.<name>.rules
Rules
Type: list of submodule
Default
[]
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.action
Action
Type: string
Default
"ACCEPT"
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.args
Extra arguments following the action
Type: null or string
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.daddr
Destination address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.description
Description
Type: null or string
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.dport
Destination port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.extraFilters
Extra filters
Type: string
Default
""
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.interface
Incoming interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.mark
Match mark
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.module
Load module
Type: null or string
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.outerface
Outgoing interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.proto
Protocol
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.saddr
Source address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.mangle.chains.<name>.rules.*.sport
Source port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.mangle.prepends
Extra configs to be prepended
Type: list of string
Default
[]
turbo.networking.firewall.ip.nat
nat table
Type: submodule
Default
{}
turbo.networking.firewall.ip.nat.appends
Extra configs to be appended
Type: list of string
Default
[]
turbo.networking.firewall.ip.nat.chains
Chains
Type: attribute set of submodule
Default
{}
turbo.networking.firewall.ip.nat.chains.<name>.appends
Rules to append
Type: list of string
Default
[]
turbo.networking.firewall.ip.nat.chains.<name>.policy
Policy
Type: null or string
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.prepends
Rules to prepend
Type: list of string
Default
[]
turbo.networking.firewall.ip.nat.chains.<name>.rules
Rules
Type: list of submodule
Default
[]
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.action
Action
Type: string
Default
"ACCEPT"
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.args
Extra arguments following the action
Type: null or string
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.daddr
Destination address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.description
Description
Type: null or string
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.dport
Destination port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.extraFilters
Extra filters
Type: string
Default
""
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.interface
Incoming interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.mark
Match mark
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.module
Load module
Type: null or string
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.outerface
Outgoing interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.proto
Protocol
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.saddr
Source address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.nat.chains.<name>.rules.*.sport
Source port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip.nat.prepends
Extra configs to be prepended
Type: list of string
Default
[]
turbo.networking.firewall.ip6
ip6
Type: submodule
Default
{}
turbo.networking.firewall.ip6.filter
filter table
Type: submodule
Default
{}
turbo.networking.firewall.ip6.filter.appends
Extra configs to be appended
Type: list of string
Default
[]
turbo.networking.firewall.ip6.filter.chains
Chains
Type: attribute set of submodule
Default
{}
turbo.networking.firewall.ip6.filter.chains.<name>.appends
Rules to append
Type: list of string
Default
[]
turbo.networking.firewall.ip6.filter.chains.<name>.policy
Policy
Type: null or string
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.prepends
Rules to prepend
Type: list of string
Default
[]
turbo.networking.firewall.ip6.filter.chains.<name>.rules
Rules
Type: list of submodule
Default
[]
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.action
Action
Type: string
Default
"ACCEPT"
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.args
Extra arguments following the action
Type: null or string
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.daddr
Destination address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.description
Description
Type: null or string
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.dport
Destination port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.extraFilters
Extra filters
Type: string
Default
""
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.interface
Incoming interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.mark
Match mark
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.module
Load module
Type: null or string
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.outerface
Outgoing interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.proto
Protocol
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.saddr
Source address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.filter.chains.<name>.rules.*.sport
Source port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.filter.prepends
Extra configs to be prepended
Type: list of string
Default
[]
turbo.networking.firewall.ip6.mangle
mangle table
Type: submodule
Default
{}
turbo.networking.firewall.ip6.mangle.appends
Extra configs to be appended
Type: list of string
Default
[]
turbo.networking.firewall.ip6.mangle.chains
Chains
Type: attribute set of submodule
Default
{}
turbo.networking.firewall.ip6.mangle.chains.<name>.appends
Rules to append
Type: list of string
Default
[]
turbo.networking.firewall.ip6.mangle.chains.<name>.policy
Policy
Type: null or string
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.prepends
Rules to prepend
Type: list of string
Default
[]
turbo.networking.firewall.ip6.mangle.chains.<name>.rules
Rules
Type: list of submodule
Default
[]
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.action
Action
Type: string
Default
"ACCEPT"
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.args
Extra arguments following the action
Type: null or string
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.daddr
Destination address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.description
Description
Type: null or string
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.dport
Destination port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.extraFilters
Extra filters
Type: string
Default
""
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.interface
Incoming interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.mark
Match mark
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.module
Load module
Type: null or string
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.outerface
Outgoing interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.proto
Protocol
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.saddr
Source address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.mangle.chains.<name>.rules.*.sport
Source port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.mangle.prepends
Extra configs to be prepended
Type: list of string
Default
[]
turbo.networking.firewall.ip6.nat
nat table
Type: submodule
Default
{}
turbo.networking.firewall.ip6.nat.appends
Extra configs to be appended
Type: list of string
Default
[]
turbo.networking.firewall.ip6.nat.chains
Chains
Type: attribute set of submodule
Default
{}
turbo.networking.firewall.ip6.nat.chains.<name>.appends
Rules to append
Type: list of string
Default
[]
turbo.networking.firewall.ip6.nat.chains.<name>.policy
Policy
Type: null or string
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.prepends
Rules to prepend
Type: list of string
Default
[]
turbo.networking.firewall.ip6.nat.chains.<name>.rules
Rules
Type: list of submodule
Default
[]
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.action
Action
Type: string
Default
"ACCEPT"
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.args
Extra arguments following the action
Type: null or string
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.daddr
Destination address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.description
Description
Type: null or string
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.dport
Destination port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.extraFilters
Extra filters
Type: string
Default
""
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.interface
Incoming interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.mark
Match mark
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.module
Load module
Type: null or string
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.outerface
Outgoing interface
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.proto
Protocol
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.saddr
Source address
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.nat.chains.<name>.rules.*.sport
Source port
Type: null or string or unsigned integer, meaning >=0 or list of string or unsigned integer, meaning >=0
Default
null
turbo.networking.firewall.ip6.nat.prepends
Extra configs to be prepended
Type: list of string
Default
[]
turbo.networking.firewall.macros
Macros
If you define a macro named abc, then @abc@ in all rules will be replaced with its content.
Type: attribute set of string
Default
{}
turbo.networking.firewall.portForward
A list of port-forward rules to render
Type: list of submodule
Default
[]
turbo.networking.firewall.portForward.*.dstIp
Forward to which host
Type: string
Example
"192.168.1.100"
turbo.networking.firewall.portForward.*.dstPort
Outbound dst port
Type: unsigned integer, meaning >=0
Example
22
turbo.networking.firewall.portForward.*.interface
Inbound interface
Type: string
Default
""
Example
"eth0"
turbo.networking.firewall.portForward.*.protocol
What protocol to forward
Type: null or one of "tcp", "udp"
Default
null
turbo.networking.firewall.portForward.*.srcPort
Inbound dst port
Type: unsigned integer, meaning >=0
Example
22
turbo.networking.isp-split-tunnel.enable
Whether to enable ISP split-tunneling setup.
Type: boolean
Default
false
Example
true
turbo.networking.isp-split-tunnel.interface
Name of the provider interface
Type: string
turbo.networking.isp-split-tunnel.v4
Provider IPv4 address
Type: null or string
Default
null
turbo.networking.isp-split-tunnel.v6
Provider IPv6 address
Type: null or string
Default
null
turbo.networking.ngtun.defaultGroupConfig.fullMesh
Whether to enable full mesh for all nodes in the group
Type: boolean
Default
false
turbo.networking.ngtun.defaultGroupConfig.hubs
Nodes to which all nodes in the group should have a tunnel
Useful for regional hub-and-spokes networks.
Type: list of string
Default
[]
turbo.networking.ngtun.enable
Participate in the mesh
The group configurations must be identical on
all nodes, as the tunnels are created "from their
perspective."
Type: boolean
Default
true
turbo.networking.ngtun.generatedTunnels.<name>.cost
Cost
Type: unsigned integer, meaning >=0
turbo.networking.ngtun.generatedTunnels.<name>.endpoint
Endpoint
Type: null or string
turbo.networking.ngtun.generatedTunnels.<name>.linkLocalId
Link local identifier
Type: unsigned integer, meaning >=0
turbo.networking.ngtun.generatedTunnels.<name>.listenPort
Port to listen on
Type: unsigned integer, meaning >=0
turbo.networking.ngtun.generatedTunnels.<name>.peer
Name of the node
Type: string
turbo.networking.ngtun.generatedTunnels.<name>.persistentKeepalive
Whether to enable persistent keep-alive
Type: boolean
Default
false
turbo.networking.ngtun.generatedTunnels.<name>.publicKey
Peer public key
Type: string
turbo.networking.ngtun.global
Global options
Type: submodule
Default
{}
turbo.networking.ngtun.global.defaultCost
Default cost
Type: unsigned integer, meaning >=0
Default
20
turbo.networking.ngtun.global.fwMark
Firewall mark
Type: unsigned integer, meaning >=0
turbo.networking.ngtun.global.portBase
Port base
For each tunnel, the listening port is computed as: Port Base + 100 * Self ID + Peer ID
Type: unsigned integer, meaning >=0
turbo.networking.ngtun.groups
Groups
Must be identical across all nodes. Specify this in the common configurations.
Type: attribute set of submodule
Default
{}
turbo.networking.ngtun.groups.<name>.fullMesh
Whether to enable full mesh for all nodes in the group
Type: boolean
Default
false
turbo.networking.ngtun.groups.<name>.hubs
Nodes to which all nodes in the group should have a tunnel
Useful for regional hub-and-spokes networks.
Type: list of string
Default
[]
turbo.networking.ngtun.node
Node options
Type: submodule
Default
{}
turbo.networking.ngtun.node.costs
Known costs to specified peers
The cost of a tunnel will be the highest of the specified costs between the two nodes, and defaults to global.defaultCost if neither has specified a cost.
Type: attribute set of unsigned integer, meaning >=0
Default
{}
Example
{"node-b":100,"node-c":1,"node-d":999}
turbo.networking.ngtun.node.endpoint
Static endpoint
It's possible for a node to have no static endpoints at all.
Type: submodule
Default
{}
turbo.networking.ngtun.node.endpoint.ipv4
The IPv4 endpoint (host only)
Type: null or string
Default
null
turbo.networking.ngtun.node.endpoint.ipv6
The IPv6 endpoint (host only)
Type: null or string
Default
null
turbo.networking.ngtun.node.extraPeers
List of additional peers to create tunnels to
Type: list of string
Default
[]
turbo.networking.ngtun.node.groups
Groups this node belongs to
Type: list of string
Default
[]
turbo.networking.ngtun.node.id
Unique numerical ID for the node
This ID must be unique among all nodes, or at least among the nodes it will have a tunnel to.
Type: null or unsigned integer, meaning >=0
Default
null
turbo.networking.ngtun.node.persistentKeepalive
Whether to enable persistent keep-alive for all tunnels on this node.
For "auto", persistent keep-alive will be enabled:
- If the tunnel will be established over an address family for which we don't have a static endpoint
Type: one of "auto", "yes", "no"
Default
"auto"
turbo.networking.ngtun.node.privateKey
WireGuard private key for the node
Type: null or string
Default
null
turbo.networking.ngtun.node.supportedFamilies
List of address families supported by the node.
Defaults to the families for which an endpoint is configured.
Type: list of one of "ipv4", "ipv6"
Default
[]
turbo.networking.rename-interfaces.enable
Rename network interfaces based on MAC address
Type: boolean
Default
false
turbo.networking.rename-interfaces.interfaces
Interfaces
Type: attribute set of string
turbo.networking.rename-interfaces.method
Method to rename the interfaces
Type: one of "udev", "networkd"
Default
"networkd"
turbo.networking.routing.addresses
Addresses of the router.
Type: submodule
Default
{"dn4":null,"dn6":null,"v4":null,"v6":null}
turbo.networking.routing.addresses.dn4
DN42 IPv4 Address
Type: null or string
Default
null
turbo.networking.routing.addresses.dn6
DN42 IPv6 Address
Type: null or string
Default
null
turbo.networking.routing.addresses.v4
IPv4 Address
Type: null or string
Default
null
turbo.networking.routing.addresses.v6
IPv6 Address
Type: null or string
Default
null
turbo.networking.routing.asns
ASNs of the router.
Type: submodule
turbo.networking.routing.asns.dfz
Internet ASN
Type: unsigned integer, meaning >=0
turbo.networking.routing.asns.dn42
DN42 ASN
Type: unsigned integer, meaning >=0
turbo.networking.routing.bird2.baseConfig
Base config package
${baseConfig}/bird.conf will be included in the final configurations.
Type: package
turbo.networking.routing.bird2.bgpSessions
BGP protocol instances
Type: attribute set of submodule
Default
{}
turbo.networking.routing.bird2.bgpSessions.<name>.addPaths
Whether to enable the add-path/multipath extension
Type: boolean or one of "off", "on", "rx", "tx"
Default
false
Example
"rx"
turbo.networking.routing.bird2.bgpSessions.<name>.description
Description
Type: null or string
Default
null
turbo.networking.routing.bird2.bgpSessions.<name>.exportFilter
Replace or add to the default export filter
Take care when using it for iBGP.
Type: string or submodule
Default
{"append":"","prepend":""}
turbo.networking.routing.bird2.bgpSessions.<name>.extraChannelConfigs
Extra configurations for channel
Type: attribute set of string
Default
{}
turbo.networking.routing.bird2.bgpSessions.<name>.extraConfigs
Extra configurations
Type: string
Default
""
turbo.networking.routing.bird2.bgpSessions.<name>.extraParams
Extra params to be used (Ignored by IBGP)
Type: list of list of string
Default
[]
Example
"[ [\"MISC\" \"MISC_DONT_REWRITE_NEXTHOP\"] ]"
turbo.networking.routing.bird2.bgpSessions.<name>.iBgp
This session is an iBGP session.
If true, most other options will be ignored.
Type: boolean
Default
false
turbo.networking.routing.bird2.bgpSessions.<name>.ibgpExportExternal
Export external routes to iBGP peer
If disabled, we only export our own and downstreams' routes.
Ignored for eBGP.
Type: boolean
Default
true
turbo.networking.routing.bird2.bgpSessions.<name>.importFilter
Replace or add to the default import filter
Take care when using it for iBGP.
Type: string or submodule
Default
{"append":"","prepend":""}
turbo.networking.routing.bird2.bgpSessions.<name>.localAS
Local ASN
Ignored for iBGP (will always use IBGP_ASN).
Type: unsigned integer, meaning >=0
turbo.networking.routing.bird2.bgpSessions.<name>.localPref
Default local-pref value to apply
Ignored for iBGP. null means use default.
Type: null or unsigned integer, meaning >=0
Default
null
turbo.networking.routing.bird2.bgpSessions.<name>.multihop
Whether to use multihop or not
Ignored for iBGP.
Type: boolean or unsigned integer, meaning >=0
Default
false
Example
2
turbo.networking.routing.bird2.bgpSessions.<name>.neighbor
Peer endpoint
Type: string
turbo.networking.routing.bird2.bgpSessions.<name>.network
Network
Ignored for iBGP.
Type: one of "dfz", "dn42"
Default
"dfz"
turbo.networking.routing.bird2.bgpSessions.<name>.nextHopKeep
Channels to activate next hop keep for
Ignored for iBGP.
Type: list of one of "ipv4", "ipv6"
Default
[]
turbo.networking.routing.bird2.bgpSessions.<name>.password
MD5 password to use
Type: null or string
Default
null
turbo.networking.routing.bird2.bgpSessions.<name>.peerAS
Peer ASN
Ignored for iBGP (will always use IBGP_ASN).
Type: unsigned integer, meaning >=0
turbo.networking.routing.bird2.bgpSessions.<name>.prefixes
List of prefixes to accept. If empty, don't enable prefix list ACL.
Type: list of string
Default
[]
Example
["1.2.3.0/24"]
turbo.networking.routing.bird2.bgpSessions.<name>.protocols
Protocols to enable
Ignored for iBGP. Both IPv4 and IPv6 are always enabled.
Type: list of one of "ipv4", "ipv6"
Default
["ipv4","ipv6"]
turbo.networking.routing.bird2.bgpSessions.<name>.realPeerAS
Real peer ASN for purpose of filtering
Ignored for iBGP.
Type: null or unsigned integer, meaning >=0
Default
null
turbo.networking.routing.bird2.bgpSessions.<name>.relationship
Relationship
Ignored for iBGP.
Type: one of "upstream", "downstream", "peer", "ixp", "collector", "bilateral"
Default
"peer"
turbo.networking.routing.bird2.bgpSessions.<name>.rr
We are a route reflector
Also consider turning on addPaths. RR should at least do tx, and clients should rx.
Ignored for eBGP.
Type: boolean
Default
false
turbo.networking.routing.bird2.bgpSessions.<name>.sourceAddress
Source address to connect with
Ignored for iBGP.
Type: null or string
Default
null
turbo.networking.routing.bird2.birdPackage
The BIRD 2 package to use
Type: package
Default
{"_type":"derivation","name":"bird-2.0.10"}
turbo.networking.routing.bird2.communityAsn
The ASN used for public control communities
Type: unsigned integer, meaning >=0
Example
12345
turbo.networking.routing.bird2.enable
Run bird2 on this machine
Type: boolean
Default
false
turbo.networking.routing.bird2.extraConfigs
Extra configurations
Type: strings concatenated with "\n"
Default
""
turbo.networking.routing.bird2.iBgpAsn
The ASN used for iBGP sessions
Type: unsigned integer, meaning >=0
Example
12345
turbo.networking.routing.bird2.ibgp
Set up iBGP sessions
Type: boolean
Default
true
turbo.networking.routing.bird2.numericId
The numeric ID for community tagging
Type: unsigned integer, meaning >=0
Default
0
Example
"1.2.3.4"
turbo.networking.routing.bird2.ospfProtocols
OSPF protocol instances
Type: attribute set of submodule
Default
{}
turbo.networking.routing.bird2.ospfProtocols.<name>.areas
Areas
Type: attribute set of submodule
Default
{"backbone":{"id":0}}
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.extraConfigs
Extra area configurations
Type: string
Default
""
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.id
Area ID
Can be an integer or an IPv4 address, like routerId.
Type: string or unsigned integer, meaning >=0
Example
"0.0.0.0"
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.interfaces
Interfaces
Type: attribute set of submodule
Default
{}
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.interfaces.<name>.authentication
OSPF authentication type
For null, the field will be entirely omitted
if password is also null. Otherwise,
"authentication cryptographic;" will be
emitted. Leave both this field and password
null if you wish to configure authentication
in extraConfigs.
Type: null or one of "auto", "none", "cryptographic"
Default
null
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.interfaces.<name>.cost
Cost
Type: null or unsigned integer, meaning >=0
Default
null
Example
10
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.interfaces.<name>.extraConfigs
Extra area configurations
Type: string
Default
""
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.interfaces.<name>.instance
Instance ID
Type: null or unsigned integer, meaning >=0
Default
null
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.interfaces.<name>.interfaces
Interface pattern(s)
Leave empty to use the name of this section as the interface name.
Type: null or list of string
Default
null
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.interfaces.<name>.password
OSPF password
If you want to specify other options like
the algorithm, leave this field and authentication
null and use extraConfigs :)
Type: null or string
Default
null
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.interfaces.<name>.stub
Stub interface
Type: boolean
Default
false
turbo.networking.routing.bird2.ospfProtocols.<name>.areas.<name>.stub
Stub area
Type: one of "no", "stub", "nssa"
Default
"no"
turbo.networking.routing.bird2.ospfProtocols.<name>.description
Description
Type: null or string
Default
null
turbo.networking.routing.bird2.ospfProtocols.<name>.extraChannelConfigs
Extra channel configurations
Type: string
Default
""
turbo.networking.routing.bird2.ospfProtocols.<name>.extraConfigs
Extra configurations
Type: strings concatenated with "\n"
Default
""
turbo.networking.routing.bird2.ospfProtocols.<name>.protocol
Protocol
Type: one of "ipv4", "ipv6"
turbo.networking.routing.bird2.ospfProtocols.<name>.version
Version
Type:
one of
Default
null
turbo.networking.routing.bird2.ownPrefixes4
IPv4 prefixes that we own
We expect not to receive those prefixes over eBGP.
Type: list of string
Default
["0.0.0.0/32"]
Example
["1.2.3.0/24"]
turbo.networking.routing.bird2.ownPrefixes6
IPv6 prefixes that we own
We expect not to receive those prefixes over eBGP.
Type: list of string
Default
["::/128"]
Example
["fd42:1234:5678::/48"]
turbo.networking.routing.bird2.routerId
The router ID
Type: string
Example
"1.2.3.4"
turbo.networking.routing.bird2.staticProtocols
Static protocol instances
Type: attribute set of submodule
Default
{}
turbo.networking.routing.bird2.staticProtocols.<name>.description
Description
Type: null or string
Default
null
turbo.networking.routing.bird2.staticProtocols.<name>.extraChannelConfigs
Extra channel configurations
Type: strings concatenated with "\n"
Default
""
turbo.networking.routing.bird2.staticProtocols.<name>.importFilter
Replace or add to the default import filter
Type: string or submodule
Default
{"append":"","prepend":""}
turbo.networking.routing.bird2.staticProtocols.<name>.protocol
Protocol
Type: one of "ipv4", "ipv6"
turbo.networking.routing.bird2.staticProtocols.<name>.routes
Routes
Type: list of string
turbo.networking.routing.bird2.staticProtocols.<name>.table
Table
Type: null or string
Default
null
turbo.networking.routing.core
Whether this router is a core router.
Type: boolean
Default
false
turbo.networking.routing.enable
Whether to use this machine as a router.
Type: boolean
Default
false
turbo.networking.routing.jool.enable
Run Jool, a NAT64 gateway, on this machine
Type: boolean
Default
false
turbo.networking.routing.jool.instances
A set of NAT64 instances to run
Configure SIIT instances in siitInstances.
Type: attribute set of submodule
Default
{}
turbo.networking.routing.jool.instances.<name>.config
The JSON configuration file
See https://jool.mx/en/config-atomic.html for examples.
Type: string
turbo.networking.routing.name
Name of the router.
Type: null or string
Default
null
turbo.networking.routing.ngtun
Enable ngtun configurations.
Type: boolean
Default
true
turbo.networking.routing.region
Physical region of the router.
Type: null or one of "eu", "na_e", "na_c", "na_w", "ap_e", "ap_o"
Default
null
turbo.networking.routing.rtr.enable
Run RPKI RTR daemon
Type: boolean
Default
false
turbo.networking.routing.rtr.port
Port to listen on
Type: unsigned integer, meaning >=0
Default
8282
turbo.networking.routing.rtr.publicKey
Path to RPKI cache signing key
Type: path
Default
"/nix/store/d5s2mvxp9jb1sclqjsrm78f2d9lk0in4-cf.pub"
turbo.networking.routing.stub
Whether this router is a stub router.
Type: boolean
Default
false
turbo.networking.wireguard.backend
Backend to use
Defaults to userspace (boringtun) for containers, and kernel (systemd-networkd) otherwise.
Type: one of "kernel", "userspace"
Default
{"_type":"literalExpression","text":"if config.boot.isContainer then \"userspace\" else \"kernel\""}
turbo.networking.wireguard.tunnels
Tunnels
Type: attribute set of submodule
Default
{}
turbo.networking.wireguard.tunnels.<name>.fwMark
Firewall mark
Type: unsigned integer, meaning >=0
turbo.networking.wireguard.tunnels.<name>.listenPort
Port to listen on
Type: unsigned integer, meaning >=0
turbo.networking.wireguard.tunnels.<name>.peers
Peers
Type: list of submodule
turbo.networking.wireguard.tunnels.<name>.peers.*.allowedIPs
Allowed IPs
Type: list of string
Default
[]
turbo.networking.wireguard.tunnels.<name>.peers.*.endpoint
Endpoint
Type: null or string
Default
null
turbo.networking.wireguard.tunnels.<name>.peers.*.persistentKeepalive
Value of PersistentKeepalive
0 means persistent keep-alive is disabled.
Type: unsigned integer, meaning >=0
Default
0
turbo.networking.wireguard.tunnels.<name>.peers.*.publicKey
Peer public key
Type: string
turbo.networking.wireguard.tunnels.<name>.privateKey
Our private key
Type: string
Storage Options
turbo.storage.zfs.autoScrub
whether to enable ZFS auto scrub for given storage. This is suggested to keep data integraty
Type: boolean
Default
{"_type":"literalExpression","text":"any (d: d.fsType == \"zfs\") (attrValues config.fileSystems);"}
turbo.storage.zfs.block
This section is used to manage Client's block storage on Hosting machine. Block stated here will be mounted with recommended block storage strategy and policy applied.
Type: attribute set of submodule
Default
{}
Example
"\"user1-dataset1\" = {\n source = \"tank/user/dataset-1\";\n};\n"
turbo.storage.zfs.block.<name>.destination
Mount point destination
Type: string
Default
{"_type":"literalExpression","text":"/${config.source}"}
turbo.storage.zfs.block.<name>.extraOptions
Extra options to pass to FileSystems.options
Type: list of string
Default
[]
turbo.storage.zfs.block.<name>.security
By default, we do not allow guest file exec on host machine
Type: boolean
Default
true
turbo.storage.zfs.block.<name>.source
Data set name
Type: string
Virtualization Options
turbo.virtualization.libvirt.domains
Set of Domains(Machines) defined on Host
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.cpu
CPU Model
Type: submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.cpu.cpuMode
which mode to passthru CPU model, these are some presets
Type: one of "host-passthrough", "host-model", "qemu64"
Default
"qemu64"
turbo.virtualization.libvirt.domains.<name>.cpu.customConfig
XML settings for
Type: null or string
Default
null
turbo.virtualization.libvirt.domains.<name>.cputune
CPU Tune
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.cputune.period
Enforcement period (us)
Within each period the vCPU cannot consume more
than quota worth of runtime.
This is applied per vCPU.
Type: null or unsigned integer, meaning >=0
Default
null
turbo.virtualization.libvirt.domains.<name>.cputune.quota
vCPU quota (us)
Within each period the vCPU cannot consume more
than quota worth of runtime.
A negative value means no limits will be applied.
This is applied per vCPU.
Type: null or 32 bit signed integer; between -2147483648 and 2147483647 (both inclusive)
Default
null
turbo.virtualization.libvirt.domains.<name>.cputune.shares
CPU shares
Relative CPU weight of the machine.
Use period and quota to enforce hard limits
to CPU usage.
Type: null or unsigned integer, meaning >=0
Default
null
turbo.virtualization.libvirt.domains.<name>.devices
device type
Type: submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.console
console
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.console.<name>.source
sub source resource
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.console.<name>.source.path
Device Path
Type: null or path
Default
null
Example
"/dev/pts/4"
turbo.virtualization.libvirt.domains.<name>.devices.console.<name>.target
N/A
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.console.<name>.target.port
N/A
Type: null or string
Default
null
Example
"0"
turbo.virtualization.libvirt.domains.<name>.devices.console.<name>.target.type
serial (described below); virtio (usable whenever VirtIO support is available); xen, lxc and openvz (available when the corresponding hypervisor is in use). sclp and sclplm (usable for s390 and s390x QEMU guests) are supported for compatibility reasons but should not be used for new guests: use the sclpconsole and sclplmconsole target models, respectively, with the serial element instead.
Type: null or one of "serial", "virtio", "xen", "lxc", "openvz", "sclp", "sclplm"
Default
"serial"
turbo.virtualization.libvirt.domains.<name>.devices.console.<name>.type
input type
Type: null or value "pty" (singular enum)
Default
"pty"
turbo.virtualization.libvirt.domains.<name>.devices.disk
disk
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.device
device type
Type: one of "floppy", "disk", "cdrom", "lun"
Default
"disk"
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.driver
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.driver.name
If the hypervisor supports multiple backend drivers, then the name attribute selects the primary backend driver name, while the optional type attribute provides the sub-type. For example, xen supports a name of "tap", "tap2", "phy", or "file", with a type of "aio", while qemu only supports a name of "qemu", but multiple types including "raw", "bochs", "qcow2", and "qed".
Type: string
Default
"qemu"
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.driver.type
see name
Type: null or string
Default
null
Example
"qcow2"
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.readonly
If present, this indicates the device cannot be modified by the guest. For now, this is the default for disks with attribute device='cdrom'.
Type: null or boolean
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.source
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.source.file
File Path
Type: null or path
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.target
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.target.bus
If omitted, the bus type is inferred from the style of the device name (e.g. a device named 'sda' will typically be exported using a SCSI bus).
Type: null or one of "ide", "scsi", "virtio", "xen", "usb", "sata", "sd"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.target.dev
The dev attribute indicates the "logical" device name. The actual device name specified is not guaranteed to map to the device name in the guest OS. Treat it as a device ordering hint.
Type: null or string
Default
"vda"
turbo.virtualization.libvirt.domains.<name>.devices.disk.<name>.type
type
Type: one of "file", "block", "dir", "network", "volume", "nvme", "vhostuser"
Default
"file"
turbo.virtualization.libvirt.domains.<name>.devices.extraConfig
XML to insert
Type: string
Default
""
turbo.virtualization.libvirt.domains.<name>.devices.filesystem
filesystem
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.accessmode
Access mode
Type: one of "passthrough", "mapped", "squash"
Default
"mapped"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.binary
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.binary.cacheMode
This option has no description.
Type: one of "none", "always"
Default
"always"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.binary.lock
This option has no description.
Type: submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.binary.lock.flock
This option has no description.
Type: one of "on", "off"
Default
"off"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.binary.lock.posix
This option has no description.
Type: one of "on", "off"
Default
"off"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.binary.path
This option has no description.
Type: path
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.binary.xattr
This option has no description.
Type: null or string
Default
"on"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.driver
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.driver.format
This option has no description.
Type: null or string
Default
null
Example
"raw"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.driver.type
input type
Type: one of "path", "loop", "virtiofs"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.readonly
Is media read only
Type: boolean
Default
false
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.source
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.source.dir
This option has no description.
Type: null or path
Default
null
Example
"/path"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.source.file
This option has no description.
Type: null or path
Default
null
Example
"/export/to/guest.img"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.source.socket
This option has no description.
Type: null or path
Default
null
Example
"/tmp/sock"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.target
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.target.dir
This option has no description.
Type: string
Example
"/import/from/host"
turbo.virtualization.libvirt.domains.<name>.devices.filesystem.<name>.type
input type
Type: null or one of "mount", "file", "block", "ram", "bind"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.graphics
graphics
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.graphics.<name>.listen
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.graphics.<name>.listen.socket
socket path
Type: null or path
Default
null
Example
"/run/hypervisor/vnc/server-1"
turbo.virtualization.libvirt.domains.<name>.devices.graphics.<name>.listen.type
type
Type: one of "address", "socket", "none"
turbo.virtualization.libvirt.domains.<name>.devices.graphics.<name>.opengl
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.graphics.<name>.opengl.enable
enable opengl
Type: one of "yes", "no"
turbo.virtualization.libvirt.domains.<name>.devices.graphics.<name>.opengl.rendernode
Which driver to use, leave null to be in auto mode
Type: null or path
Default
null
Example
"/dev/dri/by-path/pci-0000:50:00.0-render"
turbo.virtualization.libvirt.domains.<name>.devices.graphics.<name>.type
type
Type: null or one of "sdl", "vnc", "spice", "rdp", "desktop", "egl-headless"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.hostdev
hostdev
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.managed
type
Type: null or one of "yes", "no"
Default
"yes"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.mode
mode
Type: value "subsystem" (singular enum)
Default
"subsystem"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.rom
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.rom.bar
bar
Type: one of "on", "off"
Default
"on"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.rom.file
socket path
Type: null or path
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source
This option has no description.
Type: submodule
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.address
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.address.bus
This option has no description.
Type: string
Example
"0x06"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.address.domain
This option has no description.
Type: string
Default
"0x0000"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.address.function
This option has no description.
Type: string
Example
"0x0"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.address.slot
This option has no description.
Type: string
Example
"0x02"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.product
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.product.id
This option has no description.
Type: string
Example
"0x3553"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.vendor
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.vendor.id
This option has no description.
Type: string
Example
"0x3553"
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.source.writeFiltering
This option has no description.
Type: null or one of "yes", "no"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.hostdev.<name>.type
type
Type: one of "pci", "usb"
Default
"pci"
turbo.virtualization.libvirt.domains.<name>.devices.input
input
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.input.<name>.bus
input bus
Type: null or one of "xen", "ps2", "usb", "virtio"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.input.<name>.source
sub source resource
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.input.<name>.source.dev
boot device
Type: null or path
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.input.<name>.source.grab
attributes grab with value 'all' which when enabled grabs all input devices instead of just one
Type: null or value "all" (singular enum)
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.input.<name>.source.grabToggle
change the grab key combination
Type: null or one of "ctrl-ctrl", "alt-alt", "shift-shift", "meta-meta", "scrolllock", "ctrl-scrolllock"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.input.<name>.source.repeat
repeat with value 'on'/'off' to enable/disable auto-repeat events
Type: null or one of "on", "off"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.input.<name>.type
input type
Type: null or one of "mouse", "tablet", "keyboard", "passthrough", "evdev"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.interface
interface
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.mac
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.mac.address
device mac address
Type: string
Example
"52:54:00:5d:c7:9e"
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.managed
managed attr
Type: null or one of "yes", "no"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.model
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.model.type
Type: value "virtio" (singular enum)
Default
"virtio"
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.source
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.source.bridge
Bridged Interface
Type: null or string
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.target
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.target.dev
device name
Type: string
Example
"v-server"
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.target.managed
managed attr
Type: null or one of "yes", "no"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.interface.<name>.type
input type
Type: null or one of "ethernet", "network", "direct", "bridge", "user"
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.redirdev
redirdev
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.redirdev.<name>.bus
bus
Type: value "usb" (singular enum)
Default
"usb"
turbo.virtualization.libvirt.domains.<name>.devices.redirdev.<name>.source
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.redirdev.<name>.source.host
This option has no description.
Type: null or string
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.redirdev.<name>.source.mode
This option has no description.
Type: one of "bind", "connect"
Default
"bind"
turbo.virtualization.libvirt.domains.<name>.devices.redirdev.<name>.source.service
This option has no description.
Type: null or signed integer
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.redirdev.<name>.type
type
Type: one of "tcp", "spicevmc"
Default
"tcp"
turbo.virtualization.libvirt.domains.<name>.devices.serial
serial
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.serial.<name>.target
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.serial.<name>.target.model
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.serial.<name>.target.model.name
This option has no description.
Type: null or one of "isa-serial", "16550a"
Default
"isa-serial"
turbo.virtualization.libvirt.domains.<name>.devices.serial.<name>.target.port
This option has no description.
Type: null or string
Default
null
Example
"0"
turbo.virtualization.libvirt.domains.<name>.devices.serial.<name>.target.type
This option has no description.
Type: null or one of "system-serial", "isa-serial"
Default
"isa-serial"
turbo.virtualization.libvirt.domains.<name>.devices.serial.<name>.type
input type
Type: null or value "pty" (singular enum)
Default
"pty"
turbo.virtualization.libvirt.domains.<name>.devices.video
video
Type: attribute set of submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.devices.video.<name>.model
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.devices.video.<name>.model.3daccel
enable 3d acceleration, only available for virtio
Type: null or boolean
Default
null
Example
true
turbo.virtualization.libvirt.domains.<name>.devices.video.<name>.model.type
type
Type: one of "virtio", "vga", "ramfb", "qxl", "none", "bochs"
Default
"virtio"
turbo.virtualization.libvirt.domains.<name>.extraConfig
extra xml to add in domain
Type: string
Default
""
turbo.virtualization.libvirt.domains.<name>.features
feature type
Type: submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.features.acpi
ACPI is useful for power management, for example, with KVM guests it is required for graceful shutdown to work.
Type: boolean
Default
true
turbo.virtualization.libvirt.domains.<name>.features.apic
APIC allows the use of programmable IRQ management. Since 0.10.2 (QEMU only) there is an optional attribute eoi with values on and off which toggles the availability of EOI (End of Interrupt) for the guest.
Type: boolean
Default
true
turbo.virtualization.libvirt.domains.<name>.memory
memory
Type: submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.memory.size
The maximum allocation of memory for the guest at boot time. The memory allocation includes possible additional memory devices specified at start or hotplugged later.
Type: unsigned integer, meaning >=0
Example
524288
turbo.virtualization.libvirt.domains.<name>.memory.unit
defaults to "KiB" (kibibytes, 210 or blocks of 1024 bytes). Valid units are "b" or "bytes" for bytes, "KB" for kilobytes (103 or 1,000 bytes), "k" or "KiB" for kibibytes (1024 bytes), "MB" for megabytes (106 or 1,000,000 bytes), "M" or "MiB" for mebibytes (220 or 1,048,576 bytes), "GB" for gigabytes (109 or 1,000,000,000 bytes), "G" or "GiB" for gibibytes (230 or 1,073,741,824 bytes), "TB" for terabytes (1012 or 1,000,000,000,000 bytes), or "T" or "TiB" for tebibytes (240 or 1,099,511,627,776 bytes). However, the value will be rounded up to the nearest kibibyte by libvirt, and may be further rounded to the granularity supported by the hypervisor.
Type: null or one of "b", "bytes", "k", "KiB", "MB", "M", "MiB", "GB", "G", "GiB", "TB", "T", "TiB"
Default
"KiB"
turbo.virtualization.libvirt.domains.<name>.memoryBacking
Memory Backing
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.memoryBacking.accessMode
This option has no description.
Type: one of "shared", "private"
Default
"shared"
turbo.virtualization.libvirt.domains.<name>.memoryBacking.allocation
This option has no description.
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.memoryBacking.allocation.mode
This option has no description.
Type: null or one of "immediate", "ondemand"
Default
null
turbo.virtualization.libvirt.domains.<name>.memoryBacking.allocation.threads
This option has no description.
Type: null or signed integer
Default
null
turbo.virtualization.libvirt.domains.<name>.memoryBacking.discard
This option has no description.
Type: boolean
Default
false
turbo.virtualization.libvirt.domains.<name>.memoryBacking.hugepages
add xml def or empty string to enable
Type: null or string
Default
null
turbo.virtualization.libvirt.domains.<name>.memoryBacking.locked
This option has no description.
Type: boolean
Default
false
turbo.virtualization.libvirt.domains.<name>.memoryBacking.nosharepages
This option has no description.
Type: boolean
Default
false
turbo.virtualization.libvirt.domains.<name>.memoryBacking.sourceType
This option has no description.
Type: null or one of "memfd", "file", "anonymous"
Default
null
turbo.virtualization.libvirt.domains.<name>.os
OS setting
Type: submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.os.bootOrder
Boot order
Type: list of one of "fd", "hd", "cdrom", "network"
Default
["hd","cdrom"]
turbo.virtualization.libvirt.domains.<name>.os.enableBootMenu
Boot Menu
Type: boolean
Default
false
turbo.virtualization.libvirt.domains.<name>.os.firmware
System firmware
Type: null or one of "bios", "efi"
Default
null
turbo.virtualization.libvirt.domains.<name>.os.loader
Loader Option
Type: null or submodule
Default
null
turbo.virtualization.libvirt.domains.<name>.os.loader.path
BIOS Path
Type: path
turbo.virtualization.libvirt.domains.<name>.os.loader.readonly
This option has no description.
Type: null or one of "yes", "no"
Default
null
turbo.virtualization.libvirt.domains.<name>.os.loader.secure
Secure BOOT
Type: null or one of "yes", "no"
Default
null
turbo.virtualization.libvirt.domains.<name>.os.loader.type
This option has no description.
Type: null or one of "rom", "pflash"
Default
null
turbo.virtualization.libvirt.domains.<name>.os.type
os type
Type: submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.os.type.arch
arch specifying the CPU architecture to virtualization If arch is omitted then for most hypervisor drivers, the host native arch will be chosen
Type: null or string
Default
null
turbo.virtualization.libvirt.domains.<name>.os.type.content
hvm: full virt linux: Xen
Type: one of "hvm", "linux"
Default
"hvm"
turbo.virtualization.libvirt.domains.<name>.os.type.machine
machine referring to the machine type. The Capabilities XML provides details on allowed values for these.
Type: null or string
Default
null
Example
"pc-i440fx-5.1, q35"
turbo.virtualization.libvirt.domains.<name>.title
The optional element title provides space for a short description of the domain. The title should not contain any newlines. Since 0.9.10 .
Type: null or string
Default
null
Example
"A string with no newline"
turbo.virtualization.libvirt.domains.<name>.type
The type specifies the hypervisor used for running the domain. The allowed values are driver specific, but include "xen", "kvm", "qemu" and "lxc".
Type: one of "xen", "kvm", "qemu", "lxc"
Default
"kvm"
turbo.virtualization.libvirt.domains.<name>.uuid
Machine UUID
Type: string
Example
"509ee912-24b8-11eb-96f4-1b7af47272c3"
turbo.virtualization.libvirt.domains.<name>.vcpu
CPU Allocation
Type: submodule
Default
{}
turbo.virtualization.libvirt.domains.<name>.vcpu.cpuset
The optional attribute cpuset is a comma-separated list of physical CPU numbers that domain process and virtual CPUs can be pinned to by default.
Type: null or string
Default
null
Example
"1-4,^3,6"
turbo.virtualization.libvirt.domains.<name>.vcpu.current
The optional attribute current can be used to specify whether fewer than the maximum number of virtual CPUs should be enabled. Since 0.8.5
Type: null or unsigned integer, meaning >=0
Default
null
turbo.virtualization.libvirt.domains.<name>.vcpu.placement
The optional attribute placement can be used to indicate the CPU placement mode for domain process.
Type: null or one of "static", "auto"
Default
null
turbo.virtualization.libvirt.domains.<name>.vcpu.size
The content of this element defines the maximum number of virtual CPUs allocated for the guest OS, which must be between 1 and the maximum supported by the hypervisor.
Type: unsigned integer, meaning >=0
Default
1
turbo.virtualization.services.novnc.baseDomain
Basic domain for noVNC
For example, with baseDomain set to "gaia.indexyz.me", VNC console for a machine will be accessible via [machine name].gaia.indexyz.me.
Type: string
Example
"gaia.indexyz.me"
turbo.virtualization.services.novnc.enable
Enable noVNC page
Type: boolean
Default
false
turbo.virtualization.services.novnc.internalPort
Port to listen for noVNC WebSocket
Type: unsigned integer, meaning >=0
turbo.virtualization.services.novnc.machines
Machines
Type: attribute set of submodule
Default
{}
turbo.virtualization.services.novnc.machines.<name>.backend
Backend
Type: value "basicauth" (singular enum)
Default
"basicauth"
turbo.virtualization.services.novnc.machines.<name>.password
Basic Auth Password
Only used when mode is set to "basicauth".
Type: string
turbo.virtualization.services.novnc.machines.<name>.username
Basic Auth Username
Only used when mode is set to "basicauth".
Type: string
turbo.virtualization.services.novnc.novncPackage
noVNC package to use
Type: package
Default
{"_type":"derivation","name":"novnc-1.3.0"}
turbo.virtualization.services.novnc.websockifyPackage
Websockify package to use
Type: package
Default
{"_type":"derivation","name":"python3.10-websockify-0.10.0"}
turbo.virtualization.usbredir
This option has no description.
Type: attribute set of submodule
Default
{}
turbo.virtualization.usbredir.<name>.address
Which address to bind to/connect to
Type: string
Example
"localhost:4000"
turbo.virtualization.usbredir.<name>.device
USB Device to redir. If device does not exist, usbredir will fail
Type: submodule
Default
{}
turbo.virtualization.usbredir.<name>.device.productId
This option has no description.
Type: string
Example
"b001"
turbo.virtualization.usbredir.<name>.device.vendorId
This option has no description.
Type: string
Example
"3553"
turbo.virtualization.usbredir.<name>.mode
Which mode to use
Type: one of "client", "server"
turbo.virtualization.usbredir.<name>.reloadWithUdev
Whether reload service on plug in/remove
Type: boolean
Default
true