Skip to content

Clan Options

This provides an overview of the available options

Those can be set via clan-core.lib.clan function, or via the clan attribute of flake-parts.

checks

Attribute: checks

Assertions that must hold true when evaluating the clan. When the assertion fails, the message is shown and the evaluation is aborted.

Type: attribute set of (submodule)

Default:

{ }

Declared in: modules/clan/top-level-interface.nix

assertion

Attribute: checks.<name>.assertion

Readonly

The assertion that must hold true.

If false, the message is shown.

Type: boolean

Declared in: modules/clan/top-level-interface.nix

ignore

Attribute: checks.<name>.ignore

Ignores this check entirely

Type: boolean

Default:

false

Declared in: modules/clan/top-level-interface.nix

message

Attribute: checks.<name>.message

Message shown when the assertion is false

Type: string

Declared in: modules/clan/top-level-interface.nix

directory

Attribute: directory

The directory containing the clan.

A typical directory structure could look like this:

.
├── flake.nix
├── assets
├── machines
├── modules
└── sops

Type: absolute path or raw value convertible to it

Default:

"Root directory of the flake"

Declared in: modules/clan/top-level-interface.nix

exports

Attribute: exports

This option has no description.

Type: lazy attribute set of (submodule)

Declared in: modules/clan/top-level-interface.nix

networking

Attribute: exports.<name>.networking

This option has no description.

Type: null or (submodule)

Default:

null

Declared in: modules/clan/top-level-interface.nix

module

Attribute: exports.<name>.networking.module

the technology this network uses to connect to the target This is used for userspace networking with socks proxies.

Type: string

Default:

"clan_lib.network.direct"

Declared in: modules/clan/top-level-interface.nix

priority

Attribute: exports.<name>.networking.priority

priority with which this network should be tried. higher priority means it gets used earlier in the chain

Type: signed integer

Default:

1000

Declared in: modules/clan/top-level-interface.nix

peer

Attribute: exports.<name>.peer

This option has no description.

Type: null or (submodule)

Default:

null

Declared in: modules/clan/top-level-interface.nix

SSHOptions

Attribute: exports.<name>.peer.SSHOptions

This option has no description.

Type: list of string

Default:

[ ]

Declared in: modules/clan/top-level-interface.nix

hosts

Attribute: exports.<name>.peer.hosts

Type: list of attribute-tagged union

Declared in: modules/clan/top-level-interface.nix

*

Attribute: exports.<name>.peer.hosts.*

plain

Attribute: exports.<name>.peer.hosts.*.plain

a plain value, which can be read directly from the config

Type: string

Declared in: modules/clan/top-level-interface.nix

var

Attribute: exports.<name>.peer.hosts.*.var

A reference to a 'var' file

The 'var' will be read by the CLI and potentially other services

Danger

Don't export references to private vars.

Their value cannot be accessed.

Type: submodule

Declared in: modules/clan/top-level-interface.nix

# file

Attribute: exports.<name>.peer.hosts.*.var.file

This option has no description.

Type: string

Example 
"hostname"
# flake

Attribute: exports.<name>.peer.hosts.*.var.flake

This option has no description.

Type: absolute path

Example 
"config.clan.core.settings.directory"
# generator

Attribute: exports.<name>.peer.hosts.*.var.generator

This option has no description.

Type: string

Example 
"tor-ssh"
# machine

Attribute: exports.<name>.peer.hosts.*.var.machine

This option has no description.

Type: string

Example 
"jon"

name

Attribute: exports.<name>.peer.name

This option has no description.

Type: string

Default:

"‹name›"

Declared in: modules/clan/top-level-interface.nix

Inventory

Attribute: inventory

See: Inventory Submodule

machines

Attribute: machines

A mapping of machine names to their nixos configuration.

Example 
machines = {
  my-machine = {
    # Your nixos configuration
  };
};

Type: attribute set of module

Default:

{ }

Declared in: modules/clan/top-level-interface.nix

meta

Attribute: meta

Global information about the clan.

Type: module

Default:

{ }

Declared in: modules/clan/top-level-interface.nix

description

Attribute: meta.description

Optional freeform description

Type: null or string

Default:

null

Declared in: modules/inventoryClass/meta.nix

domain

Attribute: meta.domain

Domain for the clan.

It will be used to wire clan-internal services and resolve the address for each machine of the clan using <hostname>.<meta.domain>

This can either be:

  • A top level domain (TLD). Set this to a valid, but not already existing TLD if you're using a mesh network between your machines. This will route requests between your machines over the mesh network.

  • A regular domain. Set this to a valid domain you own if you want to route requests between your machines over the public internet. You will have to manually setup your public DNS of that domain to route <hostname>.<meta.domain> to each of your machines.

Type: string matching the pattern ^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?(.[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*$

Default:

"clan"
Example 
"clan.lol"

Declared in: modules/inventoryClass/meta.nix

icon

Attribute: meta.icon

Under construction, will be used for the UI

Type: null or string

Default:

null

Declared in: modules/inventoryClass/meta.nix

name

Attribute: meta.name

Name of the clan.

Needs to be (globally) unique, as this determines the folder name where the flake gets downloaded to.

Should only contain alphanumeric characters, _ and -.

Type: string matching the pattern [a-zA-Z0-9_-]*

Example 
"my_clan"

Declared in: modules/inventoryClass/meta.nix

tld

Attribute: meta.tld

Deprecated: Use domain instead.

Type: null or string matching the pattern [a-z]+

Default:

null
Example 
"ccc"

Declared in: modules/inventoryClass/meta.nix

modules

Attribute: modules

An attribute set of exported modules.

Type: attribute set of raw value

Default:

{ }

Declared in: modules/clan/top-level-interface.nix

outputs

Attribute: outputs

moduleForMachine

Attribute: outputs.moduleForMachine

This option has no description.

Type: attribute set of module

Declared in: modules/clan/module.nix

pkgsForSystem

Attribute: pkgsForSystem

A function that maps from architecture to pkg. ( string -> pkgs )

Clan uses one global package set for all machines. Override this function to customize packages.

When using flake-parts use 'perSystem.clan.pkgs' instead.

If specified this nixpkgs will be only imported once for each system. This improves performance, but all nixpkgs.* options will be ignored.

Returning null for a system will fallback to the default behavior of respecting the nixpkgs.* options.

Type: function that evaluates to a(n) (null or (attribute set))

Default:

"system: null"
Example 
pkgsForSystem =
  system:
  import nixpkgs {
    inherit system;
    config = {
      allowUnfree = true;
    };
    overlays = [];
  };

Declared in: modules/clan/top-level-interface.nix

secrets

Attribute: secrets

Secrets related options such as AGE plugins required to encrypt/decrypt secrets using the CLI.

Type: submodule

Default:

{ }

Declared in: modules/clan/top-level-interface.nix

age

Attribute: secrets.age

plugins

Attribute: secrets.age.plugins

A list of age plugins which must be available in the shell when encrypting and decrypting secrets.

Type: list of string matching the pattern age-plugin-.*

Default:

[ ]

Declared in: modules/clan/secrets.nix

self

Attribute: self

This is used to import external clan modules.

Type: raw value

Default:

"Reference to the current flake"

Declared in: modules/clan/top-level-interface.nix

specialArgs

Attribute: specialArgs

Extra arguments to pass to nixosSystem i.e. useful to make self available

Type: attribute set of raw value

Default:

{ }

Declared in: modules/clan/top-level-interface.nix

templates

Attribute: templates

Define Clan templates.

Type: submodule

Default:

{ }

Declared in: modules/clan/top-level-interface.nix

clan

Attribute: templates.clan

Holds the different clan templates.

Type: attribute set of (submodule)

Default:

{ }

Declared in: modules/clan/templates.nix

description

Attribute: templates.clan.<name>.description

The name of the template.

Type: string

Default:

"‹name›"

Declared in: modules/clan/templates.nix

path

Attribute: templates.clan.<name>.path

Holds the path to the clan template.

Type: absolute path

Declared in: modules/clan/templates.nix

disko

Attribute: templates.disko

Holds different disko templates.

Type: attribute set of (submodule)

Default:

{ }

Declared in: modules/clan/templates.nix

description

Attribute: templates.disko.<name>.description

The name of the template.

Type: string

Default:

"‹name›"

Declared in: modules/clan/templates.nix

path

Attribute: templates.disko.<name>.path

Holds the path to the clan template.

Type: absolute path

Declared in: modules/clan/templates.nix

machine

Attribute: templates.machine

Holds the different machine templates.

Type: attribute set of (submodule)

Default:

{ }

Declared in: modules/clan/templates.nix

description

Attribute: templates.machine.<name>.description

The name of the template.

Type: string

Default:

"‹name›"

Declared in: modules/clan/templates.nix

path

Attribute: templates.machine.<name>.path

Holds the path to the clan template.

Type: absolute path

Declared in: modules/clan/templates.nix