Robotnix Configuration Options

Additional F-Droid repositories to include in the default build. Note that changes to this setting will only take effect on a freshly installed device--or if the F-Droid storage is cleared.

Default: { }

Type: attribute set of submodules

Declared by: modules/apps/fdroid.nix

`apps.fdroid.additionalRepos.<name>.description`

Longer textual description of this repository

Default: "Empty description"

Type: string

Declared by: modules/apps/fdroid.nix

`apps.fdroid.additionalRepos.<name>.enable`

Whether to enable this repository by default in F-Droid.

Default: false

Type: boolean

Declared by: modules/apps/fdroid.nix

`apps.fdroid.additionalRepos.<name>.name`

Display name to use for this repository

Default: "‹name›"

Type: string

Declared by: modules/apps/fdroid.nix

`apps.fdroid.additionalRepos.<name>.pubkey`

Public key associated with this repository. Can be found in /index.xml under the repo URL.

Type: string

Declared by: modules/apps/fdroid.nix

`apps.fdroid.additionalRepos.<name>.pushRequests`

Allow this repository to specify apps which should be automatically installed/uninstalled

Default: "ignore"

Type: one of "ignore", "prompt", "always"

Declared by: modules/apps/fdroid.nix

`apps.fdroid.additionalRepos.<name>.url`

URL for F-Droid repository

Type: string

Declared by: modules/apps/fdroid.nix

`apps.fdroid.enable`

Whether to enable F-Droid.

Default: false

Example: true

Type: boolean

Declared by: modules/apps/fdroid.nix

`apps.prebuilt`

Prebuilt APKs to include in the robotnix build

Default: { }

Type: attribute set of submodules

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.allowInPowerSave`

Whether to allow this application to operate in "power save" mode. Disables battery optimization for this app.

Default: false

Type: boolean

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.apk`

APK file to include in build

Default: null

Type: null or path

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.certificate`

Name of certificate to sign APK with. Defaults to the name of the prebuilt app. If it is a device-specific certificate, the cert/key should be under ${keyStorePath}/${device}/${certificate}.{x509.pem,pk8}. Otherwise, it should be ${keyStorePath}/${certificate}.{x509.pem,pk8}. Finally, the special string "PRESIGNED" will just use the APK as-is.

Default: "‹name›"

Type: string

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.defaultPermissions`

Permissions to be enabled by default without user prompting.

Default: [ ]

Example: ["INSTALL_PACKAGES"]

Type: list of strings

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.enable`

Include ‹name› APK in Android build

Default: true

Type: boolean

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.modulePrefix`

Prefix to prepend to the module name to avoid conflicts. (No spaces)

Default: "Robotnix"

Type: string

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.name`

Name of application. (No spaces)

Default: "‹name›"

Type: string

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.packageName`

APK's Java-style package name (applicationId). This setting only necessary to be set if also using privappPermissions.

Example: "com.android.test"

Type: string matching the pattern [a-zA-Z0-9_.]*

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.partition`

Partition on which to place this app

Type: one of "vendor", "system", "product"

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.privappPermissions`

Privileged permissions to apply to this application. Refer to this link and note permissions which say "not for use by third-party applications".

Default: [ ]

Example: ["INSTALL_PACKAGES"]

Type: list of strings

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.privileged`

Whether this APK should be included as a privileged application.

Default: false

Type: boolean

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.usesLibraries`

Shared library dependencies of this app.

For more information, see https://android.googlesource.com/platform/build/+/75342c19323fea64dbc93fdc5a7def3f81113c83/Changes.md.

Default: [ ]

Type: list of strings

Declared by: modules/apps/prebuilt.nix

`apps.prebuilt.<name>.usesOptionalLibraries`

Optional shared library dependencies of this app.

For more information, see https://android.googlesource.com/platform/build/+/75342c19323fea64dbc93fdc5a7def3f81113c83/Changes.md.

Default: [ ]

Type: list of strings

Declared by: modules/apps/prebuilt.nix

`apps.seedvault.enable`

Whether to enable Seedvault (backup).

Default: false

Example: true

Type: boolean

Declared by: modules/apps/seedvault.nix

`apps.updater.enable`

Whether to enable OTA Updater.

Default: false

Example: true

Type: boolean

Declared by: modules/apps/updater.nix

`apps.updater.flavor`

Which updater package to use, and which kind of metadata to generate for it.

Default: "grapheneos"

Type: one of "grapheneos", "lineageos"

Declared by: modules/apps/updater.nix

`apps.updater.url`

URL for OTA updates

Type: string

Declared by: modules/apps/updater.nix

`apps.vanadium.enable`

Whether to enable vanadium browser.

Default: false

Example: true

Type: boolean

Declared by: modules/apps/chromium.nix

`apv.buildID`

Build ID associated with the upstream img/ota (used to select images)

Type: string

Declared by: modules/apv

`apv.enable`

Whether to enable android-prepare-vendor.

Default: false

Example: true

Type: boolean

Declared by: modules/apv

`apv.img`

A factory image .zip from upstream whose vendor contents should be extracted and included in the build

Default: null

Type: path

Declared by: modules/apv

`apv.ota`

An OTA from upstream whose vendor contents should be extracted and included in the build. (Android >=10 builds require this in addition to apv.img)

Default: null

Type: path

Declared by: modules/apv

`arch`

Architecture of phone, usually set automatically by device

Default: "arm64"

Type: one of "arm64", "arm", "x86_64", "x86"

Declared by: modules/base.nix

`buildDateTime`

Unix time (seconds since the epoch) that this build is taking place. Needs to be monotonically increasing for each build if you use the over-the-air (OTA) update mechanism. e.g. output of date +%s

Default: "*maximum of source.dirs.<name>.dateTime*"

Example: 1565645583

Type: signed integer

Declared by: modules/base.nix

`buildNumber`

Set this to something meaningful to identify the build. Defaults to YYYYMMDDHH based on buildDateTime. Should be unique for each build for disambiguation.

Example: "201908121"

Type: string

Declared by: modules/base.nix

`buildType`

one of "release", "debug"

Default: "release"

Type: one of "release", "debug"

Declared by: modules/base.nix

`ccache.enable`

Whether to enable ccache.

Default: false

Example: true

Type: boolean

Declared by: modules/base.nix

`channel`

Default channel to use for updates (can be modified in app)

Default: "stable"

Type: one of "stable", "beta"

Declared by: modules/release.nix

`device`

Code name of device build target

Default: null

Example: "marlin"

Type: null or string

Declared by: modules/base.nix

`deviceDisplayName`

Display name of device build target

Default: null

Example: "Pixel XL"

Type: null or string

Declared by: modules/base.nix

`etc`

Set of files to be included under /etc

Default: { }

Type: attribute set of submodules

Declared by: modules/etc.nix

`etc.<name>.partition`

Partition on which to place this etc file

Type: one of "vendor", "system", "product"

Declared by: modules/etc.nix

`etc.<name>.source`

Path of the source file

Type: path

Declared by: modules/etc.nix

`etc.<name>.target`

Name of symlink (relative to /etc). Defaults to the attribute name.

Type: string

Declared by: modules/etc.nix

`etc.<name>.text`

Text of the file

Default: null

Type: null or string

Declared by: modules/etc.nix

`flavor`

Set to one of robotnix's supported flavors. Current options are vanilla, grapheneos, and lineageos.

Default: null

Example: "vanilla"

Type: null or string

Declared by: modules/base.nix

`hosts`

Custom hosts file

Default: null

Type: null or path

Declared by: modules/hosts.nix

`incremental`

Whether to include an incremental build in otaDir output

Default: false

Type: boolean

Declared by: modules/release.nix

`kernel.buildDateTime`

Unix time to use for kernel build timestamp

Default: "config.buildDateTime"

Type: signed integer

Declared by: modules/kernel.nix

`kernel.clangVersion`

Version of prebuilt clang to use for kernel. See https://android.googlesource.com/platform/prebuilts/clang/host/linux-x86/+/master/README.md"

Type: string

Declared by: modules/kernel.nix

`kernel.enable`

Whether to enable building custom kernel.

Default: false

Example: true

Type: boolean

Declared by: modules/kernel.nix

`kernel.patches`

List of patches to apply to kernel source

Default: [ ]

Type: list of paths

Declared by: modules/kernel.nix

`kernel.postPatch`

Commands to run after patching kernel source

Default: ""

Type: strings concatenated with "\n"

Declared by: modules/kernel.nix

`kernel.relpath`

Relative path in source tree to place kernel build artifacts

Type: string

Declared by: modules/kernel.nix

`kernel.src`

Path to kernel source

Type: path

Declared by: modules/kernel.nix

`microg.enable`

Whether to enable MicroG.

Default: false

Example: true

Type: boolean

Declared by: modules/microg.nix

`nixpkgs.overlays`

Nixpkgs overlays to override the default packages used while building robotnix.

Default: [ ]

Type: list of unspecifieds

Declared by:

`pixel.activeEdge.enable`

Whether to enable Active Edge gestures using the open-source implementation from LineageOS.

Default: false

Example: true

Type: boolean

Declared by: modules/pixel/active-edge.nix

`pixel.useUpstreamDriverBinaries`

Use device vendor binaries from https://developers.google.com/android/drivers

Default: false

Type: boolean

Declared by: modules/pixel/driver-binaries.nix

`product.additionalProductPackages`

PRODUCT_PACKAGES to add under product partition.

Default: [ ]

Type: list of strings

Declared by: modules/base.nix

`productName`

Product name for choosecombo/lunch

Default: "${productNamePrefix}${device}"

Example: "aosp_crosshatch"

Type: string

Declared by: modules/base.nix

`productNamePrefix`

Prefix for product name used with choosecombo/lunch

Default: "aosp_"

Type: string

Declared by: modules/base.nix

`removedProductPackages`

PRODUCT_PACKAGES to remove from build

Default: [ ]

Type: list of strings

Declared by: modules/base.nix

`resources`

Additional package resources to include. The first key refers to the relative path for the package, and the second key refers to the resource name

Default: { }

Example: {"_type":"literalExpression","text":"{ \"frameworks/base/core/res\".config_enableAutoPowerModes = true; }"}

Type: attribute set of attribute set of boolean or signed integer or string or list of string or signed integers or submoduless

Declared by: modules/resources.nix

`retrofit`

Generate a retrofit OTA for upgrading a device without dynamic partitions. See also https://source.android.com/devices/tech/ota/dynamic_partitions/ab_legacy#generating-update-packages

Default: false

Type: boolean

Declared by: modules/release.nix

`security.pki.certificateFiles`

A list of files containing trusted root certificates in PEM format. These are added as system-level trust anchors.

Default: [ ]

Type: list of paths

Declared by: modules/security-pki.nix

`signing.apex.enable`

Whether to enable signing APEX packages.

Default: false

Example: true

Type: boolean

Declared by: modules/signing.nix

`signing.apex.packageNames`

APEX packages which need to be signed

Default: [ ]

Type: list of strings

Declared by: modules/signing.nix

`signing.avb.enable`

Whether to enable AVB signing.

Default: false

Example: true

Type: boolean

Declared by: modules/signing.nix

`signing.avb.fingerprint`

SHA256 hash of avb_pkmd.bin. Should be set automatically based on file under keyStorePath if signing.enable = true

Type: string matching the pattern [0-9A-F]{64}

Declared by: modules/signing.nix

`signing.avb.mode`

Mode of AVB signing to use.

Default: "vbmeta_chained"

Type: one of "verity_only", "vbmeta_simple", "vbmeta_chained", "vbmeta_chained_v2"

Declared by: modules/signing.nix

`signing.avb.verityCert`

Verity certificate for AVB. e.g. in x509 DER format.x509.pem. Only needed if signing.avb.mode = "verity_only"

Type: path

Declared by: modules/signing.nix

`signing.buildTimeKeyStorePath`

Path to generated keys for signing to use at build-time, as opposed to keyStorePath, which is used at evaluation-time.

Type: string or path

Declared by: modules/signing.nix

`signing.enable`

Whether to sign build using user-provided keys. Otherwise, build will be signed using insecure test-keys.

Default: false

Type: boolean

Declared by: modules/signing.nix

`signing.keyStorePath`

String containing absolute path to generated keys for signing. This must be a string and not a "nix path" to ensure that your secret keys are not imported into the public /nix/store.

Example: "/var/secrets/android-keys"

Type: string

Declared by: modules/signing.nix

`source.dirs`

Directories to include in Android build process. Normally set by the output of mk_repo_file.py. However, additional source directories can be added to the build here using this option as well.

Default: { }

Type: attribute set of submodules

Declared by: modules/source.nix

`source.dirs.<name>.enable`

Whether to include this directory in the android build source tree.

Default: true

Type: boolean

Declared by: modules/source.nix

`source.dirs.<name>.patches`

Patches to apply to source directory.

Default: [ ]

Type: list of paths

Declared by: modules/source.nix

`source.dirs.<name>.postPatch`

Additional commands to run after patching source directory.

Default: ""

Type: strings concatenated with "\n"

Declared by: modules/source.nix

`source.dirs.<name>.relpath`

Relative path under android source tree to place this directory. Defaults to attribute name.

Default: "‹name›"

Type: string

Declared by: modules/source.nix

`source.dirs.<name>.src`

Source to use for this android source directory.

Default: <derivation empty>

Type: path

Declared by: modules/source.nix

`source.evalTimeFetching`

Set config.source.dirs automatically using IFD with information from source.manifest. Also enables use of builtins.fetchGit instead of pkgs.fetchgit if not all sha256 hashes are available. (Can be useful for development, but not recommended normally)

Default: false

Type: unspecified

Declared by: modules/source.nix

`source.excludeGroups`

Project groups to exclude from source tree

Default: [ "darwin" "mips" ]

Type: list of strings

Declared by: modules/source.nix

`source.includeGroups`

Project groups to include in source tree (overrides excludeGroups)

Default: [ ]

Type: list of strings

Declared by: modules/source.nix

`source.manifest.rev`

Revision/tag to use from repo manifest repository.

Type: string

Declared by: modules/source.nix

`source.manifest.sha256`

Nix sha256 hash of repo manifest repository.

Type: string

Declared by: modules/source.nix

`source.manifest.url`

URL to repo manifest repository. Not necessary to set if using source.dirs directly.

Type: string

Declared by: modules/source.nix

`system.additionalProductPackages`

PRODUCT_PACKAGES to add under system partition.

Default: [ ]

Type: list of strings

Declared by: modules/base.nix

`useReproducibilityFixes`

Apply additional fixes for reproducibility

Default: true

Type: boolean

Declared by: modules/base.nix

`variant`

user has limited access and is suited for production. userdebug is like user but with root access and debug capability. eng is the development configuration with additional debugging tools.

Default: "user"

Type: one of "user", "userdebug", "eng"

Declared by: modules/base.nix

`vendor.additionalProductPackages`

PRODUCT_PACKAGES to add under vendor partition.

Default: [ ]

Type: list of strings

Declared by: modules/base.nix

`webview`

Webview providers to include in Android build. Pre-specified options are chromium, bromite, and vanadium.

Example: {"_type":"literalExpression","text":"{ bromite.enable = true; }"}

Type: attribute set of submodules

Declared by: modules/webview.nix

`webview.<name>.apk`

APK file containing webview package.

Type: path

Declared by: modules/webview.nix

`webview.<name>.availableByDefault`

If true, this provider can be automatically selected by the framework, if it's the first valid choice. If false, this provider will only be used if the user selects it themselves from the developer settings menu.

Default: false

Type: boolean

Declared by: modules/webview.nix

`webview.<name>.description`

The name shown to the user in the developer settings menu.

Default: "Android System WebView"

Type: string

Declared by: modules/webview.nix

`webview.<name>.enable`

Whether to enable ‹name› webview.

Default: false

Example: true

Type: boolean

Declared by: modules/webview.nix

`webview.<name>.isFallback`

If true, this provider will be automatically disabled by the framework, preventing it from being used or updated by app stores, unless there is no other valid provider available. Only one provider can be a fallback.

Default: false

Type: boolean

Declared by: modules/webview.nix

`webview.<name>.packageName`

The Android package name of the APK.

Default: "com.android.webview"

Type: string

Declared by: modules/webview.nix