diff --git a/nixos/modules/security/chromium-suid-sandbox.nix b/nixos/modules/security/chromium-suid-sandbox.nix
index b517e879f04..88fbe518c2d 100644
--- a/nixos/modules/security/chromium-suid-sandbox.nix
+++ b/nixos/modules/security/chromium-suid-sandbox.nix
@@ -7,19 +7,23 @@ let
   sandbox = pkgs.chromium.sandbox;
 in
 {
-  options.security.chromiumSuidSandbox.enable = mkEnableOption ''
-    Whether to install the Chromium SUID sandbox which is an executable that
-    Chromium may use in order to achieve sandboxing.
+  options.security.chromiumSuidSandbox.enable = mkOption {
+    type = types.bool;
+    default = false;
+    description = ''
+      Whether to install the Chromium SUID sandbox which is an executable that
+      Chromium may use in order to achieve sandboxing.
 
-    If you get the error "The SUID sandbox helper binary was found, but is not
-    configured correctly.", turning this on might help.
+      If you get the error "The SUID sandbox helper binary was found, but is not
+      configured correctly.", turning this on might help.
 
-    Also, if the URL chrome://sandbox tells you that "You are not adequately
-    sandboxed!", turning this on might resolve the issue.
+      Also, if the URL chrome://sandbox tells you that "You are not adequately
+      sandboxed!", turning this on might resolve the issue.
 
-    Finally, if you have <option>security.grsecurity</option> enabled and you
-    use Chromium, you probably need this.
-  '';
+      Finally, if you have <option>security.grsecurity</option> enabled and you
+      use Chromium, you probably need this.
+    '';
+  };
 
   config = mkIf cfg.enable {
     environment.systemPackages = [ sandbox ];