| options/nixos/security.pam.services.<name>.mysqlAuth | If set, the pam_mysql module will be used to
authenticate users against a MySQL/MariaDB database.
|
| options/nixos/services.hostapd.radios.<name>.band | Specifies the frequency band to use, possible values are 2g for 2.4 GHz,
5g for 5 GHz, 6g for 6 GHz and 60g for 60 GHz.
|
| options/nixos/services.k3s.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| options/darwin/users.users.<name>.description | A short description of the user account, typically the
user's full name
|
| options/nixos/services.redis.servers.<name>.save | The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes
|
| options/nixos/ec2.zfs.datasets.<name>.mount | Where to mount this dataset.
|
| options/nixos/services.quicktun.<name>.remotePort | Remote UDP port
|
| options/nixos/services.dokuwiki.sites.<name>.acl.*.actor | User or group to restrict
|
| options/nixos/services.bepasty.servers.<name>.dataDir | Path to the directory where the pastes will be saved to
|
| options/nixos/security.pam.services.<name>.rssh | If set, the calling user's SSH agent is used to authenticate
against the configured keys
|
| options/nixos/services.cjdns.ETHInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| options/nixos/services.cjdns.UDPInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| options/nixos/services.netbird.tunnels.<name>.suffixedName | A systemd service name to use (without .service suffix).
|
| options/nixos/services.netbird.clients.<name>.suffixedName | A systemd service name to use (without .service suffix).
|
| options/nixos/services.tor.relay.onionServices.<name>.map | See torrc manual.
|
| options/nixos/services.ax25.axports.<name>.package | The ax25-tools package to use.
|
| options/nixos/services.nylon.<name>.verbosity | Enable verbose output, default is to not be verbose.
|
| options/nixos/services.drupal.sites.<name>.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/home-manager/programs.rclone.remotes.<name>.mounts.<name>.autoMount | Whether to enable automatic mounting.
|
| options/nixos/services.nsd.zones.<name>.maxRefreshSecs | Limit refresh time for secondary zones
|
| options/nixos/services.borgbackup.jobs.<name>.wrapper | Name of the wrapper that is installed into PATH
|
| options/nixos/security.pam.services.<name>.makeHomeDir | Whether to try to create home directories for users
with $HOMEs pointing to nonexistent
locations on session login.
|
| options/nixos/services.httpd.virtualHosts.<name>.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| options/darwin/users.groups.<name>.members | The group's members.
|
| options/home-manager/xdg.stateFile.<name>.source | Path of the source file or directory
|
| options/home-manager/xdg.cacheFile.<name>.source | Path of the source file or directory
|
| options/home-manager/xdg.configFile.<name>.force | Whether the target path should be unconditionally replaced
by the managed file source
|
| options/nixos/services.pid-fan-controller.settings.heatSources.*.name | Name of the heat source.
|
| options/nixos/services.borgbackup.jobs.<name>.postCreate | Shell commands to run after borg create
|
| options/nixos/services.nginx.virtualHosts.<name>.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| options/nixos/security.pam.services.<name>.limits.*.type | Type of this limit
|
| options/nixos/systemd.services.<name>.scriptArgs | Arguments passed to the main process script
|
| options/darwin/services.github-runners.<name>.user | User under which to run the service
|
| options/nixos/services.nylon.<name>.deniedIPRanges | Denied client IP ranges, these gets evaluated after the allowed IP ranges, defaults to all IPv4 addresses:
[ "0.0.0.0/0" ]
To block all other access than the allowed.
|
| options/nixos/services.fedimintd.<name>.nginx.config.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/home-manager/services.podman.machines.<name>.swap | Swap size in MB for the machine
|
| options/home-manager/services.podman.machines.<name>.cpus | Number of CPUs to allocate to the machine
|
| options/nixos/systemd.user.services.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| options/nixos/systemd.user.services.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| options/nixos/services.h2o.hosts.<name>.tls.identity.*.key-file | Path to key file
|
| options/home-manager/services.restic.backups.<name>.runCheck | Whether to run 'restic check' with the provided checkOpts options
|
| options/nixos/systemd.paths.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| options/nixos/nix.registry.<name>.from | The flake reference to be rewritten
|
| options/nixos/systemd.user.services.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| options/nixos/services.znapzend.zetup.<name>.destinations.<name>.host | Host to use for the destination dataset
|
| options/nixos/services.nginx.virtualHosts.<name>.quic | Whether to enable the QUIC transport protocol
|
| options/nixos/services.blockbook-frontend.<name>.dataDir | Location of blockbook-frontend-‹name› data directory.
|
| options/nixos/services.autorandr.profiles.<name>.config.<name>.transform | Refer to
xrandr(1)
for the documentation of the transform matrix.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.file | Absolute path to the certificate to load
|
| options/nixos/services.logcheck.ignore.<name>.level | Set the logcheck level.
|
| options/nixos/services.sanoid.datasets.<name>.daily | Number of daily snapshots.
|
| options/nixos/services.znapzend.zetup.<name>.enable | Whether to enable this source.
|
| options/nixos/services.znapzend.zetup.<name>.plan | The znapzend backup plan to use for the source
|
| options/nixos/services.prometheus.exporters.rtl_433.ids.*.name | Name to match.
|
| options/nixos/services.keepalived.vrrpScripts.<name>.user | Name of user to run the script under.
|
| options/nixos/security.pam.services.<name>.limits.*.item | Item this limit applies to
|
| options/nixos/services.bitcoind.<name>.package | The bitcoind package to use.
|
| options/nixos/services.tahoe.nodes.<name>.storage.enable | Whether to enable storage service.
|
| options/nixos/services.wyoming.piper.servers.<name>.uri | URI to bind the wyoming server to.
|
| options/nixos/services.drupal.sites.<name>.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.
|
| options/home-manager/services.restic.backups.<name>.checkOpts | A list of options for 'restic check'
|
| options/nixos/services.blockbook-frontend.<name>.group | The group as which to run blockbook-frontend-‹name›.
|
| options/nixos/services.bitcoind.<name>.configFile | The configuration file path to supply bitcoind.
|
| options/nixos/services.drupal.sites.<name>.extraConfig | Extra configuration values that you want to insert into settings.php
|
| options/nixos/services.phpfpm.pools.<name>.phpOptions | "Options appended to the PHP configuration file php.ini used for this PHP-FPM pool."
|
| options/nixos/services.bacula-sd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| options/nixos/services.bacula-fd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| options/nixos/users.users.<name>.createHome | Whether to create the home directory and ensure ownership as well as
permissions to match the user.
|
| options/nixos/services.kanidm.provision.systems.oauth2.<name>.claimMaps.<name>.valuesByGroup | Maps kanidm groups to values for the claim.
|
| options/nixos/services.firezone.server.provision.accounts.<name>.actors.<name>.type | The account type
|
| options/nixos/services.udp-over-tcp.udp2tcp.<name>.forward | The IP and port to forward all traffic to.
|
| options/nixos/services.udp-over-tcp.tcp2udp.<name>.forward | The IP and port to forward all traffic to.
|
| options/nixos/services.udp-over-tcp.tcp2udp.<name>.nodelay | Enables TCP_NODELAY on the TCP socket.
|
| options/nixos/services.nsd.zones.<name>.rrlWhitelist | Whitelists the given rrl-types.
|
| options/nixos/services.udp-over-tcp.udp2tcp.<name>.nodelay | Enables TCP_NODELAY on the TCP socket.
|
| options/nixos/services.netbird.tunnels.<name>.interface | Name of the network interface managed by this client.
|
| options/nixos/services.netbird.clients.<name>.interface | Name of the network interface managed by this client.
|
| options/nixos/services.bacula-fd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| options/nixos/services.bacula-sd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| options/nixos/services.nsd.zones.<name>.dnssecPolicy.keyttl | TTL for dnssec records
|
| options/nixos/services.tinc.networks.<name>.hostSettings.<name>.subnets.*.weight | Indicates the priority over identical Subnets owned by different nodes
|
| options/home-manager/accounts.email.accounts.<name>.mbsync.groups.<name>.channels.<name>.nearPattern | Name for where mail coming from the remote (far) mail server will end up
locally
|
| options/nixos/security.pam.services.<name>.updateWtmp | Whether to update /var/log/wtmp.
|
| options/nixos/services.redis.servers.<name>.group | Group account under which this instance of redis-server runs.
If left as the default value this group will automatically be
created on system activation, otherwise you are responsible for
ensuring the group exists before the redis service starts.
|
| options/nixos/services.i2pd.inTunnels.<name>.crypto.tagsToSend | Number of ElGamal/AES tags to send.
|
| options/nixos/services.awstats.configs.<name>.webService.hostname | The hostname the web service appears under.
|
| options/nixos/services.cjdns.UDPInterface.connectTo.<name>.peerName | (optional) human-readable name for peer
|
| options/nixos/services.cjdns.ETHInterface.connectTo.<name>.peerName | (optional) human-readable name for peer
|
| options/nixos/services.filebeat.inputs.<name>.type | The input type
|
| options/nixos/services.phpfpm.pools.<name>.extraConfig | Extra lines that go into the pool configuration
|
| options/nixos/services.dokuwiki.sites.<name>.aclFile | Location of the dokuwiki acl rules
|
| options/nixos/services.beesd.filesystems.<name>.workDir | Name (relative to the root of the filesystem) of the subvolume where
the hash table will be stored.
|
| options/nixos/services.yandex-disk.username | Your yandex.com login name.
|
| options/nixos/security.acme.certs.<name>.s3Bucket | S3 bucket name to use for HTTP-01 based challenges
|
| options/nixos/services.prosody.virtualHosts.<name>.ssl | Paths to SSL files
|
| options/nixos/services.nebula.networks.<name>.isRelay | Whether this node is a relay.
|
| options/nixos/services.logcheck.ignoreCron.<name>.user | User that runs the cronjob.
|
| options/nixos/services.ghostunnel.servers.<name>.allowCN | Allow client if common name appears in the list.
|
| options/nixos/security.pam.services.<name>.enableUMask | If enabled, the pam_umask module will be loaded.
|