| options/home-manager/services.podman.machines.<name>.cpus | Number of CPUs to allocate to the machine
|
| options/nixos/systemd.user.services.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| options/nixos/systemd.user.services.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| options/nixos/services.tahoe.nodes.<name>.sftpd.accounts.url | URL of the accounts server.
|
| options/nixos/security.pam.services.<name>.limits.*.type | Type of this limit
|
| options/nixos/services.autosuspend.wakeups.<name>.class | Name of the class implementing the check
|
| options/nixos/services.autorandr.profiles.<name>.config.<name>.position | Output position
|
| options/nixos/services.phpfpm.pools.<name>.phpOptions | "Options appended to the PHP configuration file php.ini used for this PHP-FPM pool."
|
| options/nixos/services.prometheus.scrapeConfigs.*.job_name | The job name assigned to scraped metrics by default.
|
| options/nixos/services.tarsnap.archives.<name>.printStats | Print global archive statistics upon completion
|
| options/nixos/systemd.services.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| options/nixos/systemd.services.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| options/nixos/services.ax25.axports.<name>.kissParams | Kissattach parameters for this interface.
|
| options/nixos/services.i2pd.outTunnels.<name>.crypto.tagsToSend | Number of ElGamal/AES tags to send.
|
| options/nixos/services.cjdns.UDPInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| options/nixos/services.cjdns.ETHInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| options/nixos/services.prosody.virtualHosts.<name>.ssl.key | Path to the key file.
|
| options/nixos/services.fedimintd.<name>.nginx.config.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| options/nixos/services.drupal.sites.<name>.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.
|
| options/home-manager/services.restic.backups.<name>.checkOpts | A list of options for 'restic check'
|
| options/nixos/security.pam.services.<name>.limits.*.item | Item this limit applies to
|
| options/nixos/services.authelia.instances.<name>.group | The name of the group for this authelia instance.
|
| options/nixos/services.autorandr.profiles.<name>.config.<name>.scale | Output scale configuration
|
| options/nixos/services.logcheck.ignore.<name>.level | Set the logcheck level.
|
| options/nixos/services.sanoid.datasets.<name>.daily | Number of daily snapshots.
|
| options/nixos/services.znapzend.zetup.<name>.enable | Whether to enable this source.
|
| options/nixos/services.netbird.clients | Attribute set of NetBird client daemons, by default each one will:
- be manageable using dedicated tooling:
netbird-<name> script,NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),
- run as a
netbird-<name>.service,
- listen for incoming remote connections on the port
51820 (openFirewall by default),
- manage the
netbird-<name> wireguard interface,
- use the /var/lib/netbird-/config.json configuration file,
- override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
- (
hardened) be locally manageable by netbird-<name> system group,
With following caveats:
- multiple daemons will interfere with each other's DNS resolution of
netbird.cloud, but
should remain fully operational otherwise
|
| options/nixos/services.znapzend.zetup.<name>.destinations.<name>.dataset | Dataset name to send snapshots to.
|
| options/nixos/services.bacula-fd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| options/nixos/services.bacula-sd.director.<name>.tls.require | Require TLS or TLS-PSK encryption
|
| options/home-manager/programs.firefoxpwa.profiles.<name>.name | Name of the profile.
|
| options/darwin/launchd.user.agents.<name>.serviceConfig | Each attribute in this set specifies an option for a key in the plist.
https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man5/launchd.plist.5.html
|
| options/nixos/services.filebeat.inputs.<name>.type | The input type
|
| options/darwin/launchd.agents.<name>.serviceConfig.SoftResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| options/darwin/launchd.agents.<name>.serviceConfig.HardResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| options/nixos/security.pam.services.<name>.u2fAuth | If set, users listed in
$XDG_CONFIG_HOME/Yubico/u2f_keys (or
$HOME/.config/Yubico/u2f_keys if XDG variable is
not set) are able to log in with the associated U2F key
|
| options/nixos/services.quicktun.<name>.upScript | Run specified command or script after the tunnel device has been opened.
|
| options/nixos/services.drupal.sites.<name>.database.user | Database user.
|
| options/nixos/services.httpd.virtualHosts.<name>.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| options/nixos/services.nginx.virtualHosts.<name>.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| options/darwin/launchd.agents.<name>.serviceConfig.Sockets.<name>.SockProtocol | This optional key specifies the protocol to be passed to socket(2)
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.HardResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.SoftResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| options/nixos/security.pam.services.<name>.updateWtmp | Whether to update /var/log/wtmp.
|
| options/nixos/users.groups.<name>.gid | The group GID
|
| options/nixos/services.udp-over-tcp.tcp2udp.<name>.forward | The IP and port to forward all traffic to.
|
| options/nixos/services.udp-over-tcp.udp2tcp.<name>.forward | The IP and port to forward all traffic to.
|
| options/nixos/services.udp-over-tcp.tcp2udp.<name>.nodelay | Enables TCP_NODELAY on the TCP socket.
|
| options/nixos/services.udp-over-tcp.udp2tcp.<name>.nodelay | Enables TCP_NODELAY on the TCP socket.
|
| options/nixos/services.nsd.zones.<name>.rrlWhitelist | Whitelists the given rrl-types.
|
| options/nixos/services.prosody.httpFileShare.domain | Domain name for a http_file_share service.
|
| options/nixos/services.borgbackup.jobs.<name>.dateFormat | Arguments passed to date
to create a timestamp suffix for the archive name.
|
| options/nixos/security.pam.services.<name>.limits | Attribute set describing resource limits
|
| options/nixos/systemd.user.services.<name>.scriptArgs | Arguments passed to the main process script
|
| options/nixos/services.tahoe.nodes.<name>.tub.location | The external location that the node should listen on
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.module | Optional PKCS#11 module name.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.slot | Optional slot number of the token that stores the certificate.
|
| options/nixos/security.pam.services.<name>.gnupg.storeOnly | Don't send the password immediately after login, but store for PAM
session.
|
| options/nixos/services.misskey.reverseProxy.webserver.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.akkoma.initDb.username | Name of the database user to initialise the database with
|
| options/darwin/launchd.agents.<name>.serviceConfig.Nice | This optional key specifies what nice(3) value should be applied to the daemon.
|
| options/nixos/services.sabnzbd.secretFiles | Path to a list of ini file containing confidential settings such as credentials
|
| options/darwin/launchd.daemons.<name>.serviceConfig.Sockets.<name>.SockPassive | This optional key specifies whether listen(2) or connect(2) should be called on the created file
descriptor
|
| options/nixos/services.nsd.zones.<name>.multiMasterCheck | If enabled, checks all masters for the last zone version
|
| options/nixos/services.drupal.sites.<name>.database.host | Database host address.
|
| options/nixos/services.drupal.sites.<name>.database.port | Database host port.
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.Sockets.<name>.SockProtocol | This optional key specifies the protocol to be passed to socket(2)
|
| options/home-manager/programs.obsidian.vaults.<name>.settings.extraFiles.<name>.text | Text of the file.
|
| options/nixos/security.pam.services.<name>.enableUMask | If enabled, the pam_umask module will be loaded.
|
| options/nixos/services.acpid.handlers.<name>.action | Shell commands to execute when the event is triggered.
|
| options/nixos/services.logcheck.ignore.<name>.regex | Regex specifying which log lines to ignore.
|
| options/nixos/services.prosody.virtualHosts.<name>.ssl | Paths to SSL files
|
| options/nixos/services.nebula.networks.<name>.isRelay | Whether this node is a relay.
|
| options/nixos/services.logcheck.ignoreCron.<name>.user | User that runs the cronjob.
|
| options/nixos/services.nylon.<name>.deniedIPRanges | Denied client IP ranges, these gets evaluated after the allowed IP ranges, defaults to all IPv4 addresses:
[ "0.0.0.0/0" ]
To block all other access than the allowed.
|
| options/nixos/services.fedimintd.<name>.nginx.config.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| options/nixos/services.fedimintd.<name>.nginx.config.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| options/nixos/systemd.services.<name>.scriptArgs | Arguments passed to the main process script
|
| options/home-manager/home.file.<name>.force | Whether the target path should be unconditionally replaced
by the managed file source
|
| options/nixos/services.tahoe.nodes.<name>.sftpd.accounts.file | Path to the accounts file.
|
| options/nixos/services.httpd.virtualHosts.<name>.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.nginx.virtualHosts.<name>.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.netbird.tunnels.<name>.suffixedName | A systemd service name to use (without .service suffix).
|
| options/nixos/services.netbird.clients.<name>.suffixedName | A systemd service name to use (without .service suffix).
|
| options/darwin/launchd.daemons.<name>.serviceConfig.Sockets.<name>.SockServiceName | This optional key specifies the service on the node to connect(2) or bind(2) to.
|
| options/nixos/services.dokuwiki.sites.<name>.acl.*.level | Permission level to restrict the actor(s) to
|
| options/nixos/services.bepasty.servers.<name>.workDir | Path to the working directory (used for config and pidfile)
|
| options/nixos/services.spiped.config.<name>.encrypt | Take unencrypted connections from the
source socket and send encrypted
connections to the target socket.
|
| options/nixos/services.spiped.config.<name>.decrypt | Take encrypted connections from the
source socket and send unencrypted
connections to the target socket.
|
| options/nixos/services.borgbackup.jobs.<name>.wrapper | Name of the wrapper that is installed into PATH
|
| options/nixos/boot.specialFileSystems.<name>.mountPoint | Location where the file system will be mounted
|
| options/nixos/services.borgbackup.jobs.<name>.postCreate | Shell commands to run after borg create
|
| options/nixos/services.dokuwiki.sites.<name>.acl | Access Control Lists: see https://www.dokuwiki.org/acl
Mutually exclusive with services.dokuwiki.aclFile
Set this to a value other than null to take precedence over aclFile option
|
| options/nixos/security.pam.services.<name>.fprintAuth | If set, fingerprint reader will be used (if exists and
your fingerprints are enrolled).
|
| options/nixos/services.cjdns.UDPInterface.connectTo.<name>.peerName | (optional) human-readable name for peer
|
| options/nixos/services.cjdns.ETHInterface.connectTo.<name>.peerName | (optional) human-readable name for peer
|
| options/nixos/services.quicktun.<name>.remotePort | Remote UDP port
|
| options/nixos/services.ax25.axports.<name>.package | The ax25-tools package to use.
|
| options/nixos/services.nylon.<name>.verbosity | Enable verbose output, default is to not be verbose.
|
| options/nixos/security.pam.services.<name>.nodelay | Whether the delay after typing a wrong password should be disabled.
|