| options/nixos/services.sftpgo.settings.ftpd.bindings.*.address | Network listen address
|
| options/nixos/services.prometheus.exporters.exportarr-bazarr.listenAddress | Address to listen on.
|
| options/nixos/services.osquery.flags.logger_path | Base directory used for logging.
If left as the default value, this directory will be automatically created before the
service starts, otherwise you are responsible for ensuring the directory exists with
the appropriate ownership and permissions.
|
| options/nixos/services.multipath.devices.*.skip_kpartx | If set to yes, kpartx will not automatically create partitions on the device
|
| options/nixos/services.thanos.receive.http-address | Listen host:port for HTTP endpoints
|
| options/nixos/services.nginx.virtualHosts.<name>.quic | Whether to enable the QUIC transport protocol
|
| options/nixos/services.prometheus.exporters.knot.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.knot.openFirewall is true.
|
| options/nixos/services.teamspeak3.voiceIP | IP on which the server instance will listen for incoming voice connections
|
| options/nixos/services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| options/nixos/services.prometheus.exporters.dnsmasq.extraFlags | Extra commandline options to pass to the dnsmasq exporter.
|
| options/nixos/services.tor.settings.UnixSocksGroupWritable | See torrc manual.
|
| options/nixos/services.tee-supplicant.reeFsParentPath | The directory where the secure filesystem will be stored in the rich
execution environment (REE FS).
|
| options/nixos/services.printing.browsing | Specifies whether shared printers are advertised.
|
| options/nixos/services.prometheus.exporters.dmarc.user | User name under which the dmarc exporter shall be run.
|
| options/nixos/services.tor.client.dns.enable | Whether to enable DNS resolver.
|
| options/nixos/services.rss-bridge.group | The group under which the web application runs.
|
| options/nixos/services.reposilite.workingDirectory | Working directory for Reposilite.
|
| options/nixos/services.nostr-rs-relay.port | Listen on this port.
|
| options/nixos/services.prometheus.exporters.php-fpm.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.php-fpm.openFirewall
is true
|
| options/nixos/services.rustus.storage.s3_secret_key_file | File path that contains the S3 secret key.
|
| options/nixos/services.opensearch.settings."transport.port" | The port to listen on for transport traffic.
|
| options/nixos/services.pixelfed.nginx.sslCertificateKey | Path to server SSL certificate key.
|
| options/nixos/services.redmine.database.socket | Path to the unix socket file to use for authentication.
|
| options/nixos/services.roon-bridge.enable | Whether to enable Roon Bridge.
|
| options/nixos/services.synapse-auto-compressor.package | The rust-synapse-compress-state package to use.
|
| options/nixos/services.prometheus.exporters.collectd.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.collectd.openFirewall
is true
|
| options/nixos/services.sanoid.enable | Whether to enable Sanoid ZFS snapshotting service.
|
| options/nixos/services.nagios.virtualHost.extraConfig | These lines go to httpd.conf verbatim
|
| options/nixos/services.readarr.enable | Whether to enable Readarr, a Usenet/BitTorrent ebook downloader.
|
| options/nixos/services.minecraft-server.declarative | Whether to use a declarative Minecraft server configuration
|
| options/nixos/services.ollama.rocmOverrideGfx | Override what rocm will detect your gpu model as
|
| options/nixos/services.tailscale.derper.openFirewall | Whether to open the firewall for the specified port
|
| options/nixos/services.prometheus.exporters.unbound.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.unbound.openFirewall is true.
|
| options/nixos/services.netbird.server.signal.extraOptions | Additional options given to netbird-signal as commandline arguments.
|
| options/nixos/services.tt-rss.phpPackage | php package to use for php fpm and update daemon.
|
| options/nixos/services.slskd.settings.remote_file_management | Whether to enable modification of share contents through the web ui.
|
| options/nixos/services.ocis.environmentFile | An environment file as defined in systemd.exec(5)
|
| options/nixos/services.sftpgo.settings.sftpd.bindings.*.address | Network listen address
|
| options/nixos/services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| options/nixos/services.mongodb.pidFile | Location of MongoDB pid file
|
| options/nixos/services.reposilite.settings.enforceSsl | Whether to redirect all traffic to SSL.
|
| options/nixos/services.parsedmarc.settings.elasticsearch.cert_path | The path to a TLS certificate bundle used to verify
the server's certificate.
|
| options/nixos/services.openvpn.servers.<name>.updateResolvConf | Use the script from the update-resolv-conf package to automatically
update resolv.conf with the DNS information provided by openvpn
|
| options/nixos/services.prometheus.exporters.redis.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.redis.openFirewall
is true
|
| options/nixos/services.stargazer.connectionLogging | Whether or not to log connections to stdout.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.dpd_delay | Interval to check the liveness of a peer actively using IKEv2
INFORMATIONAL exchanges or IKEv1 R_U_THERE messages
|
| options/nixos/services.parsedmarc.settings.elasticsearch.user | Username to use when connecting to Elasticsearch, if
required.
|
| options/nixos/services.tee-supplicant.trustedApplications | A list of full paths to trusted applications that will be loaded at
runtime by tee-supplicant.
|
| options/nixos/services.nsd.interfaces | What addresses the server should listen to.
|
| options/nixos/services.peertube.database.name | Database name.
|
| options/nixos/services.openvscode-server.enable | Whether to enable openvscode-server.
|
| options/nixos/services.rethinkdb.enable | Whether to enable RethinkDB server.
|
| options/nixos/services.snipe-it.mail.from.address | Mail "from" address.
|
| options/nixos/services.matrix-alertmanager.port | Port that matrix-alertmanager listens on.
|
| options/nixos/services.pixelfed.nginx.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| options/nixos/services.nextcloud.settings.mail_template_class | Replaces the default mail template layout
|
| options/nixos/services.prometheus.alertmanagerGotify.metrics.username | The username used to access your metrics.
|
| options/nixos/services.postgresqlWalReceiver.receivers.<name>.slot | Require pg_receivewal to use an existing replication slot (see
Section 26.2.6 of the PostgreSQL manual)
|
| options/nixos/services.matomo.nginx.forceSSL | Whether to add a separate nginx server block that redirects (defaults
to 301, configurable with redirectCode) all plain HTTP traffic to
HTTPS
|
| options/nixos/services.spark.master.restartIfChanged | Automatically restart master service on config change
|
| options/nixos/services.nomad.extraSettingsPaths | Additional settings paths used to configure nomad
|
| options/nixos/services.opentelemetry-collector.enable | Whether to enable Opentelemetry Collector.
|
| options/nixos/services.tlsrpt.fetcher.settings.storage | Path to the collectd sqlite database.
|
| options/nixos/services.salt.minion.enable | Whether to enable Salt configuration management system minion service.
|
| options/nixos/services.tinyproxy.settings | Configuration for tinyproxy.
|
| options/nixos/services.pipewire.wireplumber.extraScripts | Additional scripts for WirePlumber to be used by configuration files
|
| options/nixos/services.maubot.settings.plugin_directories.load | The directories from which plugins should be loaded
|
| options/nixos/services.nitter.server.hostname | Hostname of the instance.
|
| options/nixos/services.prometheus.exporters.graphite.mappingSettings | Mapping configuration for the exporter, see
https://github.com/prometheus/graphite_exporter#yaml-config for
available options.
|
| options/nixos/services.prometheus.exporters.rasdaemon.enabledCollectors | List of error types to collect from the event database.
|
| options/nixos/services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.oauth2.client_id | OAuth client ID.
|
| options/nixos/services.onlyoffice.jwtSecretFile | Path to a file that contains the secret to sign web requests using JSON Web Tokens
|
| options/nixos/services.miniflux.config.LISTEN_ADDR | Address to listen on
|
| options/nixos/services.qui.settings.host | The host address qui listens on.
|
| options/nixos/services.overseerr.openFirewall | Open a port in the firewall for the Overseerr web interface.
|
| options/nixos/services.locate.prunePaths | Which paths to exclude from indexing
|
| options/nixos/services.prometheus.exporters.nats.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.nats.openFirewall
is true
|
| options/nixos/services.snapper.configs.<name>.TIMELINE_CREATE | Defines whether hourly snapshots should be created.
|
| options/nixos/services.pomerium.secretsFile | Path to file containing secrets for Pomerium, in systemd
EnvironmentFile format
|
| options/nixos/services.prometheus.exporters.bitcoin.rpcPasswordFile | File containing RPC password.
|
| options/nixos/services.oauth2-proxy.keyFile | oauth2-proxy allows passing sensitive configuration via environment variables
|
| options/nixos/services.monado.forceDefaultRuntime | Whether to ensure that Monado is the active runtime set for the current
user
|
| options/nixos/services.rspamd.overrides.<name>.enable | Whether this file overrides should be generated
|
| options/nixos/services.printing.stateless | If set, all state directories relating to CUPS will be removed on
startup of the service.
|
| options/nixos/services.rustus.url | url path for uploads
|
| options/nixos/services.traefik.dataDir | Location for any persistent data traefik creates, ie. acme
|
| options/nixos/services.nsd.zones.<name>.dnssecPolicy.ksk | Key policy for key signing keys
|
| options/nixos/services.nextcloud.poolSettings | Options for nextcloud's PHP pool
|
| options/nixos/services.peertube-runner.instancesToRegister.<name>.runnerName | Runner name declared to the PeerTube instance.
|
| options/nixos/services.prometheus.scrapeConfigs.*.consul_sd_configs.*.services | A list of services for which targets are retrieved.
|
| options/nixos/services.nfs.server.enable | Whether to enable the kernel's NFS server.
|
| options/nixos/services.throttled.enable | Whether to enable fix for Intel CPU throttling.
|
| options/nixos/services.smokeping.sendmail | Use this sendmail compatible script to deliver alerts
|
| options/nixos/services.mackerel-agent.settings | Options for mackerel-agent.conf
|
| options/nixos/services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| options/nixos/services.nextcloud.config.objectstore.s3.verify_bucket_exists | Create the objectstore bucket if it does not exist.
|
| options/nixos/services.nomad.extraSettingsPlugins | Additional plugins dir used to configure nomad.
|
| options/nixos/services.minidlna.settings.wide_links | Set this to yes to allow symlinks that point outside user-defined media_dir.
|
| options/nixos/services.mysql.dataDir | The data directory for MySQL.
If left as the default value of /var/lib/mysql this directory will automatically be created before the MySQL
server starts, otherwise you are responsible for ensuring the directory exists with appropriate ownership and permissions.
|
| options/nixos/services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|