A host of an existing Let's Encrypt certificate to use

The python-matter-server package to use.

HTTP status used by globalRedirect and forceSSL

List of OCSP URIs

Whether to enable Moonraker, an API web server for Klipper.

Specify a filter for iptables to use when services.prometheus.exporters.ecoflow.openFirewall is true

Host bind IP address.

Differentiated Services Field Codepoint to set on outgoing IKE packets for this connection

Prefix added to the metric name.

Refresh interval to re-read the instance list

Extra commandline options to pass to the exportarr-sonarr exporter.

Filter can be used optionally to filter the instance list by other criteria Syntax of this filter string is described here in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list.

Default settings for lists (list-defaults.yml)

If set to "yes", using the bindings file /etc/multipath/bindings to assign a persistent and unique alias to the multipath, in the form of mpath

Set HttpOnly cookie flag.

Configure Subsonic to use this folder for music

Address to listen on.

Domain used for peer resolution.

CA certificate to validate API server certificate with.

Whether to run a correctness check for the configuration file

Enable status page reachable from localhost on http://127.0.0.1/nginx_status.

Listen address.

See torrc manual.

Name of ICMP pinging job.

This cell's database server records, added to the global CellServDB

Free-form configuration for script_exporter, expressed as a Nix attrset and rendered to YAML.

Migration note: The previous format using script = "sleep 5" is no longer supported

E-mail address of the server administrator.

Nebula network definitions.

Minecraft server properties for the server.properties file

Whether to enable HTTPS in addition to plain HTTP

The targets specified by the target group.

Host address on which to serve

Whether to enable the prometheus wireguard exporter.

Listen addresses for this virtual host

Disables automatic Universal Plug and Play.

Whether to enable Ombi, a web application that automatically gives your shared Plex or Emby users the ability to request content by themselves!

Optionally see https://docs.ombi.app/info/reverse-proxy on how to set up a reverse proxy .

Optional proxy URL.

Log level for Pinchflat.

How frequently metric metadata is sent to remote storage.

Number of days since data was last scrubbed before it can be scrubbed again.

Whether to enable the stunnel TLS tunneling service.

Table prefix in Nextcloud's database.

Note: since Nextcloud 20 it's not an option anymore to create a database schema with a custom table prefix

Inode calculation method. compat is computationally less expensive, but md5 greatly reduces the likelihood of inode collisions in larger scenarios involving multiple cells mounted into one AFS space.

Client-server API URL

See torrc manual.

Port number to listen on

Path to the directory where firewall rules can be found and will get stored by the NixOS module.

Extra command line options for the OpenSearch launcher.

Port to listen on.

Group under which privatebin runs

Whether to enable toxvpn running on startup.

Max qps allowed from any query source. 0 means unlimited

Directory for storing certificates to be used by Neo4j for TLS connections

Group under which the mqtt exporter shall be run.

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

The shiori package to use.

Publish contact information for this service

Specify a filter for iptables to use when services.prometheus.exporters.nginx.openFirewall is true

Optional proxy URL.

which update mechanism to use

Path to geoip.dat.

.env settings for Pixelfed

Salt minion configuration as Nix attribute set

Whether to enable the Systemd DNS resolver daemon (systemd-resolved).

List of attribute sets containing configuration for each domain

Regular expressions of files to exclude from sharing.

Address to listen on.

The project_id and project_name fields are optional for the Identity V2 API

TLS configuration.

Specify a filter for iptables to use when services.prometheus.exporters.zfs.openFirewall is true

Adds additional cheat protection to the server.

Configuration lines that will be appended to the generated ntopng configuration file

Listen on a UNIX socket at the specified path

IP on which redsocks should listen

User name under which the mikrotik exporter shall be run.

DNS_SERVERS variable.

Square profile pictures.

Authentication mechanism used for logins.

Whether to enable nostr-rs-relay.

The URL of the database (currently only SQLite is supported)

The name of the connection to mediate this connection through

Section defining complementary attributes of certification authorities, each in its own subsection with an arbitrary yet unique name

E-mail address of the server administrator.

Whether to enable mycelium network.

sched_nr_latency.

The tlsrpt-reporter package to use.

Upstream resolver(s) to use as fallback for non-loki addresses

See torrc manual.

Whether to enable a set of recommended Python plugins by installing extra Python packages.

Whether to enable Readeck.

Path to serve from the HTTP servers root.

Specify rules for nftables to add to the input chain when services.prometheus.exporters.keylight.openFirewall is true.

See the getting-started guide for available options.

Whether to enable Suwayomi, a free and open source manga reader server that runs extensions built for Tachiyomi.

Timeout, in seconds, after which an attempt to connect to the target or a protocol handshake will be aborted (and the connection dropped) if not completed

Opens up firewall port for communication between NetBird peers directly over LAN or public IP, without using (internet-hosted) TURN servers as intermediaries.

URL to the Origin

Path to a file containing the shared key.

The IPv4 address of the router.

Group under which the rtl_433 exporter shall be run.