| options/nixos/systemd.user.services.<name>.startLimitBurst | Configure unit start rate limiting
|
| options/nixos/services.prometheus.exporters.lnd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.lnd.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.pve.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pve.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.zfs.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.zfs.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.nut.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nut.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.sql.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.sql.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.frr.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.frr.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.kea.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.kea.openFirewall is true.
|
| options/nixos/services.i2pd.ifname4 | IPv4 interface to bind to.
|
| options/nixos/services.i2pd.ifname6 | IPv6 interface to bind to.
|
| options/nixos/services.nylon.<name>.bindInterface | Tell nylon which interface to use as an uplink, default is "enp3s0f0".
|
| options/nixos/services.fedimintd.<name>.nginx.enable | Whether to configure nginx for fedimintd
|
| options/nixos/services.httpd.virtualHosts.<name>.sslServerCert | Path to server SSL certificate.
|
| options/home-manager/services.pizauth.accounts.<name>.tokenUri | The OAuth2 server's token URI.
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.Sockets.<name>.SockType | This optional key tells launchctl what type of socket to create
|
| options/nixos/services.kanidm.provision.persons.<name>.displayName | Display name
|
| options/nixos/services.kimai.sites.<name>.database.charset | Database charset.
|
| options/home-manager/programs.autorandr.profiles.<name>.config.<name>.mode | Output resolution.
|
| options/home-manager/programs.autorandr.profiles.<name>.config.<name>.rate | Output framerate.
|
| options/nixos/services.fedimintd.<name>.nginx.config.root | The path of the web root directory.
|
| options/nixos/services.drupal.sites.<name>.virtualHost.listen.*.ip | IP to listen on. 0.0.0.0 for IPv4 only, * for all.
|
| options/nixos/services.netbird.tunnels.<name>.login.enable | Whether to enable automated login for NetBird client.
|
| options/nixos/services.netbird.clients.<name>.login.enable | Whether to enable automated login for NetBird client.
|
| options/nixos/boot.initrd.systemd.users.<name>.group | Group the user belongs to in initrd.
|
| options/nixos/boot.initrd.systemd.users.<name>.shell | The path to the user's shell in initrd.
|
| options/nixos/services.hostapd.radios.<name>.wifi5.enable | Enables support for IEEE 802.11ac (WiFi 5, VHT)
|
| options/nixos/services.tarsnap.archives.<name>.maxbw | Abort archival if upstream bandwidth usage in bytes
exceeds this threshold.
|
| options/nixos/services.vdirsyncer.jobs.<name>.user | User account to run vdirsyncer as, otherwise as a systemd
dynamic user
|
| options/nixos/systemd.services.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| options/nixos/services.restic.backups.<name>.pruneOpts | A list of options (--keep-* et al.) for 'restic forget
--prune', to automatically prune old snapshots
|
| options/nixos/services.fedimintd.<name>.api_ws.port | TCP Port to bind on for API connections relayed by the reverse proxy/tls terminator.
|
| options/nixos/services.xserver.displayManager.lightdm.greeters.slick.cursorTheme.name | Name of the cursor theme to use for the lightdm-slick-greeter.
|
| options/darwin/launchd.user.agents.<name>.script | Shell commands executed as the service's main process.
|
| options/nixos/services.gitlab-runner.services.<name>.tagList | Tag list
|
| options/nixos/services.vdirsyncer.jobs.<name>.group | group to run vdirsyncer as
|
| options/nixos/services.fedimintd.<name>.nginx.config.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| options/nixos/services.wstunnel.servers.<name>.listen.host | The hostname.
|
| options/nixos/services.wstunnel.servers.<name>.listen.port | The port.
|
| options/nixos/services.icecast.hostname | DNS name or IP address that will be used for the stream directory lookups or possibly the playlist generation if a Host header is not provided.
|
| options/nixos/services.fedimintd.<name>.nginx.config | Overrides to the nginx vhost section for api
|
| options/nixos/services.sympa.domains.<name>.webLocation | URL path part of the web interface.
|
| options/nixos/services.davis.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.slskd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.movim.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/home-manager/services.activitywatch.watchers.<name>.settingsFilename | The filename of the generated settings file
|
| options/nixos/services.firezone.server.provision.accounts.<name>.policies.<name>.group | The group which should be allowed access to the given resource.
|
| options/nixos/users.users.<name>.packages | The set of packages that should be made available to the user
|
| options/darwin/users.users.<name>.packages | The set of packages that should be made availabe to the user
|
| options/home-manager/accounts.email.accounts.<name>.userName | The server username of this account
|
| options/nixos/systemd.user.paths.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| options/nixos/systemd.user.timers.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| options/nixos/systemd.user.slices.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| options/nixos/systemd.user.units.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| options/nixos/image.repart.partitions.<name>.contents.<name>.source | Path of the source file.
|
| options/home-manager/launchd.agents.<name>.config | Define a launchd job
|
| options/nixos/systemd.slices.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| options/nixos/systemd.timers.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| options/nixos/security.pam.services.<name>.limits.*.domain | Username, groupname, or wildcard this limit applies to
|
| options/nixos/services.k3s.autoDeployCharts.<name>.extraDeploy | List of extra Kubernetes manifests to deploy with this Helm chart.
|
| options/home-manager/programs.claude-code.skills | Custom skills for Claude Code
|
| options/nixos/services.znapzend.zetup.<name>.mbuffer.size | The size for mbuffer
|
| options/nixos/services.rspamd.workers.<name>.extraConfig | Additional entries to put verbatim into worker section of rspamd config file.
|
| options/nixos/services.dokuwiki.sites.<name>.poolConfig | Options for the DokuWiki PHP pool
|
| options/nixos/services.nntp-proxy.users.<name>.passwordHash | SHA-512 password hash (can be generated by
mkpasswd -m sha-512 <password>)
|
| options/nixos/systemd.user.sockets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| options/nixos/systemd.user.targets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| options/nixos/services.gitwatch.<name>.message | Optional text to use in as commit message; all occurrences of %d will be replaced by formatted date/time
|
| options/darwin/launchd.agents.<name>.serviceConfig.Sockets.<name>.SockPathName | This optional key implies SockFamily is set to "Unix"
|
| options/nixos/services.blockbook-frontend.<name>.certFile | To enable SSL, specify path to the name of certificate files without extension
|
| options/home-manager/services.kanshi.profiles.<name>.outputs | Outputs configuration.
|
| options/nixos/services.ax25.axports.<name>.callsign | The callsign of the physical interface to bind to.
|
| options/nixos/services.uhub.<name>.plugins.*.settings | Settings specific to this plugin.
|
| options/nixos/systemd.user.sockets.<name>.wants | Start the specified units when this unit is started.
|
| options/nixos/systemd.user.targets.<name>.wants | Start the specified units when this unit is started.
|
| options/nixos/services.suricata.settings.outputs.*.<name>.enabled | Whether to enable .
|
| options/nixos/services.xserver.xkb.extraLayouts.<name>.geometryFile | The path to the xkb geometry file
|
| options/nixos/services.fedimintd.<name>.dataDir | Path to the data dir fedimintd will use to store its data
|
| options/nixos/services.postfix.settings.master.<name>.type | The type of the service
|
| options/nixos/services.pgbackrest.repos.<name>.host | Repository host when operating remotely
|
| options/nixos/services.prometheus.exporters.knot.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.knot.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.node.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.node.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.snmp.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.snmp.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.ping.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ping.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.ipmi.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ipmi.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.flow.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.flow.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.ebpf.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.ebpf.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.json.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.json.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.bind.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.bind.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.mail.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mail.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.mqtt.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mqtt.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.bird.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.bird.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.nats.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.nats.openFirewall is true.
|
| options/nixos/services.dokuwiki.sites.<name>.phpOptions | Options for PHP's php.ini file for this dokuwiki site.
|
| options/nixos/services.httpd.virtualHosts.<name>.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| options/nixos/services.rspamd.workers.<name>.bindSockets | List of sockets to listen, in format acceptable by rspamd
|
| options/nixos/services.tinc.networks.<name>.bindToAddress | The ip address to bind to (both listen on and send packets from).
|
| options/nixos/services.drupal.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| options/nixos/users.users.<name>.useDefaultShell | If true, the user's shell will be set to
users.defaultUserShell.
|
| options/home-manager/programs.autorandr.profiles.<name>.config.<name>.crtc | Output video display controller.
|
| options/nixos/services.buildkite-agents.<name>.tags | Tags for the agent.
|