| options/nixos/services.drupal.sites.<name>.virtualHost.sslServerCert | Path to server SSL certificate.
|
| options/nixos/services.prometheus.exporters.node-cert.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.node-cert.openFirewall is true.
|
| options/nixos/services.pingvin-share.hostname | The domain name of your instance
|
| options/nixos/services.firewalld.services.<name>.short | Short description for the service.
|
| options/nixos/services.firewalld.zones.<name>.services | Services to allow in the zone.
|
| options/nixos/services.kmonad.keyboards.<name>.device | Path to the keyboard's device file.
|
| options/nixos/services.firewalld.zones.<name>.icmpBlocks | ICMP types to block in the zone.
|
| options/nixos/services.dokuwiki.sites.<name>.mergedConfig | Read only representation of the final configuration.
|
| options/nixos/services.restic.backups.<name>.progressFps | Controls the frequency of progress reporting.
|
| options/home-manager/services.restic.backups.<name>.progressFps | Controls the frequency of progress reporting.
|
| options/nixos/services.nebula.networks.<name>.tun.disable | When tun is disabled, a lighthouse can be started without a local tun interface (and therefore without root).
|
| options/nixos/services.k3s.autoDeployCharts.<name>.enable | Whether to enable the installation of this Helm chart
|
| options/nixos/services.firezone.server.provision.accounts.<name>.groups.<name>.forceMembers | Ensure that only the given members are part of this group at every server start.
|
| options/nixos/security.acme.certs.<name>.postRun | Commands to run after new certificates go live
|
| options/nixos/programs.tsmClient.servers.<name>.servername | Local name of the IBM TSM server,
must not contain space or more than 64 chars.
|
| options/nixos/services.jupyterhub.kernels.<name>.language | Language of the environment
|
| options/nixos/services.acme-dns.settings.general.nsname | Zone name server.
|
| options/nixos/services.quicktun.<name>.localAddress | IP address or hostname of the local end.
|
| options/nixos/services.tarsnap.archives.<name>.period | Create archive at this interval
|
| options/home-manager/services.restic.backups.<name>.extraBackupArgs | Extra arguments passed to restic backup
|
| options/nixos/services.nginx.virtualHosts.<name>.listen | Listen addresses and ports for this virtual host
|
| options/nixos/systemd.services.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| options/home-manager/fonts.fontconfig.configFile.<name>.label | Label to use for the name of the config file.
|
| options/nixos/systemd.user.services.<name>.serviceConfig | Each attribute in this set specifies an option in the
[Service] section of the unit
|
| options/nixos/services.fluidd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.gancio.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.akkoma.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.matomo.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.monica.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.hostapd.radios.<name>.channel | The channel to operate on
|
| options/nixos/services.hostapd.radios.<name>.wifi7.enable | Enables support for IEEE 802.11be (WiFi 7, EHT)
|
| options/nixos/services.dokuwiki.sites.<name>.plugins | List of path(s) to respective plugin(s) which are copied into the 'plugin' directory.
These plugins need to be packaged before use, see example.
|
| options/nixos/services.hostapd.radios.<name>.wifi4.enable | Enables support for IEEE 802.11n (WiFi 4, HT)
|
| options/nixos/services.snipe-it.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| options/nixos/services.lemmy.settings.hostname | The domain name of your instance (eg 'lemmy.ml').
|
| options/nixos/fileSystems.<name>.encrypted.label | Label of the unlocked encrypted device
|
| options/nixos/services.orangefs.server.fileSystems.<name>.id | File system ID (must be unique within configuration).
|
| options/nixos/services.bluemap.storage.<name>.storage-type | Type of storage config
|
| options/nixos/services.awstats.configs.<name>.hostAliases | List of aliases the site has.
|
| options/nixos/services.opkssh.providers.<name>.clientId | OAuth client ID
|
| options/nixos/services.pgbackrest.repos.<name>.sftp-host | SFTP repository host
|
| options/nixos/services.redis.servers.<name>.databases | Set the number of databases.
|
| options/nixos/services.wordpress.sites.<name>.package | The wordpress package to use.
|
| options/nixos/security.pki.useCompatibleBundle | Whether to enable usage of a compatibility bundle
|
| options/nixos/services.inadyn.settings.custom.<name>.ddns-path | DDNS server path
|
| options/nixos/services.firewalld.settings.FirewallBackend | The firewall backend implementation
|
| options/nixos/services.tinc.networks.<name>.hostSettings.<name>.subnets.*.address | The subnet of this host
|
| options/nixos/services.restic.backups.<name>.extraOptions | Extra extended options to be passed to the restic --option flag.
|
| options/nixos/security.acme.certs.<name>.email | Email address for account creation and correspondence from the CA
|
| options/nixos/systemd.paths.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| options/nixos/systemd.paths.<name>.pathConfig | Each attribute in this set specifies an option in the
[Path] section of the unit
|
| options/nixos/services.github-runners.<name>.workDir | Working directory, available as $GITHUB_WORKSPACE during workflow runs
and used as a default for repository checkouts
|
| options/home-manager/launchd.agents.<name>.config.Label | This required key uniquely identifies the job to launchd.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.Sockets.<name>.SockPathName | This optional key implies SockFamily is set to "Unix"
|
| options/nixos/services.hostapd.radios.<name>.networks | This defines a BSS, colloquially known as a WiFi network
|
| options/nixos/hardware.alsa.cardAliases.<name>.id | The ID of the sound card
|
| options/nixos/services.borgbackup.jobs.<name>.group | The group borg is run as
|
| options/nixos/services.httpd.virtualHosts.<name>.extraConfig | These lines go to httpd.conf verbatim
|
| options/nixos/security.pam.services.<name>.kwallet.package | The kwallet-pam package to use.
|
| options/nixos/services.sabnzbd.settings.servers.<name>.ssl | Whether the server supports TLS
|
| options/nixos/services.znapzend.zetup.<name>.mbuffer.enable | Whether to use mbuffer.
|
| options/nixos/services.github-runners.<name>.enable | Whether to enable GitHub Actions runner
|
| options/darwin/services.github-runners.<name>.enable | Whether to enable GitHub Actions runner
|
| options/nixos/services.drupal.sites.<name>.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| options/nixos/services.neo4j.ssl.policies.<name>.tlsVersions | Restrict the TLS protocol versions of this policy to those
defined here.
|
| options/nixos/services.wyoming.piper.servers.<name>.speaker | ID of a specific speaker in a multi-speaker model.
|
| options/nixos/services.prometheus.exporters.script.settings.scripts.*.name | Name of the script.
|
| options/nixos/services.fedimintd.<name>.nginx.config.quic | Whether to enable the QUIC transport protocol
|
| options/nixos/services.httpd.virtualHosts.<name>.forceSSL | Whether to add a separate nginx server block that permanently redirects (301)
all plain HTTP traffic to HTTPS
|
| options/home-manager/services.podman.containers.<name>.user | The user ID inside the container.
|
| options/home-manager/services.podman.containers.<name>.exec | The command to run after the container start.
|
| options/nixos/services.vdirsyncer.jobs.<name>.enable | Whether to enable this vdirsyncer job.
|
| options/home-manager/launchd.agents.<name>.config.Sockets.<name>.SecureSocketWithKey | This optional key is a variant of SockPathName
|
| options/nixos/services.restic.backups.<name>.rcloneConfig | Configuration for the rclone remote being used for backup
|
| options/nixos/networking.vlans.<name>.id | The vlan identifier
|
| options/nixos/services.kanata.keyboards.<name>.extraArgs | Extra command line arguments passed to kanata.
|
| options/home-manager/services.podman.networks.<name>.extraConfig | INI sections and values to populate the Network Quadlet
|
| options/nixos/systemd.user.paths.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| options/nixos/systemd.user.paths.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| options/nixos/services.home-assistant.config.homeassistant.name | Name of the location where Home Assistant is running.
|
| options/nixos/services.kanidm.provision.systems.oauth2.<name>.displayName | Display name
|
| options/nixos/services.hostapd.radios.<name>.wifi6.require | Require stations (clients) to support WiFi 6 (HE) and disassociate them if they don't.
|
| options/nixos/security.acme.certs.<name>.validMinDays | Minimum remaining validity before renewal in days.
|
| options/home-manager/programs.ssh.matchBlocks.<name>.setEnv | Environment variables and their value to send to the server.
|
| options/nixos/networking.sits.<name>.dev | The underlying network device on which the tunnel resides.
|
| options/darwin/launchd.agents.<name>.command | Command executed as the service's main process.
|
| options/nixos/systemd.slices.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| options/nixos/systemd.timers.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| options/nixos/services.wyoming.piper.servers.<name>.lengthScale | Phoneme length value.
|
| options/nixos/services.prometheus.exporters.statsd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.statsd.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.shelly.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.shelly.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.pihole.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.pihole.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.fastly.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.fastly.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.tibber.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.tibber.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.chrony.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.chrony.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.domain.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.domain.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.deluge.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.deluge.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.restic.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.restic.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.mysqld.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.mysqld.openFirewall is true.
|
| options/nixos/services.prometheus.exporters.dnssec.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dnssec.openFirewall is true.
|