| options/home-manager/programs.ssh.matchBlocks.<name>.port | Specifies port number to connect on remote host.
|
| options/nixos/security.pam.services.<name>.howdy.enable | Whether to enable the Howdy PAM module
|
| options/nixos/services.drupal.sites.<name>.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| options/nixos/services.kerberos_server.settings.realms.<name>.acl.*.target | The principals that 'access' applies to.
|
| options/nixos/services.iodine.clients.<name>.passwordFile | Path to a file containing the password.
|
| options/nixos/services.davis.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.restic.backups.<name>.passwordFile | Read the repository password from a file.
|
| options/nixos/services.movim.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.slskd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/home-manager/services.podman.containers.<name>.userNS | Use a user namespace for the container.
|
| options/home-manager/services.restic.backups.<name>.passwordFile | A file containing the repository password.
|
| options/nixos/services.httpd.virtualHosts.<name>.extraConfig | These lines go to httpd.conf verbatim
|
| options/nixos/services.borgbackup.jobs.<name>.group | The group borg is run as
|
| options/home-manager/programs.hexchat.channels.<name>.nickname | Primary nickname.
|
| options/darwin/launchd.user.agents.<name>.command | Command executed as the service's main process.
|
| options/nixos/services.restic.backups.<name>.rcloneConfig | Configuration for the rclone remote being used for backup
|
| options/nixos/power.ups.ups.<name>.maxStartDelay | This can be set as a global variable above your first UPS
definition and it can also be set in a UPS section
|
| options/nixos/services.anubis.instances.<name>.policy | Anubis policy configuration
|
| options/nixos/services.geoclue2.appConfig.<name>.isAllowed | Whether the application will be allowed access to location information.
|
| options/nixos/services.drupal.sites.<name>.virtualHost.listen.*.ip | IP to listen on. 0.0.0.0 for IPv4 only, * for all.
|
| options/nixos/services.netbird.tunnels.<name>.login.enable | Whether to enable automated login for NetBird client.
|
| options/nixos/services.netbird.clients.<name>.login.enable | Whether to enable automated login for NetBird client.
|
| options/nixos/services.h2o.hosts.<name>.tls.redirectCode | HTTP status used by globalRedirect & forceSSL
|
| options/nixos/power.ups.ups.<name>.directives | List of configuration directives for this UPS.
|
| options/nixos/networking.fooOverUDP.<name>.port | Local port of the encapsulation UDP socket.
|
| options/nixos/services.authelia.instances.<name>.settings.telemetry.metrics.address | The address to listen on for metrics
|
| options/nixos/services.spiped.config.<name>.waitForDNS | Wait for DNS
|
| options/nixos/services.wstunnel.servers.<name>.package | The wstunnel package to use.
|
| options/nixos/services.wstunnel.clients.<name>.package | The wstunnel package to use.
|
| options/nixos/services.rke2.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| options/home-manager/accounts.email.accounts.<name>.mujmap.settings.tags.important | Tag for notmuch to use for messages stored in the mailbox labeled with the
Important name attribute and/or with the $Important
keyword
|
| options/nixos/containers.<name>.extraVeths | Extra veth-pairs to be created for the container.
|
| options/home-manager/programs.fish.binds.<name>.command | command that will be execute
|
| options/nixos/services.borgbackup.jobs.<name>.postPrune | Shell commands to run after borg prune.
|
| options/nixos/services.tor.settings.ServerDNSAllowNonRFC953Hostnames | See torrc manual.
|
| options/home-manager/programs.obsidian.defaultSettings.cssSnippets.*.name | Name of the snippet.
|
| options/home-manager/services.podman.containers.<name>.image | The container image.
|
| options/nixos/services.hostapd.radios.<name>.wifi4.enable | Enables support for IEEE 802.11n (WiFi 4, HT)
|
| options/nixos/services.hostapd.radios.<name>.wifi7.enable | Enables support for IEEE 802.11be (WiFi 7, EHT)
|
| options/nixos/services.dokuwiki.sites.<name>.plugins | List of path(s) to respective plugin(s) which are copied into the 'plugin' directory.
These plugins need to be packaged before use, see example.
|
| options/nixos/services.drupal.sites.<name>.virtualHost.onlySSL | Whether to enable HTTPS and reject plain HTTP connections
|
| options/nixos/security.wrappers.<name>.group | The group of the wrapper program.
|
| options/nixos/security.wrappers.<name>.owner | The owner of the wrapper program.
|
| options/darwin/programs.tmux.tmuxOptions.<name>.text | Text of the file.
|
| options/nixos/systemd.sockets.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| options/nixos/systemd.targets.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| options/nixos/services.openvpn.servers.<name>.config | Configuration of this OpenVPN instance
|
| options/nixos/services.netbird.clients.<name>.autoStart | Start the service with the system
|
| options/nixos/services.netbird.tunnels.<name>.autoStart | Start the service with the system
|
| options/nixos/services.bepasty.servers.<name>.extraConfig | Extra configuration for bepasty server to be appended on the
configuration.
see https://bepasty-server.readthedocs.org/en/latest/quickstart.html#configuring-bepasty
for all options.
|
| options/nixos/services.hostapd.radios.<name>.wifi5.require | Require stations (clients) to support WiFi 5 (VHT) and disassociate them if they don't.
|
| options/nixos/services.hostapd.radios.<name>.wifi4.require | Require stations (clients) to support WiFi 4 (HT) and disassociate them if they don't.
|
| options/nixos/services.firezone.server.provision.accounts.<name>.policies.<name>.resource | The resource to which access should be allowed.
|
| options/nixos/environment.etc.<name>.text | Text of the file.
|
| options/darwin/environment.etc.<name>.text | Text of the file.
|
| options/nixos/services.tarsnap.archives.<name>.maxbwRateDown | Download bandwidth rate limit in bytes.
|
| options/nixos/services.tinc.networks.<name>.listenAddress | The ip address to listen on for incoming connections.
|
| options/nixos/boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.user | The user of the file
|
| options/nixos/users.extraUsers.<name>.subGidRanges.*.startGid | Start of the range of subordinate group ids that user is
allowed to use.
|
| options/nixos/users.extraUsers.<name>.subUidRanges.*.startUid | Start of the range of subordinate user ids that user is
allowed to use.
|
| options/home-manager/programs.fish.binds.<name>.enable | Whether to enable enable the bind
|
| options/home-manager/services.kanshi.profiles.<name>.outputs.*.criteria | The criteria can either be an output name, an output description or "*"
|
| options/nixos/users.ldap.base | The distinguished name of the search base.
|
| options/nixos/services.hostapd.radios.<name>.driver | The driver hostapd will use.
nl80211 is used with all Linux mac80211 drivers.
none is used if building a standalone RADIUS server that does
not control any wireless/wired driver
|
| options/nixos/services.redis.servers.<name>.masterAuth | If the master is password protected (using the requirePass configuration)
it is possible to tell the slave to authenticate before starting the replication synchronization
process, otherwise the master will refuse the slave request.
(STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
|
| options/nixos/services.anki-sync-server.users.*.username | User name accepted by anki-sync-server.
|
| options/nixos/services.firewalld.zones.<name>.sourcePorts | Source ports to allow in the zone.
|
| options/nixos/services.firewalld.zones.<name>.sources.*.mac | A MAC address.
|
| options/nixos/services.snipe-it.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.wyoming.piper.servers.<name>.noiseScale | Generator noise value.
|
| options/home-manager/services.unison.pairs.<name>.stateDirectory | Unison state directory to use.
|
| options/nixos/security.acme.certs.<name>.postRun | Commands to run after new certificates go live
|
| options/home-manager/programs.librewolf.profiles.<name>.extensions.settings.<name>.permissions | Allowed permissions for this extension
|
| options/darwin/launchd.daemons.<name>.serviceConfig.Sockets.<name>.SockProtocol | This optional key specifies the protocol to be passed to socket(2)
|
| options/home-manager/accounts.email.accounts.<name>.mujmap.settings.tags | Tag configuration
|
| options/nixos/services.xserver.displayManager.lightdm.greeters.slick.cursorTheme.name | Name of the cursor theme to use for the lightdm-slick-greeter.
|
| options/nixos/services.postfix.masterConfig.<name>.wakeup | Automatically wake up the service after the specified number of
seconds
|
| options/nixos/systemd.user.services.<name>.requisite | Similar to requires
|
| options/nixos/services.nextcloud.config.dbname | Database name.
|
| options/nixos/services.snapper.configs.<name>.ALLOW_USERS | List of users allowed to operate with the config. "root" is always
implicitly included
|
| options/nixos/services.fedimintd.<name>.nginx.path_ws | Path to host the API on and forward to the daemon's api port
|
| options/nixos/services.drupal.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| options/nixos/security.acme.certs.<name>.email | Email address for account creation and correspondence from the CA
|
| options/nixos/services.buildkite-agents.<name>.package | The buildkite-agent package to use.
|
| options/darwin/services.buildkite-agents.<name>.package | Which buildkite-agent derivation to use
|
| options/home-manager/services.podman.networks.<name>.internal | Whether the network should be internal
|
| options/home-manager/programs.obsidian.vaults.<name>.settings.corePlugins | Core plugins to activate.
|
| options/nixos/services.hostapd.radios.<name>.channel | The channel to operate on
|
| options/nixos/networking.sits.<name>.local | The address of the local endpoint which the remote
side should send packets to.
|
| options/nixos/boot.initrd.luks.devices.<name>.device | Path of the underlying encrypted block device.
|
| options/nixos/services.znapzend.zetup.<name>.mbuffer.size | The size for mbuffer
|
| options/nixos/services.firewalld.services.<name>.ports.*.port | |
| options/nixos/services.mpdscribble.endpoints.<name>.username | Username for the scrobble service.
|
| options/home-manager/services.mpdscribble.endpoints.<name>.username | Username for the scrobble service.
|
| options/nixos/services.nylon.<name>.nrConnections | The number of allowed simultaneous connections to the daemon, default 10.
|
| options/nixos/services.ytdl-sub.instances.<name>.readWritePaths | List of paths that ytdl-sub can write to.
|
| options/nixos/services.borgbackup.repos.<name>.user | The user borg serve is run as
|
| options/nixos/services.dsnet.settings.ExternalHostname | The hostname that clients should use to connect to this server
|
| options/nixos/systemd.services.<name>.confinement.mode | The value full-apivfs (the default) sets up
private /dev, /proc,
/sys, /tmp and /var/tmp file systems
in a separate user name space
|
| options/nixos/systemd.user.paths.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|