| options/nixos/services.headscale.settings.dns.extra_records.*.name | DNS record name.
|
| options/nixos/services.tahoe.introducers.<name>.tub.port | The port on which the introducer will listen.
|
| options/nixos/services.fedimintd.<name>.nginx.config.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/systemd.network.networks.<name>.enhancedTransmissionSelectionConfig | Each attribute in this set specifies an option in the
[EnhancedTransmissionSelection] section of the unit
|
| options/nixos/services.openssh.knownHosts.<name>.extraHostNames | A list of additional host names and/or IP numbers used for
accessing the host's ssh service
|
| options/nixos/services.wstunnel.servers.<name>.useACMEHost | Use a certificate generated by the NixOS ACME module for the given host
|
| options/nixos/services.buildkite-agents.<name>.shell | Command that buildkite-agent 3 will execute when it spawns a shell.
|
| options/nixos/services.nylon.<name>.acceptInterface | Tell nylon which interface to listen for client requests on, default is "lo".
|
| options/darwin/services.buildkite-agents.<name>.shell | Command that buildkite-agent 3 will execute when it spawns a shell.
|
| options/nixos/services.blockbook-frontend.<name>.rpc.url | URL for JSON-RPC connections.
|
| options/nixos/services.jupyterhub.kernels.<name>.env | Environment variables to set for the kernel.
|
| options/nixos/services.sanoid.datasets.<name>.autosnap | Whether to automatically take snapshots.
|
| options/nixos/services.prosody.virtualHosts.<name>.enabled | Whether to enable the virtual host
|
| options/nixos/services.wstunnel.clients.<name>.connectTo | Server address and port to connect to.
|
| options/nixos/services.webhook.hooks.<name>.execute-command | The command that should be executed when the hook is triggered.
|
| options/home-manager/services.podman.containers.<name>.group | The group ID inside the container.
|
| options/home-manager/services.podman.containers.<name>.ports | A mapping of ports between host and container
|
| options/nixos/systemd.targets.<name>.upholds | Keeps the specified running while this unit is running
|
| options/nixos/systemd.sockets.<name>.upholds | Keeps the specified running while this unit is running
|
| options/nixos/services.jibri.xmppEnvironments.<name>.call.login.username | User part of the JID for the recorder.
|
| options/nixos/services.radicle.httpd.nginx.locations.<name>.root | Root directory for requests.
|
| options/nixos/services.kanata.keyboards.<name>.config | Configuration other than defcfg
|
| options/nixos/services.wordpress.sites.<name>.poolConfig | Options for the WordPress PHP pool
|
| options/nixos/services.fedimintd.<name>.nginx.config.onlySSL | Whether to enable HTTPS and reject plain HTTP connections
|
| options/nixos/services.firezone.server.provision.accounts.<name>.resources.<name>.filters | A list of filter to restrict traffic
|
| options/nixos/services.spiped.config.<name>.resolveRefresh | Resolution refresh time for the target socket, in seconds.
|
| options/nixos/services.znapzend.zetup.<name>.destinations.<name>.postsend | Command to run after sending the snapshot to the destination
|
| options/nixos/boot.specialFileSystems.<name>.enable | Whether to enable the filesystem mount.
|
| options/nixos/services.bepasty.servers.<name>.secretKey | server secret for safe session cookies, must be set
|
| options/nixos/services.nginx.virtualHosts.<name>.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| options/nixos/services.nsd.zones.<name>.dnssecPolicy.algorithm | Which algorithm to use for DNSSEC
|
| options/nixos/services.akkoma.frontends.<name>.package | Akkoma frontend package.
|
| options/nixos/services.sanoid.templates.<name>.monthly | Number of monthly snapshots.
|
| options/nixos/services.vdirsyncer.jobs.<name>.configFile | existing configuration file
|
| options/nixos/systemd.user.services.<name>.restartIfChanged | Whether the service should be restarted during a NixOS
configuration switch if its definition has changed.
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.LimitLoadFromHosts | This configuration file only applies to hosts NOT listed with this key
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.rsa.<name>.file | File name in the rsa folder for which this passphrase
should be used.
|
| options/home-manager/accounts.email.accounts.<name>.imap.tls | Configuration for secure connections.
|
| options/home-manager/accounts.email.accounts.<name>.smtp.tls | Configuration for secure connections.
|
| options/nixos/services.snipe-it.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| options/nixos/services.firezone.server.provision.accounts.<name>.auth | All authentication providers to provision
|
| options/nixos/services.tahoe.nodes.<name>.storage.reservedSpace | The amount of filesystem space to not use for storage.
|
| options/nixos/virtualisation.oci-containers.containers.<name>.networks | Networks to attach the container to
|
| options/darwin/launchd.daemons.<name>.serviceConfig.OnDemand | This key was used in Mac OS X 10.4 to control whether a job was kept alive or not
|
| options/nixos/services.v4l2-relayd.instances.<name>.enable | Whether to enable this v4l2-relayd instance.
|
| options/nixos/users.extraUsers.<name>.description | A short description of the user account, typically the
user's full name
|
| options/nixos/systemd.user.slices.<name>.sliceConfig | Each attribute in this set specifies an option in the
[Slice] section of the unit
|
| options/nixos/services.rsync.jobs.<name>.destination | Destination directory.
|
| options/darwin/launchd.agents.<name>.serviceConfig.LimitLoadFromHosts | This configuration file only applies to hosts NOT listed with this key
|
| options/nixos/services.anubis.instances.<name>.settings.METRICS_BIND | The address Anubis' metrics server listens to
|
| options/nixos/services.firezone.server.provision.accounts.<name>.resources.<name>.address | The address of this resource
|
| options/home-manager/xdg.desktopEntries.<name>.actions | The set of actions made available to application launchers.
|
| options/nixos/services.fedimintd.<name>.nginx.config.listen.*.ssl | Enable SSL.
|
| options/nixos/services.drupal.sites.<name>.virtualHost.extraConfig | These lines go to httpd.conf verbatim
|
| options/nixos/services.gitlab-runner.services.<name>.description | Name/description of the runner.
|
| options/nixos/services.anubis.instances.<name>.settings.SERVE_ROBOTS_TXT | Whether to serve a default robots.txt that denies access to common AI bots by name and all other
bots by wildcard.
|
| options/darwin/services.buildkite-agents.<name>.hooks.pre-exit | The pre-exit hook will run just before your build job finishes
|
| options/home-manager/services.podman.machines.<name>.rootful | Whether to run the machine in rootful mode
|
| options/nixos/services.wstunnel.servers.<name>.enableHTTPS | Use HTTPS for the tunnel server.
|
| options/nixos/services.errbot.instances.<name>.plugins | List of errbot plugin derivations.
|
| options/nixos/services.restic.backups.<name>.inhibitsSleep | Prevents the system from sleeping while backing up.
|
| options/nixos/services.rke2.autoDeployCharts.<name>.extraDeploy | List of extra Kubernetes manifests to deploy with this Helm chart.
|
| options/nixos/systemd.user.sockets.<name>.upholds | Keeps the specified running while this unit is running
|
| options/nixos/systemd.user.targets.<name>.upholds | Keeps the specified running while this unit is running
|
| options/nixos/systemd.network.links.<name>.enable | Whether to enable this .link unit
|
| options/nixos/boot.initrd.luks.devices.<name>.yubikey | The options to use for this LUKS device in YubiKey-PBA
|
| options/nixos/systemd.paths.<name>.startLimitBurst | Configure unit start rate limiting
|
| options/nixos/services.fedimintd.<name>.api_iroh.bind | Address to bind on for Iroh endpoint for API connections
|
| options/nixos/services.syncoid.commands.<name>.useCommonArgs | Whether to add the configured common arguments to this command.
|
| options/home-manager/services.muchsync.remotes.<name>.local.importNew | Whether to begin the synchronisation by running
notmuch new locally.
|
| options/nixos/services.firewalld.services.<name>.ports.*.port | |
| options/nixos/services.borgbackup.repos.<name>.group | The group borg serve is run as
|
| options/nixos/systemd.user.services.<name>.enableDefaultPath | Whether to append a minimal default PATH environment variable to the service, containing common system utilities.
|
| options/nixos/services.znapzend.zetup.<name>.postsnap | Command to run after snapshots are taken on the source dataset,
e.g. for database unlocking
|
| options/nixos/services.fedimintd.<name>.nginx.config.kTLS | Whether to enable kTLS support
|
| options/home-manager/launchd.agents.<name>.config.Umask | This optional key specifies what value should be passed to umask(2) before running the job
|
| options/home-manager/accounts.email.accounts.<name>.gpg.key | The key to use as listed in gpg --list-keys.
|
| options/nixos/services.snapserver.streams.<name>.type | The type of input stream.
|
| options/home-manager/services.xsuspender.rules.<name>.resumeFor | Resume duration in seconds.
|
| options/nixos/services.jibri.xmppEnvironments.<name>.control.muc.roomName | The room name of the MUC to connect to for control.
|
| options/nixos/systemd.services.<name>.confinement.mode | The value full-apivfs (the default) sets up
private /dev, /proc,
/sys, /tmp and /var/tmp file systems
in a separate user name space
|
| options/nixos/security.pam.services.<name>.gnupg.enable | If enabled, pam_gnupg will attempt to automatically unlock the
user's GPG keys with the login password via
gpg-agent
|
| options/nixos/services.rshim.device | Specify the device name to attach
|
| options/nixos/services.inadyn.settings.custom.<name>.include | File to include additional settings for this provider from.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.InitGroups | This optional key specifies whether initgroups(3) should be called before running the job
|
| options/nixos/systemd.sockets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| options/nixos/systemd.targets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| options/nixos/systemd.sockets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| options/nixos/systemd.targets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| options/home-manager/services.kanshi.profiles.<name>.outputs.*.criteria | The criteria can either be an output name, an output description or "*"
|
| options/home-manager/accounts.email.accounts.<name>.imap | The IMAP configuration to use for this account.
|
| options/home-manager/accounts.email.accounts.<name>.smtp | The SMTP configuration to use for this account.
|
| options/home-manager/accounts.email.accounts.<name>.jmap | The JMAP configuration to use for this account.
|
| options/nixos/services.wstunnel.clients.<name>.extraArgs | Extra command line arguments to pass to wstunnel
|
| options/nixos/services.wstunnel.servers.<name>.extraArgs | Extra command line arguments to pass to wstunnel
|
| options/nixos/services.borgbackup.jobs.<name>.postHook | Shell commands to run just before exit
|
| options/nixos/services.logcheck.ignoreCron.<name>.cmdline | Command line for the cron job
|
| options/nixos/services.fedimintd.<name>.nginx.config.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| options/nixos/services.buildkite-agents.<name>.enable | Whether to enable this buildkite agent
|
| options/darwin/services.buildkite-agents.<name>.enable | Whether to enable this buildkite agent
|