| options/nixos/security.pam.zfs.homes | Prefix of home datasets
|
| options/nixos/hardware.openrazer.enable | Whether to enable OpenRazer drivers and userspace daemon
.
|
| options/nixos/services.flarum.adminUser | Username for first web application administrator
|
| options/nixos/services.selfoss.database.password | The database user's password (has no effect if type is "sqlite").
|
| options/nixos/services.athens.basicAuthUser | Username for basic auth.
|
| options/nixos/services.resilio.httpLogin | HTTP web login username.
|
| options/nixos/services.xserver.windowManager.exwm.loadScript | Emacs lisp code to be run after loading the user's init
file.
|
| options/home-manager/programs.hexchat.channels.<name>.password | Password to use
|
| options/nixos/services.kmscon.enable | Whether to enable kmscon as the virtual console instead of gettys.
kmscon is a kms/dri-based userspace virtual terminal implementation
|
| options/nixos/services.tee-supplicant.enable | Whether to enable OP-TEE userspace supplicant.
|
| options/nixos/services.hardware.bolt.enable | Whether to enable Bolt, a userspace daemon to enable
security levels for Thunderbolt 3 on GNU/Linux
|
| options/nixos/services.ncdns.enable | Whether to enable ncdns, a Go daemon to bridge Namecoin to DNS
|
| options/nixos/services.discourse.admin.passwordFile | A path to a file containing the admin user's password
|
| options/nixos/security.pam.loginLimits.*.domain | Username, groupname, or wildcard this limit applies to
|
| options/home-manager/programs.hexchat.channels.<name>.loginMethod | The login method
|
| options/nixos/services.mongodb.enableAuth | Enable client authentication
|
| options/nixos/services.nntp-proxy.upstreamUser | Upstream server username
|
| options/nixos/services.sniproxy.config | sniproxy.conf configuration excluding the daemon username and pid file.
|
| options/nixos/nix.sshServe.trusted | Whether to add nix-ssh to the nix.settings.trusted-users
|
| options/nixos/services.esdm.enableLinuxCompatServices | Enable /dev/random, /dev/urandom and /proc/sys/kernel/random/* userspace wrapper.
|
| options/nixos/security.pam.services.<name>.gnupg.enable | If enabled, pam_gnupg will attempt to automatically unlock the
user's GPG keys with the login password via
gpg-agent
|
| options/nixos/services.openssh.authorizedKeysCommand | Specifies a program to be used to look up the user's public
keys
|
| options/home-manager/services.syncthing.settings.folders.<name>.path | The path to the folder which should be shared
|
| options/nixos/services.freshrss.defaultUser | Default username for FreshRSS.
|
| options/nixos/services.tailscale.interfaceName | The interface name for tunnel traffic
|
| options/nixos/services.fcron.deny | Users forbidden from using fcron.
|
| options/nixos/services.displayManager.dms-greeter.configHome | Path to a user's home directory from which to copy DankMaterialShell
configuration files
|
| options/nixos/services.wasabibackend.customConfigFile | Defines the path to a custom configuration file that is copied to the user's directory
|
| options/nixos/services.davis.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.movim.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.slskd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/hardware.i2c.group | Grant access to i2c devices (/dev/i2c-*) to users in this group.
|
| options/home-manager/programs.zsh.dotDir | Directory where the zsh configuration and more should be located,
relative to the users home directory
|
| options/nixos/services.getty.autologinUser | Username of the account that will be automatically logged in at the console
|
| options/nixos/services.snipe-it.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.resilio.storagePath | Where BitTorrent Sync will store it's database files (containing
things like username info and licenses)
|
| options/nixos/programs.wireshark.enable | Whether to add Wireshark to the global environment and create a 'wireshark'
group
|
| options/nixos/services.logrotate.checkConfig | Whether the config should be checked at build time
|
| options/nixos/services.gancio.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.fluidd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.akkoma.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.matomo.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.monica.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.incron.deny | Users forbidden from using incrontab.
|
| options/nixos/services.prosody.modules.blocklist | Allow users to block communications with other users
|
| options/nixos/services.kmscon.autologinUser | Username of the account that will be automatically logged in at the console
|
| options/nixos/programs.cdemu.group | Group that users must be in to use cdemu.
|
| options/nixos/services.moodle.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| options/nixos/services.nagios.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| options/nixos/services.libinput.mouse.buttonMapping | Sets the logical button mapping for this device, see XSetPointerMapping(3)
|
| options/nixos/services.grafana.settings.database.password | The database user's password (not applicable for sqlite3)
|
| options/nixos/services.cadvisor.storageDriverUser | Cadvisor storage driver username.
|
| options/home-manager/launchd.agents.<name>.config.InitGroups | This optional key specifies whether initgroups(3) should be called before running the job
|
| options/nixos/programs.wireshark.usbmon.enable | Whether to allow users in the 'wireshark' group to capture USB traffic
|
| options/nixos/programs.wireshark.dumpcap.enable | Whether to allow users in the 'wireshark' group to capture network traffic
|
| options/nixos/services.tor.relay.role | Your role in Tor network
|
| options/nixos/services.httpd.virtualHosts.<name>.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| options/nixos/security.pam.services.<name>.limits.*.domain | Username, groupname, or wildcard this limit applies to
|
| options/nixos/services.znc.confOptions.passBlock | Generate with nix-shell -p znc --command "znc --makepass"
|
| options/nixos/programs.fuse.mountMax | Set the maximum number of FUSE mounts allowed to non-root users.
|
| options/nixos/services.oauth2-proxy.google.adminEmail | The Google Admin to impersonate for API calls
|
| options/nixos/programs.ryzen-monitor-ng.enable | Whether to enable ryzen_monitor_ng, a userspace application for setting and getting Ryzen SMU (System Management Unit) parameters via the ryzen_smu kernel driver
|
| options/nixos/services.syncplay.maxUsernameLength | Maximum number of characters in a username.
|
| options/nixos/services.fcron.allow | Users allowed to use fcrontab and fcrondyn (one name per
line, all for everyone).
|
| options/nixos/services.agorakit.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.librenms.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.dolibarr.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.fediwall.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.kanboard.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.mainsail.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.pixelfed.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.libinput.touchpad.buttonMapping | Sets the logical button mapping for this device, see XSetPointerMapping(3)
|
| options/nixos/services.guix.nrBuildUsers | Number of Guix build users to be used in the build pool.
|
| options/nixos/services.microsocks.authUsername | Optional username to use for authentication.
|
| options/nixos/services.mautrix-meta.instances | Configuration of multiple mautrix-meta instances.
services.mautrix-meta.instances.facebook and services.mautrix-meta.instances.instagram
come preconfigured with network.mode, appservice.id, bot username, display name and avatar.
|
| options/nixos/services.tor.torsocks.socks5Username | SOCKS5 username
|
| options/nixos/services.zabbixWeb.httpd.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| options/nixos/services.radicle.httpd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/security.sudo.enable | Whether to enable the sudo command, which
allows non-root users to execute commands as root.
|
| options/nixos/security.doas.enable | Whether to enable the doas command, which allows
non-root users to execute commands as root.
|
| options/nixos/services.deye-dummycloud.mqttUsername | MQTT username
|
| options/nixos/services.drupal.sites.<name>.virtualHost.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| options/nixos/services.anuko-time-tracker.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.nginx.virtualHosts.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.oauth2-proxy.htpasswd.displayForm | Display username / password login form if an htpasswd file is provided.
|
| options/nixos/services.warpgate.databaseUrlFile | Path to file containing database connection string with credentials
|
| options/nixos/services.anuko-time-tracker.settings.email.smtpUser | MTA authentication username.
|
| options/nixos/services.ntopng.enable | Enable ntopng, a high-speed web-based traffic analysis and flow
collection tool
|
| options/nixos/programs.ydotool.group | Group which users must be in to use ydotool.
|
| options/nixos/security.ipa.shells | List of shells which binaries should be installed to /bin/
|
| options/nixos/services.syncplay.chat | Chat with users in the same room.
|
| options/nixos/security.pam.services.<name>.googleAuthenticator.forwardPass | The authentication provides a single field requiring
the user's password followed by the one-time password (OTP).
|
| options/nixos/services.bookstack.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.onlyoffice.postgresUser | The username OnlyOffice should use to connect to Postgresql
|
| options/darwin/launchd.agents.<name>.serviceConfig.InitGroups | This optional key specifies whether initgroups(3) should be called before running the job
|
| options/nixos/services.vsftpd.localUsers | Whether to enable FTP for local users.
|
| options/nixos/security.ipa.ifpAllowedUids | A list of users allowed to access the ifp dbus interface.
|
| options/nixos/hardware.sane.enable | Enable support for SANE scanners.
Users in the "scanner" group will gain access to the scanner, or the "lp" group if it's also a printer.
|
| options/nixos/security.sudo-rs.enable | Whether to enable a memory-safe implementation of the sudo command,
which allows non-root users to execute commands as root
.
|
| options/nixos/services.vlagent.remoteWrite.basicAuthUsername | Basic Auth username used to connect to remote_write endpoint
|