| options/nixos/security.pam.services.<name>.allowNullPassword | Whether to allow logging into accounts that have no password
set (i.e., have an empty password field in
/etc/passwd or
/etc/group)
|
| options/nixos/systemd.timers.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| options/nixos/systemd.slices.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| options/nixos/services.anubis.instances | An attribute set of Anubis instances
|
| options/nixos/services.snipe-it.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| options/nixos/services.librenms.database.username | Name of the user on the MySQL/MariaDB server
|
| options/nixos/systemd.paths.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| options/nixos/services.i2pd.proto.http.hostname | Expected hostname for WebUI.
|
| options/nixos/security.acme.certs.<name>.server | ACME Directory Resource URI
|
| options/nixos/services.dolibarr.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.librenms.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.kanboard.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.fediwall.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.bookstack.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| options/nixos/services.agorakit.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.mainsail.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.pixelfed.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.wordpress.sites.<name>.virtualHost.sslServerChain | Path to server SSL chain file.
|
| options/nixos/services.httpd.virtualHosts.<name>.listenAddresses | Listen addresses for this virtual host
|
| options/nixos/security.wrappers.<name>.enable | Whether to enable the wrapper.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.Sockets.<name>.SecureSocketWithKey | This optional key is a variant of SockPathName
|
| options/home-manager/programs.ssh.matchBlocks.<name>.host | Host pattern used by this conditional block
|
| options/nixos/users.extraUsers.<name>.isNormalUser | Indicates whether this is an account for a “real” user
|
| options/nixos/power.ups.ups.<name>.description | Description of the UPS.
|
| options/nixos/services.borgbackup.jobs.<name>.failOnWarnings | Fail the whole backup job if any borg command returns a warning
(exit code 1), for example because a file changed during backup.
|
| options/nixos/services.anuko-time-tracker.nginx.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| options/nixos/services.anuko-time-tracker.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| options/nixos/systemd.user.paths.<name>.startLimitBurst | Configure unit start rate limiting
|
| options/nixos/services.v4l2-relayd.instances.<name>.extraPackages | Extra packages to add to GST_PLUGIN_PATH for the instance.
|
| options/home-manager/services.muchsync.remotes.<name>.frequency | How often to run muchsync
|
| options/nixos/services.tarsnap.archives.<name>.cachedir | The cache allows tarsnap to identify previously stored data
blocks, reducing archival time and bandwidth usage
|
| options/nixos/services.tor.relay.onionServices.<name>.settings.RendPostPeriod | See torrc manual.
|
| options/home-manager/programs.firefoxpwa.profiles.<name>.sites.<name>.desktopEntry.icon | Icon to display in file manager, menus, etc.
|
| options/home-manager/accounts.email.accounts.<name>.imap.tls | Configuration for secure connections.
|
| options/home-manager/accounts.email.accounts.<name>.smtp.tls | Configuration for secure connections.
|
| options/nixos/services.reposilite.database.dbname | Database name.
|
| options/nixos/services.nebula.networks.<name>.firewall.outbound | Firewall rules for outbound traffic.
|
| options/nixos/security.acme.certs.<name>.enableDebugLogs | Whether to enable debug logging for this certificate.
|
| options/nixos/systemd.paths.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| options/nixos/systemd.units.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| options/nixos/services.namecoind.rpc.port | Port the RPC server will bind to.
|
| options/nixos/services.snapserver.streams.<name>.sampleFormat | Default sample format.
|
| options/home-manager/programs.autorandr.profiles.<name>.config.<name>.transform | Refer to
xrandr(1)
for the documentation of the transform matrix.
|
| options/nixos/services.influxdb2.provision.organizations.<name>.auths.<name>.writeBuckets | The organization's buckets which should be allowed to be written
|
| options/nixos/services.openbao.settings.listener.<name>.address | The TCP address or UNIX socket path to listen on.
|
| options/nixos/systemd.user.sockets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| options/nixos/systemd.user.targets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| options/nixos/systemd.user.targets.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| options/nixos/systemd.user.sockets.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| options/darwin/programs.vim.vimOptions.<name>.enable | Whether this file should be generated
|
| options/home-manager/programs.sftpman.mounts.<name>.sshKey | Path to the SSH key to use for authentication
|
| options/nixos/services.armagetronad.servers.<name>.dns | DNS address to use for this server
|
| options/nixos/services.invoiceplane.sites.<name>.enable | Whether to enable InvoicePlane web application.
|
| options/home-manager/programs.librewolf.profiles.<name>.containers.<name>.color | Container color.
|
| options/nixos/services.grafana.provision.alerting.templates.settings.templates.*.name | Name of the template, must be unique
|
| options/nixos/services.jirafeau.nginxConfig.locations.<name>.tryFiles | Adds try_files directive.
|
| options/nixos/services.borgbackup.repos.<name>.allowSubRepos | Allow clients to create repositories in subdirectories of the
specified path
|
| options/nixos/systemd.slices.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| options/nixos/systemd.nspawn.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| options/nixos/systemd.timers.<name>.enable | If set to false, this unit will be a symlink to
/dev/null
|
| options/home-manager/programs.gemini-cli.commands.<name>.prompt | The prompt that will be sent to the Gemini model when the command is executed
|
| options/nixos/services.samba-wsdd.hostname | Override (NetBIOS) hostname to be used (default hostname).
|
| options/nixos/services.simplesamlphp.<name>.libDir | Path to the SimpleSAMLphp library directory.
|
| options/nixos/users.users.<name>.linger | Whether to enable or disable lingering for this user
|
| options/nixos/services.firewalld.zones.<name>.sourcePorts.*.protocol | |
| options/nixos/services.syncthing.settings.folders.<name>.path | The path to the folder which should be shared
|
| options/home-manager/xdg.dataFile.<name>.executable | Set the execute bit
|
| options/nixos/services.cjdns.ETHInterface.connectTo.<name>.password | Authorized password to the opposite end of the tunnel.
|
| options/nixos/services.cjdns.UDPInterface.connectTo.<name>.password | Authorized password to the opposite end of the tunnel.
|
| options/home-manager/programs.ssh.matchBlocks.<name>.checkHostIP | Check the host IP address in the
known_hosts file.
|
| options/nixos/services.rke2.autoDeployCharts.<name>.targetNamespace | The namespace in which the Helm chart gets installed.
|
| options/nixos/services.rke2.autoDeployCharts.<name>.createNamespace | Whether to create the target namespace if not present.
|
| options/nixos/networking.fooOverUDP.<name>.local | Local address (and optionally device) to bind to using the given port.
|
| options/nixos/users.extraUsers.<name>.isSystemUser | Indicates if the user is a system user or not
|
| options/nixos/services.movim.h2o.serverName | Server name to be used for this virtual host
|
| options/nixos/services.gitea-actions-runner.instances.<name>.enable | Whether to enable Gitea Actions Runner instance.
|
| options/nixos/services.wordpress.sites.<name>.virtualHost.extraConfig | These lines go to httpd.conf verbatim
|
| options/nixos/security.wrappers.<name>.source | The absolute path to the program to be wrapped.
|
| options/nixos/services.frigate.settings.cameras.<name>.ffmpeg.inputs.*.path | Stream URL
|
| options/darwin/programs.tmux.tmuxOptions.<name>.source | Path of the source file.
|
| options/home-manager/programs.sftpman.mounts.<name>.authType | The authentication method to use.
|
| options/nixos/users.mysql.pam.userColumn | The name of the column that contains a unix login name.
|
| options/nixos/services.netbird.tunnels.<name>.dns-resolver.address | An explicit address that NetBird will serve *.netbird.cloud. (usually) entries on
|
| options/nixos/services.netbird.clients.<name>.dns-resolver.address | An explicit address that NetBird will serve *.netbird.cloud. (usually) entries on
|
| options/nixos/services.angrr.settings.profile-policies.<name>.enable | Whether to enable this angrr policy.
|
| options/nixos/services.tor.relay.onionServices.<name>.authorizeClient | See torrc manual.
|
| options/nixos/services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.values | A set of columns that will be used as values of this metric.
|
| options/nixos/services.prometheus.exporters.sql.configuration.jobs.<name>.queries.<name>.labels | A set of columns that will be used as Prometheus labels.
|
| options/nixos/services.kanidm.provision.systems.oauth2.<name>.public | Whether this is a public client (enforces PKCE, doesn't use a basic secret)
|
| options/home-manager/programs.streamlink.plugins.<name>.settings | Configuration for the specific plugin, written to
$XDG_CONFIG_HOME/streamlink/config. (linux) or
Library/Application Support/streamlink/config. (darwin).
|
| options/nixos/security.pam.services.<name>.setEnvironment | Whether the service should set the environment variables
listed in environment.sessionVariables
using pam_env.so.
|
| options/home-manager/accounts.email.accounts.<name>.gpg.key | The key to use as listed in gpg --list-keys.
|
| options/nixos/services.fedimintd.<name>.nginx.config.reuseport | Create an individual listening socket
|
| options/nixos/boot.initrd.luks.devices.<name>.yubikey | The options to use for this LUKS device in YubiKey-PBA
|
| options/nixos/services.sanoid.datasets.<name>.processChildrenOnly | Whether to only snapshot child datasets if recursing.
|
| options/nixos/services.spiped.config.<name>.disableKeepalives | Disable transport layer keep-alives.
|
| options/nixos/services.github-runners.<name>.tokenFile | The full path to a file which contains either
- a fine-grained personal access token (PAT),
- a classic PAT
- or a runner registration token
Changing this option or the tokenFile’s content triggers a new runner registration
|
| options/nixos/services.gitlab-runner.services.<name>.maximumTimeout | What is the maximum timeout (in seconds) that will be set for
job when using this Runner. 0 (default) simply means don't limit
|
| options/nixos/services.warpgate.settings.sso_providers.*.name | Internal identifier of SSO provider.
|
| options/nixos/systemd.user.sockets.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|