Basic Auth password file for a vhost

Whether to install and set up mouse-actions and it's udev rules

Only applies if sslEnable is true

Basic Auth password file for a vhost

The username value that you have to provide when authenticating.

Enables Kerberos PAM modules (pam-krb5, pam-ccreds)

Sets the Authorization header on every remote write request with the configured username and password. password and password_file are mutually exclusive.

Apple menu > System Preferences > Users and Groups > Login Options

Disables the “Restart” option when users are logged in

Enable acpilight

If set, the pam_mysql module will be used to authenticate users against a MySQL/MariaDB database.

Kea Control Agent configuration as a path, see https://kea.readthedocs.io/en/kea-3.0.2/arm/agent.html

Secrets like SECRET_KEY_BASE and BASIC_AUTH_PASSWORD should be passed to the service without adding them to the world-readable Nix store

Basic Auth password file for a vhost

Whether to enable tailscale.nginx-auth, to authenticate users via tailscale.

Apple menu > System Preferences > Users and Groups > Login Options

Displays login window as a name and password field instead of a list of users

Whether to try to create home directories for users with $HOMEs pointing to nonexistent locations on session login.

"From" address used when sending emails to users.

"From" address used when sending Emails to users.

Only applies if sslEnable is true

Basic Auth password file for a vhost

Path to the working directory (used for config and pidfile)

Welcome users who register accounts

Basic Auth password file for a vhost

Sets the Authorization header on every scrape request with the configured username and password. password and password_file are mutually exclusive.

This controls the hostname for the 9front authentication server that users will be authenticated against.

A list of users which will not be shown in the display manager.

If set, users listed in ~/.yubico/authorized_yubikeys are able to log in with the associated Yubikey tokens.

Seed settings for users and groups

If enabled, starts a Terraria server

Basic Auth username used to protect VictoriaTraces instance by authorization

Enable or disable TTY auditing for specified users

Endpoint IP or hostname of the peer, followed by a colon, and then a port number of the peer

Whether to add Soundmodem to the global environment and configure a wrapper for 'soundmodemconfig' for users in the 'soundmodem' group.

Whether to enable API access for mobile apps and third-party clients (Google Reader API and Fever API)

Install the SPICE USB redirection helper with setuid privileges

Basic Auth password file for a vhost

Define resource limits that should apply to users or groups

Send announcement to all online users

Whether to enable provisioning of groups, users and oauth2 resource servers.

Window class translation rules. /etc/X11/imwheelrc is generated based on this config which means this config is global for all users

This depends on mail_smtpauth

Whether to enable udev rules for devices supported by libjaylink

Whether to enable tailscale.nginx-auth, to authenticate nginx users via tailscale.

Whether users of the wheel group must provide a password to run commands or edit files with please and pleaseedit respectively.

Whether to enable non-root access to the firmware of UHK keyboards

If set, users listed in $XDG_CONFIG_HOME/Yubico/u2f_keys (or $HOME/.config/Yubico/u2f_keys if XDG variable is not set) are able to log in with the associated U2F key

Whether any uploads are permitted to anonymous users.

An attribute set that maps aliases (the top level attribute names in this option) to command strings or directly to build outputs

The bare JID of the gateway administrator

If specified, login is allowed only for the listed users

Allow users to register on this server using a client and change passwords

Users and proxy configuration

Refer to the Tuliprox documentation for available attributes

Basic Auth username used to protect VictoriaMetrics instance by authorization

Allow all users to access the FUSE mount points

If set, users with an SSH certificate containing an authorized principal in their SSH agent are able to log in

If specified, login is denied for all listed users

Gives the verbosity level that is used when logging messages from sshd(8)

List of public signing keys of users that can access the admin panel

Enable font antialiasing

Whether to enable the Howdy PAM module

Initial preferences are used to configure the browser for the first run

An attribute set that maps aliases (the top level attribute names in this option) to command strings or directly to build outputs

List of users allowed to operate with the config. "root" is always implicitly included

Whether local users are confined to their home directory.

Whether any uploads are permitted to anonymous users.

Basic Auth password file for a vhost

Path to the configuration file containing authorized users credentials to run iperf tests.

Launch Hyprland with the UWSM (Universal Wayland Session Manager) session manager

If specified, login is allowed only for users part of the listed groups

List of reporter objects used to present build status to various users.

If specified, login is denied for all users part of the listed groups

Enable hardened VirtualBox, which ensures that only the binaries in the system path get access to the devices exposed by the kernel modules instead of all users in the vboxusers group.

Do minification on public static files which reduces the size of assets — saving data for the server & users as well as offering a performance improvement

Enable if you want to fetch all, even the read messages from the server

Username for authentication against JFrog Artifactory API.

A file containing the secret used to encrypt session keys

All listed users will become part of the firezone-client group so they can control the tunnel service

A list of paths that should be included in the system closure but generally not visible to users

Basic Auth password file for a vhost

A file containing the secret used to encrypt secrets for OTP tokens

Enable if you want to delete read messages from the server

This is the URL that users will enter to load your instance

Enable font hinting

Maximum amount of users which will be allowed to register on this system. 0 - no limit.

This is optional and is by default off, because most users will not need it

A list of users who should be able to integrate 1Password with polkit-based authentication mechanisms.

Don't allow users to connect in non-secure mode (without random padding).

Outgoing email for notifications generated by users.

Frontend configuration

Path to a file containing extra ntfy environment variables in the systemd EnvironmentFile format

Client XAuth username used in the XAuth exchange.

Name of the remote read config, which if specified must be unique among remote read configs

Outgoing email for notifications generated by users.

Whether to enable nonpaying users to submit builds.

The set of packages that appear in /run/current-system/sw

The set of packages that appear in /run/current-system/sw

SFTP private key file

Name of the remote write config, which if specified must be unique among remote write configs

The lmtp daemon will make the unix socket group-read/write for users in this group.

Username to use for SMTP authentication.