This configuration file only applies to hosts NOT listed with this key

These lines go to the end of the location verbatim.

These lines go to the end of the location verbatim.

These lines go to the end of the location verbatim.

These lines go to the end of the vhost verbatim.

These lines go to the end of the location verbatim.

These lines go to the end of the location verbatim.

Whether to enable synchronization using pimsync.

Whether the service's sockets and storage directory is restricted to be only available via the mail system

A script that produces a list of files to back up

Before resuming, execute this shell script

Whether to automatically prune old snapshots.

Additional command line options as a dictionary to pass to the unison program

Description of this unit used in systemd messages and progress indicators.

Description of this unit used in systemd messages and progress indicators.

Absolute path to a directory where builds will be stored in context of selected executor (Locally, Docker, SSH).

Absolute path to a directory where builds will be stored in context of selected executor (Locally, Docker, SSH).

This optional key specifies whether the kernel should consider this daemon to be low priority when doing file system I/O.

If enabled, pam_wallet will attempt to automatically unlock the user's default KDE wallet upon login

Attribute set of values for the given modem

Path to the directory with database, registration, and other data for the bridge service

This optional key specifies whether the job participates in advanced communication with launchd

When a job dies, launchd kills any remaining processes with the same process group ID as the job

Whether this is the primary account

The token from your Buildkite "Agents" page

The token from your Buildkite "Agents" page

This optional key causes the job to be started every N seconds

List of certificate candidates to use for authentication

Hardened service:

• runs as a dedicated user with minimal set of permissions (see caveats),
• restricts daemon configuration socket access to dedicated user group (you can grant access to it with users.users."<user>".extraGroups = [ netbird-‹name› ]),

Even though the local system resources access is restricted:

• CAP_NET_RAW, CAP_NET_ADMIN and CAP_BPF still give unlimited network manipulation possibilites,
• older kernels don't have CAP_BPF and use CAP_SYS_ADMIN instead,

Known security features that are not (yet) integrated into the module:

• 2024-02-14: rosenpass is an experimental feature configurable solely through --enable-rosenpass flag on the netbird up command, see the docs

Hardened service:

• runs as a dedicated user with minimal set of permissions (see caveats),
• restricts daemon configuration socket access to dedicated user group (you can grant access to it with users.users."<user>".extraGroups = [ netbird-‹name› ]),

Even though the local system resources access is restricted:

• CAP_NET_RAW, CAP_NET_ADMIN and CAP_BPF still give unlimited network manipulation possibilites,
• older kernels don't have CAP_BPF and use CAP_SYS_ADMIN instead,

Known security features that are not (yet) integrated into the module:

• 2024-02-14: rosenpass is an experimental feature configurable solely through --enable-rosenpass flag on the netbird up command, see the docs

This key was used in Mac OS X 10.4 to control whether a job was kept alive or not

An arbitrary list of items such as derivations

Adds try_files directive.

Adds try_files directive.

Root directory for requests.

Adds try_files directive.

Adds try_files directive.

Adds try_files directive.

Adds try_files directive.

Adds try_files directive.

vdirsyncer's status path

The color for the terminal cursor.

Whether the service is chrooted to have only access to the services.postfix.queueDir and the closure of store paths specified by the program option.

Grants all permissions in the associated organization.

install policy for the worker (always, if-not-present, never, prompt)

Paths to keyboard devices

The path of Apache's document root directory

Groups the user for this buildkite agent should belong to

Create the repository if it doesn't exist.

The volumes to mount into the container.

The devices to mount into the container

The (optional) compose key to use.

Remote store extra configuration.

Sync data.

general configuration

Enable recommended proxy settings.

Enable recommended uwsgi settings.

This optional key specifies whether initgroups(3) should be called before running the job

Runner name declared to the PeerTube instance.

The static host map defines a set of hosts with fixed IP addresses on the internet (or any network)

Whether the service should be reloaded during a NixOS configuration switch if its definition has changed

This optional key specifies whether the kernel should consider this daemon to be low priority when doing file system I/O.

All relay groups to provision

Extra args append to the easytier command-line.

Whether to enable setting individual kill switch.

Specifies port number to bind to.

Only consider archive names starting with this prefix for pruning

Command to run after become backup, the interface name, virtual address and optional extra parameters are passed as arguments.

The password to store inside the credentials file.

Socket type: 'unix', 'tcp' or 'tcp6'.

User to be set as owner of the UNIX socket.

The video-format to write to output-stream.

IRC server password, such as for a Slack gateway.

Extra packages to add to PATH of the service to make them available to workflows.

Extra packages to add to PATH of the service to make them available to workflows.

An extra list of directories that is bound to the container.

Whether to enable the installation of this Helm chart

When recursive is enabled, adds -ignorelinks flag to lndir

It causes lndir to not treat symbolic links in the source directory specially

Use fast/weak handshaking: This reduces the CPU time spent in the initial connection setup, at the expense of losing perfect forward secrecy.

Priority of a calendar used for coloring (calendar with highest priority is preferred).

Password to use

Configuration to add to this i3status module

The name that will appear in the server list. $g_xonoticversion gets replaced with the current version.

A human-readable description of this metric.

If set, the service will register a new session with systemd's login manager

Configuration of defcfg other than linux-dev (generated from the devices option) and linux-continue-if-no-devs-found (hardcoded to be yes)

Extra configuration that is appended to the end of the file. Do not write ids section here, use a separate option for it

The token value

List of CA certificates to accept for authentication

Use HTTPS for the tunnel server.

List of groups this person should belong to.

Advanced options to pass to zfs send

Advanced options to pass to zfs recv

Each attribute in this set specifies an option in the [DHCPServer] section of the unit

Each attribute in this set specifies an option in the [PFIFOHeadDrop] section of the unit

An arbitrary list of items such as derivations

The full path to the PEM encoded TLS certificate

The full path to the PEM encoded TLS certificate

Whether this account uses maildir folders or IMAP mailboxes

Wether to enable VictoriaMetrics's vmalert.

vmalert evaluates alerting and recording rules against a data source, sends notifications via Alertmanager.