| options/nixos/services.scrutiny.settings.web.influxdb.port | The port of the InfluxDB instance.
|
| options/nixos/services.roon-server.enable | Whether to enable Roon Server.
|
| options/nixos/services.moosefs.client.enable | Whether to enable MooseFS client.
|
| options/nixos/services.peering-manager.ldapConfigPath | Path to the Configuration-File for LDAP-Authentication, will be loaded as ldap_config.py
|
| options/nixos/services.thanos.query.store.sd-dns-interval | Interval between DNS resolutions
|
| options/nixos/services.thanos.downsample.tracing.config-file | Path to YAML file that contains tracing configuration
|
| options/nixos/services.prometheus.exporters.ecoflow.ecoflowEmailFile | Path to the file with your personal ecoflow app login email address
|
| options/nixos/services.pixelfed.nginx.listen.*.proxyProtocol | Enable PROXY protocol.
|
| options/nixos/services.tt-rss.logDestination | Log destination to use
|
| options/nixos/services.rmfakecloud.extraSettings | Extra settings in the form of a set of key-value pairs
|
| options/nixos/services.prometheus.scrapeConfigs.*.http_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| options/nixos/services.mackerel-agent.autoRetirement | Whether to enable retiring the host upon OS shutdown
.
|
| options/nixos/services.mysql.dataDir | The data directory for MySQL.
If left as the default value of /var/lib/mysql this directory will automatically be created before the MySQL
server starts, otherwise you are responsible for ensuring the directory exists with appropriate ownership and permissions.
|
| options/nixos/services.pixelfed.nginx.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| options/nixos/services.pixiecore.openFirewall | Open ports (67, 69, 4011 UDP and 'port', 'statusPort' TCP) in the firewall for Pixiecore.
|
| options/nixos/services.prometheus.exporters.dovecot.group | Group under which the dovecot exporter shall be run.
|
| options/nixos/services.netbird.server.coturn.enable | Whether to enable a Coturn server for Netbird, will also open the firewall on the configured range.
|
| options/nixos/services.prosody.modules.legacyauth | Legacy authentication
|
| options/nixos/services.outline.oidcAuthentication.clientId | Authentication client identifier.
|
| options/nixos/services.prosody.extraModules | Enable custom modules
|
| options/nixos/services.prometheus.exporters.restic.group | Group under which the restic exporter shall be run.
|
| options/nixos/services.prometheus.exporters.idrac.configurationPath | Path to the service's config file
|
| options/nixos/services.quickwit.restartIfChanged | Automatically restart the service on config change
|
| options/nixos/services.reposilite.keyPasswordFile | Path the the file containing the password used to unlock the Java KeyStore file specified in services.reposilite.settings.keyPath
|
| options/nixos/services.pdns-recursor.dns.port | Port number Recursor DNS server will bind to.
|
| options/nixos/services.pixelfed.nginx.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| options/nixos/services.prometheus.exporters.sabnzbd.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.sabnzbd.openFirewall is true.
|
| options/nixos/services.unpoller.prometheus.http_listen | Bind the prometheus exporter to this IP or hostname.
|
| options/nixos/services.sillytavern.configFile | Path to the SillyTavern configuration file.
|
| options/nixos/services.paperless.consumptionDirIsPublic | Whether all users can write to the consumption dir.
|
| options/nixos/services.sillytavern.enable | Whether to enable sillytavern.
|
| options/nixos/services.tahoe.nodes.<name>.sftpd.accounts.file | Path to the accounts file.
|
| options/nixos/services.redis.servers.<name>.save | The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes
|
| options/nixos/services.prometheus.exporters.mail.configuration | Specify the mailexporter configuration file to use.
|
| options/nixos/services.tor.settings.DirPort | See torrc manual.
|
| options/nixos/services.qui.enable | Whether to enable qui.
|
| options/nixos/services.mealie.package | The mealie package to use.
|
| options/nixos/services.scion.scion-control.settings | scion-control configuration
|
| options/nixos/services.nexus.enable | Whether to enable Sonatype Nexus3 OSS service.
|
| options/nixos/services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| options/nixos/services.opencloud.idpWebPackage | The idp-web package to use.
|
| options/nixos/services.netbird.clients.<name>.environment | Environment for the netbird service, used to pass configuration options.
|
| options/nixos/services.pulseaudio.tcp.port | TCP connection port
|
| options/nixos/services.pgbackrest.commands.expire | Options for the 'expire' command
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.ntlm.<name>.secret | Value of the NTLM secret, which is the NT Hash of the actual secret,
that is, MD4(UTF-16LE(secret))
|
| options/nixos/services.prometheus.scrapeConfigs.*.linode_sd_configs.*.oauth2.client_id | OAuth client ID.
|
| options/nixos/services.movim.database.name | Database name.
|
| options/nixos/services.ncps.cache.storage.s3.accessKeyIdPath | The path to a file containing only the access-key-id.
|
| options/nixos/services.prometheus.exporters.klipper.extraFlags | Extra commandline options to pass to the klipper exporter.
|
| options/nixos/services.nebula.networks.<name>.listen.host | IP address to listen on.
|
| options/nixos/services.nvme-rs.settings.email.smtp_password_file | File containing SMTP password
|
| options/nixos/services.prometheus.exporters.unpoller.controllers.*.save_sites | Collect and save site data.
|
| options/nixos/services.tt-rss.feedCryptKey | Key used for encryption of passwords for password-protected feeds
in the database
|
| options/nixos/services.pufferpanel.extraPackages | Packages to add to the PATH environment variable
|
| options/nixos/services.malcontent.enable | Whether to enable Malcontent, parental control support for applications.
|
| options/nixos/services.prometheus.exporters.ping.settings | Configuration for ping_exporter, see
https://github.com/czerwonk/ping_exporter
for supported values.
|
| options/nixos/services.nncp.daemon.socketActivation.listenStreams | TCP sockets to bind to
|
| options/nixos/services.scion.enable | Whether to enable all of the scion components and services.
|
| options/nixos/services.prometheus.exporters.mqtt.logLevel | Logging level
|
| options/nixos/services.umami.package | The umami package to use.
|
| options/nixos/services.neo4j.bolt.enable | Enable the BOLT connector for Neo4j
|
| options/nixos/services.pdnsd.serverConfig | Server configuration that should be added to the server directory
of pdnsd.conf.
|
| options/nixos/services.prometheus.exporters.deluge.delugeUser | User to connect to deluge server.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.revocation | Certificate revocation policy for CRL or OCSP revocation.
- A
strict revocation policy fails if no revocation information is
available, i.e. the certificate is not known to be unrevoked.
ifuri fails only if a CRL/OCSP URI is available, but certificate
revocation checking fails, i.e. there should be revocation information
available, but it could not be obtained.- The default revocation policy
relaxed fails only if a certificate is
revoked, i.e. it is explicitly known that it is bad
|
| options/nixos/services.prometheus.exporters.dovecot.openFirewall | Open port in firewall for incoming connections.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.auth | Authentication to perform locally.
- The default
pubkey uses public key authentication
using a private key associated to a usable certificate.
psk uses pre-shared key authentication.- The IKEv1 specific
xauth is used for XAuth or Hybrid
authentication,
- while the IKEv2 specific
eap keyword defines EAP
authentication.
- For
xauth, a specific backend name may be appended,
separated by a dash
|
| options/nixos/services.nextcloud.package | Which package to use for the Nextcloud instance.
|
| options/nixos/services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.refresh_interval | Polling interval
|
| options/nixos/services.movim.nginx.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| options/nixos/services.monica.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| options/nixos/services.prometheus.alertmanagerGotify.openFirewall | Opens the bridge port in the firewall.
|
| options/nixos/services.lorri.package | The lorri package to use.
|
| options/nixos/services.prometheus.exporters.domain.openFirewall | Open port in firewall for incoming connections.
|
| options/nixos/services.prometheus.exporters.dovecot.firewallRules | Specify rules for nftables to add to the input chain
when services.prometheus.exporters.dovecot.openFirewall is true.
|
| options/nixos/services.linkwarden.package | The linkwarden package to use.
|
| options/nixos/services.misskey.reverseProxy.webserver.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| options/nixos/services.multipath.pathGroups.*.options | Options used to mount the file system
|
| options/nixos/services.patroni.postgresqlPackage | PostgreSQL package to use
|
| options/nixos/services.redis.servers.<name>.group | Group account under which this instance of redis-server runs.
If left as the default value this group will automatically be
created on system activation, otherwise you are responsible for
ensuring the group exists before the redis service starts.
|
| options/nixos/services.restic.backups.<name>.backupCleanupCommand | A script that must run after finishing the backup process.
|
| options/nixos/services.unclutter.keystroke | Wait for a keystroke before hiding the cursor
|
| options/nixos/services.prometheus.exporters.unpoller.controllers.*.save_anomalies | Collect and save data from UniFi anomalies to influxdb and Loki.
|
| options/nixos/services.misskey.settings.db.user | The user used for database authentication.
|
| options/nixos/services.umurmur.settings.channel_links | Channel tree definitions.
|
| options/nixos/services.pdns-recursor.dnssecValidation | Controls the level of DNSSEC processing done by the PowerDNS Recursor
|
| options/nixos/services.nextcloud.notify_push.dbtableprefix | Table prefix in Nextcloud's database.
Note: since Nextcloud 20 it's not an option anymore to create a database
schema with a custom table prefix
|
| options/nixos/services.prometheus.exporters.node.group | Group under which the node exporter shall be run.
|
| options/nixos/services.slskd.settings.global.download.speed_limit | Total upload download limit
|
| options/nixos/services.tor.settings.AuthDirSharedRandomness | See torrc manual.
|
| options/nixos/services.snapserver.settings.tcp-control.bind_to_address | Address to listen on for snapclient connections.
|
| options/nixos/services.redis.servers.<name>.slaveOf.port | port of the Redis master
|
| options/nixos/services.navidrome.settings.Port | Port to run Navidrome on.
|
| options/nixos/services.sing-box.package | The sing-box package to use.
|
| options/nixos/services.slskd.nginx.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| options/nixos/services.tor.client.enable | Whether to enable the routing of application connections
|
| options/nixos/services.mtr-exporter.jobs.*.name | Name of ICMP pinging job.
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.ppk | Postquantum Preshared Key (PPK) section for a specific secret
|
| options/nixos/services.unpoller.poller.plugins | Load additional plugins.
|
| options/nixos/services.logstash.plugins | The paths to find other logstash plugins in.
|
| options/nixos/services.mjolnir.enable | Whether to enable Mjolnir, a moderation tool for Matrix.
|