| options/home-manager/targets.darwin.currentHostDefaults | Set macOS user defaults
|
| options/nixos/services.prosody.muc.*.tombstoneExpiry | This settings controls how long a tombstone is considered
valid
|
| options/home-manager/wayland.windowManager.sway.config.bars.*.colors | Bar color settings
|
| options/nixos/services.pgbouncer.settings.pgbouncer.ignore_startup_parameters | By default, PgBouncer allows only parameters it can keep track of in startup packets:
client_encoding, datestyle, timezone and standard_conforming_strings
|
| options/nixos/services.grafana.settings.database.locking_attempt_timeout_sec | For mysql, if the migrationLocking feature toggle is set,
specify the time (in seconds) to wait before failing to lock the database for the migrations.
|
| options/nixos/i18n.extraLocaleSettings | A set of additional system-wide locale settings other than LANG
which can be configured with i18n.defaultLocale
|
| options/home-manager/xsession.windowManager.i3.config.colors | Color settings
|
| options/nixos/services.komodo-periphery.extraSettings | Extra settings to add to the generated TOML config.
|
| options/nixos/services.asterisk.useTheseDefaultConfFiles | Sets these config files to the default content
|
| options/nixos/services.packagekit.vendorSettings | Additional settings passed straight through to Vendor.conf
|
| options/nixos/services.bluemap.webserverSettings | Settings for the webserver.conf file, usually not required.
See upstream docs.
|
| options/nixos/services.postsrsd.configurePostfix | Whether to configure the required settings to use postsrsd in the local Postfix instance.
|
| options/nixos/services.grafana.settings.security.data_source_proxy_whitelist | Define a whitelist of allowed IP addresses or domains, with ports,
to be used in data source URLs with the Grafana data source proxy
|
| options/nixos/services.clamav.clamonacc.enable | Whether to enable ClamAV on-access scanner
|
| options/nixos/services.cryptpad.configureNginx | Configure Nginx as a reverse proxy for Cryptpad
|
| options/nixos/services.pufferpanel.environment | Environment variables to set for the service
|
| options/nixos/services.agorakit.config | Agorakit configuration options to set in the
.env file
|
| options/nixos/services.akkoma.initDb.enable | Whether to automatically initialise the database on startup
|
| options/nixos/services.stash.settings.create_image_clip_from_videos | Create Image Clips from Video extensions when Videos are disabled in Library
|
| options/nixos/services.rathole.credentialsFile | Path to a TOML file to be merged with the settings
|
| options/home-manager/xsession.windowManager.i3.config.bars.*.colors | Bar color settings
|
| options/nixos/virtualisation.appvm.enable | This enables AppVMs and related virtualisation settings.
|
| options/nixos/services.bookstack.config | BookStack configuration options to set in the
.env file
|
| options/nixos/services.netbird.useRoutingFeatures | Enables settings required for NetBird's routing features: Network Resources, Network Routes & Exit Nodes
|
| options/nixos/services.nginx.recommendedTlsSettings | Enable recommended TLS settings.
|
| options/nixos/services.foundationdb.locality | FoundationDB locality settings.
|
| options/nixos/services.postfix-tlspol.configurePostfix | Whether to configure the required settings to use postfix-tlspol in the local Postfix instance.
|
| options/nixos/services.easytier.instances.<name>.configFile | Path to easytier config file
|
| options/nixos/services.librenms.environmentFile | File containing env-vars to be substituted into the final config
|
| options/nixos/services.printing.cups-pdf.instances.<name>.confFileText | This will contain the contents of cups-pdf.conf for this instance, derived from settings
|
| options/home-manager/accounts.contact.accounts.<name>.vdirsyncer.auth | Authentication settings
|
| options/nixos/services.filebeat.modules | Filebeat modules provide a quick way to get started
processing common log formats
|
| options/darwin/security.pam.services.sudo_local.touchIdAuth | Whether to enable Touch ID with sudo
|
| options/nixos/services.sanoid.datasets.<name>.recursive | Whether to recursively snapshot dataset children
|
| options/nixos/services.metricbeat.modules | Metricbeat modules are responsible for reading metrics from the various sources
|
| options/nixos/services.veilid.settings.core.protected_store.always_use_insecure_storage | Should we bypass any attempt to use system-provided secure storage?
|
| options/nixos/services.karakeep.extraEnvironment | Environment variables to pass to Karakaeep
|
| options/nixos/services.apache-kafka.configFiles.serverProperties | Kafka server.properties configuration file path
|
| options/nixos/services.nginx.recommendedGzipSettings | Enable recommended gzip settings
|
| options/nixos/services.privoxy.inspectHttps | Whether to configure Privoxy to inspect HTTPS requests, meaning all
encrypted traffic will be filtered as well
|
| options/nixos/virtualisation.lxc.bridgeConfig | This is the config file for override lxc-net bridge default settings.
|
| options/nixos/services.grafana.settings.security.disable_initial_admin_creation | Disable creation of admin user on first start of Grafana.
|
| options/nixos/services.biboumi.credentialsFile | Path to a configuration file to be merged with the settings
|
| options/nixos/services.dendrite.settings.global.trusted_third_party_id_servers | Lists of domains that the server will trust as identity
servers to verify third party identifiers such as phone
numbers and email addresses
|
| options/nixos/services.sunshine.applications | Configuration for applications to be exposed to Moonlight
|
| options/nixos/services.listmonk.database.mutableSettings | Database settings will be reset to the value set in this module if this is not enabled
|
| options/nixos/services.discourse.backendSettings | Additional settings to put in the
discourse.conf file
|
| options/nixos/services.nginx.recommendedZstdSettings | Enable recommended zstd settings
|
| options/home-manager/accounts.calendar.accounts.<name>.vdirsyncer.auth | Authentication settings
|
| options/nixos/services.matrix-synapse.settings.url_preview_ip_range_blacklist | List of IP address CIDR ranges that the URL preview spider is denied
from accessing.
|
| options/nixos/services.displayManager.dms-greeter.configFiles | List of DankMaterialShell configuration files to copy into the greeter
data directory at /var/lib/dms-greeter
|
| options/nixos/services.nginx.recommendedUwsgiSettings | Whether to enable recommended uwsgi settings if a vhost does not specify the option manually.
|
| options/nixos/services.nginx.recommendedProxySettings | Whether to enable recommended proxy settings if a vhost does not specify the option manually.
|
| options/nixos/services.matrix-synapse.settings.url_preview_ip_range_whitelist | List of IP address CIDR ranges that the URL preview spider is allowed
to access even if they are specified in url_preview_ip_range_blacklist.
|
| options/nixos/services.headscale.settings.tls_letsencrypt_challenge_type | Type of ACME challenge to use, currently supported types:
HTTP-01 or TLS-ALPN-01.
|
| options/darwin/security.pam.services.sudo_local.watchIdAuth | Use Apple Watch for sudo authentication, for devices without Touch ID or
laptops with lids closed, consider using this
|
| options/nixos/services.easytier.instances.<name>.extraSettings | Extra settings to add to easytier-‹name›.toml.
|
| options/nixos/services.nextcloud.configureRedis | Whether to configure Nextcloud to use the recommended Redis settings for small instances.
The Nextcloud system check recommends to configure either Redis or Memcache for file lock caching.
The notify_push app requires Redis to be configured
|
| options/darwin/system.defaults.NSGlobalDomain.AppleTemperatureUnit | Whether to use Celsius or Fahrenheit
|
| options/nixos/services.xserver.displayManager.sx.enable | Whether to enable the "sx" pseudo-display manager, which allows users
to start manually via the "sx" command from a vt shell
|
| options/nixos/services.opencloud.environment | Extra environment variables to set for the service
|
| options/nixos/services.prometheus.remoteRead.*.tls_config | Configures the remote read request's TLS settings.
|
| options/nixos/services.mattermost.mutableConfig | Whether the Mattermost config.json is writeable by Mattermost
|
| options/nixos/services.opencloud.environmentFile | An environment file as defined in systemd.exec(5)
|
| options/nixos/services.nginx.recommendedBrotliSettings | Enable recommended brotli settings
|
| options/nixos/services.crossfire-server.configFiles | Text to append to the corresponding configuration files
|
| options/nixos/services.stash.settings.show_one_time_moved_notification | Whether a small notification to inform the user that Stash will no longer show a terminal window, and instead will be available in the tray
|
| options/nixos/services.prometheus.remoteWrite.*.tls_config | Configures the remote write request's TLS settings.
|
| options/darwin/system.defaults.NSGlobalDomain.AppleMeasurementUnits | Whether to use centimeters (metric) or inches (US, UK) as the measurement unit
|
| options/nixos/services.weblate.configurePostgresql | Whether to enable and configure a local PostgreSQL server by creating a user and database for weblate
|
| options/nixos/services.firezone.server.provision.accounts | All accounts to provision
|
| options/nixos/virtualisation.graphics | Whether to run QEMU with a graphics window, or in nographic mode
|
| options/nixos/services.yggdrasil.openMulticastPort | Whether to open the UDP port used for multicast peer discovery
|
| options/nixos/services.dovecot2.imapsieve.mailbox.*.name | This setting configures the name of a mailbox for which administrator scripts are configured
|
| options/nixos/services.easytier.instances.<name>.configServer | Configure the instance from config server
|
| options/nixos/services.dnscrypt-proxy2.upstreamDefaults | Whether to base the config declared in services.dnscrypt-proxy2.settings on the upstream example config (https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml)
Disable this if you want to declare your dnscrypt config from scratch.
|
| options/nixos/services.maubot.settings.plugin_databases.postgres_max_conns_per_plugin | Maximum number of connections per plugin instance.
|
| options/nixos/services.nginx.experimentalZstdSettings | Enable alpha quality zstd module with recommended settings
|
| options/nixos/services.dysnomia.extraContainerProperties | An attribute set providing additional container settings in addition to the default properties
|
| options/nixos/services.librenms.distributedPoller.enable | Configure this LibreNMS instance as a distributed poller
|
| options/nixos/services.grafana.settings.users.user_invite_max_lifetime_duration | The duration in time a user invitation remains valid before expiring
|
| options/nixos/services.grafana.settings.security.strict_transport_security_preload | Set to true to enable HSTS preloading option
|
| options/nixos/services.crowdsec-firewall-bouncer.createRulesets | Whether to have the module create the appropriate firewall configuration
based on the bouncer settings
|
| options/nixos/services.frp.instances.<name>.environmentFiles | List of paths files that follows systemd environmentfile structure
|
| options/nixos/services.tailscale.useRoutingFeatures | Enables settings required for Tailscale's routing features like subnet routers and exit nodes
|
| options/nixos/services.headscale.settings.ephemeral_node_inactivity_timeout | Time before an inactive ephemeral node is deleted.
|
| options/nixos/services.mastodon.configureNginx | Configure nginx as a reverse proxy for mastodon
|
| options/nixos/services.prometheus.scrapeConfigs.*.tls_config | Configures the scrape request's TLS settings.
|
| options/nixos/services.archisteamfarm.ipcSettings | Settings to write to IPC.config
|
| options/nixos/services.bitwarden-directory-connector-cli.ldap | Options to configure the LDAP connection
|
| options/nixos/services.bitwarden-directory-connector-cli.sync | Options to configure what gets synced
|
| options/nixos/networking.wireless.userControlled | Allow users of the wpa_supplicant group to control wpa_supplicant
through wpa_gui or wpa_cli
|
| options/nixos/networking.wireless.userControlled.enable | Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli
|
| options/nixos/services.centrifugo.environmentFiles | Files to load environment variables from
|
| options/nixos/virtualisation.rosetta.enable | Whether to enable Rosetta support
|
| options/nixos/services.stash.settings.dangerous_allow_public_without_auth | Learn more at https://docs.stashapp.cc/networking/authentication-required-when-accessing-stash-from-the-internet/
|
| options/home-manager/services.activitywatch.watchers.<name>.name | The name of the watcher
|
| options/nixos/virtualisation.libvirtd.onBoot | Specifies the action to be done to / on the guests when the host boots
|
| options/nixos/services.nginx.recommendedOptimisation | Enable recommended optimisation settings.
|
| options/nixos/services.nghttpx.backends.*.params.affinity | If "ip" is given, client IP based session affinity is
enabled
|