| options/darwin/launchd.daemons.<name>.serviceConfig.HardResourceLimits.FileSize | The largest size (in bytes) file that may be created.
|
| options/nixos/services.monica.hostname | The hostname to serve monica on.
|
| options/nixos/services.borgbackup.repos.<name>.allowSubRepos | Allow clients to create repositories in subdirectories of the
specified path
|
| options/nixos/services.jirafeau.nginxConfig.locations.<name>.uwsgiPass | Adds uwsgi_pass directive and sets recommended proxy headers if
recommendedUwsgiSettings is enabled.
|
| options/nixos/services.jirafeau.nginxConfig.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| options/darwin/services.aerospace.settings.on-window-detected.*."if".app-name-regex-substring | Regex substring to match the app name (optional).
|
| options/nixos/services.honk.host | The host name or IP address the server should listen to.
|
| options/nixos/services.gitlab-runner.services.<name>.postGetSourcesScript | Runner-specific command script executed after code is pulled.
|
| options/nixos/services.bookstack.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/security.wrappers.<name>.permissions | The permissions of the wrapper program
|
| options/nixos/systemd.timers.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| options/nixos/systemd.slices.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rand_bytes | Byte range from which to choose a random value to subtract from
rekey_bytes
|
| options/home-manager/accounts.email.accounts.<name>.lieer.notmuchSetupWarning | Warn if Notmuch is not also enabled for this account
|
| options/nixos/systemd.services.<name>.confinement.enable | If set, all the required runtime store paths for this service are
bind-mounted into a tmpfs-based
chroot(2).
|
| options/nixos/services.strongswan-swanctl.swanctl.authorities.<name>.module | Optional PKCS#11 module name.
|
| options/nixos/services.mosquitto.bridges.<name>.addresses.*.port | Port of the remote MQTT broker.
|
| options/nixos/services.cloudflared.tunnels.<name>.ingress | Ingress rules
|
| options/nixos/services.cloudflared.tunnels.<name>.default | Catch-all service if no ingress matches
|
| options/nixos/systemd.services.<name>.confinement.binSh | The program to make available as /bin/sh inside
the chroot
|
| options/nixos/services.namecoind.rpc.port | Port the RPC server will bind to.
|
| options/home-manager/accounts.email.accounts.<name>.imapnotify.extraConfig | Additional configuration to add for this account.
|
| options/nixos/services.wyoming.faster-whisper.servers.<name>.model | Name of the voice model to use
|
| options/nixos/services.zabbixWeb.nginx.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.zabbixWeb.httpd.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.firewalld.zones.<name>.forwardPorts.*.protocol | |
| options/nixos/systemd.timers.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| options/nixos/systemd.slices.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| options/nixos/services.fedimintd.<name>.nginx.config.globalRedirect | If set, all requests for this host are redirected (defaults to 301,
configurable with redirectCode) to the given hostname.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.HardResourceLimits | Resource limits to be imposed on the job
|
| options/darwin/launchd.daemons.<name>.serviceConfig.SoftResourceLimits | Resource limits to be imposed on the job
|
| options/nixos/services.woodpecker-agents.agents.<name>.enable | Whether to enable this Woodpecker-Agent
|
| options/home-manager/accounts.contact.accounts.<name>.vdirsyncer.timeRange.end | End of time range to show.
|
| options/nixos/services.fedimintd.<name>.api_iroh.openFirewall | Opens UDP port in firewall for fedimintd's API Iroh endpoint
|
| options/nixos/services.plausible.database.postgres.dbname | Name of the database to use.
|
| options/nixos/services.angrr.settings.profile-policies.<name>.keep-latest-n | Keep the latest N GC roots in this profile.
|
| options/nixos/services.anubis.instances.<name>.policy.settings | Additional policy settings merged into the policy file
|
| options/nixos/services.radicle.ci.adapters.native.instances.<name>.enable | Whether to enable this radicle-native-ci instance.
|
| options/nixos/services.easytier.instances.<name>.settings.ipv4 | IPv4 cidr address of this peer in the virtual network
|
| options/nixos/services.public-inbox.inboxes.<name>.description | User-visible description for the repository.
|
| options/nixos/services.netbird.clients.<name>.environment | Environment for the netbird service, used to pass configuration options.
|
| options/nixos/services.netbird.tunnels.<name>.environment | Environment for the netbird service, used to pass configuration options.
|
| options/darwin/networking.wg-quick.interfaces.<name>.table | Controls the routing table to which routes are added
|
| options/home-manager/launchd.agents.<name>.config.SoftResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| options/home-manager/launchd.agents.<name>.config.HardResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| options/home-manager/programs.zsh.prezto.tmux.defaultSessionName | Set the default session name.
|
| options/nixos/services.beesd.filesystems.<name>.extraOptions | Extra command-line options passed to the daemon
|
| options/nixos/services.taskserver.fqdn | The fully qualified domain name of this server, which is also used
as the common name in the certificates.
|
| options/nixos/services.syncthing.settings.folders.<name>.enable | Whether to share this folder
|
| options/home-manager/services.syncthing.settings.folders.<name>.enable | Whether to share this folder
|
| options/nixos/systemd.shutdownRamfs.contents.<name>.dlopen.features | Features to enable via dlopen ELF notes
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.if_id_in | XFRM interface ID set on inbound policies/SA
|
| options/home-manager/accounts.calendar.accounts.<name>.vdirsyncer.auth | Authentication settings
|
| options/home-manager/programs.gemini-cli.context | An attribute set of context files to create in ~/.gemini/
|
| options/nixos/containers.<name>.hostAddress | The IPv4 address assigned to the host interface.
(Not used when hostBridge is set.)
|
| options/nixos/services.h2o.hosts.<name>.tls.identity.*.certificate-file | Path to certificate file
|
| options/nixos/hardware.fw-fanctrl.config.strategies.<name>.speedCurve.*.temp | Temperature in °C at which the fan speed should be changed
|
| options/nixos/services.firewalld.zones.<name>.description | Description for the zone.
|
| options/darwin/launchd.agents.<name>.serviceConfig.WorkingDirectory | This optional key is used to specify a directory to chdir(2) to before running the job.
|
| options/home-manager/launchd.agents.<name>.config.Sockets | This optional key is used to specify launch on demand sockets that can be used to let launchd know when
to run the job
|
| options/nixos/services.inadyn.settings.provider.<name>.password | Password for this DDNS provider
|
| options/home-manager/launchd.agents.<name>.config.KeepAlive.SuccessfulExit | If true, the job will be restarted as long as the program exits and with an exit status of zero
|
| options/nixos/services.tarsnap.archives.<name>.verylowmem | Reduce memory consumption by a factor of 2 beyond what
lowmem does, at the cost of significantly
slowing down the archiving process.
|
| options/nixos/services.blockbook-frontend.<name>.internal | Internal http server binding [address]:port.
|
| options/nixos/users.ldap.daemon.rootpwmoddn | The distinguished name to use to bind to the LDAP server
when the root user tries to modify a user's password.
|
| options/darwin/networking.wg-quick.interfaces.<name>.peers.*.publicKey | The public key for this peer.
|
| options/nixos/services.nginx.virtualHosts.<name>.sslCertificateKey | Path to server SSL certificate key.
|
| options/nixos/services.jibri.xmppEnvironments.<name>.call.login.domain | The domain part of the JID for the recorder.
|
| options/home-manager/accounts.email.accounts.<name>.offlineimap.enable | Whether to enable OfflineIMAP.
|
| options/nixos/services.mautrix-meta.instances.<name>.serviceUnit | The systemd unit (a service or a target) for other services to depend on if they
need to be started after matrix-synapse
|
| options/nixos/services.authelia.instances.<name>.secrets.jwtSecretFile | Path to your JWT secret used during identity verificaton.
|
| options/nixos/services.wordpress.sites.<name>.database.passwordFile | A file containing the password corresponding to
database.user.
|
| options/nixos/services.pixelfed.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.mainsail.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.kanboard.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.librenms.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.fediwall.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.agorakit.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.dolibarr.nginx.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.jirafeau.nginxConfig.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| options/darwin/launchd.agents.<name>.serviceConfig.SoftResourceLimits.Stack | The maximum size (in bytes) of the stack segment for a process; this defines how far a program's
stack segment may be extended
|
| options/darwin/launchd.agents.<name>.serviceConfig.HardResourceLimits.Stack | The maximum size (in bytes) of the stack segment for a process; this defines how far a program's
stack segment may be extended
|
| options/nixos/services.invoiceplane.sites.<name>.cron.enable | Enable cron service which periodically runs Invoiceplane tasks
|
| options/nixos/services.tarsnap.archives | Tarsnap archive configurations
|
| options/nixos/services.gitea-actions-runner.instances.<name>.tokenFile | Path to an environment file, containing the TOKEN environment
variable, that holds a token to register at the configured
Gitea/Forgejo instance.
|
| options/nixos/services.dovecot2.mailboxes.<name>.specialUse | Null if no special use flag is set
|
| options/nixos/services.wordpress.sites.<name>.database.createLocally | Create the database and database user locally.
|
| options/nixos/services.wordpress.sites.<name>.virtualHost.serverAliases | Additional names of virtual hosts served by this virtual host configuration.
|
| options/nixos/services.wordpress.sites.<name>.virtualHost.robotsEntries | Specification of pages to be ignored by web crawlers
|
| options/darwin/services.github-runners.<name>.serviceOverrides | Modify the service
|
| options/home-manager/accounts.email.accounts.<name>.mujmap.notmuchSetupWarning | Warn if Notmuch is not also enabled for this account
|
| options/darwin/services.gitlab-runner.services.<name>.dockerAllowedImages | Whitelist allowed images.
|
| options/nixos/services.gitlab-runner.services.<name>.dockerAllowedImages | Whitelist allowed images.
|
| options/nixos/services.jibri.xmppEnvironments.<name>.xmppDomain | The base XMPP domain.
|
| options/home-manager/programs.lutris.runners.<name>.settings.runner.runner_executable | Specific option to point to a runner executable directly, don't set runner.package if you set this
|
| options/nixos/services.printing.cups-pdf.instances.<name>.settings.AnonDirName | path for anonymously created PDF files
|
| options/nixos/services.nebula.networks.<name>.lighthouse.dns.host | IP address on which nebula lighthouse should serve DNS.
'localhost' is a good default to ensure the service does not listen on public interfaces;
use a Nebula address like 10.0.0.5 to make DNS resolution available to nebula hosts only.
|
| options/nixos/services.neo4j.ssl.policies | Defines the SSL policies for use with Neo4j connectors
|
| options/nixos/networking.wg-quick.interfaces.<name>.peers.*.publicKey | The base64 public key to the peer.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.mode | IPsec Mode to establish CHILD_SA with.
tunnel negotiates the CHILD_SA in IPsec Tunnel Mode,- whereas
transport uses IPsec Transport Mode.
transport_proxy signifying the special Mobile IPv6
Transport Proxy Mode.beet is the Bound End to End Tunnel mixture mode,
working with fixed inner addresses without the need to include them in
each packet.- Both
transport and beet modes are
subject to mode negotiation; tunnel mode is
negotiated if the preferred mode is not available.
pass and drop are used to install
shunt policies which explicitly bypass the defined traffic from IPsec
processing or drop it, respectively
|