| options/home-manager/programs.librewolf.profiles.<name>.bookmarks.settings | Custom bookmarks.
|
| options/nixos/services.ncps.cache.redis.username | Redis username for authentication (for Redis ACL).
|
| options/nixos/services.jibri.xmppEnvironments.<name>.control.login.domain | The domain part of the JID for this Jibri instance.
|
| options/nixos/networking.vswitches | This option allows you to define Open vSwitches that connect
physical networks together
|
| options/nixos/boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.mode | The file access mode to use when creating this file or directory.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rekey_bytes | Number of bytes processed before initiating CHILD_SA rekeying
|
| options/nixos/networking.firewall.interfaces.<name>.allowedUDPPorts | List of open UDP ports.
|
| options/nixos/services.jitsi-videobridge.xmppConfigs.<name>.passwordFile | File containing the password for the user.
|
| options/nixos/services.keepalived.vrrpInstances.<name>.interface | Interface for inside_network, bound by vrrp.
|
| options/nixos/services.archisteamfarm.bots.<name>.enabled | Whether to enable the bot on startup.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.close_action | Action to perform after a CHILD_SA gets closed by the peer.
- The default of
none does not take any action,
trap installs a trap policy for the CHILD_SA.start tries to re-create the CHILD_SA.
close_action does not provide any guarantee that the
CHILD_SA is kept alive
|
| options/nixos/services.sabnzbd.settings.servers.<name>.connections | Number of parallel connections permitted by
the server.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.KeepAlive | This optional key is used to control whether your job is to be kept continuously running or to let
demand and conditions control the invocation
|
| options/nixos/services.postfix.masterConfig.<name>.wakeupUnusedComponent | If set to false the component will only be woken
up if it is used
|
| options/nixos/services.keepalived.vrrpInstances.<name>.unicastSrcIp | Default IP for binding vrrpd is the primary IP on interface
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.xauth.<name>.id | Identity the EAP/XAuth secret belongs to
|
| options/nixos/services.bacula-fd.director.<name>.password | Specifies the password that must be supplied for the default Bacula
Console to be authorized
|
| options/nixos/services.bacula-sd.director.<name>.password | Specifies the password that must be supplied for the default Bacula
Console to be authorized
|
| options/nixos/services.matomo.hostname | URL of the host, without https prefix
|
| options/nixos/services.tor.relay.onionServices.<name>.authorizedClients | Authorized clients for a v3 onion service,
as a list of public key, in the format:
descriptor:x25519:<base32-public-key>
See torrc manual.
|
| options/nixos/services.outline.smtp.username | Username to authenticate with.
|
| options/nixos/services.sftpgo.user | User account name under which SFTPGo runs.
|
| options/home-manager/accounts.calendar.accounts.<name>.primaryCollection | The primary collection of the account
|
| options/home-manager/accounts.email.accounts.<name>.offlineimap.extraConfig.local | Extra configuration options to add to the local account
section.
|
| options/nixos/services.authelia.instances.<name>.secrets.sessionSecretFile | Path to your session secret
|
| options/nixos/services.borgbackup.jobs.<name>.encryption.passCommand | A command which prints the passphrase to stdout
|
| options/nixos/services.angrr.settings.profile-policies.<name>.keep-current-system | Whether to keep the current system generation
|
| options/nixos/boot.loader.refind.additionalFiles | A set of files to be copied to /boot
|
| options/nixos/boot.loader.limine.additionalFiles | A set of files to be copied to /boot
|
| options/nixos/services.consul-template.instances.<name>.settings | Free-form settings written directly to the config.json file
|
| options/darwin/homebrew.casks | List of Homebrew casks to install
|
| options/nixos/services.influxdb2.provision.organizations.<name>.auths.<name>.readPermissions | The read permissions to include for this token
|
| options/nixos/services.radicle.ci.adapters.native.instances.<name>.settings | Configuration of radicle-native-ci
|
| options/nixos/networking.interfaces.<name>.ipv4.routes | List of extra IPv4 static routes that will be assigned to the interface.
If the route type is the default unicast, then the scope
is set differently depending on the value of networking.useNetworkd:
the script-based backend sets it to link, while networkd sets
it to global.
If you want consistency between the two implementations,
set the scope of the route manually with
networking.interfaces.eth0.ipv4.routes = [{ options.scope = "global"; }]
for example.
|
| options/nixos/programs.schroot.profiles.<name>.nssdatabases | System databases (as described in /etc/nsswitch.conf on GNU/Linux systems) to copy into the chroot from the host.
|
| options/home-manager/programs.borgmatic.backups.<name>.consistency.checks | Consistency checks to run
|
| options/home-manager/programs.gnome-terminal.profile.<name>.colors.cursor.foreground | The foreground color.
|
| options/home-manager/programs.gnome-terminal.profile.<name>.colors.cursor.background | The background color.
|
| options/nixos/virtualisation.oci-containers.containers.<name>.serviceName | Systemd service name that manages the container
|
| options/home-manager/services.podman.containers.<name>.environmentFile | Paths to files containing container environment variables.
|
| options/nixos/services.r53-ddns.domain | The name of your domain in Route53
|
| options/nixos/services.wordpress.sites.<name>.virtualHost.listenAddresses | Listen addresses for this virtual host
|
| options/nixos/networking.wireguard.interfaces.<name>.peers.*.endpoint | Endpoint IP or hostname of the peer, followed by a colon,
and then a port number of the peer
|
| options/darwin/launchd.daemons.<name>.serviceConfig.QueueDirectories | Much like the WatchPaths option, this key will watch the paths for modifications
|
| options/nixos/virtualisation.fileSystems.<name>.label | Label of the device
|
| options/nixos/services.kanidm.provision.systems.oauth2.<name>.originLanding | When redirecting from the Kanidm Apps Listing page, some linked applications may need to land on a specific page to trigger oauth2/oidc interactions.
|
| options/nixos/services.system76-scheduler.assignments.<name>.prio | CPU scheduler priority.
|
| options/home-manager/programs.obsidian.vaults.<name>.settings.communityPlugins.*.pkg | The plugin package.
|
| options/home-manager/programs.astroid.externalEditor | You can use the following variables:
%1
: file name
%2
: server name
%3
: socket ID
See Customizing editor
on the Astroid wiki.
|
| options/nixos/networking.openconnect.interfaces.<name>.user | Username to authenticate with.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.set_mark_in | Netfilter mark applied to packets after the inbound IPsec SA processed
them
|
| options/nixos/services.neo4j.ssl.policies.<name>.allowKeyGeneration | Allows the generation of a private key and associated self-signed
certificate
|
| options/nixos/networking.firewall.interfaces.<name>.allowedTCPPorts | List of TCP ports on which incoming connections are
accepted.
|
| options/home-manager/programs.borgmatic.backups.<name>.retention.keepSecondly | Number of secondly archives to keep
|
| options/home-manager/programs.borgmatic.backups.<name>.retention.keepMinutely | Number of minutely archives to keep
|
| options/nixos/services.zabbixWeb.nginx.virtualHost.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| options/home-manager/launchd.agents.<name>.config.EnableTransactions | This flag instructs launchd that the job promises to use vproc_transaction_begin(3) and
vproc_transaction_end(3) to track outstanding transactions that need to be reconciled before the
process can safely terminate
|
| options/nixos/services.radicle.ci.adapters.native.instances.<name>.settings.log | File where radicle-native-ci should write the run log.
|
| options/darwin/launchd.agents.<name>.serviceConfig.SoftResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| options/darwin/launchd.agents.<name>.serviceConfig.HardResourceLimits.NumberOfFiles | The maximum number of open files for this process
|
| options/nixos/virtualisation.interfaces.<name>.vlan | VLAN to which the network interface is connected.
|
| options/nixos/services.shorewall6.configs | This option defines the Shorewall configs
|
| options/nixos/networking.supplicant.<name>.userControlled.group | Members of this group can control wpa_supplicant.
|
| options/nixos/services.mediawiki.httpd.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.ecdsa.<name>.secret | Value of decryption passphrase for ECDSA key.
|
| options/home-manager/wayland.windowManager.sway.config.bindswitches.<name>.action | The sway command to execute on state changes
|
| options/home-manager/accounts.calendar.accounts.<name>.thunderbird.enable | Whether to enable the Thunderbird mail client for this account.
|
| options/home-manager/services.xsuspender.rules.<name>.downclockOnBattery | Limit CPU consumption for this factor when on battery power
|
| options/nixos/services.syncthing.settings.devices.<name>.autoAcceptFolders | Automatically create or share folders that this device advertises at the default path
|
| options/home-manager/services.syncthing.settings.devices.<name>.autoAcceptFolders | Automatically create or share folders that this device advertises at the default path
|
| options/home-manager/accounts.contact.accounts.<name>.vdirsyncer.partialSync | What should happen if synchronization in one direction
is impossible due to one storage being read-only
|
| options/nixos/services.influxdb2.provision.organizations.<name>.auths.<name>.writePermissions | The read permissions to include for this token
|
| options/nixos/services.tor.relay.onionServices.<name>.settings.HiddenServiceSingleHopMode | See torrc manual.
|
| options/nixos/services.jibri.xmppEnvironments.<name>.call.login.passwordFile | File containing the password for the user.
|
| options/nixos/services.drupal.webserver | Whether to use nginx or caddy for virtual host management
|
| options/nixos/services.printing.cups-pdf.instances.<name>.settings.Anonuser | User for anonymous PDF creation
|
| options/nixos/services.armagetronad.servers.<name>.openFirewall | Set to true to open the configured UDP port for Armagetron Advanced.
|
| options/nixos/containers.<name>.forwardPorts.*.containerPort | Target port of container
|
| options/nixos/services.k3s.autoDeployCharts.<name>.extraFieldDefinitions | Extra HelmChart field definitions that are merged with the rest of the HelmChart
custom resource
|
| options/nixos/services.tailscale.serve.services.<name>.endpoints | Map of incoming traffic patterns to local targets
|
| options/nixos/services.borgbackup.repos.<name>.authorizedKeys | Public SSH keys that are given full write access to this repository
|
| options/nixos/services.system76-scheduler.assignments.<name>.ioPrio | IO scheduler priority.
|
| options/nixos/systemd.network.networks.<name>.dhcpPrefixDelegationConfig | Each attribute in this set specifies an option in the
[DHCPPrefixDelegation] section of the unit
|
| options/nixos/services.namecoind.enable | Whether to enable namecoind, Namecoin client.
|
| options/nixos/services.pantalaimon-headless.instances.<name>.ssl | Whether or not SSL verification should be enabled for outgoing
connections to the homeserver.
|
| options/nixos/services.sabnzbd.settings.servers.<name>.ssl_verify | Level of TLS verification
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.pkcs8.<name>.secret | Value of decryption passphrase for PKCS#8 key.
|
| options/nixos/services.kanidm.provision.systems.oauth2.<name>.enableLegacyCrypto | Enable legacy crypto on this client
|
| options/nixos/services.wyoming.faster-whisper.servers.<name>.initialPrompt | Optional text to provide as a prompt for the first window
|
| options/nixos/services.hostapd.radios.<name>.wifi5.capabilities | VHT (Very High Throughput) capabilities given as a list of flags
|
| options/nixos/services.printing.cups-pdf.instances.<name>.installPrinter | Whether to enable a CUPS printer queue for this instance
|
| options/home-manager/programs.borgmatic.backups.<name>.location.patterns | Patterns to include/exclude
|
| options/darwin/launchd.agents.<name>.serviceConfig.ThrottleInterval | This key lets one override the default throttling policy imposed on jobs by launchd
|
| options/nixos/services.beesd.filesystems.<name>.hashTableSizeMB | Hash table size in MB; must be a multiple of 16
|
| options/nixos/virtualisation.fileSystems.<name>.mountPoint | Location where the file system will be mounted
|
| options/nixos/services.limesurvey.nginx.virtualHost.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| options/nixos/services.fedimintd.<name>.nginx.config.listen.*.extraParameters | Extra parameters of this listen directive.
|
| options/home-manager/accounts.contact.accounts.<name>.pimsync.extraPairDirectives | Extra directives that should be added under this accounts pair directive
|
| options/nixos/services.jirafeau.nginxConfig.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| options/nixos/services.bind.enable | Whether to enable BIND domain name server.
|