| options/nixos/documentation.enable | Whether to install documentation of packages from
environment.systemPackages into the generated system path
|
| options/nixos/services.gitea.settings.server.STATIC_ROOT_PATH | Upper level of template and static files path.
|
| options/nixos/services.draupnir.settings.dataPath | The path Draupnir will store its state/data in.
This option is read-only.
If you want to customize where this data is stored, use a bind mount.
|
| options/nixos/services.glance.settings | Configuration written to a yaml file that is read by glance
|
| options/nixos/services.jicofo.componentPasswordFile | Path to file containing component secret.
|
| options/nixos/services.calibre-web.options.calibreLibrary | Path to Calibre library.
|
| options/home-manager/home.sessionSearchVariables | Extra directories to prepend to arbitrary PATH-like
environment variables (e.g.: MANPATH)
|
| options/nixos/services.zoneminder.storageDir | ZoneMinder can generate quite a lot of data, so in case you don't want
to use the default /var/lib/zoneminder, you can override the path here.
|
| options/nixos/services.simplesamlphp.<name>.package | The simplesamlphp package to use.
|
| options/nixos/services.firewalld.zones.<name>.description | Description for the zone.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.HardResourceLimits.CPU | The maximum amount of cpu time (in seconds) to be used by each process.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.SoftResourceLimits.CPU | The maximum amount of cpu time (in seconds) to be used by each process.
|
| options/nixos/services.radicle.ci.broker.settings.adapters.<name>.env | Environment variables to add when running the adapter.
|
| options/nixos/services.fedimintd.<name>.api_iroh.openFirewall | Opens UDP port in firewall for fedimintd's API Iroh endpoint
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.life_bytes | Maximum bytes processed before CHILD_SA gets closed
|
| options/nixos/services.fedimintd.<name>.nginx.config.forceSSL | Whether to add a separate nginx server block that redirects (defaults
to 301, configurable with redirectCode) all plain HTTP traffic to
HTTPS
|
| options/nixos/systemd.services.<name>.confinement.enable | If set, all the required runtime store paths for this service are
bind-mounted into a tmpfs-based
chroot(2).
|
| options/darwin/launchd.agents.<name>.serviceConfig.HardResourceLimits.FileSize | The largest size (in bytes) file that may be created.
|
| options/darwin/launchd.agents.<name>.serviceConfig.SoftResourceLimits.FileSize | The largest size (in bytes) file that may be created.
|
| options/nixos/services.netbird.clients.<name>.environment | Environment for the netbird service, used to pass configuration options.
|
| options/nixos/services.netbird.tunnels.<name>.environment | Environment for the netbird service, used to pass configuration options.
|
| options/home-manager/programs.obsidian.vaults.<name>.settings.themes.*.enable | Whether to set the theme as active.
|
| options/nixos/services.zabbixWeb.httpd.virtualHost.locations.<name>.index | Adds DirectoryIndex directive
|
| options/nixos/services.zabbixWeb.httpd.virtualHost.locations.<name>.alias | Alias directory for requests
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.sha256_96 | HMAC-SHA-256 is used with 128-bit truncation with IPsec
|
| options/nixos/networking.wireless.networks.<name>.psk | The network's pre-shared key in plaintext defaulting
to being a network without any authentication.
Be aware that this will be written to the Nix store
in plaintext! Use pskRaw with an external
reference to keep it safe.
Mutually exclusive with pskRaw.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.HardResourceLimits | Resource limits to be imposed on the job
|
| options/darwin/launchd.daemons.<name>.serviceConfig.SoftResourceLimits | Resource limits to be imposed on the job
|
| options/nixos/services.nagios.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.strongswan-swanctl.swanctl.pools.<name>.dns | Address or CIDR subnets
StrongSwan default: []
|
| options/nixos/services.moodle.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.angrr.settings.profile-policies.<name>.keep-since | Retention period for the GC roots in this profile.
|
| options/nixos/services.printing.cups-pdf.instances.<name>.confFileText | This will contain the contents of cups-pdf.conf for this instance, derived from settings
|
| options/darwin/networking.wg-quick.interfaces.<name>.peers.*.publicKey | The public key for this peer.
|
| options/nixos/hardware.fw-fanctrl.config.strategies.<name>.speedCurve | How should the speed curve look like
|
| options/home-manager/accounts.contact.accounts.<name>.vdirsyncer.auth | Authentication settings
|
| options/nixos/services.zabbixWeb.nginx.virtualHost.locations.<name>.tryFiles | Adds try_files directive.
|
| options/darwin/users.users.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|
| options/nixos/users.users.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|
| options/nixos/services.prometheus.exporters.imap-mailstat.accounts.<name>.username | If empty string mailaddress value is used
|
| options/nixos/networking.wireless.networks.<name>.ssid | You could use this field to override the network's ssid
|
| options/nixos/services.beesd.filesystems.<name>.extraOptions | Extra command-line options passed to the daemon
|
| options/home-manager/accounts.email.accounts.<name>.lieer.settings.timeout | HTTP timeout in seconds. 0 means forever or system timeout.
|
| options/nixos/systemd.user.timers.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| options/nixos/systemd.user.slices.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| options/home-manager/launchd.agents.<name>.config.KeepAlive | This optional key is used to control whether your job is to be kept continuously running or to let
demand and conditions control the invocation
|
| options/nixos/services.snipe-it.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| options/nixos/services.matrix-continuwuity.settings.global.unix_socket_path | Listen on a UNIX socket at the specified path
|
| options/darwin/services.gitlab-runner.services.<name>.dockerAllowedImages | Whitelist allowed images.
|
| options/nixos/services.gitlab-runner.services.<name>.dockerAllowedImages | Whitelist allowed images.
|
| options/nixos/services.jibri.xmppEnvironments.<name>.xmppDomain | The base XMPP domain.
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.SoftResourceLimits.CPU | The maximum amount of cpu time (in seconds) to be used by each process.
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.HardResourceLimits.CPU | The maximum amount of cpu time (in seconds) to be used by each process.
|
| options/darwin/launchd.agents.<name>.serviceConfig.WorkingDirectory | This optional key is used to specify a directory to chdir(2) to before running the job.
|
| options/nixos/services.fedimintd.<name>.nginx.config.reuseport | Create an individual listening socket
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.mode | IPsec Mode to establish CHILD_SA with.
tunnel negotiates the CHILD_SA in IPsec Tunnel Mode,- whereas
transport uses IPsec Transport Mode.
transport_proxy signifying the special Mobile IPv6
Transport Proxy Mode.beet is the Bound End to End Tunnel mixture mode,
working with fixed inner addresses without the need to include them in
each packet.- Both
transport and beet modes are
subject to mode negotiation; tunnel mode is
negotiated if the preferred mode is not available.
pass and drop are used to install
shunt policies which explicitly bypass the defined traffic from IPsec
processing or drop it, respectively
|
| options/nixos/services.blockbook-frontend.<name>.extraConfig | Additional configurations to be appended to coin.conf
|
| options/nixos/services.wordpress.sites.<name>.virtualHost.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| options/darwin/users.users.<name>.openssh.authorizedKeys.keys | A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys
|
| options/nixos/users.users.<name>.openssh.authorizedKeys.keys | A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys
|
| options/nixos/services.nebula.networks.<name>.lighthouse.dns.port | UDP port number for lighthouse DNS server.
|
| options/nixos/services.tahoe.introducers.<name>.tub.location | The external location that the introducer should listen on
|
| options/nixos/services.honk.host | The host name or IP address the server should listen to.
|
| options/nixos/services.mysql.galeraCluster.localName | The unique name that identifies this particular node within the cluster
|
| options/nixos/services.neo4j.ssl.policies | Defines the SSL policies for use with Neo4j connectors
|
| options/nixos/services.anuko-time-tracker.nginx.serverName | Name of this virtual host
|
| options/home-manager/programs.vicinae.themes | Theme settings to add to the themes folder in ~/.config/vicinae/themes
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.local_ts | List of local traffic selectors to include in CHILD_SA
|
| options/nixos/services.vault-agent.instances.<name>.settings | Free-form settings written directly to the config.json file
|
| options/nixos/services.microsocks.authPasswordFile | Path to a file containing the password for authentication.
|
| options/nixos/services.matomo.nginx.sslCertificate | Path to server SSL certificate.
|
| options/nixos/services.thanos.sidecar.tracing.config-file | Path to YAML file that contains tracing configuration
|
| options/nixos/services.snipe-it.nginx.sslCertificateKey | Path to server SSL certificate key.
|
| options/nixos/services.monica.nginx.sslCertificate | Path to server SSL certificate.
|
| options/nixos/services.quassel.certificateFile | Path to the certificate used for SSL connections with clients.
|
| options/nixos/services.oauth2-proxy.google.serviceAccountJSON | The path to the service account JSON credentials.
|
| options/nixos/services.thanos.compact.tracing.config-file | Path to YAML file that contains tracing configuration
|
| options/nixos/services.pretalx.settings.database.host | Database host or socket path.
|
| options/nixos/services.thanos.receive.tracing.config-file | Path to YAML file that contains tracing configuration
|
| options/nixos/services.grafana.settings.smtp.key_file | File path to a key file.
|
| options/nixos/services.fluidd.nginx.sslCertificate | Path to server SSL certificate.
|
| options/nixos/services.gancio.nginx.sslCertificate | Path to server SSL certificate.
|
| options/nixos/services.akkoma.extraPackages | List of extra packages to include in the executable search path of the service unit
|
| options/nixos/services.akkoma.nginx.sslCertificate | Path to server SSL certificate.
|
| options/home-manager/programs.sketchybar.extraPackages | Extra packages to add to PATH for the sketchybar service.
|
| options/home-manager/programs.chromium.extensions.*.crxPath | Path to the extension's crx file
|
| options/home-manager/wayland.windowManager.wayfire.package | The wayfire package to use
|
| options/home-manager/programs.sketchybar.config.source | The path to be linked to .config/sketchybar if source is a directory,
or to .config/sketchybar/sketchybarrc if it is a file.
|
| options/nixos/services.unpoller.unifi.defaults.pass | Path of a file containing the password for the unifi service user
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.HardResourceLimits | Resource limits to be imposed on the job
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.SoftResourceLimits | Resource limits to be imposed on the job
|
| options/nixos/services.radicle.httpd.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.dependency-track.settings."alpine.oidc.username.claim" | Defines the name of the claim that contains the username in the provider's userinfo endpoint
|
| options/nixos/services.cgit.<name>.gitHttpBackend.checkExportOkFiles | Whether git-http-backend should only export repositories that contain a git-daemon-export-ok file
|
| options/nixos/services.woodpecker-agents.agents.<name>.enable | Whether to enable this Woodpecker-Agent
|
| options/nixos/services.tarsnap.archives.<name>.verylowmem | Reduce memory consumption by a factor of 2 beyond what
lowmem does, at the cost of significantly
slowing down the archiving process.
|
| options/nixos/services.wordpress.sites.<name>.virtualHost.extraConfig | These lines go to httpd.conf verbatim
|
| options/nixos/networking.wg-quick.interfaces.<name>.peers.*.publicKey | The base64 public key to the peer.
|
| options/nixos/services.fedimintd.<name>.bitcoin.rpc.secretFile | If set the URL specified in bitcoin.rpc.url will get the content of this file added
as an URL password, so http://user@example.com will turn into http://user:SOMESECRET@example.com
|
| options/nixos/services.easytier.instances.<name>.settings.instance_name | Identify different instances on same host
|