| options/nixos/services.filesender.settings.storage_filesystem_path | When using storage type filesystem this is the absolute path to the file system where uploaded files are stored until they expire
|
| options/nixos/services.keepalived.vrrpInstances.<name>.virtualRouterId | Arbitrary unique number 1..255
|
| options/home-manager/accounts.email.accounts.<name>.thunderbird.profiles | List of Thunderbird profiles for which this account should be
enabled
|
| options/nixos/services.agorakit.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| options/nixos/services.kanboard.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| options/nixos/services.librenms.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| options/nixos/services.fediwall.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| options/nixos/services.dolibarr.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| options/nixos/services.pixelfed.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| options/nixos/services.mainsail.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| options/nixos/services.neo4j.ssl.policies.<name>.allowKeyGeneration | Allows the generation of a private key and associated self-signed
certificate
|
| options/home-manager/accounts.calendar.accounts.<name>.vdirsyncer.metadata | Metadata keys that should be synchronized when vdirsyncer
metasync is executed.
|
| options/nixos/services.i2pd.proto.http.hostname | Expected hostname for WebUI.
|
| options/nixos/services.printing.cups-pdf.instances.<name>.installPrinter | Whether to enable a CUPS printer queue for this instance
|
| options/home-manager/programs.borgmatic.backups.<name>.location.patterns | Patterns to include/exclude
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.xauth.<name>.id | Identity the EAP/XAuth secret belongs to
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.start_action | Action to perform after loading the configuration.
- The default of
none loads the connection only, which
then can be manually initiated or used as a responder configuration.
- The value
trap installs a trap policy, which triggers
the tunnel as soon as matching traffic has been detected.
- The value
start initiates the connection actively.
- Since version 5.9.6 two modes above can be combined with
trap|start,
to immediately initiate a connection for which trap policies have been installed
|
| options/nixos/services.limesurvey.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.pantalaimon-headless.instances.<name>.dataPath | The directory where pantalaimon should store its state such as the database file.
|
| options/nixos/services.wyoming.faster-whisper.servers.<name>.initialPrompt | Optional text to provide as a prompt for the first window
|
| options/nixos/services.wstunnel.clients.<name>.environmentFile | Environment file to be passed to the systemd service
|
| options/nixos/services.wstunnel.servers.<name>.environmentFile | Environment file to be passed to the systemd service
|
| options/nixos/networking.wireguard.interfaces.<name>.postShutdown | Commands called after shutting down the interface.
|
| options/nixos/networking.firewall.interfaces.<name>.allowedUDPPortRanges | Range of open UDP ports.
|
| options/nixos/boot.loader.systemd-boot.extraEntries | Any additional entries you want added to the systemd-boot menu
|
| options/nixos/services.mail.sendmailSetuidWrapper.program | The name of the wrapper program
|
| options/home-manager/accounts.email.accounts.<name>.thunderbird.settings | Extra settings to add to this Thunderbird account configuration
|
| options/home-manager/programs.firefox.profiles.<name>.extensions.settings | Attribute set of options for each extension
|
| options/nixos/services.calibre-web.options.enableBookConversion | Configure path to the Calibre's ebook-convert in the DB.
|
| options/nixos/services.grafana.settings.database.host | Only applicable to MySQL or Postgres
|
| options/nixos/services.grafana.settings.users.home_page | Path to a custom home page
|
| options/nixos/services.bacula-fd.tls.certificate | The full path to the PEM encoded TLS certificate
|
| options/nixos/services.bacula-sd.tls.certificate | The full path to the PEM encoded TLS certificate
|
| options/nixos/services.apache-kafka.configFiles.serverProperties | Kafka server.properties configuration file path
|
| options/nixos/services.thanos.compact.objstore.config | Object store configuration
|
| options/nixos/services.lighthouse.beacon.execution.jwtPath | Path for the jwt secret required to connect to the execution layer.
|
| options/nixos/services.plausible.database.postgres.socket | Path to the UNIX domain-socket to communicate with postgres.
|
| options/nixos/services.thanos.sidecar.objstore.config | Object store configuration
|
| options/nixos/services.snapserver.settings.http.doc_root | Path to serve from the HTTP servers root.
|
| options/nixos/services.movim.h2o.tls.identity.*.certificate-file | Path to certificate file
|
| options/nixos/services.umurmur.settings.private_key | Path to your SSL key
|
| options/nixos/services.umurmur.settings.certificate | Path to your SSL certificate
|
| options/nixos/services.thanos.receive.objstore.config | Object store configuration
|
| options/nixos/services.prometheus.exporters.bird.birdSocket | Path to BIRD2 (or BIRD1 v4) socket.
|
| options/nixos/services.jirafeau.nginxConfig.sslCertificate | Path to server SSL certificate.
|
| options/nixos/services.hostapd.radios.<name>.wifi4.capabilities | HT (High Throughput) capabilities given as a list of flags
|
| options/nixos/services.cloudflared.tunnels.<name>.warp-routing.enabled | Enable warp routing
|
| options/nixos/networking.wireguard.interfaces.<name>.fwMark | Mark all wireguard packets originating from
this interface with the given firewall mark
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.ecdsa.<name>.secret | Value of decryption passphrase for ECDSA key.
|
| options/nixos/services.mediawiki.httpd.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/home-manager/wayland.windowManager.sway.config.bindswitches.<name>.action | The sway command to execute on state changes
|
| options/home-manager/services.activitywatch.watchers.<name>.package | The activitywatch package to use
|
| options/nixos/services.anubis.instances.<name>.settings.DIFFICULTY | The difficulty required for clients to solve the challenge
|
| options/nixos/services.matomo.hostname | URL of the host, without https prefix
|
| options/nixos/services.kanidm.provision.systems.oauth2.<name>.originLanding | When redirecting from the Kanidm Apps Listing page, some linked applications may need to land on a specific page to trigger oauth2/oidc interactions.
|
| options/nixos/services.jibri.xmppEnvironments.<name>.call.login.passwordFile | File containing the password for the user.
|
| options/nixos/services.tor.relay.onionServices.<name>.settings.HiddenServiceSingleHopMode | See torrc manual.
|
| options/nixos/security.agnos.settings.accounts.*.certificates.*.key_output_file | Output path for the certificate private key
|
| options/nixos/services.matrix-synapse.settings.media_store_path | Directory where uploaded images and attachments are stored.
|
| options/nixos/users.users.<name>.hashedPassword | Specifies the hashed password for the user
|
| options/nixos/networking.wg-quick.interfaces.<name>.peers.*.allowedIPs | List of IP (v4 or v6) addresses with CIDR masks from
which this peer is allowed to send incoming traffic and to which
outgoing traffic for this peer is directed
|
| options/nixos/services.zabbixWeb.nginx.virtualHost.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| options/nixos/services.cloudflared.tunnels.<name>.originRequest.tcpKeepAlive | The timeout after which a TCP keepalive packet is sent on a connection between Tunnel and the origin server.
|
| options/nixos/services.printing.cups-pdf.instances.<name>.settings.Anonuser | User for anonymous PDF creation
|
| options/nixos/services.easytier.instances.<name>.environmentFiles | Environment files for this instance
|
| options/nixos/networking.wg-quick.interfaces.<name>.generatePrivateKeyFile | Automatically generate a private key with
wg genkey, at the privateKeyFile location.
|
| options/nixos/services.strongswan-swanctl.swanctl.secrets.pkcs8.<name>.secret | Value of decryption passphrase for PKCS#8 key.
|
| options/nixos/virtualisation.interfaces.<name>.assignIP | Automatically assign an IP address to the network interface using the same scheme as
virtualisation.vlans.
|
| options/nixos/services.sourcehut.settings."sr.ht".network-key | An absolute file path (which should be outside the Nix-store)
to a secret key to encrypt internal messages with
|
| options/nixos/services.bacula-dir.tls.certificate | The full path to the PEM encoded TLS certificate
|
| options/nixos/services.desktopManager.pantheon.sessionPath | Additional list of packages to be added to the session search path
|
| options/nixos/services.librespeed.frontend.servers.*.ulURL | URL path to upload test on this server
|
| options/nixos/services.librespeed.frontend.servers.*.dlURL | URL path to download test on this server
|
| options/nixos/services.opensnitch.settings.Ebpf.ModulesPath | Configure eBPF modules path
|
| options/nixos/services.pretalx.settings.filesystem.static | Path to the directory that contains static files.
|
| options/nixos/services.gitlab-runner.services.<name>.requestConcurrency | Limit number of concurrent requests for new jobs from GitLab.
|
| options/nixos/services.limesurvey.nginx.virtualHost.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| options/darwin/services.gitlab-runner.services.<name>.requestConcurrency | Limit number of concurrent requests for new jobs from GitLab.
|
| options/nixos/services.fcron.allow | Users allowed to use fcrontab and fcrondyn (one name per
line, all for everyone).
|
| options/nixos/services.pihole-web.hostName | Domain name for the website.
|
| options/nixos/services.tayga.tunDevice | Name of the nat64 tun device.
|
| options/nixos/services.openssh.settings.UseDns | Specifies whether sshd(8) should look up the remote host name, and to check that the resolved host name for
the remote IP address maps back to the very same IP address
|
| options/home-manager/programs.pay-respects.rules | Runtime rule files written to
$XDG_CONFIG_HOME/pay-respects/rules/.toml
|
| options/nixos/services.namecoind.enable | Whether to enable namecoind, Namecoin client.
|
| options/nixos/networking.firewall.interfaces.<name>.allowedTCPPortRanges | A range of TCP ports on which incoming connections are
accepted.
|
| options/nixos/services.tor.relay.onionServices.<name>.settings.HiddenServiceMaxStreams | See torrc manual.
|
| options/home-manager/systemd.user.automounts.<name>.Unit.Documentation | List of URIs referencing documentation for the unit.
|
| options/nixos/services.vmalert.instances.<name>.settings."datasource.url" | Datasource compatible with Prometheus HTTP API.
|
| options/nixos/systemd.network.networks.<name>.deficitRoundRobinSchedulerConfig | Each attribute in this set specifies an option in the
[DeficitRoundRobinScheduler] section of the unit
|
| options/nixos/services.kanidm.provision.systems.oauth2.<name>.enableLegacyCrypto | Enable legacy crypto on this client
|
| options/darwin/launchd.daemons.<name>.serviceConfig.ThrottleInterval | This key lets one override the default throttling policy imposed on jobs by launchd
|
| options/nixos/services.hddfancontrol.settings.<drive-bay-name>.extraArgs | Extra commandline arguments for hddfancontrol
|
| options/home-manager/programs.hexchat.channels.<name>.options.connectToSelectedServerOnly | Connect to selected server only.
|
| options/nixos/services.radicle.ci.adapters.native.instances.<name>.settings | Configuration of radicle-native-ci
|
| options/home-manager/accounts.contact.accounts.<name>.vdirsyncer.clientIdCommand | A command that prints the OAuth credentials to standard
output
|
| options/home-manager/programs.borgmatic.backups.<name>.consistency.extraConfig | Extra settings.
|
| options/nixos/services.radicle.httpd.nginx.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| options/nixos/services.woodpecker-agents.agents.<name>.environment | woodpecker-agent config environment variables, for other options read the documentation
|
| options/nixos/services.limesurvey.httpd.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| options/darwin/launchd.agents.<name>.serviceConfig.inetdCompatibility | The presence of this key specifies that the daemon expects to be run as if it were launched from inetd.
|