| options/nixos/services.matrix-alertmanager.matrixRooms | Combination of Alertmanager receiver(s) and rooms for the bot to join
|
| options/nixos/networking.wireguard.interfaces.<name>.socketNamespace | The pre-existing network namespace in which the
WireGuard interface is created, and which retains the socket even if the
interface is moved via interfaceNamespace
|
| options/home-manager/programs.firefox.profiles.<name>.extensions.exactPermissions | When enabled,
programs.firefox.profiles.<profile>.extensions.settings.<extensionID>.permissions
must specify the exact set of permissions that the
extension will request
|
| options/home-manager/accounts.calendar.accounts.<name>.vdirsyncer.verifyFingerprint | Optional
|
| options/darwin/networking.wg-quick.interfaces.<name>.peers.*.persistentKeepalive | Interval in seconds to send keepalive packets
|
| options/home-manager/accounts.contact.accounts.<name>.vdirsyncer.conflictResolution | What to do in case of a conflict between the storages
|
| options/nixos/networking.dhcpcd.setHostname | Whether to set the machine hostname based on the information
received from the DHCP server.
The hostname will be changed only if the current one is
the empty string, localhost or nixos
|
| options/nixos/virtualisation.oci-containers.containers.<name>.cmd | Commandline arguments to pass to the image's entrypoint.
|
| options/nixos/virtualisation.sharedDirectories.<name>.source | The path of the directory to share, can be a shell variable
|
| options/nixos/virtualisation.sharedDirectories.<name>.target | The mount point of the directory inside the virtual machine
|
| options/home-manager/programs.yazi.shellWrapperName | Name of the shell wrapper to be called.
|
| options/nixos/users.extraUsers.<name>.initialHashedPassword | Specifies the initial hashed password for the user, i.e. the
hashed password assigned if the user does not already
exist
|
| options/home-manager/programs.borgmatic.backups.<name>.storage.encryptionPasscommand | Command writing the passphrase to standard output.
|
| options/nixos/security.tpm2.fapi.profileName | Name of the default cryptographic profile chosen from the profile_dir directory.
|
| options/nixos/networking.openconnect.interfaces.<name>.extraOptions | Extra config to be appended to the interface config
|
| options/nixos/services.datadog-agent.extraIntegrations | Extra integrations from the Datadog core-integrations
repository that should be built and included
|
| options/home-manager/programs.vicinae.extensions | List of Vicinae extensions to install
|
| options/home-manager/accounts.email.accounts.<name>.lieer.settings.local_trash_tag | Local tag to which the remote Gmail 'TRASH' label is translated.
|
| options/nixos/services.prometheus.exporters.exportarr-readarr.user | User name under which the exportarr-readarr exporter shall be run.
|
| options/nixos/virtualisation.oci-containers.containers.<name>.image | OCI image to run.
|
| options/nixos/services.prometheus.exporters.artifactory.user | User name under which the artifactory exporter shall be run.
|
| options/nixos/services.h2o.defaultTLSRecommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| options/nixos/virtualisation.oci-containers.containers.<name>.podman.user | The user under which the container should run.
|
| options/nixos/virtualisation.oci-containers.containers.<name>.user | Override the username or UID (and optionally groupname or GID) used
in the container.
|
| options/nixos/services.postgresql.ensureUsers.*.ensureDBOwnership | Grants the user ownership to a database with the same name
|
| options/home-manager/programs.yazi.plugins | Lua plugins
|
| options/nixos/services.prometheus.exporters.mqtt.prometheusPrefix | Prefix added to the metric name.
|
| options/nixos/<imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowCN | Allow client if common name appears in the list.
|
| options/nixos/services.mqtt2influxdb.influxdb.database | Name of the InfluxDB database.
|
| options/home-manager/accounts.calendar.accounts.<name>.vdirsyncer.conflictResolution | What to do in case of a conflict between the storages
|
| options/nixos/<imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowOU | Allow client if organizational unit name appears in the list.
|
| options/nixos/boot.kernelPatches | A list of additional patches to apply to the kernel
|
| options/nixos/virtualisation.oci-containers.containers.<name>.pull | Image pull policy for the container
|
| options/nixos/hardware.nvidia-container-toolkit.enable-hooks | List of hooks to enable when generating the CDI specification
|
| options/home-manager/programs.yazi.flavors | Pre-made themes
|
| options/nixos/networking.openconnect.interfaces.<name>.certificate | Certificate to authenticate with.
|
| options/nixos/virtualisation.credentials.<name>.mechanism | The mechanism used to pass the credential to the VM.
|
| options/nixos/users.users.<name>.initialPassword | Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist
|
| options/nixos/boot.initrd.secrets | Secrets to append to the initrd
|
| options/nixos/<imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowURI | Allow client if URI subject alternative name appears in the list.
|
| options/nixos/<imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowDNS | Allow client if DNS subject alternative name appears in the list.
|
| options/nixos/services.xserver.desktopManager.gnome.flashback.customSessions.*.wmLabel | The name of the window manager to show in the session chooser.
|
| options/nixos/services.headscale.settings.tls_letsencrypt_hostname | Domain name to request a TLS certificate for.
|
| options/home-manager/programs.claude-code.hooks | Custom hooks for Claude Code
|
| options/nixos/virtualisation.oci-containers.containers.<name>.labels | Labels to attach to the container at runtime.
|
| options/nixos/services.matrix-appservice-discord.settings | config.yaml configuration as a Nix attribute set
|
| options/nixos/networking.wireguard.interfaces.<name>.peers.*.presharedKey | Base64 preshared key generated by wg genpsk
|
| options/nixos/services.warpgate.settings.external_host | Configure the domain name of this Warpgate instance
|
| options/nixos/services.chatgpt-retrieval-plugin.qdrantCollection | name of the qdrant collection used to store documents.
|
| options/nixos/services.crowdsec-firewall-bouncer.settings.api_key | API key to authenticate with a local crowdsec API
|
| options/nixos/services.prometheus.exporters.exportarr-prowlarr.user | User name under which the exportarr-prowlarr exporter shall be run.
|
| options/nixos/networking.bonds.<name>.xmit_hash_policy | DEPRECATED, use driverOptions
|
| options/home-manager/programs.librewolf.profiles.<name>.extensions.exactPermissions | When enabled,
programs.librewolf.profiles.<profile>.extensions.settings.<extensionID>.permissions
must specify the exact set of permissions that the
extension will request
|
| options/nixos/hardware.display.edid.linuxhw | Exposes EDID files from users-sourced database at https://github.com/linuxhw/EDID
Attribute names will be mapped to EDID filenames <NAME>.bin
|
| options/darwin/services.aerospace.settings.on-window-detected.*."if".workspace | The workspace name to match (optional).
|
| options/nixos/virtualisation.oci-containers.containers.<name>.podman | Podman-specific settings in OCI containers
|
| options/nixos/services.matrix-appservice-irc.settings.homeserver.domain | The 'domain' part for user IDs on this home server
|
| options/nixos/programs.regreet.font.package | The package that provides the font given in the name option.
|
| options/nixos/virtualisation.oci-containers.containers.<name>.devices | List of devices to attach to this container.
|
| options/nixos/hardware.nvidia-container-toolkit.disable-hooks | List of hooks to disable when generating the CDI specification
|
| options/nixos/services.journaldriver.googleCloudProject | Configures the name of the Google Cloud project to which to
forward journald logs
|
| options/nixos/services.nipap.settings.auth.default_backend | Name of auth backend to use by default.
|
| options/nixos/virtualisation.oci-containers.containers.<name>.workdir | Override the default working directory for the container.
|
| options/nixos/networking.wireguard.interfaces.<name>.interfaceNamespace | The pre-existing network namespace the WireGuard
interface is moved to
|
| options/nixos/services.mosquitto.listeners.*.authPlugins.*.denySpecialChars | Automatically disallow all clients using #
or + in their name/id.
|
| options/nixos/services.taskserver.organisations | An attribute set where the keys name the organisation and the values
are a set of lists of users and
groups.
|
| options/nixos/networking.nameservers | The list of nameservers
|
| options/nixos/services.strongswan-swanctl.swanctl.connections | Section defining IKE connection configurations, each in its own subsection
with an arbitrary yet unique name
|
| options/nixos/virtualisation.oci-containers.containers.<name>.autoStart | When enabled, the container is automatically started on boot
|
| options/nixos/services.crowdsec-firewall-bouncer.registerBouncer.bouncerName | Name to register the bouncer as to the CrowdSec API
|
| options/nixos/services.strongswan-swanctl.swanctl.authorities | Section defining complementary attributes of certification authorities, each
in its own subsection with an arbitrary yet unique name
|
| options/nixos/services.prometheus.exporters.modemmanager.user | User name under which the modemmanager exporter shall be run.
|
| options/nixos/services.outline.oidcAuthentication.displayName | Display name for OIDC authentication.
|
| options/nixos/services.pgbouncer.settings.pgbouncer.max_client_conn | Maximum number of client connections allowed
|
| options/nixos/services.postgresql.ensureUsers.*.ensureClauses.inherit | Grants the user created inherit permissions
|
| options/home-manager/programs.sbt.repositories | A list of repositories to use when resolving dependencies
|
| options/nixos/services.postgresql.systemCallFilter | Configures the syscall filter for postgresql.service
|
| options/nixos/virtualisation.oci-containers.containers.<name>.login.registry | Registry where to login to.
|
| options/nixos/containers.<name>.allowedDevices.*.modifier | Device node access modifier
|
| options/nixos/services.warpgate.settings.sso_providers.*.label | SSO provider name displayed on login page.
|
| options/home-manager/programs.mercurial.userName | Default user name to use.
|
| options/nixos/boot.zfs.extraPools | Name or GUID of extra ZFS pools that you wish to import during boot
|
| options/nixos/services.sanoid.datasets.<name>.force_post_snapshot_script | Whether to run the post script if the pre script fails
|
| options/nixos/virtualisation.oci-containers.containers.<name>.autoRemoveOnStop | Automatically remove the container when it is stopped or killed
|
| options/nixos/users.extraUsers.<name>.initialPassword | Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist
|
| options/home-manager/programs.floorp.profiles.<name>.extensions.exhaustivePermissions | When enabled, the user must authorize requested
permissions for all extensions from
programs.floorp.profiles.<profile>.extensions.packages
in
programs.floorp.profiles.<profile>.extensions.settings.<extensionID>.permissions
|
| options/nixos/virtualisation.oci-containers.containers.<name>.networks | Networks to attach the container to
|
| options/nixos/systemd.automounts.*.wantedBy | Units that want (i.e. depend on) this unit
|
| options/home-manager/programs.radio-active.aliases | Key/value pairs where the key is name of radio station and value is URL.
|
| options/nixos/programs.regreet.theme.package | The package that provides the theme given in the name option.
|
| options/nixos/virtualisation.oci-containers.containers.<name>.extraOptions | Extra options for podman run.
|
| options/nixos/services.sanoid.templates.<name>.force_post_snapshot_script | Whether to run the post script if the pre script fails
|
| options/home-manager/programs.firefox.profiles.<name>.extensions.exhaustivePermissions | When enabled, the user must authorize requested
permissions for all extensions from
programs.firefox.profiles.<profile>.extensions.packages
in
programs.firefox.profiles.<profile>.extensions.settings.<extensionID>.permissions
|
| options/nixos/services.multipath.devices.*.user_friendly_names | If set to "yes", using the bindings file /etc/multipath/bindings
to assign a persistent and unique alias to the multipath, in the
form of mpath
|
| options/home-manager/programs.gnome-shell.theme.package | Package providing a GNOME Shell theme in
$out/share/themes/${name}/gnome-shell.
|
| options/nixos/networking.hostName | The name of the machine
|
| options/home-manager/accounts.email.accounts.<name>.mujmap.settings.password_command | Shell command which will print a password to stdout for basic HTTP
authentication
|
| options/home-manager/programs.sbt.plugins.*.artifact | The name of the artifact.
|
| options/nixos/services.postgresql.ensureUsers.*.ensureClauses.createdb | Grants the user, created by the ensureUser attr, createdb permissions
|
| options/nixos/virtualisation.oci-containers.containers.<name>.preRunExtraOptions | Extra options for podman that go before the run argument.
|