| options/nixos/services.dolibarr.h2o.tls.identity.*.certificate-file | Path to certificate file
|
| options/nixos/services.ocsinventory-agent.settings.local | If specified, the OCS Inventory Agent will run in offline mode
and the resulting inventory file will be stored in the specified path.
|
| options/nixos/virtualisation.podman.networkSocket.tls.cert | Path to certificate describing the server.
|
| options/home-manager/accounts.calendar.accounts.<name>.vdirsyncer.clientSecretCommand | A command that prints the OAuth credentials to standard
output
|
| options/home-manager/programs.senpai.config.nickname | Your nickname, sent with a NICK IRC message
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.SoftResourceLimits.ResidentSetSize | The maximum size (in bytes) to which a process's resident set size may grow
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.HardResourceLimits.ResidentSetSize | The maximum size (in bytes) to which a process's resident set size may grow
|
| options/home-manager/accounts.contact.accounts.<name>.pimsync.extraLocalStorageDirectives | Extra directives that should be added under this accounts local storage directive
|
| options/nixos/services.limesurvey.httpd.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/nixos/services.limesurvey.nginx.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| options/home-manager/programs.obsidian.vaults.<name>.settings.communityPlugins.*.settings | Settings to include in the plugin's data.json.
|
| options/home-manager/wayland.windowManager.sway.config.bindswitches.<name>.reload | If the --reload flag is given, the binding will
also be executed when the config is reloaded.
toggle bindings will not be executed on reload
|
| options/nixos/services.cloudflared.tunnels.<name>.originRequest.proxyType | cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP
|
| options/home-manager/accounts.email.accounts.<name>.aerc.imapOauth2Params.client_secret | The OAuth2 client secret.
|
| options/home-manager/accounts.email.accounts.<name>.aerc.smtpOauth2Params.client_secret | The OAuth2 client secret.
|
| options/nixos/services.sourcehut.settings.mail.pgp-privkey | An absolute file path (which should be outside the Nix-store)
to an OpenPGP private key
|
| options/nixos/boot.loader.generic-extlinux-compatible.populateCmd | Contains the builder command used to populate an image,
honoring all options except the -c <path-to-default-configuration>
argument
|
| options/nixos/services.prometheus.exporters.blackbox.configFile | Path to configuration file.
|
| options/nixos/services.prometheus.exporters.ping.telemetryPath | Path under which to expose metrics.
|
| options/nixos/services.prometheus.exporters.unbound.unbound.ca | Path to the Unbound server certificate authority
|
| options/nixos/services.prometheus.exporters.mail.telemetryPath | Path under which to expose metrics.
|
| options/nixos/services.prometheus.exporters.fastly.configFile | Path to a fastly-exporter configuration file
|
| options/nixos/services.prometheus.exporters.php-fpm.telemetryPath | Path under which to expose metrics.
|
| options/nixos/services.writefreely.admin.initialPasswordFile | Path to a file containing the initial password for the admin user
|
| options/nixos/services.tarsnap.archives.<name>.aggressiveNetworking | Upload data over multiple TCP connections, potentially
increasing tarsnap's bandwidth utilisation at the cost
of slowing down all other network traffic
|
| options/nixos/services.bacula-fd.tls.verifyPeer | Verify peer certificate
|
| options/nixos/services.bacula-sd.tls.verifyPeer | Verify peer certificate
|
| options/nixos/services.authelia.instances.<name>.settings.log.keep_stdout | Whether to also log to stdout when a file_path is defined.
|
| options/nixos/services.pantalaimon-headless.instances.<name>.listenAddress | The address where the daemon will listen to client connections
for this homeserver.
|
| options/home-manager/accounts.email.accounts.<name>.thunderbird.messageFilters.*.enabled | Whether this filter is currently active.
|
| options/nixos/services.anuko-time-tracker.hostname | The hostname to serve Anuko Time Tracker on.
|
| options/nixos/services.mautrix-meta.instances.<name>.environmentFile | File containing environment variables to substitute when copying the configuration
out of Nix store to the services.mautrix-meta.dataDir
|
| options/nixos/programs.nix-required-mounts.allowedPatterns.<name>.unsafeFollowSymlinks | Whether to enable Instructs the hook to mount the symlink targets as well, when any of
the paths contain symlinks
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.ah_proposals | AH proposals to offer for the CHILD_SA
|
| options/nixos/services.cloudflared.tunnels.<name>.edgeIPVersion | Specifies the IP address version (IPv4 or IPv6) used to establish a connection between cloudflared and the Cloudflare global network
|
| options/nixos/boot.binfmt.registrations.<name>.matchCredentials | Whether to launch with the credentials and security
token of the binary, not the interpreter (e.g. setuid
bit)
|
| options/nixos/services.bookstack.hostname | The hostname to serve BookStack on.
|
| options/nixos/services.discourse.hostname | The hostname to serve Discourse on.
|
| options/nixos/services.misskey.reverseProxy.webserver.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| options/nixos/services.prometheus.exporters.unbound.unbound.key | Path to the Unbound control socket key.
|
| options/nixos/services.sftpgo.settings.webdavd.bindings.*.address | Network listen address
|
| options/nixos/virtualisation.xen.store.settings.quota.maxPath | Path limit for the quota system.
|
| options/home-manager/programs.borgmatic.backups.<name>.location.repositories | List of local or remote repositories with paths and optional labels.
|
| options/nixos/services.gitlab-runner.services.<name>.environmentVariables | Custom environment variables injected to build environment
|
| options/darwin/services.gitlab-runner.services.<name>.environmentVariables | Custom environment variables injected to build environment
|
| options/nixos/networking.wg-quick.interfaces.<name>.peers.*.presharedKey | Base64 preshared key generated by wg genpsk
|
| options/nixos/services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.refresh_interval | The time after which the containers are refreshed
|
| options/nixos/services.cloudflared.tunnels.<name>.originRequest.noHappyEyeballs | Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.
|
| options/nixos/boot.zfs.forceImportAll | Forcibly import all ZFS pool(s)
|
| options/nixos/services.dovecot2.group | Dovecot group name.
|
| options/nixos/services.tt-rss.email.fromName | Name for sending outgoing mail
|
| options/nixos/services.rspamd.locals | Local configuration files, written into /etc/rspamd/local.d/{name}.
|
| options/nixos/services.tt-rss.virtualHost | Name of the nginx virtualhost to use and setup
|
| options/nixos/services.bacula-dir.tls.verifyPeer | Verify peer certificate
|
| options/nixos/services.borgbackup.jobs.<name>.encryption.passphrase | The passphrase the backups are encrypted with
|
| options/nixos/services.prometheus.scrapeConfigs.*.nerve_sd_configs.*.paths | Paths can point to a single service, or the root of a tree of services.
|
| options/darwin/launchd.daemons.<name>.serviceConfig.ProcessType | This optional key describes, at a high level, the intended purpose of the job
|
| options/nixos/services.hadoop.hdfs.namenode.extraEnv | Extra environment variables for HDFS NameNode
|
| options/nixos/services.namecoind.rpc.address | IP address the RPC server will bind to.
|
| options/nixos/services.multipath.devices.*.delay_watch_checks | This option is deprecated, and mapped to san_path_err_forget_rate
|
| options/nixos/services.kerberos_server.settings.realms.<name>.acl | The privileges granted to a user.
|
| options/home-manager/accounts.calendar.accounts.<name>.vdirsyncer.collections | The collections to synchronize between the storages.
|
| options/nixos/services.factorio.username | Your factorio.com login credentials
|
| options/nixos/services.hddfancontrol.settings.<drive-bay-name>.logVerbosity | Verbosity of the log level
|
| options/home-manager/programs.librewolf.profiles.<name>.search.meta.maintainers | List of maintainers of each module
|
| options/home-manager/programs.floorp.profiles.<name>.bookmarks.meta.maintainers | List of maintainers of each module
|
| options/nixos/services.misskey.reverseProxy.webserver.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| options/nixos/services.sourcehut.settings."builds.sr.ht::worker".buildlogs | Path to write build logs.
|
| options/nixos/services.paperless.environmentFile | Path to a file containing extra paperless config options in the systemd EnvironmentFile
format
|
| options/nixos/services.prometheus.exporters.varnish.varnishStatPath | Path to varnishstat.
|
| options/nixos/services.tailscale.useRoutingFeatures | Enables settings required for Tailscale's routing features like subnet routers and exit nodes
|
| options/darwin/launchd.agents.<name>.serviceConfig.SoftResourceLimits.NumberOfProcesses | The maximum number of simultaneous processes for this user id
|
| options/darwin/launchd.agents.<name>.serviceConfig.HardResourceLimits.NumberOfProcesses | The maximum number of simultaneous processes for this user id
|
| options/darwin/launchd.user.agents.<name>.serviceConfig.ProcessType | This optional key describes, at a high level, the intended purpose of the job
|
| options/home-manager/accounts.email.accounts.<name>.thunderbird.messageFilters.*.extraConfig | Extra settings to apply to the filter
|
| options/nixos/services.bcg.automaticRenameKitNodes | Automatically rename kit's nodes.
|
| options/nixos/services.namecoind.generate | Whether to generate (mine) Namecoins.
|
| options/nixos/networking.openconnect.interfaces.<name>.passwordFile | File containing the password to authenticate with
|
| options/nixos/networking.wireguard.interfaces.<name>.peers.*.allowedIPs | List of IP (v4 or v6) addresses with CIDR masks from
which this peer is allowed to send incoming traffic and to which
outgoing traffic for this peer is directed
|
| options/nixos/networking.wireguard.interfaces.<name>.generatePrivateKeyFile | Automatically generate a private key with
wg genkey, at the privateKeyFile location.
|
| options/home-manager/programs.borgmatic.backups.<name>.location.sourceDirectories | Directories to backup
|
| options/nixos/services.namecoind.rpc.allowFrom | List of IP address ranges allowed to use the RPC API
|
| options/home-manager/accounts.contact.accounts.<name>.pimsync.extraRemoteStorageDirectives | Extra directives that should be added under this accounts remote storage directive
|
| options/nixos/services.xserver.desktopManager.pantheon.sessionPath | Additional list of packages to be added to the session search path
|
| options/nixos/services.sourcehut.settings."meta.sr.ht::billing".stripe-secret-key | An absolute file path (which should be outside the Nix-store)
to a secret key for Stripe
|
| options/nixos/services.cadvisor.storageDriverPasswordFile | File that contains the cadvisor storage driver password.
storageDriverPasswordFile takes precedence over storageDriverPassword
Warning: when storageDriverPassword is non-empty this defaults to a file in the
world-readable Nix store that contains the value of storageDriverPassword
|
| options/nixos/services.prometheus.exporters.nginx.telemetryPath | Path under which to expose metrics.
|
| options/nixos/services.nextcloud.config.objectstore.s3.secretFile | The full path to a file that contains the access secret.
|
| options/nixos/services.prometheus.exporters.unpoller.loki.pass | Path of a file containing the password for Loki
|
| options/nixos/services.prometheus.exporters.nextcloud.url | URL to the Nextcloud serverinfo page
|
| options/nixos/services.xserver.desktopManager.cinnamon.sessionPath | Additional list of packages to be added to the session search path
|
| options/nixos/services.jirafeau.nginxConfig.sslTrustedCertificate | Path to root SSL certificate for stapling and client certificates.
|
| options/nixos/services.pantalaimon-headless.instances.<name>.extraSettings | Extra configuration options
|
| options/nixos/services.hadoop.hdfs.namenode.enable | Whether to enable HDFS NameNode.
|
| options/nixos/services.postgresqlWalReceiver.receivers.<name>.compress | Enables gzip compression of write-ahead logs, and specifies the compression level
(0 through 9, 0 being no compression and 9 being best compression)
|
| options/nixos/services.grav.virtualHost | Name of the nginx virtualhost to use and setup
|
| options/nixos/services.librenms.group | Name of the LibreNMS group.
|
| options/nixos/services.epmd.enable | Whether to enable socket activation for Erlang Port Mapper Daemon (epmd),
which acts as a name server on all hosts involved in distributed
Erlang computations.
|
| options/nixos/services.outline.smtp.host | Host name or IP address of the SMTP server.
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.ppk_id | String identifying the Postquantum Preshared Key (PPK) to be used.
|