| options/nixos/nix.settings.trusted-public-keys | List of public keys used to sign binary caches
|
| options/darwin/nix.settings.trusted-public-keys | List of public keys used to sign binary caches
|
| options/nixos/nix.settings.require-sigs | If enabled (the default), Nix will only download binaries from binary caches if
they are cryptographically signed with any of the keys listed in
nix.settings.trusted-public-keys
|
| options/darwin/nix.settings.require-sigs | If enabled (the default), Nix will only download binaries from binary caches if
they are cryptographically signed with any of the keys listed in
nix.settings.trusted-public-keys
|
| options/nixos/nix.sshServe.keys | A list of SSH public keys allowed to access the binary cache via SSH.
|
| options/nixos/services.ncdns.dnssec.keys.public | Path to the file containing the KSK public key
|
| options/nixos/services.zeyple.keys | List of public key files that will be imported by gpg.
|
| options/home-manager/programs.gpg.publicKeys | A list of public keys to be imported into GnuPG
|
| options/nixos/services.ncps.upstream.publicKeys | A list of public keys of upstream caches in the format
host[-[0-9]*]:public-key
|
| options/nixos/users.users.<name>.openssh.authorizedKeys.keys | A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys
|
| options/darwin/users.users.<name>.openssh.authorizedKeys.keys | A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys
|
| options/nixos/programs.ssh.knownHosts.<name>.publicKeyFile | The path to the public key file for the host
|
| options/nixos/users.extraUsers.<name>.openssh.authorizedKeys.keys | A list of verbatim OpenSSH public keys that should be added to the
user's authorized keys
|
| options/nixos/services.ncps.cache.upstream.publicKeys | A list of public keys of upstream caches in the format
host[-[0-9]*]:public-key
|
| options/nixos/services.openssh.knownHosts.<name>.publicKeyFile | The path to the public key file for the host
|
| options/nixos/services.ncdns.dnssec.keys.zonePublic | Path to the file containing the ZSK public key
|
| options/nixos/nix.sshServe.trusted | Whether to add nix-ssh to the nix.settings.trusted-users
|
| options/nixos/services.userdbd.enableSSHSupport | Whether to enable exposing OpenSSH public keys defined in userdb
|
| options/home-manager/programs.gpg.publicKeys.*.trust | The amount of trust you have in the key ownership and the care the
owner puts into signing other keys
|
| options/nixos/services.sourcehut.settings."meta.sr.ht::billing".stripe-public-key | Public key for Stripe
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.pubkeys | List of raw public key candidates to use for
authentication
|
| options/nixos/services.movim.h2o.acme.root | Directory for the ACME challenge, which is public
|
| options/nixos/services.davis.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.slskd.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.movim.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.snipe-it.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.h2o.hosts.<name>.acme.root | Directory for the ACME challenge, which is public
|
| options/nixos/services.akkoma.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.gancio.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.fluidd.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.matomo.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.monica.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.rosenpass.settings.public_key | Path to a file containing the public key of the local Rosenpass peer
|
| options/nixos/services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.pubkeys | List of raw public keys to accept for
authentication
|
| options/nixos/services.dolibarr.h2o.acme.root | Directory for the ACME challenge, which is public
|
| options/nixos/services.fediwall.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.kanboard.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.dolibarr.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.librenms.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.agorakit.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.pixelfed.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.mainsail.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.moodle.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.nagios.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.radicle.httpd.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.anuko-time-tracker.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.httpd.virtualHosts.<name>.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.nginx.virtualHosts.<name>.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.bookstack.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.cryptpad.settings.adminKeys | List of public signing keys of users that can access the admin panel
|
| options/nixos/users.users.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|
| options/darwin/users.users.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|
| options/nixos/services.jirafeau.nginxConfig.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.zabbixWeb.httpd.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.zabbixWeb.nginx.virtualHost.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/users.extraUsers.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|
| options/nixos/services.drupal.sites.<name>.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.fwupd.extraTrustedKeys | Installing a public key allows firmware signed with a matching private key to be recognized as trusted, which may require less authentication to install than for untrusted files
|
| options/nixos/services.guix.publish.generateKeyPair | Whether to generate signing keys in /etc/guix which are
required to initialize a substitute server
|
| options/nixos/services.borgbackup.repos.<name>.authorizedKeys | Public SSH keys that are given full write access to this repository
|
| options/nixos/services.fedimintd.<name>.nginx.config.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/services.borgbackup.repos | Serve BorgBackup repositories to given public SSH keys,
restricting their access to the repository only
|
| options/nixos/services.neo4j.ssl.policies.<name>.allowKeyGeneration | Allows the generation of a private key and associated self-signed
certificate
|
| options/nixos/services.nsd.keys | Define your TSIG keys here.
|
| options/nixos/services.kubernetes.pki.caCertPathPrefix | Path-prefrix for the CA-certificate to be used for cfssl signing
|
| options/nixos/services.limesurvey.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.mediawiki.httpd.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.wordpress.sites.<name>.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.yggdrasil.settings.AllowedPublicKeys | List of peer public keys to allow incoming peering connections from
|
| options/nixos/services.limesurvey.httpd.virtualHost.acmeRoot | Directory for the acme challenge which is PUBLIC, don't put certs or keys in here
|
| options/nixos/services.limesurvey.nginx.virtualHost.acmeRoot | Directory for the ACME challenge, which is public
|
| options/home-manager/xdg.userDirs.publicShare | The Public share directory.
|
| options/nixos/services.libeufin.nexus.settings.nexus-ebics.BANK_PUBLIC_KEYS_FILE | Filesystem location where Nexus should store the bank public keys.
|
| options/nixos/services.openssh.authorizedKeysCommand | Specifies a program to be used to look up the user's public
keys
|
| options/nixos/services.kubernetes.apiserver.serviceAccountKeyFile | File containing PEM-encoded x509 RSA or ECDSA private or public keys,
used to verify ServiceAccount tokens
|
| options/nixos/services.misskey.reverseProxy.webserver.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| options/nixos/nix.settings.allowed-users | A list of names of users (separated by whitespace) that are
allowed to connect to the Nix daemon
|
| options/darwin/nix.settings.allowed-users | A list of names of users (separated by whitespace) that are
allowed to connect to the Nix daemon
|
| options/nixos/security.pam.rssh.settings.auth_key_file | Path to file with trusted public keys in OpenSSH's authorized_keys format
|
| options/nixos/nix.buildMachines.*.sshUser | The username to log in as on the remote host
|
| options/home-manager/nix.buildMachines.*.sshUser | The username to log in as on the remote host
|
| options/darwin/nix.buildMachines.*.sshUser | The username to log in as on the remote host
|
| options/nixos/services.matrix-tuwunel.settings.global.trusted_servers | Servers listed here will be used to gather public keys of other servers
(notary trusted key servers)
|
| options/nixos/nix.buildMachines.*.publicHostKey | The (base64-encoded) public host key of this builder
|
| options/home-manager/nix.buildMachines.*.publicHostKey | The (base64-encoded) public host key of this builder
|
| options/darwin/nix.buildMachines.*.publicHostKey | The (base64-encoded) public host key of this builder
|
| options/nixos/services.public-inbox.path | Additional packages to place in the path of public-inbox-mda,
public-inbox-watch, etc.
|
| options/nixos/services.borgbackup.repos.<name>.authorizedKeysAppendOnly | Public SSH keys that can only be used to append new data (archives) to the repository
|
| options/home-manager/programs.keychain.keys | Keys to add to keychain.
|
| options/nixos/services.tox-node.keysFile | Path to the file where DHT keys are stored.
|
| options/nixos/services.i2pd.proto.httpProxy.keys | File to persist HTTPPROXY keys.
|
| options/nixos/programs.ssh.knownHosts.<name>.publicKey | The public key data for the host
|
| options/darwin/programs.ssh.knownHosts.<name>.publicKey | The public key data for the host
|
| options/nixos/services.public-inbox.settings | Settings for the public-inbox config file.
|
| options/nixos/services.matrix-continuwuity.settings.global.trusted_servers | Servers listed here will be used to gather public keys of other servers
(notary trusted key servers)
|
| options/home-manager/programs.gpg.publicKeys.*.text | Text of an OpenPGP public key.
|
| options/nixos/services.i2pd.proto.socksProxy.keys | File to persist SOCKSPROXY keys.
|
| options/nixos/services.warpgate.settings.ssh.keys | Path to store SSH host & client keys.
|
| options/nixos/services.public-inbox.mda.args | Command-line arguments to pass to public-inbox-mda(1).
|
| options/nixos/services.public-inbox.nntp.key | Path to TLS key to use for connections to public-inbox-nntpd(1).
|