WARNING: This option will expose store your config unencrypted world-readable in the nix store

Configuration file for ZNC

The configuration object

File path containing the k3s YAML config

Definition of global systemd network config.

File path containing the rke2 YAML config

FRR configuration statements.

Attribute set of arbitrary config options

Verbatim nginx.conf configuration

Global configuration for Nixpkgs

Miriway's config

The configuration object

Additional config

Fluentd config.

Contents of sssd.conf.

Contents of the drbd.conf configuration file.

Configuration to write to /etc/gitconfig

Unit configuration in JSON format

monitrc content

The configuration file passed to ukify(1) to create the UKI

Verbatim ferm.conf configuration.

BIRD Internet Routing Daemon configuration file. http://bird.network.cz/

Your config.yaml as a Nix attribute set

Contents of the Riemann configuration file

Verbatim Exim configuration

The contents of the radvd configuration file.

GVPE config contents

The path of dae config file, end with .dae.

The realm configuration, see https://github.com/zhboner/realm#overview for documentation.

Additional config entries for the fw-fanctrl service (documentation: https://github.com/TamtamHero/fw-fanctrl/blob/main/doc/configuration.md)

GVPE config file, if already present

Configuration to use for Name Service Cache Daemon

Sets which portal backend should be used to provide the implementation for the requested interface

Jibri configuration

Config options that you would like in logcheck.conf.

The config directory, for the access keys and other settings.

Configuration of this OpenVPN instance

Configuration for IPTSD

Contents of Dante's configuration file

Contents of the jicofo.conf configuration file.

The ngircd configuration (see ngircd.conf(5)).

Extra text added to the end of /etc/xonsh/xonshrc, the system-wide control file for xonsh.

The content of the system-wide ALSA configuration (/etc/asound.conf)

Cross-seed config directory

Path to directory containing oCIS config file

Contents of the sip-communicator.properties configuration file for jigasi.

ALSA config for loopback device.

Overridable config file to use for named

Path to config file

raw cloud-init configuration

The FireQOS configuration.

The absolute path to the configuration file

Content of /etc/target/saveconfig.json This file is normally read and written by targetcli

Definition of global systemd network config.

Path to the configuration file which maps the memory, IRQs and ports used by the PCMCIA hardware.

The YAML configuration for FlexGet.

Verbatim default.vcl configuration.

A YAML config file which can be used to configure karma instead of the nix-generated file.

Verbatim config file to use (see https://kazu-yamamoto.github.io/mighttpd2/config.html)

netdata.conf configuration as nix attributes. cannot be combined with configText.

Client-side web application settings that override the defaults in config.js

Path to the snmpd.conf file

The main.cf configuration file as key value set.

Contents of the HAProxy configuration file, haproxy.conf.

Verbatim Corefile to use

Path to Klipper config file.

Full smokeping config supplied by the user

Configuration for a secure pipe daemon

The contents of the configuration file of the X server (xorg.conf)

Extra configuration

Artalk config file path

A specification of the desired configuration of this container, as a NixOS module.

The absolute path to the configuration file

Path to config file

Davmail configuration

Solanum IRC daemon configuration file. check https://github.com/solanum-ircd/solanum/blob/main/doc/reference.conf for all options.

Server configuration, see https://maddy.email for more information

Structural setting for the rshim configuration file (/etc/rshim.conf)

Configuration for gtklock

Verbatim netdata.conf, cannot be combined with config.

Whether to enable configuration for WiVRn.

Path to default Klipper config.

URL to a HTTP/HTTPS proxy.

pppd configuration for this peer, see the pppd(8) man page.

Each attribute in this set specifies an option in the [DHCPv4] section of the networkd config

Each attribute in this set specifies an option in the [DHCPv6] section of the networkd config

Configuration content to start an OCServ server

Settings to add to the minetest config file

Verbatim advanced configuration file contents using the Erlang syntax

System wide configuration file for Speech Dispatcher

The contents of OpenTSDB's configuration file

The config file for the doh-server

Whether maubot should write updated config into extraConfigFile. This will make your Nix module settings have no effect besides the initial config, as extraConfigFile takes precedence over NixOS settings!

Contents added to the end of the riemann-dash configuration file.

The config file of crab-hole

Credentials for proxy.

Deluge core configuration for the core.conf file

(key=value) Configuration to be written to runtime.properties of the druid Druid Broker https://druid.apache.org/docs/latest/configuration/index.html

(key=value) Configuration to be written to runtime.properties of the druid Druid Router https://druid.apache.org/docs/latest/configuration/index.html

Path to config file (deprecated, use settings instead and set this value to null)

A Riemann config file

Configuration for Miniflux, refer to https://miniflux.app/docs/configuration.html for documentation on the supported values.

(Deprecated) Configuration for Spotifyd

sniproxy.conf configuration excluding the daemon username and pid file.

Path to the config to use

The location of Tautulli's config file.

Config file used for the whole dovecot configuration.

Whether to enable RSS feeds.

Configuration for Akkoma

Limit on the number of simultaneous connections allowed.

Configuration file to use for FRR

The Apache Tika configuration (XML) file to use.

Address to which spiped should connect.

This string contains the contents of the sudoers file.

Options that will be passed to the axlisten daemon.

Path to configuration file.

Addon to postfix configuration

Path to Pomerium config YAML

Each attribute in this set specifies an option in the [Network] section of the networkd config

This string contains the contents of the sudoers file.

Use this config directory instead of generating one from the settings option

Configuration for ZNC, see https://wiki.znc.in/Configuration for details

Verbatim contents of cntlm.conf.

Specify a configuration file that Loki should use

Configuration options in RabbitMQ's new config file format, which is a simple key-value format that can not express nested data structures

The location of the Drupal config sync directory.

Specify a configuration file that Mimir should use.

Charybdis IRC daemon configuration file.

Config file path for Promtail

Configuration to use for Cyrus SASL authentication daemon.

Specify a path to a configuration file that Tempo should use.

The config file

Path to the JavaScript configuration file

Overridable config file contents to use for lighttpd

Whether fish should source configuration snippets provided by other packages.

Radicale configuration, this will set the service configuration file

Verbatim inspircd.conf file

Complete netdata config directory except netdata.conf

Path to config file.

Path to config file

Configuration other than defcfg

Whether to enable request logs and debug endpoints.

Use base64 encoding for proxied media URLs.

Path to configuration file

Directory where to store cache files (if cache.type = "file").

Extra files containing Riemann configuration

Path to configuration file

Configuration file to use.

Config of the pulse daemon

scion-ip-gateway daemon configuration

Path to lesskey configuration file.

configFile takes precedence over commands, clearDefaultCommands, lineEditingKeys, and envVariables.

Path to the Gatus configuration file

Override the configuration file used by Apache

The config directory, where your configuration.yaml is located.

(key=value) Configuration to be written to runtime.properties of the druid Druid Overlord https://druid.apache.org/docs/latest/configuration/index.html

Verbatim contents of squid.conf

The path where the settings and keys will exist.

Content of carbon configuration file.

Path to initial supybot config file

rasdaemon configuration, currently only used for CE PFA for details, read rasdaemon.outPath/etc/sysconfig/rasdaemon's comments

Snipe-IT configuration options to set in the .env file

Defines route table names as an attrset of name to number

Override the configuration file used by MySQL

The content of rtorrent.rc

Nominatim UI configuration placed to theme/config.theme.js file

Take unencrypted connections from the source socket and send encrypted connections to the target socket.

Take encrypted connections from the source socket and send unencrypted connections to the target socket.

HQplayer daemon configuration, written to /etc/hqplayer/hqplayerd.xml

Options to go in the 'config setup' section of the Libreswan IPsec configuration

Config data directory

Mattermost config directory.

Attribute set of values for the given modem

Timeout, in seconds, after which an attempt to connect to the target or a protocol handshake will be aborted (and the connection dropped) if not completed

Alloy configuration file/directory path

Disables the stylus

LimeSurvey configuration

(key=value) Configuration to be written to runtime.properties of the druid Druid middleManager https://druid.apache.org/docs/latest/configuration/index.html

Whether to enable nixos-generate-config script.

Configuration file, default is generated from config.service.umurmur.settings

Override the configuration file used by Caddy

Path to config file.

Optional path to a custom atalkd.conf file

Database type.

Database name.

Database user.

Path to the angrr configuration file in TOML format

Path to the configuration file of dnsmasq.

Overridable configuration file contents to use for ntopng

Specify an alternative directory to store all the per-user configuration files.

Path to shibboleth config file

Path to CoreRAD TOML configuration file.

Configuration for ytdl-sub

Required fancontrol configuration file content

Configuration file for inadyn

Overrides to the nginx vhost section for api

Whether to enable system-config-printer, a Graphical user interface for CUPS administration.

Path to CNCF distribution config file

monica configuration options to set in the .env file

Whether to enable system-config-printer, a service for CUPS administration used by printing interfaces.

Configuration python file

Path to TOML config file

Create an admin user from environment variables.

Keyboard configuration.

The fully-qualifiled host name of the computer running nullmailer

List of packages that provide XDG desktop portal configuration, usually in the form of share/xdg-desktop-portal/$desktop-portals.conf

Enable or disable Systemd watchdog.

Kea DHCP6 configuration as a path, see https://kea.readthedocs.io/en/kea-3.0.2/arm/dhcp6-srv.html

Kea DHCP4 configuration as a path, see https://kea.readthedocs.io/en/kea-3.0.2/arm/dhcp4-srv.html

Name of a file containing the spiped key

Address to listen on

Minimum amount of usable tokens

Configuration for WiVRn

The path of the web root directory.

The full path to a file that contains the database password.

If true and routeTables are set, then the specified route tables will also be installed into /etc/iproute2/rt_tables.

If non-null, this option defines the text that is written to prometheus.yml

Wait for DNS

Path to TOML config file

Configuration file for persisting runtime changes

Configuration file to use with nohang

The configuration to give rss2email

Additional opendkim configuration as a file.

Path to the oxidized configuration file.

Declarative location config

(key=value) Configuration to be written to runtime.properties of the druid Druid Historical https://druid.apache.org/docs/latest/configuration/index.html

Your configuration.yaml as a Nix attribute set

The very first lines of the configuration file

Kea DHCP-DDNS configuration as a path, see https://kea.readthedocs.io/en/kea-3.0.2/arm/ddns.html

Configuration file for ejabberd in YAML format

Path to RouteDNS TOML configuration file.

The contents of the snmpd.conf

Directory containing the server configuration files, passed with --configdir see configuration-directory

Resolution refresh time for the target socket, in seconds.

Database configuration

Address on which spiped should listen for incoming connections

Tracing configuration

The path to the pommed.conf file

Postgresql connection parameters

Whether to initialise non‐existent secrets with random values

Database host (+port) or socket path

Path to an INI format configuration file to provide Buffyboard

Path to a .json file specifying the state transitions

Path to configuration file

List of packages that provide PipeWire configuration, in the form of share/pipewire/*/*.conf files

Optional configuration string for this interface.

Include the user configuration from ~/.config/fontconfig/fonts.conf or ~/.config/fontconfig/conf.d.

Kea Control Agent configuration as a path, see https://kea.readthedocs.io/en/kea-3.0.2/arm/agent.html

Instance name.

vdirsyncer pair configurations

Whether to enable the QUIC transport protocol

This option defines the Shorewall configs

Tracing configuration

Tracing configuration

The configuration file path to supply bitcoind.

Videobridge configuration

The uptime configuration file

If mongodb: server != localhost, please set usesRemoteMongo = true

If you only want to run the monitor, please set enableWebService = false and enableSeparateMonitoringService = true

If autoStartMonitor: false (recommended) and you want to run both services, please set enableSeparateMonitoringService = true

Agorakit configuration options to set in the .env file

Override file in FreeSWITCH config template directory

Path to the i3 configuration file

The content of this attribute is used when building the message-id string for the message

Directory for the ACME challenge, which is public

Config file watched by the reloader.

Default strategy to use

Path to firmware config which is generated using klipper-genconf

Per output profile configuration.

Enable SSL.

Whether to enable HTTPS in addition to plain HTTP

Whether to enable HTTPS and reject plain HTTP connections

Path to configuration file.

Additional strategies which can be used by fw-fanctrl

Kubernetes CNI configuration.

Instance administrator email.

The Synergy server configuration file.

BookStack configuration options to set in the .env file

Path to an existing toml file to configure hickory-dns with

Use fast/weak handshaking: This reduces the CPU time spent in the initial connection setup, at the expense of losing perfect forward secrecy.

Path to the configuration file of headscale.

(key=value) Configuration to be written to runtime.properties of the druid Druid Coordinator https://druid.apache.org/docs/latest/configuration/index.html

Object store configuration

Listen address.

Makes this vhost the default.

The server's configuration file

Whether to enable kTLS support

Basic Auth protection for a vhost

Name of this virtual host

Path to the configuration file on the target system

Frontend configuration

Object store configuration

Configuration options to pass to Taskserver

Path to the bspwm configuration file

These lines go to the end of the vhost verbatim.

Configuration settings for the generated config file

general configuration

This option defines the Shorewall configs

vdirsyncer's status path

Replacement-filepath mapping for sogo.conf

Output DPI configuration.

Run database migrations.

Tracing configuration

Tracing configuration

Tracing configuration

The thermald manual configuration file

Port number to listen on

The SpamAssassin local.cf config

If you are using this configuration:

add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_

Then you can Use this sieve filter:

require ["fileinto", "reject", "envelope"];

if header :contains "X-Spam-Flag" "YES" {
  fileinto "spam";
}

Or this procmail filter:

:0:
* ^X-Spam-Flag: YES
/var/vpopmail/domains/lastlog.de/js/.maildir/.spam/new

To filter your messages based on the additional mail headers added by spamassassin.

Output resolution.

Output framerate.

Whether to ask Let's Encrypt to sign a certificate for this vhost

Path to easytier config file

Override the configuration file used by logrotate

Contents of the runtime configuration file, apcupsd.conf

In what mode should the main Lovelace panel be, yaml or storage (UI managed).

Verbatim contents of the cgit runtime configuration file

The maximum time to pause between successive queue runs, in seconds

Output video display controller.

Whether to make configuration.yaml writable

Directory to read CSV config files from

The path of the freeradius server configuration directory.

Path to the service's config file

Deprecated directory containing client-writable configuration files

Output gamma configuration.

Listen addresses and ports for this virtual host

Basic Auth password file for a vhost

vdirsyncer storage configurations

Username for the admin account

Whether to enable the HTTP/2 protocol

Additional configuration that exists before the first start and later overrides the existing values in config.json

Additional configuration that exists before the first start and later overrides the existing values in config.json

Sets the environment variable $HELOHOST which is used by the SMTP protocol module to set the parameter given to the HELO command

Path to the sxhkd configuration file

Disable transport layer keep-alives.

Path to YAML file that contains tracing configuration

Whether to enable the HTTP/3 protocol

Object store configuration

Object store configuration

Object store configuration

Configuration file for gitlab-runner.

configFile takes precedence over services. checkInterval and concurrent will be ignored too

Configuration options to add to Workhorse's configuration file

Whether to add a separate nginx server block that redirects (defaults to 301, configurable with redirectCode) all plain HTTP traffic to HTTPS

Vertical scaling factor/pixels.

Horizontal scaling factor/pixels.

Whether to listen for and reject all HTTPS connections to this vhost

The full path to a file that contains the admin's password

Output rotate configuration.

Path to the SimpleSAMLphp config directory.

Whether to enable the output.

Additional names of virtual hosts served by this virtual host configuration.

The name of the plugin to use as the key for the plugin configuration.

Path to a user's home directory from which to copy DankMaterialShell configuration files

Path to YAML file that contains tracing configuration

Path to YAML file that contains tracing configuration

A host of an existing Let's Encrypt certificate to use

Create an individual listening socket

How should the speed curve look like

Tracing configuration

The path to the default configuration options the PulseAudio server should use

Whether output should be marked as primary

External port number.

Domain name of the instance.

Configure the instance from config server

Ignore all touchscreen inputs if a palm was registered on the display.

Path to the periphery configuration file

Path to YAML file that contains object store configuration

Output file for environment variable substituted config file.

The configuration of vaultwarden is done through environment variables, therefore it is recommended to use upper snake case (e.g. DISABLE_2FA_REMEMBER)

Configuration from which XMonad gets compiled

If set, all requests for this host are redirected (defaults to 301, configurable with redirectCode) to the given hostname.

A list of remote servers to which to send each message

Path to a Tailscale Serve configuration file in JSON format

existing configuration file

A file which contains JSON or HJSON configuration for yggdrasil

Path to the SillyTavern configuration file.

Root directory for requests.

Output scaling method.

Temperature in °C at which the fan speed should be changed

The access key for the S3 bucket.

Output position

Path to YAML file that contains object store configuration

Alertmanager configuration as YAML text

Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests

Percent how fast the fan should run at

Listener port number

Alias directory for requests.

Enable PROXY protocol.

Adds index directive.

HTTP status used by globalRedirect and forceSSL

Use SSL for objectstore access.

Required for some non-Amazon implementations.

URL scheme.

Tracing configuration

The port on which to listen.

Listener IP address or Unix socket path

Ignore all touchscreen inputs if a stylus is in proximity.

Adds try_files directive.

Path to YAML file that contains tracing configuration

Path to YAML file that contains tracing configuration

Path to YAML file that contains tracing configuration

If set, content will override the envelope sender on all messages.

Default strategy on discharging

Output scale configuration

Whether to enable Sway, the i3-compatible tiling Wayland compositor

Log level

Host which to proxy requests to if ACME challenge is not found

Base path which uploads will be stored at

Disable target address re-resolution.

Adds a return directive, for e.g. redirections.

Directory where Akkoma will put uploaded files.

Path to a fastly-exporter configuration file

The name of the S3 bucket.

The minimum time to pause between successive queue runs when there are messages in the queue, in seconds

Path to server SSL certificate.

Required for some non-Amazon implementations.

Listen addresses for this virtual host

Object store configuration

If set, all recipients to users at either "localhost" (the literal string) or the canonical host name (from the me control attribute) are remapped to this address

Adds uwsgi_pass directive and sets recommended proxy headers if recommendedUwsgiSettings is enabled.

Adds proxy_pass directive and sets recommended proxy headers if recommendedProxySettings is enabled.

Only listen to incoming requests on specific IP/host

Location of the blockbook configuration file.

Refer to xrandr(1) for the documentation of the transform matrix.

Path to the qtile configuration file

Enables the in-database configuration.

https://docs.postgrest.org/en/stable/references/configuration.html#in-database-configuration

Whether to enable proxying of remote media through the instance's proxy.

The path to the matterbridge configuration file.

The content of this attribute is appended to any address that is missing a host name

Path to server SSL certificate key.

Basic Auth protection for a vhost

Path to Kubernetes CNI configuration directory.

Path to YAML file that contains object store configuration

Path to YAML file that contains object store configuration

Path to YAML file that contains object store configuration

Path to the services config file

Instance description.

These lines go to the end of the location verbatim.

The full path to a file that contains the access secret.

Path to the mlvwm configuration file

Path to kubeconfig to use for storing flannel config using the Kubernetes API

Use saved config, if any (and prefer over any specified configuration passed with --config).

Extra parameters of this listen directive.

Configurations for lircd to load, see man:lircd.conf(5) for details (lircd.conf)

The time to wait for a remote module listed above to complete sending a message before killing it and trying again, in seconds

List of packages that provide WirePlumber configuration, in the form of share/wireplumber/*/*.conf files

Configuration template to use

Enable automatic config reload on config change

The path to the borgmatic config file

Required for some non-Amazon implementations.

Path to containerd config file

Required for some non-Amazon S3 implementations

List of users allowed to operate with the config. "root" is always implicitly included

Basic Auth password file for a vhost

Path to YAML file that contains tracing configuration

List of groups allowed to operate with the config

Order of this location block in relation to the others in the vhost

Whether to enable S3 object storage as primary storage

Base path for the media proxy

Directory of static files

Name of the location where Home Assistant is running.

WARNING: THIS IS INSECURE, as your password will end up in /nix/store, thus publicly readable

External wpa_supplicant.conf configuration file

Path to root SSL certificate for stapling and client certificates.

Kafka log4j property configuration file path

Text to append to the corresponding configuration files

Collect PVE onboot status

How often the fan speed should be updated in seconds

If provided this is the full path to a file that contains the key to enable [server-side encryption with customer-provided keys][1] (SSE-C)

FastCGI parameters to override

List of DankMaterialShell configuration files to copy into the greeter data directory at /var/lib/dms-greeter

Interval (seconds) of the last temperatures to use to calculate the average temperature

JWT signing secret

Table prefix in Nextcloud's database.

Note: since Nextcloud 20 it's not an option anymore to create a database schema with a custom table prefix

Path to configuration file.

Path to YAML file that contains tracing configuration

Path to configuration file.

Path to configuration file.

Kafka server.properties configuration file path

The content of this attribute is appended to any host name that does not contain a period (except localhost), including defaulthost and idhost

Specify the mailexporter configuration file to use.

Only enabled bridges are available for feed production

Suricata reference configuration file.

Whether the configuration file at configFile.path should be written to by wpa_supplicant.

Path to YAML file that contains object store configuration

Whether to support proxying websocket connections with HTTP/1.1.

Pick CSV config files matching initial scan ("none" or empty for no initial scan message, "full" for full scan, or a single hex address to scan, default is to send a broadcast ident message)

The file access mode to use when creating this file or directory.

wg-quick .conf file, describing the interface

If the original sender was empty (the original message was a delivery status or disposition notification), the double bounce is sent to the address in this attribute.

Attribute set of lines for the global faxq config file etc/config

Latitude of your location required to calculate the time the sun rises and sets.

Attribute set of domains to collect stats for.

Delete a file when it reaches a certain age

Defines whether the timeline cleanup algorithm should be run for the config.

The user of the file

Subvolume configuration

Longitude of your location required to calculate the time the sun rises and sets.

The type of operation to perform on the file

The group of the file

Pick your time zone from the column TZ of Wikipedia’s list of tz database time zones.

Whether to propagate the legacy options under services.znc.confOptions.* to the znc config

System-wide customization file contents, has higher priority than defaultFonts settings.

Path to configuration file.

The hosts config to be merged with the settings

Allow Type-1 fonts

Signing salt

Whether to configure nginx as an frontend to uwsgi.

Whether the config should be checked at build time

Path to the service's config file

The TCTI which will be used

Path to a mikrotik exporter configuration file

Literal Kismet config lines appended to the site config

The file access mode to use when creating this file or directory.

The type of log being collected.

Specify a path to a configuration file that Opentelemetry Collector should use.

Enable recommended uwsgi settings.

Enable recommended proxy settings.

The unit system to use

Attrset to be transformed into YAML for host config

Generate system fonts cache for 32-bit applications.

Delete a file when it reaches a certain age

An argument whose meaning depends on the type of operation

The pathname of the IMAP configuration directory.

The user of the file

GRUB entry name instead of default.

Maximum of configurations in boot menu

Whether to base the config declared in services.dnscrypt-proxy.settings on the upstream example config (https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml)

Disable this if you want to declare your dnscrypt config from scratch.

The dmrconfig package to use.

Attribute set of default values for modem config files etc/config.*

Whether to configure a local nginx for Zammad.

The type of operation to perform on the file

Generate your init file from your list of plugins and custom commands

The group of the file

Path to the herbstluftwm configuration file

If enabled, a Fontconfig configuration file will be built pointing to a set of default fonts

Attrset to be transformed into YAML for host config

If true, validate nats config at build time

Whether to base the config declared in services.dnscrypt-proxy2.settings on the upstream example config (https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml)

Disable this if you want to declare your dnscrypt config from scratch.

The domain name to collect stats for.

Allow bitmap fonts

Additional settings (see mjolnir default config for available settings)

This script gets run before the config is checked

LiveView signing salt

Whether to configure the required settings to use pfix-srsd in the local Postfix instance.

Additional config for LibreNMS that will be appended to the config.php

Whether to use envSubst in the ExecStartPre phase to augment the generated static config

Whether to run searx in uWSGI as a "vassal", instead of using its built-in HTTP server

Whether to configure permissions to allow integration with Postfix.

The Git revision of the top-level flake from which this configuration was built.

Source of truth of users

Filesystem type

Web Push Notifications configuration

Whether to configure nginx as a reverse proxy.

Configure nginx as a reverse proxy for CastoPod.

Configure nginx as a reverse proxy for peertube.

Whether to manage the config outside of NixOS

Whether a failure during config validation at build time is fatal

Contents of the teleport.yaml config file

Contents of the config.yaml config file

Whether to configure system to enable use of dmrconfig

The log file to be scanned

Whether to enable IMAP/SMTP autodiscover feature for mail clients.

Arbitrary NixOS configuration

An argument whose meaning depends on the type of operation

Specify the configuration for Mimir in Nix.

Secret key used as a base to generate further secrets for encrypting and signing data

Window class translation rules. /etc/X11/imwheelrc is generated based on this config which means this config is global for all users

The configuration that Mopidy should use.

Extra configuration to be appended to awstats.${name}.conf.

Specify the configuration for Loki in Nix

Attrset to be transformed into YAML for host config

List of aliases the site has.

The log format being used

Whether to configure Tika and Gotenberg to process Office and e-mail files with OCR.

Whether to configure nginx as a reverse proxy.

Configure nginx as a reverse proxy for roundcube.

Pleroma public configuration

The state directory for ZNC

The URI that is passed along to the BrokerFactory to set up the configuration of the ActiveMQ broker service

Enable font antialiasing

Whether to setup firewall routing so that system http(s) traffic is forwarded via this service

Whether to enable WiVRn as the default OpenXR runtime on the system

A path to the nixpkgs that provide the modules, pkgs and lib for evaluating the container

Whether to configure the required settings to use postsrsd in the local Postfix instance.

Salt master configuration as Nix attribute set.

Whether to enable npm global config.

Configuration for go-autoconfig

Additional configuration for the WirePlumber daemon when run in single-instance mode (the default in nixpkgs and currently the only supported way to run WirePlumber configured via extraConfig)

System-wide default serif font(s)

Configurator Steps, see https://docs.buildbot.net/latest/manual/configuration/configurators.html

Configure Nginx as a reverse proxy for Cryptpad

Configure freetds database entries

Salt minion configuration as Nix attribute set

Selects the platform theme to use for Qt applications

Confd, whether to watch etcd config for changes.

Override temperature unit set by unit_system. C for Celsius, F for Fahrenheit.

The base directory for ActiveMQ's configuration

Use embedded bitmaps in fonts like Calibri.

The artalk configuration

Configure nginx as a reverse proxy for FileSender.

Allow changes to the program config made by the program to persist between restarts

Attribute set of lines for the global hfaxd config file etc/hfaxd.conf

Hintstyle is the amount of font reshaping done to line up to the grid.

slight will make the font more fuzzy to line up to the grid but will be better in retaining font shape, while full will be a crisp font that aligns well to the pixel grid but will lose a greater amount of font shape.

Enable font hinting

System-wide default sans serif font(s)

Whether to configure the required settings to use postfix-tlspol in the local Postfix instance.

Maximum number of latest generations in the boot menu

Configure nginx as a reverse proxy for dawarich

Configuration options for homebridge config UI plugin

Specify the configuration for Promtail in Nix

nginx-sso configuration (documentation) as a Nix attribute set

Whether to enable awstats web service.

Alertmanager configuration as nix attribute set

Whether to configure Nextcloud to use the recommended Redis settings for small instances.

Extra config options for systemd

Extra nsd config.

Enable the autohinter in place of the default interpreter

Fluent Bit configuration

The URL prefix under which the awstats pages appear.

List of servers that should be probed.

Note: if your mailserver has rspamd(8) configured, it can happen that emails from this exporter are marked as spam

Extra config files to include

Extra options to be added under production in config/gitlab.yml, as a nix attribute set

Whether to automatically configure a local redis server for matrix-synapse.

Defines whether hourly snapshots should be created.

Set of borgmatic configurations, see https://torsion.org/borgmatic/docs/reference/configuration/

Whether to configure nginx to serve VaultWarden.

Contents of the GoToSocial YAML config

Path of the subvolume or mount point

Subpixel order

Limits for timeline cleanup.

Whether to enable nginx reverse proxy for derper

Configuration for Static Web Server

Whether to run v2ray server

The configuration file for OpenVPN.

Extra config options for systemd-oomd

mailto URI for administrative contact.

Limits for timeline cleanup.

Limits for timeline cleanup.

Limits for timeline cleanup.

Create the objectstore bucket if it does not exist.

Configuration of privacy transaction manager.

The hostname the web service appears under.

Confd config storage backend to use.

Gitea custom directory

Skydns default domain if not specified by etcd config.

Configure nginx as a reverse proxy for mastodon

List of packages that provide LV2 plugins in lib/lv2 that should be made available to PipeWire for [filter chains][wiki-filter-chain]

Recyclarr YAML configuration as a Nix attribute set

Extra config options for systemd user instances

System-wide default emoji font(s)

TLS configuration.

Configures the scrape request's TLS settings.

Level to log on.

Whether to enable and configure a local PostgreSQL server by creating a user and database for weblate

Extra config to append to avahi-daemon.conf.

Type of token to use for runner registration

Literal string to append to configFile and the config file generated by the plymouth module.

See configurationFile.

configurationFile takes precedence over configuration.

Limits for timeline cleanup.

Path to an EnvironmentFile for the monero service as defined in systemd.exec(5)

System-wide default monospace font(s)

FreeType LCD filter

Path to a custom oh-my-zsh package to override config of oh-my-zsh. (Can't be used along with customPkgs).

Contents of the database initialization config file

Extra lines to be added verbatim to the journalwatch/config configuration file

Default kubeconfig certificate authority file used to connect to kube-apiserver.

Whether to configure a local PostgreSQL server.

base64-encoded public ECDH key.

Default kubeconfig client key file used to connect to kube-apiserver.

Additional config appended to the end of the generated cntlm.conf.

A string which is prepended to limine.conf

The actual zone data

Turn-rs server config file

Whether to enable Enable the conman Console manager

Sachet's configuration as a nix attribute set.

TLS configuration.

TLS configuration.

Default kubeconfig client certificate file used to connect to kube-apiserver.

Whether or not to enroll the config

Directories containing additional config files to be added to HADOOP_CONF_DIR

Declarative vhost config

Default kubeconfig kube-apiserver server address.

Pod configuration (values from php daemon.php config --help)

Extra config options for systemd sleep state logic

Default config (default.conf) for new containers, i.e. for network config

Add extra config to /etc/vmware/config

base64-encoded private ECDH key

Extra configuration options for the athens config file.

Configures the remote read request's TLS settings.

CA certificate to validate API server certificate with.

CA certificate to validate API server certificate with.

Extra config in TOML format.

Password for basic auth

The global options in config file in yaml format

Maximum number of configurations in the boot menu.

As an alternative to specifying config, you can specify the path to the evaluated NixOS system configuration, typically a symlink to a system profile.

Kubernetes proxy certificate authority file used to connect to kube-apiserver.

Whether to enable modprobe config

allow Artalk store the settings to config file persistently

Any polkit rules to be added to config (in JavaScript ;-)

Configures the remote write request's TLS settings.

Kubernetes proxy client key file used to connect to kube-apiserver.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

TLS configuration.

TLS configuration.

TLS configuration.

TLS configuration.

Whether to set up and configure an nginx virtual host according to upstream's recommendations

Configure nginx as a reverse proxy for SimpleSAMLphp.

Disk check config

Crab-holes config

Configures the Consul request's TLS settings.

Limits for timeline cleanup.

Kubernetes proxy client certificate file used to connect to kube-apiserver.

A string which is appended to the end of limine.conf

Skydns attribute set of extra config options passed as environment variables.

Kubernetes proxy kube-apiserver server address.

Attributes inside the console.yaml file.

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

Snmp exporter configuration as nix attribute set

CA certificate to validate API server certificate with.

CA certificate to validate API server certificate with.

If set, the pkgs argument to all NixOS modules is the value of this option, extended with nixpkgs.overlays, if that is also set

Exporter configuration as nix attribute set

Contents of the dgraph config

Check the configuration file with prosodyctl check config

Path to a snmp exporter configuration file

Extra config options for systemd-logind

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Configuration for iDRAC exporter, as a nix attribute set

Kubelet certificate authority file used to connect to kube-apiserver.

Config options for zenoh.json5 configuration file

Configuration for the rclone remote being used for backup

Configures the scrape request's TLS settings.

Kubelet client key file used to connect to kube-apiserver.

Configure nginx as a reverse proxy for LibreTranslate.

Path to a file containing extra paperless config options in the systemd EnvironmentFile format

Port to be opened

Extra config lines to be added into [smsd] section

Extra config to pass to oauth2-proxy.

TLS configuration.

Amazon CloudWatch Agent configuration file

Extra global default configuration for htop which is read on first startup only

Additional lines of configuration appended to the global config section of the Caddyfile

Configuration settings for the generated config json file

Extra configuration to be appended to the 0bin config file (see https://0bin.readthedocs.org/en/latest/en/options.html)

Kubelet client certificate file used to connect to kube-apiserver.

Extra config options for systemd

Creates .netrc file with the given token to be used for GitHub

Additional paths to load config from.

Whether to use the built-in installation wizard instead of declaratively managing the app.ini config file in nix.

Global config for keter, see https://github.com/snoyberg/keter/blob/master/etc/keter-config.yaml for reference

Extra zone config to be appended at the end of the zone section.

Extra config to znc.conf file.

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

Outbound email configuration is mandatory for Firezone and supports many different delivery adapters

Specify the mailexporter configuration file to use.

Kubelet kube-apiserver server address.

CA certificate to validate API server certificate with.

CA certificate to validate API server certificate with.

CA certificate to validate API server certificate with.

CA certificate to validate API server certificate with.

CA certificate to validate API server certificate with.

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Settings written to user/config/system.yaml.

Config options for dwm-status, see https://github.com/Gerschtli/dwm-status#configuration for available options.

List of config options for every GPU

Environment variables from this file will be interpolated into the final config file using envsubst with this syntax: $ENVIRONMENT or ${VARIABLE}

Validate config syntax.

The location of files for SWS to serve

Symlink a kubeconfig with cluster-admin privileges to environment path (/etc/<path>).

Extra configuration to be placed in config/extra-gitlab.rb

Extra config to append to resolved.conf.

Extra config lines to be added into [gammu] section

Settings passed to OpenGFW. Example config

Extra config options for SnapRAID.

Whether to enable MiniDLNA, a simple DLNA server

Free-form settings written directly to the config file

An attrset of metrics scraping jobs to run.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

The file that holds the logging configuration.

Whether to enable Neovim

qui configuration options

Global configuration options for the taler config file

CA certificate to validate API server certificate with.

Attribute set of plugin names to plugin config segments

A list of plugin paths to pass into fluentd

The Port the dovecot quota service binds to

define a set of worker pools with submodule config. example: workerPools.my-pool = { installPolicy = "never"; };

Paths to the JAR files that contain additional voices for MaryTTS

Environment variables from this file will be interpolated into the final config file using envsubst with this syntax: $ENVIRONMENT or ${VARIABLE}

TLS configuration.

TLS configuration.

TLS configuration.

Additional entries to put verbatim into Dovecot's config file.

Whether to enable checking the config during build time.

Settings for the public-inbox config file.

Files to include into the config file using Taler's @inline@ directive

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

CA certificate to validate API server certificate with.

Configures the queue used to write to remote storage.

Text to append to config.js web application config file

Value for label 'configname' which will be added to all metrics.

Configuration of goeland

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

CA certificate to validate API server certificate with.

Extra config to append to seahub_settings.py file

The global options in config file in ini format

Commands to execute before the config file check

Extra config options for systemd-coredump

File containing the configuration

dnssec exporter configuration as nix attribute set

Name of modem configuration file, will be searched for in config in the spooling area directory.

Kubernetes scheduler certificate authority file used to connect to kube-apiserver.

Key file for client cert authentication to the server.

Token for the S3 storage backend

Base directory for custom templates and other options

Declarative location config

Declarative location config

Listener config

Declarative location config

Kubernetes scheduler client key file used to connect to kube-apiserver.

Configuration for Nix, see https://nixos.org/manual/nix/stable/command-ref/conf-file.html or nix.conf(5) for available options

Key file for client cert authentication to the server.

Configuration lines to be appended to the generated http block

Extra config file read by Mopidy when the service starts

JunOS exporter configuration as nix attribute set

Mikrotik exporter configuration as nix attribute set

Path to the Unix socket for connecting to postsrsd

Network check config

Whether to enable support for Linux MD RAID arrays

Slurm expects config files for plugins in the same path as slurm.conf

Declarative location config

Specify the JunOS exporter configuration file to use.

Kubernetes scheduler client certificate file used to connect to kube-apiserver.

This allows you to pass arguments to the child program

Key file for client cert authentication to the server.

Kubernetes scheduler kube-apiserver server address.

Path to LubeLogger config and metadata inside of /var/lib/.

Whether to enable Warpgate

Path to the repository

TLS configuration.

Certificate file for client cert authentication to the server.

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Extra configuration options that will be merged into the main config file datadog.yaml.

Extra configuration for collectd

Content of 'To' Header for probing mails.

A list of application service config file to use

Environment file (see systemd.exec(5) "EnvironmentFile=" section for the syntax) which sets config options for mattermost (see the Mattermost documentation)

Will be inserted in the Settings section of the config file.

Literal string to append to the config file generated for dhcpcd.

Extra config options for systemd-journald

Will be inserted in the Default section of the config file.

Base64 encoded GCP service account key

A list of extra command-line flags to pass to dnsproxy

Whether to enable checking the config during build time.

Ignore the user configures. Warning: When this is enabled, the user config files are totally ignored and the user dict can't be saved and loaded.

CA certificate to validate API server certificate with.

Label to the repository

CA certificate to validate API server certificate with.

CA certificate to validate API server certificate with.

CA certificate to validate API server certificate with.

Global configuration options for the libeufin bank system config file.

Configuration for Lokinet

Port to use for SMTP.

Certificate file for client cert authentication to the server.

Optional path to a kubeconfig file

Contents for the TOML Polaris config, applied each start

Content of 'From' Header for probing mails.

Declarative location config

Enable execution of compinit call for all interactive zsh shells

Declarative location config

Declarative location config

Import options defined in services.dnsmasq.settings via misc.dnsmasq_lines in Pi-hole's config.

Declarative location config

Declarative location config

Use preconfigured default streaming options

List of packages that provide LV2 plugins in lib/lv2 that should be made available to WirePlumber for [filter chains][wiki-filter-chain]

SQL queries to run.

Config options for the /etc/login.defs file, that defines the site-specific configuration for the shadow password suite

The full configuration of the Hound daemon

Configuration for Radicale

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Key file for client cert authentication to the server.

Secret key for the S3 storage backend

Attribute set of additional plugins that will be symlinked to the plugin subdirectory

These configuration lines will be appended to the generated lighttpd config file

Username to use for SMTP authentication.

Certificate file for client cert authentication to the server.

Frigate configuration as a nix attribute set

Attribute set of arbitrary config options

Attribute set of arbitrary config options

Attribute set of arbitrary config options

Path to the working directory (used for config and pidfile)

Enable the checking of the vector config during build time

A list of SQL statements to execute once after making a connection.

Timeout until mails are considered "didn't make it".

Key file for client cert authentication to the server.

Configuration lines appended to the generated Nginx configuration file

Extra configuration in config/database.yml.

Systems with a recently generated hardware-configuration.nix may instead specify only nixpkgs.buildPlatform, or fall back to removing the nixpkgs.hostPlatform line from the generated config

Hostname of the server that should be probed.

Certificate file for client cert authentication to the server.

Certificate file for client cert authentication to the server.

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Certificate file for client cert authentication to the server.

Settings for LACT

Attrset that is converted and passed as config file

TLS configuration.

Configuration lines appended to the MiniUPnP config.

A set of options for the ‘config setup’ section of the ipsec.conf file

Additional arguments passed to each module in addition to ones like lib, config, and pkgs, modulesPath

CA certificate to validate API server certificate with.

How often to run this job, specified in Go duration format.

A human-readable description of this metric.

Path to config file to parse and append to settings

User id in Jenkins used to reload config.

Declarative kernel config

Contents of config file (sfsmaster.cfg(5)).

Config file for swapspace

Extra config for the global section.

Extra config options.

Configuration lines prepended to the generated Nginx configuration file

Key file for client cert authentication to the server.

The SQL query to run.

FirewallD config file

Extra config options for systemd-timesyncd

Certificate file for client cert authentication to the server.

Extra configuration to merge into uwsgi config.

Attribute set of arbitrary config options

A list of domains to pass to the network config.

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Certificate file for client cert authentication to the server.

Password for the MySQL database

Secret key for the minio storage backend

Additional entries to put verbatim into worker section of rspamd config file.

A set of columns that will be used as Prometheus labels.

A set of columns that will be used as values of this metric.

TLS configuration.

Raw jupyter config

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Kubernetes controller manager certificate authority file used to connect to kube-apiserver.

A required list of local or remote repositories with paths and optional labels (which can be used with the --repository flag to select a repository)

Declarative vrrp script config

Type of storage config

Attrset that is converted and passed as TOML config file

CA certificate to validate API server certificate with.

Disables the exporter's function to delete probing mails.

Config to set in config.local.js's afterConfig.

Kubernetes controller manager client key file used to connect to kube-apiserver.

Whether to enable Hyprland, the dynamic tiling Wayland compositor that doesn't sacrifice on its looks

Overrides to config.yaml as a Nix attribute set

List of DNS service discovery configurations.

List of EC2 service discovery configurations.

Listener IP addresses of relay server

Environment variables from this file will be interpolated into the final config file using envsubst with this syntax: $ENVIRONMENT or ${VARIABLE}

These options will create the <FileSystem> sections of config file.

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Kubernetes controller manager client certificate file used to connect to kube-apiserver.

Extra config to be appended to the interface config

Additional configuration added verbatim to the server config.

Additional configuration added verbatim to the client config.

Key file for client cert authentication to the server.

Literal string to append to configFile and the config file generated by the pulseaudio module.

Kubernetes controller manager kube-apiserver server address.

List of labeled target groups for this job.

Declarative location config

If set, users listed in $XDG_CONFIG_HOME/Yubico/u2f_keys (or $HOME/.config/Yubico/u2f_keys if XDG variable is not set) are able to log in with the associated U2F key

Declarative location config

Declarative location config

Declarative location config

Declarative location config

Config files to merge into the settings defined in services.olivetin.settings

Extra tandoor recipes config options

Declarative location config

Declarative location config

Whether to enable Monado as the default OpenXR runtime on the system

Attrset that is converted and passed as TOML config file

Restart rest con config change.

Plugin-specific config file to link to /etc/audit/.conf

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

List of Google Compute Engine service discovery configurations

Attribute set of arbitrary config options

Attribute set of arbitrary config options

Certificate file for client cert authentication to the server.

Name of the config adapter to use

Config environment variables for the gotify-server

A switch to disable Endorsement Key (EK) certificate verification

Newline separated list of names to be allowed/denied if userlistEnable is true

Configuration for the rclone remote being used for backup

Directory in which new mails for the exporter user are placed

Attrset that is converted and passed as config file

Password to use for SMTP authentication.

Number of samples to buffer per shard before we block reading of more samples from the WAL

TLS configuration.

Declarative location config

Main config file

Refer to the Tuliprox documentation for available attributes

The port number used if the query type is not SRV.

A list of connection strings of the SQL servers to scrape metrics from

CA certificate to validate API server certificate with.

Whether to enable Miriway, a Mir based Wayland compositor

Environment variables passed to the service

The path of the Searx server settings.yml file

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Thinkfan settings

The type of DNS query to perform

The zone of the scrape targets

Configures the sending of series metadata to remote storage

Configuration options for the libeufin bank system config file

Maximum number of shards, i.e. amount of concurrency.

Minimum number of shards, i.e. amount of concurrency.

A list of DNS SRV record names to be queried.

List of relabel configurations.

Key file for client cert authentication to the server.

String to be appended to the config verbatim

Declarative location config

Extra config for <Defaults> section.

Directories to be scanned for further config files to include

This will add swapspace wrapped with the generated config, to environment.systemPackages

Declarative location config

Declarative location config

Declarative location config

Config for prometheus style metrics

Time interval between two probe attempts.

Sets the content of config files (typically ending with .conf) in the Asterisk configuration directory

List of Kuma service discovery configurations.

List of file service discovery configurations.

List of HTTP service discovery configurations.

The global options in config file in ini format.

The SpamAssassin init.pre config.

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Whether metric metadata is sent to remote storage or not.

Configuration options for the libeufin nexus config file

Configuration options for the taler exchange config file

Configuration options for the taler merchant config file

Labels assigned to all metrics scraped from the targets.

Certificate file for client cert authentication to the server.

Declarative location config

The port to scrape metrics from

The port to scrape metrics from

The AWS Region

Allow the service to create and use its own config file inside the dataDir as configured by services.mediatomb.dataDir

URL from which the targets are fetched.

Restart master con config change.

GitLab automatic upload specification

Declarative location config

Restart thrift con config change.

Use source time servers from networking.timeServers in config.

Extra config for the network

Restrictions for access from non-local IP addresses

The GCP Project.

The USBGuard daemon will load this as the policy rule set

Maximum retry delay.

The targets specified by the target group.

CA certificate to validate API server certificate with.

The configuration of snips-sh is done through environment variables, therefore you must use upper snake case (e.g. SNIPS_HTTP_INTERNAL)

Whether to run renovate's config validator on the built configuration.

Configuration for sitespeed-io, see https://www.sitespeed.io/documentation/sitespeed.io/configuration/ for available options

Named AWS profile used to connect to the API.

Initial retry delay

Declarative vhost config

Options for the submission config in master.cf

Shared secret token to authenticate the client

YAML file to merge into the schleuder config at runtime

Shared secret token to authenticate the client

Show server status overview at /server-status, statistics at /server-statistics and list of loaded modules at /server-config.

Filters can be used optionally to filter the instance list by other criteria.

Key file for client cert authentication to the server.

Whether the Stash config.yml is writeable by Stash

Filter can be used optionally to filter the instance list by other criteria Syntax of this filter string is described here in the filter query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list.

User token in Jenkins used to reload config

Declarative location config

The HTTP port where mympd's web interface will be available

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

Structured configuration for Caddy to generate a Caddy JSON configuration file

Additional YAML configuration for OpenCloud services

Custom endpoint to be used.

Extra settings to add to the generated TOML config.

Password for the Postgres database

Password for the redis server

See this list for the available filters.

Systems with a recently generated hardware-configuration.nix do not need to specify this option, unless cross-compiling, in which case you should set only nixpkgs.buildPlatform

Certificate file for client cert authentication to the server.

Regular expression against which the extracted value is matched

Disable validation of the server certificate.

Disable validation of the server certificate.

List of Azure service discovery configurations.

All the available config options and their defaults can be found here: https://github.com/timvisee/send/blob/master/server/config.js, some descriptions can found here: https://github.com/timvisee/send/blob/master/docs/docker.md#environment-variables

Values under services.send.environment will override the predefined values in the Send service.

• Time/duration should be in seconds
• Filesize values should be in bytes

Extra paperless config options

Declarative location config

List of Uyuni Serverset service discovery configurations.

List of AirBnB's Nerve service discovery configurations.

AWS Role ARN, an alternative to using AWS API keys.

Optional OAuth 2.0 configuration

Patterns for files from which target groups are extracted

Sets these config files to the default content

File to load as environment file

Environment variables from this file will be interpolated into the final config file using envsubst with this syntax: $ENVIRONMENT or ${VARIABLE}

Files containing additional config environment variables for gotify-server

Whether to enable Dashy, a highly customizable, easy to use, privacy-respecting dashboard app

Address of the Kuma Control Plane's MADS xDS server.

Value of the filter.

Path to a file containing sensitive environment variables for Gerbil

Declarative kernel config

Kernels can be declared in any language that supports and has the required dependencies to communicate with a jupyter server

Whether to run reaction as root

Action to perform based on regex matching

Configuration of defcfg other than linux-dev (generated from the devices option) and linux-continue-if-no-devs-found (hardcoded to be yes)

Whether to use the option defaults from the configuration generated by cross-seed gen-config

Declarative location config

Modulus to take of the hash of the source label values.

config.yaml configuration as a Nix attribute set

Disable validation of the server certificate.

Disable validation of the server certificate.

ServerName extension to indicate the name of the server. http://tools.ietf.org/html/rfc4366#section-3.1

End of UDP port range for WebRTC

The hook config, describing which paths to mount for which system features

The directory where Transmission will create .config/transmission-daemon. as well as Downloads/ unless services.transmission.settings.download-dir is changed, and .incomplete/ unless services.transmission.settings.incomplete-dir is changed.

Enables U2F PAM (pam-u2f) module

Declarative location config

Path to a file containing sensitive environment variables for Newt

Whether to check the resulting config file with unbound checkconf for syntax errors

Path to a TOML file to be merged with the settings

Scopes for the token request.

Name of the remote read config, which if specified must be unique among remote read configs

The systemd KillMode to use for glusterd.

glusterd spawns other daemons like gsyncd

Restart regionServer con config change.

Path to a file containing extra ntfy environment variables in the systemd EnvironmentFile format

List of source directories and files to backup

Paths can point to a single service, or the root of a tree of services.

Directory used for state & config files.

Extra config for <FileSystem> section.

Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security

Determines whether deleting an entity in this provisioning config should automatically cause them to be removed from kanidm, too

LibreSpeed configuration written as Nix expression

The URL to connect to the Uyuni server.

Disable validation of the server certificate.

Disable validation of the server certificate.

Disable validation of the server certificate.

Disable validation of the server certificate.

Disable validation of the server certificate.

Config template for containerd, to be placed at /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl

List of Consul service discovery configurations.

List of Linode service discovery configurations.

List of Docker service discovery configurations.

List of Eureka service discovery configurations.

Settings for spacecookie

Optional OAuth 2.0 configuration

List of Triton Serverset service discovery configurations.

The port to scrape metrics from

Config template for containerd, to be placed at /var/lib/rancher/rke2/agent/etc/containerd/config.toml.tmpl

The AWS API key secret

The AWS API key id

Name of the remote write config, which if specified must be unique among remote write configs

By default, borg cannot write anywhere on the system but $HOME/.config/borg and $HOME/.cache/borg

Whether to enable automatic generation of the defcfg block

Automatically restart the service on config change

Automatically restart the service on config change

File containing env-vars to be substituted into the final config

Automatically restart the service on config change

Contents of metalogger config file (see sfsmetalogger.cfg(5)).

Automatically restart the service on config change

Optional proxy URL.

Optional proxy URL.

The Zookeeper servers.

Automatically restart worker service on config change

Automatically restart master service on config change

logrotate freeform settings: each attribute here will define its own section, ordered by services.logrotate.settings.<name>.priority, which can either define files to rotate with their settings or settings common to all further files settings

Plugins to add to the environment of MediaGoblin

Timeout value

Address of the Docker daemon.

Disable validation of the server certificate.

Separator placed between concatenated source label values

Automatically restart the service on config change

Consul token

Sets the directory for the config file.

This is the system-wide LXC config

This is the config file for override lxc-net bridge default settings.

The port to scrape metrics from

Scopes for the token request.

The port to use for discovery and metric scraping

Credentials are used to authenticate the requests to Uyuni API.

Credentials are used to authenticate the requests to Uyuni API.

Account key for the Azure Blob storage backend

config.yaml configuration as a Nix attribute set

Optional HTTP basic authentication information.

An optional list of tags used to filter nodes for a given service

The file for log configuration

Sets the filename for the config file.

JSON file containing secret keys

OAuth client ID.

The URL to fetch the token from.

The URL to connect to the Eureka server.

The port to scrape metrics from, when role is nodes, and for discovered tasks and services that don't have published ports

Optional OAuth 2.0 configuration

Optional OAuth 2.0 configuration

Optional OAuth 2.0 configuration

Optional OAuth 2.0 configuration

Authentication information used to authenticate to the API server. password and password_file are mutually exclusive.

Path to Audiobookshelf config and metadata inside of /var/lib.

List of Hetzner service discovery configurations.

Disable validation of the server certificate.

Disable validation of the server certificate.

Disable validation of the server certificate.

Consul scheme Defaults to http in prometheus when set to null.

When set to true, attempts to discover the host's public IP via STUN

Optional proxy URL.

Optional proxy URL.

Consul server to query

Ensures that the specified users exist

Optional client ID

Optional tenant ID

Declarative location config

Environment file as defined in systemd.exec(5)

Contents of chunkserver config file (see sfschunkserver.cfg(5)).

The account to use for discovering new targets.

Start of UDP port range for WebRTC

A list of groups for which targets are retrieved, only supported when targeting the container role

Automatically restart the service on config change

Extra config for <StorageHints> section.

Declarative location config

Configuration options to set in the GitLab Pages config file

Optional filters to limit the discovery process to a subset of available resources.

A list of additional patches to apply to the kernel

The string by which Uyuni group names are joined into the groups label

Defaults to , in prometheus when set to null.

The Triton discovery API version

Settings for the sync server

Automatically restart the service on config change

Remove /etc/hosts entries for "127.0.0.2" and "::1" defined in nixos/modules/config/networking.nix Regionservers must be able to resolve their hostnames to their IP addresses, through PTR records or /etc/hosts entries.

Consul username

Consul password

Disable validation of the server certificate.

Declarative vhost config

File to load as environment file

Path to a file containing sensitive environment variables for Pangolin

Scopes for the token request.

Scopes for the token request.

Scopes for the token request.

Scopes for the token request.

A list of services for which targets are retrieved.

The Hetzner role of entities that should be discovered

Optional HTTP basic authentication information.

The port to scrape metrics from

Replacement value against which a regex replace is performed if the regular expression matches

The type of targets to discover, can be set to:

• "container" to discover virtual machines (SmartOS zones, lx/KVM/bhyve branded zones) running on Triton
• "cn" to discover compute nodes (servers/global zones) making up the Triton infrastructure

Defaults to container in prometheus when set to null.

The URL to fetch the token from.

OAuth client ID.

Settings whose options overwrite fields in .config/transmission-daemon/settings.json (each time the service starts)

Options for the submission config via smtps in master.cf.

smtpd_tls_security_level will be set to encrypt, if it is missing or has one of the values "may" or "none".

smtpd_tls_wrappermode with value "yes" will be added automatically.

Declarative location config

This enables LXCFS, a FUSE filesystem for LXC

The Triton discovery endpoint (e.g. cmon.us-east-3b.triton.zone)

Extra config options

Whether the Mattermost config.json is writeable by Mattermost

Value for the filter.

A file containing a the client secret for an openid_connect adapter

Declarative location config