As an alternative to specifying config, you can specify the path to the evaluated NixOS system configuration, typically a symlink to a system profile.

The Flake URI of the NixOS configuration to use for the container

Location of the host path to be mounted.

Determine whether the mounted path will be accessed in read-only mode.

Path to device node

A path to the nixpkgs that provide the modules, pkgs and lib for evaluating the container

Takes the path to a file representing a kernel network namespace that the container shall run in

Path to an image file to load before running the image

Path to file containing password.

A set of NixOS system configurations to be run as lightweight containers

Path to a script that streams the desired image on standard output

A specification of the desired configuration of this container, as a NixOS module.

Whether the container is automatically started at boot-time.

Extra veth-pairs to be created for the container.

An extra list of directories that is bound to the container.

A list of device nodes to which the containers has access to.

Extra flags passed to the systemd-nspawn command

Mount point on the container file system.

Allows the container to create and setup tunnel interfaces by granting the NET_ADMIN capability and enabling access to /dev/net/tun.

Put the host-side of the veth-pair into the named bridge

Mounts a set of tmpfs file systems into the container

The IPv4 address assigned to the host interface. (Not used when hostBridge is set.)

The IPv6 address assigned to the host interface. (Not used when hostBridge is set.)

Put the host-side of the veth-pair into the named bridge

The IPv4 address assigned to the host interface. (Not used when hostBridge is set.)

A set of special arguments to be passed to NixOS modules

The IPv6 address assigned to the host interface. (Not used when hostBridge is set.)

The list of host interfaces from which macvlans will be created

Source port of the external interface on host

Time for the container to start

Source port of the external interface on host

List of forwarded ports from host to container

Whether the container should be restarted during a NixOS configuration switch if its definition has changed.

The IPv4 address assigned to the interface in the container

The list of interfaces to be moved into the container.

List of forwarded ports from host to container

The IPv6 address assigned to the interface in the container

The IPv4 address assigned to the interface in the container

The IPv6 address assigned to the interface in the container

Whether to give the container its own private virtual Ethernet interface

The protocol specifier for port forwarding between host and container

Each attribute in this set specifies an option in the [Path] section of the unit

The protocol specifier for port forwarding between host and container

The name of this systemd unit, including its extension

Runs container in ephemeral mode with the empty root filesystem at boot

Whether to give the container its own private UIDs/GIDs space (user namespacing)

Target port of container

Define which other containers this one depends on

Target port of container

Each attribute in this set specifies an option in the [Path] section of the unit

Podman-specific settings in OCI containers

The path to repo in local machine

Packages added to the service's PATH environment variable

Commandline arguments to pass to the image's entrypoint.

The name of this systemd unit, including its extension

The hostname of the container.

OCI image to run.

Override the username or UID (and optionally groupname or GID) used in the container.

Systemd service name that manages the container

Image pull policy for the container

Device node access modifier

Labels to attach to the container at runtime.

Username for login.

This is the absolute path to the plugin executable.

The user under which the container should run.

List of devices to attach to this container.

Packages added to the service's PATH environment variable

Override the default working directory for the container.

When enabled, the container is automatically started on boot

Automatically remove the container when it is stopped or killed

Networks to attach the container to

Extra options for podman run.

Registry where to login to.

Extra options for podman that go before the run argument.

The resulting path of the generated Diffie-Hellman parameters file for other services to reference

Give extended privileges to the container

Override the default entrypoint of the image.

List of volumes to attach to this container

Logging driver for the container

Path to host the API on and forward to the daemon's api port

Environment variables to set for this container.

Environment files for this container.

File or block device to export.

Determines how podman should notify systemd that the unit is ready

Grant additional capabilities to the container

A path of a profile file to include

Capabilities to configure for the container

Network ports to publish from the container to the outer host

Path where to store the data files of the hidden service

Absolute path of the salt on the unencrypted device with that device's root directory as "/".

Start the specified units when this unit is started.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are started at the same time as this unit, delay this unit until they have started.

Where to store the backups

Additional packages that should be added to the agent's PATH

Project directory.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Start the specified units when this unit is started.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are started at the same time as this unit, delay them until this unit has started.

Aliases of that unit.

If the specified units are started at the same time as this unit, delay this unit until they have started.

DDNS server path

Keep this unit running as long as the listed units are running

The path to the folder which should be shared

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Keeps the specified running while this unit is running

If the specified units are started at the same time as this unit, delay them until this unit has started.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

Aliases of that unit.

Each attribute in this set specifies an option in the [Unit] section of the unit

Keep this unit running as long as the listed units are running

Keeps the specified running while this unit is running

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

Each attribute in this set specifies an option in the [Unit] section of the unit

Path(s) to back up

External wpa_supplicant.conf configuration file

Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.

Units that want (i.e. depend on) this unit

Path to encrypted luks device that contains the user's home directory.

If set to false, this unit will be a symlink to /dev/null

Stream URL

Configure unit start rate limiting

Path to host the API on and forward to the daemon's api port

The path to the user's shell

A path which will be scanned for repositories.

Path to host the built-in UI on and forward to the daemon's api port

Attributes for user's entry in pam_mount.conf.xml

If the specified units are started, then this unit is stopped and vice versa.

The name of the multipath device

Units that require (i.e. depend on and need to go down with) this unit

The DNS name of the storage array

Units that want (i.e. depend on) this unit

Start the specified units when this unit is started, and stop this unit when the specified units are stopped or fail.

Database name

Drive name without the full path.

Similar to requires

Secrets to append to the initrd

If set to false, this unit will be a symlink to /dev/null

Configure unit start rate limiting

The path to the nixpkgs sources used to build the system

If the specified units are started, then this unit is stopped and vice versa.

Regex pattern to match the GC root path.

Units that require (i.e. depend on and need to go down with) this unit

Path to a certificate signing request to apply when fetching the certificate.

Path to encrypted luks device that contains the user's home directory.

The path to the user's shell

Similar to requires

Attributes for user's entry in pam_mount.conf.xml

The user of the file

Path to the private key to the matching certificate signing request.

List of paths that should be mounted before this one

The group of the file

Path to the socket for local or remote transports

An arbitrary list of items such as derivations

An arbitrary list of items such as derivations

Configure unit start rate limiting

The file access mode to use when creating this file or directory.

Description of this unit used in systemd messages and progress indicators.

Which paths to backup, in addition to ones specified via dynamicFilesFrom

An arbitrary list of items such as derivations

Path to the directory storing the hooks

The path to the user's shell in initrd.

Delete a file when it reaches a certain age

An arbitrary list of items such as derivations

The user of the file

Configure unit start rate limiting

Path of the underlying encrypted block device.

The group of the file

Source of the plugin package or path

Description of this unit used in systemd messages and progress indicators.

The type of operation to perform on the file

Path to the file which contains the actual base64 encoded key

The full path to a file that contains the user's (clear text) password

Path to world folder containing the dimension to render

Path to plugin file.

Path to the repository

The absolute path to the program to be wrapped.

Unix domain socket path to bind this listener to.

The file access mode to use when creating this file or directory.

The name of the path priority routine

Path of the source file.

The specified name-string gives the system file name of the storage device managed by this storage daemon

Path to the directory with database, registration, and other data for the bridge service

List of paths that should be mounted before this one

The path of the web root directory.

Path to the certificate authority certificate.

Path of the source file.

Delete a file when it reaches a certain age

An argument whose meaning depends on the type of operation

Path to the Public Key.

Path or reference to the host key.

Path to a keyfile used to unlock the backing encrypted device

The configuration file path to supply bitcoind.

Path to the host certificate.

Path of the source file.

Path to the unix socket file on which to accept FastCGI requests.

The type of operation to perform on the file

Path of the subvolume or mount point

Path of the source file.

Path of the source file.

The path to the socket to bind to.

Path to file containing local secret key in binary or hexadecimal form.

Whether to enable this proxy cache path entry.

A list of URIs referencing documentation for this unit or its configuration.

The path to the workdir

Path to the directory where the pastes will be saved to

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

File path where the logs will be written

The device as passed to mount

Path of the source .yaml file.

Path of the symlink.

A list of URIs referencing documentation for this unit or its configuration.

Path to 64x64 logo png.

Path to 32x32 logo png.

Path of the source file.

Path of the source .yaml file.

Path of the source file.

Defines how unit configuration is provided for systemd:

asDropinIfExists creates a unit file when no unit file is provided by the package otherwise it creates a drop-in file named overrides.conf.

asDropin creates a drop-in file named overrides.conf

Name of the wrapper that is installed into PATH

Path to the working directory (used for config and pidfile)

Path to key file

An argument whose meaning depends on the type of operation

Path to the key file.

Path to the SSH host public key.

Absolute file path to an SSH private key, usually generated by rad auth

The path of a PEM encoded TLS private key

The path of a PEM encoded TLS private key

Diffie-Hellman parameters to generate

Path to server SSL certificate key.

Path to the certificate file.

Path to the data dir fedimintd will use to store its data

Path to directory of CRLs (Certificate Revocation Lists) in PEM format

The name of private PKCS #8 key file for this policy to be found in the baseDirectory, or the absolute path to the key file

Path to server SSL certificate.

Allow clients to create repositories in subdirectories of the specified path

To enable SSL, specify path to the name of certificate files without extension

Specifies the path to a file containing the clear text password for the account

URL path part of the web interface.

The path to the xkb types file

A list of glob patterns, indicating which paths to expose to the sandbox

Path to the SSH host private key.

Path to the accounts file.

Path of the private RSA keyfile.

Path of the source file.

Path to the unix socket file to use for authentication.

Path to a JWT secret for authenticated RPC endpoint.

Path to server SSL chain file.

Path to the keyboard's device file.

If set, users listed in $XDG_CONFIG_HOME/Yubico/u2f_keys (or $HOME/.config/Yubico/u2f_keys if XDG variable is not set) are able to log in with the associated U2F key

The path to the upperdir

Path to directory of X.509 certificates in PEM format for trusted parties

The path to the xkb compat file

If given an IP address, it can be a host name ("localhost"), an IPv4 dotted-quad ("127.0.0.1") or an IPv6 address enclosed in square brackets ("[::1]").

(VCL4.1 and higher) If given an absolute Path ("/path/to/listen.sock") or "@" followed by the name of an abstract socket ("@myvarnishd") accept connections on a Unix domain socket

The list of path(s) to the lowerdir(s)

The path of the web root directory.

Path to a file containing the password.

The wayland-compositor binary path that will be called by UWSM

The font used for the virtual consoles

Name that ControlMachine should be referred to in establishing a communications path.

Whether to append a minimal default PATH environment variable to the service, containing common system utilities.

The path to the xkb symbols file

Path of the symlink.

Path to the unix socket file to use for authentication.

Path of the source file.

Description of how to identify the filesystem to be duplicated by this instance of bees

Path(s) to additional configuration files that are then linked to the 'conf' directory.

Path to server SSL certificate key.

Path to the GPG encrypted passphrase.

The full path to a file containing the password from upsd.users for accessing this UPS

List of path(s) to respective plugin(s) which are copied into the 'plugin' directory.

List of certificates to accept for authentication

The user borg serve is run as

Path to server SSL certificate.

Configuration of this OpenVPN instance

Path(s) to respective theme(s) which are copied from the 'theme' directory.

A Setup Key file path used for automated login of the machine.

A Setup Key file path used for automated login of the machine.

Extra packages to add to PATH of the service to make them available to workflows.

The absolute path to the directory which hosts the public-inbox.

Where Calibre-Web stores its data

Specify the index to create device path /dev/rshim<index>

The token from your Buildkite "Agents" page

An attribute set of repositories as described in: https://pgbackrest.org/configuration.html#section-repository

Each repository defaults to set repo-host to the attribute's name

The group borg serve is run as

Whether to append a minimal default PATH environment variable to the service, containing common system utilities.

For type pipe or file, the path to the pipe or file

The path to the xkb keycodes file

Path to serial port this printer is connected to

Path to certificate private key (PEM with private key)

Path to certificate (PEM with certificate chain)

Path to server SSL chain file.

The profile file contents

Path to the built firmware package.

List of CA certificates to accept for authentication

Specifies the path to a file containing the password hash for the account, generated with grub-mkpasswd-pbkdf2

The path to the xkb geometry file

List of raw public keys to accept for authentication

Text lines with include.* and exclude.* directives to be used when sending files to the IBM TSM server, or an absolute path pointing to a file with such lines.

Path(s) to respective plugin(s) which are copied from the 'plugins' directory.

List of certificate candidates to use for authentication

Path to firmware config which is generated using klipper-genconf

Absolute path to the certificate to load

The device as passed to mount

Path to 64x64 logo png.

Path to 32x32 logo png.

Path of the private ed25519 keyfile.

Absolute path to a directory where builds will be stored in context of selected executor (Locally, Docker, SSH).

Path to a git repository

The path that opendkim should put its generated private keys into

Path to the files with alerting and/or recording rules.

Absolute path to the certificate to load

The path of Apache's document root directory

Address on which spiped should listen for incoming connections

List of raw public key candidates to use for authentication

vdirsyncer's status path

Paths to the Nix profile

Path to the SimpleSAMLphp library directory.

Absolute path to the certificate to load

The path to the public key file for the host

List of path(s) to respective template(s) which are copied into the 'tpl' directory.

List of path(s) to respective language(s) which are copied from the 'languages' directory.

Path to the file containing the repository location to backup to.

Libraries to add to the Icingaweb2 library path

OpenSSH private key

A run-time path to the key file, which is supposed to be provisioned outside of Nix store.

Path to CA bundle file (PEM/X509)

Secret key of the onion service

Whether to generate and add a script to the system path, that has the same environment variables set as the systemd service

Path to the file containing rclone configuration

The compressor to use on the initrd image

OCI (Docker) containers to run as systemd services.

Path to easytier config file

(Path of) Script command to execute followed by args, i.e. cmd [args]...

Path to the unix socket file to use for authentication.

Path to server SSL certificate key.

List of paths that should be mounted before this one

The prefix to use for store paths

This option can be used to store the username / password credentials with the "auth-user-pass" authentication method

Path to server SSL certificate.

Path within the configuration store where Patroni will keep information about the cluster.

The path of Apache's document root directory

Path to an EnvironmentFile for the cert's service containing any required and optional environment variables for your selected dnsProvider

Additional Apache modules to be used

Regular expression to match the vendor name

Path to server SSL certificate.

Path to the SimpleSAMLphp config directory.

Path to a list of ini file containing confidential settings such as credentials

Path to server SSL chain file.

Whether to pass the binary to the interpreter as an open file descriptor, instead of a path.

The TCP address or UNIX socket path to listen on.

Path to server SSL certificate key.

Set a specific keyfile for this archive

Use a specific HTTP path prefix that will show up in the upgrade request to the wstunnel server

Socket address

Path to a file containing the API Token for ZeroTier Central.

The path to the file used for signing derivation data

Path to an environment file, containing the TOKEN environment variable, that holds a token to register at the configured Gitea/Forgejo instance.

The path to the public key file for the host

Regular expression to match the product name

Path to the built klipper-flash package.

The certificates may use a relative path from the swanctl x509ca directory or an absolute path

The full path to the PEM encoded TLS certificate

The full path to the PEM encoded TLS certificate

A path to prepend to all the routes of the server.

URL where SimpleSAMLphp can be reached.

Specify the local database filename to store persistent data

Path to certificate file

Path to your JWT secret used during identity verificaton.

Path to use for the pid file.

Path to keystore (combined PEM with cert/key, or PKCS12 keystore)

The name of public X.509 certificate (chain) file in PEM format for this policy to be found in the baseDirectory, or the absolute path to the certificate file

An attribute set in which each key represents a container and each value an attribute set providing its configuration properties

The path to the file containing the value for backends.<name>.secret

Path to a keyfile used to unlock the backing encrypted device

Whether to run in snapshot only mode

The path specifying a PEM encoded TLS CA certificate(s)

The path specifying a PEM encoded TLS CA certificate(s)

The path of Apache's document root directory

Path to the sqlite database.

Specifies the path to a file containing the clear text password for the user.

path for anonymously created PDF files

Absolute path to a file with environment variables used for gitlab-runner registration with runner registration tokens

Path to your HMAC secret used to sign OIDC JWTs.

The armagetronad-dedicated package to use

Path to root SSL certificate for stapling and client certificates.

Path to server SSL certificate.

The mandatory base directory for cryptographic objects of this policy

Restrictions on the connections that the server will accept

Path to server SSL certificate key.

Name of the UKI

IR camera device to depend on

Deduplicating backups using BorgBackup

Path to the file containing the database url windmill should connect to

Path to the certificate authority (CA) for the certificate of your origin

A list of additional patches to apply to the kernel

The basic secret to use for this service

Path to your session secret

Automatically create or share folders that this device advertises at the default path

This option enables the common /etc/containers configuration module.

CNI plugins to install on the system.

Path to use for the pid file.

containers.conf configuration

Specifies the path to a file containing the clear text password for the MQTT user

Path to your private key file used to encrypt OIDC JWTs.

Whether to copy the DF bit to the outer IPv4 header in tunnel mode

Path to the yaml registration file of the appservice.

The path to the boot directory where GRUB will be written

The name of the user account

Packages added to the PATH environment variable when executing programs from Udev rules.

coreutils, gnu{sed,grep}, util-linux and config.systemd.package are automatically included.

Path to the external filter program.

Path to root SSL certificate for stapling and client certificates.

Priority of this policy

The path to the workdir

List of path(s) to respective template(s) which are copied from the 'invoice_templates/pdf' directory.

Where the tftp server files are stored.

Name of the voice model to use

Additional packages or strings with context to add to the closure of the chroot

The device as passed to mount

Absolute path to a file containing environment variables used for gitlab-runner registrations with runner authentication tokens

Path to a file containing the password

Packages added to the adapter's PATH.

Subdirectory used for reverse proxy setups

The path of the directory to share, can be a shell variable

The name of the group

List of path prefixes to ignore

The name-string specifies an external program to be called that will automatically change volumes as required by Bacula

Path to your storage encryption key.

The id of the bootloader to store in efi nvram

The default logging directory

Absolute path to the certificate to load

Specifies the path to a file containing the hashed password for the MQTT user

The file for log configuration

Path prefixes to ignore under home directory

The path to the upperdir

The full path to a file which contains either

• a fine-grained personal access token (PAT),
• a classic PAT
• or a runner registration token

Changing this option or the tokenFile’s content triggers a new runner registration

Packages added to the service's PATH.

The list of path(s) to the lowerdir(s)

GitLab path for backups.

Additional packages to place in the path of public-inbox-mda, public-inbox-watch, etc.

Path at which the UNIX socket will be created.

Additional scripts for WirePlumber to be used by configuration files

The name of the user account

Pads ESP packets with additional data to have a consistent ESP packet size for improved Traffic Flow Confidentiality

The URI of the homeserver that the pantalaimon proxy should forward requests to, without the matrix API path but including the http(s) schema.

Additional Munin plugins to activate

Path to the directory in which Diffie-Hellman parameters will be stored

Files to load as an environment file just before Traefik starts

The name of the system used in the system.build.toplevel derivation

The local path name of a CSS file for the PSGI web interface.

Signature verification policy file

Name of HTTP request header used for dynamic prefixing of UI links and redirects

The name of the group

To enforce UDP encapsulation of ESP packets, the IKE daemon can fake the NAT detection payloads

Extra packages to add to the PATH of phpfpm-pool.

Path to the sqlite3 database file.

Path to a file containing a registration token for the PeerTube instance

Name of HTTP request header used for dynamic prefixing of UI links and redirects

Definition of systemd path units; see systemd.path(5).

Name of the database when using the psycopg2 backend, path to the database location when using sqlite3.

HTTP path for resolve application

Path to an environment file as defined in systemd.exec(5)

Path to the API key to authenticate with a local CrowdSec API

List of allowed indicator modules to use for the lightdm gtk greeter panel

Enable the OCI seccomp BPF hook

storage.conf configuration

The name of this nylon instance.

Path to the sqlite3 database file.

Path to the sqlite3 database file.

Device node or address of the phone

The name of this systemd unit, including its extension

The full path to a file that contains the hash of the user's password

The keyfile which associates this machine with your tarsnap account

The file that holds the logging configuration.

Definition of systemd per-user path units.

List of blocked repositories.

Packages added to the services' PATH environment variable

The full path to a file that contains the hash of the user's password

Specify which claims to derive user information from

List of repositories to search.

Discourse site settings

Path to file with trusted public keys in OpenSSH's authorized_keys format

Whether to enable the Linux kernel

Enables dynamic resolving of backchannel URLs, including hostname, scheme, port and context path

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

List of derivations to put in Offlineimap's path.

This option enables lxd, a daemon that manages containers

Name of the zone.

If set to "yes", using the bindings file /etc/multipath/bindings to assign a persistent and unique alias to the multipath, in the form of mpath

Name of the PPP peer.

List of insecure repositories.

List of derivations to put in protonmail-bridge's path.

The name of this systemd unit, including its extension

Configuration file path.

Data directory of TSDB.

Path to UNIX domain socket to listen on

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

This option allows you to define multipath groups as described in http://christophe.varoqui.free.fr/usage.html.

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

The underlying Docker implementation to use.

Name of the image

The identifier for the multipath device

location of your media files

Type of the filesystem

Path to the Wireguard Config to add the peer's name to the stats of a peer

Directory where to store cache files (if cache.type = "file").

List of source directories and files to backup

Path to the SQLite database used

The endpoint name.

Definition of systemd path units.

The name of this systemd unit, including its extension

The name of this systemd unit, including its extension

Sets basepath for all routes.

The name of this systemd unit, including its extension

Path to the embedded database file

The endpoint name.

Etcd unique node name.

Name of the control, as it appears in alsamixer

Only applicable to sqlite3 database

Path to plugin

This enables Linux Containers (LXC), which provides tools for creating and managing system or application containers on Linux.

Remap all the path requests as relative to the given path

File path where DMS greeter logs will be saved

Username for JSON-RPC connections.

If the mode is set to "file", the path to a HuJSON file containing ACL policies.

Name of the PAM service.

Primary name for use (as a suffix) in:

• systemd service name,
• hardened user name and group,
• systemd *Directory= names,
• desktop application identification,

Primary name for use (as a suffix) in:

• systemd service name,
• hardened user name and group,
• systemd *Directory= names,
• desktop application identification,

Name of the worker

The name of this systemd unit, including its extension

Prefix to all HTTP paths.

Options used to mount the file system

Default location for the Mattermost control socket used by mmctl.

Determines where on the local filesystem a data node should store its blocks.

Path to the Xen multiboot binary used for BIOS booting

Package providing the ffmpeg and ffprobe executables below the bin/ directory.

Name of modem device, will be searched for in /dev.

Whether to enable support for NixOS containers.

Path to the Xen Store Daemon

The name of the node which is used as an identifier when communicating with the remote nodes in the mesh

The name of this systemd unit, including its extension

Path to xen.efi. pkgs.xen is patched to install the xen.efi file on $boot/boot/xen.efi, but an unpatched Xen build may install it somewhere else, such as $out/boot/efi/efi/nixos/xen.efi

This option defines the default shell assigned to user accounts

Name of the runner to configure

The name of the network interface to match against.

Path to store session recordings.

Absolute directory path to the media directory to index.

Name i2pd appears in UPnP forwardings list.

The friendly name you give to the network device

The friendly name you give to the network device

This option enables docker, a daemon that manages linux containers

Whether to enable modprobe config

Path to the executable of the chromium to use.

Specifies the Name of the Storage daemon.

Path to the sqlite3 database file.

Path to xen.efi. pkgs.xen is patched to install the xen.efi file on $boot/boot/xen.efi, but an unpatched Xen build may install it somewhere else, such as $out/boot/efi/efi/nixos/xen.efi

Path to YAML rules configuration

Database name.

the path to store the segments

The name of the Helm chart

The endpoint name.

The endpoint name.

The name of the Helm chart

Keyboard name.

A system user name for this client instance.

A system user name for this client instance.

In containers, whether to use the resolv.conf supplied by the host.

The director name used by the system administrator

The name of the agent as seen in the buildkite dashboard.

Akkoma frontend name.

Unix domain socket path to bind this listener to.

The client name that must be used by the Director when connecting

Path to YAML dashboard configuration

Name for the device

Path in which suricata-update managed rules are stored by default.

Name of the redis server

Database name.

The name of the service to run

Whether to enable incusd, a daemon that manages containers and virtual machines

The name of the host

The endpoint name.

The endpoint name.

Path to the unlock script

The name of the instance.

Agent name, usually same as the hostname

Mail "from" name.

Path to YAML mute timings configuration

The path to the boot directory where the extlinux-compatible configuration files will be written.

Path to YAML datasource configuration

Path to YAML notification policies configuration

Font name, as used by fontconfig.

The network subnet to use for the containers.

Table name.

The user's home directory.

Name is referenced in logs

Path to the repository

Name is used as a suffix for the service name, user, and group

The name of the mailbox.

Path to YAML contact points configuration

Name of the interface.

Name of the font to use for regreet.

Path to YAML templates configuration

The name to return in service discovery responses for the MUC service itself

Name of the redis server

Name of the interface

Mail "reply-to" name.

Name of the rule.

Path to the output directory for backups.

The user's home directory mode in numeric format

The account UID

Name of the machine when registering it at the central or local api.

Path to the output directory for backups.

Name of the iSCSI initiator to boot from

The endpoint name.

A systemd service name to use (without .service suffix).

A systemd service name to use (without .service suffix).

The name of the service to run

Name of the theme to use for regreet.

The name of an explicit dtb to be loaded, relative to the dtb base

The name of the server

The user's primary group.

Name of the user to ensure.

Name of the existing database.

The logical name of the Galera cluster

Name of directory from which to import ZFS device, this is passed to zpool import as the value of the -d option

The path under which the metrics will be exposed.

The endpoint name.

The default Nix expression search path, used by the Nix evaluator to look up paths enclosed in angle brackets (e.g. <nixpkgs>).

If set to priorities the multipath configurator will assign path weights as "path prio * rr_min_io".

Name of the beat

Name of the wiki.

Name of the server.

Database name.

Name of this iscsi initiator

Database name.

Database name.

The name of this authentication provider

The path relative to / for serving resources.

Whether to enable extra-container, a tool for running declarative NixOS containers without host system rebuilds .

Name of the icon theme to use for regreet.

Name of ICMP pinging job.

Server name to be used for this virtual host

Database name.

The serial port to which your UPS is connected. /dev/ttyS0 is usually the first port on Linux boxes, for example.

Number of I/O requests to route to a path before switching to the next in the same path group

The name of this gateway as shown in firezone

The name of the cookie that the oauth_proxy creates.

The endpoint name.

The group GID

The name of this actor

The name of this group

The advertised name for zeroconf discovery.

The name of the host in the network as well as the configuration for that host

This option contains the store path that typically represents a NixOS system

Database name, only used when the databse is created locally.

The user's home directory mode in numeric format

The database name

Name of the service.

This primary server will notify all given secondary servers about zone changes

Path to your SSL CA certificate.

The endpoint name.

Database name.

Database name.

Database name.

The user's home directory.

The name identifying the runner instance towards the Gitea/Forgejo instance.

Name of the redis server

The name of the device.

The name of the immich database.

name of the virtualhost

Each attribute of this option defines a systemd service that runs hans

The name of the database to use for Wakapi.

The name of an existing user account under which the rsync process should run.

Database name.

The name of this server.

The name of this relay group

The account UID

Name of the cursor theme to use for regreet.

The name of this systemd unit, including its extension

Disable running fsck on this filesystem.

Text of this systemd unit.

The name of this client as shown in firezone

Name of this overlay

Path to Kanidm database.

Adapter name that is used in the radicle-ci-broker configuration

Control group which subgroups are placed under

Database name.

Database name.

This is the target address is to match against

Whether to enable FRR pathd.

Name used to derive peer unit name.

Path to Kanidm database.

The user's primary group.

The default path selector algorithm to use; they are offered by the kernel multipath target

The name of an existing user group under which the rsync process should run.

PostgreSQL database name

Specify the program to run to talk to this UPS. apcsmart, bestups, and sec are some examples.

The name of the wrapper program

Name of the local AutoSSH session

The name of this gateway as shown in firezone

Database name.

The name of this gateway group

A path to directory writable by logstash that it uses to store data

Name of symlink (relative to /etc)

Name of symlink

The name of this resource

If set to a value greater than 0, multipathd will watch paths and check how many times a path has been failed due to errors

Path to blobs

Each attribute of this option defines a systemd service that runs iodine

Name of the existing database (has no effect if type is "sqlite").

Path grafana will watch for dashboards

Path under which to expose metrics.

null will default to /metrics.

Server name.

Whether to enable the filesystem mount.

The path to a file containing the secret_key_base secret

The path where castopod stores all data

The name of services's user

Path of the PEM-encoded private key for this account

Domain to fetch certificate for (defaults to the entry name).

User to run the cgit service as.

When set to something distinct to null NSD is able to collect statistics per zone

Node name

The group GID

Database name.

Database name.

Database name.

Database name.

Database name.

Database name.

Database name.

Database name.

Name of the beat

Lines which would be added inside ups.conf for handling this UPS.

Number of I/O requests to route to a path before switching to the next in the same path group

The command the user is allowed to run

Path to file that contain addresses of query peers

Bind port for ‹name› endpoint.

The name of the dawarich database.

MySQL database name.

Database name for FreshRSS.

Name of the satellite.

Database name.

Options for the FRR pathd daemon.

The flake input from is rewritten to.

Location where MongoDB stores its files

The account name

The flake reference from is rewritten to

If set to false, the user account will not be created

The user's auxiliary groups.

Name of the game as it will appear in the game listing.

Bind port for ‹name› endpoint.

Tell multipathd how to manage path group failback

Type of the file system

Name of the modifier.

Path were the YouTrack state is stored

Path of the image, relative to $out in system.build.image

Path to the service's config file

Text of this systemd unit.

Where to mount this dataset.

Use cgroups to enforce resource limits on containers

The path to the world file (.wld) which should be loaded

Interface name

Replace any existing runner with the same name

The path to the SSH private key with which to authenticate on the build machine

Path to files that contain addresses of store API servers

Database name.

Group to run the cgit service as.

Name of this virtual host

Port number Go Ethereum will be listening on, both TCP and UDP.

Target node name on the IBM TSM server.

Interface name

The flake reference to be rewritten

Add the necessary actions for a upsmon process to work

The name of the file or block device that should be used as header for the encrypted device.

Whether to create the home directory and ensure ownership as well as permissions to match the user.

Database name.

Database name.

Path to a TrueType, OpenType, or pf2 font to be used by Grub.

Path to the grub theme to be used.

Name of the symlink (relative to /var/lib/rancher/k3s/server/manifests)

Enables lxd to use zfs as a storage for containers

Format: [AXFR|UDP] <ip-address> <key-name | NOKEY>

S3 bucket name to use for HTTP-01 based challenges

Discourse database name.

The name of the file (can be a raw device or a partition) that should be used as the decryption key for the encrypted device

What port to listen for client requests, default is 1080.

DNS full-qualified domain name of a database server

DNS full-qualified domain name of a database server

Name of the PCM card to control (slave).

The nickname of this Tahoe node.

Virtual networks to which the container or VM is connected

Name of the remote read config, which if specified must be unique among remote read configs

A path to the password file for your bot

Hostname or address of the postgresql server

Name of the symlink (relative to /var/lib/rancher/rke2/server/manifests)

TLS options for virtual host

Start the specified units when this unit is started.

Start the specified units when this unit is started.

Whether to enable ‹name›.

Name of Google storage bucket

Path to store the gem files and the sqlite database

The name of the database to create.

SSID to be used in IEEE 802.11 management frames.

APIs to enable over WebSocket

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

Path of the device or swap file.

cgit repository settings, see cgitrc(5)

Directories from the host filesystem to be included in the sandbox.

Whether to enable ‹name›.

Location where ChromaDB stores its files

VirtualHost to serve cgit on, defaults to the attribute name.

Rename nodes to different name.

Name of the remote write config, which if specified must be unique among remote write configs

The name of the first admin user.

Whether to enable cgit.

Username

The path to a file containing the secret_key_base secret

Name of the user to ensure.

Units that want (i.e. depend on) this unit

Local secret key in hexadecimal form.

(Superseded by uid_attribute) The default program and args to callout to obtain a unique path identifier

Subordinate group ids that user is allowed to use

Subordinate user ids that user is allowed to use

ACME options for virtual host.

HTTP options for virtual host

Path to scrapers

Members of this group can access the control socket for this interface.

Blockchain garbage collection mode.

Whether to enable hub instance.

This option enables Podman, a daemonless container engine for developing, managing, and running OCI Containers on your Linux System

The name of this client as shown in firezone

Interface to use when method is iface.

If the specified units are started at the same time as this unit, delay this unit until they have started.

The user names of the group members, added to the /etc/group file.

If the specified units are started at the same time as this unit, delay this unit until they have started.

Database name.

Port number of Go Ethereum HTTP API.

Whether the SSID is to be interpreted using UTF-8 encoding.

Aliases of that unit.

Default blacklisted interfaces, this includes NixOS containers interfaces (ve).

Default config (default.conf) for new containers, i.e. for network config

Count of subordinate user ids

Count of subordinate group ids

Path to TLS private key.

Proxy account name, without the possibility to include domain name ('at' sign is interpreted literally).

Allow the user to do certain things with upsd

Whether to enable Go Ethereum Node.

Additional arguments passed to Go Ethereum.

Automatically allocate subordinate user and group ids for this user

The type of the device.

Extra options to be appended to the FRR pathd daemon options.

Name of the model to download and use for speech synthesis

The default method used to determine the paths state

Label of the device

Name of the kernel module that provides the card.

Backup type as described in: https://pgbackrest.org/command.html#command-backup/category-command/option-type

The user's auxiliary groups.

The name of the host in the network as well as the configuration for that host

If set to false, the user account will not be created

Complete netdata config directory except netdata.conf

Path to initial supybot config file

Database name.

Database name.

Name of database.

Listed primary servers are allowed to notify this secondary server

Root directory for requests.

The node name of the device

The node name of the device

Name of the PostgreSQL database.

The name of the Linkwarden database.

Name of modem configuration file, will be searched for in config in the spooling area directory.

The path to the TLS key.

Path to TLS certificate.

Base path of the service url.

Bind address for ‹name› endpoint.

List of directories to be symlinked in /run/current-system/sw.

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Whether to enable TLS support.

Output DPI configuration.

Instance name.

Local Mattermost database name.

When enabled dockerd is started on boot

The path to the efi system mount point

Name of the PCM device to control (slave).

Set name to shared memory zone.

Bind address for ‹name› endpoint.

If Scrutiny will be behind a path prefixed reverse proxy, you can override this value to serve Scrutiny on a subpath.

Path to the service's environment file

A program name specifying a Postfix service/daemon process

Start the specified units when this unit is started.

Start the specified units when this unit is started.

Output resolution.

Output framerate.

Name of the homebridge UI platform

Name of the printer / printer queue

Number of vcores that can be allocated for containers.

Deprecated, please use hardware.nvidia-container-toolkit.enable instead

Deprecated, please use hardware.nvidia-container-toolkit.enable instead

Database name.

Units that want (i.e. depend on) this unit

Location where the file system will be mounted

The path to MPD's database

If this option is set, ‘device’ is interpreted as the path of a swapfile that will be created automatically with the indicated size in MiB (1024×1024 bytes).

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

Adds index directive.

Alias directory for requests.

Name of the MySQL database that holds EPGStation's data.

Name of the beat

static: Immediately answer any Neighbor Solicitation Messages (if they match the IP rule). iface: Forward the Neighbor Solicitation Message through the specified interface and only respond if a matching Neighbor Advertisement Message is received. auto: Same as iface, but instead of manually specifying the outgoing interface, check for a matching route in /proc/net/ipv6_route.

Database name to use when connecting to an external or manually provisioned database; has no effect when a local database is automatically provisioned

The name of the Grafana database.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Keep this unit running as long as the listed units are running

Start the specified units when this unit is started.

Start the specified units when this unit is started.

Output video display controller.

Path to a HSM pin.

Open firewall ports for nodemanager

URL path for the website

Whether to create the home directory and ensure ownership as well as permissions to match the user.

How to name the created archives

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

Whether the from reference needs to match exactly

Adds DirectoryIndex directive

Alias directory for requests

Optional PKCS#11 module name.

If the specified units are started at the same time as this unit, delay them until this unit has started.

If the specified units are started at the same time as this unit, delay them until this unit has started.

The cgit package to use.

The geth package to use.

Uhub plugin configuration.

Adds try_files directive.

The path to the confd configs.

The path to the TLS certificate.

SSL certificate file path.

url path for uploads

SSL CA file path for client certificate verification.

Absolute path of device node, file or other resource. (Mandatory)

Hostname or address of the postgresql server

Verify peer certificate

Verify peer certificate

Aliases of that unit.

Aliases of that unit.

If true, the user's shell will be set to users.defaultUserShell.

Label of the unlocked encrypted device

Path to a HSM pin.

Isolate traffic between stations (clients) and prevent them from communicating with each other.

Amount of physical memory, in MB, that can be allocated for containers.

Set the host address for this virtual host

The set of packages that should be made available to the user

Remote public key in hexadecimal form.

Marks the server as a backup server

Enables nylon as a running service upon activation.

Path to scrapers

Output gamma configuration.

Group running the ACME client.

Levels (minimum value for logged events): 0 = verbose debugging 1 = debugging 2 = informational messages 3 = notification 4 = warning

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Specify what to do when all paths are down

Override the default TLS port for this virtual host.

If the specified units are started at the same time as this unit, delay this unit until they have started.

If the specified units are started at the same time as this unit, delay this unit until they have started.

Optional PKCS#11 module name.

Label for this destination

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Attribute set of NetBird client daemons, by default each one will:

1. be manageable using dedicated tooling:

• netbird-<name> script,
• NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),

2. run as a netbird-<name>.service,
3. listen for incoming remote connections on the port 51820 (openFirewall by default),
4. manage the netbird-<name> wireguard interface,
5. use the /var/lib/netbird-/config.json configuration file,
6. override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
7. (hardened) be locally manageable by netbird-<name> system group,

With following caveats:

• multiple daemons will interfere with each other's DNS resolution of netbird.cloud, but should remain fully operational otherwise

Path to the file containing the password for the intermediate certificate private key.

Path to a file containing the logo of your Hydra instance.

If the device does not currently contain a filesystem (as determined by blkid), then automatically format it with the filesystem type specified in fsType

User name of file owner

The object to make available inside the initrd.

Local name of the IBM TSM server, must not contain space or more than 64 chars.

Start of the range of subordinate user ids that user is allowed to use.

Start of the range of subordinate group ids that user is allowed to use.

ID of the user in initrd.

Configuration for MPD

If the specified units are started at the same time as this unit, delay this unit until they have started.

If the specified units are started at the same time as this unit, delay this unit until they have started.

Password HMAC-SHA-256 for JSON-RPC connections

Whether to enable DNSSEC.

Adds a return directive, for e.g. redirections.

Specifies the MAC addresses to deny if macAcl is set to "deny" or "radius"

Aliases of that unit.

The domain name to collect stats for.

Name of this virtual host

The vlan identifier

Whether to enable the device mapper multipath (DM-MP) daemon.

Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.

Vertical scaling factor/pixels.

Horizontal scaling factor/pixels.

Model path.

Path to your SSL CA certificate.

Custom index.html path

Path to your SSL key.

Whether to enable the output.

Output rotate configuration.

The underlying network device on which the tunnel resides.

The actual zone data

Subordinate user ids that user is allowed to use

Subordinate group ids that user is allowed to use

Location where RethinkDB stores its data, 1 data directory per instance.

Whether the luksOpen will be attempted before LVM scan or after it.

Override the default HTTP port for this virtual host.

The user names of the group members, added to the /etc/group file.

Each attribute of this option defines a systemd service that runs an OpenVPN instance

The name of the database to store data in.

Optional PKCS#11 module name.

This is a small wrapper over systemd's LoadCredential

Zone file resource records contain columns of data, separated by whitespace, that define the record.

Whether to enable Go Ethereum HTTP API.

The relationship with upsd

The network to connect to

The base path for the UI.

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

The time-to-live of the connection to the remote tunnel endpoint.

Count of subordinate group ids

Count of subordinate user ids

Specifies the MAC addresses to allow if macAcl is set to "allow" or "radius"

Adds uwsgi_pass directive and sets recommended proxy headers if recommendedUwsgiSettings is enabled.

Adds proxy_pass directive and sets recommended proxy headers if recommendedProxySettings is enabled.

Group name of file owner

These lines go to the end of cgitrc verbatim.

Shell commands executed to stop the service.

If set, the filesystem is grown to its maximum size before being mounted. (This is typically the size of the containing partition.) This is currently only supported for ext2/3/4 filesystems that are mounted during early boot.

A short description of the user account, typically the user's full name

The multipath-tools package to use.

Alternative path to storage of i2pd data (RI, keys, peer profiles, ...)

Proxy ssl key path

Path to the file where DHT keys are stored.

ssl private key path A self-signed certificate will be generated if file not exists.

The device to update.

Enable logging, default is no logging.

A system group name for this client instance.

A system group name for this client instance.

Automatically allocate subordinate user and group ids for this user

Whether to enable nftables and use nftables based firewall if enabled. nftables is a Linux-based packet filtering framework intended to replace frameworks like iptables

Whether to allow privileged containers on Kubernetes.

The specified name-string must be the generic SCSI device name of the autochanger that corresponds to the normal read/write Archive Device specified in the Device resource

Units that want (i.e. depend on) this unit

Units that want (i.e. depend on) this unit

Name of the homebridge

Configuration for this host

Location where each instance's pid file is located.

Units that want (i.e. depend on) this unit

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

A systemd service name to use (without .service suffix).

A systemd service name to use (without .service suffix).

Location of hardware kiss tnc for this interface.

Start the specified units when this unit is started.

Start the specified units when this unit is started.

Dataset name to send snapshots to.

Specify the log file name

Storage path for uploaded media.

When or how often the backup should run

Whether to enable this PPP peer.

Port to bind the TTS server to.

User account under which this pool runs.

Start the specified units when this unit is started.

DNS full-qualified domain name of a database server

Basic Auth protection for a vhost

The database name.

Adds DirectoryIndex directive

Alias directory for requests

Username from upsd.users for accessing this UPS

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If set to "yes", multipathd will do a deferred remove instead of a regular remove when the last path device has been deleted

Path used for the database file.

Path to the Nix store when looking for kernels at boot

UNIX domain socket path to bind.

Path to your SSL certificate.

Storage path of netbox.

ssl certificate path A self-signed certificate will be generated if file not exists.

Keeps the specified running while this unit is running

Keeps the specified running while this unit is running

If the specified units are stopped or restarted, then this unit is stopped or restarted as well.

If the specified units are started at the same time as this unit, delay them until this unit has started.

If the specified units are started at the same time as this unit, delay them until this unit has started.

This option enables docker in a rootless mode, a daemon that manages linux containers

Keep this unit running as long as the listed units are running

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Aliases of that unit.

Aliases of that unit.

Lines to append to default multipath.conf

A system group name for this client instance.

A system group name for this client instance.

These lines go to the end of the location verbatim.

These lines go to the end of the location verbatim.

Master=false means slave server

Addresses who may request zone transfers.

Limit retry time for secondary zones.

Whether to enable this RAUC slot.

Whether output should be marked as primary

This option allows you to define arrays for use in multipath groups.

Name of the class implementing the check

Optional slot number of the token that stores the certificate.

Whether to enable Telepathy service, a communications framework that enables real-time communication via pluggable protocol backends.

The serial port speed of this interface.

The underlying network device on which the tunnel resides.

ID of the group in initrd.

A program name specifying a Postfix service/daemon process

Domain name

Server name to verify the hostname on the returned gRPC certificates

If the specified units are started at the same time as this unit, delay them until this unit has started.

If the specified units are started at the same time as this unit, delay them until this unit has started.

Directory to read CSV config files from

The user as which to run bitcoind.

Blockchain sync mode.

Maximum peers to connect to.

Tunnel type.

Aliases of that unit.

Aliases of that unit.

A list of one or more units that are activated when this unit enters the "inactive" state.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "failed" state.

A list of one or more units that are activated when this unit enters the "inactive" state.

This can be set as a global variable above your first UPS definition and it can also be set in a UPS section

Set the date on which the user's account will no longer be accessible

Name shown in the website title and on the front page.

Path to bosun's ledis data dir

Path to the directory cook-cli will look for recipes.

Proxy ssl certificate path

Path to a file containing the API key to use when modifying DNS records.

File path containing the k3s token to use when connecting to a server.

Absolute path of a directory of the mount point

Environment variables used for this PHP-FPM pool.

Path to key for already created certificate.

Database name to connect to

Additional groups under which Traefik runs

The time-to-live of the connection to the remote tunnel endpoint.

Name of the tun device

The database engine name

Path to hg-ssh (if not in $PATH).

The ID of the sound card

UUID of the stratis pool that the fs is located in

This is only relevant if you are using stratis.

If the specified units are started at the same time as this unit, delay this unit until they have started.

If the specified units are started at the same time as this unit, delay this unit until they have started.

The packaged Helm chart

Name of the user to log in

Optional slot number of the token that stores the certificate.

Root directory for requests.

Output scaling method.

Tunnel type.

Text of the file.

If the specified units are started at the same time as this unit, delay this unit until they have started.

A name for the drive

Each attribute in this set specifies an option in the [Exec] section of this unit

Each attribute in this set specifies an option in the [Unit] section of the unit

Each attribute in this set specifies an option in the [Unit] section of the unit

A list of host names and/or IP numbers used for accessing the host's ssh service

Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.

Shell commands executed after the service's main process has exited.

If true, the user's shell will be set to users.defaultUserShell.

The name of the Stash Box

Path to the .hgrc file.

(Read-only) the path to the final bundle of certificate authorities as a single file.

The path to use as hound's $HOME

Path to bosun's state file.

File path containing the rke2 token to use when connecting to a server.

The set of packages that should be made available to the user

Guaranteed minimum hops for ‹name› tunnels.

Minimum remaining validity before renewal in days.

Group the user belongs to in initrd.

Key type to use for private keys

The packaged Helm chart

Units that want (i.e. depend on) this unit

Output position

Override the default port on which to listen for connections.

Keyset used for tunnel identity.

Group account under which this pool runs.

Directory for the ACME challenge, which is public

Name shown in the server list.

The path to your appkey

Path to directory containing oCIS config file

Path to the service's config file

The data directory for bitcoind.

Source directories.

When or how often the backup should run

Vlan tag to apply to interface

Openvswitch type to assign to interface

GVPE node name

Guaranteed minimum hops for ‹name› tunnels.

Extra configuration to be appended to awstats.${name}.conf.

Indicates whether this is an account for a “real” user

Name of the class implementing the check

Port number of Go Ethereum metrics service.

Listen address of Go Ethereum HTTP API.

Shell commands executed before the service's main process is started.

Commands to run after new certificates go live

Name that will be shown to the user.

Name of the voice model to use

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

cgit configuration, see cgitrc(5)

Configuration of uhub

Alias directory for requests.

Adds index directive.

Email address for account creation and correspondence from the CA

The path of dae config file, end with .dae.

Path to the TLS key file.

Path to root certificate store.

The path to the file containing the password for the user

Custom name of this poller.

Name of the runner group to add this runner to (defaults to the default runner group)

A short description of the user account, typically the user's full name

pppd configuration for this peer, see the pppd(8) man page.

Start of the range of subordinate group ids that user is allowed to use.

Start of the range of subordinate user ids that user is allowed to use.

Specifies the BSSID for this BSS

Keyset used for tunnel identity.

Local port of the encapsulation UDP socket.

List of configuration directives for this UPS.

Legacy RSA public key of the host in PEM format, including start and end markers

Location of bitcoind pid file.

Indicates if the user is a system user or not

The group of the wrapper program.

The group as which to run bitcoind.

The owner of the wrapper program.

Port number of Go Ethereum Auth RPC API.

Whether to offload computation onto a CUDA compatible GPU.

The udev attribute providing a unique path identifier (WWID)

Hostname or address of the postgresql server

Text of the file.

Keep this unit running as long as the listed units are running

Keep this unit running as long as the listed units are running

Optional slot number of the token that stores the certificate.

The address of the local endpoint which the remote side should send packets to.

Shell commands executed to stop the service.

Shell commands executed as the service's main process.

Adds try_files directive.

PostgreSQL host for operating remotely.

Append an additional file's contents to /etc/multipath.conf

Enables HTTP/3 over QUIC on the UDP port for TLS

Basic Auth password file for a vhost

This option determines which Docker storage driver to use

The location of the Drupal files directory.

Path of pid files for GateOne.

The path of the web root directory.

Path to intermediate certificate store.

The path of the web root directory.

SSL key file path

The path of the web root directory.

The swap devices and swap files

Path to a folder that will contain Zammad working directory.

Path to the .zone file

Path to a keyfile used to unlock the backing encrypted device

The user as which to run blockbook-frontend-‹name›.

Extra lines to add to the tinc service configuration file

The name of the module

Source ZFS dataset

Whether to enable the filesystem mount.

Whether to enable proxy for this bucket

The ID of your hook

The name of the column that contains a unix login name.

When to run the job.

Keeps the specified running while this unit is running

Keeps the specified running while this unit is running

Hex-encoded CKA_ID or handle of the certificate on a token or TPM, respectively

Name of a file containing the spiped key

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Each attribute in this set specifies an option in the [Slice] section of the unit

Each attribute in this set specifies an option in the [Files] section of this unit

Like ‘requires’, but in addition, if the specified units unexpectedly disappear, this unit will be stopped as well.

Order of this location block in relation to the others in the vhost

Order of this location block in relation to the others in the vhost

Service port

Shell commands executed after the service's main process is started.

Shell commands executed when the service's main process is reloaded.